Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Problem mit wssetup Perion Network

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 13.06.2013, 23:19   #1
Martinek
 
Problem mit wssetup Perion Network - Standard

Problem mit wssetup Perion Network



Hallo und guten Morgen,

seit ca. 3 Wochen bekomme ich beim Start die Meldung das wssetup.exe installiert werden will.
Habe das bisher immer abgelehnt aber es nervt langsam. Wie kann ich das beheben?

Ich habe im Voraus schon OTL laufen lassen und hier sind die logs:

OTL.txt:
Code:
ATTFilter
OTL logfile created on: 13.06.2013 23:54:40 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\***\Desktop
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16614)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,97 Gb Total Physical Memory | 1,58 Gb Available Physical Memory | 53,25% Memory free
5,93 Gb Paging File | 4,32 Gb Available in Paging File | 72,80% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 172,79 Gb Total Space | 130,64 Gb Free Space | 75,60% Space Free | Partition Type: NTFS
Drive D: | 292,97 Gb Total Space | 205,82 Gb Free Space | 70,25% Space Free | Partition Type: NTFS
Drive E: | 1,16 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
 
Computer Name: THESEUS | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\***\Desktop\OTL.exe (OldTimer Tools)
PRC - c:\Programme\McAfee\SiteAdvisor\saUI.exe (McAfee, Inc.)
PRC - C:\Programme\Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Firefox\plugin-container.exe (Mozilla Corporation)
PRC - C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Windows\System32\mfevtps.exe (McAfee, Inc.)
PRC - C:\Programme\Common Files\Mcafee\SystemCore\mfefire.exe (McAfee, Inc.)
PRC - C:\Programme\Sony\VAIO Update\VUAgent.exe (Sony Corporation)
PRC - C:\Programme\Sony\VAIO Update\VAIOUpdt.exe (Sony Corporation)
PRC - C:\Programme\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
PRC - C:\Programme\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
PRC - C:\Programme\McAfee\MSC\McAPExe.exe (McAfee, Inc.)
PRC - C:\Programme\Common Files\Mcafee\AMCore\mcshield.exe (McAfee, Inc.)
PRC - C:\Programme\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)
PRC - C:\Programme\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
PRC - C:\Programme\RealNetworks\RealDownloader\rndlresolversvc.exe ()
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Programme\Common Files\Mcafee\Platform\McUICnt.exe (McAfee, Inc.)
PRC - C:\Programme\Common Files\Mcafee\Platform\Core\mchost.exe (McAfee, Inc.)
PRC - C:\Programme\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
PRC - C:\Programme\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.)
PRC - C:\Programme\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
PRC - C:\Programme\Common Files\logishrd\LVMVFM\UMVPFSrv.exe (Logitech Inc.)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\Saitek\SD6\Software\SaiMfd.exe (Saitek)
PRC - C:\Programme\Saitek\SD6\Software\ProfilerU.exe (Saitek)
PRC - C:\Programme\McAfee Online Backup\MOBKbackup.exe (McAfee, Inc.)
PRC - C:\Windows\System32\atieclxx.exe (AMD)
PRC - C:\Windows\System32\atiesrxx.exe (AMD)
PRC - C:\Windows\System32\CNAC4RPK.EXE (CANON INC.)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Programme\Firefox\mozjs.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\3c2ed368e1f3889997dfb42a5ca77284\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\af525b4bec3b9941b7be8ffbf813da80\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\30e3a21202000677d0a9270572251477\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7eac0dbe9aa20b55e37235f8ee030e6b\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\716959df79685a1eae0fc14275a32b0f\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\764f15e86c82662e977bd418bd6318c1\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\78967b28f748b8807eaa97c1cb454adc\WindowsFormsIntegration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7d20811a7ce7cc589153648cbb1ce5c\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll ()
MOD - C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll ()
MOD - C:\Programme\Notepad++\NppShell_04.dll ()
MOD - C:\Programme\WinRAR\RarExt.dll ()
MOD - C:\Programme\ATI Technologies\ATI.ACE\Branding\Branding.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_de_31bf3856ad364e35\PresentationFramework.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (mfevtp) -- C:\Windows\System32\mfevtps.exe (McAfee, Inc.)
SRV - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe ()
SRV - (VUAgent) -- C:\Programme\Sony\VAIO Update\VUAgent.exe (Sony Corporation)
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (MSK80Service) -- C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McProxy) -- C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (mcpltsvc) -- C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McNaiAnn) -- C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McMPFSvc) -- C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (HomeNetSvc) -- C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (McODS) -- C:\Programme\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (mfecore) -- C:\Programme\Common Files\Mcafee\AMCore\mcshield.exe (McAfee, Inc.)
SRV - (McComponentHostService) -- C:\Programme\McAfee Security Scan\3.0.318\McCHSvc.exe (McAfee, Inc.)
SRV - (RealNetworks Downloader Resolver Service) -- C:\Programme\RealNetworks\RealDownloader\rndlresolversvc.exe ()
SRV - (McAfee SiteAdvisor Service) -- C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV - (UMVPFSrv) -- C:\Programme\Common Files\logishrd\LVMVFM\UMVPFSrv.exe (Logitech Inc.)
SRV - (odserv) -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (wlidsvc) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (MOBKbackup) -- C:\Programme\McAfee Online Backup\MOBKbackup.exe (McAfee, Inc.)
SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (cfwids) -- C:\Windows\System32\drivers\cfwids.sys (McAfee, Inc.)
DRV - (mfewfpk) -- C:\Windows\System32\drivers\mfewfpk.sys (McAfee, Inc.)
DRV - (mfehidk) -- C:\Windows\System32\drivers\mfehidk.sys (McAfee, Inc.)
DRV - (mfefirek) -- C:\Windows\System32\drivers\mfefirek.sys (McAfee, Inc.)
DRV - (mfebopk) -- C:\Windows\System32\drivers\mfebopk.sys (McAfee, Inc.)
DRV - (mfeavfk) -- C:\Windows\System32\drivers\mfeavfk.sys (McAfee, Inc.)
DRV - (mfeapfk) -- C:\Windows\System32\drivers\mfeapfk.sys (McAfee, Inc.)
DRV - (mfencrk) -- C:\Windows\System32\drivers\mfencrk.sys (McAfee, Inc.)
DRV - (mfencbdc) -- C:\Windows\System32\drivers\mfencbdc.sys (McAfee, Inc.)
DRV - (RdpVideoMiniport) -- C:\Windows\System32\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV - (TsUsbGD) -- C:\Windows\System32\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (SSHDRV76) -- C:\Windows\System32\drivers\SSHDRV76.sys ()
DRV - (HipShieldK) -- C:\Windows\System32\drivers\HipShieldK.sys (McAfee, Inc.)
DRV - (LVUVC) -- C:\Windows\System32\drivers\lvuvc.sys (Logitech Inc.)
DRV - (LVRS) -- C:\Windows\System32\drivers\lvrs.sys (Logitech Inc.)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (SaiNtBus) -- C:\Windows\System32\drivers\SaiBus.sys (Saitek)
DRV - (SaiMini) -- C:\Windows\System32\drivers\SaiMini.sys (Saitek)
DRV - (SaiK0836) -- C:\Windows\System32\drivers\SaiK0836.sys (Saitek)
DRV - (MOBKFilter) -- C:\Windows\System32\drivers\MOBK.sys (Mozy, Inc.)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)
DRV - (yukonw7) -- C:\Windows\System32\drivers\yk62x86.sys (Marvell)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (SFEP) -- C:\Windows\System32\drivers\SFEP.sys (Sony Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-379556155-911974017-2871762651-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-379556155-911974017-2871762651-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKU\S-1-5-21-379556155-911974017-2871762651-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 92 A3 5C FE C0 F0 CD 01  [binary data]
IE - HKU\S-1-5-21-379556155-911974017-2871762651-1000\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
IE - HKU\S-1-5-21-379556155-911974017-2871762651-1000\..\SearchScopes,DefaultScope = {080BC3F9-B303-4217-B7B2-8CC17CBA9240}
IE - HKU\S-1-5-21-379556155-911974017-2871762651-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKU\S-1-5-21-379556155-911974017-2871762651-1000\..\SearchScopes\{080BC3F9-B303-4217-B7B2-8CC17CBA9240}: "URL" = hxxp://de.search.yahoo.com/search?fr=mcafee&p={SearchTerms}
IE - HKU\S-1-5-21-379556155-911974017-2871762651-1000\..\SearchScopes\{AFC2003D-6F44-4DA5-AEF4-38FAEA91689D}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^U3&apn_dtid=^OSJ000^YY^DE&apn_uid=98A16DE5-141B-48BC-89B8-A39D7A795CB9&apn_sauid=A0AA8B91-DF02-4285-B272-8E5D67203863
IE - HKU\S-1-5-21-379556155-911974017-2871762651-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Sichere Suche"
FF - prefs.js..browser.search.order.1: "Sichere Suche"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "www.t-online.de"
FF - prefs.js..extensions.enabledAddons: %7B4ED1F68A-5463-4931-9384-8FFF5ED91D92%7D:3.6.2
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - prefs.js..keyword.URL: "hxxp://de.search.yahoo.com/search?fr=mcafee&p="
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.0.282: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.0.282: C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\***\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2013.06.07 23:24:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{34712C68-7391-4c47-94F3-8F88D49AD632}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2012.12.29 00:55:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2012.12.29 00:55:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files\Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Firefox\plugins [2013.05.18 23:17:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2013.05.15 20:42:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK [2013.06.04 22:28:10 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files\Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Firefox\plugins [2013.05.18 23:17:49 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2013.05.15 20:42:24 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
 
[2011.11.15 00:22:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions
[2013.05.09 15:55:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\dfmor2bm.default\extensions
[2013.05.09 15:55:22 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\dfmor2bm.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.02.23 19:46:57 | 000,002,403 | ---- | M] () -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\dfmor2bm.default\searchplugins\askcom.xml
[2012.10.29 22:26:10 | 000,003,915 | ---- | M] () -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\dfmor2bm.default\searchplugins\sweetim.xml
[2013.06.07 23:24:44 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES\MCAFEE\SITEADVISOR
 
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Programme\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKU\S-1-5-21-379556155-911974017-2871762651-1000\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [mcpltui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [ProfilerU] C:\Programme\Saitek\SD6\Software\ProfilerU.exe (Saitek)
O4 - HKLM..\Run: [SaiMfd] C:\Programme\Saitek\SD6\Software\SaiMfd.exe (Saitek)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SweetIM] C:\Programme\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [Sweetpacks Communicator] C:\Programme\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 10.17.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{71A527C9-A78F-4CF0-9884-A3362E5E6AB1}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F1813C5F-D8CB-4CC3-9C8D-C30889154739}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Programme\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2011.12.14 21:25:31 | 000,000,044 | R--- | M] () - E:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{4be601aa-0f0a-11e1-b0bd-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{4be601aa-0f0a-11e1-b0bd-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Setup.exe -- [2011.12.14 21:25:32 | 000,345,896 | R--- | M] (Valve Corporation)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.06.13 23:23:07 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
[2013.06.13 23:14:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2013.06.12 23:03:09 | 002,706,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013.06.12 23:03:09 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013.06.12 22:56:17 | 002,877,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013.06.12 22:56:16 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2013.06.12 22:56:16 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013.06.12 22:56:15 | 000,493,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013.06.12 22:56:15 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2013.06.12 22:56:15 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2013.06.12 22:56:14 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2013.06.12 22:56:14 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2013.06.12 22:55:03 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cryptdlg.dll
[2013.06.12 22:54:39 | 000,903,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certutil.exe
[2013.06.12 22:54:38 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\certenc.dll
[2013.06.12 22:54:18 | 003,968,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2013.06.12 22:54:18 | 003,913,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2013.06.12 22:54:13 | 001,505,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll
[2013.06.08 00:53:44 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Unity
[2013.06.07 23:44:50 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Unity
[2013.05.18 23:17:44 | 000,000,000 | ---D | C] -- C:\Program Files\Firefox
[2013.05.15 20:42:24 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Thunderbird
[1 C:\Users\***\Desktop\*.tmp files -> C:\Users\***\Desktop\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.06.13 23:45:15 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.06.13 23:24:53 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
[2013.06.13 23:14:03 | 000,001,861 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Center.lnk
[2013.06.13 23:00:14 | 000,021,840 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.06.13 23:00:14 | 000,021,840 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.06.13 22:58:28 | 000,697,082 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.06.13 22:58:28 | 000,652,360 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.06.13 22:58:28 | 000,148,346 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.06.13 22:58:28 | 000,121,292 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.06.13 22:51:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.06.13 22:51:36 | 2389,991,424 | -HS- | M] () -- C:\hiberfil.sys
[2013.06.12 00:45:09 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013.06.12 00:45:09 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013.06.08 13:40:02 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013.06.08 13:13:19 | 002,706,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013.06.02 23:19:34 | 003,971,347 | ---- | M] () -- C:\Users\***\Desktop\Wasserparameter_FAQ.pdf
[2013.05.17 03:26:04 | 000,042,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2013.05.17 03:25:33 | 000,493,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013.05.17 03:25:27 | 002,877,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013.05.17 03:25:27 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013.05.17 03:25:26 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2013.05.17 03:25:26 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2013.05.17 03:25:26 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2013.05.15 20:23:22 | 000,327,368 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[1 C:\Users\***\Desktop\*.tmp files -> C:\Users\***\Desktop\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.06.12 00:02:21 | 000,001,158 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk
[2013.06.02 23:19:33 | 003,971,347 | ---- | C] () -- C:\Users\***\Desktop\Wasserparameter_FAQ.pdf
[2013.01.10 21:50:45 | 000,010,495 | ---- | C] () -- C:\Users\***\MPLATHE_elster_2048.pfx
[2012.07.01 10:59:00 | 000,007,597 | ---- | C] () -- C:\Users\***\AppData\Local\Resmon.ResmonCfg
[2012.06.14 22:08:26 | 000,053,760 | ---- | C] () -- C:\Windows\System32\drivers\SSHDRV76.sys
[2012.06.14 21:22:05 | 000,007,168 | ---- | C] () -- C:\Users\***\.recently-used.xbel
[2012.04.15 12:02:45 | 001,257,984 | ---- | C] () -- C:\Windows\System32\SaiC0836.Dll
[2012.04.15 12:02:45 | 000,008,192 | ---- | C] () -- C:\Windows\System32\SaiC0836_0C.dll
[2012.04.15 12:02:45 | 000,007,680 | ---- | C] () -- C:\Windows\System32\SaiC0836_10.dll
[2012.04.15 12:02:45 | 000,007,680 | ---- | C] () -- C:\Windows\System32\SaiC0836_0A.dll
[2012.04.15 12:02:45 | 000,007,680 | ---- | C] () -- C:\Windows\System32\SaiC0836_07.dll
[2012.04.15 12:02:45 | 000,007,168 | ---- | C] () -- C:\Windows\System32\SaiC0836_19.dll
[2012.04.15 12:02:45 | 000,007,168 | ---- | C] () -- C:\Windows\System32\SaiC0836_09.dll
[2012.04.15 12:02:45 | 000,007,168 | ---- | C] () -- C:\Windows\System32\SaiC0836_05.dll
[2012.04.15 12:02:45 | 000,006,656 | ---- | C] () -- C:\Windows\System32\SaiC0836_0402.dll
[2012.04.15 12:02:45 | 000,005,120 | ---- | C] () -- C:\Windows\System32\SaiC0836_11.dll
[2012.04.15 12:02:45 | 000,004,608 | ---- | C] () -- C:\Windows\System32\SaiC0836_12.dll
[2012.02.22 22:37:48 | 000,000,067 | ---- | C] () -- C:\Users\***\.gtk-bookmarks
[2012.01.18 07:44:00 | 010,920,984 | ---- | C] () -- C:\Windows\System32\LogiDPP.dll
[2012.01.18 07:44:00 | 000,336,408 | ---- | C] () -- C:\Windows\System32\DevManagerCore.dll
[2012.01.18 07:44:00 | 000,104,472 | ---- | C] () -- C:\Windows\System32\LogiDPPApp.exe
[2012.01.18 07:22:54 | 000,028,418 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2012.01.07 14:08:58 | 000,000,001 | ---- | C] () -- C:\Windows\System32\SI.bin
[2011.11.14 23:50:21 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.10.25 22:21:48 | 000,056,832 | ---- | C] () -- C:\Windows\System32\OpenVideo.dll
[2011.10.25 22:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\System32\OVDecoder.dll
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 23:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2013.02.23 15:40:24 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Firaxis
[2012.06.12 21:50:02 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\gtk-2.0
[2012.06.09 22:39:38 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Kalypso Media
[2012.04.28 22:49:45 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Notepad++
[2011.11.15 21:40:19 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Thunderbird
[2012.07.19 22:02:46 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TS3Client
[2012.04.03 21:14:32 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ts3overlay
[2013.06.08 00:53:44 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Unity
[2012.04.19 22:07:36 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\wargaming.net
 
