Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Hier kommt schon wieder einer mit Perion Network / mssetup - Problem

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 15.06.2013, 13:10   #1
Hippocampus
 
Hier kommt schon wieder einer mit Perion Network / mssetup - Problem - Standard

Hier kommt schon wieder einer mit Perion Network / mssetup - Problem



Liebe Leute,
ich bin, wie ich sehe, nicht der einzige mit dem Problem: Beim Starten kommt gelegentlich die Aufforderung, das Programm wssetup.exe auszuführen. Ich habe bisher immer auf "Nein" geklickt.

Nachfolgend die Logs:
OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 15.06.2013 13:42:43 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\H\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16614)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,91 Gb Total Physical Memory | 2,55 Gb Available Physical Memory | 65,15% Memory free
7,82 Gb Paging File | 5,89 Gb Available in Paging File | 75,33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 404,66 Gb Total Space | 304,36 Gb Free Space | 75,21% Space Free | Partition Type: NTFS
Drive D: | 60,00 Gb Total Space | 27,59 Gb Free Space | 45,98% Space Free | Partition Type: NTFS
 
Computer Name: H- | User Name: C | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{09AB9543-3519-4FAD-B124-D7CD8AA44D7A}" = lport=138 | protocol=17 | dir=in | app=system | 
"{3521DF49-296B-4AB4-B626-4ECAC71A3B50}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{35AE9BC7-9969-4E88-BCA4-52394421BB0D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{378895FC-E5DF-4FB1-ADA1-200CBFB123B0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{4626F820-F755-4752-B50A-725EC3D467F5}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{625331A0-8A0C-4AD7-8A0D-563246C0704E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{695E04B4-558D-43A4-9D79-868C6CC21966}" = rport=139 | protocol=6 | dir=out | app=system | 
"{6FDB48FB-FC87-45B8-BDE3-9D60288E88B5}" = lport=139 | protocol=6 | dir=in | app=system | 
"{75E9BEFC-60D7-428F-ACD2-4E0B2AADC9F9}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{790424B2-B494-4530-A119-004C27367840}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{7D6A3BD6-62A1-4020-BA3C-E067432F5F08}" = rport=137 | protocol=17 | dir=out | app=system | 
"{84FBF480-94AE-4F89-BD4E-97061820CBC1}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{987296C4-437C-42FA-A78B-D19356B0A288}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{99C58814-CB43-4B2B-BD94-6D9CBB562D74}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{A7A65D0D-3C2E-43F0-AA86-6C7E69F3BE9E}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{AC848BDA-C5B9-4D68-8A33-B6EDD60CB6CE}" = rport=138 | protocol=17 | dir=out | app=system | 
"{B8AB8BC3-E5F7-4820-87AC-299FB115A793}" = lport=445 | protocol=6 | dir=in | app=system | 
"{CDB43F6A-F32F-42CB-9F93-DF267522A223}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{CF25548C-0E0A-4534-8CE5-8F599AD6C59F}" = lport=137 | protocol=17 | dir=in | app=system | 
"{D2B44EBA-6775-43A5-846A-B9834A1EE3BF}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{E505CDD5-1F19-43BD-9800-18A9ED372208}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{E87F192E-D7CA-4D4E-9F2A-FA150239E27C}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{ED1B9905-A2A5-417A-9D38-D3B31CC11FB3}" = rport=445 | protocol=6 | dir=out | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{007F7D53-FC97-433B-9886-4B11906BA0FF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{0179D304-7176-430C-8046-53C8E8287A16}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{05438760-1223-46E6-81B4-2DC77116CF51}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe | 
"{0EFCCE2C-A06A-4C91-B793-0101E7A758B2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{16BAC126-2ED5-4654-A360-9778D87C70E0}" = protocol=17 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe | 
"{1ACE965F-C96E-431D-B22E-6FC4E9CD9950}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"{27207426-D381-4563-AAA0-7157C86C2251}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{27C67A10-F79C-4402-9E8F-C2BEA3AAB054}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd10.exe | 
"{3D34DDF3-8E67-44DA-AD93-47AC78F2D0E3}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe | 
"{4569333D-9E7A-452E-96A8-AF5B9652B131}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\device\mediaserver\clmsserver.exe | 
"{49DFFB37-FE4B-4082-A07A-27343042A512}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd cinema\powerdvdcinema10.exe | 
"{546BEEBB-2BFB-4408-8340-3763A000B653}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\pdvd10serv.exe | 
"{6704949A-D634-4C09-9348-C82BCD9FC6B7}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe | 
"{722F1581-AC2D-404F-B648-6377E3898726}" = protocol=6 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe | 
"{731D5C3D-CF5E-4569-86CC-FBC022FF9C09}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{791DF1D3-7CD2-44DF-8B8D-F1728FB95D9E}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{8438AE58-11B4-442A-A283-ED81138FFD50}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr9.exe | 
"{9943A8CD-4E24-40B0-84A2-D0B2C2236A80}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{9B779103-5BBE-4150-A7E6-3CEB1EDE363D}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{9FD05C0C-169E-491A-A64E-A80FDC94C897}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{A44168B3-5FA2-4416-B608-C60910FD5FFE}" = protocol=17 | dir=in | app=c:\program files (x86)\t-home\eumex 800 v1.30\800cf.exe | 
"{A776AC53-559A-4315-83A7-DB04128D40DF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{B924AC4C-B9EF-4FE7-A672-5D1494FAF3D6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{BC109067-C892-4A9B-81EF-879DF107F9BA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{C1CBCA27-A3CE-4034-816A-0715AC4C7336}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{C457C987-6507-44AC-AB63-37DBCEADC9C5}" = protocol=6 | dir=out | app=system | 
"{D083A899-DCFA-4187-BDC7-801CAF01A265}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{D21DA640-8D46-4827-9E1C-F9C75984E9C9}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | 
"{D599FA5E-6D80-4B26-9D8A-DDFDAC6085C1}" = dir=in | app=c:\program files (x86)\intel corporation\intel widi\widiapp.exe | 
"{D7DEDB91-2550-43E5-9B55-065DF6BB8206}" = protocol=6 | dir=in | app=c:\program files (x86)\t-home\eumex 800 v1.30\800cf.exe | 
"{DB29F026-05D0-434F-8E09-63AF777A964D}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{E023E12B-98CD-4358-BF9C-FFAAEE6CEF65}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{E10123B4-E139-4A33-9094-76C09ACB84E8}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{F2FF9811-4BCE-4C24-A4A1-C808D75CB2D8}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
"{FD18646C-121F-4CCC-904E-F4D4F0403AB4}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"TCP Query User{DFDB14B7-6FB4-41CD-BFA7-3EC38E820597}C:\program files (x86)\t-home\eumex 800 v1.30\800cf.exe" = protocol=6 | dir=in | app=c:\program files (x86)\t-home\eumex 800 v1.30\800cf.exe | 
"UDP Query User{5E3C838B-9828-43F5-92D9-D8023FE3E1AF}C:\program files (x86)\t-home\eumex 800 v1.30\800cf.exe" = protocol=17 | dir=in | app=c:\program files (x86)\t-home\eumex 800 v1.30\800cf.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{26A24AE4-039D-4CA4-87B4-2F86417021FF}" = Java 7 Update 21 (64-bit)
"{28EF7372-9087-4AC3-9B9F-D9751FCDF830}" = Intel(R) Wireless Display
"{293C4FDD-FB80-48F8-8B40-F085392FDAA1}" = Eumex RNDIS64 Treiber V1.02
"{295AEB79-B53A-4F1B-860F-7800BB7E3681}" = Intel(R) PROSet/Wireless WiFi Software
"{2F304EF4-0C31-47F4-8557-0641AAE4197C}" = Windows Live Remote Client Resources
"{456FB9B5-AFBC-4761-BBDC-BA6BAFBB818F}" = Windows Live Remote Client Resources
"{5151E2DB-0748-4FD1-86A2-72E2F94F8BE7}" = Windows Live Remote Service Resources
"{51DDB4F9-7FFF-4970-AED4-DB3C22A5C522}" = Corel Graphics - Windows Shell Extension 64 Bit
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources
"{6E5159B4-A519-41EF-80EF-AD58371515DF}" = Eraser 6.0.10.2620
"{7CE8BE79-ABC3-4B2C-9543-28ED2B0A9EA8}" = Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{850B8072-2EA7-4EDC-B930-7FE569495E76}" = Windows Live Remote Client Resources
"{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}" = Windows Live Remote Client Resources
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A679FBE4-BA2D-4514-8834-030982C8B31A}" = Windows Live Remote Service Resources
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{D3E4F422-7E0F-49C7-8B00-F42490D7A385}" = Windows Live Remote Service Resources
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E57B7E0A-8BE5-42E2-BE60-C07ED680A063}" = Microsoft Mathematics (64-Bit)
"{EB418DDD-5365-4381-87F6-D8BBB21CC1CA}" = Garmin Communicator Plugin x64
"{EC1369CF-15BD-4FAF-BA84-65E4788C682E}" = AMI VR-pulse OS Switcher
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F6CB2C5F-B2C1-4DF1-BF44-39D0DC06FE6F}" = Windows Live Remote Service Resources
"49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (06/03/2009 2.3.0.0)
"7B73EBFEF26F2C40D3AA9D389F5CF2C77121106C" = Windows-Treiberpaket - T-Home Net  (06/30/2010 6.0.6000.16384)
"CCleaner" = CCleaner
"CNXT_AUDIO_HDA" = Conexant HD Audio
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"ProInst" = Intel PROSet Wireless
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VLC media player" = VLC media player 2.0.6
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{5A10CFDA-FA2B-453C-B561-AE864E62EAC8}" = CorelDRAW Essentials X5 - Extra Content
"_{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}" = Corel Graphics - Windows Shell Extension
"_{EDBEBF07-F880-48FB-9AA5-0E8E71E02D83}" = CorelDRAW Essentials X5
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{00884F14-05BD-4D8E-90E5-1ABF78948CA4}" = Windows Live Mesh
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam 5
"{04668DF2-D32F-4555-9C7E-35523DCD6544}" = Control ActiveX de Windows Live Mesh para conexiones remotas
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{09922FFE-D153-44AE-8B60-EA3CB8088F93}" = Windows Live UX Platform Language Pack
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail
"{10186F1A-6A14-43DF-A404-F0105D09BB07}" = Windows Live Mail
"{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources
"{17079027-EB8A-42C6-9BF8-825B78889F6A}" = Garmin Communicator Plugin
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YTD Video Downloader 3.9.6
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1D6C2068-807F-4B76-A0C2-62ED05656593}" = Windows Live Writer
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Medion Home Cinema
"{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}" = Windows Live Writer
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83217021FF}" = Java 7 Update 21
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2F14F550-0FFC-4285-B673-880744D428A3}" = CorelDRAW Essentials X5 - Custom Data
