Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: hat perion network ltd mit einem virus zu tun?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 08.06.2013, 15:55   #1
kripa01
 
hat perion network ltd mit einem virus zu tun? - Standard

hat perion network ltd mit einem virus zu tun?



hallo,

jedes Mal wenn ich meinen PC neu starte, öffnet sich ein Fenster in dem Perion Network Ltd fragt, ob Änderungen am Computer vorgenommen werden dürfen. Ich war mir nicht sicher, ob das ein Virus ist und habe erstmal auf "nein" geklickt. Nur als dieses Fenster trotzdem nach jedem Start kam, war ich genervt und klickte irgendwann auf "ja". Das war jetzt warscheinlich nicht so schlau, und das Problem ließ sich dadurch auch nicht beheben. Als ich daraufhin im Internet in diversen Foren nach dem gleichen Problem suchte, stieß ich auf beunruhigende Beiträge, in denen stand, dass man bei diesem Fenster besser auf "nein" klicken solle. Nun meine Frage: Handelt es sich hierbei um einen Virus, und wenn ja, wie kann ich ihn entfernen?

MFG, Kripa01

Alt 08.06.2013, 16:06   #2
markusg
/// Malware-holic
 
hat perion network ltd mit einem virus zu tun? - Standard

hat perion network ltd mit einem virus zu tun?



Hi,
Adware eher.

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Starte bitte die
    OTL.exe
    .
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Kopiere nun den Inhalt in die
    Textbox.
Code:
ATTFilter
activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
C:\Windows\system32\*.tsp
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
         
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Kopiere
    nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread
__________________

__________________

Alt 09.06.2013, 09:52   #3
kripa01
 
hat perion network ltd mit einem virus zu tun? - Standard

hat perion network ltd mit einem virus zu tun?



Die OTL.txt und die extras.txt sind erstellt, nur weiß ich nicht, wie ich sie zippen soll. 7-zip und winrar habe ich beide, nur hab ich trotzdem noch keine ahnung. Kannst du mir bitte noch sagen wie ich die Dateien zippe und sie so als Anhang hinzufüge?
__________________

Alt 09.06.2013, 18:22   #4
markusg
/// Malware-holic
 
hat perion network ltd mit einem virus zu tun? - Standard

hat perion network ltd mit einem virus zu tun?



kopiere die Logs doch einfach hier rein. zippen is nur nötig wenn sie zu groß sind, bzw teile sie dann auf 2 posts
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 10.06.2013, 12:29   #5
kripa01
 
hat perion network ltd mit einem virus zu tun? - Standard

hat perion network ltd mit einem virus zu tun?



Okay, dann hier erst mal die OTL.txt:OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 09.06.2013 10:17:30 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Maxim\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,95 Gb Total Physical Memory | 6,23 Gb Available Physical Memory | 78,40% Memory free
15,90 Gb Paging File | 13,96 Gb Available in Paging File | 87,80% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 455,95 Gb Total Space | 318,15 Gb Free Space | 69,78% Space Free | Partition Type: NTFS
Drive D: | 456,46 Gb Total Space | 456,35 Gb Free Space | 99,98% Space Free | Partition Type: NTFS
 
Computer Name: MAXIM-PC | User Name: Maxim | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Maxim\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
PRC - C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
PRC - C:\Windows\SysWOW64\jmdp\stij.exe ()
PRC - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.)
PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Acer Incorporated)
PRC - C:\Program Files (x86)\Razer\Imperator\RazerImperatorSysTray.exe (Razer USA Ltd)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe ()
PRC - C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer Incorporated)
PRC - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
PRC - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
PRC - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.)
PRC - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe (Egis Technology Inc. )
PRC - C:\Program Files (x86)\Razer\Arctosa\razerhid.exe (Razer USA Ltd.)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files (x86)\Steam\bin\chromehtml.dll ()
MOD - C:\Windows\SysWOW64\jmdp\stij.exe ()
MOD - C:\Windows\SysWOW64\jmdp\lmrn.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\a9594959e951127f16eb49644ba92f79\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\7cfbbd029ef945fbcdaedd24b2b67a24\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\153143f74d840484b510d8cf5187796b\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\2f9e0112e10f9e70d3430d0be9863976\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\af18b8a8f56494da44cc448f3b9704a5\WindowsBase.ni.dll ()
MOD - C:\Program Files (x86)\Steam\SDL2.dll ()
MOD - C:\Program Files (x86)\Steam\bin\libcef.dll ()
MOD - C:\Windows\SysWOW64\jmdp\sqlite3.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\ac9e3eca6c148504588e7c6d09fe83e3\System.Management.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\5ea93652e4752c75bc6fbb195b4eb864\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\866894ebe5258bf9f45d6b063229e990\System.Xaml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\dfeff31ab1e7cd3480c8942290c92f5d\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\b573c6a62bb88df0ee2af59b6a8ca910\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\15872842e3e63ddf0f720f406706198e\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3f95a6d480ed1ebe45cf27b770ba94ed\mscorlib.ni.dll ()
MOD - C:\Users\Maxim\AppData\Local\Temp\b01d42a6-0948-4bd0-8dea-54d68f50a791\CliSecureRT.dll ()
MOD - C:\Program Files (x86)\Steam\bin\avcodec-53.dll ()
MOD - C:\Program Files (x86)\Steam\bin\avformat-53.dll ()
MOD - C:\Program Files (x86)\Steam\bin\avutil-51.dll ()
MOD - C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll ()
MOD - C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyHook.dll ()
MOD - C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe ()
MOD - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (IBUpdaterService) -- C:\Windows\SysNative\dmwu.exe ()
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (Hamachi2Svc) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (Futuremark SystemInfo Service) -- C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe (Futuremark Corporation)
SRV - (0020681355933756mcinstcleanup) -- C:\Users\Maxim\AppData\Local\Temp\002068~1.EXE (McAfee, Inc.)
SRV - (GREGService) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Acer Incorporated)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation)
SRV - (Live Updater Service) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer Incorporated)
SRV - (Intel(R) -- C:\Programme\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation)
SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (NAUpdate) -- C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
SRV - (EgisTec Ticket Service) -- C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe (Egis Technology Inc. )
SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (wlcrasvc) -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (ssudserd) -- C:\Windows\SysNative\drivers\ssudserd.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (dg_ssudbus) -- C:\Windows\SysNative\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (ssudmdm) -- C:\Windows\SysNative\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (e1cexpress) -- C:\Windows\SysNative\drivers\e1c62x64.sys (Intel Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (athur) -- C:\Windows\SysNative\drivers\athurx.sys (Atheros Communications, Inc.)
DRV:64bit: - (mwlPSDVDisk) -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys (Egis Technology Inc.)
DRV:64bit: - (mwlPSDFilter) -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys (Egis Technology Inc.)
DRV:64bit: - (mwlPSDNServ) -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys (Egis Technology Inc.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (iusb3xhc) -- C:\Windows\SysNative\drivers\iusb3xhc.sys (Intel Corporation)
DRV:64bit: - (iusb3hub) -- C:\Windows\SysNative\drivers\iusb3hub.sys (Intel Corporation)
DRV:64bit: - (iusb3hcs) -- C:\Windows\SysNative\drivers\iusb3hcs.sys (Intel Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation)
DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (dgderdrv) -- C:\Windows\SysNative\drivers\dgderdrv.sys (Devguru Co., Ltd)
DRV:64bit: - (TFsExDisk) -- C:\Windows\SysNative\drivers\TFsExDisk.sys (Teruten Inc)
DRV:64bit: - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (DrvAgent64) -- C:\Windows\SysWOW64\drivers\DrvAgent64.SYS (Phoenix Technologies)
DRV - (TFsExDisk) -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys (Teruten Inc)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=orgnl&chnl=&cd=2XzuyEtN2Y1L1Qzu0EzzyEtD0FtBzyyB0A0B0C0Azy0AtBtDtN0D0Tzu0CtAyDyDtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1747522276
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=orgnl&chnl=&cd=2XzuyEtN2Y1L1Qzu0EzzyEtD0FtBzyyB0A0B0C0Azy0AtBtDtN0D0Tzu0CtAyDyDtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1747522276
IE - HKLM\..\SearchScopes\{4D4C8AC6-108A-255F-B8AB-0B55AC24DD2E}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Funmoods Search
IE - HKCU\..\URLSearchHook: {5786d022-540e-4699-b350-b4be0ae94b79} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=orgnl&chnl=&cd=2XzuyEtN2Y1L1Qzu0EzzyEtD0FtBzyyB0A0B0C0Azy0AtBtDtN0D0Tzu0CtAyDyDtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1747522276
IE - HKCU\..\SearchScopes\{3070473C-989E-44DD-B273-3BFD348812EE}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2481020
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Funmoods"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "https://www.google.de/"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.1
FF - prefs.js..keyword.URL: "hxxp://searchfunmoods.com/?f=1&a=orgnl&chnl=&cd=2XzuyEtN2Y1L1Qzu0EzzyEtD0FtBzyyB0A0B0C0Azy0AtBtDtN0D0Tzu0CtAyDyDtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1747522276&q="
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Maxim\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Maxim\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}: C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ [2013.04.06 11:08:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.02.21 18:41:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.05.16 17:24:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.02.21 18:41:11 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.05.16 17:24:24 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
 
[2012.12.17 20:35:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Maxim\AppData\Roaming\mozilla\Extensions
[2013.02.03 15:38:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Maxim\AppData\Roaming\mozilla\Firefox\Profiles\mmyhaeko.default\extensions
[2012.12.20 17:42:53 | 000,002,331 | ---- | M] () -- C:\Users\Maxim\AppData\Roaming\mozilla\firefox\profiles\mmyhaeko.default\searchplugins\Funmoods.xml
[2013.06.06 13:13:34 | 000,002,120 | ---- | M] () -- C:\Users\Maxim\AppData\Roaming\mozilla\firefox\profiles\mmyhaeko.default\searchplugins\MyStart.xml
[2012.12.19 19:10:29 | 000,003,915 | ---- | M] () -- C:\Users\Maxim\AppData\Roaming\mozilla\firefox\profiles\mmyhaeko.default\searchplugins\sweetim.xml
[2013.02.21 18:41:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013.02.21 18:41:11 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.11.29 11:19:31 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.11.29 11:19:31 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.11.29 11:19:31 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.11.29 11:19:32 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.11.29 11:19:31 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.11.29 11:19:31 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: https://www.google.de/webhp?source=search_app
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Maxim\AppData\Local\Google\Chrome\Application\27.0.1453.110\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Maxim\AppData\Local\Google\Chrome\Application\27.0.1453.110\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Maxim\AppData\Local\Google\Chrome\Application\27.0.1453.110\pdf.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Users\Maxim\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.50.146.2_0\McChPlg.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.2.183.29\npGoogleOneClick8.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
CHR - plugin: Java(TM) Platform SE 7 U9 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Maxim\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll
CHR - plugin: Java Deployment Toolkit 7.0.90.5 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll
CHR - plugin: McAfee SecurityCenter (Enabled) = c:\progra~2\mcafee\msc\npmcsn~1.dll
CHR - Extension: Google Drive = C:\Users\Maxim\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Maxim\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google-Suche = C:\Users\Maxim\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: DVDVideoSoft Browser Extension = C:\Users\Maxim\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.2_0\
CHR - Extension: Google Mail = C:\Users\Maxim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Google Drive = C:\Users\Maxim\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Maxim\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google-Suche = C:\Users\Maxim\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: DVDVideoSoft Browser Extension = C:\Users\Maxim\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.2_0\
CHR - Extension: Google Mail = C:\Users\Maxim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (DVDVideoSoft WebPageAdjuster Class) - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
O2 - BHO: (Funmoods Helper Object) - {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - C:\Program Files (x86)\Funmoods\1.5.23.22\bh\escort.dll (Funmoods BHO)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (DVDVideoSoft WebPageAdjuster Class) - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Funmoods Toolbar) - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - C:\Program Files (x86)\Funmoods\1.5.23.22\escorTlbr.dll (Funmoods)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {5786D022-540E-4699-B350-B4BE0AE94B79} - No CLSID value found.
O4 - HKLM..\Run: [Arctosa] C:\Program Files (x86)\Razer\Arctosa\razerhid.exe (Razer USA Ltd.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe ()
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [Razer Imperator Driver] C:\Program Files (x86)\Razer\Imperator\RazerImperatorSysTray.exe (Razer USA Ltd)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [Sweetpacks Communicator] C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKCU..\Run: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe (Samsung)
O4 - HKCU..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKCU..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - Startup: C:\Users\Maxim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm ()
O9:64bit: - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
O9:64bit: - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
O9 - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O9 - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{978DBA13-2620-4B97-B5E1-60F3B687614C}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - 
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
 
 
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.06.09 10:13:30 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Maxim\Desktop\OTL.exe
[2013.06.02 17:26:08 | 000,033,792 | ---- | C] (IncrediMail, Ltd.) -- C:\Windows\SysNative\ImHttpComm.dll
[2013.06.02 17:26:08 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\WNLT
[2013.06.02 17:26:08 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\jmdp
[2013.06.02 17:26:08 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ARFC
[2013.05.24 18:23:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2013.05.24 18:23:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2013.05.16 17:24:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
[2013.05.14 14:24:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Robot Karol
[2013.05.14 14:24:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RobotKarol
[2013.05.10 17:45:21 | 000,000,000 | ---D | C] -- C:\Users\Maxim\AppData\Roaming\TS3Client
[2013.05.10 15:13:12 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\GTA San Andreas User Files
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.06.09 10:18:04 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.06.09 10:13:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Maxim\Desktop\OTL.exe
[2013.06.09 10:05:04 | 000,016,752 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.06.09 10:05:04 | 000,016,752 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.06.09 10:03:14 | 001,614,112 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.06.09 10:03:14 | 000,697,090 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.06.09 10:03:14 | 000,652,408 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.06.09 10:03:14 | 000,148,128 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.06.09 10:03:14 | 000,121,082 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.06.09 09:57:43 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.06.09 09:57:33 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.06.09 09:57:29 | 2107,056,127 | -HS- | M] () -- C:\hiberfil.sys
[2013.06.08 16:56:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.06.08 16:23:00 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2876425596-1576428904-3266098967-1000UA.job
[2013.06.08 08:56:51 | 000,002,372 | ---- | M] () -- C:\Users\Maxim\Desktop\Google Chrome.lnk
[2013.06.06 15:26:56 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2876425596-1576428904-3266098967-1000Core.job
[2013.06.04 16:13:40 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013.06.04 16:13:40 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2013.05.21 18:24:55 | 000,000,222 | ---- | M] () -- C:\Users\Maxim\Desktop\Transformers Fall of Cybertron.url
[2013.05.21 15:31:12 | 001,447,728 | ---- | M] () -- C:\Windows\SysNative\dmwu.exe
[2013.05.21 15:30:18 | 000,033,792 | ---- | M] (IncrediMail, Ltd.) -- C:\Windows\SysNative\ImHttpComm.dll
[2013.05.16 15:10:42 | 000,295,520 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.05.14 14:31:44 | 000,000,418 | ---- | M] () -- C:\Users\Maxim\Documents\original nr.2 maxim.kdp
[2013.05.14 14:24:13 | 000,000,902 | ---- | M] () -- C:\Users\Maxim\Desktop\Robot Karol.lnk
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.06.04 16:13:40 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013.06.04 16:13:40 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013.06.02 17:26:08 | 001,447,728 | ---- | C] () -- C:\Windows\SysNative\dmwu.exe
[2013.05.21 18:24:55 | 000,000,222 | ---- | C] () -- C:\Users\Maxim\Desktop\Transformers Fall of Cybertron.url
[2013.05.14 14:31:44 | 000,000,418 | ---- | C] () -- C:\Users\Maxim\Documents\original nr.2 maxim.kdp
[2013.05.14 14:24:13 | 000,000,902 | ---- | C] () -- C:\Users\Maxim\Desktop\Robot Karol.lnk
[2012.12.22 10:22:37 | 000,000,032 | ---- | C] () -- C:\Users\Maxim\.simfy
[2012.12.20 14:54:15 | 000,290,500 | ---- | C] () -- C:\Users\Maxim\AppData\Local\funmoods-speeddial_sf.crx
[2012.12.20 14:54:15 | 000,031,465 | ---- | C] () -- C:\Users\Maxim\AppData\Local\funmoods.crx
[2012.12.17 18:46:27 | 001,591,070 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.12.09 14:32:36 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.02.02 23:08:26 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
[2011.11.21 07:00:01 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2011.11.21 07:00:01 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2011.11.21 06:59:59 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011.10.25 22:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2013.06.02 11:20:40 | 000,000,000 | ---D | M] -- C:\Users\Maxim\AppData\Roaming\.minecraft
[2013.01.10 15:38:40 | 000,000,000 | ---D | M] -- C:\Users\Maxim\AppData\Roaming\1-abc
[2013.03.28 11:30:30 | 000,000,000 | ---D | M] -- C:\Users\Maxim\AppData\Roaming\Audacity
[2012.12.09 16:22:57 | 000,000,000 | ---D | M] -- C:\Users\Maxim\AppData\Roaming\clear.fiMVPSDK20
[2013.04.06 11:08:31 | 000,000,000 | ---D | M] -- C:\Users\Maxim\AppData\Roaming\DVDVideoSoft
[2013.02.23 11:21:03 | 000,000,000 | ---D | M] -- C:\Users\Maxim\AppData\Roaming\DVDVideoSoftIEHelpers
[2013.02.24 18:15:16 | 000,000,000 | ---D | M] -- C:\Users\Maxim\AppData\Roaming\flightgear.org
[2013.02.24 18:08:20 | 000,000,000 | ---D | M] -- C:\Users\Maxim\AppData\Roaming\fltk.org
[2013.02.24 13:15:34 | 000,000,000 | ---D | M] -- C:\Users\Maxim\AppData\Roaming\LOVE
[2012.12.09 16:19:12 | 000,000,000 | ---D | M] -- C:\Users\Maxim\AppData\Roaming\OEM
[2012.12.18 16:27:24 | 000,000,000 | ---D | M] -- C:\Users\Maxim\AppData\Roaming\OpenOffice.org
[2012.12.21 12:57:04 | 000,000,000 | ---D | M] -- C:\Users\Maxim\AppData\Roaming\Razer
[2012.12.21 14:49:08 | 000,000,000 | ---D | M] -- C:\Users\Maxim\AppData\Roaming\Samsung
[2012.12.22 10:22:36 | 000,000,000 | ---D | M] -- C:\Users\Maxim\AppData\Roaming\Simfy
[2013.06.08 16:57:20 | 000,000,000 | ---D | M] -- C:\Users\Maxim\AppData\Roaming\SoftGrid Client
[2013.03.12 18:58:18 | 000,000,000 | ---D | M] -- C:\Users\Maxim\AppData\Roaming\Spore
[2013.02.24 18:10:05 | 000,000,000 | ---D | M] -- C:\Users\Maxim\AppData\Roaming\Subversion
[2012.12.17 20:50:18 | 000,000,000 | ---D | M] -- C:\Users\Maxim\AppData\Roaming\Thunderbird
[2012.12.21 13:39:05 | 000,000,000 | ---D | M] -- C:\Users\Maxim\AppData\Roaming\TP
[2012.12.17 18:18:50 | 000,000,000 | ---D | M] -- C:\Users\Maxim\AppData\Roaming\TP-LINK
[2013.06.04 15:42:15 | 000,000,000 | ---D | M] -- C:\Users\Maxim\AppData\Roaming\TS3Client
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %SYSTEMDRIVE%\*. >
[2012.12.21 13:45:35 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2012.12.09 14:33:31 | 000,000,000 | -H-D | M] -- C:\book
[2013.06.02 17:21:25 | 000,000,000 | -HSD | M] -- C:\Config.Msi
[2009.07.14 07:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2012.12.09 16:16:46 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2013.01.27 18:46:17 | 000,000,000 | ---D | M] -- C:\Games
[2012.12.08 15:32:04 | 000,000,000 | -H-D | M] -- C:\Intel
[2012.12.09 16:18:48 | 000,000,000 | -H-D | M] -- C:\OEM
[2009.07.14 05:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2013.05.10 10:27:24 | 000,000,000 | R--D | M] -- C:\Program Files
[2013.05.24 18:23:43 | 000,000,000 | ---D | M] -- C:\Program Files (x86)
[2013.03.08 18:22:39 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2012.12.09 16:16:46 | 000,000,000 | -HSD | M] -- C:\Programme
[2012.12.09 16:16:46 | 000,000,000 | -HSD | M] -- C:\Recovery
[2013.06.09 10:18:46 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2012.12.21 14:54:39 | 000,000,000 | ---D | M] -- C:\Temp
[2012.12.09 16:16:48 | 000,000,000 | R--D | M] -- C:\Users
[2013.06.04 16:12:34 | 000,000,000 | ---D | M] -- C:\Windows
 