========== Purity Check ==========
 
 

< End of report >
         
und hier die Extras.txt:
Code:
ATTFilter
OTL Extras logfile created on: 13.06.2013 23:54:40 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\***\Desktop
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16614)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,97 Gb Total Physical Memory | 1,58 Gb Available Physical Memory | 53,25% Memory free
5,93 Gb Paging File | 4,32 Gb Available in Paging File | 72,80% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 172,79 Gb Total Space | 130,64 Gb Free Space | 75,60% Space Free | Partition Type: NTFS
Drive D: | 292,97 Gb Total Space | 205,82 Gb Free Space | 70,25% Space Free | Partition Type: NTFS
Drive E: | 1,16 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
 
Computer Name: THESEUS | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-379556155-911974017-2871762651-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{047578E3-FD90-40E3-8322-15F375A12E1E}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{0D8EC35A-48ED-450E-A593-B1160D1D65BE}" = lport=139 | protocol=6 | dir=in | app=system | 
"{0E66D132-C2DD-4AE4-BFDB-892330B2C60C}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{1ABCB9FB-0BAE-43B5-9B84-7604C77E3442}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{241404C0-427D-43FE-834E-17F6998AF511}" = rport=137 | protocol=17 | dir=out | app=system | 
"{247F9E94-7091-4FAE-B25D-B0F082DA40A4}" = rport=139 | protocol=6 | dir=out | app=system | 
"{2A748E04-3B6C-410A-9828-BBF3258E07BE}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{2E3A8DD2-4825-40A1-8E1E-9E80FDF86792}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{32E77889-E3A8-46A5-8E6E-B21874C1BD44}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{37BA7636-BFA8-477E-9D9D-DBE59E9F75AE}" = rport=138 | protocol=17 | dir=out | app=system | 
"{3B73B7D0-F0E7-4727-A2BD-E8651B384F46}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{48F09685-B280-46C9-A51E-E50C4E4D53F1}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{57DF3CD7-B869-4756-8E6B-8AB56E21CF7E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{71F01EFA-416E-4144-A7E0-8D59B878D084}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{7386F8FE-B480-4FE8-A46E-4240CD9907F9}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{77230255-315D-4502-816C-5A7D241BD38E}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{8873BE98-2231-4294-A354-1A2B706E7086}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{88CA3A4F-E1EE-4876-ACC0-FBE687D27498}" = rport=445 | protocol=6 | dir=out | app=system | 
"{8C55A10B-2A12-4B9E-B860-F2762FE3F361}" = lport=445 | protocol=6 | dir=in | app=system | 
"{9128D010-3F4D-46B2-A835-86119302022A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{9FA0D5DC-A41C-424D-8EE2-3B03A9040BEC}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{A6488BA6-AF9C-4479-B3DF-A1C084E2C159}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{BC43A7DC-896A-442B-9817-3E4C8A547B4D}" = lport=138 | protocol=17 | dir=in | app=system | 
"{D96476F2-A915-44AD-A641-E0669C1CA56D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{EF8CAECA-A2FA-4EB5-A742-88C3B5D364E6}" = lport=137 | protocol=17 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{10ED9F71-5824-4A3D-9D93-FE8D17D3D54F}" = protocol=6 | dir=in | app=d:\steamscheiss\steamapps\common\sid meier's civilization v\launcher.exe | 
"{10F5A63B-24BF-43CD-A555-4E2437BEF3DA}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{1615CD30-47CE-4098-9A24-B8985A460BC4}" = protocol=17 | dir=in | app=d:\steamscheiss\steamapps\common\sid meier's civilization v\launcher.exe | 
"{18B0BDA8-57DA-4D44-B440-2FDA25E94CC0}" = protocol=17 | dir=in | app=d:\steamscheiss\steamapps\common\sid meier's civilization v sdk\sid meier's civilization v sdk.exe | 
"{20E0DC4B-ECAC-47E5-B42F-2C63063C558E}" = protocol=6 | dir=in | app=d:\spiele\colonization\colonization.exe | 
"{2C6A1D79-8C34-463E-B791-349519983281}" = protocol=6 | dir=out | app=system | 
"{2E489351-5E54-49C8-B25D-D372FD672EBC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{2E8ED053-9AFC-434D-BD5F-6771A02DF5B7}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe | 
"{386DA190-3E68-4CE7-B2B7-7FC9FBDD30F8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{3B64AEDD-8382-4A2F-87F0-B3411086D440}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{3C0F4880-8C33-4102-8BD8-A9A555DAA987}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe | 
"{430BE9EB-64D1-4B19-B324-FE384415B1DB}" = protocol=6 | dir=in | app=d:\steamscheiss\steamapps\common\sid meier's civilization v sdk\sid meier's civilization v sdk.exe | 
"{486824E7-92FC-4DCD-92AC-D2C139B634E7}" = protocol=17 | dir=in | app=d:\spiele\colonization\colonization.exe | 
"{4A34CFBC-25F8-46CB-A3B4-3402F5158802}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | 
"{4AF5C763-DE40-4704-B46D-3FE56D912077}" = protocol=17 | dir=in | app=c:\windows\system32\msiexec.exe | 
"{4B1B1ECC-BCB7-47DF-BEEB-D767016B9435}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{4E185E9C-14D0-46E6-85C3-FE6DDC774F2F}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe | 
"{63C3100B-5913-4B12-91FE-0845F7179E59}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{7238AA30-94D3-4B4E-9AF2-DE5AE57C4448}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{7CDA8EF6-696F-4E19-847C-CDE21DC74109}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{8BDD77B6-7754-49F0-AB55-C83CA79A080D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{A766FA33-7555-44CB-8A07-901875EB8F3A}" = protocol=6 | dir=in | app=c:\windows\system32\msiexec.exe | 
"{A8CAF932-A086-41AC-A789-35E73AC4DE2C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{AD6CFAE0-8574-494A-94F1-5AA796574B91}" = protocol=17 | dir=in | app=d:\steamscheiss\steam.exe | 
"{B427DF04-719E-4C2A-83FE-8B4DD5503198}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{B50662A5-8EA6-4D13-8619-9BFC291296FD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{C03CFB98-5191-43C4-A942-2B17F4CA13A7}" = protocol=6 | dir=in | app=c:\windows\system32\cnac4rpk.exe | 
"{C2C302AF-D8D9-4BB9-9CD8-F905D024C726}" = protocol=17 | dir=in | app=c:\windows\system32\cnac4rpk.exe | 
"{C54BB269-E0E9-4AAD-912E-0F0CA98D2F73}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{C6F96043-CE87-4C1F-8A3A-90A6A9E6B0F8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{CF5F56C9-FA1B-489B-89C1-39B22972C7EF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{D4A2C669-CED3-412C-BAD2-E0A36C053C78}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{D6C351AE-5BC8-450C-889D-7EE73D0A71D3}" = protocol=6 | dir=in | app=d:\steamscheiss\steam.exe | 
"{DB7BCDB8-3212-45B7-937F-16A483370BD0}" = protocol=17 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe | 
"{E5080E0E-70F7-4320-A350-6F9632CEC4AE}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{EAF633DE-B6D5-4ADF-A391-F0CB44481290}" = protocol=6 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe | 
"{EF3F0F9B-FDD3-4824-B083-D50074264200}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{FD502A27-B463-474B-BBF0-BE392B1E2D75}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe | 
"TCP Query User{A835BE44-3DDB-437D-B3B9-12D3FB46E240}D:\spiele\panzer corps\update.exe" = protocol=6 | dir=in | app=d:\spiele\panzer corps\update.exe | 
"UDP Query User{9DF2871F-B6AC-4FF2-8B96-BC3FB83FADBD}D:\spiele\panzer corps\update.exe" = protocol=17 | dir=in | app=d:\spiele\panzer corps\update.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{011BF729-0369-EF59-4294-11D022AE3538}" = AMD Catalyst Install Manager
"{021B87E2-8DBA-4CFD-8762-9D9F5AE65CF7}" = CCC Help Turkish
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{04E24CF0-7DC9-4398-4BAF-E12CCA48A1D2}" = CCC Help Thai
"{077BE218-2ABA-364C-14FE-96DD8CB7289A}" = CCC Help Italian
"{07FE063B-89F4-2397-006E-FB9F12E19894}" = CCC Help Greek
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0E33EC53-22CE-426C-A88B-2AAC231BAC85}" = Catalyst Control Center - Branding
"{10ABE49D-343A-463E-9753-C4C5A05ECEF9}" = Sibelius Scorch (Firefox, Opera, Netscape only)
"{1945A4B5-73B6-4DE9-99A3-05261B7FDED0}" = Shared C Run-time for x86
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1" = World of Tanks v.0.6.7
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C813}_is1" = World of Warplanes
"{1EBDD301-BEDE-78A5-D2A7-51DA367B70A8}" = CCC Help German
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{20071984-5EB1-4881-8EDB-082532ACEC6D}" = Heroes of Might and Magic V
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{25D080C2-19A4-427D-A12A-979D674B57F8}}_is1" = Hearts of Iron III Collection Version 3.05
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java(TM) 6 Update 35
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 21
"{27C467F8-F8EF-4f68-BD72-D63632B2096C}" = McAfee Online Backup
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2B95476F-D50B-4105-B3E0-056BB4830F17}_is1" = DMP_Panzercorps_Mod_3.0_Speech_Sound_Mod_by_Puma
"{35FE995E-5A31-D005-0303-8D9FBBD4B67B}" = Catalyst Control Center Graphics Previews Common
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{42714156-8501-4B44-9CD9-1E101915EACD}" = Smart Technology Programming Software 7.0.1.12
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{4FC206D1-6287-440D-8F84-ED26E32FDD56}_is1" = Panzer Corps DMP Afrika Korps Add-on
"{57BB52B7-6B7B-31F3-89F4-4EE8FE5CEF6D}" = Microsoft Help Viewer 1.1
"{5AB7D739-1735-3A9E-BE73-C43507CB4E6F}" = Microsoft Visual Studio 2010 Service Pack 1
"{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}" = Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219
"{650F6AF5-D09E-457B-AE96-A0E19DB61AF4}_is1" = DMP_Panzercorps_Mod_2.0
"{66FF4C48-0083-4E60-8556-B883AB200091}" = Heroes of Might & Magic V: Hammers of Fate
"{66FF4C48-0083-4E60-8556-B883AB200092}" = Heroes of Might and Magic V - Tribes of the East
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7683B745-6060-41FD-AA75-0BBB383FEAD4}" = SweetIM for Messenger 3.7
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{7C404084-C5A6-42FF-B731-0BAC79A6E134}" = VAIO Original Funktion Einstellungen
"{7C54986D-B318-0985-DD1D-C0446895390C}" = ccc-utility
"{7E5FFC5E-5A7F-864A-2E0D-0B234ED7B14F}" = Catalyst Control Center InstallProxy
"{806139DE-75ED-B576-51AB-697B45EDEF24}" = CCC Help Hungarian
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C02917D-EEB1-31B8-C955-DEA61D698D18}" = CCC Help Dutch
"{8CFD25B4-490E-F871-0AF0-45F720E9AB89}" = CCC Help Russian
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{911B75B5-136D-4EC1-96A2-DEE6A5A1FA60}" = CCC Help Swedish
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95229EF6-F4A1-413A-BA50-668311FAFE19}" = VAIO Original Function Settings
"{987AE03F-234A-3623-BD28-6B31FD1D3AB3}" = Microsoft Visual Studio 2010 Shell (Isolated) - DEU
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D12A8B5-9D41-4465-BF11-70719EB0CD02}" = VU5x86
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}" = VAIO Update
"{A0FE0292-D3BE-3447-80F2-72E032A54875}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
"{AC4C38FD-A54C-4CA5-92EE-D983CD81293E}" = Microsoft Xbox 360 Accessories 1.2
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.7) - Deutsch
"{AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}" = RealDownloader
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B231624B-699F-6459-F9A4-4A31CB40E35C}" = CCC Help Czech
"{B538BBC3-68C9-98F6-487F-D7592879213E}" = CCC Help Danish
"{B73F4ACE-A7F2-8FC6-D0DA-2E4E42E1DDE2}" = CCC Help Spanish
"{B7C2FEB0-8236-CABE-8CB1-C1A689CF8117}" = CCC Help Polish
"{B7F4467D-DCA0-0DC0-873F-50AA58865E74}" = CCC Help Portuguese
"{BFE49A01-A5FC-64EF-FB43-B1A79E612625}" = CCC Help Chinese Traditional
"{C025595B-A217-7317-65D8-CE7D304FCD30}" = Catalyst Control Center
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}" = Internet Explorer Toolbar 4.6 by SweetPacks
"{C496ED25-F3EC-0CBC-37DB-B31C6E6592C9}" = Application Profiles
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C668416A-9213-4058-B7F2-01A42D85559D}" = Microsoft SQL Server System CLR Types
"{C83CD843-260E-3BD0-86BC-4E613BFDDE0A}" = Microsoft Help Viewer 1.1 Language Pack - DEU
"{C911A0C2-2236-3164-AA47-F2566C01AE5E}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{C962D875-A53E-835A-7DD8-229FCB96D115}" = CCC Help Korean
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF4FD64F-D60A-4FE0-9BC0-94DF17E82A3B}_is1" = Panzer_Corps_DMP_Afrika_Korps_Hotfix_1-1
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{CFF4500E-C5D6-695D-A027-B3D4DDED2CC3}" = McAfee Online Backup
"{D0DDA799-7C8D-4A5A-9F2B-E08B026D2EC8}_is1" = DMP Panzercorps Mod 1.0
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D5AFB7E8-D81F-F57F-4D43-EC95E49425FE}" = Catalyst Control Center Localization All
"{D6E74CE8-23BF-F60F-60E2-11D92654C35C}" = CCC Help Japanese
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E21D6DB6-6DAB-3A63-8C09-CB6606D7403B}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU
"{E9089B6A-1FDE-47F3-8D29-175F5B7A0722}" = Microsoft SQL Server 2008 R2 Management Objects
"{EA2D24B9-F8F9-B430-60AA-2931165390E4}" = CCC Help French
"{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}" = Update Manager for SweetPacks 1.1
"{ED54F892-C128-7AF9-5428-A57B014B0314}" = CCC Help Norwegian
"{EF36A836-BF89-4A4F-B079-057B0C68C1E0}" = Sid Meier's Civilization IV Colonization
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F14F6129-0E6C-1224-2CDF-C869C8F261A7}" = CCC Help Chinese Standard
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F76C09F9-C367-6FB9-4965-A26211D094FC}" = CCC Help English
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FAB9CB0B-9A7C-1960-F4AB-DF4AE61CAE01}" = CCC Help Finnish
"5513-1208-7298-9440" = JDownloader 0.9
"5513-1208-7298-9440-1" = JDownloader 0.9
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Canon LBP5000" = Canon LBP5000
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"McAfee Security Scan" = McAfee Security Scan Plus
"MegaTrainer eXperience_is1" = MegaTrainer eXperience V1.1.4.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Microsoft Help Viewer 1.1" = Microsoft Help Viewer 1.1
"Microsoft Help Viewer 1.1 Language Pack - DEU" = Microsoft Help Viewer 1.1 Language Pack - DEU
"Microsoft Visual Studio 2010 Service Pack 1" = Microsoft Visual Studio 2010 Service Pack 1
"Microsoft Visual Studio 2010 Tools for Office Runtime (x86)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
"Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU" = Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU
"Mozilla Firefox 21.0 (x86 de)" = Mozilla Firefox 21.0 (x86 de)
"Mozilla Thunderbird 17.0.6 (x86 de)" = Mozilla Thunderbird 17.0.6 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSC" = McAfee SecurityCenter
"Notepad++" = Notepad++
"Panzer Corps1.00" = Panzer Corps
"RealPlayer 16.0" = RealPlayer
"Steam App 16830" = Sid Meier's Civilization V SDK
"Steam App 8930" = Sid Meier's Civilization V
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Wildlife Park 3_is1" = Wildlife Park 3 v1.0
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.01 (32-Bit)
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-379556155-911974017-2871762651-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"UnityWebPlayer" = Unity Web Player
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 10.06.2013 17:55:27 | Computer Name = Theseus | Source = WinMgmt | ID = 10
Description = 
 