"{2F54E453-8C93-4B3B-936A-233C909E6CAC}" = Windows Live Messenger
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}" = CyberLink WaveEditor
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34809713-7886-4F6A-B9D5-CC74DBC1C77E}" = CorelDRAW Essentials X5 - Redist
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3B1EF0C5-8855-416F-A6F4-5CC5FCF267CA}" = CorelDRAW Essentials X5 - WT
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack
"{410DF0AA-882D-450D-9E1B-F5397ACFFA80}" = Windows Live Essentials
"{429DF1A0-3610-4E9E-8ACE-3C8AC1BA8FCA}" = Windows Live Photo Gallery
"{4433CEC6-DA32-4D7B-BA95-B47C68498287}" = CorelDRAW Essentials X5 - Connect
"{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh
"{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}" = Google Earth
"{48106FE4-B1AF-4941-BF3D-83E6C4B7CAF3}" = Alcor Micro USB Card Reader
"{48294D95-EE9A-4377-8213-44FC4265FB27}" = Windows Live Messenger
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B744C85-DBB1-4038-B989-4721EB22C582}" = Windows Live Messenger
"{4D141929-141B-4605-95D6-2B8650C1C6DA}" = Windows Live UX Platform Language Pack
"{510D2239-6C2E-457B-9590-485EC552D94D}" = Garmin USB Drivers
"{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}" = Windows Live Writer Resources
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance
"{57220148-3B2B-412A-A2E0-82B9DF423696}" = Windows Live Mesh ActiveX-objekt til fjernforbindelser
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5A10CFDA-FA2B-453C-B561-AE864E62EAC8}" = CorelDRAW Essentials X5 - Extra Content
"{5CF5B1A5-CBC3-42F0-8533-5A5090665862}" = Windows Live Mesh
"{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker
"{60C3C026-DB53-4DAB-8B97-7C1241F9A847}" = Windows Live Movie Maker
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{666D7CED-12E0-4BA3-B594-5681961E7B02}" = CorelDRAW Essentials X5 - IPM
"{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}" = Windows Live Mesh
"{6B556C37-8919-4991-AC34-93D018B9EA49}" = Windows Live Photo Common
"{6DE61FFB-8ADC-4A09-B3DC-5DA15CAE48A0}" = CorelDRAW Essentials X5 - DE
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}" = Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz
"{6E8AFC13-F7B8-41D8-88AB-F1D0CFC56305}" = Windows Live Messenger
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}" = Windows Live Fotótár
"{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common
"{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack
"{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh
"{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}" = Pošta Windows Live
"{7BDA08C6-D3A1-4E2A-83F6-BBE15060DF80}" = CorelDRAW Essentials X5 - IT
"{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials
"{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer
"{7E90B133-FF47-48BB-91B8-36FC5A548FE9}" = Windows Live Writer Resources
"{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"{81ABC4A0-DE63-11DE-8A39-0800200C9A66}" = FreeCAD 0.12
"{827D3E4A-0186-48B7-9801-7D1E9DD40C07}" = Windows Live Essentials
"{834F4E2F-E9DF-4FA9-8499-FF6B91012898}" = CorelDRAW Essentials X5
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{84267681-BF16-40B6-9564-27BC57D7D71C}" = Windows Live Photo Common
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{85E8F38F-0303-401E-A518-0302DF88EB07}" = CorelDRAW Essentials X5 - Draw
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{89BA6E81-B60A-49BC-B283-80560A9E60DF}" = CorelDRAW Essentials X5 - PHOTO-PAINT
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E666407-AC41-46a2-9692-6C7BFCBFDD37}" = Memeo Instant Backup
"{8FF3891F-01B5-4A71-BFCD-20761890471C}" = Windows Live Messenger
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{95140000-00AF-0407-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A0087DDE-69D0-11E2-AD57-43CA6188709B}" = Adobe AIR
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A101F637-2E56-42C0-8E08-F1E9086BFAF3}" = Windows Live Movie Maker
"{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common
"{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery
"{A7056D45-C63A-4FE4-A69D-FB54EF9B21BB}" = Windows Live Messenger
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}" = Windows Live Messenger
"{AC76BA86-7AD7-5464-3428-A00000000004}" = Spelling Dictionaries Support For Adobe Reader X
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AFBAB9A0-DDE8-49AE-8C17-A01B61BEE64B}" = Garmin MapSource
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}" = Corel Graphics - Windows Shell Extension
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}" = Dolby Advanced Audio v2
"{BA58E7C0-A6B4-872B-79C9-5177AB71EDC2}" = Versandhelfer
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C32CE55C-12BA-4951-8797-0967FDEF556F}" = Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}" = Windows Live Mesh ActiveX Control for Remote Connections
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}" = Windows Live Mail
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF671BFE-6BA3-44E7-98C1-500D9C51D947}" = Windows Live Photo Gallery
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D0BEB150-2046-4F94-AE7B-EA76772592F6}" = CorelDRAW Essentials X5 - Common
"{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail
"{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack
"{D7E60152-6C65-4982-8840-B6D28BF881BD}" = CorelDRAW Essentials X5 - FR
"{DB1208F4-B2FE-44E9-BFE6-8824DBD7891B}" = Windows Live Movie Maker
"{DD76FF2A-F23C-4B78-AC00-23DDBAF7989C}" = Garmin TOPO Deutschland Süd v3
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1B934BB-6AFA-429F-98E4-76F9CBC72BF6}" = Intel(R) WiDi
"{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso
"{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = CyberLink PowerDVD Copy
"{E4BE9367-168B-4B30-B198-EE37C99FB147}" = CorelDRAW Essentials X5 - Filters
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E50C224A-BBF2-428D-9DCF-DBF9DF85C40E}" = PHotkey
"{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}" = Fotogalerija Windows Live
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E5DD4723-FE0B-436E-A815-DC23CF902A0B}" = Windows Live UX Platform Language Pack
"{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources
"{E7BE4D1A-B529-448B-8407-889705B65185}" = CorelDRAW Essentials X5 - ES
"{E8524B28-3BBB-4763-AC83-0E83FE31C350}" = Windows Live Writer
"{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live
"{E9D98402-21AB-4E9F-BF6B-47AF36EF7E97}" = Windows Live Writer Resources
"{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live
"{EDBEBF07-F880-48FB-9AA5-0E8E71E02D83}" = CorelDRAW Essentials X5 - Setup Files
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F4DA4C73-026F-4D38-8C6B-85F0193E4B56}" = Garmin WebUpdater
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FA6AF809-9A80-423A-A57A-C7D726A04E4C}" = CorelDRAW Essentials X5 - EN
"{FACE9D51-E374-4DDB-857C-816FCB1D6B40}" = Eumex 800 V1.30
"{FB697452-8CA4-46B4-98B1-165C922A2EF3}" = Update Manager for SweetPacks 1.0
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FEEF7F78-5876-438B-B554-C4CC426A4302}" = Windows Live Essentials
"{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"ALDI SÜD Mah Jong" = ALDI SÜD Mah Jong
"AmUStor" = Alcor Micro USB Card Reader
"Ashampoo Burning Studio_is1" = Ashampoo Burning Studio
"Ashampoo Photo Commander_is1" = Ashampoo Photo Commander
"Ashampoo Photo Optimizer_is1" = Ashampoo Photo Optimizer
"Ashampoo Snap_is1" = Ashampoo Snap
"Audacity_is1" = Audacity 2.0
"Audiograbber" = Audiograbber 1.83 SE 
"Audiograbber-Lame" = Audiograbber MP3-Plugin (64 bit)
"Avira AntiVir Desktop" = Avira Free Antivirus
"dpdhl.versandhelfer.medionlap.CDA82DC3FEDD13302C6424313D9A2999F162D21A.1" = Versandhelfer
"FileHippo.com" = FileHippo.com Update Checker
"Foxit Reader_is1" = Foxit Reader
"GPS-Track-Analyse.NET 6.0_is1" = GPS-Track-Analyse.NET 6.0
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam 5
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Medion Home Cinema
"InstallShield_{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}" = CyberLink WaveEditor
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso
"InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = CyberLink PowerDVD Copy
"InstallShield_{FACE9D51-E374-4DDB-857C-816FCB1D6B40}" = Eumex 800 V1.30
"IrfanView" = IrfanView (remove only)
"JonDoUninstall" = JonDo
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"Mozilla Firefox 21.0 (x86 de)" = Mozilla Firefox 21.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Mp3tag" = Mp3tag v2.54
"NAVIGON Fresh" = NAVIGON Fresh 3.4.1
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"PCSUITE_SHREDDER_PRO_is1" = PCSUITE SHREDDER
"ProInst" = Intel PROSet Wireless
"Secunia PSI" = Secunia PSI (3.0.0.3001)
"SpeQ Mathematics" = SpeQ Mathematics 3.4
"sv.net" = sv.net
"Sweet Home 3D_is1" = Sweet Home 3D version 3.4
"WinLiveSuite" = Windows Live Essentials
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Ask Toolbar Updater
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 06.10.2012 07:25:50 | Computer Name = H- | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: obexsrv.exe, Version: 1.2.0.71, Zeitstempel:
 0x4dd433e9  Name des fehlerhaften Moduls: obexsrv.exe, Version: 1.2.0.71, Zeitstempel:
 0x4dd433e9  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0005a3a1  ID des fehlerhaften Prozesses:
 0x1014  Startzeit der fehlerhaften Anwendung: 0x01cda3b556a028e6  Pfad der fehlerhaften
 Anwendung: C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe  Pfad des fehlerhaften
 Moduls: C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe  Berichtskennung: 9470686a-0fa8-11e2-ad0e-4c809339644d
 
Error - 06.10.2012 07:25:51 | Computer Name = H- | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: mediasrv.exe, Version: 1.2.0.71, 
Zeitstempel: 0x4dd4341c  Name des fehlerhaften Moduls: mediasrv.exe, Version: 1.2.0.71,
 Zeitstempel: 0x4dd4341c  Ausnahmecode: 0xc0000005  Fehleroffset: 0x000a2f29  ID des fehlerhaften
 Prozesses: 0x1240  Startzeit der fehlerhaften Anwendung: 0x01cda3b557492a99  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe  Pfad
 des fehlerhaften Moduls: C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe  Berichtskennung:
 951708bd-0fa8-11e2-ad0e-4c809339644d
 
Error - 06.10.2012 14:01:51 | Computer Name = H- | Source = MemeoBackgroundService | ID = 0
Description = Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException:
 Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException:
 Manche oder alle Identitätsverweise konnten nicht übersetzt werden.     bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object
 data)     bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary
 properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)

   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties,
 IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)