< %PROGRAMFILES%\*.exe >
 
< %LOCALAPPDATA%\*.exe >
 
< %systemroot%\*. /mp /s >
 
< C:\Windows\system32\*.tsp >
[2009.07.14 03:14:11 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp
[2009.07.14 03:14:11 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp
[2009.07.14 03:14:11 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp
[2009.07.14 03:14:11 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp
[2010.11.21 05:23:55 | 000,281,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp
[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 07:08:49 | 000,032,632 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.03.06 13:11:29 | 000,000,830 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012.12.17 19:02:37 | 000,001,104 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012.12.17 19:02:37 | 000,001,108 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012.12.17 19:42:34 | 000,001,068 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2876425596-1576428904-3266098967-1000Core.job
[2012.12.17 19:42:34 | 000,001,120 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2876425596-1576428904-3266098967-1000UA.job
 
< MD5 for: AGP440.SYS  >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
 
< MD5 for: AHCIX86S.SYS  >
[2011.05.20 05:29:52 | 000,229,456 | ---- | M] (Advanced Micro Devices, Inc) MD5=64DBBD157003D7020D70C5D7ECB2163C -- C:\OEM\Preload\Autorun\DRV\AMD VGA Generic Driver\Packages\Drivers\SBDrv\SB8xx\RAID\W7\ahcix86s.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
 
< MD5 for: EXPLORER.EXE  >
[2011.07.14 07:30:29 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011.07.14 07:30:29 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.07.14 07:30:29 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.07.14 07:30:29 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.07.14 07:30:29 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.07.14 07:30:29 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
 
< MD5 for: IASTOR.SYS  >
[2011.11.29 20:40:32 | 000,568,600 | ---- | M] (Intel Corporation) MD5=C224331A54571C8C9162F7714400BBBD -- C:\Windows\SysNative\drivers\iaStor.sys
[2011.11.29 20:40:32 | 000,568,600 | ---- | M] (Intel Corporation) MD5=C224331A54571C8C9162F7714400BBBD -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_9c981fcb416c038e\iaStor.sys
 
< MD5 for: IASTORV.SYS  >
[2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.07.14 07:35:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.07.14 07:35:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.07.14 07:35:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.07.14 07:35:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2011.07.14 07:35:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.07.14 07:35:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.07.14 07:35:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.07.14 07:35:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
 
< MD5 for: USER32.DLL  >
[2010.11.21 05:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll
[2010.11.21 05:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2010.11.21 05:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll
[2010.11.21 05:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\system32\*.dll /lockedfiles >
 
< %USERPROFILE%\*.* >
[2012.12.22 10:22:37 | 000,000,032 | ---- | M] () -- C:\Users\Maxim\.simfy
[2013.06.09 10:24:42 | 002,359,296 | -HS- | M] () -- C:\Users\Maxim\NTUSER.DAT
[2013.06.09 10:24:42 | 000,262,144 | -HS- | M] () -- C:\Users\Maxim\ntuser.dat.LOG1
[2012.12.09 16:16:48 | 000,000,000 | -HS- | M] () -- C:\Users\Maxim\ntuser.dat.LOG2
[2012.12.09 16:51:37 | 000,065,536 | -HS- | M] () -- C:\Users\Maxim\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2012.12.09 16:51:37 | 000,524,288 | -HS- | M] () -- C:\Users\Maxim\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2012.12.09 16:51:37 | 000,524,288 | -HS- | M] () -- C:\Users\Maxim\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2012.12.09 16:16:48 | 000,000,020 | -HS- | M] () -- C:\Users\Maxim\ntuser.ini
 
< %USERPROFILE%\Local Settings\Temp\*.exe >
 
< %USERPROFILE%\Local Settings\Temp\*.dll >
 
< %USERPROFILE%\Application Data\*.exe >
 
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
 
<           >

< End of report >
         
--- --- ---


Alt 10.06.2013, 12:30   #6
kripa01
 
hat perion network ltd mit einem virus zu tun? - Standard

hat perion network ltd mit einem virus zu tun?



Und hier die Extras.txt:OTL EXTRAS Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 09.06.2013 10:17:31 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Maxim\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,95 Gb Total Physical Memory | 6,23 Gb Available Physical Memory | 78,40% Memory free
15,90 Gb Paging File | 13,96 Gb Available in Paging File | 87,80% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 455,95 Gb Total Space | 318,15 Gb Free Space | 69,78% Space Free | Partition Type: NTFS
Drive D: | 456,46 Gb Total Space | 456,35 Gb Free Space | 99,98% Space Free | Partition Type: NTFS
 