Error - 10.06.2013 17:56:00 | Computer Name = Theseus | Source = VSS | ID = 8194
Description = 
 
Error - 11.06.2013 17:10:19 | Computer Name = Theseus | Source = WinMgmt | ID = 10
Description = 
 
Error - 11.06.2013 17:10:51 | Computer Name = Theseus | Source = VSS | ID = 8194
Description = 
 
Error - 11.06.2013 18:47:10 | Computer Name = Theseus | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Microsoft
 Visual Studio 10.0\Common7\Packages\Debugger\X64\msvsmon.exe".  Die abhängige Assemblierung
 "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 11.06.2013 18:50:47 | Computer Name = Theseus | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}\recordingmanager.exe".
Die
 abhängige Assemblierung "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 12.06.2013 16:06:21 | Computer Name = Theseus | Source = WinMgmt | ID = 10
Description = 
 
Error - 12.06.2013 16:06:54 | Computer Name = Theseus | Source = VSS | ID = 8194
Description = 
 
Error - 13.06.2013 16:53:32 | Computer Name = Theseus | Source = WinMgmt | ID = 10
Description = 
 
Error - 13.06.2013 16:54:31 | Computer Name = Theseus | Source = VSS | ID = 8194
Description = 
 
[ System Events ]
Error - 07.06.2013 17:24:50 | Computer Name = Theseus | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
 
Error - 08.06.2013 16:26:45 | Computer Name = Theseus | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
 
Error - 09.06.2013 15:12:59 | Computer Name = Theseus | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
 
Error - 10.06.2013 14:44:43 | Computer Name = Theseus | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
 
Error - 10.06.2013 17:53:40 | Computer Name = Theseus | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
 
Error - 11.06.2013 17:08:30 | Computer Name = Theseus | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
 
Error - 11.06.2013 19:00:51 | Computer Name = Theseus | Source = DCOM | ID = 10010
Description = 
 
Error - 12.06.2013 16:04:33 | Computer Name = Theseus | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
 
Error - 13.06.2013 16:51:41 | Computer Name = Theseus | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
 
Error - 13.06.2013 17:12:01 | Computer Name = Theseus | Source = DCOM | ID = 10010
Description = 
 
 
< End of report >
         
Danke schon mal für Eure Hilfe!