   --- Ende der internen Ausnahmestapelüberwachung ---     bei System.RuntimeMethodHandle._InvokeConstructor(Object[]
 args, SignatureStruct& signature, IntPtr declaringType)     bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags
 invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)     bei System.RuntimeType.CreateInstanceImpl(BindingFlags
 bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)

   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry
 entry)     bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData
 configData, Boolean ensureSecurity)     bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData
 configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData
 configData, Boolean ensureSecurity)     bei System.Runtime.Remoting.RemotingConfiguration.Configure(String
 filename, Boolean ensureSecurity)     bei RemoteServerService.MemeoBackgroundService.OnStart(String[]
 args)
 
Error - 06.10.2012 14:04:54 | Computer Name = H- | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: obexsrv.exe, Version: 1.2.0.71, Zeitstempel:
 0x4dd433e9  Name des fehlerhaften Moduls: obexsrv.exe, Version: 1.2.0.71, Zeitstempel:
 0x4dd433e9  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0005a3a1  ID des fehlerhaften Prozesses:
 0x12cc  Startzeit der fehlerhaften Anwendung: 0x01cda3ed15df29f3  Pfad der fehlerhaften
 Anwendung: C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe  Pfad des fehlerhaften
 Moduls: C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe  Berichtskennung: 542b3105-0fe0-11e2-8005-4c809339644d
 
Error - 06.10.2012 14:05:00 | Computer Name = H- | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: mediasrv.exe, Version: 1.2.0.71, 
Zeitstempel: 0x4dd4341c  Name des fehlerhaften Moduls: mediasrv.exe, Version: 1.2.0.71,
 Zeitstempel: 0x4dd4341c  Ausnahmecode: 0xc0000005  Fehleroffset: 0x000a2f29  ID des fehlerhaften
 Prozesses: 0x55c  Startzeit der fehlerhaften Anwendung: 0x01cda3ed19903be1  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe  Pfad
 des fehlerhaften Moduls: C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe  Berichtskennung:
 57e36715-0fe0-11e2-8005-4c809339644d
 
Error - 06.10.2012 14:18:41 | Computer Name = H- | Source = Customer Experience Improvement Program | ID = 1008
Description = 
 
Error - 08.10.2012 05:49:18 | Computer Name = H- | Source = MemeoBackgroundService | ID = 0
Description = Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException:
 Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException:
 Manche oder alle Identitätsverweise konnten nicht übersetzt werden.     bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object
 data)     bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary
 properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)

   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties,
 IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)

   --- Ende der internen Ausnahmestapelüberwachung ---     bei System.RuntimeMethodHandle._InvokeConstructor(Object[]
 args, SignatureStruct& signature, IntPtr declaringType)     bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags
 invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)     bei System.RuntimeType.CreateInstanceImpl(BindingFlags
 bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)

   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry
 entry)     bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData
 configData, Boolean ensureSecurity)     bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData
 configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData
 configData, Boolean ensureSecurity)     bei System.Runtime.Remoting.RemotingConfiguration.Configure(String
 filename, Boolean ensureSecurity)     bei RemoteServerService.MemeoBackgroundService.OnStart(String[]
 args)
 
Error - 08.10.2012 05:49:57 | Computer Name = H- | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: obexsrv.exe, Version: 1.2.0.71, Zeitstempel:
 0x4dd433e9  Name des fehlerhaften Moduls: obexsrv.exe, Version: 1.2.0.71, Zeitstempel:
 0x4dd433e9  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0005a3a1  ID des fehlerhaften Prozesses:
 0x1194  Startzeit der fehlerhaften Anwendung: 0x01cda53a45710492  Pfad der fehlerhaften
 Anwendung: C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe  Pfad des fehlerhaften
 Moduls: C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe  Berichtskennung: 84210570-112d-11e2-adf2-386077ff3e1d
 
Error - 08.10.2012 05:49:57 | Computer Name = H- | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: mediasrv.exe, Version: 1.2.0.71, 
Zeitstempel: 0x4dd4341c  Name des fehlerhaften Moduls: mediasrv.exe, Version: 1.2.0.71,
 Zeitstempel: 0x4dd4341c  Ausnahmecode: 0xc0000005  Fehleroffset: 0x000a2f29  ID des fehlerhaften
 Prozesses: 0x1270  Startzeit der fehlerhaften Anwendung: 0x01cda53a46a8d8d6  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe  Pfad
 des fehlerhaften Moduls: C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe  Berichtskennung:
 847b79ba-112d-11e2-adf2-386077ff3e1d
 
Error - 08.10.2012 06:21:19 | Computer Name = H- | Source = Customer Experience Improvement Program | ID = 1008
Description = 
 
[ System Events ]
Error - 15.06.2013 06:25:59 | Computer Name = H- | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Bluetooth OBEX Service" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%1053
 
Error - 15.06.2013 06:27:42 | Computer Name = H- | Source = Service Control Manager | ID = 7038
Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"
 mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:   %%1330    Vergewissern
 Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
 Management Console (MMC).
 
Error - 15.06.2013 06:27:42 | Computer Name = H- | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden
 Fehlers nicht gestartet:   %%1069
 
Error - 15.06.2013 06:28:22 | Computer Name = H- | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Bluetooth Device Monitor erreicht.
 
Error - 15.06.2013 06:28:22 | Computer Name = H- | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Bluetooth Device Monitor" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%1053
 
Error - 15.06.2013 06:28:55 | Computer Name = H- | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Bluetooth Device Monitor erreicht.
 
Error - 15.06.2013 06:28:55 | Computer Name = H- | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Bluetooth Device Monitor" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%1053
 
Error - 15.06.2013 06:58:05 | Computer Name = H- | Source = Microsoft-Windows-Bits-Client | ID = 16398
Description = Ein neuer BITS-Auftrag konnte nicht erstellt werden. Die aktuelle 
Auftragsanzahl für den H-\H-Benutzer ("60") ist gleich oder größer als das durch
 die Gruppenrichtlinie angegebene Auftragslimit ("60"). Sie können das Problem beheben,
 indem Sie die BITS-Aufträge beenden oder abbrechen, für die kein Fortschritt festgestellt
 wurde, indem Sie sich den Fehler ansehen, und den BITS-Dienst anschließend neu 
starten. Falls der Fehler weiterhin angezeigt wird, bitten Sie den Administrator,
 die durch die Gruppenrichtlinie angegebenen Auftragslimits pro Benutzer und pro
 Computer zu erhöhen.
 
Error - 15.06.2013 07:40:07 | Computer Name = H- | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Bluetooth Device Monitor erreicht.
 
Error - 15.06.2013 07:40:07 | Computer Name = H- | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Bluetooth Device Monitor" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%1053
 
 
< End of report >
         
Hier die Extras:
Code:
ATTFilter
OTL Extras logfile created on: 15.06.2013 13:42:43 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\H\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16614)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,91 Gb Total Physical Memory | 2,55 Gb Available Physical Memory | 65,15% Memory free
7,82 Gb Paging File | 5,89 Gb Available in Paging File | 75,33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 404,66 Gb Total Space | 304,36 Gb Free Space | 75,21% Space Free | Partition Type: NTFS
Drive D: | 60,00 Gb Total Space | 27,59 Gb Free Space | 45,98% Space Free | Partition Type: NTFS
 