Computer Name: MAXIM-PC | User Name: Maxim | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML.6AJLLPMZPI3GEDYTVDLCA5R6IY] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06D3F2DE-19EA-46C1-A0B6-FDFF3E2C1638}" = rport=445 | protocol=6 | dir=out | app=system | 
"{0F70B92B-12A0-4E8E-908C-FF8C36048665}" = rport=139 | protocol=6 | dir=out | app=system | 
"{1253490B-A049-4D95-BE42-31EFE917AAD3}" = lport=445 | protocol=6 | dir=in | app=system | 
"{19345AC0-9BC1-4ABD-A9D4-7739E61DC722}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{25E23EBF-AEF0-455E-B835-8B81E67D17CF}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{3B8CB1C9-D503-4B99-A4A3-1063CC5FF11C}" = rport=137 | protocol=17 | dir=out | app=system | 
"{573F82A3-C319-4CD6-8C68-06743A34E6E9}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe | 
"{57E8ABDA-58A4-4961-B540-E15F8507FA40}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{6AF4AFF7-514A-4AAA-A62D-8BA3FD8C5D25}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{A0FBFA21-A2A0-4073-815D-1533164BDD80}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{A6A0F453-D7C1-490F-8CA0-C17E3F10B5AA}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{A97A4397-24D9-498A-92D0-274A903802B4}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{B0FA9753-FF33-480A-889A-6D47CEA982D5}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{B2E81E00-B024-408D-90D1-C5EB155DCDEC}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{BBADA639-5E63-4917-BBB5-7AB62139CFFA}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{C93500FD-A9C8-4EFB-8AB5-719E7C02259D}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{CC851222-FCF6-4B7B-8CC2-C4B78A4EBCBC}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{CE28DABB-AC8B-48E7-AB7C-2F64F40E547D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{D1008990-13F3-4A30-A7CA-940489B44996}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{DD435458-4F93-47AA-9593-23EFB3E9890A}" = lport=138 | protocol=17 | dir=in | app=system | 
"{E670585C-BDA1-4F99-BECA-66F7028E76A0}" = lport=137 | protocol=17 | dir=in | app=system | 
"{EF8A74DA-43FE-4184-84F7-13A0F315DC24}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{F39AB713-778D-481F-8946-724EB45D3990}" = lport=139 | protocol=6 | dir=in | app=system | 
"{FD00D908-3B46-471D-AAFF-45A98D638E23}" = rport=138 | protocol=17 | dir=out | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00491E8B-C25C-49DB-82B8-3C649758E454}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{0059C5BF-7E5B-413F-9834-E1650B59B8FC}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe | 
"{090CF26C-FBD5-4A72-8629-1D776E751C63}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe | 
"{0B34945D-00EE-4943-A8C7-5BE35F131E9D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{0D5C3EBB-4665-4BAB-ABEB-41018C58E893}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\windowsupnp.exe | 
"{133D0066-7B6F-4900-8A7D-FBE0488C6317}" = protocol=17 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe | 
"{1621ADA9-8DCB-4017-BF51-68DC58F5F5A8}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{1AED610E-D9F6-4C39-80CA-70B87BB46A13}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{1B792BC4-4A5A-45CB-9133-9BDE4FFCD5E0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mirrors edge\binaries\mirrorsedge.exe | 
"{1BC58855-D5BA-4764-9388-DFE6D4B5B336}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mirrors edge\support\ea help\electronic_arts_technical_support.htm | 
"{2274FC1D-3CF4-4F81-B466-826EE9468DEE}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\amd driver updater, vista and 7, 64 bit\setup.exe | 
"{254C557D-40BD-4EB1-B066-D56D08D05B2D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\torchlight ii\modlauncher.exe | 
"{25609CE5-4473-47CC-9EEC-D0EAE17A6110}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{2A0E154C-DC64-4DD0-A0F9-8C0F50788254}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\hell yeah\hellyeah.exe | 
"{2A373F01-DC9E-463E-8F6A-02EFFABD8A53}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe | 
"{323E005F-96E3-430F-BC34-937F67F46847}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe | 
"{34FB40BF-9044-49C6-9BEF-109EC060B579}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\need for speed undercover\support\ea help\electronic_arts_technical_support.htm | 
"{378BBC84-335B-4F55-ADE9-58AA42C01C86}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto san andreas\gta-sa.exe | 
"{3EF0FE08-5A8D-4EB3-BFCD-EFCBAD8056FB}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{42A193CB-C033-4D8C-B1A1-04383AF04A99}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\hell yeah\hellyeah.exe | 
"{44A9F57F-763C-4BE5-A8CD-7A65A5A9A019}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{4CA014CD-0E7B-4279-8C34-8E02CECA33E7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\spore\support\ea help\electronic_arts_technical_support.htm | 
"{4DA755DC-423C-4BA2-9BAD-E2F6C3787C86}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\aceofspades\aos.exe | 
"{51C47DDF-5CA4-4BA5-84CF-72D0DAC77046}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe | 
"{522E02B5-9219-44FF-B8BC-EE0498535C2A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{559CFB1B-18C0-4CBF-AEFB-A3A70F1DD3C4}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{5D3B3AEE-3789-45E0-8003-FBE72CDFE36B}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\dmcdaemon.exe | 
"{61B051FF-6108-42D2-B135-CE500FCE543B}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\windowsupnp.exe | 
"{654E40B1-CE68-438A-BB3C-8900ABC11112}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\dmcdaemon.exe | 
"{6AC31914-0739-4A74-8886-BB8450417C4C}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mass effect 2\masseffect2launcher.exe | 
"{7558D86C-09C6-4EE9-9E0E-E58AF0B296FB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{77E70214-15F4-4195-8345-15E40324DF11}" = dir=in | app=c:\program files (x86)\acer\clear.fi sdk20\movie\playmovie.exe | 
"{78B96736-F508-47A2-A3A8-689BB5535DB5}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | 
"{7A672B8A-3B6B-4510-9D62-FE5AFB4E0335}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | 
"{7AC3A79E-528C-4CF0-9331-1B6DCAA975A1}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe | 
"{7B49F53A-1C8E-441B-9DE0-CB6599526E55}" = protocol=58 | dir=in | app=system | 
"{7CF0B2B7-A6E7-4298-80DA-DF1D11C32E8F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{7E33003C-41B5-4A62-872A-19EF7DC1D256}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe | 
"{84C64DE8-4E08-474E-A72E-F94F60D8B93C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\transformers fall of cybertron\binaries\tfoc.exe | 
"{870C33DD-A76B-45DB-9288-95A36F5111DE}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe | 
"{87DE3538-D20E-4752-8A15-BD0B0D986994}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mirrors edge\binaries\mirrorsedge.exe | 
"{87E1ECBF-6FBF-4FAE-9C33-38B87973726C}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe | 
"{8EAE4012-6715-47DF-A43A-C117A1CAF634}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\spore\runme.exe | 
"{91432AF9-C168-4409-B9A5-9817EF228B2F}" = protocol=6 | dir=out | app=system | 
"{916F3548-A7B8-4428-BDBC-9F0AF8034193}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe | 
"{95F24661-795B-439F-9DC1-156829B78CB8}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi media\dmcdaemon.exe | 
"{96F2CF8D-A325-4EDE-93A7-99A9C0C025C9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mass effect 2\binaries\masseffect2.exe | 
"{98FBECA5-9ED1-497A-991E-FFA8AE000EA0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dmc devil may cry\binaries\win32\dmc-devilmaycry.exe | 
"{99164855-BD8B-4ACF-B6F3-DAA894AFE28E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\grand theft auto san andreas\gta-sa.exe | 
"{A00014D4-C72F-4D96-B54C-4E0A0FA0938E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mass effect 2\binaries\masseffect2.exe | 
"{A92E8D4E-9C08-4CFE-9995-B4F5BCFCD512}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{AAE6F336-B501-46A2-A3DA-91214916D2EE}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\skyrim\skyrimlauncher.exe | 
"{AC12B6E7-B327-4CC3-8E4B-DBB8F94D6882}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi media\windowsupnpmv.exe | 
"{AC95DE2C-4B58-404D-B07D-910F51083230}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{AD664EE2-91BB-4470-9E10-B32D94F3C2AE}" = protocol=6 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe | 
"{AE2352D5-44B1-4272-94F7-09BC147EE32D}" = protocol=6 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe | 
"{AE2ADB3D-1F68-41A1-9EEF-BC68D36B9D40}" = protocol=17 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe | 
"{B238AF53-4451-4B1D-9AD5-61D9D994863B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\spore\runme.exe | 
"{B4AFF3F3-F1C0-4D4B-A7E7-921D39048CAC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{B4DDE31B-063E-4DC2-8E19-A93301814DCD}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\transformers fall of cybertron\binaries\tfoc.exe | 
"{B4FF52A7-738C-4A1D-B2EC-9F3EE1BB1367}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{B60C1416-D462-4569-AEFB-F883391827CC}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{B7FE3F04-A6B2-4EA3-B691-B660F68065DD}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | 
"{B98C8299-7A9C-423A-A8C0-F9F2CE972800}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{BB692C4F-5101-498F-870E-0C389247EBED}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{BDCA6A23-9EFC-468F-B201-A4970E6DBE14}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{BE33CCDB-CFE7-472E-BB99-A0B2A6BB5036}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
"{BF706714-AC60-4C2A-ABDE-5492EB34F56B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\need for speed undercover\nfs.exe | 
"{C6C519A8-D2C4-4446-9EA6-3F3BFE8B2FB1}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe | 
"{CA8A1C2B-2DAC-46FB-9B6D-409C8DC45D55}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\amd driver updater, vista and 7, 64 bit\setup.exe | 
"{CD0CF17C-5DA8-4B76-889A-FA59C062970E}" = protocol=6 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe | 
"{CD68152E-0656-422D-93F5-28626F971179}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mirrors edge\support\ea help\electronic_arts_technical_support.htm | 
"{CFBB6581-BFCC-45EB-9ED6-5EBE9D55B8BC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\spore\support\ea help\electronic_arts_technical_support.htm | 
"{D8C80C7A-15C7-4F5E-A28B-279C28555F6E}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\torchlight ii\modlauncher.exe | 
"{D92F7D56-7946-4ADC-BBC9-8049DB68D552}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe | 
"{DC20DAA6-6F51-4854-A6C4-32E5388556F1}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi media\dmcdaemon.exe | 
"{DED1BEA6-54EB-4F88-9F81-627BEDC305A6}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | 
"{E0766F77-C54D-4D7F-BCF3-9A90E17AE69A}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 | 
"{E142D513-8AAC-473E-924B-B5E80C1D9B10}" = protocol=17 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe | 
"{E462946A-06A3-4D2E-88D0-C0CE220E00DC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dmc devil may cry\binaries\win32\dmc-devilmaycry.exe | 
"{E756CC9B-D211-4B5B-BCD7-57D477E049E7}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe | 
"{E85EF1BD-47A0-4691-B58E-2E57BE4062DE}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\aceofspades\aos.exe | 
"{E8C12FFF-82BA-4B3F-B30D-20D6A3E62D8B}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"{E9E4CE10-1555-4FD4-B6A5-F2D22C7844A5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\need for speed undercover\support\ea help\electronic_arts_technical_support.htm | 
"{EA5A5275-41A5-4EF5-98B9-BC06F13CC588}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{EE621363-DB39-40C9-ADC8-DEEE1E760E7F}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi media\windowsupnpmv.exe | 
"{F7A0946E-82EF-402A-8C54-2D3F02819F89}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\mass effect 2\masseffect2launcher.exe | 
"{F8990E4D-E5DD-46BE-9AB4-1551F80CD997}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\need for speed undercover\nfs.exe | 
"TCP Query User{7415DE01-23F7-40A8-8F1C-9D17D828AADE}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe | 
"TCP Query User{9BC1FED7-DAB1-4E17-B06C-D21256A7BF50}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | 
"UDP Query User{493189C7-6642-4F19-BD79-CD3D2853D311}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | 
"UDP Query User{BCD0F0A9-CF0B-44E3-9736-4CB10D4D7EBC}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{0919C44F-F18A-4E3B-A737-03685272CE72}" = Windows Live Remote Service Resources
"{09536BA1-E498-4CC3-B834-D884A67D7E34}" = Intel® Trusted Connect Service Client
"{0B78ECB0-1A6B-4E6D-89D7-0E7CE77F0427}" = MyWinLocker
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1553D712-B35F-4A82-BC72-D6B11A94BE3E}" = Windows Live Remote Service Resources
"{1685AE50-97ED-485B-80F6-145071EE14B0}" = Windows Live Remote Service Resources
"{17106CA8-E65A-4D02-95BE-79AF8C698935}" = Microsoft_VC100_CRT_x64
"{17A4FD95-A507-43F1-BC92-D8572AF8340A}" = Windows Live Remote Service Resources
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{19F09425-3C20-4730-9E2A-FC2E17C9F362}" = Windows Live Remote Service Resources
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources
"{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}" = Shredder
"{22AB5CFD-B3DB-414E-9F99-4D024CCF1DA6}" = Windows Live Remote Client Resources
"{2426E29F-9E8C-4C0B-97FC-0DB690C1ED98}" = Windows Live Remote Client Resources
"{2C1A6191-9804-4FDC-AB01-6F9183C91A13}" = Windows Live Remote Client Resources
"{2F304EF4-0C31-47F4-8557-0641AAE4197C}" = Windows Live Remote Client Resources
"{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources
"{350FD0E7-175A-4F86-84EF-05B77FCD7161}" = Windows Live Remote Service Resources
"{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources
"{41F41196-D050-A938-B1E4-7478160C091F}" = AMD Drag and Drop Transcoding
"{456FB9B5-AFBC-4761-BBDC-BA6BAFBB818F}" = Windows Live Remote Client Resources
"{480F28F0-8BCE-404A-A52E-0DBB7D1CE2EF}" = Windows Live Remote Service Resources
"{4C2E49C0-9276-4324-841D-774CCCE5DB48}" = Windows Live Remote Client Resources
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5141AA6E-5FAC-4473-BFFB-BEE69DDC7F2B}" = Windows Live Remote Service Resources
"{5151E2DB-0748-4FD1-86A2-72E2F94F8BE7}" = Windows Live Remote Service Resources
"{57F2BD1C-14A3-4785-8E48-2075B96EB2DF}" = Windows Live Remote Service Resources
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{5F44A3A1-5D24-4708-8776-66B42B174C64}" = Windows Live Remote Client Resources
"{5FCD6EFE-C2E7-4D77-8212-4BA223D8DF8E}" = Windows Live Remote Client Resources
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources
"{61407251-7F7D-4303-810D-226A04D5CFF3}" = Windows Live Remote Service Resources
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{66B57223-522B-F018-CB82-04478543A9A9}" = AMD Media Foundation Decoders
"{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources
"{6C9D3F1D-DBBE-46F9-96A0-726CC72935AF}" = Windows Live Remote Service Resources
"{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources
"{702A632F-99CE-4E2D-B8F2-BF980E9CF62F}" = Windows Live Remote Client Resources
"{7AEC844D-448A-455E-A34E-E1032196BBCD}" = Windows Live Remote Service Resources
"{7C4EEB43-480E-2A06-2E06-3EABFE6CD68E}" = ccc-utility64
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{825C7D3F-D0B3-49D5-A42B-CBB0FBE85E99}" = Windows Live Remote Client Resources
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{850B8072-2EA7-4EDC-B930-7FE569495E76}" = Windows Live Remote Client Resources
"{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}" = Windows Live Remote Client Resources
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97A295A7-8840-4B35-BB61-27A8F4512CA3}" = Windows Live Remote Service Resources
"{9E9C960F-7F47-46D5-A95D-950B354DE2B8}" = Windows Live Remote Service Resources
"{A060182D-CDBE-4AD6-B9B4-860B435D6CBD}" = Windows Live Remote Client Resources
"{A508D5A2-3AC1-4594-A718-A663D6D3CF11}" = Windows Live Remote Service Resources
"{A679FBE4-BA2D-4514-8834-030982C8B31A}" = Windows Live Remote Service Resources
"{B0BF8602-EA52-4B0A-A2BD-EDABB0977030}" = Windows Live Remote Client Resources
"{B680A663-1A15-47A5-A07C-7DF9A97558B7}" = Windows Live Remote Client Resources
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{C504EC13-E122-4939-BD6E-EE5A3BAA5FEC}" = Windows Live Remote Client Resources
"{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources
"{CFF3C688-2198-4BC3-A399-598226949C39}" = Windows Live Remote Client Resources
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D1C1556C-7FF3-48A3-A5D6-7126F0FAFB66}" = Windows Live Remote Client Resources
"{D3E4F422-7E0F-49C7-8B00-F42490D7A385}" = Windows Live Remote Service Resources
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
"{DBEDAF67-C5A3-4C91-951D-31F3FE63AF3F}" = Windows Live Remote Client Resources
"{DEDB22C7-C2A6-FE67-8EE8-F68419CE2351}" = AMD AVIVO64 Codecs
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E4490157-303F-F06F-FB6E-D2053A43A182}" = AMD Catalyst Install Manager
"{ED421F97-E1C3-4E78-9F54-A53888215D58}" = Windows Live Remote Client Resources
"{EFB20CF5-1A6D-41F3-8895-223346CE6291}" = Windows Live Remote Service Resources
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F6CB2C5F-B2C1-4DF1-BF44-39D0DC06FE6F}" = Windows Live Remote Service Resources
"{FAA3933C-6F0D-4350-B66B-9D7F7031343E}" = Windows Live Remote Service Resources
"{FAD0EC0B-753B-4A97-AD34-32AC1EC8DB69}" = Windows Live Remote Client Resources
"6af12c54-643b-4752-87d0-8335503010de_is1" = Nexus Mod Manager
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinRAR archiver" = WinRAR 4.20 (64-Bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00884F14-05BD-4D8E-90E5-1ABF78948CA4}" = Windows Live Mesh
"{039480EE-6933-4845-88B8-77FD0C3D059D}" = Windows Live Mesh
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0557BBDA-69D3-4FA4-A93C-A5300F7034B4}" = Windows Live Writer
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{062E4D94-8306-46D5-81B6-45E6AD09C799}" = Windows Live Messenger
"{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common
"{06B05153-97E4-427E-B1A8-E098F6C5E52F}" = Windows Live Essentials
"{073F306D-9851-4969-B828-7B6444D07D55}" = Windows Live Photo Common
"{09922FFE-D153-44AE-8B60-EA3CB8088F93}" = Windows Live UX Platform Language Pack
"{0A4C4B29-5A9D-4910-A13C-B920D5758744}" = بريد Windows Live
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack
"{0C43FE6B-E881-4AFC-B384-4AEBC90047E8}" = SweetPacks bundle uninstaller
"{0C975FCC-A06E-4CB6-8F54-A9B52CF37781}" = Windows Liven sähköposti
"{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail
"{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live
"{10186F1A-6A14-43DF-A404-F0105D09BB07}" = Windows Live Mail
"{110668B7-54C6-47C9-BAC4-1CE77F156AF5}" = Windows Live Mesh
"{11417707-1F72-4279-95A3-01E0B898BBF5}" = Windows Live Mesh
"{11778DA1-0495-4ED9-972F-F9E0B0367CD5}" = Windows Live Writer
"{1203DC60-D9BD-44F9-B372-2B8F227E6094}" = Windows Live Temel Parçalar
"{128133D3-037A-4C62-B1B7-55666A10587A}" = Windows Live UX Platform Language Pack
"{133D9D67-D475-4407-AC3C-D558087B2453}" = Windows Live Movie Maker
"{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources
"{168E7302-890A-4138-9109-A225ACAF7AD1}" = Windows Live Photo Common
"{17835B63-8308-427F-8CF5-D76E0D5FE457}" = Windows Live Essentials
"{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}" = MyWinLocker Suite
"{17F99FCE-8F03-4439-860A-25C5A5434E18}" = Windows Live Essentials
"{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1A72337E-D126-4BAF-AC89-E6122DB71866}" = Windows Liven valokuvavalikoima
"{1A82AE99-84D3-486D-BAD6-675982603E14}" = Windows Live Writer
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1BAAC418-61ED-A9BF-88B4-4150905E077D}" = CCC Help Czech
"{1D6C2068-807F-4B76-A0C2-62ED05656593}" = Windows Live Writer
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}" = Windows Live Writer
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{220C7F8C-929D-4F71-9DC7-F7A6823B38E4}" = Windows Live UX Platform Language Pack
"{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1
"{2354721E-EDA1-66BB-B755-19F647013B9A}" = CCC Help Polish
"{23561A29-1FCA-7797-4E4F-77DB769DBBC7}" = CCC Help Chinese Traditional
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{249EE21B-8EDD-4F36-8A23-E580E9DBE80A}" = Windows Live Mail
"{24DF33E0-F924-4D0D-9B96-11F28F0D602D}" = Windows Live UX Platform Language Pack
"{2511AAD7-82DF-4B97-B0B3-E1B933317010}" = Windows Live Writer Resources
"{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail
"{25CD4B12-8CC5-433E-B723-C9CB41FA8C5A}" = Windows Live Writer
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 21
"{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources
"{28B9D2D8-4304-483F-AD71-51890A063A74}" = Windows Live Photo Common
"{29373E24-AC72-424E-8F2A-FB0F9436F21F}" = Windows Live Photo Common
"{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2BA5FD10-653F-4CAF-9CCD-F685082A1DC1}" = Windows Live Writer
"{2C4E06CC-1F04-4C25-8B3C-93A9049EC42C}" = Windows Live UX Platform Language Pack
"{2C865FB0-051E-4D22-AC62-428E035AEAF0}" = Windows Live Mesh
"{2D3E034E-F76B-410A-A169-55755D2637BB}" = Windows Live Mesh
"{2D562EE1-26F5-A195-3F22-742F1E8E19C1}" = CCC Help Spanish
"{2D9C81F2-CF30-47F9-860E-58DACF92ABC9}" = Razer Arctosa
"{2E50E321-4747-4EB5-9ECB-BBC6C3AC0F31}" = Windows Live Writer Resources
"{2F54E453-8C93-4B3B-936A-233C909E6CAC}" = Windows Live Messenger
"{3125D9DE-8D7A-4987-95F3-8A42389833D8}" = Windows Live Writer Resources
"{319D91C6-3D44-436C-9F79-36C0D22372DC}" = TP-LINK-Konfigurationstool
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM)
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34490F4E-48D0-492E-8249-B48BECF0537C}" = Nero DiscSpeed 10
"{3465C127-18FF-6B5F-859A-B0535E6222A8}" = CCC Help Thai
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common
"{3748B706-ED0E-2E00-3C2E-1EEC3C4AADF5}" = CCC Help Greek
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{39F15B50-A977-4CA6-B1C3-6A8724CDA025}" = MyWinLocker 4
"{39F95B0B-A0B7-4FA7-BB6C-197DA2546468}" = Windows Live Mesh
"{3B72C1E0-26A1-40F6-8516-D50C651DFB3C}" = Windows Live Essentials
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh
"{403C4540-234F-C4BB-8E55-FAD4B99D0885}" = CCC Help Chinese Standard
"{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack
"{410DF0AA-882D-450D-9E1B-F5397ACFFA80}" = Windows Live Essentials
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{429DF1A0-3610-4E9E-8ACE-3C8AC1BA8FCA}" = Windows Live Photo Gallery
"{43B43577-2514-4CE0-B14A-7E85C17C0453}" = Windows Live Essentials
"{443B561F-DE1B-4DEF-ADD9-484B684653C7}" = Windows Live Messenger
"{4444F27C-B1A8-464E-9486-4C37BAB39A09}" = Фотогалерия на Windows Live
"{458F399F-62AC-4747-99F5-499BBF073D29}" = Windows Live Writer Resources
"{4664ED39-C80A-48F7-93CD-EBDCAFAB6CC5}" = Windows Live Writer Resources
"{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh
"{4736B0ED-F6A1-48EC-A1B7-C053027648F1}" = Galeria fotogràfica del Windows Live
"{48294D95-EE9A-4377-8213-44FC4265FB27}" = Windows Live Messenger
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer
"{48F597DD-D397-4CFA-91A0-4C033A0113BD}" = Windows Live Mail
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A04DB63-8F81-4EF4-9D09-61A2057EF419}" = Windows Live Essentials
"{4A53FD99-30A3-7B82-5182-4E9721CE9B4C}" = CCC Help Russian
"{4A8A9C55-1A58-4E41-F8B6-129C2FFAC1BB}" = CCC Help Danish
"{4B28D47A-5FF0-45F8-8745-11DC2A1C9D0F}" = Windows Live Writer
"{4B744C85-DBB1-4038-B989-4721EB22C582}" = Windows Live Messenger
"{4C378B16-46B7-4DA1-A2CE-2EE676F74680}" = Windows Live UX Platform Language Pack
"{4C3F221A-10AF-8DDE-B0CB-4F24A0B072A7}" = CCC Help Portuguese
"{4D141929-141B-4605-95D6-2B8650C1C6DA}" = Windows Live UX Platform Language Pack
"{4D5610C3-0F08-14CF-5E1A-D50951181DFF}" = CCC Help Norwegian
"{4D83F339-5A5C-4B21-8FD3-5D407B981E72}" = Windows Live Photo Common
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{523DF2BB-3A85-4047-9898-29DC8AEB7E69}" = Windows Live UX Platform Language Pack
"{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}" = Windows Live Writer Resources
"{542DA303-FB91-4731-9F37-6E518368D3B9}" = Windows Live Messenger
"{5495E9A4-501A-4D4C-87C9-E80916CA9478}" = Windows Live UX Platform Language Pack
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5C2F5C1B-9732-4F81-8FBF-6711627DC508}" = Windows Live Fotogalleri
"{5CF5B1A5-CBC3-42F0-8533-5A5090665862}" = Windows Live Mesh
"{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker
"{5D2E7BD7-4B6F-4086-BA8A-E88484750624}" = Windows Live Writer Resources
"{5DA7D148-D2D2-4C67-8444-2F0F9BD88A06}" = Windows Live Writer
"{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack
"{5FC83AC7-99AA-47B4-4BB7-251F6030DCD4}" = CCC Help English
"{60C3C026-DB53-4DAB-8B97-7C1241F9A847}" = Windows Live Movie Maker
"{62157F8A-7815-5745-F908-C094A621B24F}" = CCC Help Japanese
"{625D45F0-5DCB-48BF-8770-C240A84DAAEB}" = Windows Live Mesh
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{62BF4BD3-B1F6-4FA2-8388-CC0647ACBF86}" = Nero Multimedia Suite 10 Essentials
"{62FE0726-9652-4CD2-9F09-C769D8699C21}" = TP-LINK TL-WN821N_WN822N Treiber
"{63CF7D0C-B6E7-4EE9-8253-816B613CC437}" = Windows Live Mail
"{640798A0-A4FB-4C52-AC72-755134767F1E}" = Windows Live Movie Maker
"{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live
"{644063FA-ABA3-42AC-A8AC-3EDC0706018B}" = Windows Live Mesh
"{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail
"{6807427D-8D68-4D30-AF5B-0B38F8F948C8}" = Windows Live Writer Resources
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69C9C672-400A-43A0-B2DE-9DB38C371282}" = Windows Live Writer
"{69CAC24D-B1DC-4B97-A1BE-FE21843108FE}" = Windows Live Writer Resources
"{6A4ABCDC-0A49-4132-944E-01FBCCB3465C}" = Windows Live UX Platform Language Pack
"{6A67578E-095B-4661-88F7-0B199CEC3371}" = Windows Live Messenger
"{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}" = Windows Live Mesh
"{6B556C37-8919-4991-AC34-93D018B9EA49}" = Windows Live Photo Common
"{6CB36609-E3A6-446C-A3C1-C71E311D2B9C}" = Windows Live Movie Maker
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{6E8AFC13-F7B8-41D8-88AB-F1D0CFC56305}" = Windows Live Messenger
"{6EF2BE2C-3121-48B7-B7A6-C56046B3A588}" = Windows Live Movie Maker
"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common
"{6F545E5E-4595-11E2-93B6-B8AC6F97B88E}" = Google Earth
"{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71527C7C-5289-4CB2-88C9-23344C0FF6C1}" = Windows Live Movie Maker
"{71A81378-79D5-40CC-9BDC-380642D1A87F}" = Windows Live Writer
"{71C95134-F6A9-45E7-B7B3-07CA6012BF2A}" = Windows Live Mesh
"{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}" = Windows Live Fotótár
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7327080F-6673-421F-BBD9-B618F357EEB3}" = Windows Live UX Platform Language Pack
"{734104DE-C2BF-412F-BB97-FCCE1EC94229}" = Windows Live Writer Resources
"{7373E17D-18E0-44A7-AC3A-6A3BFB85D3B3}" = Windows Live Movie Maker
"{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common
"{7465A996-0FCA-4D2D-A52C-F833B0829B5B}" = Windows Live Movie Maker
"{7496FD31-E5CB-4AE4-82D3-31099558BF6A}" = Windows Live Mesh
"{74E8A7F6-575D-42C7-9178-E87D1B3BEFE8}" = Windows Live UX Platform Language Pack
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack
"{77F69CA1-E53D-4D77-8BA3-FA07606CC851}" = Фотоальбом Windows Live
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh
"{78DBE8CE-61F6-4D6C-806C-A0FFF65F5E1D}" = Windows Live Messenger
"{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live
"{7ADFA72D-2A9F-4DEC-80A5-2FAA27E23F0F}" = Windows Live Photo Common
"{7AF8E500-B349-4A77-8265-9854E9A47925}" = Windows Live Movie Maker
"{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}" = Pošta Windows Live
"{7C2A3479-A5A0-412B-B0E6-6D64CBB9B251}" = Windows Live Photo Common
"{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}" = Windows Live Writer Resources
"{7D0DE76C-874E-4BDE-A204-F4240160693E}" = Windows Live Photo Common
"{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials
"{7D926AD2-16D6-42C2-8CA1-AB09E96040BA}" = Windows Live Writer Resources
"{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer
"{7E90B133-FF47-48BB-91B8-36FC5A548FE9}" = Windows Live Writer Resources
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{7FF11E53-C002-4F40-8D68-6BE751E5DD62}" = Windows Live Writer Resources
"{804DE397-F82C-4867-9085-E0AA539A3294}" = Windows Live Writer
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{820D0BA3-ACD7-4FB9-A3A7-0ADF0C66A4BE}" = Windows Live Messenger
"{827D3E4A-0186-48B7-9801-7D1E9DD40C07}" = Windows Live Essentials
"{82803FF3-563F-414F-A403-8D4C167D4120}" = Windows Live Mail
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{84267681-BF16-40B6-9564-27BC57D7D71C}" = Windows Live Photo Common
"{84A411F9-40A5-4CDA-BF46-E09FBB2BC313}" = Windows Live Essentials
"{85373DA7-834E-4850-8AF5-1D99F7526857}" = Windows Live Photo Common
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{861B1145-7762-4794-B40C-3FF0A389DFE6}" = Windows Live Photo Gallery
"{885F1BCD-C344-4758-85BD-09640CF449A5}" = Windows Live Photo Gallery
"{88E5DC49-1610-947E-B789-756DEE8C103C}" = CCC Help French
"{8909CFA8-97BF-4077-AC0F-6925243FFE08}" = Windows Liven asennustyökalu
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8CF5D47D-27B7-49D6-A14F-10550B92749D}" = Windows Live UX Platform Language Pack
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8FF3891F-01B5-4A71-BFCD-20761890471C}" = Windows Live Messenger
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{924B4D82-1B97-48EB-8F1E-55C4353C22DB}" = Windows Live Mail
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{93D105DA-8BA8-CBE0-584D-768F70AE3A37}" = CCC Help Finnish
"{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9640032F-BC7A-5091-4DCC-999AB125865B}" = Catalyst Control Center
"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria
"{99BE7F5D-AB52-4404-9E03-4240FFAA7DE9}" = Windows Live Mesh
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A8F4FBA-1E55-927F-5AE5-77117DC8101D}" = CCC Help German
"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DA3F03B-2CEE-4344-838E-117861E61FAF}" = Windows Live Mail
"{9DB90178-B5B0-45BD-B0A7-D40A6A1DF1CA}" = Windows Live Movie Maker
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{9FB97172-79F4-EC7B-E923-1610B0780321}" = CCC Help Korean
"{A0087DDE-69D0-11E2-AD57-43CA6188709B}" = Adobe AIR
"{A0B91308-6666-4249-8FF6-1E11AFD75FE1}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A101F637-2E56-42C0-8E08-F1E9086BFAF3}" = Windows Live Movie Maker
"{A199DB88-E22D-4CE7-90AC-B8BE396D7BF4}" = Windows Live Movie Maker
"{A3389C72-1782-4BB4-BBAA-33345DE52E3F}" = Windows Live Messenger
"{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common
"{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery
"{A7056D45-C63A-4FE4-A69D-FB54EF9B21BB}" = Windows Live Messenger
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA4E0D1D-0983-DBCA-E1D0-3C7D0B3CBD5F}" = CCC Help Hungarian
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB0B2113-5B96-4B95-8AD1-44613384911F}" = Windows Live Mesh
"{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}" = Windows Live Messenger
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{ABD534B7-E951-470E-92C2-CD5AF1735726}" = Windows Live Essentials
"{ABE2F2AA-7ADC-4717-9573-BF3F83C696AC}" = Windows Live Mail
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.7) MUI
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}" = Windows Live Mesh
"{ADB118EC-3B73-41A1-8D07-0AC162C75958}" = Catalyst Control Center - Branding
"{ADE85655-8D1E-4E4B-BF88-5E312FB2C74F}" = Windows Live Mail
"{ADFE4AED-7F8E-4658-8D6E-742B15B9F120}" = Windows Live Photo Common
"{AF01B90A-D25C-4F60-AECD-6EEDF509DC11}" = Windows Live Mesh
"{B0AD205F-60D0-4084-AFB8-34D9A706D9A8}" = Windows Live Essentials
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B2BCA478-EC0F-45EE-A9E9-5EABE87EA72D}" = Windows Live Photo Common
"{B2E90616-C50D-4B89-A40D-92377AC669E5}" = Windows Live Messenger
"{B33B61FE-701F-425F-98AB-2B85725CBF68}" = Windows Live Photo Common
"{B3BE54A4-8DFE-4593-8E66-56AB7133B812}" = Windows Live Writer
"{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials
"{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}" = Почта Windows Live
"{B7B67AA5-12DA-4F01-918D-B1BF66779D8A}" = Windows Live Writer Resources
"{BAEE89D5-6E87-4F89-9603-A1C100479181}" = Windows Live Messenger
"{BD0C3887-64E6-41D8-9A38-BC6F34369352}" = Windows Live Messenger
"{BD4EBDB5-EB14-4120-BB04-BE0A26C7FB3E}" = Windows Live Photo Common
"{BD695C2F-3EA0-4DA4-92D5-154072468721}" = Windows Live Fotoğraf Galerisi
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{BF022D76-9F72-4203-B8FA-6522DC66DFDA}" = Windows Live Movie Maker
"{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}" = Windows Live Mesh
"{BFC47A0B-D487-4DF0-889E-D6D392DF31E0}" = Windows Live Messenger
"{C00C2A91-6CB3-483F-80B3-2958E29468F1}" = Συλλογή φωτογραφιών του Windows Live
"{C01FCACE-CC3D-49A2-ADC2-583A49857C58}" = Windows Live Essentials
"{C05905B9-775A-4894-A4DF-B57C15250958}" = Razer Imperator
"{C08D5964-C42F-48EE-A893-2396F9562A7C}" = Windows Live Mesh
"{C18A0418-442A-4186-AF98-D08F5054A2FC}" = Nero DiscSpeed 10 Help (CHM)
"{C1C9D199-B4DD-4895-92DD-9A726A2FE341}" = Windows Live Writer
"{C2695E83-CF1D-43D1-84FE-B3BEC561012A}" = Shredder
"{C29FC15D-E84B-4EEC-8505-4DED94414C59}" = Windows Live Writer Resources
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}" = Windows Live Mail
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{C90E6406-258E-0F5B-79DC-518AD28B0550}" = CCC Help Italian
"{C95A5A77-622F-45CA-9540-84468FCB18B1}" = Windows Live Messenger
"{C9E1343D-E21E-4508-A1BE-04A089EC137D}" = Windows Live Messenger
"{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live
"{CB66242D-12B1-4494-82D2-6F53A7E024A3}" = Galerie foto Windows Live
"{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker
"{CBFD061C-4B27-4A89-ADD8-210316EEFA11}" = Windows Live Messenger
"{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}" = PlayReady PC Runtime x86
"{CD442136-9115-4236-9C14-278F6A9DCB3F}" = Windows Live Movie Maker
"{CD7CB1E6-267A-408F-877D-B532AD2C882E}" = Windows Live Photo Common
"{CDC39BF2-9697-4959-B893-A2EE05EF6ACB}" = Windows Live Writer
"{CE929F09-3853-4180-BD90-30764BFF7136}" = גלריית התמונות של Windows Live
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF671BFE-6BA3-44E7-98C1-500D9C51D947}" = Windows Live Photo Gallery
"{D07B1FDA-876B-4914-9E9A-309732B6D44F}" = Windows Live Mail
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D299197D-CDEA-41A6-A363-F532DE4114FD}" = Windows Live UX Platform Language Pack
"{D31169F2-CD71-4337-B783-3E53F29F4CAD}" = Windows Live Mail
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail
"{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}" = Microsoft XNA Framework Redistributable 4.0 Refresh
"{D6CBB3B2-F510-483D-AE0D-1CF3F43CF1EE}" = Windows Live Writer Resources
"{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack
"{DA29F644-2420-4448-8128-1331BE588999}" = Windows Live Writer
"{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker
"{DB1208F4-B2FE-44E9-BFE6-8824DBD7891B}" = Windows Live Movie Maker
"{DBAA2B17-D596-4195-A169-BA2166B0D69B}" = Windows Live Mail
"{DCAB6BA7-6533-44BF-9235-E5BF33B7431C}" = Windows Live Writer
"{DDC1E1BD-7615-4186-89E1-F5F43F9B6491}" = Windows Live Movie Maker
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer
"{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials
"{DF71ABBB-B834-41C0-BB58-80B0545D754C}" = Windows Live UX Platform Language Pack
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4D15328-8C89-484B-B9AA-F5BE9EA6D01C}" = NVIDIA PhysX v8.10.17
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5377D46-83C5-445A-A1F1-830336B42A10}" = Windows Live Galerija fotografija
"{E55E0C35-AC3C-4683-BA2F-834348577B80}" = Windows Live Writer
"{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}" = Fotogalerija Windows Live
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E5DD4723-FE0B-436E-A815-DC23CF902A0B}" = Windows Live UX Platform Language Pack
"{E5F05232-96B6-4552-A480-785A60A94B21}" = System Requirements Lab CYRI
"{E62E0550-C098-43A2-B54B-03FB1E634483}" = Windows Live Writer
"{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources
"{E83DC314-C926-4214-AD58-147691D6FE9F}" = Основные компоненты Windows Live
"{E8524B28-3BBB-4763-AC83-0E83FE31C350}" = Windows Live Writer
"{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live
"{E8CCAEA7-A3BE-F0CF-0730-28FC67FD1CFE}" = Catalyst Control Center Localization All
"{E9AD2143-26D5-4201-BED1-19DCC03B407D}" = Windows Live Messenger
"{E9D98402-21AB-4E9F-BF6B-47AF36EF7E97}" = Windows Live Writer Resources
"{EA777812-4905-4C08-8F6E-13BDCC734609}" = Windows Live UX Platform Language Pack
"{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}" = Update Manager for SweetPacks 1.1
"{EC0F900C-C7D6-76C4-98E9-095986BA5378}" = simfy
"{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{EE73EE5D-AD14-C6C6-3600-0109091B24A0}" = CCC Help Turkish
"{EEF99142-3357-402C-B298-DEC303E12D92}" = Windows Live 影像中心
"{EF7EAB13-46FC-49DD-8E3C-AAF8A286C5BB}" = Windows Live 程式集
"{F03F836B-95B8-7900-25F5-EB897B27869D}" = CCC Help Dutch
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0F5D89A-197C-495B-827E-3E98B811CD2E}" = Windows Live Photo Common
"{F0F9505B-3ACF-4158-9311-D0285136AA00}" = Windows Live Essentials
"{F2979AAA-FDD7-4CB3-93BC-5C24D965D679}" = Windows Live Messenger
"{F35DC85A-E96B-496B-ABE7-F04192824856}" = Windows Live Messenger
"{F4BEA6C1-AAC3-4810-AAEA-588E26E0F237}" = Windows Live UX Platform Language Pack
"{F52C5BE7-3F57-464E-8A54-908402E43CE8}" = Windows Live Writer Resources
"{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM)
"{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10
"{F783464C-C7C6-4E9B-AC40-BC90E5414BAF}" = Windows Live Messenger
"{F7A46527-DF1F-4B0F-9637-98547E189442}" = Windows Live Galeria de Fotos
"{F7E80BA7-A09D-4DD1-828B-C4A0274D4720}" = Windows Live Mesh
"{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{F9706A8C-D740-42CA-8703-E08EDD0F0778}" = LogMeIn Hamachi
"{FA6CF94F-DACF-4FE7-959D-55C421B91B17}" = Windows Live Mail
"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}" = معرض صور Windows Live
"{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE18CE47-FC66-A80E-EC14-5EA4D78652B4}" = CCC Help Swedish
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FEEF7F78-5876-438B-B554-C4CC426A4302}" = Windows Live Essentials
"{FF105207-8423-4E13-B0B1-50753170B245}" = Windows Live Movie Maker
"{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FF737490-5A2D-4269-9D82-97DB2F7C0B09}" = Windows Live Movie Maker
"{FFFA0584-8E3D-4195-8283-CCA3AD73C746}" = Windows Live Messenger
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Acer Welcome Center" = Welcome Center
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Ashampoo Burning Studio 2012_is1" = Ashampoo Burning Studio 2012 v.10.0.15
"Audacity_is1" = Audacity 2.0.3
"Avira AntiVir Desktop" = Avira Free Antivirus
"Free YouTube Download_is1" = Free YouTube Download version 3.2.1.320
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.12.1.320
"funmoods" = Funmoods
"Hotkey Utility" = Hotkey Utility
"Identity Card" = Identity Card
"InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}" = MyWinLocker Suite
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"LogMeIn Hamachi" = LogMeIn Hamachi
"Mozilla Firefox 18.0.1 (x86 de)" = Mozilla Firefox 18.0.1 (x86 de)
"Mozilla Thunderbird 17.0.6 (x86 de)" = Mozilla Thunderbird 17.0.6 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"OpenAL" = OpenAL
"Simfy" = simfy
"Steam App 12120" = Grand Theft Auto: San Andreas
"Steam App 17390" = Spore
"Steam App 17410" = Mirror's Edge
"Steam App 17430" = Need for Speed: Undercover
"Steam App 17440" = Spore: Creepy & Cute Parts Pack
"Steam App 200710" = Torchlight II
"Steam App 205230" = Hell Yeah!
"Steam App 213120" = Transformers: Fall of Cybertron
"Steam App 220440" = DmC Devil May Cry
"Steam App 224540" = Ace of Spades
"Steam App 24980" = Mass Effect 2
"Steam App 620" = Portal 2
"Steam App 72850" = The Elder Scrolls V: Skyrim
"WinLiveSuite" = Windows Live Essentials
"WNLT" = IB Updater Service
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 07.06.2013 13:30:56 | Computer Name = Maxim-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: 002068~1.EXE, Version: 6.6.116.0,
 Zeitstempel: 0x4fda21e1  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
 Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x006e0069  ID des fehlerhaften
 Prozesses: 0x6d0  Startzeit der fehlerhaften Anwendung: 0x01ce63a4ba77a353  Pfad der
 fehlerhaften Anwendung: C:\Users\Maxim\AppData\Local\Temp\002068~1.EXE  Pfad des 
fehlerhaften Moduls: unknown  Berichtskennung: 02157909-cf98-11e2-b697-e840f297abca
 