Beste Grüße,
Martin

Alt 14.06.2013, 00:31   #2
markusg
/// Malware-holic
 
Problem mit wssetup Perion Network - Standard

Problem mit wssetup Perion Network



Hi,
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________

__________________

Alt 14.06.2013, 21:19   #3
Martinek
 
Problem mit wssetup Perion Network - Standard

Problem mit wssetup Perion Network



Hi und vielen Dank für deine Hilfe.
Hier der Log der TDSKiller:
Code:
ATTFilter
22:14:38.0235 5276  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
22:14:39.0015 5276  ============================================================
22:14:39.0015 5276  Current date / time: 2013/06/14 22:14:39.0015
22:14:39.0015 5276  SystemInfo:
22:14:39.0015 5276  
22:14:39.0015 5276  OS Version: 6.1.7601 ServicePack: 1.0
22:14:39.0015 5276  Product type: Workstation
22:14:39.0015 5276  ComputerName: THESEUS
22:14:39.0015 5276  UserName: ***
22:14:39.0015 5276  Windows directory: C:\Windows
22:14:39.0015 5276  System windows directory: C:\Windows
22:14:39.0015 5276  Processor architecture: Intel x86
22:14:39.0015 5276  Number of processors: 2
22:14:39.0015 5276  Page size: 0x1000
22:14:39.0015 5276  Boot type: Normal boot
22:14:39.0015 5276  ============================================================
22:14:40.0248 5276  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
22:14:40.0263 5276  ============================================================
22:14:40.0263 5276  \Device\Harddisk0\DR0:
22:14:40.0263 5276  MBR partitions:
22:14:40.0263 5276  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x15995000
22:14:40.0263 5276  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x15995800, BlocksNum 0x249F0000
22:14:40.0263 5276  ============================================================
22:14:40.0263 5276  C: <-> \Device\Harddisk0\DR0\Partition1
22:14:40.0310 5276  D: <-> \Device\Harddisk0\DR0\Partition2
22:14:40.0310 5276  ============================================================
22:14:40.0310 5276  Initialize success
22:14:40.0310 5276  ============================================================
22:15:34.0645 3992  ============================================================
22:15:34.0645 3992  Scan started
22:15:34.0645 3992  Mode: Manual; SigCheck; TDLFS; 
22:15:34.0645 3992  ============================================================
22:15:35.0518 3992  ================ Scan system memory ========================
22:15:35.0518 3992  System memory - ok
22:15:35.0518 3992  ================ Scan services =============================
22:15:35.0690 3992  [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
22:15:35.0846 3992  1394ohci - ok
22:15:35.0877 3992  [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
22:15:35.0924 3992  ACPI - ok
22:15:35.0971 3992  [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
22:15:36.0033 3992  AcpiPmi - ok
22:15:36.0158 3992  [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
22:15:36.0220 3992  AdobeARMservice - ok
22:15:36.0314 3992  [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
22:15:36.0392 3992  AdobeFlashPlayerUpdateSvc - ok
22:15:36.0423 3992  [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
22:15:36.0486 3992  adp94xx - ok
22:15:36.0517 3992  [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
22:15:36.0564 3992  adpahci - ok
22:15:36.0579 3992  [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
22:15:36.0642 3992  adpu320 - ok
22:15:36.0688 3992  [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
22:15:36.0766 3992  AeLookupSvc - ok
22:15:36.0829 3992  [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD             C:\Windows\system32\drivers\afd.sys
22:15:36.0891 3992  AFD - ok
22:15:36.0907 3992  [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440          C:\Windows\system32\drivers\agp440.sys
22:15:36.0954 3992  agp440 - ok
22:15:37.0016 3992  [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
22:15:37.0063 3992  aic78xx - ok
22:15:37.0078 3992  [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG             C:\Windows\System32\alg.exe
22:15:37.0156 3992  ALG - ok
22:15:37.0172 3992  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide          C:\Windows\system32\drivers\aliide.sys
22:15:37.0219 3992  aliide - ok
22:15:37.0250 3992  [ 6887351BF7ADAFEB7A324CAE6AAFE598 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
22:15:37.0312 3992  AMD External Events Utility - ok
22:15:37.0328 3992  [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
22:15:37.0375 3992  amdagp - ok
22:15:37.0390 3992  [ CD5914170297126B6266860198D1D4F0 ] amdide          C:\Windows\system32\drivers\amdide.sys
22:15:37.0437 3992  amdide - ok
22:15:37.0484 3992  [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
22:15:37.0531 3992  AmdK8 - ok
22:15:37.0546 3992  [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
22:15:37.0609 3992  AmdPPM - ok
22:15:37.0640 3992  [ D320BF87125326F996D4904FE24300FC ] amdsata         C:\Windows\system32\drivers\amdsata.sys
22:15:37.0687 3992  amdsata - ok
22:15:37.0702 3992  [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
22:15:37.0765 3992  amdsbs - ok
22:15:37.0780 3992  [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
22:15:37.0827 3992  amdxata - ok
22:15:37.0858 3992  [ AEA177F783E20150ACE5383EE368DA19 ] AppID           C:\Windows\system32\drivers\appid.sys
22:15:37.0936 3992  AppID - ok
22:15:37.0968 3992  [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
22:15:38.0046 3992  AppIDSvc - ok
22:15:38.0092 3992  [ EACFDF31921F51C097629F1F3C9129B4 ] Appinfo         C:\Windows\System32\appinfo.dll
22:15:38.0186 3992  Appinfo - ok
22:15:38.0202 3992  [ 2932004F49677BD84DBC72EDB754FFB3 ] arc             C:\Windows\system32\drivers\arc.sys
22:15:38.0311 3992  arc - ok
22:15:38.0326 3992  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
22:15:38.0451 3992  arcsas - ok
22:15:38.0560 3992  [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
22:15:38.0623 3992  aspnet_state - ok
22:15:38.0670 3992  [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
22:15:38.0732 3992  AsyncMac - ok
22:15:38.0763 3992  [ 338C86357871C167A96AB976519BF59E ] atapi           C:\Windows\system32\drivers\atapi.sys
22:15:38.0810 3992  atapi - ok
22:15:38.0872 3992  [ 76BAB0C824E2D05B940C4DD40A9B08BF ] athr            C:\Windows\system32\DRIVERS\athr.sys
22:15:38.0950 3992  athr - ok
22:15:39.0106 3992  [ BCB9CF3B087DD15A8F33A149296E6183 ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
22:15:39.0247 3992  atikmdag - ok
22:15:39.0294 3992  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:15:39.0372 3992  AudioEndpointBuilder - ok
22:15:39.0387 3992  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
22:15:39.0450 3992  Audiosrv - ok
22:15:39.0481 3992  [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
22:15:39.0543 3992  AxInstSV - ok
22:15:39.0606 3992  [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv         C:\Windows\system32\drivers\bxvbdx.sys
22:15:39.0684 3992  b06bdrv - ok
22:15:39.0746 3992  [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
22:15:39.0793 3992  b57nd60x - ok
22:15:39.0840 3992  [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC          C:\Windows\System32\bdesvc.dll
22:15:39.0902 3992  BDESVC - ok
22:15:39.0918 3992  [ 505506526A9D467307B3C393DEDAF858 ] Beep            C:\Windows\system32\drivers\Beep.sys
22:15:39.0996 3992  Beep - ok
22:15:40.0027 3992  [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE             C:\Windows\System32\bfe.dll
22:15:40.0136 3992  BFE - ok
22:15:40.0167 3992  [ E585445D5021971FAE10393F0F1C3961 ] BITS            C:\Windows\System32\qmgr.dll
22:15:40.0245 3992  BITS - ok
22:15:40.0261 3992  [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
22:15:40.0339 3992  blbdrive - ok
22:15:40.0370 3992  [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
22:15:40.0464 3992  bowser - ok
22:15:40.0495 3992  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
22:15:40.0573 3992  BrFiltLo - ok
22:15:40.0588 3992  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
22:15:40.0666 3992  BrFiltUp - ok
22:15:40.0698 3992  [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser         C:\Windows\System32\browser.dll
22:15:40.0760 3992  Browser - ok
22:15:40.0791 3992  [ 845B8CE732E67F3B4133164868C666EA ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
22:15:40.0854 3992  Brserid - ok
22:15:40.0869 3992  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
22:15:40.0916 3992  BrSerWdm - ok
22:15:40.0932 3992  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
22:15:41.0010 3992  BrUsbMdm - ok
22:15:41.0010 3992  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
22:15:41.0072 3992  BrUsbSer - ok
22:15:41.0088 3992  [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
22:15:41.0181 3992  BTHMODEM - ok
22:15:41.0228 3992  [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv         C:\Windows\system32\bthserv.dll
22:15:41.0306 3992  bthserv - ok
22:15:41.0337 3992  [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
22:15:41.0415 3992  cdfs - ok
22:15:41.0462 3992  [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
22:15:41.0509 3992  cdrom - ok
22:15:41.0540 3992  [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc     C:\Windows\System32\certprop.dll
22:15:41.0618 3992  CertPropSvc - ok
22:15:41.0680 3992  [ 1311AAAC5A27B445FE51400C6F41CEE3 ] cfwids          C:\Windows\system32\drivers\cfwids.sys
22:15:41.0727 3992  cfwids - ok
22:15:41.0758 3992  [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass        C:\Windows\system32\drivers\circlass.sys
22:15:41.0821 3992  circlass - ok
22:15:41.0852 3992  [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS            C:\Windows\system32\CLFS.sys
22:15:41.0899 3992  CLFS - ok
22:15:41.0977 3992  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:15:42.0024 3992  clr_optimization_v2.0.50727_32 - ok
22:15:42.0070 3992  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:15:42.0117 3992  clr_optimization_v4.0.30319_32 - ok
22:15:42.0148 3992  [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
22:15:42.0195 3992  CmBatt - ok
22:15:42.0211 3992  [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
22:15:42.0258 3992  cmdide - ok
22:15:42.0304 3992  [ 42F158036BD4C2FF3122BF142E60E6FD ] CNG             C:\Windows\system32\Drivers\cng.sys
22:15:42.0382 3992  CNG - ok
22:15:42.0414 3992  [ A6023D3823C37043986713F118A89BEE ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
22:15:42.0460 3992  Compbatt - ok
22:15:42.0476 3992  [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
22:15:42.0538 3992  CompositeBus - ok
22:15:42.0570 3992  COMSysApp - ok
22:15:42.0601 3992  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
22:15:42.0648 3992  crcdisk - ok
22:15:42.0694 3992  [ 3897DFF247D9ED0006190349DE264E14 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
22:15:42.0804 3992  CryptSvc - ok
22:15:42.0835 3992  [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch      C:\Windows\system32\rpcss.dll
22:15:42.0913 3992  DcomLaunch - ok
22:15:42.0944 3992  [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc       C:\Windows\System32\defragsvc.dll
22:15:43.0022 3992  defragsvc - ok
22:15:43.0038 3992  [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
22:15:43.0131 3992  DfsC - ok
22:15:43.0178 3992  [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp            C:\Windows\system32\dhcpcore.dll
22:15:43.0240 3992  Dhcp - ok
22:15:43.0272 3992  [ 1A050B0274BFB3890703D490F330C0DA ] discache        C:\Windows\system32\drivers\discache.sys
22:15:43.0350 3992  discache - ok
22:15:43.0381 3992  [ 565003F326F99802E68CA78F2A68E9FF ] Disk            C:\Windows\system32\drivers\disk.sys
22:15:43.0428 3992  Disk - ok
22:15:43.0459 3992  [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
22:15:43.0521 3992  Dnscache - ok
22:15:43.0552 3992  [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc         C:\Windows\System32\dot3svc.dll
22:15:43.0615 3992  dot3svc - ok
22:15:43.0630 3992  [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS             C:\Windows\system32\dps.dll
22:15:43.0724 3992  DPS - ok
22:15:43.0771 3992  [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
22:15:43.0818 3992  drmkaud - ok
22:15:43.0864 3992  [ 16498EBC04AE9DD07049A8884B205C05 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
22:15:43.0911 3992  DXGKrnl - ok
22:15:43.0942 3992  [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost         C:\Windows\System32\eapsvc.dll
22:15:44.0036 3992  EapHost - ok
22:15:44.0130 3992  [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv           C:\Windows\system32\drivers\evbdx.sys
22:15:44.0254 3992  ebdrv - ok
22:15:44.0286 3992  [ 81951F51E318AECC2D68559E47485CC4 ] EFS             C:\Windows\System32\lsass.exe
22:15:44.0348 3992  EFS - ok
22:15:44.0410 3992  [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
22:15:44.0457 3992  ehRecvr - ok
22:15:44.0488 3992  [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched         C:\Windows\ehome\ehsched.exe
22:15:44.0551 3992  ehSched - ok
22:15:44.0598 3992  [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor         C:\Windows\system32\drivers\elxstor.sys
22:15:44.0644 3992  elxstor - ok
22:15:44.0660 3992  [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
22:15:44.0722 3992  ErrDev - ok
22:15:44.0785 3992  [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem     C:\Windows\system32\es.dll
22:15:44.0863 3992  EventSystem - ok
22:15:44.0878 3992  [ 2DC9108D74081149CC8B651D3A26207F ] exfat           C:\Windows\system32\drivers\exfat.sys
22:15:44.0941 3992  exfat - ok
22:15:44.0972 3992  [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
22:15:45.0034 3992  fastfat - ok
22:15:45.0097 3992  [ 967EA5B213E9984CBE270205DF37755B ] Fax             C:\Windows\system32\fxssvc.exe
22:15:45.0175 3992  Fax - ok
22:15:45.0222 3992  [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc             C:\Windows\system32\drivers\fdc.sys
22:15:45.0268 3992  fdc - ok
22:15:45.0300 3992  [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost         C:\Windows\system32\fdPHost.dll
22:15:45.0378 3992  fdPHost - ok
22:15:45.0393 3992  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub        C:\Windows\system32\fdrespub.dll
22:15:45.0440 3992  FDResPub - ok
22:15:45.0456 3992  [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
22:15:45.0487 3992  FileInfo - ok
22:15:45.0502 3992  [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
22:15:45.0580 3992  Filetrace - ok
22:15:45.0596 3992  [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
22:15:45.0643 3992  flpydisk - ok
22:15:45.0674 3992  [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
22:15:45.0736 3992  FltMgr - ok
22:15:45.0799 3992  [ E12C4928B32ACE04610259647F072635 ] FontCache       C:\Windows\system32\FntCache.dll
22:15:45.0877 3992  FontCache - ok
22:15:45.0908 3992  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
22:15:45.0955 3992  FontCache3.0.0.0 - ok
22:15:45.0970 3992  [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
22:15:46.0017 3992  FsDepends - ok
22:15:46.0048 3992  [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
22:15:46.0095 3992  Fs_Rec - ok
22:15:46.0142 3992  [ E306A24D9694C724FA2491278BF50FDB ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
22:15:46.0189 3992  fvevol - ok
22:15:46.0220 3992  [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
22:15:46.0267 3992  gagp30kx - ok
22:15:46.0314 3992  [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc           C:\Windows\System32\gpsvc.dll
22:15:46.0392 3992  gpsvc - ok
22:15:46.0392 3992  [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
22:15:46.0454 3992  hcw85cir - ok
22:15:46.0501 3992  [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:15:46.0548 3992  HdAudAddService - ok
22:15:46.0563 3992  [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
22:15:46.0610 3992  HDAudBus - ok
22:15:46.0626 3992  [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
22:15:46.0704 3992  HidBatt - ok
22:15:46.0719 3992  [ 89448F40E6DF260C206A193A4683BA78 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
22:15:46.0782 3992  HidBth - ok
22:15:46.0828 3992  [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr           C:\Windows\system32\drivers\hidir.sys
22:15:46.0891 3992  HidIr - ok
22:15:46.0922 3992  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv         C:\Windows\system32\hidserv.dll
22:15:47.0000 3992  hidserv - ok
22:15:47.0031 3992  [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
22:15:47.0078 3992  HidUsb - ok
22:15:47.0156 3992  [ 8F72C4916A288485812745DC5AF873FC ] HipShieldK      C:\Windows\system32\drivers\HipShieldK.sys
22:15:47.0218 3992  HipShieldK - ok
22:15:47.0250 3992  [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc          C:\Windows\system32\kmsvc.dll
22:15:47.0312 3992  hkmsvc - ok
22:15:47.0328 3992  [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:15:47.0374 3992  HomeGroupListener - ok
22:15:47.0406 3992  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:15:47.0452 3992  HomeGroupProvider - ok
22:15:47.0577 3992  [ C966B6448B935E7E025E00561BC47743 ] HomeNetSvc      C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
22:15:47.0624 3992  HomeNetSvc - ok
22:15:47.0671 3992  [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
22:15:47.0702 3992  HpSAMD - ok
22:15:47.0733 3992  [ 871917B07A141BFF43D76D8844D48106 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
22:15:47.0796 3992  HTTP - ok
22:15:47.0842 3992  [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
22:15:47.0874 3992  hwpolicy - ok
22:15:47.0920 3992  [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
22:15:47.0967 3992  i8042prt - ok
22:15:48.0014 3992  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
22:15:48.0061 3992  iaStorV - ok
22:15:48.0123 3992  [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:15:48.0186 3992  idsvc - ok
22:15:48.0232 3992  [ 4173FF5708F3236CF25195FECD742915 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
22:15:48.0264 3992  iirsp - ok
22:15:48.0310 3992  [ F95622F161474511B8D80D6B093AA610 ] IKEEXT          C:\Windows\System32\ikeext.dll
22:15:48.0404 3992  IKEEXT - ok
22:15:48.0420 3992  [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide        C:\Windows\system32\drivers\intelide.sys
22:15:48.0466 3992  intelide - ok
22:15:48.0498 3992  [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
22:15:48.0576 3992  intelppm - ok
22:15:48.0607 3992  [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
22:15:48.0669 3992  IPBusEnum - ok
22:15:48.0685 3992  [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:15:48.0747 3992  IpFilterDriver - ok
22:15:48.0810 3992  [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
22:15:48.0888 3992  iphlpsvc - ok
22:15:48.0919 3992  [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
22:15:48.0966 3992  IPMIDRV - ok
22:15:48.0981 3992  [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
22:15:49.0044 3992  IPNAT - ok
22:15:49.0090 3992  [ 42996CFF20A3084A56017B7902307E9F ] IRENUM          C:\Windows\system32\drivers\irenum.sys
22:15:49.0153 3992  IRENUM - ok
22:15:49.0168 3992  [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
22:15:49.0215 3992  isapnp - ok
22:15:49.0246 3992  [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
22:15:49.0293 3992  iScsiPrt - ok
22:15:49.0309 3992  [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
22:15:49.0371 3992  kbdclass - ok