Computer Name: H- | User Name: C | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{09AB9543-3519-4FAD-B124-D7CD8AA44D7A}" = lport=138 | protocol=17 | dir=in | app=system | 
"{3521DF49-296B-4AB4-B626-4ECAC71A3B50}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{35AE9BC7-9969-4E88-BCA4-52394421BB0D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{378895FC-E5DF-4FB1-ADA1-200CBFB123B0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{4626F820-F755-4752-B50A-725EC3D467F5}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{625331A0-8A0C-4AD7-8A0D-563246C0704E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{695E04B4-558D-43A4-9D79-868C6CC21966}" = rport=139 | protocol=6 | dir=out | app=system | 
"{6FDB48FB-FC87-45B8-BDE3-9D60288E88B5}" = lport=139 | protocol=6 | dir=in | app=system | 
"{75E9BEFC-60D7-428F-ACD2-4E0B2AADC9F9}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{790424B2-B494-4530-A119-004C27367840}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{7D6A3BD6-62A1-4020-BA3C-E067432F5F08}" = rport=137 | protocol=17 | dir=out | app=system | 
"{84FBF480-94AE-4F89-BD4E-97061820CBC1}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{987296C4-437C-42FA-A78B-D19356B0A288}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{99C58814-CB43-4B2B-BD94-6D9CBB562D74}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{A7A65D0D-3C2E-43F0-AA86-6C7E69F3BE9E}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{AC848BDA-C5B9-4D68-8A33-B6EDD60CB6CE}" = rport=138 | protocol=17 | dir=out | app=system | 
"{B8AB8BC3-E5F7-4820-87AC-299FB115A793}" = lport=445 | protocol=6 | dir=in | app=system | 
"{CDB43F6A-F32F-42CB-9F93-DF267522A223}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{CF25548C-0E0A-4534-8CE5-8F599AD6C59F}" = lport=137 | protocol=17 | dir=in | app=system | 
"{D2B44EBA-6775-43A5-846A-B9834A1EE3BF}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{E505CDD5-1F19-43BD-9800-18A9ED372208}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{E87F192E-D7CA-4D4E-9F2A-FA150239E27C}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{ED1B9905-A2A5-417A-9D38-D3B31CC11FB3}" = rport=445 | protocol=6 | dir=out | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{007F7D53-FC97-433B-9886-4B11906BA0FF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{0179D304-7176-430C-8046-53C8E8287A16}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{05438760-1223-46E6-81B4-2DC77116CF51}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe | 
"{0EFCCE2C-A06A-4C91-B793-0101E7A758B2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{16BAC126-2ED5-4654-A360-9778D87C70E0}" = protocol=17 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe | 
"{1ACE965F-C96E-431D-B22E-6FC4E9CD9950}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"{27207426-D381-4563-AAA0-7157C86C2251}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{27C67A10-F79C-4402-9E8F-C2BEA3AAB054}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd10.exe | 
"{3D34DDF3-8E67-44DA-AD93-47AC78F2D0E3}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe | 
"{4569333D-9E7A-452E-96A8-AF5B9652B131}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\device\mediaserver\clmsserver.exe | 
"{49DFFB37-FE4B-4082-A07A-27343042A512}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd cinema\powerdvdcinema10.exe | 
"{546BEEBB-2BFB-4408-8340-3763A000B653}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\pdvd10serv.exe | 
"{6704949A-D634-4C09-9348-C82BCD9FC6B7}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe | 
"{722F1581-AC2D-404F-B648-6377E3898726}" = protocol=6 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe | 
"{731D5C3D-CF5E-4569-86CC-FBC022FF9C09}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{791DF1D3-7CD2-44DF-8B8D-F1728FB95D9E}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{8438AE58-11B4-442A-A283-ED81138FFD50}" = dir=in | app=c:\program files\cyberlink\powerdirector\pdr9.exe | 
"{9943A8CD-4E24-40B0-84A2-D0B2C2236A80}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{9B779103-5BBE-4150-A7E6-3CEB1EDE363D}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{9FD05C0C-169E-491A-A64E-A80FDC94C897}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{A44168B3-5FA2-4416-B608-C60910FD5FFE}" = protocol=17 | dir=in | app=c:\program files (x86)\t-home\eumex 800 v1.30\800cf.exe | 
"{A776AC53-559A-4315-83A7-DB04128D40DF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{B924AC4C-B9EF-4FE7-A672-5D1494FAF3D6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{BC109067-C892-4A9B-81EF-879DF107F9BA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{C1CBCA27-A3CE-4034-816A-0715AC4C7336}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{C457C987-6507-44AC-AB63-37DBCEADC9C5}" = protocol=6 | dir=out | app=system | 
"{D083A899-DCFA-4187-BDC7-801CAF01A265}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{D21DA640-8D46-4827-9E1C-F9C75984E9C9}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | 
"{D599FA5E-6D80-4B26-9D8A-DDFDAC6085C1}" = dir=in | app=c:\program files (x86)\intel corporation\intel widi\widiapp.exe | 
"{D7DEDB91-2550-43E5-9B55-065DF6BB8206}" = protocol=6 | dir=in | app=c:\program files (x86)\t-home\eumex 800 v1.30\800cf.exe | 
"{DB29F026-05D0-434F-8E09-63AF777A964D}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{E023E12B-98CD-4358-BF9C-FFAAEE6CEF65}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{E10123B4-E139-4A33-9094-76C09ACB84E8}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{F2FF9811-4BCE-4C24-A4A1-C808D75CB2D8}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
"{FD18646C-121F-4CCC-904E-F4D4F0403AB4}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"TCP Query User{DFDB14B7-6FB4-41CD-BFA7-3EC38E820597}C:\program files (x86)\t-home\eumex 800 v1.30\800cf.exe" = protocol=6 | dir=in | app=c:\program files (x86)\t-home\eumex 800 v1.30\800cf.exe | 
"UDP Query User{5E3C838B-9828-43F5-92D9-D8023FE3E1AF}C:\program files (x86)\t-home\eumex 800 v1.30\800cf.exe" = protocol=17 | dir=in | app=c:\program files (x86)\t-home\eumex 800 v1.30\800cf.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{26A24AE4-039D-4CA4-87B4-2F86417021FF}" = Java 7 Update 21 (64-bit)
"{28EF7372-9087-4AC3-9B9F-D9751FCDF830}" = Intel(R) Wireless Display
"{293C4FDD-FB80-48F8-8B40-F085392FDAA1}" = Eumex RNDIS64 Treiber V1.02
"{295AEB79-B53A-4F1B-860F-7800BB7E3681}" = Intel(R) PROSet/Wireless WiFi Software
"{2F304EF4-0C31-47F4-8557-0641AAE4197C}" = Windows Live Remote Client Resources
"{456FB9B5-AFBC-4761-BBDC-BA6BAFBB818F}" = Windows Live Remote Client Resources
"{5151E2DB-0748-4FD1-86A2-72E2F94F8BE7}" = Windows Live Remote Service Resources
"{51DDB4F9-7FFF-4970-AED4-DB3C22A5C522}" = Corel Graphics - Windows Shell Extension 64 Bit
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources
"{6E5159B4-A519-41EF-80EF-AD58371515DF}" = Eraser 6.0.10.2620
"{7CE8BE79-ABC3-4B2C-9543-28ED2B0A9EA8}" = Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{850B8072-2EA7-4EDC-B930-7FE569495E76}" = Windows Live Remote Client Resources
"{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}" = Windows Live Remote Client Resources
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A679FBE4-BA2D-4514-8834-030982C8B31A}" = Windows Live Remote Service Resources
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{D3E4F422-7E0F-49C7-8B00-F42490D7A385}" = Windows Live Remote Service Resources
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E57B7E0A-8BE5-42E2-BE60-C07ED680A063}" = Microsoft Mathematics (64-Bit)
"{EB418DDD-5365-4381-87F6-D8BBB21CC1CA}" = Garmin Communicator Plugin x64
"{EC1369CF-15BD-4FAF-BA84-65E4788C682E}" = AMI VR-pulse OS Switcher
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F6CB2C5F-B2C1-4DF1-BF44-39D0DC06FE6F}" = Windows Live Remote Service Resources
"49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (06/03/2009 2.3.0.0)
"7B73EBFEF26F2C40D3AA9D389F5CF2C77121106C" = Windows-Treiberpaket - T-Home Net  (06/30/2010 6.0.6000.16384)
"CCleaner" = CCleaner
"CNXT_AUDIO_HDA" = Conexant HD Audio
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"ProInst" = Intel PROSet Wireless
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VLC media player" = VLC media player 2.0.6
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{5A10CFDA-FA2B-453C-B561-AE864E62EAC8}" = CorelDRAW Essentials X5 - Extra Content
"_{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}" = Corel Graphics - Windows Shell Extension
"_{EDBEBF07-F880-48FB-9AA5-0E8E71E02D83}" = CorelDRAW Essentials X5
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{00884F14-05BD-4D8E-90E5-1ABF78948CA4}" = Windows Live Mesh
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam 5
"{04668DF2-D32F-4555-9C7E-35523DCD6544}" = Control ActiveX de Windows Live Mesh para conexiones remotas
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{09922FFE-D153-44AE-8B60-EA3CB8088F93}" = Windows Live UX Platform Language Pack
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail
"{10186F1A-6A14-43DF-A404-F0105D09BB07}" = Windows Live Mail
"{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources
"{17079027-EB8A-42C6-9BF8-825B78889F6A}" = Garmin Communicator Plugin
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YTD Video Downloader 3.9.6
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1D6C2068-807F-4B76-A0C2-62ED05656593}" = Windows Live Writer
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Medion Home Cinema
"{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}" = Windows Live Writer
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83217021FF}" = Java 7 Update 21
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2F14F550-0FFC-4285-B673-880744D428A3}" = CorelDRAW Essentials X5 - Custom Data
"{2F54E453-8C93-4B3B-936A-233C909E6CAC}" = Windows Live Messenger
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}" = CyberLink WaveEditor
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34809713-7886-4F6A-B9D5-CC74DBC1C77E}" = CorelDRAW Essentials X5 - Redist
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3B1EF0C5-8855-416F-A6F4-5CC5FCF267CA}" = CorelDRAW Essentials X5 - WT
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack
"{410DF0AA-882D-450D-9E1B-F5397ACFFA80}" = Windows Live Essentials
"{429DF1A0-3610-4E9E-8ACE-3C8AC1BA8FCA}" = Windows Live Photo Gallery
"{4433CEC6-DA32-4D7B-BA95-B47C68498287}" = CorelDRAW Essentials X5 - Connect
"{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh
"{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}" = Google Earth
"{48106FE4-B1AF-4941-BF3D-83E6C4B7CAF3}" = Alcor Micro USB Card Reader
"{48294D95-EE9A-4377-8213-44FC4265FB27}" = Windows Live Messenger
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B744C85-DBB1-4038-B989-4721EB22C582}" = Windows Live Messenger
"{4D141929-141B-4605-95D6-2B8650C1C6DA}" = Windows Live UX Platform Language Pack
"{510D2239-6C2E-457B-9590-485EC552D94D}" = Garmin USB Drivers
"{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}" = Windows Live Writer Resources
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance
"{57220148-3B2B-412A-A2E0-82B9DF423696}" = Windows Live Mesh ActiveX-objekt til fjernforbindelser
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5A10CFDA-FA2B-453C-B561-AE864E62EAC8}" = CorelDRAW Essentials X5 - Extra Content
"{5CF5B1A5-CBC3-42F0-8533-5A5090665862}" = Windows Live Mesh
"{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker
"{60C3C026-DB53-4DAB-8B97-7C1241F9A847}" = Windows Live Movie Maker
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{666D7CED-12E0-4BA3-B594-5681961E7B02}" = CorelDRAW Essentials X5 - IPM
"{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}" = Windows Live Mesh
"{6B556C37-8919-4991-AC34-93D018B9EA49}" = Windows Live Photo Common
"{6DE61FFB-8ADC-4A09-B3DC-5DA15CAE48A0}" = CorelDRAW Essentials X5 - DE
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}" = Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz
"{6E8AFC13-F7B8-41D8-88AB-F1D0CFC56305}" = Windows Live Messenger
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}" = Windows Live Fotótár
"{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common
"{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack
"{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh
"{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}" = Pošta Windows Live
"{7BDA08C6-D3A1-4E2A-83F6-BBE15060DF80}" = CorelDRAW Essentials X5 - IT
"{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials
"{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer
"{7E90B133-FF47-48BB-91B8-36FC5A548FE9}" = Windows Live Writer Resources
"{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"{81ABC4A0-DE63-11DE-8A39-0800200C9A66}" = FreeCAD 0.12
"{827D3E4A-0186-48B7-9801-7D1E9DD40C07}" = Windows Live Essentials
"{834F4E2F-E9DF-4FA9-8499-FF6B91012898}" = CorelDRAW Essentials X5
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{84267681-BF16-40B6-9564-27BC57D7D71C}" = Windows Live Photo Common
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{85E8F38F-0303-401E-A518-0302DF88EB07}" = CorelDRAW Essentials X5 - Draw
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{89BA6E81-B60A-49BC-B283-80560A9E60DF}" = CorelDRAW Essentials X5 - PHOTO-PAINT
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E666407-AC41-46a2-9692-6C7BFCBFDD37}" = Memeo Instant Backup
"{8FF3891F-01B5-4A71-BFCD-20761890471C}" = Windows Live Messenger
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{95140000-00AF-0407-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A0087DDE-69D0-11E2-AD57-43CA6188709B}" = Adobe AIR
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A101F637-2E56-42C0-8E08-F1E9086BFAF3}" = Windows Live Movie Maker
"{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common
"{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery
"{A7056D45-C63A-4FE4-A69D-FB54EF9B21BB}" = Windows Live Messenger
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}" = Windows Live Messenger
"{AC76BA86-7AD7-5464-3428-A00000000004}" = Spelling Dictionaries Support For Adobe Reader X
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AFBAB9A0-DDE8-49AE-8C17-A01B61BEE64B}" = Garmin MapSource
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}" = Corel Graphics - Windows Shell Extension
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}" = Dolby Advanced Audio v2
"{BA58E7C0-A6B4-872B-79C9-5177AB71EDC2}" = Versandhelfer
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C32CE55C-12BA-4951-8797-0967FDEF556F}" = Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}" = Windows Live Mesh ActiveX Control for Remote Connections
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}" = Windows Live Mail
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF671BFE-6BA3-44E7-98C1-500D9C51D947}" = Windows Live Photo Gallery
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D0BEB150-2046-4F94-AE7B-EA76772592F6}" = CorelDRAW Essentials X5 - Common
"{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail
"{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack
"{D7E60152-6C65-4982-8840-B6D28BF881BD}" = CorelDRAW Essentials X5 - FR
"{DB1208F4-B2FE-44E9-BFE6-8824DBD7891B}" = Windows Live Movie Maker
"{DD76FF2A-F23C-4B78-AC00-23DDBAF7989C}" = Garmin TOPO Deutschland Süd v3
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1B934BB-6AFA-429F-98E4-76F9CBC72BF6}" = Intel(R) WiDi
"{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso
"{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = CyberLink PowerDVD Copy
"{E4BE9367-168B-4B30-B198-EE37C99FB147}" = CorelDRAW Essentials X5 - Filters
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E50C224A-BBF2-428D-9DCF-DBF9DF85C40E}" = PHotkey
"{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}" = Fotogalerija Windows Live
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E5DD4723-FE0B-436E-A815-DC23CF902A0B}" = Windows Live UX Platform Language Pack
"{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources
"{E7BE4D1A-B529-448B-8407-889705B65185}" = CorelDRAW Essentials X5 - ES
"{E8524B28-3BBB-4763-AC83-0E83FE31C350}" = Windows Live Writer
"{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live
"{E9D98402-21AB-4E9F-BF6B-47AF36EF7E97}" = Windows Live Writer Resources
"{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live
"{EDBEBF07-F880-48FB-9AA5-0E8E71E02D83}" = CorelDRAW Essentials X5 - Setup Files
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F4DA4C73-026F-4D38-8C6B-85F0193E4B56}" = Garmin WebUpdater
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FA6AF809-9A80-423A-A57A-C7D726A04E4C}" = CorelDRAW Essentials X5 - EN
"{FACE9D51-E374-4DDB-857C-816FCB1D6B40}" = Eumex 800 V1.30
"{FB697452-8CA4-46B4-98B1-165C922A2EF3}" = Update Manager for SweetPacks 1.0
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FEEF7F78-5876-438B-B554-C4CC426A4302}" = Windows Live Essentials
"{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"ALDI SÜD Mah Jong" = ALDI SÜD Mah Jong
"AmUStor" = Alcor Micro USB Card Reader
"Ashampoo Burning Studio_is1" = Ashampoo Burning Studio
"Ashampoo Photo Commander_is1" = Ashampoo Photo Commander
"Ashampoo Photo Optimizer_is1" = Ashampoo Photo Optimizer
"Ashampoo Snap_is1" = Ashampoo Snap
"Audacity_is1" = Audacity 2.0
"Audiograbber" = Audiograbber 1.83 SE 
"Audiograbber-Lame" = Audiograbber MP3-Plugin (64 bit)
"Avira AntiVir Desktop" = Avira Free Antivirus
"dpdhl.versandhelfer.medionlap.CDA82DC3FEDD13302C6424313D9A2999F162D21A.1" = Versandhelfer
"FileHippo.com" = FileHippo.com Update Checker
"Foxit Reader_is1" = Foxit Reader
"GPS-Track-Analyse.NET 6.0_is1" = GPS-Track-Analyse.NET 6.0
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam 5
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Medion Home Cinema
"InstallShield_{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}" = CyberLink WaveEditor
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso
"InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = CyberLink PowerDVD Copy
"InstallShield_{FACE9D51-E374-4DDB-857C-816FCB1D6B40}" = Eumex 800 V1.30
"IrfanView" = IrfanView (remove only)
"JonDoUninstall" = JonDo
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"Mozilla Firefox 21.0 (x86 de)" = Mozilla Firefox 21.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Mp3tag" = Mp3tag v2.54
"NAVIGON Fresh" = NAVIGON Fresh 3.4.1
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"PCSUITE_SHREDDER_PRO_is1" = PCSUITE SHREDDER
"ProInst" = Intel PROSet Wireless
"Secunia PSI" = Secunia PSI (3.0.0.3001)
"SpeQ Mathematics" = SpeQ Mathematics 3.4
"sv.net" = sv.net
"Sweet Home 3D_is1" = Sweet Home 3D version 3.4
"WinLiveSuite" = Windows Live Essentials
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Ask Toolbar Updater
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 06.10.2012 07:25:50 | Computer Name = H- | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: obexsrv.exe, Version: 1.2.0.71, Zeitstempel:
 0x4dd433e9  Name des fehlerhaften Moduls: obexsrv.exe, Version: 1.2.0.71, Zeitstempel:
 0x4dd433e9  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0005a3a1  ID des fehlerhaften Prozesses:
 0x1014  Startzeit der fehlerhaften Anwendung: 0x01cda3b556a028e6  Pfad der fehlerhaften
 Anwendung: C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe  Pfad des fehlerhaften
 Moduls: C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe  Berichtskennung: 9470686a-0fa8-11e2-ad0e-4c809339644d
 