Error - 07.06.2013 13:32:26 | Computer Name = Maxim-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 08.06.2013 02:54:39 | Computer Name = Maxim-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: 002068~1.EXE, Version: 6.6.116.0,
 Zeitstempel: 0x4fda21e1  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
 Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x006e0069  ID des fehlerhaften
 Prozesses: 0x6c8  Startzeit der fehlerhaften Anwendung: 0x01ce641501291839  Pfad der
 fehlerhaften Anwendung: C:\Users\Maxim\AppData\Local\Temp\002068~1.EXE  Pfad des 
fehlerhaften Moduls: unknown  Berichtskennung: 4950c712-d008-11e2-af15-e840f297abca
 
Error - 08.06.2013 02:56:05 | Computer Name = Maxim-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 08.06.2013 09:54:04 | Computer Name = Maxim-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: 002068~1.EXE, Version: 6.6.116.0,
 Zeitstempel: 0x4fda21e1  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
 Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x006e0069  ID des fehlerhaften
 Prozesses: 0x6fc  Startzeit der fehlerhaften Anwendung: 0x01ce644f9a5d4294  Pfad der
 fehlerhaften Anwendung: C:\Users\Maxim\AppData\Local\Temp\002068~1.EXE  Pfad des 
fehlerhaften Moduls: unknown  Berichtskennung: e1028761-d042-11e2-b6a9-e840f297abca
 
Error - 08.06.2013 09:55:36 | Computer Name = Maxim-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 08.06.2013 09:58:25 | Computer Name = Maxim-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: 002068~1.EXE, Version: 6.6.116.0,
 Zeitstempel: 0x4fda21e1  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
 Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x006e0069  ID des fehlerhaften
 Prozesses: 0x6e0  Startzeit der fehlerhaften Anwendung: 0x01ce6450338f8572  Pfad der
 fehlerhaften Anwendung: C:\Users\Maxim\AppData\Local\Temp\002068~1.EXE  Pfad des 
fehlerhaften Moduls: unknown  Berichtskennung: 7c7b092f-d043-11e2-b6a9-e840f297abca
 
Error - 08.06.2013 09:59:55 | Computer Name = Maxim-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 09.06.2013 03:57:59 | Computer Name = Maxim-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: 002068~1.EXE, Version: 6.6.116.0,
 Zeitstempel: 0x4fda21e1  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
 Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x006e0069  ID des fehlerhaften
 Prozesses: 0x6b8  Startzeit der fehlerhaften Anwendung: 0x01ce64e7015a4912  Pfad der
 fehlerhaften Anwendung: C:\Users\Maxim\AppData\Local\Temp\002068~1.EXE  Pfad des 
fehlerhaften Moduls: unknown  Berichtskennung: 4cfa3ebd-d0da-11e2-974b-e840f297abca
 
Error - 09.06.2013 03:59:24 | Computer Name = Maxim-PC | Source = WinMgmt | ID = 10
Description = 
 
[ System Events ]
Error - 05.05.2013 12:52:28 | Computer Name = Maxim-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "McAfee Application Installer Cleanup (0020681355933756)" wurde
 unerwartet beendet. Dies ist bereits 1 Mal passiert.
 
Error - 06.05.2013 09:39:32 | Computer Name = Maxim-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description = Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.    Modulpfad:
 C:\Windows\system32\athExt.dll  Fehlercode: 126  
 
Error - 06.05.2013 09:40:17 | Computer Name = Maxim-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "McAfee Application Installer Cleanup (0020681355933756)" wurde
 unerwartet beendet. Dies ist bereits 1 Mal passiert.
 
Error - 07.05.2013 10:25:14 | Computer Name = Maxim-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description = Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.    Modulpfad:
 C:\Windows\system32\athExt.dll  Fehlercode: 126  
 
Error - 07.05.2013 10:25:38 | Computer Name = Maxim-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "McAfee Application Installer Cleanup (0020681355933756)" wurde
 unerwartet beendet. Dies ist bereits 1 Mal passiert.
 
Error - 07.05.2013 10:26:21 | Computer Name = Maxim-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Steam Client Service erreicht.
 
Error - 07.05.2013 10:26:21 | Computer Name = Maxim-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%1053
 
Error - 08.05.2013 07:33:59 | Computer Name = Maxim-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description = Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.    Modulpfad:
 C:\Windows\system32\athExt.dll  Fehlercode: 126  
 
Error - 08.05.2013 07:34:47 | Computer Name = Maxim-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "McAfee Application Installer Cleanup (0020681355933756)" wurde
 unerwartet beendet. Dies ist bereits 1 Mal passiert.
 
Error - 09.05.2013 09:14:19 | Computer Name = Maxim-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000
Description = Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.    Modulpfad:
 C:\Windows\system32\athExt.dll  Fehlercode: 126  
 
 
< End of report >
         
--- --- ---

Alt 10.06.2013, 15:32   #7
markusg
/// Malware-holic
 
hat perion network ltd mit einem virus zu tun? - Standard

hat perion network ltd mit einem virus zu tun?



Hi,
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 11.06.2013, 15:14   #8
kripa01
 
hat perion network ltd mit einem virus zu tun? - Standard

hat perion network ltd mit einem virus zu tun?