22:15:49.0387 3992  [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
22:15:49.0449 3992  kbdhid - ok
22:15:49.0465 3992  [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso          C:\Windows\system32\lsass.exe
22:15:49.0512 3992  KeyIso - ok
22:15:49.0558 3992  [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
22:15:49.0605 3992  KSecDD - ok
22:15:49.0636 3992  [ 5FE1ABF1AF591A3458C9CF24ED9A4D35 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
22:15:49.0730 3992  KSecPkg - ok
22:15:49.0777 3992  [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm           C:\Windows\system32\msdtckrm.dll
22:15:49.0839 3992  KtmRm - ok
22:15:49.0886 3992  [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer    C:\Windows\system32\srvsvc.dll
22:15:49.0948 3992  LanmanServer - ok
22:15:49.0995 3992  [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:15:50.0058 3992  LanmanWorkstation - ok
22:15:50.0120 3992  [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
22:15:50.0198 3992  lltdio - ok
22:15:50.0229 3992  [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
22:15:50.0323 3992  lltdsvc - ok
22:15:50.0323 3992  [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts         C:\Windows\System32\lmhsvc.dll
22:15:50.0494 3992  lmhosts - ok
22:15:50.0510 3992  [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
22:15:50.0572 3992  LSI_FC - ok
22:15:50.0588 3992  [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
22:15:50.0713 3992  LSI_SAS - ok
22:15:50.0713 3992  [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
22:15:50.0838 3992  LSI_SAS2 - ok
22:15:50.0853 3992  [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
22:15:50.0947 3992  LSI_SCSI - ok
22:15:50.0978 3992  [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv           C:\Windows\system32\drivers\luafv.sys
22:15:51.0087 3992  luafv - ok
22:15:51.0150 3992  [ ED643E777BA3F7151EF3F0FB6BE4F7F0 ] LVRS            C:\Windows\system32\DRIVERS\lvrs.sys
22:15:51.0259 3992  LVRS - ok
22:15:51.0399 3992  [ 5BC80451109A8DD7F2DDD35BCE2929A3 ] LVUVC           C:\Windows\system32\DRIVERS\lvuvc.sys
22:15:51.0586 3992  LVUVC - ok
22:15:51.0649 3992  [ ECAB006AC6136F1307E140B633CDB8C2 ] McAfee SiteAdvisor Service C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
22:15:51.0696 3992  McAfee SiteAdvisor Service - ok
22:15:51.0774 3992  [ DDCC236009C707761D60E5C76D639176 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe
22:15:51.0930 3992  McComponentHostService - ok
22:15:51.0992 3992  [ C966B6448B935E7E025E00561BC47743 ] McMPFSvc        C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
22:15:52.0117 3992  McMPFSvc - ok
22:15:52.0132 3992  [ C966B6448B935E7E025E00561BC47743 ] McNaiAnn        C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
22:15:52.0164 3992  McNaiAnn - ok
22:15:52.0242 3992  [ 02A1B24273643B3F3542E73C12540599 ] McODS           C:\Program Files\McAfee\VirusScan\mcods.exe
22:15:52.0273 3992  McODS - ok
22:15:52.0304 3992  [ C966B6448B935E7E025E00561BC47743 ] mcpltsvc        C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
22:15:52.0335 3992  mcpltsvc - ok
22:15:52.0382 3992  [ C966B6448B935E7E025E00561BC47743 ] McProxy         C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
22:15:52.0413 3992  McProxy - ok
22:15:52.0460 3992  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
22:15:52.0491 3992  Mcx2Svc - ok
22:15:52.0522 3992  [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas         C:\Windows\system32\drivers\megasas.sys
22:15:52.0585 3992  megasas - ok
22:15:52.0616 3992  [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
22:15:52.0866 3992  MegaSR - ok
22:15:52.0912 3992  [ 0BF2E50CBA6123DDB20718E926031C3B ] mfeapfk         C:\Windows\system32\drivers\mfeapfk.sys
22:15:53.0022 3992  mfeapfk - ok
22:15:53.0068 3992  [ 53B5197B7660B33DABDB17384450AD45 ] mfeavfk         C:\Windows\system32\drivers\mfeavfk.sys
22:15:53.0178 3992  mfeavfk - ok
22:15:53.0224 3992  [ E13A1A37B5ED199333A0B1FFDBE009E2 ] mfebopk         C:\Windows\system32\drivers\mfebopk.sys
22:15:53.0318 3992  mfebopk - ok
22:15:53.0380 3992  [ F83F25652D6B91F15630541429A216B4 ] mfecore         C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
22:15:53.0474 3992  mfecore - ok
22:15:53.0568 3992  [ 9721E7EDB7F47CD9F8D02C9369052630 ] mfefire         C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
22:15:53.0614 3992  mfefire - ok
22:15:53.0661 3992  [ B148A220460F3A4681585AAE0719B491 ] mfefirek        C:\Windows\system32\drivers\mfefirek.sys
22:15:53.0739 3992  mfefirek - ok
22:15:53.0770 3992  [ A6CC801998A0FB33D47460D481A648BE ] mfehidk         C:\Windows\system32\drivers\mfehidk.sys
22:15:53.0880 3992  mfehidk - ok
22:15:53.0926 3992  [ 6B11AC33AF005FF8DF52B23B9491AB5A ] mfencbdc        C:\Windows\system32\DRIVERS\mfencbdc.sys
22:15:53.0989 3992  mfencbdc - ok
22:15:54.0051 3992  [ 87DEB000657A1A0F81789B0154BF28AA ] mfencrk         C:\Windows\system32\DRIVERS\mfencrk.sys
22:15:54.0114 3992  mfencrk - ok
22:15:54.0145 3992  [ D7174549A3B550501C96B49DDF9EDF88 ] mfevtp          C:\Windows\system32\mfevtps.exe
22:15:54.0223 3992  mfevtp - ok
22:15:54.0270 3992  [ F29F47479F3DC603A2573BEF47C00C03 ] mfewfpk         C:\Windows\system32\drivers\mfewfpk.sys
22:15:54.0363 3992  mfewfpk - ok
22:15:54.0410 3992  [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS           C:\Windows\system32\mmcss.dll
22:15:54.0550 3992  MMCSS - ok
22:15:54.0628 3992  [ 35176FA09A0FC58DB630991A81A0BA39 ] MOBKbackup      C:\Program Files\McAfee Online Backup\MOBKbackup.exe
22:15:54.0691 3992  MOBKbackup - ok
22:15:54.0722 3992  [ E896775837A8BCE436348DF460522394 ] MOBKFilter      C:\Windows\system32\DRIVERS\MOBK.sys
22:15:54.0816 3992  MOBKFilter - ok
22:15:54.0831 3992  [ F001861E5700EE84E2D4E52C712F4964 ] Modem           C:\Windows\system32\drivers\modem.sys
22:15:54.0925 3992  Modem - ok
22:15:54.0956 3992  [ 79D10964DE86B292320E9DFE02282A23 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
22:15:55.0081 3992  monitor - ok
22:15:55.0096 3992  [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
22:15:55.0143 3992  mouclass - ok
22:15:55.0143 3992  [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
22:15:55.0221 3992  mouhid - ok
22:15:55.0237 3992  [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
22:15:55.0408 3992  mountmgr - ok
22:15:55.0564 3992  [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
22:15:55.0658 3992  MozillaMaintenance - ok
22:15:55.0720 3992  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio            C:\Windows\system32\drivers\mpio.sys
22:15:55.0830 3992  mpio - ok
22:15:55.0845 3992  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
22:15:55.0986 3992  mpsdrv - ok
22:15:56.0017 3992  [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc          C:\Windows\system32\mpssvc.dll
22:15:56.0126 3992  MpsSvc - ok
22:15:56.0142 3992  [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
22:15:56.0251 3992  MRxDAV - ok
22:15:56.0282 3992  [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
22:15:56.0329 3992  mrxsmb - ok
22:15:56.0344 3992  [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:15:56.0422 3992  mrxsmb10 - ok
22:15:56.0438 3992  [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:15:56.0547 3992  mrxsmb20 - ok
22:15:56.0578 3992  [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci          C:\Windows\system32\drivers\msahci.sys
22:15:56.0672 3992  msahci - ok
22:15:56.0672 3992  [ 55055F8AD8BE27A64C831322A780A228 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
22:15:56.0797 3992  msdsm - ok
22:15:56.0828 3992  [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC           C:\Windows\System32\msdtc.exe
22:15:56.0953 3992  MSDTC - ok
22:15:56.0968 3992  [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs            C:\Windows\system32\drivers\Msfs.sys
22:15:57.0078 3992  Msfs - ok
22:15:57.0093 3992  [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
22:15:57.0202 3992  mshidkmdf - ok
22:15:57.0202 3992  [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
22:15:57.0327 3992  msisadrv - ok
22:15:57.0358 3992  [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
22:15:57.0452 3992  MSiSCSI - ok
22:15:57.0452 3992  msiserver - ok
22:15:57.0514 3992  [ C966B6448B935E7E025E00561BC47743 ] MSK80Service    C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
22:15:57.0577 3992  MSK80Service - ok
22:15:57.0624 3992  [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
22:15:57.0702 3992  MSKSSRV - ok
22:15:57.0733 3992  [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
22:15:57.0904 3992  MSPCLOCK - ok
22:15:57.0904 3992  [ F456E973590D663B1073E9C463B40932 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
22:15:58.0029 3992  MSPQM - ok
22:15:58.0045 3992  [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
22:15:58.0092 3992  MsRPC - ok
22:15:58.0107 3992  [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
22:15:58.0185 3992  mssmbios - ok
22:15:58.0232 3992  [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
22:15:58.0341 3992  MSTEE - ok
22:15:58.0357 3992  [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
22:15:58.0450 3992  MTConfig - ok
22:15:58.0466 3992  [ 159FAD02F64E6381758C990F753BCC80 ] Mup             C:\Windows\system32\Drivers\mup.sys
22:15:58.0544 3992  Mup - ok
22:15:58.0575 3992  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent        C:\Windows\system32\qagentRT.dll
22:15:58.0684 3992  napagent - ok
22:15:58.0716 3992  [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
22:15:58.0809 3992  NativeWifiP - ok
22:15:58.0872 3992  [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS            C:\Windows\system32\drivers\ndis.sys
22:15:58.0965 3992  NDIS - ok
22:15:59.0012 3992  [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
22:15:59.0152 3992  NdisCap - ok
22:15:59.0184 3992  [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
22:15:59.0246 3992  NdisTapi - ok
22:15:59.0262 3992  [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
22:15:59.0402 3992  Ndisuio - ok
22:15:59.0433 3992  [ 38FBE267E7E6983311179230FACB1017 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
22:15:59.0496 3992  NdisWan - ok
22:15:59.0527 3992  [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
22:15:59.0636 3992  NDProxy - ok
22:15:59.0667 3992  [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
22:15:59.0792 3992  NetBIOS - ok
22:15:59.0808 3992  [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
22:15:59.0901 3992  NetBT - ok
22:15:59.0917 3992  [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon        C:\Windows\system32\lsass.exe
22:15:59.0995 3992  Netlogon - ok
22:16:00.0057 3992  [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman          C:\Windows\System32\netman.dll
22:16:00.0198 3992  Netman - ok
22:16:00.0244 3992  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:16:00.0400 3992  NetMsmqActivator - ok
22:16:00.0447 3992  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:16:00.0541 3992  NetPipeActivator - ok
22:16:00.0572 3992  [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm        C:\Windows\System32\netprofm.dll
22:16:00.0697 3992  netprofm - ok
22:16:00.0697 3992  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:16:00.0775 3992  NetTcpActivator - ok
22:16:00.0775 3992  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:16:00.0900 3992  NetTcpPortSharing - ok
22:16:00.0931 3992  [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
22:16:01.0024 3992  nfrd960 - ok
22:16:01.0056 3992  [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc          C:\Windows\System32\nlasvc.dll
22:16:01.0149 3992  NlaSvc - ok
22:16:01.0165 3992  [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
22:16:01.0227 3992  Npfs - ok
22:16:01.0258 3992  [ BA387E955E890C8A88306D9B8D06BF17 ] nsi             C:\Windows\system32\nsisvc.dll
22:16:01.0383 3992  nsi - ok
22:16:01.0399 3992  [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
22:16:01.0508 3992  nsiproxy - ok
22:16:01.0586 3992  [ 5E43D2B0EE64123D4880DFA6626DEFDE ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
22:16:01.0711 3992  Ntfs - ok
22:16:01.0726 3992  [ F9756A98D69098DCA8945D62858A812C ] Null            C:\Windows\system32\drivers\Null.sys
22:16:01.0836 3992  Null - ok
22:16:01.0867 3992  [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
22:16:01.0929 3992  nvraid - ok
22:16:01.0960 3992  [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
22:16:02.0101 3992  nvstor - ok
22:16:02.0132 3992  [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
22:16:02.0210 3992  nv_agp - ok
22:16:02.0319 3992  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
22:16:02.0382 3992  odserv - ok
22:16:02.0428 3992  [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
22:16:02.0553 3992  ohci1394 - ok
22:16:02.0584 3992  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:16:02.0709 3992  ose - ok
22:16:02.0740 3992  [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
22:16:02.0834 3992  p2pimsvc - ok
22:16:02.0865 3992  [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc          C:\Windows\system32\p2psvc.dll
22:16:02.0990 3992  p2psvc - ok
22:16:03.0006 3992  [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport         C:\Windows\system32\drivers\parport.sys
22:16:03.0052 3992  Parport - ok
22:16:03.0099 3992  [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
22:16:03.0224 3992  partmgr - ok
22:16:03.0240 3992  [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
22:16:03.0349 3992  Parvdm - ok
22:16:03.0364 3992  [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc          C:\Windows\System32\pcasvc.dll
22:16:03.0474 3992  PcaSvc - ok
22:16:03.0489 3992  [ 673E55C3498EB970088E812EA820AA8F ] pci             C:\Windows\system32\drivers\pci.sys
22:16:03.0583 3992  pci - ok
22:16:03.0598 3992  [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide          C:\Windows\system32\drivers\pciide.sys
22:16:03.0692 3992  pciide - ok
22:16:03.0708 3992  [ F396431B31693E71E8A80687EF523506 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
22:16:03.0754 3992  pcmcia - ok
22:16:03.0770 3992  [ 250F6B43D2B613172035C6747AEEB19F ] pcw             C:\Windows\system32\drivers\pcw.sys
22:16:03.0879 3992  pcw - ok
22:16:03.0910 3992  [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
22:16:04.0066 3992  PEAUTH - ok
22:16:04.0144 3992  [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla             C:\Windows\system32\pla.dll
22:16:04.0238 3992  pla - ok
22:16:04.0285 3992  [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
22:16:04.0394 3992  PlugPlay - ok
22:16:04.0410 3992  [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
22:16:04.0534 3992  PNRPAutoReg - ok
22:16:04.0566 3992  [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
22:16:04.0628 3992  PNRPsvc - ok
22:16:04.0659 3992  [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
22:16:04.0768 3992  PolicyAgent - ok
22:16:04.0815 3992  [ F87D30E72E03D579A5199CCB3831D6EA ] Power           C:\Windows\system32\umpo.dll
22:16:04.0924 3992  Power - ok
22:16:04.0956 3992  [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
22:16:05.0112 3992  PptpMiniport - ok
22:16:05.0127 3992  [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor       C:\Windows\system32\drivers\processr.sys
22:16:05.0236 3992  Processor - ok
22:16:05.0268 3992  [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc         C:\Windows\system32\profsvc.dll
22:16:05.0346 3992  ProfSvc - ok
22:16:05.0361 3992  [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
22:16:05.0486 3992  ProtectedStorage - ok
22:16:05.0517 3992  [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
22:16:05.0611 3992  Psched - ok
22:16:05.0673 3992  [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
22:16:05.0798 3992  ql2300 - ok
22:16:05.0829 3992  [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
22:16:05.0892 3992  ql40xx - ok
22:16:05.0923 3992  [ 31AC809E7707EB580B2BDB760390765A ] QWAVE           C:\Windows\system32\qwave.dll
22:16:06.0063 3992  QWAVE - ok
22:16:06.0079 3992  [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
22:16:06.0188 3992  QWAVEdrv - ok
22:16:06.0188 3992  [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
22:16:06.0282 3992  RasAcd - ok
22:16:06.0313 3992  [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
22:16:06.0453 3992  RasAgileVpn - ok
22:16:06.0484 3992  [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto         C:\Windows\System32\rasauto.dll
22:16:06.0562 3992  RasAuto - ok
22:16:06.0594 3992  [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
22:16:06.0687 3992  Rasl2tp - ok
22:16:06.0734 3992  [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan          C:\Windows\System32\rasmans.dll
22:16:06.0874 3992  RasMan - ok
22:16:06.0906 3992  [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
22:16:07.0015 3992  RasPppoe - ok
22:16:07.0030 3992  [ 44101F495A83EA6401D886E7FD70096B ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
22:16:07.0124 3992  RasSstp - ok
22:16:07.0155 3992  [ D528BC58A489409BA40334EBF96A311B ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
22:16:07.0264 3992  rdbss - ok
22:16:07.0280 3992  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
22:16:07.0374 3992  rdpbus - ok
22:16:07.0405 3992  [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
22:16:07.0498 3992  RDPCDD - ok
22:16:07.0530 3992  [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
22:16:07.0639 3992  RDPENCDD - ok
22:16:07.0639 3992  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
22:16:07.0732 3992  RDPREFMP - ok
22:16:07.0779 3992  [ 65375DF758CA1872AB7EBBBA457FD5E6 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
22:16:07.0888 3992  RdpVideoMiniport - ok
22:16:07.0935 3992  [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
22:16:07.0998 3992  RDPWD - ok
22:16:08.0044 3992  [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
22:16:08.0122 3992  rdyboost - ok
22:16:08.0216 3992  [ A0FF419B61AE47E26ADF3BB15DB4F2FE ] RealNetworks Downloader Resolver Service C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
22:16:08.0278 3992  RealNetworks Downloader Resolver Service - ok
22:16:08.0310 3992  [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess    C:\Windows\System32\mprdim.dll
22:16:08.0372 3992  RemoteAccess - ok
22:16:08.0419 3992  [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
22:16:08.0481 3992  RemoteRegistry - ok
22:16:08.0512 3992  [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
22:16:08.0700 3992  RpcEptMapper - ok
22:16:08.0731 3992  [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator      C:\Windows\system32\locator.exe
22:16:08.0902 3992  RpcLocator - ok
22:16:08.0934 3992  [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs           C:\Windows\system32\rpcss.dll
22:16:09.0058 3992  RpcSs - ok
22:16:09.0105 3992  [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
22:16:09.0246 3992  rspndr - ok
22:16:09.0277 3992  [ 919C6F81BADC1DEE332FA2AC31CE3165 ] SaiK0836        C:\Windows\system32\DRIVERS\SaiK0836.sys
22:16:09.0355 3992  SaiK0836 - ok
22:16:09.0402 3992  [ C97A9DB5A4C3B255DDD7EC73ADAB39A4 ] SaiMini         C:\Windows\system32\DRIVERS\SaiMini.sys
22:16:09.0417 3992  SaiMini - ok
22:16:09.0464 3992  [ 17CA411F47B8D6C1A6D7C9109D222B42 ] SaiNtBus        C:\Windows\system32\drivers\SaiBus.sys
22:16:09.0495 3992  SaiNtBus - ok
22:16:09.0511 3992  [ 81951F51E318AECC2D68559E47485CC4 ] SamSs           C:\Windows\system32\lsass.exe
22:16:09.0558 3992  SamSs - ok