Error - 06.10.2012 07:25:51 | Computer Name = H- | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: mediasrv.exe, Version: 1.2.0.71, 
Zeitstempel: 0x4dd4341c  Name des fehlerhaften Moduls: mediasrv.exe, Version: 1.2.0.71,
 Zeitstempel: 0x4dd4341c  Ausnahmecode: 0xc0000005  Fehleroffset: 0x000a2f29  ID des fehlerhaften
 Prozesses: 0x1240  Startzeit der fehlerhaften Anwendung: 0x01cda3b557492a99  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe  Pfad
 des fehlerhaften Moduls: C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe  Berichtskennung:
 951708bd-0fa8-11e2-ad0e-4c809339644d
 
Error - 06.10.2012 14:01:51 | Computer Name = H- | Source = MemeoBackgroundService | ID = 0
Description = Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException:
 Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException:
 Manche oder alle Identitätsverweise konnten nicht übersetzt werden.     bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object
 data)     bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary
 properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)

   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties,
 IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)

   --- Ende der internen Ausnahmestapelüberwachung ---     bei System.RuntimeMethodHandle._InvokeConstructor(Object[]
 args, SignatureStruct& signature, IntPtr declaringType)     bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags
 invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)     bei System.RuntimeType.CreateInstanceImpl(BindingFlags
 bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)

   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry
 entry)     bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData
 configData, Boolean ensureSecurity)     bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData
 configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData
 configData, Boolean ensureSecurity)     bei System.Runtime.Remoting.RemotingConfiguration.Configure(String
 filename, Boolean ensureSecurity)     bei RemoteServerService.MemeoBackgroundService.OnStart(String[]
 args)
 
Error - 06.10.2012 14:04:54 | Computer Name = H- | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: obexsrv.exe, Version: 1.2.0.71, Zeitstempel:
 0x4dd433e9  Name des fehlerhaften Moduls: obexsrv.exe, Version: 1.2.0.71, Zeitstempel:
 0x4dd433e9  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0005a3a1  ID des fehlerhaften Prozesses:
 0x12cc  Startzeit der fehlerhaften Anwendung: 0x01cda3ed15df29f3  Pfad der fehlerhaften
 Anwendung: C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe  Pfad des fehlerhaften
 Moduls: C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe  Berichtskennung: 542b3105-0fe0-11e2-8005-4c809339644d
 
Error - 06.10.2012 14:05:00 | Computer Name = H- | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: mediasrv.exe, Version: 1.2.0.71, 
Zeitstempel: 0x4dd4341c  Name des fehlerhaften Moduls: mediasrv.exe, Version: 1.2.0.71,
 Zeitstempel: 0x4dd4341c  Ausnahmecode: 0xc0000005  Fehleroffset: 0x000a2f29  ID des fehlerhaften
 Prozesses: 0x55c  Startzeit der fehlerhaften Anwendung: 0x01cda3ed19903be1  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe  Pfad
 des fehlerhaften Moduls: C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe  Berichtskennung:
 57e36715-0fe0-11e2-8005-4c809339644d
 
Error - 06.10.2012 14:18:41 | Computer Name = H- | Source = Customer Experience Improvement Program | ID = 1008
Description = 
 
Error - 08.10.2012 05:49:18 | Computer Name = H- | Source = MemeoBackgroundService | ID = 0
Description = Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException:
 Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException:
 Manche oder alle Identitätsverweise konnten nicht übersetzt werden.     bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object
 data)     bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary
 properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)

   bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties,
 IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)

   --- Ende der internen Ausnahmestapelüberwachung ---     bei System.RuntimeMethodHandle._InvokeConstructor(Object[]
 args, SignatureStruct& signature, IntPtr declaringType)     bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags
 invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)     bei System.RuntimeType.CreateInstanceImpl(BindingFlags
 bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)

   bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry
 entry)     bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData
 configData, Boolean ensureSecurity)     bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData
 configData, Boolean ensureSecurity)" bei der Remotekonfiguration.   bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData
 configData, Boolean ensureSecurity)     bei System.Runtime.Remoting.RemotingConfiguration.Configure(String
 filename, Boolean ensureSecurity)     bei RemoteServerService.MemeoBackgroundService.OnStart(String[]
 args)
 
Error - 08.10.2012 05:49:57 | Computer Name = H- | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: obexsrv.exe, Version: 1.2.0.71, Zeitstempel:
 0x4dd433e9  Name des fehlerhaften Moduls: obexsrv.exe, Version: 1.2.0.71, Zeitstempel:
 0x4dd433e9  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0005a3a1  ID des fehlerhaften Prozesses:
 0x1194  Startzeit der fehlerhaften Anwendung: 0x01cda53a45710492  Pfad der fehlerhaften
 Anwendung: C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe  Pfad des fehlerhaften
 Moduls: C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe  Berichtskennung: 84210570-112d-11e2-adf2-386077ff3e1d
 
Error - 08.10.2012 05:49:57 | Computer Name = H- | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: mediasrv.exe, Version: 1.2.0.71, 
Zeitstempel: 0x4dd4341c  Name des fehlerhaften Moduls: mediasrv.exe, Version: 1.2.0.71,
 Zeitstempel: 0x4dd4341c  Ausnahmecode: 0xc0000005  Fehleroffset: 0x000a2f29  ID des fehlerhaften
 Prozesses: 0x1270  Startzeit der fehlerhaften Anwendung: 0x01cda53a46a8d8d6  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe  Pfad
 des fehlerhaften Moduls: C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe  Berichtskennung:
 847b79ba-112d-11e2-adf2-386077ff3e1d
 
Error - 08.10.2012 06:21:19 | Computer Name = H- | Source = Customer Experience Improvement Program | ID = 1008
Description = 
 
[ System Events ]
Error - 15.06.2013 06:25:59 | Computer Name = H- | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Bluetooth OBEX Service" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%1053
 
Error - 15.06.2013 06:27:42 | Computer Name = H- | Source = Service Control Manager | ID = 7038
Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"
 mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:   %%1330    Vergewissern
 Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
 Management Console (MMC).
 