Code:
ATTFilter
16:09:09.0653 0580  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
16:09:09.0829 0580  ============================================================
16:09:09.0829 0580  Current date / time: 2013/06/11 16:09:09.0829
16:09:09.0829 0580  SystemInfo:
16:09:09.0829 0580  
16:09:09.0829 0580  OS Version: 6.1.7601 ServicePack: 1.0
16:09:09.0829 0580  Product type: Workstation
16:09:09.0829 0580  ComputerName: MAXIM-PC
16:09:09.0829 0580  UserName: Maxim
16:09:09.0829 0580  Windows directory: C:\Windows
16:09:09.0829 0580  System windows directory: C:\Windows
16:09:09.0829 0580  Running under WOW64
16:09:09.0829 0580  Processor architecture: Intel x64
16:09:09.0829 0580  Number of processors: 4
16:09:09.0829 0580  Page size: 0x1000
16:09:09.0829 0580  Boot type: Normal boot
16:09:09.0829 0580  ============================================================
16:09:10.0365 0580  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:09:10.0408 0580  ============================================================
16:09:10.0409 0580  \Device\Harddisk0\DR0:
16:09:10.0409 0580  MBR partitions:
16:09:10.0409 0580  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2600800, BlocksNum 0x32000
16:09:10.0409 0580  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2632800, BlocksNum 0x38FE7000
16:09:10.0409 0580  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x3B619800, BlocksNum 0x390EC800
16:09:10.0409 0580  ============================================================
16:09:10.0440 0580  C: <-> \Device\Harddisk0\DR0\Partition2
16:09:10.0464 0580  D: <-> \Device\Harddisk0\DR0\Partition3
16:09:10.0464 0580  ============================================================
16:09:10.0464 0580  Initialize success
16:09:10.0464 0580  ============================================================
16:12:17.0848 5160  ============================================================
16:12:17.0848 5160  Scan started
16:12:17.0848 5160  Mode: Manual; SigCheck; TDLFS; 
16:12:17.0848 5160  ============================================================
16:12:18.0332 5160  ================ Scan system memory ========================
16:12:18.0332 5160  System memory - ok
16:12:18.0332 5160  ================ Scan services =============================
16:12:18.0457 5160  0020681355933756mcinstcleanup - ok
16:12:18.0535 5160  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
16:12:18.0644 5160  1394ohci - ok
16:12:18.0660 5160  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
16:12:18.0675 5160  ACPI - ok
16:12:18.0691 5160  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
16:12:18.0722 5160  AcpiPmi - ok
16:12:18.0784 5160  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:12:18.0800 5160  AdobeARMservice - ok
16:12:18.0862 5160  [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:12:18.0878 5160  AdobeFlashPlayerUpdateSvc - ok
16:12:18.0894 5160  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
16:12:18.0925 5160  adp94xx - ok
16:12:18.0940 5160  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
16:12:18.0956 5160  adpahci - ok
16:12:18.0956 5160  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
16:12:18.0972 5160  adpu320 - ok
16:12:19.0003 5160  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
16:12:19.0034 5160  AeLookupSvc - ok
16:12:19.0050 5160  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
16:12:19.0065 5160  AFD - ok
16:12:19.0081 5160  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
16:12:19.0096 5160  agp440 - ok
16:12:19.0096 5160  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
16:12:19.0112 5160  ALG - ok
16:12:19.0128 5160  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
16:12:19.0143 5160  aliide - ok
16:12:19.0159 5160  [ 812349D328EB406815183A5D17B49E7C ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
16:12:19.0190 5160  AMD External Events Utility - ok
16:12:19.0190 5160  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
16:12:19.0206 5160  amdide - ok
16:12:19.0206 5160  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
16:12:19.0237 5160  AmdK8 - ok
16:12:19.0362 5160  [ 0415FFE1B6A6EA141FEAFCA57567F57F ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
16:12:19.0533 5160  amdkmdag - ok
16:12:19.0549 5160  [ DC24D6F38F17C0D643D9AA8A6852F8D0 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
16:12:19.0564 5160  amdkmdap - ok
16:12:19.0580 5160  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
16:12:19.0596 5160  AmdPPM - ok
16:12:19.0596 5160  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
16:12:19.0611 5160  amdsata - ok
16:12:19.0627 5160  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
16:12:19.0627 5160  amdsbs - ok
16:12:19.0642 5160  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
16:12:19.0642 5160  amdxata - ok
16:12:19.0705 5160  [ D9A92E6DD41C5ADC045AE485026AA40C ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
16:12:19.0720 5160  AntiVirSchedulerService - ok
16:12:19.0736 5160  [ 66A7A38F7C439153B758548375EB9E5E ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
16:12:19.0752 5160  AntiVirService - ok
16:12:19.0767 5160  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
16:12:19.0798 5160  AppID - ok
16:12:19.0814 5160  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
16:12:19.0845 5160  AppIDSvc - ok
16:12:19.0876 5160  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
16:12:19.0892 5160  Appinfo - ok
16:12:19.0908 5160  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
16:12:19.0908 5160  arc - ok
16:12:19.0923 5160  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
16:12:19.0939 5160  arcsas - ok
16:12:20.0001 5160  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:12:20.0017 5160  aspnet_state - ok
16:12:20.0032 5160  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
16:12:20.0079 5160  AsyncMac - ok
16:12:20.0079 5160  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
16:12:20.0095 5160  atapi - ok
16:12:20.0126 5160  [ 417B9BAB376E8E50F6770196656FD348 ] athur           C:\Windows\system32\DRIVERS\athurx.sys
16:12:20.0157 5160  athur - ok
16:12:20.0204 5160  [ 24464B908E143D2561E9E452FEE97309 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
16:12:20.0235 5160  AtiHDAudioService - ok
16:12:20.0266 5160  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:12:20.0313 5160  AudioEndpointBuilder - ok
16:12:20.0329 5160  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
16:12:20.0344 5160  AudioSrv - ok
16:12:20.0360 5160  [ 09E6069EF94B345061B4BD3CEBD974C8 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
16:12:20.0376 5160  avgntflt - ok
16:12:20.0391 5160  [ 488486DAD09A5B6C6DBB8B990A8B2307 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
16:12:20.0391 5160  avipbb - ok
16:12:20.0407 5160  [ 490FA25161BF3E51993EB724ECF0ACEB ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
16:12:20.0422 5160  avkmgr - ok
16:12:20.0422 5160  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
16:12:20.0454 5160  AxInstSV - ok
16:12:20.0469 5160  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
16:12:20.0485 5160  b06bdrv - ok
16:12:20.0500 5160  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
16:12:20.0532 5160  b57nd60a - ok
16:12:20.0547 5160  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
16:12:20.0563 5160  BDESVC - ok
16:12:20.0563 5160  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
16:12:20.0594 5160  Beep - ok
16:12:20.0641 5160  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
16:12:20.0688 5160  BFE - ok
16:12:20.0719 5160  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
16:12:20.0766 5160  BITS - ok
16:12:20.0797 5160  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
16:12:20.0828 5160  blbdrive - ok
16:12:20.0828 5160  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
16:12:20.0859 5160  bowser - ok
16:12:20.0875 5160  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
16:12:20.0890 5160  BrFiltLo - ok
16:12:20.0890 5160  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
16:12:20.0906 5160  BrFiltUp - ok
16:12:20.0922 5160  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
16:12:20.0937 5160  Browser - ok
16:12:20.0953 5160  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
16:12:20.0984 5160  Brserid - ok
16:12:20.0984 5160  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
16:12:21.0015 5160  BrSerWdm - ok
16:12:21.0031 5160  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
16:12:21.0046 5160  BrUsbMdm - ok
16:12:21.0062 5160  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
16:12:21.0078 5160  BrUsbSer - ok
16:12:21.0093 5160  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
16:12:21.0109 5160  BTHMODEM - ok
16:12:21.0109 5160  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
16:12:21.0140 5160  bthserv - ok
16:12:21.0156 5160  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
16:12:21.0187 5160  cdfs - ok
16:12:21.0218 5160  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
16:12:21.0218 5160  cdrom - ok
16:12:21.0234 5160  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
16:12:21.0280 5160  CertPropSvc - ok
16:12:21.0296 5160  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
16:12:21.0312 5160  circlass - ok
16:12:21.0312 5160  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
16:12:21.0327 5160  CLFS - ok
16:12:21.0358 5160  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:12:21.0358 5160  clr_optimization_v2.0.50727_32 - ok
16:12:21.0390 5160  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:12:21.0390 5160  clr_optimization_v2.0.50727_64 - ok
16:12:21.0452 5160  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:12:21.0452 5160  clr_optimization_v4.0.30319_32 - ok
16:12:21.0468 5160  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:12:21.0483 5160  clr_optimization_v4.0.30319_64 - ok
16:12:21.0499 5160  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
16:12:21.0514 5160  CmBatt - ok
16:12:21.0514 5160  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
16:12:21.0530 5160  cmdide - ok
16:12:21.0561 5160  [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG             C:\Windows\system32\Drivers\cng.sys
16:12:21.0608 5160  CNG - ok
16:12:21.0608 5160  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
16:12:21.0624 5160  Compbatt - ok
16:12:21.0639 5160  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
16:12:21.0655 5160  CompositeBus - ok
16:12:21.0655 5160  COMSysApp - ok
16:12:21.0670 5160  cpuz136 - ok
16:12:21.0686 5160  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
16:12:21.0686 5160  crcdisk - ok
16:12:21.0717 5160  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
16:12:21.0748 5160  CryptSvc - ok
16:12:21.0842 5160  [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
16:12:21.0873 5160  cvhsvc - ok
16:12:21.0904 5160  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
16:12:21.0936 5160  DcomLaunch - ok
16:12:21.0967 5160  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
16:12:22.0014 5160  defragsvc - ok
16:12:22.0045 5160  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
16:12:22.0076 5160  DfsC - ok
16:12:22.0092 5160  [ DEF365F0F6E017888C4B869D3BA4B8E0 ] dgderdrv        C:\Windows\system32\drivers\dgderdrv.sys
16:12:22.0092 5160  dgderdrv - ok
16:12:22.0123 5160  [ 0B3F6C8F93C5C25977EA5A8B2E656357 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
16:12:22.0138 5160  dg_ssudbus - ok
16:12:22.0154 5160  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
16:12:22.0170 5160  Dhcp - ok
16:12:22.0185 5160  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
16:12:22.0216 5160  discache - ok
16:12:22.0232 5160  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
16:12:22.0248 5160  Disk - ok
16:12:22.0263 5160  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
16:12:22.0263 5160  Dnscache - ok
16:12:22.0279 5160  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
16:12:22.0310 5160  dot3svc - ok
16:12:22.0326 5160  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
16:12:22.0357 5160  DPS - ok
16:12:22.0372 5160  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
16:12:22.0388 5160  drmkaud - ok
16:12:22.0450 5160  [ 1ED08A6264C5C92099D6D1DAE5E8F530 ] DrvAgent64      C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS
16:12:22.0466 5160  DrvAgent64 - ok
16:12:22.0497 5160  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
16:12:22.0528 5160  DXGKrnl - ok
16:12:22.0544 5160  [ 1BEF2C2E229452EC49FFE5A27283341D ] e1cexpress      C:\Windows\system32\DRIVERS\e1c62x64.sys
16:12:22.0560 5160  e1cexpress - ok
16:12:22.0575 5160  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
16:12:22.0606 5160  EapHost - ok
16:12:22.0653 5160  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
16:12:22.0731 5160  ebdrv - ok
16:12:22.0747 5160  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
16:12:22.0762 5160  EFS - ok
16:12:22.0794 5160  [ 5332EC2BA1C112BD4BB1F38127848FEF ] EgisTec Ticket Service C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
16:12:22.0794 5160  EgisTec Ticket Service - ok
16:12:22.0825 5160  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
16:12:22.0840 5160  ehRecvr - ok
16:12:22.0856 5160  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
16:12:22.0872 5160  ehSched - ok
16:12:22.0903 5160  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
16:12:22.0918 5160  elxstor - ok
16:12:22.0918 5160  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
16:12:22.0950 5160  ErrDev - ok
16:12:22.0965 5160  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
16:12:22.0996 5160  EventSystem - ok
16:12:23.0012 5160  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
16:12:23.0028 5160  exfat - ok
16:12:23.0043 5160  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
16:12:23.0074 5160  fastfat - ok
16:12:23.0090 5160  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
16:12:23.0106 5160  Fax - ok
16:12:23.0121 5160  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
16:12:23.0121 5160  fdc - ok
16:12:23.0137 5160  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
16:12:23.0168 5160  fdPHost - ok
16:12:23.0168 5160  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
16:12:23.0199 5160  FDResPub - ok
16:12:23.0199 5160  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
16:12:23.0215 5160  FileInfo - ok
16:12:23.0215 5160  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
16:12:23.0246 5160  Filetrace - ok
16:12:23.0246 5160  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
16:12:23.0262 5160  flpydisk - ok
16:12:23.0277 5160  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
16:12:23.0293 5160  FltMgr - ok
16:12:23.0324 5160  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
16:12:23.0340 5160  FontCache - ok
16:12:23.0371 5160  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:12:23.0371 5160  FontCache3.0.0.0 - ok
16:12:23.0386 5160  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
16:12:23.0386 5160  FsDepends - ok
16:12:23.0402 5160  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
16:12:23.0402 5160  Fs_Rec - ok
16:12:23.0480 5160  [ B99C240DEA85007044E178C1C9C75659 ] Futuremark SystemInfo Service C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
16:12:23.0496 5160  Futuremark SystemInfo Service - ok
16:12:23.0511 5160  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
16:12:23.0542 5160  fvevol - ok
16:12:23.0542 5160  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
16:12:23.0574 5160  gagp30kx - ok
16:12:23.0589 5160  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
16:12:23.0636 5160  gpsvc - ok
16:12:23.0683 5160  [ 32096F187020A54D29C95B3A1467D963 ] GREGService     C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
16:12:23.0698 5160  GREGService - ok
16:12:23.0714 5160  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:12:23.0730 5160  gupdate - ok
16:12:23.0730 5160  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:12:23.0745 5160  gupdatem - ok
16:12:23.0761 5160  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
16:12:23.0776 5160  hamachi - ok
16:12:23.0854 5160  [ DBCF8F2EA9111510B5B86E1EE9CD8816 ] Hamachi2Svc     C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
16:12:23.0917 5160  Hamachi2Svc - ok
16:12:23.0917 5160  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
16:12:23.0932 5160  hcw85cir - ok
16:12:23.0948 5160  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:12:23.0964 5160  HdAudAddService - ok
16:12:23.0979 5160  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
16:12:23.0995 5160  HDAudBus - ok
16:12:24.0010 5160  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
16:12:24.0026 5160  HidBatt - ok
16:12:24.0042 5160  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
16:12:24.0057 5160  HidBth - ok
16:12:24.0057 5160  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
16:12:24.0073 5160  HidIr - ok
16:12:24.0088 5160  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
16:12:24.0120 5160  hidserv - ok
16:12:24.0120 5160  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
16:12:24.0135 5160  HidUsb - ok
16:12:24.0135 5160  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
16:12:24.0182 5160  hkmsvc - ok
16:12:24.0182 5160  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:12:24.0198 5160  HomeGroupListener - ok
16:12:24.0229 5160  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:12:24.0244 5160  HomeGroupProvider - ok
16:12:24.0244 5160  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
16:12:24.0260 5160  HpSAMD - ok
16:12:24.0291 5160  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
16:12:24.0322 5160  HTTP - ok
16:12:24.0322 5160  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
16:12:24.0338 5160  hwpolicy - ok
16:12:24.0338 5160  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
16:12:24.0354 5160  i8042prt - ok
16:12:24.0369 5160  [ C224331A54571C8C9162F7714400BBBD ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
16:12:24.0369 5160  iaStor - ok
16:12:24.0416 5160  [ 7D4B9A48430ED57ACA6373B71D5904CA ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
16:12:24.0416 5160  IAStorDataMgrSvc - ok
16:12:24.0432 5160  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
16:12:24.0447 5160  iaStorV - ok
16:12:24.0494 5160  [ C58305AC412A2DE95D461072E0AF5AAF ] IBUpdaterService C:\Windows\system32\dmwu.exe
16:12:24.0556 5160  IBUpdaterService - ok
16:12:24.0588 5160  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:12:24.0619 5160  idsvc - ok
16:12:24.0634 5160  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
16:12:24.0634 5160  iirsp - ok
16:12:24.0666 5160  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
16:12:24.0697 5160  IKEEXT - ok
16:12:24.0697 5160  IntcAzAudAddService - ok
16:12:24.0728 5160  [ 832CE330DD987227B7DEA8C03F22AEFA ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
16:12:24.0759 5160  Intel(R) Capability Licensing Service Interface - ok
16:12:24.0759 5160  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
16:12:24.0759 5160  intelide - ok
16:12:24.0775 5160  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
16:12:24.0790 5160  intelppm - ok
16:12:24.0790 5160  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
16:12:24.0837 5160  IPBusEnum - ok
16:12:24.0837 5160  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:12:24.0868 5160  IpFilterDriver - ok
16:12:24.0884 5160  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
16:12:24.0915 5160  iphlpsvc - ok
16:12:24.0915 5160  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
16:12:24.0931 5160  IPMIDRV - ok
16:12:24.0946 5160  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
16:12:24.0978 5160  IPNAT - ok
16:12:24.0978 5160  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
16:12:24.0993 5160  IRENUM - ok
16:12:24.0993 5160  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
16:12:25.0009 5160  isapnp - ok
16:12:25.0024 5160  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
16:12:25.0040 5160  iScsiPrt - ok
16:12:25.0056 5160  [ DC0DBA5164F657DE2AE94B9D1FF75DA4 ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys
16:12:25.0071 5160  iusb3hcs - ok
16:12:25.0087 5160  [ BA4F3A70F03584E5B907DA815677727D ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
16:12:25.0102 5160  iusb3hub - ok
16:12:25.0118 5160  [ E6130F70D61867C7EFC13A2F808EDC58 ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
16:12:25.0134 5160  iusb3xhc - ok
16:12:25.0165 5160  [ 468F7516B4030603BA9D1427CCEACDF9 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
16:12:25.0180 5160  jhi_service - ok
16:12:25.0180 5160  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
16:12:25.0196 5160  kbdclass - ok
16:12:25.0196 5160  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
16:12:25.0212 5160  kbdhid - ok
16:12:25.0227 5160  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
16:12:25.0243 5160  KeyIso - ok
16:12:25.0258 5160  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
16:12:25.0258 5160  KSecDD - ok
16:12:25.0290 5160  [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
16:12:25.0321 5160  KSecPkg - ok
16:12:25.0321 5160  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
16:12:25.0368 5160  ksthunk - ok
16:12:25.0383 5160  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
16:12:25.0414 5160  KtmRm - ok
16:12:25.0446 5160  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
16:12:25.0492 5160  LanmanServer - ok
16:12:25.0508 5160  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:12:25.0524 5160  LanmanWorkstation - ok
16:12:25.0555 5160  [ 6BB516A31DE232DAB436FF3A117E1E80 ] Live Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
16:12:25.0555 5160  Live Updater Service - ok
16:12:25.0586 5160  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
16:12:25.0633 5160  lltdio - ok
16:12:25.0648 5160  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
16:12:25.0695 5160  lltdsvc - ok
16:12:25.0695 5160  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
16:12:25.0726 5160  lmhosts - ok
16:12:25.0726 5160  [ B114B200CCDEBC7EBD8EF5D783819386 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
16:12:25.0742 5160  LMS - ok
16:12:25.0758 5160  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
16:12:25.0758 5160  LSI_FC - ok
16:12:25.0773 5160  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
16:12:25.0773 5160  LSI_SAS - ok
16:12:25.0789 5160  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
16:12:25.0804 5160  LSI_SAS2 - ok
16:12:25.0804 5160  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
16:12:25.0820 5160  LSI_SCSI - ok
16:12:25.0836 5160  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
16:12:25.0867 5160  luafv - ok
16:12:25.0867 5160  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
16:12:25.0882 5160  Mcx2Svc - ok
16:12:25.0898 5160  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
16:12:25.0914 5160  megasas - ok
16:12:25.0914 5160  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
16:12:25.0929 5160  MegaSR - ok
16:12:25.0945 5160  [ 772A1DEEDFDBC244183B5C805D1B7D85 ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
16:12:25.0945 5160  MEIx64 - ok
16:12:25.0960 5160  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
16:12:25.0976 5160  MMCSS - ok
16:12:25.0992 5160  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
16:12:26.0023 5160  Modem - ok
16:12:26.0038 5160  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
16:12:26.0054 5160  monitor - ok
16:12:26.0070 5160  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
16:12:26.0085 5160  mouclass - ok
16:12:26.0085 5160  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
16:12:26.0101 5160  mouhid - ok
16:12:26.0101 5160  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
16:12:26.0101 5160  mountmgr - ok
16:12:26.0132 5160  [ 9C3758018DED02F4AE53CCA1C5F084A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:12:26.0163 5160  MozillaMaintenance - ok
16:12:26.0163 5160  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
16:12:26.0179 5160  mpio - ok
16:12:26.0194 5160  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
16:12:26.0226 5160  mpsdrv - ok
16:12:26.0241 5160  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
16:12:26.0272 5160  MpsSvc - ok
16:12:26.0288 5160  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
16:12:26.0304 5160  MRxDAV - ok
16:12:26.0319 5160  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
16:12:26.0335 5160  mrxsmb - ok
16:12:26.0350 5160  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:12:26.0366 5160  mrxsmb10 - ok
16:12:26.0366 5160  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:12:26.0382 5160  mrxsmb20 - ok
16:12:26.0382 5160  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
16:12:26.0397 5160  msahci - ok
16:12:26.0413 5160  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
16:12:26.0413 5160  msdsm - ok
16:12:26.0428 5160  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
16:12:26.0444 5160  MSDTC - ok
16:12:26.0460 5160  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
16:12:26.0475 5160  Msfs - ok
16:12:26.0491 5160  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
16:12:26.0506 5160  mshidkmdf - ok
16:12:26.0522 5160  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
16:12:26.0522 5160  msisadrv - ok
16:12:26.0538 5160  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
16:12:26.0569 5160  MSiSCSI - ok
16:12:26.0569 5160  msiserver - ok
16:12:26.0584 5160  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
16:12:26.0600 5160  MSKSSRV - ok
16:12:26.0600 5160  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
16:12:26.0647 5160  MSPCLOCK - ok
16:12:26.0647 5160  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
16:12:26.0662 5160  MSPQM - ok
16:12:26.0678 5160  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