22:16:09.0589 3992  [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
22:16:09.0714 3992  sbp2port - ok
22:16:09.0760 3992  [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
22:16:09.0870 3992  SCardSvr - ok
22:16:09.0885 3992  [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
22:16:09.0994 3992  scfilter - ok
22:16:10.0010 3992  [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule        C:\Windows\system32\schedsvc.dll
22:16:10.0166 3992  Schedule - ok
22:16:10.0182 3992  [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc     C:\Windows\System32\certprop.dll
22:16:10.0260 3992  SCPolicySvc - ok
22:16:10.0291 3992  [ 0328BE1C7F1CBA23848179F8762E391C ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
22:16:10.0400 3992  sdbus - ok
22:16:10.0431 3992  [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
22:16:10.0525 3992  SDRSVC - ok
22:16:10.0572 3992  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
22:16:10.0681 3992  secdrv - ok
22:16:10.0681 3992  [ A59B3A4442C52060CC7A85293AA3546F ] seclogon        C:\Windows\system32\seclogon.dll
22:16:10.0774 3992  seclogon - ok
22:16:10.0790 3992  [ DCB7FCDCC97F87360F75D77425B81737 ] SENS            C:\Windows\System32\sens.dll
22:16:10.0915 3992  SENS - ok
22:16:10.0930 3992  [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc        C:\Windows\system32\sensrsvc.dll
22:16:11.0071 3992  SensrSvc - ok
22:16:11.0118 3992  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum         C:\Windows\system32\drivers\serenum.sys
22:16:11.0242 3992  Serenum - ok
22:16:11.0274 3992  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial          C:\Windows\system32\drivers\serial.sys
22:16:11.0398 3992  Serial - ok
22:16:11.0414 3992  [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
22:16:11.0492 3992  sermouse - ok
22:16:11.0539 3992  [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv      C:\Windows\system32\sessenv.dll
22:16:11.0632 3992  SessionEnv - ok
22:16:11.0679 3992  [ 8B7C1768D2CDE2E02E09A66563DDFD16 ] SFEP            C:\Windows\system32\DRIVERS\SFEP.sys
22:16:11.0757 3992  SFEP - ok
22:16:11.0773 3992  [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
22:16:11.0866 3992  sffdisk - ok
22:16:11.0866 3992  [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
22:16:11.0976 3992  sffp_mmc - ok
22:16:11.0991 3992  [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
22:16:12.0116 3992  sffp_sd - ok
22:16:12.0147 3992  [ DB96666CC8312EBC45032F30B007A547 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
22:16:12.0241 3992  sfloppy - ok
22:16:12.0288 3992  [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
22:16:12.0397 3992  SharedAccess - ok
22:16:12.0444 3992  [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:16:12.0553 3992  ShellHWDetection - ok
22:16:12.0553 3992  [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp          C:\Windows\system32\drivers\sisagp.sys
22:16:12.0631 3992  sisagp - ok
22:16:12.0662 3992  [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
22:16:12.0724 3992  SiSRaid2 - ok
22:16:12.0740 3992  [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
22:16:12.0849 3992  SiSRaid4 - ok
22:16:12.0896 3992  [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
22:16:12.0927 3992  SkypeUpdate - ok
22:16:12.0958 3992  [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb             C:\Windows\system32\DRIVERS\smb.sys
22:16:13.0114 3992  Smb - ok
22:16:13.0161 3992  [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
22:16:13.0239 3992  SNMPTRAP - ok
22:16:13.0255 3992  [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr           C:\Windows\system32\drivers\spldr.sys
22:16:13.0348 3992  spldr - ok
22:16:13.0395 3992  [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler         C:\Windows\System32\spoolsv.exe
22:16:13.0504 3992  Spooler - ok
22:16:13.0582 3992  [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc          C:\Windows\system32\sppsvc.exe
22:16:13.0754 3992  sppsvc - ok
22:16:13.0770 3992  [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
22:16:13.0816 3992  sppuinotify - ok
22:16:13.0863 3992  [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv             C:\Windows\system32\DRIVERS\srv.sys
22:16:13.0988 3992  srv - ok
22:16:14.0004 3992  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
22:16:14.0113 3992  srv2 - ok
22:16:14.0160 3992  [ E00FDFAFF025E94F9821153750C35A6D ] SrvHsfHDA       C:\Windows\system32\DRIVERS\VSTAZL3.SYS
22:16:14.0222 3992  SrvHsfHDA - ok
22:16:14.0269 3992  [ CEB4E3B6890E1E42DCA6694D9E59E1A0 ] SrvHsfV92       C:\Windows\system32\DRIVERS\VSTDPV3.SYS
22:16:14.0378 3992  SrvHsfV92 - ok
22:16:14.0394 3992  [ BC0C7EA89194C299F051C24119000E17 ] SrvHsfWinac     C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
22:16:14.0487 3992  SrvHsfWinac - ok
22:16:14.0534 3992  [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
22:16:14.0643 3992  srvnet - ok
22:16:14.0690 3992  [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
22:16:14.0830 3992  SSDPSRV - ok
22:16:14.0877 3992  [ EF3504DD32E2EA222BE0CBC9A0895F89 ] SSHDRV76        C:\Windows\system32\drivers\SSHDRV76.sys
22:16:14.0908 3992  SSHDRV76 ( UnsignedFile.Multi.Generic ) - warning
22:16:14.0908 3992  SSHDRV76 - detected UnsignedFile.Multi.Generic (1)
22:16:14.0924 3992  [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
22:16:15.0002 3992  SstpSvc - ok
22:16:15.0033 3992  Steam Client Service - ok
22:16:15.0064 3992  [ DB32D325C192B801DF274BFD12A7E72B ] stexstor        C:\Windows\system32\drivers\stexstor.sys
22:16:15.0127 3992  stexstor - ok
22:16:15.0174 3992  [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc          C:\Windows\System32\wiaservc.dll
22:16:15.0220 3992  StiSvc - ok
22:16:15.0236 3992  [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
22:16:15.0314 3992  swenum - ok
22:16:15.0361 3992  [ A28BD92DF340E57B024BA433165D34D7 ] swprv           C:\Windows\System32\swprv.dll
22:16:15.0564 3992  swprv - ok
22:16:15.0595 3992  [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain         C:\Windows\system32\sysmain.dll
22:16:15.0688 3992  SysMain - ok
22:16:15.0720 3992  [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:16:15.0813 3992  TabletInputService - ok
22:16:15.0829 3992  [ 613BF4820361543956909043A265C6AC ] TapiSrv         C:\Windows\System32\tapisrv.dll
22:16:15.0922 3992  TapiSrv - ok
22:16:15.0938 3992  [ B799D9FDB26111737F58288D8DC172D9 ] TBS             C:\Windows\System32\tbssvc.dll
22:16:16.0047 3992  TBS - ok
22:16:16.0110 3992  [ D32FDAC73FCD76B85389C39BC1087F2A ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
22:16:16.0219 3992  Tcpip - ok
22:16:16.0250 3992  [ D32FDAC73FCD76B85389C39BC1087F2A ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
22:16:16.0359 3992  TCPIP6 - ok
22:16:16.0390 3992  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
22:16:16.0453 3992  tcpipreg - ok
22:16:16.0484 3992  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
22:16:16.0531 3992  TDPIPE - ok
22:16:16.0562 3992  [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
22:16:16.0624 3992  TDTCP - ok
22:16:16.0640 3992  [ B459575348C20E8121D6039DA063C704 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
22:16:16.0687 3992  tdx - ok
22:16:16.0702 3992  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
22:16:16.0796 3992  TermDD - ok
22:16:16.0827 3992  [ 382C804C92811BE57829D8E550A900E2 ] TermService     C:\Windows\System32\termsrv.dll
22:16:16.0936 3992  TermService - ok
22:16:16.0952 3992  [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes          C:\Windows\system32\themeservice.dll
22:16:17.0014 3992  Themes - ok
22:16:17.0030 3992  [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER     C:\Windows\system32\mmcss.dll
22:16:17.0124 3992  THREADORDER - ok
22:16:17.0155 3992  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks          C:\Windows\System32\trkwks.dll
22:16:17.0264 3992  TrkWks - ok
22:16:17.0311 3992  [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:16:17.0451 3992  TrustedInstaller - ok
22:16:17.0467 3992  [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
22:16:17.0560 3992  tssecsrv - ok
22:16:17.0592 3992  [ 9CE253214ACAA5A7D323327D2055EFAA ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
22:16:17.0748 3992  TsUsbFlt - ok
22:16:17.0794 3992  [ 57C527AF84748B5C2F5178C499C0B81F ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
22:16:17.0857 3992  TsUsbGD - ok
22:16:17.0888 3992  [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
22:16:17.0966 3992  tunnel - ok
22:16:17.0982 3992  [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35          C:\Windows\system32\drivers\uagp35.sys
22:16:18.0075 3992  uagp35 - ok
22:16:18.0106 3992  [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
22:16:18.0231 3992  udfs - ok
22:16:18.0262 3992  [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
22:16:18.0387 3992  UI0Detect - ok
22:16:18.0403 3992  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
22:16:18.0465 3992  uliagpkx - ok
22:16:18.0512 3992  [ D295BED4B898F0FD999FCFA9B32B071B ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
22:16:18.0606 3992  umbus - ok
22:16:18.0637 3992  [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass          C:\Windows\system32\drivers\umpass.sys
22:16:18.0730 3992  UmPass - ok
22:16:18.0793 3992  [ 67A95B9D129ED5399E7965CD09CF30E7 ] UMVPFSrv        C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
22:16:18.0933 3992  UMVPFSrv - ok
22:16:18.0964 3992  [ 833FBB672460EFCE8011D262175FAD33 ] upnphost        C:\Windows\System32\upnphost.dll
22:16:19.0089 3992  upnphost - ok
22:16:19.0105 3992  [ 1D9F2BD026E8E2D45033A4DF3F16B78C ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
22:16:19.0167 3992  usbaudio - ok
22:16:19.0198 3992  [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
22:16:19.0230 3992  usbccgp - ok
22:16:19.0276 3992  [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
22:16:19.0339 3992  usbcir - ok
22:16:19.0354 3992  [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
22:16:19.0479 3992  usbehci - ok
22:16:19.0510 3992  [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
22:16:19.0588 3992  usbhub - ok
22:16:19.0604 3992  [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
22:16:19.0698 3992  usbohci - ok
22:16:19.0713 3992  [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
22:16:19.0776 3992  usbprint - ok
22:16:19.0791 3992  [ F991AB9CC6B908DB552166768176896A ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:16:19.0947 3992  USBSTOR - ok
22:16:19.0963 3992  [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
22:16:20.0010 3992  usbuhci - ok
22:16:20.0056 3992  [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
22:16:20.0150 3992  usbvideo - ok
22:16:20.0181 3992  [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms           C:\Windows\System32\uxsms.dll
22:16:20.0306 3992  UxSms - ok
22:16:20.0322 3992  [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc        C:\Windows\system32\lsass.exe
22:16:20.0384 3992  VaultSvc - ok
22:16:20.0415 3992  [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
22:16:20.0540 3992  vdrvroot - ok
22:16:20.0556 3992  [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds             C:\Windows\System32\vds.exe
22:16:20.0665 3992  vds - ok
22:16:20.0712 3992  [ 17C408214EA61696CEC9C66E388B14F3 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
22:16:20.0852 3992  vga - ok
22:16:20.0868 3992  [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave         C:\Windows\System32\drivers\vga.sys
22:16:20.0946 3992  VgaSave - ok
22:16:20.0961 3992  [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
22:16:21.0086 3992  vhdmp - ok
22:16:21.0117 3992  [ C829317A37B4BEA8F39735D4B076E923 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
22:16:21.0148 3992  viaagp - ok
22:16:21.0164 3992  [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
22:16:21.0226 3992  ViaC7 - ok
22:16:21.0242 3992  [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide          C:\Windows\system32\drivers\viaide.sys
22:16:21.0304 3992  viaide - ok
22:16:21.0320 3992  [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
22:16:21.0367 3992  volmgr - ok
22:16:21.0398 3992  [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
22:16:21.0538 3992  volmgrx - ok
22:16:21.0585 3992  [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
22:16:21.0679 3992  volsnap - ok
22:16:21.0694 3992  [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
22:16:21.0819 3992  vsmraid - ok
22:16:21.0866 3992  [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS             C:\Windows\system32\vssvc.exe
22:16:21.0991 3992  VSS - ok
22:16:22.0116 3992  [ 2CF27B4C0419BFA7DFD2C8FF1A4F0D2C ] VUAgent         C:\Program Files\Sony\VAIO Update\VUAgent.exe
22:16:22.0178 3992  VUAgent - ok
22:16:22.0209 3992  [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
22:16:22.0318 3992  vwifibus - ok
22:16:22.0334 3992  [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
22:16:22.0443 3992  vwififlt - ok
22:16:22.0474 3992  [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
22:16:22.0599 3992  vwifimp - ok
22:16:22.0615 3992  [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time         C:\Windows\system32\w32time.dll
22:16:22.0693 3992  W32Time - ok
22:16:22.0724 3992  [ DE3721E89C653AA281428C8A69745D90 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
22:16:22.0880 3992  WacomPen - ok
22:16:22.0911 3992  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
22:16:22.0989 3992  WANARP - ok
22:16:23.0005 3992  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
22:16:23.0098 3992  Wanarpv6 - ok
22:16:23.0145 3992  [ 691E3285E53DCA558E1A84667F13E15A ] wbengine        C:\Windows\system32\wbengine.exe
22:16:23.0286 3992  wbengine - ok
22:16:23.0332 3992  [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
22:16:23.0442 3992  WbioSrvc - ok
22:16:23.0473 3992  [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc         C:\Windows\System32\wcncsvc.dll
22:16:23.0582 3992  wcncsvc - ok
22:16:23.0598 3992  [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:16:23.0707 3992  WcsPlugInService - ok
22:16:23.0738 3992  [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd              C:\Windows\system32\drivers\wd.sys
22:16:23.0785 3992  Wd - ok
22:16:23.0832 3992  [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
22:16:23.0956 3992  Wdf01000 - ok
22:16:23.0972 3992  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
22:16:24.0081 3992  WdiServiceHost - ok
22:16:24.0081 3992  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
22:16:24.0144 3992  WdiSystemHost - ok
22:16:24.0159 3992  [ A9D880F97530D5B8FEE278923349929D ] WebClient       C:\Windows\System32\webclnt.dll
22:16:24.0300 3992  WebClient - ok
22:16:24.0346 3992  [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc          C:\Windows\system32\wecsvc.dll
22:16:24.0424 3992  Wecsvc - ok
22:16:24.0440 3992  [ AC804569BB2364FB6017370258A4091B ] wercplsupport   C:\Windows\System32\wercplsupport.dll
22:16:24.0580 3992  wercplsupport - ok
22:16:24.0596 3992  [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc          C:\Windows\System32\WerSvc.dll
22:16:24.0736 3992  WerSvc - ok
22:16:24.0768 3992  [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
22:16:24.0877 3992  WfpLwf - ok
22:16:24.0892 3992  [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
22:16:24.0955 3992  WIMMount - ok
22:16:25.0017 3992  [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
22:16:25.0126 3992  WinDefend - ok
22:16:25.0142 3992  WinHttpAutoProxySvc - ok
22:16:25.0204 3992  [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
22:16:25.0267 3992  Winmgmt - ok
22:16:25.0329 3992  [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM           C:\Windows\system32\WsmSvc.dll
22:16:25.0438 3992  WinRM - ok
22:16:25.0516 3992  [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
22:16:25.0594 3992  WinUsb - ok
22:16:25.0641 3992  [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc         C:\Windows\System32\wlansvc.dll
22:16:25.0704 3992  Wlansvc - ok
22:16:25.0813 3992  [ FB01D4AE207B9EFDBABFC55DC95C7E31 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:16:25.0906 3992  wlidsvc - ok
22:16:25.0938 3992  [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
22:16:26.0031 3992  WmiAcpi - ok
22:16:26.0078 3992  [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
22:16:26.0140 3992  wmiApSrv - ok
22:16:26.0187 3992  [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
22:16:26.0343 3992  WMPNetworkSvc - ok
22:16:26.0374 3992  [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc          C:\Windows\System32\wpcsvc.dll
22:16:26.0484 3992  WPCSvc - ok
22:16:26.0515 3992  [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
22:16:26.0608 3992  WPDBusEnum - ok
22:16:26.0640 3992  [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
22:16:26.0733 3992  ws2ifsl - ok
22:16:26.0749 3992  [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc          C:\Windows\System32\wscsvc.dll
22:16:26.0858 3992  wscsvc - ok
22:16:26.0858 3992  WSearch - ok
22:16:26.0936 3992  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
22:16:27.0014 3992  wuauserv - ok
22:16:27.0061 3992  [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
22:16:27.0170 3992  WudfPf - ok
22:16:27.0201 3992  [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
22:16:27.0264 3992  WUDFRd - ok
22:16:27.0279 3992  [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
22:16:27.0420 3992  wudfsvc - ok
22:16:27.0467 3992  [ 3C5E51C05BE9B56EAFF4E388C3AB25E4 ] WwanSvc         C:\Windows\System32\wwansvc.dll
22:16:27.0513 3992  WwanSvc - ok
22:16:27.0560 3992  [ C26C68BCBAC1F33F890C226769759209 ] xusb21          C:\Windows\system32\DRIVERS\xusb21.sys
22:16:27.0669 3992  xusb21 - ok
22:16:27.0701 3992  [ B07C5B7EFDF936FF93D4F540938725BE ] yukonw7         C:\Windows\system32\DRIVERS\yk62x86.sys
22:16:27.0825 3992  yukonw7 - ok
22:16:27.0825 3992  ================ Scan global ===============================
22:16:27.0872 3992  [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
22:16:27.0903 3992  [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
22:16:27.0919 3992  [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
22:16:27.0950 3992  [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
22:16:28.0013 3992  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
22:16:28.0013 3992  [Global] - ok
22:16:28.0013 3992  ================ Scan MBR ==================================
22:16:28.0028 3992  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
22:16:28.0356 3992  \Device\Harddisk0\DR0 - ok
22:16:28.0356 3992  ================ Scan VBR ==================================
22:16:28.0403 3992  [ 9880954621FD90558CE6A3F819EB5CEF ] \Device\Harddisk0\DR0\Partition1
22:16:28.0449 3992  \Device\Harddisk0\DR0\Partition1 - ok
22:16:28.0481 3992  [ CD9E147204F38F58F317E2A6592FD82D ] \Device\Harddisk0\DR0\Partition2
22:16:28.0481 3992  \Device\Harddisk0\DR0\Partition2 - ok
22:16:28.0496 3992  ============================================================
22:16:28.0496 3992  Scan finished
22:16:28.0496 3992  ============================================================
22:16:28.0512 4284  Detected object count: 1
22:16:28.0512 4284  Actual detected object count: 1
22:16:46.0374 4284  SSHDRV76 ( UnsignedFile.Multi.Generic ) - skipped by user
22:16:46.0374 4284  SSHDRV76 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
22:17:00.0941 5224  Deinitialize success
         