Error - 15.06.2013 06:27:42 | Computer Name = H- | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden
 Fehlers nicht gestartet:   %%1069
 
Error - 15.06.2013 06:28:22 | Computer Name = H- | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Bluetooth Device Monitor erreicht.
 
Error - 15.06.2013 06:28:22 | Computer Name = H- | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Bluetooth Device Monitor" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%1053
 
Error - 15.06.2013 06:28:55 | Computer Name = H- | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Bluetooth Device Monitor erreicht.
 
Error - 15.06.2013 06:28:55 | Computer Name = H- | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Bluetooth Device Monitor" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%1053
 
Error - 15.06.2013 06:58:05 | Computer Name = H- | Source = Microsoft-Windows-Bits-Client | ID = 16398
Description = Ein neuer BITS-Auftrag konnte nicht erstellt werden. Die aktuelle 
Auftragsanzahl für den H-\H-Benutzer ("60") ist gleich oder größer als das durch
 die Gruppenrichtlinie angegebene Auftragslimit ("60"). Sie können das Problem beheben,
 indem Sie die BITS-Aufträge beenden oder abbrechen, für die kein Fortschritt festgestellt
 wurde, indem Sie sich den Fehler ansehen, und den BITS-Dienst anschließend neu 
starten. Falls der Fehler weiterhin angezeigt wird, bitten Sie den Administrator,
 die durch die Gruppenrichtlinie angegebenen Auftragslimits pro Benutzer und pro
 Computer zu erhöhen.
 
Error - 15.06.2013 07:40:07 | Computer Name = H- | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Bluetooth Device Monitor erreicht.
 
Error - 15.06.2013 07:40:07 | Computer Name = H- | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Bluetooth Device Monitor" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%1053
 
 
< End of report >
         
Ich hoffe, Ihr könnt mir helfen. Vielen Dank für Eure Mühe!

Hippocampus

Alt 15.06.2013, 13:11   #2
markusg
/// Malware-holic
 
Hier kommt schon wieder einer mit Perion Network / mssetup - Problem - Standard

Hier kommt schon wieder einer mit Perion Network / mssetup - Problem



hi otl.txt fehlt
__________________

__________________

Alt 15.06.2013, 13:16   #3
Hippocampus
 
Hier kommt schon wieder einer mit Perion Network / mssetup - Problem - Standard

Hier kommt schon wieder einer mit Perion Network / mssetup - Problem



Sorry, habe zweimal die Extras geschickt.

Hier der OTL Text:
Code:
ATTFilter
OTL logfile created on: 15.06.2013 13:42:43 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\H\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16614)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,91 Gb Total Physical Memory | 2,55 Gb Available Physical Memory | 65,15% Memory free
7,82 Gb Paging File | 5,89 Gb Available in Paging File | 75,33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 404,66 Gb Total Space | 304,36 Gb Free Space | 75,21% Space Free | Partition Type: NTFS
Drive D: | 60,00 Gb Total Space | 27,59 Gb Free Space | 45,98% Space Free | Partition Type: NTFS
 
Computer Name: H- | User Name: C | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.06.15 13:41:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\H\Desktop\OTL.exe
PRC - [2013.06.15 13:38:29 | 000,050,477 | ---- | M] () -- C:\Users\H\Desktop\Defogger.exe
PRC - [2013.05.22 16:44:50 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013.05.07 14:06:07 | 000,562,744 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
PRC - [2013.05.07 14:06:03 | 000,345,312 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013.03.29 17:37:04 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2013.03.29 17:36:48 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2013.03.11 00:38:48 | 001,644,680 | ---- | M] (Ask) -- C:\Program Files (x86)\Ask.com\Updater\Updater.exe
PRC - [2012.10.02 14:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012.07.25 10:46:42 | 000,681,056 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\sua.exe
PRC - [2012.02.26 16:01:44 | 000,295,728 | ---- | M] (SweetIM Technologies Ltd.) -- C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
PRC - [2011.10.24 23:59:30 | 003,420,160 | ---- | M] () -- C:\Program Files (x86)\PHotkey\POSD.exe
PRC - [2011.10.14 21:06:54 | 000,818,688 | ---- | M] () -- C:\Program Files (x86)\PHotkey\PHotkey.exe
PRC - [2011.10.01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011.10.01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011.05.20 20:10:26 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011.04.14 19:17:18 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2010.10.05 22:08:46 | 002,655,768 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010.10.05 22:08:42 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010.03.10 15:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2010.02.28 03:33:14 | 000,077,664 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
PRC - [2010.01.13 03:36:00 | 000,117,256 | ---- | M] () -- C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
PRC - [2009.12.19 01:40:48 | 000,104,968 | ---- | M] () -- C:\Program Files (x86)\PHotkey\ASLDRSrv.exe
PRC - [2009.12.19 01:38:18 | 000,345,608 | ---- | M] (TODO: <Company name>) -- C:\Program Files (x86)\PHotkey\HCSynApi.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013.06.15 13:38:29 | 000,050,477 | ---- | M] () -- C:\Users\H\Desktop\Defogger.exe
MOD - [2013.05.22 16:44:50 | 003,128,728 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2010.02.28 03:33:14 | 000,077,664 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2011.09.16 04:41:28 | 001,518,352 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2011.09.16 04:28:06 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2011.09.16 04:24:52 | 000,844,560 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2011.09.15 19:54:46 | 001,166,848 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)
SRV:64bit: - [2011.06.03 22:51:38 | 000,134,928 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr)
SRV:64bit: - [2010.12.17 17:46:34 | 000,198,784 | ---- | M] (Conexant Systems Inc.) [Auto | Running] -- C:\Windows\SysNative\CxAudMsg64.exe -- (CxAudMsg)
SRV:64bit: - [2010.09.23 04:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010.08.19 18:43:22 | 000,386,344 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\CyberLink\Shared files\RichVideo64.exe -- (RichVideo64)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2013.06.11 22:27:49 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.05.22 16:44:50 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.05.07 14:06:07 | 000,562,744 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
SRV - [2013.03.29 17:37:04 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013.03.29 17:36:48 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.10.10 03:22:26 | 000,277,024 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012.10.08 12:42:54 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.10.02 14:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012.07.25 10:46:44 | 001,326,176 | ---- | M] (Secunia) [On_Demand | Stopped] -- C:\Program Files (x86)\Secunia\PSI\PSIA.exe -- (Secunia PSI Agent)
SRV - [2012.07.25 10:46:42 | 000,681,056 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2011.10.14 00:38:46 | 000,156,672 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\PHotkey\GFNEXSrv.exe -- (GFNEXSrv)
SRV - [2011.10.01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011.10.01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011.09.28 02:47:38 | 000,025,824 | ---- | M] (Memeo) [Auto | Running] -- C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe -- (MemeoBackgroundService)
SRV - [2011.05.20 20:10:26 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2011.05.19 11:16:48 | 000,995,392 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2011.05.19 11:16:46 | 001,335,360 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service)
SRV - [2011.05.19 11:16:36 | 000,921,664 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2011.04.14 01:37:06 | 000,312,616 | ---- | M] (CyberLink) [Disabled | Stopped] -- C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe -- (CyberLink PowerDVD 10 MS Service)
SRV - [2011.04.14 01:37:04 | 000,070,952 | ---- | M] (CyberLink) [Disabled | Stopped] -- C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe -- (CyberLink PowerDVD 10 MS Monitor Service)
SRV - [2010.10.05 22:08:46 | 002,655,768 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010.10.05 22:08:42 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010.03.18 22:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.10 15:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2009.12.19 01:40:48 | 000,104,968 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\PHotkey\ASLDRSrv.exe -- (ASLDRService)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2013.03.29 17:37:09 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2013.03.29 17:37:09 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2013.03.29 17:37:09 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2013.02.12 06:12:06 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2012.10.08 12:42:36 | 000,030,056 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2012.08.23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 16:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012.08.23 16:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.10.01 09:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011.10.01 09:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011.10.01 09:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011.10.01 09:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011.09.30 19:16:50 | 000,393,264 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011.09.26 02:40:28 | 012,309,440 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011.09.18 12:26:52 | 008,604,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:64bit: - [2011.09.15 19:48:24 | 000,299,008 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPALP)
DRV:64bit: - [2011.09.15 19:48:24 | 000,299,008 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPAL)
DRV:64bit: - [2011.09.09 02:20:56 | 000,034,200 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2011.09.09 02:20:56 | 000,025,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2011.08.23 06:12:56 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2011.07.20 04:54:06 | 000,059,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iBtFltCoex.sys -- (iBtFltCoex)
DRV:64bit: - [2011.07.20 01:13:42 | 000,282,624 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btmhsf.sys -- (btmhsf)
DRV:64bit: - [2011.05.26 10:24:16 | 001,590,912 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2011.05.20 19:53:44 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011.05.19 11:17:04 | 000,053,248 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btmaux.sys -- (btmaux)
DRV:64bit: - [2011.05.19 11:17:02 | 000,051,712 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btmaud.sys -- (btmaudio)
DRV:64bit: - [2011.04.14 05:47:55 | 000,031,216 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2011.04.13 19:30:54 | 000,207,872 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2011.04.13 19:30:50 | 000,087,552 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.10.20 00:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010.09.01 10:30:58 | 000,017,976 | ---- | M] (Secunia) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\psi_mf.sys -- (PSI)
DRV:64bit: - [2010.08.24 18:55:44 | 000,076,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2009.10.23 17:26:14 | 000,046,592 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.08 12:08:00 | 000,020,520 | ---- | M] (GARMIN Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\grmnusb.sys -- (grmnusb)
DRV - [2009.09.12 00:11:46 | 000,014,344 | ---- | M] (PEGATRON) [Kernel | Auto | Running] -- C:\Program Files (x86)\PHotkey\PEGAGFN.sys -- (PEGAGFN)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://mystart.incredibar.com/mb139?a=6R8xNmP91U&i=26
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\SearchScopes,DefaultScope = {CFF4DB9B-135F-47c0-9269-B4C6572FD61A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{65A899C0-054F-417F-B25D-0D51E8C59B4B}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=d49638dc-11d9-4814-9e17-071600a39047&apn_sauid=8A7EA06A-440F-4C22-9C90-C2C71C869C53
IE - HKCU\..\SearchScopes\{682CB880-D8CE-4E05-9EBC-B9A727EDD65F}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MDNE_enDE393
IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = hxxp://mystart.incredibar.com/mb139/?search={searchTerms}&loc=IB_DS&a=6R8xNmP91U&i=26
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Startpage HTTPS - Deutsch"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "about:blank"
FF - prefs.js..extensions.enabledAddons: %7Bd40f5e7b-d2cf-4856-b441-cc613eeffbe3%7D:1.68
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.0-git-20120215-0402: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
 