16:12:26.0694 5160  MsRPC - ok
16:12:26.0694 5160  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
16:12:26.0709 5160  mssmbios - ok
16:12:26.0709 5160  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
16:12:26.0740 5160  MSTEE - ok
16:12:26.0740 5160  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
16:12:26.0756 5160  MTConfig - ok
16:12:26.0756 5160  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
16:12:26.0772 5160  Mup - ok
16:12:26.0772 5160  [ C009123B206C56854F4E88596035231D ] mwlPSDFilter    C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
16:12:26.0787 5160  mwlPSDFilter - ok
16:12:26.0787 5160  [ BF3739EEB9F008B1DEBAC115089A53F8 ] mwlPSDNServ     C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
16:12:26.0787 5160  mwlPSDNServ - ok
16:12:26.0803 5160  [ 38DD143D95E7A01B86F219DDA9C28779 ] mwlPSDVDisk     C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
16:12:26.0803 5160  mwlPSDVDisk - ok
16:12:26.0818 5160  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
16:12:26.0850 5160  napagent - ok
16:12:26.0865 5160  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
16:12:26.0881 5160  NativeWifiP - ok
16:12:26.0928 5160  [ 7F79DA9E719D0774BDBC3622ABD3AFD9 ] NAUpdate        C:\Program Files (x86)\Nero\Update\NASvc.exe
16:12:26.0959 5160  NAUpdate - ok
16:12:26.0974 5160  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
16:12:26.0990 5160  NDIS - ok
16:12:27.0006 5160  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
16:12:27.0021 5160  NdisCap - ok
16:12:27.0037 5160  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
16:12:27.0052 5160  NdisTapi - ok
16:12:27.0068 5160  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
16:12:27.0099 5160  Ndisuio - ok
16:12:27.0099 5160  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
16:12:27.0130 5160  NdisWan - ok
16:12:27.0130 5160  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
16:12:27.0162 5160  NDProxy - ok
16:12:27.0162 5160  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
16:12:27.0193 5160  NetBIOS - ok
16:12:27.0193 5160  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
16:12:27.0224 5160  NetBT - ok
16:12:27.0224 5160  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
16:12:27.0240 5160  Netlogon - ok
16:12:27.0255 5160  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
16:12:27.0286 5160  Netman - ok
16:12:27.0333 5160  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:12:27.0349 5160  NetMsmqActivator - ok
16:12:27.0349 5160  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:12:27.0364 5160  NetPipeActivator - ok
16:12:27.0380 5160  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
16:12:27.0427 5160  netprofm - ok
16:12:27.0427 5160  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:12:27.0442 5160  NetTcpActivator - ok
16:12:27.0442 5160  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:12:27.0442 5160  NetTcpPortSharing - ok
16:12:27.0458 5160  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
16:12:27.0474 5160  nfrd960 - ok
16:12:27.0489 5160  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
16:12:27.0505 5160  NlaSvc - ok
16:12:27.0520 5160  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
16:12:27.0536 5160  Npfs - ok
16:12:27.0552 5160  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
16:12:27.0567 5160  nsi - ok
16:12:27.0583 5160  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
16:12:27.0598 5160  nsiproxy - ok
16:12:27.0645 5160  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
16:12:27.0692 5160  Ntfs - ok
16:12:27.0692 5160  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
16:12:27.0723 5160  Null - ok
16:12:27.0739 5160  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
16:12:27.0739 5160  nvraid - ok
16:12:27.0754 5160  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
16:12:27.0754 5160  nvstor - ok
16:12:27.0754 5160  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
16:12:27.0770 5160  nv_agp - ok
16:12:27.0770 5160  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
16:12:27.0786 5160  ohci1394 - ok
16:12:27.0832 5160  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:12:27.0848 5160  ose - ok
16:12:27.0957 5160  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:12:28.0066 5160  osppsvc - ok
16:12:28.0082 5160  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
16:12:28.0098 5160  p2pimsvc - ok
16:12:28.0098 5160  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
16:12:28.0113 5160  p2psvc - ok
16:12:28.0113 5160  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\drivers\parport.sys
16:12:28.0129 5160  Parport - ok
16:12:28.0144 5160  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
16:12:28.0160 5160  partmgr - ok
16:12:28.0160 5160  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
16:12:28.0176 5160  PcaSvc - ok
16:12:28.0191 5160  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
16:12:28.0207 5160  pci - ok
16:12:28.0207 5160  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
16:12:28.0222 5160  pciide - ok
16:12:28.0238 5160  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
16:12:28.0238 5160  pcmcia - ok
16:12:28.0254 5160  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
16:12:28.0254 5160  pcw - ok
16:12:28.0269 5160  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
16:12:28.0300 5160  PEAUTH - ok
16:12:28.0363 5160  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
16:12:28.0378 5160  PerfHost - ok
16:12:28.0410 5160  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
16:12:28.0503 5160  pla - ok
16:12:28.0519 5160  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
16:12:28.0534 5160  PlugPlay - ok
16:12:28.0550 5160  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
16:12:28.0581 5160  PNRPAutoReg - ok
16:12:28.0581 5160  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
16:12:28.0581 5160  PNRPsvc - ok
16:12:28.0597 5160  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
16:12:28.0628 5160  PolicyAgent - ok
16:12:28.0644 5160  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
16:12:28.0659 5160  Power - ok
16:12:28.0675 5160  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
16:12:28.0706 5160  PptpMiniport - ok
16:12:28.0706 5160  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
16:12:28.0737 5160  Processor - ok
16:12:28.0753 5160  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
16:12:28.0768 5160  ProfSvc - ok
16:12:28.0784 5160  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:12:28.0800 5160  ProtectedStorage - ok
16:12:28.0815 5160  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
16:12:28.0831 5160  Psched - ok
16:12:28.0862 5160  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
16:12:28.0893 5160  ql2300 - ok
16:12:28.0893 5160  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
16:12:28.0909 5160  ql40xx - ok
16:12:28.0924 5160  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
16:12:28.0940 5160  QWAVE - ok
16:12:28.0956 5160  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
16:12:28.0956 5160  QWAVEdrv - ok
16:12:28.0971 5160  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
16:12:28.0987 5160  RasAcd - ok
16:12:29.0002 5160  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
16:12:29.0034 5160  RasAgileVpn - ok
16:12:29.0049 5160  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
16:12:29.0065 5160  RasAuto - ok
16:12:29.0080 5160  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
16:12:29.0112 5160  Rasl2tp - ok
16:12:29.0127 5160  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
16:12:29.0158 5160  RasMan - ok
16:12:29.0174 5160  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
16:12:29.0205 5160  RasPppoe - ok
16:12:29.0205 5160  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
16:12:29.0221 5160  RasSstp - ok
16:12:29.0236 5160  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
16:12:29.0268 5160  rdbss - ok
16:12:29.0268 5160  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
16:12:29.0283 5160  rdpbus - ok
16:12:29.0283 5160  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
16:12:29.0314 5160  RDPCDD - ok
16:12:29.0314 5160  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
16:12:29.0346 5160  RDPENCDD - ok
16:12:29.0361 5160  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
16:12:29.0377 5160  RDPREFMP - ok
16:12:29.0408 5160  [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
16:12:29.0424 5160  RdpVideoMiniport - ok
16:12:29.0455 5160  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
16:12:29.0455 5160  RDPWD - ok
16:12:29.0470 5160  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
16:12:29.0486 5160  rdyboost - ok
16:12:29.0486 5160  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
16:12:29.0517 5160  RemoteAccess - ok
16:12:29.0533 5160  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
16:12:29.0564 5160  RemoteRegistry - ok
16:12:29.0564 5160  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
16:12:29.0595 5160  RpcEptMapper - ok
16:12:29.0611 5160  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
16:12:29.0626 5160  RpcLocator - ok
16:12:29.0642 5160  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
16:12:29.0658 5160  RpcSs - ok
16:12:29.0673 5160  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
16:12:29.0689 5160  rspndr - ok
16:12:29.0704 5160  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
16:12:29.0704 5160  SamSs - ok
16:12:29.0720 5160  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
16:12:29.0736 5160  sbp2port - ok
16:12:29.0736 5160  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
16:12:29.0767 5160  SCardSvr - ok
16:12:29.0767 5160  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
16:12:29.0798 5160  scfilter - ok
16:12:29.0829 5160  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
16:12:29.0860 5160  Schedule - ok
16:12:29.0876 5160  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
16:12:29.0892 5160  SCPolicySvc - ok
16:12:29.0907 5160  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
16:12:29.0923 5160  SDRSVC - ok
16:12:29.0938 5160  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
16:12:29.0954 5160  secdrv - ok
16:12:29.0970 5160  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
16:12:29.0985 5160  seclogon - ok
16:12:30.0001 5160  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
16:12:30.0016 5160  SENS - ok
16:12:30.0032 5160  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
16:12:30.0032 5160  SensrSvc - ok
16:12:30.0063 5160  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\drivers\serenum.sys
16:12:30.0063 5160  Serenum - ok
16:12:30.0079 5160  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\drivers\serial.sys
16:12:30.0079 5160  Serial - ok
16:12:30.0094 5160  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
16:12:30.0110 5160  sermouse - ok
16:12:30.0126 5160  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
16:12:30.0157 5160  SessionEnv - ok
16:12:30.0157 5160  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
16:12:30.0157 5160  sffdisk - ok
16:12:30.0172 5160  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
16:12:30.0172 5160  sffp_mmc - ok
16:12:30.0172 5160  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
16:12:30.0188 5160  sffp_sd - ok
16:12:30.0204 5160  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
16:12:30.0204 5160  sfloppy - ok
16:12:30.0235 5160  [ C6CC9297BD53E5229653303E556AA539 ] Sftfs           C:\Windows\system32\DRIVERS\Sftfslh.sys
16:12:30.0266 5160  Sftfs - ok
16:12:30.0297 5160  [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
16:12:30.0328 5160  sftlist - ok
16:12:30.0344 5160  [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay         C:\Windows\system32\DRIVERS\Sftplaylh.sys
16:12:30.0360 5160  Sftplay - ok
16:12:30.0360 5160  [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys
16:12:30.0375 5160  Sftredir - ok
16:12:30.0375 5160  [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys
16:12:30.0391 5160  Sftvol - ok
16:12:30.0391 5160  [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
16:12:30.0406 5160  sftvsa - ok
16:12:30.0422 5160  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
16:12:30.0453 5160  SharedAccess - ok
16:12:30.0469 5160  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:12:30.0500 5160  ShellHWDetection - ok
16:12:30.0500 5160  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
16:12:30.0516 5160  SiSRaid2 - ok
16:12:30.0516 5160  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
16:12:30.0531 5160  SiSRaid4 - ok
16:12:30.0562 5160  [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
16:12:30.0578 5160  SkypeUpdate - ok
16:12:30.0594 5160  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
16:12:30.0625 5160  Smb - ok
16:12:30.0640 5160  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
16:12:30.0656 5160  SNMPTRAP - ok
16:12:30.0672 5160  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
16:12:30.0672 5160  spldr - ok
16:12:30.0687 5160  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
16:12:30.0703 5160  Spooler - ok
16:12:30.0734 5160  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
16:12:30.0796 5160  sppsvc - ok
16:12:30.0812 5160  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
16:12:30.0828 5160  sppuinotify - ok
16:12:30.0843 5160  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
16:12:30.0859 5160  srv - ok
16:12:30.0874 5160  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
16:12:30.0890 5160  srv2 - ok
16:12:30.0906 5160  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
16:12:30.0921 5160  srvnet - ok
16:12:30.0937 5160  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
16:12:30.0952 5160  SSDPSRV - ok
16:12:30.0968 5160  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
16:12:30.0984 5160  SstpSvc - ok
16:12:31.0015 5160  [ EA8F41484CCC5BA6A1455C2AD3D1BE3C ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
16:12:31.0030 5160  ssudmdm - ok
16:12:31.0062 5160  [ 58C89A89D4AF0288DCF432EC0B358438 ] ssudserd        C:\Windows\system32\DRIVERS\ssudserd.sys
16:12:31.0077 5160  ssudserd - ok
16:12:31.0093 5160  Steam Client Service - ok
16:12:31.0108 5160  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
16:12:31.0124 5160  stexstor - ok
16:12:31.0140 5160  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
16:12:31.0171 5160  stisvc - ok
16:12:31.0186 5160  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
16:12:31.0202 5160  swenum - ok
16:12:31.0218 5160  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
16:12:31.0264 5160  swprv - ok
16:12:31.0311 5160  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
16:12:31.0342 5160  SysMain - ok
16:12:31.0358 5160  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:12:31.0374 5160  TabletInputService - ok
16:12:31.0389 5160  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
16:12:31.0405 5160  TapiSrv - ok
16:12:31.0420 5160  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
16:12:31.0436 5160  TBS - ok
16:12:31.0467 5160  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
16:12:31.0530 5160  Tcpip - ok
16:12:31.0545 5160  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
16:12:31.0561 5160  TCPIP6 - ok
16:12:31.0576 5160  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
16:12:31.0592 5160  tcpipreg - ok
16:12:31.0608 5160  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
16:12:31.0623 5160  TDPIPE - ok
16:12:31.0623 5160  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
16:12:31.0639 5160  TDTCP - ok
16:12:31.0654 5160  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
16:12:31.0670 5160  tdx - ok
16:12:31.0686 5160  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
16:12:31.0686 5160  TermDD - ok
16:12:31.0701 5160  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
16:12:31.0732 5160  TermService - ok
16:12:31.0748 5160  [ CE4B6956E4E12492715A53076E58761F ] TFsExDisk       C:\Windows\System32\Drivers\TFsExDisk.sys
16:12:31.0748 5160  TFsExDisk - ok
16:12:31.0764 5160  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
16:12:31.0764 5160  Themes - ok
16:12:31.0779 5160  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
16:12:31.0810 5160  THREADORDER - ok
16:12:31.0810 5160  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
16:12:31.0842 5160  TrkWks - ok
16:12:31.0873 5160  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:12:31.0904 5160  TrustedInstaller - ok
16:12:31.0920 5160  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
16:12:31.0935 5160  tssecsrv - ok
16:12:31.0966 5160  [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
16:12:31.0982 5160  TsUsbFlt - ok
16:12:31.0998 5160  [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
16:12:32.0013 5160  TsUsbGD - ok
16:12:32.0029 5160  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
16:12:32.0076 5160  tunnel - ok
16:12:32.0076 5160  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
16:12:32.0091 5160  uagp35 - ok
16:12:32.0107 5160  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
16:12:32.0138 5160  udfs - ok
16:12:32.0154 5160  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
16:12:32.0154 5160  UI0Detect - ok
16:12:32.0169 5160  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
16:12:32.0185 5160  uliagpkx - ok
16:12:32.0185 5160  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
16:12:32.0216 5160  umbus - ok
16:12:32.0216 5160  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
16:12:32.0232 5160  UmPass - ok
16:12:32.0294 5160  [ 6617E7CC9DC6729A11BFF54C47CEA7D0 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
16:12:32.0310 5160  UNS - ok
16:12:32.0310 5160  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
16:12:32.0356 5160  upnphost - ok
16:12:32.0356 5160  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
16:12:32.0372 5160  usbccgp - ok
16:12:32.0388 5160  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
16:12:32.0403 5160  usbcir - ok
16:12:32.0403 5160  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
16:12:32.0419 5160  usbehci - ok
16:12:32.0434 5160  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\drivers\usbhub.sys
16:12:32.0450 5160  usbhub - ok
16:12:32.0466 5160  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
16:12:32.0481 5160  usbohci - ok
16:12:32.0481 5160  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\drivers\usbprint.sys
16:12:32.0497 5160  usbprint - ok
16:12:32.0512 5160  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:12:32.0528 5160  USBSTOR - ok
16:12:32.0528 5160  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
16:12:32.0559 5160  usbuhci - ok
16:12:32.0559 5160  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
16:12:32.0606 5160  UxSms - ok
16:12:32.0606 5160  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
16:12:32.0622 5160  VaultSvc - ok
16:12:32.0622 5160  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
16:12:32.0637 5160  vdrvroot - ok
16:12:32.0653 5160  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
16:12:32.0684 5160  vds - ok
16:12:32.0700 5160  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
16:12:32.0700 5160  vga - ok
16:12:32.0715 5160  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
16:12:32.0731 5160  VgaSave - ok
16:12:32.0746 5160  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
16:12:32.0762 5160  vhdmp - ok
16:12:32.0762 5160  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
16:12:32.0778 5160  viaide - ok
16:12:32.0778 5160  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
16:12:32.0793 5160  volmgr - ok
16:12:32.0809 5160  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
16:12:32.0809 5160  volmgrx - ok
16:12:32.0824 5160  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
16:12:32.0840 5160  volsnap - ok
16:12:32.0856 5160  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
16:12:32.0856 5160  vsmraid - ok
16:12:32.0887 5160  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
16:12:32.0965 5160  VSS - ok
16:12:32.0980 5160  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
16:12:33.0012 5160  vwifibus - ok
16:12:33.0027 5160  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
16:12:33.0058 5160  vwififlt - ok
16:12:33.0074 5160  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
16:12:33.0105 5160  W32Time - ok
16:12:33.0121 5160  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
16:12:33.0136 5160  WacomPen - ok
16:12:33.0136 5160  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
16:12:33.0168 5160  WANARP - ok
16:12:33.0168 5160  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
16:12:33.0183 5160  Wanarpv6 - ok
16:12:33.0214 5160  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
16:12:33.0246 5160  wbengine - ok
16:12:33.0277 5160  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
16:12:33.0308 5160  WbioSrvc - ok
16:12:33.0308 5160  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
16:12:33.0339 5160  wcncsvc - ok
16:12:33.0355 5160  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:12:33.0370 5160  WcsPlugInService - ok
16:12:33.0386 5160  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
16:12:33.0402 5160  Wd - ok
16:12:33.0433 5160  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
16:12:33.0464 5160  Wdf01000 - ok
16:12:33.0480 5160  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
16:12:33.0511 5160  WdiServiceHost - ok
16:12:33.0511 5160  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
16:12:33.0526 5160  WdiSystemHost - ok
16:12:33.0542 5160  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
16:12:33.0573 5160  WebClient - ok
16:12:33.0589 5160  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
16:12:33.0636 5160  Wecsvc - ok
16:12:33.0636 5160  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
16:12:33.0667 5160  wercplsupport - ok
16:12:33.0682 5160  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
16:12:33.0698 5160  WerSvc - ok
16:12:33.0698 5160  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
16:12:33.0729 5160  WfpLwf - ok
16:12:33.0729 5160  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
16:12:33.0745 5160  WIMMount - ok
16:12:33.0760 5160  WinDefend - ok
16:12:33.0760 5160  WinHttpAutoProxySvc - ok
16:12:33.0807 5160  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
16:12:33.0838 5160  Winmgmt - ok
16:12:33.0870 5160  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
16:12:33.0916 5160  WinRM - ok
16:12:33.0948 5160  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
16:12:33.0963 5160  WinUsb - ok
16:12:33.0979 5160  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
16:12:34.0010 5160  Wlansvc - ok
16:12:34.0041 5160  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
16:12:34.0057 5160  wlcrasvc - ok
16:12:34.0104 5160  [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:12:34.0182 5160  wlidsvc - ok
16:12:34.0182 5160  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
16:12:34.0197 5160  WmiAcpi - ok
16:12:34.0213 5160  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
16:12:34.0228 5160  wmiApSrv - ok
16:12:34.0244 5160  WMPNetworkSvc - ok
16:12:34.0260 5160  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
16:12:34.0291 5160  WPCSvc - ok
16:12:34.0291 5160  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
16:12:34.0306 5160  WPDBusEnum - ok
16:12:34.0322 5160  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
16:12:34.0353 5160  ws2ifsl - ok
16:12:34.0353 5160  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
16:12:34.0369 5160  wscsvc - ok
16:12:34.0369 5160  WSearch - ok
16:12:34.0400 5160  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
16:12:34.0447 5160  wuauserv - ok
16:12:34.0478 5160  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
16:12:34.0478 5160  WudfPf - ok
16:12:34.0494 5160  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
16:12:34.0509 5160  WUDFRd - ok
16:12:34.0525 5160  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
16:12:34.0540 5160  wudfsvc - ok
16:12:34.0556 5160  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\Windows\System32\wwansvc.dll
16:12:34.0572 5160  WwanSvc - ok
16:12:34.0603 5160  [ 2EE48CFCE7CA8E0DB4C44C7476C0943B ] xusb21          C:\Windows\system32\DRIVERS\xusb21.sys
16:12:34.0618 5160  xusb21 - ok
16:12:34.0634 5160  ================ Scan global ===============================
16:12:34.0650 5160  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
16:12:34.0665 5160  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
16:12:34.0665 5160  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
16:12:34.0681 5160  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
16:12:34.0696 5160  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
16:12:34.0712 5160  [Global] - ok
16:12:34.0712 5160  ================ Scan MBR ==================================
16:12:34.0728 5160  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:12:34.0930 5160  \Device\Harddisk0\DR0 - ok
16:12:34.0930 5160  ================ Scan VBR ==================================
16:12:34.0930 5160  [ CE41796E4142E3A245A5593688C069D7 ] \Device\Harddisk0\DR0\Partition1
16:12:34.0930 5160  \Device\Harddisk0\DR0\Partition1 - ok
16:12:34.0946 5160  [ 10108885B2F564533081DE2235B35D36 ] \Device\Harddisk0\DR0\Partition2
16:12:34.0946 5160  \Device\Harddisk0\DR0\Partition2 - ok
16:12:34.0962 5160  [ FC23C9CE722B764E998DBDE99283B873 ] \Device\Harddisk0\DR0\Partition3
16:12:34.0977 5160  \Device\Harddisk0\DR0\Partition3 - ok
16:12:34.0977 5160  ============================================================
16:12:34.0977 5160  Scan finished
16:12:34.0977 5160  ============================================================
16:12:34.0977 5172  Detected object count: 0
16:12:34.0977 5172  Actual detected object count: 0
16:13:06.0990 2084  Deinitialize success
         