__________________

Alt 15.06.2013, 13:34   #4
markusg
/// Malware-holic
 
Problem mit wssetup Perion Network - Standard

Problem mit wssetup Perion Network



Hi,
Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 15.06.2013, 22:19   #5
Martinek
 
Problem mit wssetup Perion Network - Standard

Problem mit wssetup Perion Network



Hallo,

Combofix ist durchgelaufen, allerdings musste ich dreimal die pfeiltaste-runter drücken
da sich der Bildschirm beim warten abgeschaltet hatte und beim warten auf den Windows Neustart musste ich nen Kaltstart machen.

Hier die Logfile:
Code:
ATTFilter
ComboFix 13-06-15.01 - *** 15.06.2013  22:09:47.1.2 - x86
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.3039.1728 [GMT 2:00]
ausgeführt von:: c:\users\***\Desktop\ComboFix.exe
AV: McAfee Anti-Virus und Anti-Spyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
SP: McAfee Anti-Virus und Anti-Spyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\FireFox\plugin-container.exe
c:\program files\FireFox\uninstall\helper.exe
c:\program files\FireFox\updater.exe
.
Infizierte Kopie von c:\windows\system32\userinit.exe wurde gefunden und desinfiziert 
Kopie von - c:\windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe wurde wiederhergestellt 
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-05-15 bis 2013-06-15  ))))))))))))))))))))))))))))))
.
.
2013-06-15 20:45 . 2013-06-15 20:45	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-06-12 21:03 . 2013-06-08 11:41	218112	----a-w-	c:\program files\Internet Explorer\sqmapi.dll
2013-06-12 21:03 . 2013-06-08 11:13	2706432	----a-w-	c:\windows\system32\mshtml.tlb
2013-06-12 20:55 . 2013-05-10 03:20	24576	----a-w-	c:\windows\system32\cryptdlg.dll
2013-06-12 20:54 . 2013-04-26 04:55	492544	----a-w-	c:\windows\system32\win32spl.dll
2013-06-12 20:54 . 2013-05-13 04:45	1160192	----a-w-	c:\windows\system32\crypt32.dll
2013-06-12 20:54 . 2013-05-13 03:08	903168	----a-w-	c:\windows\system32\certutil.exe
2013-06-12 20:54 . 2013-05-13 04:45	140288	----a-w-	c:\windows\system32\cryptsvc.dll
2013-06-12 20:54 . 2013-05-13 04:45	103936	----a-w-	c:\windows\system32\cryptnet.dll
2013-06-12 20:54 . 2013-05-13 03:08	43008	----a-w-	c:\windows\system32\certenc.dll
2013-06-12 20:54 . 2013-05-06 05:06	3968872	----a-w-	c:\windows\system32\ntkrnlpa.exe
2013-06-12 20:54 . 2013-05-06 05:06	3913576	----a-w-	c:\windows\system32\ntoskrnl.exe
2013-06-12 20:54 . 2013-04-17 07:02	1230336	----a-w-	c:\windows\system32\WindowsCodecs.dll
2013-06-12 20:54 . 2013-04-25 23:30	1505280	----a-w-	c:\windows\system32\d3d11.dll
2013-06-12 20:53 . 2013-05-08 05:38	1293672	----a-w-	c:\windows\system32\drivers\tcpip.sys
2013-06-07 22:53 . 2013-06-07 22:53	--------	d-----w-	c:\users\***\AppData\Roaming\Unity
2013-06-07 21:44 . 2013-06-07 21:44	--------	d-----w-	c:\users\***\AppData\Local\Unity
2013-05-18 21:17 . 2013-06-15 20:44	--------	d-----w-	c:\program files\Firefox
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-11 22:45 . 2012-04-01 16:08	692104	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2013-06-11 22:45 . 2011-11-14 22:28	71048	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2013-05-15 18:24 . 2011-03-28 16:36	22240	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-04-13 04:45 . 2013-05-14 20:21	474624	----a-w-	c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-14 20:21	2176512	----a-w-	c:\windows\apppatch\AcGenral.dll
2013-04-12 13:45 . 2013-04-23 21:06	1211752	----a-w-	c:\windows\system32\drivers\ntfs.sys
2013-04-10 05:18 . 2013-05-14 20:20	728424	----a-w-	c:\windows\system32\drivers\dxgkrnl.sys
2013-04-10 05:18 . 2013-05-14 20:20	218984	----a-w-	c:\windows\system32\drivers\dxgmms1.sys
2013-04-10 03:14 . 2013-05-14 20:21	2347520	----a-w-	c:\windows\system32\win32k.sys
2013-04-04 03:35 . 2013-05-10 19:54	94112	----a-w-	c:\windows\system32\WindowsAccessBridge.dll
2013-04-03 11:53 . 2012-11-09 05:56	60920	----a-w-	c:\windows\system32\drivers\cfwids.sys
2013-04-03 11:50 . 2012-11-09 05:53	212432	----a-w-	c:\windows\system32\drivers\mfewfpk.sys
2013-04-03 11:50 . 2013-01-08 22:26	172416	----a-w-	c:\windows\system32\mfevtps.exe
2013-04-03 11:48 . 2012-11-09 05:51	566656	----a-w-	c:\windows\system32\drivers\mfehidk.sys
2013-04-03 11:47 . 2012-11-09 05:50	363432	----a-w-	c:\windows\system32\drivers\mfefirek.sys
2013-04-03 11:47 . 2012-11-09 05:50	65928	----a-w-	c:\windows\system32\drivers\mfebopk.sys
2013-04-03 11:46 . 2012-11-09 05:49	235520	----a-w-	c:\windows\system32\drivers\mfeavfk.sys
2013-04-03 11:46 . 2012-11-09 05:49	133992	----a-w-	c:\windows\system32\drivers\mfeapfk.sys
2013-03-23 20:21 . 2012-06-24 20:01	861088	----a-w-	c:\windows\system32\npdeployJava1.dll
2013-03-23 20:21 . 2011-11-16 21:36	782240	----a-w-	c:\windows\system32\deployJava1.dll
2013-03-19 04:53 . 2013-05-14 20:21	186368	----a-w-	c:\windows\system32\wwansvc.dll
2013-03-19 04:48 . 2013-04-09 19:50	38912	----a-w-	c:\windows\system32\csrsrv.dll
2013-03-19 03:33 . 2013-05-14 20:21	40960	----a-w-	c:\windows\system32\wwanprotdim.dll
2013-03-19 02:49 . 2013-04-09 19:50	69632	----a-w-	c:\windows\system32\smss.exe
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK]
@="{3c3f3c1a-9153-7c05-f938-622e7003894d}"
[HKEY_CLASSES_ROOT\CLSID\{3c3f3c1a-9153-7c05-f938-622e7003894d}]
2010-04-13 19:11	2872120	----a-w-	c:\program files\McAfee Online Backup\MOBKshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK2]
@="{e6ea1d7d-144e-b977-98c4-84c53c1a69d0}"
[HKEY_CLASSES_ROOT\CLSID\{e6ea1d7d-144e-b977-98c4-84c53c1a69d0}]
2010-04-13 19:11	2872120	----a-w-	c:\program files\McAfee Online Backup\MOBKshell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MOBK3]
@="{b4caf489-1eec-c617-49ad-8d7088598c06}"
[HKEY_CLASSES_ROOT\CLSID\{b4caf489-1eec-c617-49ad-8d7088598c06}]
2010-04-13 19:11	2872120	----a-w-	c:\program files\McAfee Online Backup\MOBKshell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-10-25 343168]
"XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-09-30 718688]
"ProfilerU"="c:\program files\Saitek\SD6\Software\ProfilerU.exe" [2010-07-07 227840]
"SaiMfd"="c:\program files\Saitek\SD6\Software\SaiMfd.exe" [2010-07-07 123392]
"SweetIM"="c:\program files\SweetIM\Messenger\SweetIM.exe" [2012-05-29 115032]
"Sweetpacks Communicator"="c:\program files\SweetIM\Communicator\SweetPacksUpdateManager.exe" [2012-08-15 231768]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2013-02-28 515888]
"TkBellExe"="c:\program files\Real\RealPlayer\Update\realsched.exe" [2012-12-28 295072]
"mcpltui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2013-02-28 515888]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Canon LBP5000 Statusfenster.lnk - c:\windows\System32\spool\drivers\w32x86\3\CNAC4LAK.EXE [2012-1-3 50848]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.0.318\SSScheduler.exe [2013-2-5 272248]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
@=""
.
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2013-02-28 161384]
R3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys [2012-05-28 147472]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.0.318\McCHSvc.exe [2013-02-05 235216]
R3 mfencrk;McAfee Inc. mfencrk;c:\windows\system32\DRIVERS\mfencrk.sys [2013-02-18 80592]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848]
R3 SaiK0836;SaiK0836;c:\windows\system32\DRIVERS\SaiK0836.sys [2010-07-08 139272]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 49664]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 27136]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2013-04-03 212432]
S1 MOBKFilter;MOBKFilter;c:\windows\system32\DRIVERS\MOBK.sys [2010-04-13 54776]
S1 SSHDRV76;SSHDRV76;c:\windows\system32\drivers\SSHDRV76.sys [2012-06-14 53760]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-10-22 176128]
S2 HomeNetSvc;McAfee Home Network;c:\program files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [2013-03-05 184728]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe [2012-08-31 167784]
S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [2013-03-05 184728]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [2013-03-05 184728]
S2 mcpltsvc;McAfee Platform Services;c:\program files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [2013-03-05 184728]
S2 mfecore;McAfee Anti-Malware Core;c:\program files\Common Files\McAfee\AMCore\mcshield.exe [2013-02-28 638976]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [2013-04-03 169320]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2013-04-03 172416]
S2 MOBKbackup;1%;c:\program files\McAfee Online Backup\MOBKbackup.exe [2010-04-13 229688]
S2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\RealNetworks\RealDownloader\rndlresolversvc.exe [2012-11-29 38608]
S2 UMVPFSrv;UMVPFSrv;c:\program files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-01-18 450848]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [2013-04-03 60920]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [2013-04-03 363432]
S3 mfencbdc;McAfee Inc. mfencbdc;c:\windows\system32\DRIVERS\mfencbdc.sys [2013-02-18 257496]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys [2007-08-03 9344]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update\VUAgent.exe [2013-03-26 1013808]
S3 yukonw7;NDIS6.2-Miniporttreiber für Marvell Yukon-Ethernet-Controller;c:\windows\system32\DRIVERS\yk62x86.sys [2009-07-13 311296]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2013-06-15 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 22:45]
.
.
------- Zusätzlicher Suchlauf -------
.
IE: Nach Microsoft E&xel exportieren - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\***\AppData\Roaming\Mozilla\Firefox\Profiles\dfmor2bm.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - www.t-online.de
FF - prefs.js: keyword.URL - hxxp://de.search.yahoo.com/search?fr=mcafee&p=
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
AddRemove-Mozilla Firefox 21.0 (x86 de) - c:\program files\Firefox\uninstall\helper.exe
AddRemove-{4FC206D1-6287-440D-8F84-ED26E32FDD56}_is1 - d:\spiele\unins000.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'Explorer.exe'(4208)
c:\program files\McAfee Online Backup\MOBKshell.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\system32\atieclxx.exe
c:\windows\system32\taskhost.exe
c:\windows\system32\CNAC4RPK.EXE
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\system32\rundll32.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\McAfee\SystemCore\mfefire.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\windows\system32\conhost.exe
c:\progra~1\McAfee\MSC\McAPExe.exe
c:\windows\system32\DllHost.exe
c:\program files\Sony\VAIO Update\VAIOUpdt.exe
c:\windows\system32\sppsvc.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\vssvc.exe
c:\program files\Common Files\McAfee\Platform\mcuicnt.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-06-15  23:06:40 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2013-06-15 21:06
.
Vor Suchlauf: 8 Verzeichnis(se), 140.001.067.008 Bytes frei
Nach Suchlauf: 14 Verzeichnis(se), 140.951.760.896 Bytes frei
.
- - End Of File - - 597FE8A9EB34D0F585BF34D861BC72B8
A36C5E4F47E84449FF07ED3517B43A31
         
Edit: Allerdings stürzt Firefox jetzt am laufenden Band ab
Ich versuch mal ne Neuinstallation davon.


Geändert von Martinek (15.06.2013 um 22:31 Uhr)

Alt 16.06.2013, 18:46   #6
markusg
/// Malware-holic
 
Problem mit wssetup Perion Network - Standard

Problem mit wssetup Perion Network



Hi,
malwarebytes:
Downloade Dir bitte Malwarebytes
  • Installiere
    das Programm in den vorgegebenen Pfad.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Starte Malwarebytes, klicke auf Aktualisierung --> Suche
    nach Aktualisierung
  • Wenn das Update beendet wurde, aktiviere vollständiger Scan durchführen und drücke auf Scannen.
  • Wenn der Scan beendet
    ist, klicke auf Ergebnisse anzeigen.
  • Versichere Dich, dass alle Funde markiert sind und drücke Entferne Auswahl.
  • Poste
    das Logfile, welches sich in Notepad öffnet, hier in den Thread.
  • Nachträglich kannst du den Bericht unter "Log Dateien" finden.
__________________
--> Problem mit wssetup Perion Network

Alt 17.06.2013, 20:00   #7
Martinek
 
Problem mit wssetup Perion Network - Standard

Problem mit wssetup Perion Network



Hallo,

Malwarebytes hat nix gefunden.

Hier die Log:
Code:
ATTFilter
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.06.16.04

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 10.0.9200.16618
*** :: THESEUS [Administrator]

16.06.2013 23:57:54
mbam-log-2013-06-16 (23-57-54).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 507821
Laufzeit: 2 Stunde(n), 33 Minute(n), 34 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
         
Was nun?

Alt 18.06.2013, 11:57   #8
markusg
/// Malware-holic
 
Problem mit wssetup Perion Network - Standard

Problem mit wssetup Perion Network



lade den CCleaner standard:
CCleaner - Download - Filepony
falls der CCleaner
bereits instaliert, überspringen.
öffnen, Tools (extras),uninstall Llist, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 19.06.2013, 20:42   #9
Martinek
 
Problem mit wssetup Perion Network - Standard

Problem mit wssetup Perion Network



Hallo,

hier die Liste. Bei den unbekannten weiß ich nicht ob ich die brauche oder was die auf meinem Rechner so veranstalten (klar einige kennt man vom Namen her aber halt nicht was die so machen).