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2012.02.17 12:27:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\C\AppData\Roaming\mozilla\Extensions
[2013.04.18 14:06:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\C\AppData\Roaming\mozilla\Firefox\Profiles\9th9xc1b.default\extensions
[2013.04.09 15:38:08 | 000,000,000 | ---D | M] ("Avira SearchFree Toolbar plus Web Protection") -- C:\Users\C\AppData\Roaming\mozilla\Firefox\Profiles\9th9xc1b.default\extensions\toolbar@ask.com
[2013.02.10 21:21:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\C\AppData\Roaming\mozilla\Firefox\Profiles\JonDoFox\extensions
[2013.02.10 21:21:43 | 000,000,000 | ---D | M] (Cookie Monster) -- C:\Users\C\AppData\Roaming\mozilla\Firefox\Profiles\JonDoFox\extensions\{45d8ff86-d909-11db-9705-005056c00008}
[2013.02.10 21:21:45 | 000,000,000 | ---D | M] (HTTPS-Everywhere) -- C:\Users\C\AppData\Roaming\mozilla\Firefox\Profiles\JonDoFox\extensions\https-everywhere@eff.org
[2013.02.10 21:21:45 | 000,000,000 | ---D | M] ("UnPlug") -- C:\Users\C\AppData\Roaming\mozilla\Firefox\Profiles\JonDoFox\extensions\unplug@compunach
[2013.04.18 14:06:53 | 000,532,430 | ---- | M] () (No name found) -- C:\Users\C\AppData\Roaming\mozilla\firefox\profiles\9th9xc1b.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2013.02.10 21:57:57 | 000,138,614 | ---- | M] () (No name found) -- C:\Users\C\AppData\Roaming\mozilla\firefox\profiles\9th9xc1b.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi
[2013.02.19 21:09:30 | 000,007,919 | ---- | M] () (No name found) -- C:\Users\C\AppData\Roaming\mozilla\firefox\profiles\9th9xc1b.default\extensions\toolbar@ask.com\chrome\content\Abine\chrome\content\ff\view_expiry.js
[2013.01.08 14:17:00 | 000,717,972 | ---- | M] () (No name found) -- C:\Users\C\AppData\Roaming\mozilla\firefox\profiles\JonDoFox\extensions\{437be45a-4114-11dd-b9ab-71d256d89593}.xpi
[2013.01.08 14:17:00 | 000,533,036 | ---- | M] () (No name found) -- C:\Users\C\AppData\Roaming\mozilla\firefox\profiles\JonDoFox\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2013.01.08 14:17:00 | 000,804,627 | ---- | M] () (No name found) -- C:\Users\C\AppData\Roaming\mozilla\firefox\profiles\JonDoFox\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.10.15 08:24:02 | 000,048,875 | ---- | M] () (No name found) -- C:\Users\C\AppData\Roaming\mozilla\firefox\profiles\JonDoFox\extensions\{fa8476cf-a98c-4e08-99b4-65a69cb4b7d4}.xpi
[2013.04.09 15:38:10 | 000,002,413 | ---- | M] () -- C:\Users\C\AppData\Roaming\mozilla\firefox\profiles\9th9xc1b.default\searchplugins\askcom.xml
[2013.05.02 14:08:58 | 000,005,492 | ---- | M] () -- C:\Users\C\AppData\Roaming\mozilla\firefox\profiles\9th9xc1b.default\searchplugins\startpage-https---deutsch.xml
[2013.05.22 16:44:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2013.05.22 16:44:51 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelPAN] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe (Conexant systems, Inc.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Dolby Advanced Audio v2] C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe (Dolby Laboratories Inc.)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [Sweetpacks Communicator] C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.)
O4 - HKCU..\Run: [ccleaner] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000020 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3A44F70F-91A9-4ED3-A205-E742C1166F1C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5EC0999B-F32F-463A-AB0C-EF7F1A6D92F6}: DhcpNameServer = 192.168.1.250
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{bbd25a4c-58dc-11e1-9514-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{bbd25a4c-58dc-11e1-9514-806e6f6e6963}\Shell\AutoRun\command - "" = E:\SETUP.EXE
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.06.02 19:07:56 | 000,000,000 | ---D | C] -- C:\Users\C\AppData\Local\SpeQ Mathematics
[2013.06.02 19:07:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpeQ Mathematics
[2013.05.22 16:40:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013.05.22 16:40:30 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013.05.16 21:56:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Protexis
[2013.05.16 18:14:10 | 000,000,000 | ---D | C] -- C:\afd17e3f4751294f1715ee225bf2f7c1
[3 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.06.15 13:41:00 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.06.15 13:40:42 | 000,000,000 | ---- | M] () -- C:\Users\C\defogger_reenable
[2013.06.15 13:38:46 | 001,500,254 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.06.15 13:38:46 | 000,654,844 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.06.15 13:38:46 | 000,616,686 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.06.15 13:38:46 | 000,130,426 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.06.15 13:38:46 | 000,106,808 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.06.15 13:35:25 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.06.15 13:35:20 | 000,067,584 | -H-- | M] () -- C:\Windows\bootstat.dat
[2013.06.15 12:32:45 | 000,016,944 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.06.15 12:32:45 | 000,016,944 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.06.15 12:25:06 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.06.15 12:24:47 | 3151,273,984 | -HS- | M] () -- C:\hiberfil.sys
[2013.06.03 10:45:15 | 000,368,344 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.06.02 19:18:27 | 000,002,058 | ---- | M] () -- C:\Users\Public\Desktop\Foxit Reader.lnk
[2013.06.02 18:48:31 | 000,000,826 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.05.25 10:43:46 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013.05.25 10:43:46 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[3 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.06.15 13:40:42 | 000,000,000 | ---- | C] () -- C:\Users\C\defogger_reenable
[2013.06.03 10:45:04 | 000,368,344 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.06.02 19:18:27 | 000,002,058 | ---- | C] () -- C:\Users\Public\Desktop\Foxit Reader.lnk
[2013.05.25 10:43:46 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013.05.25 10:43:46 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013.05.22 16:40:31 | 000,000,826 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.10.10 03:22:28 | 000,272,928 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng600.bin
[2012.10.10 03:22:20 | 000,963,452 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng600.bin
[2012.08.07 20:53:02 | 000,000,034 | ---- | C] () -- C:\Windows\cdplayer.ini
[2012.04.26 21:35:20 | 000,000,046 | ---- | C] () -- C:\Windows\hmview.ini
[2012.02.29 11:09:22 | 000,007,667 | ---- | C] () -- C:\Users\C\AppData\Local\Resmon.ResmonCfg
[2012.02.17 13:44:10 | 006,187,964 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.11.15 13:38:00 | 000,072,017 | ---- | C] () -- C:\Windows\SysWow64\Uninstall ALDI SÜD Mah Jong.exe
[2011.11.10 19:48:31 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll
[2011.11.10 01:32:58 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011.11.10 01:32:57 | 000,216,000 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011.11.10 01:32:56 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2011.11.10 01:32:55 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011.11.10 01:32:54 | 013,903,360 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2013.04.12 16:02:59 | 000,000,000 | -HSD | M] -- C:\Users\C\AppData\Roaming\.#
[2012.11.28 22:30:49 | 000,000,000 | ---D | M] -- C:\Users\C\AppData\Roaming\ALDI_SUED_Mah_Jong
[2013.01.10 13:01:27 | 000,000,000 | ---D | M] -- C:\Users\C\AppData\Roaming\Audacity
[2013.06.02 19:18:17 | 000,000,000 | ---D | M] -- C:\Users\C\AppData\Roaming\Foxit Software
[2012.10.18 18:01:13 | 000,000,000 | ---D | M] -- C:\Users\C\AppData\Roaming\Garmin
[2012.03.22 18:49:04 | 000,000,000 | ---D | M] -- C:\Users\C\AppData\Roaming\IrfanView
[2013.05.02 20:12:52 | 000,000,000 | ---D | M] -- C:\Users\C\AppData\Roaming\JonDo
[2013.05.02 14:06:11 | 000,000,000 | ---D | M] -- C:\Users\C\AppData\Roaming\pdfforge
[2012.12.14 18:17:20 | 000,000,000 | ---D | M] -- C:\Users\C\AppData\Roaming\SoftGrid Client
[2012.02.17 13:44:47 | 000,000,000 | ---D | M] -- C:\Users\C\AppData\Roaming\TP
[2012.02.17 12:20:39 | 000,000,000 | ---D | M] -- C:\Users\C\AppData\Roaming\Virtual Desktop Manager
 
========== Purity Check ==========
 
 

< End of report >
         
__________________

Alt 15.06.2013, 13:18   #4
markusg
/// Malware-holic
 
Hier kommt schon wieder einer mit Perion Network / mssetup - Problem - Standard

Hier kommt schon wieder einer mit Perion Network / mssetup - Problem



Hi,
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 15.06.2013, 13:31   #5
Hippocampus
 
Hier kommt schon wieder einer mit Perion Network / mssetup - Problem - Standard

Hier kommt schon wieder einer mit Perion Network / mssetup - Problem



Hallo, marcusg,

ich habe die logfile gefunden, kann sie aber nicht öffnen, weil TDSSKiller noch läuft. Kann ich TDSSKiller schließen?


Alt 15.06.2013, 13:50   #6
Hippocampus
 
Hier kommt schon wieder einer mit Perion Network / mssetup - Problem - Standard

Hier kommt schon wieder einer mit Perion Network / mssetup - Problem



Heute ist wirklich nicht mein Tag; tut mir echt leid.
Hab die Ursache der Fehlposts gefunden: Hab heute erstmals die Funktion STRG A zum Text markieren verwendet; ich mach da wohl was falsch, da kommt später beim Einfügen immer der alte Text durch. Kommt nicht mehr vor, versprochen!