Alt 11.06.2013, 17:46   #9
markusg
/// Malware-holic
 
hat perion network ltd mit einem virus zu tun? - Standard

hat perion network ltd mit einem virus zu tun?



Hi,
Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 12.06.2013, 16:49   #10
kripa01
 
hat perion network ltd mit einem virus zu tun? - Standard

hat perion network ltd mit einem virus zu tun?



Okay! Es gab keinerlei Fehlermeldungen oder sonstiges, alles hat geklappt, wie geschmiert.
Code:
ATTFilter
ComboFix 13-06-08.02 - Maxim 12.06.2013  17:41:06.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.8141.6209 [GMT 2:00]
ausgeführt von:: c:\users\Maxim\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Funmoods
c:\program files (x86)\Funmoods\1.5.23.22\bh\escort.dll
c:\program files (x86)\Funmoods\1.5.23.22\escortApp.dll
c:\program files (x86)\Funmoods\1.5.23.22\escortEng.dll
c:\program files (x86)\Funmoods\1.5.23.22\escorTlbr.dll
c:\program files (x86)\Funmoods\1.5.23.22\escortShld.dll
c:\program files (x86)\Funmoods\1.5.23.22\FavIcon.ico
c:\program files (x86)\Funmoods\1.5.23.22\funmoodssrv.exe
c:\program files (x86)\Funmoods\1.5.23.22\Sqlite3.dll
c:\program files (x86)\Funmoods\1.5.23.22\uninst.dat
c:\program files (x86)\Funmoods\1.5.23.22\uninstall.exe
c:\program files (x86)\TP-LINK\TP-LINK-Konfigurationstool\TWCU.exe
c:\users\Maxim\AppData\Roaming\Love
c:\users\Maxim\AppData\Roaming\Love\mari0\mappacks\custom_mappack_1\settings.txt
c:\users\Maxim\AppData\Roaming\Love\mari0\options.txt
c:\windows\SysWow64\muzapp.exe
D:\install.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-05-12 bis 2013-06-12  ))))))))))))))))))))))))))))))
.
.
2013-06-12 15:44 . 2013-06-12 15:44	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-06-11 14:34 . 2013-06-11 14:34	--------	d-----w-	c:\program files (x86)\MyFree Codec
2013-06-11 14:26 . 2013-04-18 10:09	37344	----a-w-	c:\windows\SysWow64\FsUsbExDisk.Sys
2013-06-11 14:26 . 2013-04-18 10:09	233472	----a-w-	c:\windows\SysWow64\FsUsbExService.Exe
2013-06-11 14:26 . 2011-06-07 10:14	110592	----a-w-	c:\windows\SysWow64\FsUsbExDevice.Dll
2013-06-11 14:18 . 2013-06-11 15:48	--------	d-----w-	c:\users\Maxim\AppData\Roaming\Mp3tag
2013-06-11 14:18 . 2013-06-11 14:18	--------	d-----w-	c:\program files (x86)\Mp3tag
2013-06-04 07:15 . 2013-06-04 07:15	103448	----a-w-	c:\windows\system32\drivers\ssudbus.sys
2013-06-04 07:15 . 2013-06-04 07:15	203672	----a-w-	c:\windows\system32\drivers\ssudmdm.sys
2013-06-02 15:26 . 2013-06-08 13:53	--------	d-----w-	c:\windows\SysWow64\WNLT
2013-06-02 15:26 . 2013-06-03 13:50	--------	d-----w-	c:\windows\SysWow64\jmdp
2013-06-02 15:26 . 2013-06-02 15:26	--------	d-----w-	c:\windows\SysWow64\ARFC
2013-06-02 15:26 . 2013-05-21 13:31	1447728	----a-w-	c:\windows\system32\dmwu.exe
2013-06-02 15:26 . 2013-05-21 13:30	33792	----a-w-	c:\windows\system32\ImHttpComm.dll
2013-05-24 16:23 . 2013-05-24 16:23	--------	d-----w-	c:\program files (x86)\LogMeIn Hamachi
2013-05-16 15:24 . 2013-05-17 09:56	--------	d-----w-	c:\program files (x86)\Mozilla Thunderbird
2013-05-14 12:24 . 2013-05-14 12:24	--------	d-----w-	c:\program files (x86)\RobotKarol
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-16 11:55 . 2012-12-21 09:33	75016696	----a-w-	c:\windows\system32\MRT.exe
2013-05-15 12:56 . 2012-03-06 11:11	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-15 12:56 . 2012-03-06 11:11	692104	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-05-10 08:25 . 2011-03-29 02:36	22240	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-07 14:30 . 2013-05-07 14:30	83160	----a-w-	c:\windows\system32\drivers\avnetflt.sys
2013-04-18 10:07 . 2011-06-07 10:13	330240	----a-w-	c:\windows\MASetupCaller.dll
2013-04-18 10:06 . 2011-06-07 10:13	45320	----a-w-	c:\windows\SysWow64\MAMACExtract.dll
2013-04-13 05:49 . 2013-05-16 10:32	135168	----a-w-	c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-16 10:32	350208	----a-w-	c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-16 10:32	308736	----a-w-	c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-16 10:32	111104	----a-w-	c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-16 10:32	474624	----a-w-	c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-16 10:32	2176512	----a-w-	c:\windows\apppatch\AcGenral.dll
2013-04-12 14:45 . 2013-04-24 14:05	1656680	----a-w-	c:\windows\system32\drivers\ntfs.sys
2013-04-04 03:35 . 2013-03-12 16:34	95648	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-03-25 15:09 . 2013-03-25 15:10	28600	----a-w-	c:\windows\system32\drivers\avkmgr.sys
2013-03-25 15:09 . 2013-03-25 15:10	130016	----a-w-	c:\windows\system32\drivers\avipbb.sys
2013-03-25 15:09 . 2013-03-25 15:10	100712	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2013-03-22 16:46 . 2013-03-22 16:46	21712	----a-w-	c:\windows\SysWow64\drivers\DrvAgent64.SYS
2013-03-19 06:04 . 2013-04-10 14:26	5550424	----a-w-	c:\windows\system32\ntoskrnl.exe
2013-03-19 05:46 . 2013-04-10 14:26	43520	----a-w-	c:\windows\system32\csrsrv.dll
2013-03-19 05:04 . 2013-04-10 14:26	3968856	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04 . 2013-04-10 14:26	3913560	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47 . 2013-04-10 14:26	6656	----a-w-	c:\windows\SysWow64\apisetschema.dll
2013-03-19 03:06 . 2013-04-10 14:26	112640	----a-w-	c:\windows\system32\smss.exe
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
2013-04-05 18:29	280224	----a-w-	c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2013-06-06 1641896]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2013-04-23 311152]
"KiesPDLR"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2013-06-11 844168]
"GoogleChromeAutoLaunch_2224EFB454677649883A81667BB74C2F"="c:\users\Maxim\AppData\Local\Google\Chrome\Application\chrome.exe" [2013-05-29 825808]
"KiesPreload"="c:\program files (x86)\Samsung\Kies\Kies.exe" [2013-04-23 1561968]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2011-06-21 341360]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-10-25 343168]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2011-12-04 291096]
"Hotkey Utility"="c:\program files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe" [2012-02-07 636520]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-05-07 345312]
"Sweetpacks Communicator"="c:\program files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe" [2012-08-15 231768]
"Arctosa"="c:\program files (x86)\Razer\Arctosa\razerhid.exe" [2008-10-06 147456]
"Razer Imperator Driver"="c:\program files (x86)\Razer\Imperator\RazerImperatorSysTray.exe" [2012-02-09 979360]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2013-05-15 2255184]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2010-11-21 73216]
.
c:\users\Maxim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.4.1.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2012-8-13 1199104]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
TP-LINK-Konfigurationstool.lnk - c:\program files (x86)\TP-LINK\TP-LINK-Konfigurationstool\TWCU.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 0020681355933756mcinstcleanup;McAfee Application Installer Cleanup (0020681355933756);c:\users\Maxim\AppData\Local\Temp\002068~1.EXE;c:\users\Maxim\AppData\Local\Temp\002068~1.EXE [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 cpuz136;cpuz136;c:\windows\TEMP\cpuz136\cpuz136_x64.sys;c:\windows\TEMP\cpuz136\cpuz136_x64.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys;c:\windows\SYSNATIVE\drivers\dgderdrv.sys [x]
R3 DrvAgent64;DrvAgent64;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS [x]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\SysWOW64\FsUsbExDisk.SYS;c:\windows\SysWOW64\FsUsbExDisk.SYS [x]
R3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe;c:\program files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys;c:\windows\SYSNATIVE\Drivers\TFsExDisk.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDVDisk.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [x]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe;c:\program files (x86)\Acer\Registration\GREGsvc.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 IBUpdaterService;IBUpdaterService;c:\windows\system32\dmwu.exe;c:\windows\SYSNATIVE\dmwu.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 athur;Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athurx.sys;c:\windows\SYSNATIVE\DRIVERS\athurx.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2013-06-11 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-06 12:56]
.
2013-06-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-17 17:02]
.
2013-06-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-17 17:02]
.
2013-06-09 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2876425596-1576428904-3266098967-1000Core.job
- c:\users\Maxim\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-17 17:42]
.
2013-06-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2876425596-1576428904-3266098967-1000UA.job
- c:\users\Maxim\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-17 17:42]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
2013-04-05 18:29	339104	----a-w-	c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://searchfunmoods.com/?f=1&a=orgnl&chnl=&cd=2XzuyEtN2Y1L1Qzu0EzzyEtD0FtBzyyB0A0B0C0Azy0AtBtDtN0D0Tzu0CtAyDyDtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1747522276
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Free YouTube Download - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
IE: {{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Maxim\AppData\Roaming\Mozilla\Firefox\Profiles\mmyhaeko.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxps://www.google.de/
FF - prefs.js: keyword.URL - hxxp://searchfunmoods.com/?f=1&a=orgnl&chnl=&cd=2XzuyEtN2Y1L1Qzu0EzzyEtD0FtBzyyB0A0B0C0Azy0AtBtDtN0D0Tzu0CtAyDyDtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1747522276&q=
FF - user.js: extensions.funmoods.hmpg - true
FF - user.js: extensions.funmoods.hmpgUrl - hxxp://searchfunmoods.com/?f=1&a=orgnl&chnl=&cd=2XzuyEtN2Y1L1Qzu0EzzyEtD0FtBzyyB0A0B0C0Azy0AtBtDtN0D0Tzu0CtAyDyDtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1747522276
FF - user.js: extensions.funmoods.dfltSrch - true
FF - user.js: extensions.funmoods.srchPrvdr - Search
FF - user.js: extensions.funmoods.dnsErr - true
FF - user.js: extensions.funmoods_i.newTab - true
FF - user.js: extensions.funmoods.newTabUrl - hxxp://searchfunmoods.com/?f=2&a=orgnl&chnl=&cd=2XzuyEtN2Y1L1Qzu0EzzyEtD0FtBzyyB0A0B0C0Azy0AtBtDtN0D0Tzu0CtAyDyDtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1747522276
FF - user.js: extensions.funmoods.tlbrSrchUrl - hxxp://searchfunmoods.com/?f=3&a=orgnl&chnl=&cd=2XzuyEtN2Y1L1Qzu0EzzyEtD0FtBzyyB0A0B0C0Azy0AtBtDtN0D0Tzu0CtAyDyDtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1747522276&q=
FF - user.js: extensions.funmoods.id - E840F297ABCA9A20
FF - user.js: extensions.funmoods.instlDay - 15694
FF - user.js: extensions.funmoods.vrsn - 1.5.23.22
FF - user.js: extensions.funmoods.vrsni - 1.5.23.22
FF - user.js: extensions.funmoods_i.vrsnTs - 1.5.23.2213:54
FF - user.js: extensions.funmoods.prtnrId - funmoods
FF - user.js: extensions.funmoods.prdct - funmoods
FF - user.js: extensions.funmoods.aflt - orgnl
FF - user.js: extensions.funmoods_i.smplGrp - none
FF - user.js: extensions.funmoods.tlbrId - base
FF - user.js: extensions.funmoods.instlRef - 
FF - user.js: extensions.funmoods.dfltLng - 
FF - user.js: extensions.funmoods.excTlbr - false
FF - user.js: extensions.funmoods.autoRvrt - false
FF - user.js: extensions.funmoods.envrmnt - production
FF - user.js: extensions.funmoods.isdcmntcmplt - true
FF - user.js: extensions.funmoods.mntrvrsn - 1.3.0
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{5786d022-540e-4699-b350-b4be0ae94b79} - (no file)
BHO-{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - c:\program files (x86)\Funmoods\1.5.23.22\bh\escort.dll
Toolbar-Locked - (no file)
Toolbar-{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - c:\program files (x86)\Funmoods\1.5.23.22\escorTlbr.dll
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
WebBrowser-{5786D022-540E-4699-B350-B4BE0AE94B79} - (no file)
AddRemove-funmoods - c:\program files (x86)\Funmoods\1.5.23.22\uninstall.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_202.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-06-12  17:45:58
ComboFix-quarantined-files.txt  2013-06-12 15:45
.
Vor Suchlauf: 8 Verzeichnis(se), 338.231.001.088 Bytes frei
Nach Suchlauf: 15 Verzeichnis(se), 339.447.599.104 Bytes frei
.
- - End Of File - - E0AAA09135D55C2AE3B394A3216EDE76
D41D8CD98F00B204E9800998ECF8427E
         

Alt 12.06.2013, 17:51   #11
markusg
/// Malware-holic
 
hat perion network ltd mit einem virus zu tun? - Standard

hat perion network ltd mit einem virus zu tun?



Hi,
malwarebytes:
Downloade Dir bitte Malwarebytes
  • Installiere
    das Programm in den vorgegebenen Pfad.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Starte Malwarebytes, klicke auf Aktualisierung --> Suche
    nach Aktualisierung
  • Wenn das Update beendet wurde, aktiviere vollständiger Scan durchführen und drücke auf Scannen.
  • Wenn der Scan beendet
    ist, klicke auf Ergebnisse anzeigen.
  • Versichere Dich, dass alle Funde markiert sind und drücke Entferne Auswahl.
  • Poste
    das Logfile, welches sich in Notepad öffnet, hier in den Thread.
  • Nachträglich kannst du den Bericht unter "Log Dateien" finden.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 12.06.2013, 18:32   #12
kripa01
 
hat perion network ltd mit einem virus zu tun? - Standard

hat perion network ltd mit einem virus zu tun?