Code:
ATTFilter
Adobe Flash Player 11 ActiveX	Adobe Systems Incorporated	11.06.2013	6,00MB	11.7.700.224		--> unbekannt
Adobe Flash Player 11 Plugin	Adobe Systems Incorporated	12.06.2013	6,00MB	11.7.700.224		--> unbekannt
Adobe Reader X (10.1.7) - Deutsch	Adobe Systems Incorporated	15.05.2013	122MB	10.1.7		--> notwendig
AMD Catalyst Install Manager	Advanced Micro Devices, Inc.	03.12.2011	16,8MB	3.0.851.0		--> notwendig
Application Profiles	Ihr Firmenname	03.12.2011	353KB	2.0.4331.36041					--> unbekannt
Canon LBP5000		03.01.2012										--> unnötig
CCleaner	Piriform	24.05.2013		4.02							--> unnötig
DMP Panzercorps Mod 1.0	DMP	15.11.2011									--> unnötig	
DMP_Panzercorps_Mod_2.0	DMP	15.11.2011									--> unnötig
DMP_Panzercorps_Mod_3.0_Speech_Sound_Mod_by_Puma	DMP	15.11.2011					--> unnötig
GIMP 2.6.11	The GIMP Team	15.11.2011	107MB	2.6.11							--> notwendig
Hearts of Iron III Collection Version 3.05	Paradox Interactive	11.02.2012	1,46GB	3.05		--> unnötig
Heroes of Might & Magic V: Hammers of Fate		07.01.2012						--> unnötig
Heroes of Might and Magic V		07.01.2012								--> unnötig
Heroes of Might and Magic V - Tribes of the East		07.01.2012					--> unnötig
Internet Explorer Toolbar 4.6 by SweetPacks	SweetIM Technologies Ltd.	29.10.2012	4,27MB	4.6.0004 --> unnötig
Java 7 Update 21	Oracle	23.03.2013	129MB	7.0.210							--> unbekannt
Java(TM) 6 Update 35	Oracle	24.06.2012	95,6MB	6.0.350							--> unbekannt
JDownloader 0.9	AppWork GmbH	15.02.2013		0.9							--> unnötig
JDownloader 0.9	AppWork GmbH	15.02.2013		0.9							--> unnötig
Malwarebytes Anti-Malware Version 1.75.0.1300	Malwarebytes Corporation	16.06.2013	19,2MB	1.75.0.1300 --> unnötig
McAfee Security Scan Plus	McAfee, Inc.	09.02.2013	10,2MB	3.0.318.3				--> notwendig
McAfee SecurityCenter	McAfee, Inc.	04.06.2013		12.1.338					--> notwendig
MegaTrainer eXperience V1.1.4.0		18.02.2013	38,8MB							--> unnötig
Microsoft .NET Framework 4 Client Profile	Microsoft Corporation	16.11.2011	38,8MB	4.0.30319	--> unbekannt
Microsoft .NET Framework 4 Client Profile DEU Language Pack	Microsoft Corporation	16.11.2011	2,93MB	4.0.30319 --> unbekannt
Microsoft .NET Framework 4 Extended	Microsoft Corporation	23.02.2013	51,9MB	4.0.30319		--> unbekannt
Microsoft .NET Framework 4 Extended DEU Language Pack	Microsoft Corporation	23.02.2013	10,6MB	4.0.30319 --> unbekannt
Microsoft .NET Framework 4 Multi-Targeting Pack	Microsoft Corporation	23.02.2013	83,4MB	4.0.30319	--> unbekannt
Microsoft Help Viewer 1.1	Microsoft Corporation	23.02.2013	3,97MB	1.1.40219			--> unbekannt
Microsoft Help Viewer 1.1 Language Pack - DEU	Microsoft Corporation	23.02.2013	1,95MB	1.1.40219	--> unbekannt
Microsoft Office File Validation Add-In	Microsoft Corporation	22.12.2011	7,95MB	14.0.5130.5003		--> unbekannt
Microsoft Office Home and Student 2007	Microsoft Corporation	22.12.2011		12.0.6612.1000		--> notwendig
Microsoft Office Live Add-in 1.5	Microsoft Corporation	17.04.2012	508KB	2.0.4024.1		--> unbekannt
Microsoft Silverlight	Microsoft Corporation	13.03.2013	104MB	5.1.20125.0				--> unbekannt
Microsoft SQL Server 2008 R2 Management Objects	Microsoft Corporation	23.02.2013	14,4MB	10.50.1750.9	--> unbekannt
Microsoft SQL Server System CLR Types	Microsoft Corporation	23.02.2013	951KB	10.50.1750.9		--> unbekannt
Microsoft Visual C++ 2005 Redistributable	Microsoft Corporation	17.12.2011	300KB	8.0.61001	--> unbekannt
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17	Microsoft Corporation	16.11.2011	596KB	9.0.30729	--> unbekannt
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161	Microsoft Corporation	17.12.2011	600KB	9.0.30729.6161	--> unbekannt
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219	Microsoft Corporation	24.02.2013	11,1MB	10.0.40219	--> unbekannt
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219	Microsoft Corporation	23.02.2013	16,4MB	10.0.40219		--> unbekannt
Microsoft Visual Studio 2010 Service Pack 1	Microsoft Corporation	23.02.2013	75,9MB	10.0.40219			--> unbekannt
Microsoft Visual Studio 2010 Shell (Isolated) - DEU	Microsoft Corporation	24.02.2013	586MB	10.0.40219		--> unbekannt
Microsoft Visual Studio 2010 Tools for Office Runtime (x86)	Microsoft Corporation	24.02.2013		10.0.40303	--> unbekannt
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU	Microsoft Corporation	24.02.2013	10.0.40303 --> unbekannt
Microsoft Xbox 360 Accessories 1.2	Microsoft	10.04.2012	6,93MB	1.20.146.0			--> unnötig
Mozilla Firefox 21.0 (x86 de)	Mozilla	15.06.2013	63,7MB	21.0						--> notwendig
Mozilla Maintenance Service	Mozilla	19.05.2013	333KB	21.0						--> unbekannt
Mozilla Thunderbird 17.0.6 (x86 de)	Mozilla	16.05.2013	41,9MB	17.0.6					--> notwendig
Notepad++		28.04.2012		6.1.2								--> notwendig
Panzer Corps	Slitherine	15.11.2011		1.00							--> unnötig
Panzer_Corps_DMP_Afrika_Korps_Hotfix_1-1	DMP	15.11.2011						--> unnötig
RealPlayer	RealNetworks	29.12.2012	91,7MB	16.0.0							--> notwendig
Sibelius Scorch (Firefox, Opera, Netscape only)	Sibelius Software	05.01.2012	39,3MB	6.2.0		--> unbekannt
Sid Meier's Civilization IV Colonization	Firaxis Games	15.11.2011		1.01			--> notwendig
Sid Meier's Civilization V	2K Games, Inc.	09.02.2013							--> notwendig
Sid Meier's Civilization V SDK	Firaxis Games	23.02.2013							--> notwendig
Skype™ 6.3	Skype Technologies S.A.	28.04.2013	21,1MB	6.3.105						--> notwendig
Smart Technology Programming Software 7.0.1.12	Mad Catz	15.04.2012	66,1MB	7.0.1.12		--> unbekannt
Steam	Valve Corporation	18.05.2012	42,2MB	1.0.0.0							--> notwendig, leider
SweetIM for Messenger 3.7	SweetIM Technologies Ltd.	29.10.2012	4,93MB	3.7.0005		--> unbekannt
TeamSpeak 3 Client	TeamSpeak Systems GmbH	03.04.2012							--> notwendig
Unity Web Player	Unity Technologies ApS	07.06.2013	12,0MB						--> unbekannt
Update Manager for SweetPacks 1.1	SweetIM Technologies Ltd.	29.10.2012	2,76MB	1.1.0008	--> unbekannt
VAIO Original Funktion Einstellungen	Sony Corporation	07.04.2012		2.0.2.02240		--> unbekannt
VAIO Update	Sony Corporation	12.06.2013		6.2.1.03260					--> notwendig
Wildlife Park 3 v1.0	bitComposer Games	03.11.2012	3,00GB						--> notwendig
Windows Live Essentials	Microsoft Corporation	05.04.2012		15.4.3555.0308				--> unbekannt
Windows Media Player Firefox Plugin	Microsoft Corp	02.02.2012	296KB	1.0.0.8				--> notwendig
WinRAR 4.01 (32-Bit)	win.rar GmbH	18.11.2011		4.01.0						--> notwendig
World of Tanks v.0.6.7	Wargaming.net	16.11.2011								--> notwendig
World of Warplanes	Wargaming.net	14.08.2012	14,4MB							--> notwendig
         

Alt 19.06.2013, 21:18   #10
markusg
/// Malware-holic
 
Problem mit wssetup Perion Network - Standard

Problem mit wssetup Perion Network



bnatürlich weist du bei den unbekannten nicht wofür sie sind, sonst währen sie doch nicht unbekannt oder? :-)
deinstaliere:
Adobe Flash Player alle
Adobe - Adobe Flash Player installieren
neueste version laden, instalieren.
adobe reader:
Adobe - Adobe Reader herunterladen - Alle Versionen
haken bei mcafee security scan raus nehmen
bitte auch mal den adobe reader wie folgt konfigurieren:
adobe reader öffnen, bearbeiten, voreinstellungen.
allgemein:
nur zertifizierte zusatz module verwenden, anhaken.
Sicherheit (erweitert)
Erweiterte Sicherheit anhaken
und alle Dateien auswählen.
internet:
hier sollte alles deaktiviert werden, es ist sehr unsicher pdfs automatisch zu öffnen, zu downloaden etc.
es ist immer besser diese direkt abzuspeichern da man nur so die kontrolle hat was auf dem pc vor geht.
bei javascript den haken bei java script verwenden raus nehmen
bei updater, automatisch instalieren wählen.
übernehmen /ok

deinstaliere:
Canon
DMP : alle
Hearts

Heroes : alle
Internet Explorer Toolbar
Java(TM)
JDownloader : beide
Malwarebytes
MegaTrainer
Panzer : beide
Sibelius
SweetIM
Unity
Update Manager

Öffne CCleaner, analysieren, starten, pc neustarten
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 21.06.2013, 21:24   #11
Martinek
 
Problem mit wssetup Perion Network - Standard

Problem mit wssetup Perion Network



Hallo,

nach den ganzen Deinstallationen und CCleaner scheint wssetup nicht mehr aufzutauchen.

Hier noch das Log von Adwcleaner:
Code:
ATTFilter
# AdwCleaner v2.303 - Datei am 21/06/2013 um 22:17:23 erstellt
# Aktualisiert am 08/06/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (32 bits)
# Benutzer : *** - THESEUS
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\***\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Ordner Gelöscht : C:\ProgramData\Ask
Ordner Gelöscht : C:\ProgramData\Tarma Installer

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Wert Gelöscht : HKLM\SOFTWARE\Policies\Google\Chrome\ExtensionInstallForcelist [1]

***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16611

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v21.0 (de)

Datei : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\bjdczq3s.default-1371331233517\prefs.js

[OK] Die Datei ist sauber.

*************************

AdwCleaner[S1].txt - [1829 octets] - [21/06/2013 22:17:23]

########## EOF - C:\AdwCleaner[S1].txt - [1889 octets] ##########
         

Alt 04.07.2013, 14:48   #12
markusg
/// Malware-holic
 
Problem mit wssetup Perion Network - Standard

Problem mit wssetup Perion Network



hi kannst du noch mal die aktuelle adwcleaner Version laden, Funde wieder löschen, neues Log posten?
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 04.07.2013, 22:25   #13
Martinek
 
Problem mit wssetup Perion Network - Standard

Problem mit wssetup Perion Network



aloha,

hier der/das neue log vom adwcleaner:
Code:
ATTFilter
# AdwCleaner v2.304 - Datei am 04/07/2013 um 23:18:55 erstellt
# Aktualisiert am 03/07/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (32 bits)
# Benutzer : *** - THESEUS
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\***\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****


***** [Registrierungsdatenbank] *****


***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16611

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v22.0 (de)

Datei : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\bjdczq3s.default-1371331233517\prefs.js

[OK] Die Datei ist sauber.

*************************

AdwCleaner[S1].txt - [1958 octets] - [21/06/2013 22:17:23]
AdwCleaner[S2].txt - [821 octets] - [04/07/2013 23:18:55]

########## EOF - C:\AdwCleaner[S2].txt - [880 octets] ##########
         

Alt 05.07.2013, 14:35   #14
markusg
/// Malware-holic
 
Problem mit wssetup Perion Network - Standard

Problem mit wssetup Perion Network



Hi,
Hitman Pro - Download - Filepony
Hitmanpro laden, doppelklicken, Scan klicken.
nichts löschen.
Auf weiter klicken.
Log speichern und posten, bzw als XML exportieren, packen und anhängen
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 06.07.2013, 22:55   #15
Martinek
 
Problem mit wssetup Perion Network - Standard

Problem mit wssetup Perion Network



...und hier der log der hitmanpro datei:
Code:
ATTFilter
HitmanPro 3.7.6.201
www.hitmanpro.com

   Computer name . . . . : THESEUS
   Windows . . . . . . . : 6.1.1.7601.X86/2
   User name . . . . . . : Theseus\***
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free

   Scan date . . . . . . : 2013-07-06 23:50:19
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 1m 55s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 0
   Traces  . . . . . . . : 0

   Objects scanned . . . : 1.027.841
   Files scanned . . . . : 18.491
   Remnants scanned  . . : 331.528 files / 677.822 keys
         

Antwort

Themen zu Problem mit wssetup Perion Network
autorun, bho, branding, error, fehler, firefox, flash player, format, google, helper, home, install.exe, logfile, mozilla, msiexec.exe, object, problem, registry, rundll, scan, security, senden, siteadvisor, software, svchost.exe, taskhost.exe, teamspeak, visual studio, windows



Ähnliche Themen: Problem mit wssetup Perion Network


  1. Hier kommt schon wieder einer mit Perion Network / mssetup - Problem
    Plagegeister aller Art und deren Bekämpfung - 05.07.2013 (35)
  2. "wssetup.exe Perion Network Ltd." bei PC start
    Plagegeister aller Art und deren Bekämpfung - 04.07.2013 (31)
  3. wssetup.exe von Perion Network Ltd.
    Log-Analyse und Auswertung - 03.07.2013 (12)
  4. Entfernen von wssetup.exe von Perion
    Plagegeister aller Art und deren Bekämpfung - 25.06.2013 (22)
  5. wssetup.exe von Perion Network Ltd. - OTL Log File bereits erstellt
    Log-Analyse und Auswertung - 21.06.2013 (5)
  6. wssetup.exe von Perion Network Ltd. fragt nach jedem Hochfahren des Computers nach Bestätigung
    Plagegeister aller Art und deren Bekämpfung - 20.06.2013 (10)
  7. wssetup von Perion Network Ltd. versucht auf meinen Computer zuzugreifen
    Plagegeister aller Art und deren Bekämpfung - 17.06.2013 (7)
  8. wssetup von perion network ltd kommt immer nach Start des PC
    Plagegeister aller Art und deren Bekämpfung - 16.06.2013 (7)
  9. Perion Network - wssetup.exe
    Plagegeister aller Art und deren Bekämpfung - 15.06.2013 (7)
  10. Perion Network
    Plagegeister aller Art und deren Bekämpfung - 15.06.2013 (1)
  11. wssetup.exe Perion Network Ltd.
    Plagegeister aller Art und deren Bekämpfung - 14.06.2013 (7)
  12. wssetup.exe Perion Network Ltd. - Hilfe, ich will das los werden!
    Log-Analyse und Auswertung - 14.06.2013 (3)
  13. Hab ich mir was eingefangen? wssetup.exe Perion Network Ltd.
    Log-Analyse und Auswertung - 11.06.2013 (10)
  14. nach booten soll wssetup.exe (Hersteller Perion Network Ltd.) installiert werden
    Plagegeister aller Art und deren Bekämpfung - 11.06.2013 (15)
  15. Probleme mit wssetup.exe Perion Network Ltd.
    Log-Analyse und Auswertung - 08.06.2013 (9)
  16. wssetup.exe Perion Network Ltd.
    Plagegeister aller Art und deren Bekämpfung - 08.06.2013 (11)
  17. Habe mir wohl was eingefangen! wssetup.exe Perion Network Ltd.
    Plagegeister aller Art und deren Bekämpfung - 06.06.2013 (15)

Zum Thema Problem mit wssetup Perion Network - Hallo und guten Morgen, seit ca. 3 Wochen bekomme ich beim Start die Meldung das wssetup.exe installiert werden will. Habe das bisher immer abgelehnt aber es nervt langsam. Wie kann - Problem mit wssetup Perion Network...
Archiv
Du betrachtest: Problem mit wssetup Perion Network auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.