Hallo,
Code:
ATTFilter
 Malwarebytes Anti-Malware  (Test) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.06.12.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16576
Maxim :: MAXIM-PC [Administrator]

Schutz: Aktiviert

12.06.2013 18:56:50
mbam-log-2013-06-12 (18-56-50).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|Q:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 379711
Laufzeit: 24 Minute(n), 37 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 24
HKCR\CLSID\{75A4D144-506D-4BE5-81DB-EC7DA1E7F840} (PUP.Funmoods) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\TypeLib\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706} (PUP.Funmoods) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\esrv.funmoodsESrvc.1 (PUP.Funmoods) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\esrv.funmoodsESrvc (PUP.Funmoods) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} (PUP.FunMoods) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} (PUP.FunMoods) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{965B9DBE-B104-44AC-950A-8A5F97AFF439} (PUP.Funmoods) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\escort.escortIEPane.1 (PUP.Funmoods) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\escort.escortIEPane (PUP.Funmoods) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} (PUP.Funmoods) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{A9DB719C-7156-415E-B49D-BAD039DE4F13} (PUP.Funmoods) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} (PUP.Funmoods) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\funmoodsApp.appCore.1 (PUP.Funmoods) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\funmoodsApp.appCore (PUP.Funmoods) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CLSID\{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9} (PUP.Funmoods) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\f (PUP.Funmoods) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\Typelib\{1D085C0A-E4F4-4F66-BDBF-4BE51015BFC3} (PUP.Funmoods) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191} (PUP.Funmoods) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C87FC351-A80D-43E9-9A86-CF1E29DC443A} (PUP.Funmoods) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\Software\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh (PUP.Funmoods) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\Software\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj (PUP.FunMoods) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh (PUP.Funmoods) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj (PUP.FunMoods) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SYSTEM\CurrentControlSet\Services\IBUpdaterService (PUP.InstallBrain) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 3
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} (PUP.Funmoods) -> Daten: Funmoods Toolbar -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} (PUP.Funmoods) -> Daten:  -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs|Tabs (PUP.FunMoods) -> Daten: hxxp://searchfunmoods.com/?f=2&a=orgnl&chnl=&cd=2XzuyEtN2Y1L1Qzu0EzzyEtD0FtBzyyB0A0B0C0Azy0AtBtDtN0D0Tzu0CtAyDyDtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1747522276 -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateiobjekte der Registrierung: 1
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (Hijack.StartPage) -> Bösartig: (hxxp://searchfunmoods.com/?f=1&a=orgnl&chnl=&cd=2XzuyEtN2Y1L1Qzu0EzzyEtD0FtBzyyB0A0B0C0Azy0AtBtDtN0D0Tzu0CtAyDyDtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1747522276) Gut: (hxxp://www.google.com) -> Erfolgreich ersetzt und in Quarantäne gestellt.

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 9
C:\$RECYCLE.BIN\S-1-5-21-2876425596-1576428904-3266098967-1000\$RRL5LV7.zip (Malware.Packer.Krunchy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Qoobox\Quarantine\C\Program Files (x86)\Funmoods\1.5.23.22\escortApp.dll.vir (PUP.FunMoods) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Qoobox\Quarantine\C\Program Files (x86)\Funmoods\1.5.23.22\escortEng.dll.vir (PUP.FunMoods) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Qoobox\Quarantine\C\Program Files (x86)\Funmoods\1.5.23.22\escorTlbr.dll.vir (PUP.FunMoods) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Qoobox\Quarantine\C\Program Files (x86)\Funmoods\1.5.23.22\funmoodssrv.exe.vir (PUP.FunMoods) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Qoobox\Quarantine\C\Program Files (x86)\Funmoods\1.5.23.22\bh\escort.dll.vir (PUP.Funmoods) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Maxim\AppData\Local\Temp\Rar$EXa0.076\sumotori.exe (Malware.Packer.Krunchy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Maxim\AppData\Local\funmoods.crx (PUP.Funmoods) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Maxim\AppData\Local\funmoods-speeddial_sf.crx (PUP.FunMoods) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
         

Alt 12.06.2013, 18:33   #13
markusg
/// Malware-holic
 
hat perion network ltd mit einem virus zu tun? - Standard

hat perion network ltd mit einem virus zu tun?



Hi,


lade den CCleaner standard:
CCleaner - Download - Filepony
falls der CCleaner
bereits instaliert, überspringen.
öffnen, Tools (extras),uninstall Llist, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 13.06.2013, 14:31   #14
kripa01
 
hat perion network ltd mit einem virus zu tun? - Standard

hat perion network ltd mit einem virus zu tun?



Hallo,
Code:
ATTFilter
Ace of Spades		05.03.2013	notwendig	
Acer eRecovery Management	Acer Incorporated	06.03.2012		5.00.3507 notwendig
Acer Registration	Acer Incorporated	08.12.2012		1.04.3506 notwendig
Acer ScreenSaver	Acer Incorporated	08.12.2012		1.1.0609.2011 notwendig
Acer Updater	Acer Incorporated	06.03.2012		1.02.3501 notwendig
Adobe AIR	Adobe Systems Incorporated	11.06.2013		3.7.0.2090 notwendig
Adobe Flash Player 11 ActiveX	Adobe Systems Incorporated	12.06.2013	6,00MB	11.7.700.224 notwendig
Adobe Flash Player 11 Plugin	Adobe Systems Incorporated	12.06.2013	6,00MB	11.7.700.224 notwendig
Adobe Reader X (10.1.7) MUI	Adobe Systems Incorporated	16.05.2013	481MB	10.1.7 notwendig
AMD Catalyst Install Manager	Advanced Micro Devices, Inc.	20.12.2012	26,2MB	8.0.873.0 notwendig
Ashampoo Burning Studio 2012 v.10.0.15	Ashampoo GmbH & Co. KG	17.12.2012	143MB	10.0.15 unnötig
Audacity 2.0.3	Audacity Team	21.03.2013	44,1MB	2.0.3 notwendig
Avira Free Antivirus	Avira	07.05.2013	129MB	13.0.0.3640 notwendig
CCleaner	Piriform	24.05.2013		4.02 
DmC Devil May Cry		30.03.2013 notwendig		
Free YouTube Download version 3.2.1.320	DVDVideoSoft Ltd.	06.04.2013	70,6MB	3.2.1.320 notwendig
Free YouTube to MP3 Converter version 3.12.1.320	DVDVideoSoft Ltd.	06.04.2013	77,2MB	3.12.1.320 notwendig
Funmoods		20.12.2012 VIRUS!	
Futuremark SystemInfo	Futuremark Corporation	10.05.2013		4.17.0 unnötig
Google Chrome	Google Inc.	17.12.2012		27.0.1453.110 notwendig
Google Earth	Google	17.12.2012	173MB	7.0.2.8415 notwendig
Grand Theft Auto: San Andreas	Rockstar	29.03.2013 notwendig	
Hell Yeah!		18.04.2013 notwendig	
Hotkey Utility	Acer Incorporated	09.12.2012		2.05.3510 notwendig
IB Updater Service		02.06.2013		3.0.5.4 unbekannt
Identity Card	Acer Incorporated	08.12.2012		1.00.3501 notwendig
Intel(R) Control Center	Intel Corporation	09.12.2012		1.2.1.1007 notwendig
Intel(R) Management Engine Components	Intel Corporation	09.12.2012		8.0.2.1410 notwendig
Intel(R) Rapid Storage Technology	Intel Corporation	09.12.2012		11.0.0.1032 notwendig
Intel(R) USB 3.0 eXtensible Host Controller Driver	Intel Corporation	09.12.2012 		1.0.0.199 notwendig
Intel® Trusted Connect Service Client	Intel Corporation	09.12.2012	10,6MB	1.23.605.1 notwendig
Java 7 Update 21	Oracle	12.03.2013	129MB	7.0.210 notwendig
LogMeIn Hamachi	LogMeIn, Inc.	24.05.2013		2.1.0.362 notwendig
Malwarebytes Anti-Malware Version 1.75.0.1300	Malwarebytes Corporation	12.06.2013	19,2MB	1.75.0.1300
Mass Effect 2	BioWare	17.05.2013 notwendig	
Microsoft .NET Framework 4 Client Profile	Microsoft Corporation	17.12.2012	38,8MB	4.0.30319 notwendig
Microsoft .NET Framework 4 Client Profile DEU Language Pack	Microsoft Corporation	17.12.2012	2,93MB	4.0.30319 notwendig
Microsoft .NET Framework 4 Extended	Microsoft Corporation	17.12.2012	51,9MB	4.0.30319 notwendig
Microsoft .NET Framework 4 Extended DEU Language Pack	Microsoft Corporation	17.12.2012	10,6MB	4.0.30319 notwendig
Microsoft Office 2010	Microsoft Corporation	09.12.2012	6,31MB	14.0.4763.1000 notwendig
Microsoft Office Klick-und-Los 2010	Microsoft Corporation	21.12.2012		14.0.4763.1000 notwendig
Microsoft Office Starter 2010 - Deutsch	Microsoft Corporation	21.12.2012		14.0.5139.5005 notwendig
Microsoft Silverlight	Microsoft Corporation	13.03.2013	50,6MB	5.1.20125.0 notwendig
Microsoft SQL Server 2005 Compact Edition [ENU]	Microsoft Corporation	06.03.2012	1,69MB	3.1.0000 notwendig
Microsoft Visual C++ 2005 Redistributable	Microsoft Corporation	17.12.2012	300KB	8.0.56336 notwendig
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17	Microsoft Corporation	22.12.2012	252KB	9.0.30729 notwendig
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161	Microsoft Corporation	17.12.2012	788KB	9.0.30729.6161 notwendig
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022	Microsoft Corporation	28.03.2013	1,41MB	9.0.21022 notwendig
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17	Microsoft Corporation	06.03.2012	596KB	9.0.30729 notwendig
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148	Microsoft Corporation	06.03.2012	592KB	9.0.30729.4148 notwendig
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161	Microsoft Corporation	17.12.2012	600KB	9.0.30729.6161 notwendig
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319	Microsoft Corporation	02.06.2013	13,7MB	10.0.30319 notwendig
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219	Microsoft Corporation	21.12.2012	12,2MB	10.0.40219 notwendig
Microsoft XNA Framework Redistributable 3.1	Microsoft Corporation	22.03.2013	7,55MB	3.1.10527.0 notwendig
Microsoft XNA Framework Redistributable 4.0 Refresh	Microsoft Corporation	24.04.2013	8,03MB	4.0.30901.0 notwendig
Microsoft_VC100_CRT_x64	Microsoft	17.12.2012	1,35MB	1.0.0 notwendig
Mirror's Edge	DICE	10.04.2013 notwendig		
Mozilla Firefox 18.0.1 (x86 de)	Mozilla	25.02.2013	43,2MB	18.0.1 notwendig
Mozilla Maintenance Service	Mozilla	17.05.2013	331KB	17.0.6 notwendig
Mozilla Thunderbird 17.0.6 (x86 de)	Mozilla	17.05.2013	41,9MB	17.0.6 notwendig
Mp3tag v2.55a	Florian Heidenreich	11.06.2013		v2.55a notwendig
MSXML 4.0 SP2 (KB954430)	Microsoft Corporation	21.12.2012	1,27MB	4.20.9870.0 notwendig
MSXML 4.0 SP2 (KB973688)	Microsoft Corporation	21.12.2012	1,33MB	4.20.9876.0 notwendig
MyFreeCodec		11.06.2013 unbekannt		
MyWinLocker Suite	Egis Technology Inc.	06.03.2012	2,63MB	4.0.14.18 notwendig
Need for Speed: Undercover	EA Black Box	04.03.2013 notwendig		
Nero DiscSpeed 10	Nero AG	06.03.2012	7,21MB	6.4.10500.1.100 unbekannt
Nero Express 10	Nero AG	06.03.2012	165MB	10.6.10700.5.100 unbekannt
Nero Multimedia Suite 10 Essentials	Nero AG	06.03.2012	373MB	10.6.10300 unbekannt
Nero StartSmart 10	Nero AG	06.03.2012	143MB	10.6.10600.4.100 unbekannt
Nexus Mod Manager	Black Tree Gaming	07.05.2013	14,0MB	0.44.11 notwendig
NVIDIA PhysX v8.10.17	NVIDIA Corporation	12.04.2013	119MB	8.10.17 notwendig
OpenAL		24.02.2013 unbekannt		
OpenOffice.org 3.4.1	Apache Software Foundation	17.12.2012	331MB	3.41.9593 notwendig
PlayReady PC Runtime amd64	Microsoft Corporation	09.12.2012	2,05MB	1.3.0 notwendig
PlayReady PC Runtime x86	Microsoft Corporation	09.12.2012	1,65MB	1.3.0 notwendig
Portal 2	Valve	19.04.2013 notwendig		
Razer Arctosa	Razer USA Ltd.	21.12.2012		1.00.0000 notwendig
Razer Imperator	Razer USA Ltd.	21.12.2012	14,6MB	2.02.00 notwendig
Samsung Kies	Samsung Electronics Co., Ltd.	21.12.2012	184MB	2.0.1.11053_99 notwendig
SAMSUNG USB Driver for Mobile Phones	SAMSUNG Electronics Co., Ltd.	11.06.2013	47,4MB	1.5.23.0 notwendig
simfy	simfy AG	13.04.2013		1.7.3 notwendig
Skype™ 6.3	Skype Technologies S.A.	17.05.2013	21,1MB	6.3.107 notwendig
Spore	Maxis	12.03.2013 notwendig		
Spore: Creepy & Cute Parts Pack	Maxis	12.03.2013 notwendig		
Steam	Valve Corporation	17.12.2012	1,77MB	1.0.0.0 notwendig
SweetPacks bundle uninstaller	SweetIM Technologies Ltd.	19.12.2012	2,46MB	1.0.0000 VIRUS!
System Requirements Lab CYRI	Husdawg, LLC	17.12.2012	579KB	5.0.6.0 unnötig
TeamSpeak 3 Client	TeamSpeak Systems GmbH	10.05.2013		3.0.10.1 notwendig
The Elder Scrolls V: Skyrim	Bethesda Game Studios	24.12.2012 notwendig		
Torchlight II		06.04.2013 notwendig		
TP-LINK TL-WN821N_WN822N Treiber	TP-LINK	17.12.2012		1.2.1 notwendig
TP-LINK-Konfigurationstool	TP-LINK	17.12.2012		1.2.1 notwendig
Transformers: Fall of Cybertron		21.05.2013 notwendig		
Update Manager for SweetPacks 1.1	SweetIM Technologies Ltd.	19.12.2012	2,76MB	1.1.0008 VIRUS!
Welcome Center	Acer Incorporated	08.12.2012		1.02.3507 notwendig
Windows Live Essentials	Microsoft Corporation	06.03.2012		15.4.3538.0513 notwendig
WinRAR 4.20 (64-Bit)	win.rar GmbH	30.01.2013		4.20.0 notwendig
         

Alt 13.06.2013, 18:45   #15
markusg
/// Malware-holic
 
hat perion network ltd mit einem virus zu tun? - Standard

hat perion network ltd mit einem virus zu tun?



deinstaliere:
Adobe Flash Player alle
Adobe - Adobe Flash Player installieren
neueste version laden, instalieren.
adobe reader:
Adobe - Adobe Reader herunterladen - Alle Versionen
haken bei mcafee security scan raus nehmen
bitte auch mal den adobe reader wie folgt konfigurieren:
adobe reader öffnen, bearbeiten, voreinstellungen.
allgemein:
nur zertifizierte zusatz module verwenden, anhaken.
Sicherheit (erweitert)
Erweiterte Sicherheit anhaken
und alle Dateien auswählen.
internet:
hier sollte alles deaktiviert werden, es ist sehr unsicher pdfs automatisch zu öffnen, zu downloaden etc.
es ist immer besser diese direkt abzuspeichern da man nur so die kontrolle hat was auf dem pc vor geht.
bei javascript den haken bei java script verwenden raus nehmen
bei updater, automatisch instalieren wählen.
übernehmen /ok

deinstaliere:
Ashampoo
Funmoods
Futuremark
IB Updater
Nero : alle, falls nich verwendet
SweetPacks
Update Manager

Öffne CCleaner, analysieren, starten, pc neustarten
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Antwort

Themen zu hat perion network ltd mit einem virus zu tun?
beiträge, besser, computer, diverse, entferne, entfernen, fenster, foren, frage, fragt, gen, hierbei, interne, internet, klicke, klicken, network, neu, perion network ltd, problem, schlau, starte, virus, warscheinlich, Änderungen, öffnet



Ähnliche Themen: hat perion network ltd mit einem virus zu tun?


  1. Problem mit wssetup Perion Network
    Plagegeister aller Art und deren Bekämpfung - 12.07.2013 (24)
  2. Hier kommt schon wieder einer mit Perion Network / mssetup - Problem
    Plagegeister aller Art und deren Bekämpfung - 05.07.2013 (35)
  3. "wssetup.exe Perion Network Ltd." bei PC start
    Plagegeister aller Art und deren Bekämpfung - 04.07.2013 (31)
  4. wssetup.exe von Perion Network Ltd.
    Log-Analyse und Auswertung - 03.07.2013 (12)
  5. wssetup.exe von Perion Network Ltd. - OTL Log File bereits erstellt
    Log-Analyse und Auswertung - 21.06.2013 (5)
  6. wssetup.exe von Perion Network Ltd. fragt nach jedem Hochfahren des Computers nach Bestätigung
    Plagegeister aller Art und deren Bekämpfung - 20.06.2013 (10)
  7. wssetup von Perion Network Ltd. versucht auf meinen Computer zuzugreifen
    Plagegeister aller Art und deren Bekämpfung - 17.06.2013 (7)
  8. wssetup von perion network ltd kommt immer nach Start des PC
    Plagegeister aller Art und deren Bekämpfung - 16.06.2013 (7)
  9. Perion Network - wssetup.exe
    Plagegeister aller Art und deren Bekämpfung - 15.06.2013 (7)
  10. Perion Network
    Plagegeister aller Art und deren Bekämpfung - 15.06.2013 (1)
  11. wssetup.exe Perion Network Ltd.
    Plagegeister aller Art und deren Bekämpfung - 14.06.2013 (7)
  12. wssetup.exe Perion Network Ltd. - Hilfe, ich will das los werden!
    Log-Analyse und Auswertung - 14.06.2013 (3)
  13. Hab ich mir was eingefangen? wssetup.exe Perion Network Ltd.
    Log-Analyse und Auswertung - 11.06.2013 (10)
  14. nach booten soll wssetup.exe (Hersteller Perion Network Ltd.) installiert werden
    Plagegeister aller Art und deren Bekämpfung - 11.06.2013 (15)
  15. Probleme mit wssetup.exe Perion Network Ltd.
    Log-Analyse und Auswertung - 08.06.2013 (9)
  16. wssetup.exe Perion Network Ltd.
    Plagegeister aller Art und deren Bekämpfung - 08.06.2013 (11)
  17. Habe mir wohl was eingefangen! wssetup.exe Perion Network Ltd.
    Plagegeister aller Art und deren Bekämpfung - 06.06.2013 (15)

Zum Thema hat perion network ltd mit einem virus zu tun? - hallo, jedes Mal wenn ich meinen PC neu starte, öffnet sich ein Fenster in dem Perion Network Ltd fragt, ob Änderungen am Computer vorgenommen werden dürfen. Ich war mir nicht - hat perion network ltd mit einem virus zu tun?...
Archiv
Du betrachtest: hat perion network ltd mit einem virus zu tun? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.