Also, jetzt nochmal die richtige file:
Code:
ATTFilter
14:22:49.0602 1996  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
14:22:49.0802 1996  ============================================================
14:22:49.0802 1996  Current date / time: 2013/06/15 14:22:49.0802
14:22:49.0802 1996  SystemInfo:
14:22:49.0802 1996  
14:22:49.0802 1996  OS Version: 6.1.7601 ServicePack: 1.0
14:22:49.0802 1996  Product type: Workstation
14:22:49.0812 1996  ComputerName: H-
14:22:49.0812 1996  UserName: C
14:22:49.0812 1996  Windows directory: C:\Windows
14:22:49.0812 1996  System windows directory: C:\Windows
14:22:49.0812 1996  Running under WOW64
14:22:49.0812 1996  Processor architecture: Intel x64
14:22:49.0812 1996  Number of processors: 4
14:22:49.0812 1996  Page size: 0x1000
14:22:49.0812 1996  Boot type: Normal boot
14:22:49.0812 1996  ============================================================
14:22:50.0372 1996  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:22:50.0382 1996  ============================================================
14:22:50.0382 1996  \Device\Harddisk0\DR0:
14:22:50.0392 1996  MBR partitions:
14:22:50.0392 1996  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
14:22:50.0392 1996  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x32952000
14:22:50.0392 1996  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x32984800, BlocksNum 0x7800000
14:22:50.0392 1996  ============================================================
14:22:50.0422 1996  C: <-> \Device\Harddisk0\DR0\Partition2
14:22:50.0462 1996  D: <-> \Device\Harddisk0\DR0\Partition3
14:22:50.0462 1996  ============================================================
14:22:50.0462 1996  Initialize success
14:22:50.0462 1996  ============================================================
14:23:49.0562 5496  ============================================================
14:23:49.0562 5496  Scan started
14:23:49.0562 5496  Mode: Manual; SigCheck; TDLFS; 
14:23:49.0562 5496  ============================================================
14:23:50.0522 5496  ================ Scan system memory ========================
14:23:50.0522 5496  System memory - ok
14:23:50.0522 5496  ================ Scan services =============================
14:23:50.0672 5496  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
14:23:50.0842 5496  1394ohci - ok
14:23:50.0882 5496  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
14:23:50.0902 5496  ACPI - ok
14:23:50.0912 5496  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
14:23:50.0942 5496  AcpiPmi - ok
14:23:51.0082 5496  [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:23:51.0152 5496  AdobeFlashPlayerUpdateSvc - ok
14:23:51.0212 5496  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
14:23:51.0262 5496  adp94xx - ok
14:23:51.0292 5496  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
14:23:51.0312 5496  adpahci - ok
14:23:51.0332 5496  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
14:23:51.0342 5496  adpu320 - ok
14:23:51.0372 5496  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
14:23:51.0502 5496  AeLookupSvc - ok
14:23:51.0552 5496  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
14:23:51.0612 5496  AFD - ok
14:23:51.0642 5496  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
14:23:51.0672 5496  agp440 - ok
14:23:51.0692 5496  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
14:23:51.0742 5496  ALG - ok
14:23:51.0762 5496  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
14:23:51.0772 5496  aliide - ok
14:23:51.0782 5496  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
14:23:51.0792 5496  amdide - ok
14:23:51.0822 5496  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
14:23:51.0852 5496  AmdK8 - ok
14:23:51.0882 5496  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
14:23:51.0912 5496  AmdPPM - ok
14:23:51.0942 5496  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
14:23:51.0972 5496  amdsata - ok
14:23:51.0992 5496  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
14:23:52.0012 5496  amdsbs - ok
14:23:52.0022 5496  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
14:23:52.0032 5496  amdxata - ok
14:23:52.0082 5496  [ 3BC90482A834F998C3B7A9C934A20342 ] AMPPAL          C:\Windows\system32\DRIVERS\AMPPAL.sys
14:23:52.0142 5496  AMPPAL - ok
14:23:52.0152 5496  [ 3BC90482A834F998C3B7A9C934A20342 ] AMPPALP         C:\Windows\system32\DRIVERS\amppal.sys
14:23:52.0172 5496  AMPPALP - ok
14:23:52.0272 5496  [ A47D7FEBD9381D34DDB4FF38B15A67FE ] AMPPALR3        C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
14:23:52.0402 5496  AMPPALR3 - ok
14:23:52.0422 5496  [ 08D51900C07BAE4F1FC82FC669B99B79 ] AmUStor         C:\Windows\system32\drivers\AmUStor.SYS
14:23:52.0482 5496  AmUStor - ok
14:23:52.0552 5496  [ D9A92E6DD41C5ADC045AE485026AA40C ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
14:23:52.0572 5496  AntiVirSchedulerService - ok
14:23:52.0622 5496  [ 66A7A38F7C439153B758548375EB9E5E ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
14:23:52.0642 5496  AntiVirService - ok
14:23:52.0682 5496  [ 9EDAE2D1CA368E8D01BEE8BFBC9488E4 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
14:23:52.0712 5496  AntiVirWebService - ok
14:23:52.0752 5496  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
14:23:52.0922 5496  AppID - ok
14:23:52.0942 5496  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
14:23:52.0982 5496  AppIDSvc - ok
14:23:53.0012 5496  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
14:23:53.0062 5496  Appinfo - ok
14:23:53.0102 5496  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
14:23:53.0122 5496  arc - ok
14:23:53.0142 5496  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
14:23:53.0152 5496  arcsas - ok
14:23:53.0212 5496  [ EFD89582B55DD32DC79C1A4EB54612A1 ] ASLDRService    C:\Program Files (x86)\PHotkey\ASLDRSrv.exe
14:23:53.0232 5496  ASLDRService - ok
14:23:53.0262 5496  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
14:23:53.0332 5496  AsyncMac - ok
14:23:53.0362 5496  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
14:23:53.0372 5496  atapi - ok
14:23:53.0412 5496  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:23:53.0482 5496  AudioEndpointBuilder - ok
14:23:53.0512 5496  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
14:23:53.0542 5496  AudioSrv - ok
14:23:53.0582 5496  [ 09E6069EF94B345061B4BD3CEBD974C8 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
14:23:53.0592 5496  avgntflt - ok
14:23:53.0642 5496  [ 488486DAD09A5B6C6DBB8B990A8B2307 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
14:23:53.0662 5496  avipbb - ok
14:23:53.0702 5496  [ 490FA25161BF3E51993EB724ECF0ACEB ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
14:23:53.0712 5496  avkmgr - ok
14:23:53.0732 5496  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
14:23:53.0782 5496  AxInstSV - ok
14:23:53.0812 5496  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
14:23:53.0862 5496  b06bdrv - ok
14:23:53.0892 5496  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
14:23:53.0932 5496  b57nd60a - ok
14:23:53.0972 5496  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
14:23:54.0022 5496  BDESVC - ok
14:23:54.0032 5496  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
14:23:54.0092 5496  Beep - ok
14:23:54.0122 5496  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
14:23:54.0182 5496  BFE - ok
14:23:54.0222 5496  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
14:23:54.0282 5496  BITS - ok
14:23:54.0312 5496  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
14:23:54.0352 5496  blbdrive - ok
14:23:54.0422 5496  [ 5FF7B9916A10E8E69E7C0D16F0B4787A ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
14:23:54.0482 5496  Bluetooth Device Monitor ( UnsignedFile.Multi.Generic ) - warning
14:23:54.0482 5496  Bluetooth Device Monitor - detected UnsignedFile.Multi.Generic (1)
14:23:54.0532 5496  [ E43D73CAF1023976EFBA1D0F0E69E271 ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
14:23:54.0612 5496  Bluetooth Media Service ( UnsignedFile.Multi.Generic ) - warning
14:23:54.0612 5496  Bluetooth Media Service - detected UnsignedFile.Multi.Generic (1)
14:23:54.0652 5496  [ 20427929646784A482DF34EF8C4FED23 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
14:23:54.0702 5496  Bluetooth OBEX Service ( UnsignedFile.Multi.Generic ) - warning
14:23:54.0712 5496  Bluetooth OBEX Service - detected UnsignedFile.Multi.Generic (1)
14:23:54.0742 5496  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
14:23:54.0782 5496  bowser - ok
14:23:54.0822 5496  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
14:23:54.0852 5496  BrFiltLo - ok
14:23:54.0872 5496  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
14:23:54.0912 5496  BrFiltUp - ok
14:23:54.0932 5496  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
14:23:54.0972 5496  Browser - ok
14:23:55.0002 5496  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
14:23:55.0052 5496  Brserid - ok
14:23:55.0082 5496  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
14:23:55.0112 5496  BrSerWdm - ok
14:23:55.0132 5496  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
14:23:55.0172 5496  BrUsbMdm - ok
14:23:55.0192 5496  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
14:23:55.0222 5496  BrUsbSer - ok
14:23:55.0262 5496  [ CF98190A94F62E405C8CB255018B2315 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
14:23:55.0302 5496  BthEnum - ok
14:23:55.0322 5496  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
14:23:55.0352 5496  BTHMODEM - ok
14:23:55.0382 5496  [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
14:23:55.0422 5496  BthPan - ok
14:23:55.0462 5496  [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
14:23:55.0502 5496  BTHPORT - ok
14:23:55.0542 5496  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
14:23:55.0582 5496  bthserv - ok
14:23:55.0602 5496  [ 9E2AF97302B9F4BF97E952A865EB31AE ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
14:23:55.0612 5496  BTHSSecurityMgr - ok
14:23:55.0642 5496  [ F188B7394D81010767B6DF3178519A37 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
14:23:55.0672 5496  BTHUSB - ok
14:23:55.0712 5496  [ 274E47BD9C1367BDBFA9DF10C2E6C544 ] btmaudio        C:\Windows\system32\drivers\btmaud.sys
14:23:55.0742 5496  btmaudio - ok
14:23:55.0782 5496  [ 75EAB5AAF6E9F83739249CE60B4B9C39 ] btmaux          C:\Windows\system32\DRIVERS\btmaux.sys
14:23:55.0812 5496  btmaux - ok
14:23:55.0832 5496  [ 0B1CC2221DC5990E4557A78CE9AFAD4F ] btmhsf          C:\Windows\system32\DRIVERS\btmhsf.sys
14:23:55.0882 5496  btmhsf - ok
14:23:55.0902 5496  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
14:23:55.0972 5496  cdfs - ok
14:23:56.0032 5496  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
14:23:56.0082 5496  cdrom - ok
14:23:56.0132 5496  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
14:23:56.0182 5496  CertPropSvc - ok
14:23:56.0222 5496  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
14:23:56.0262 5496  circlass - ok
14:23:56.0292 5496  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
14:23:56.0312 5496  CLFS - ok
14:23:56.0362 5496  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:23:56.0382 5496  clr_optimization_v2.0.50727_32 - ok
14:23:56.0472 5496  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:23:56.0482 5496  clr_optimization_v2.0.50727_64 - ok
14:23:56.0542 5496  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:23:56.0562 5496  clr_optimization_v4.0.30319_32 - ok
14:23:56.0582 5496  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:23:56.0592 5496  clr_optimization_v4.0.30319_64 - ok
14:23:56.0642 5496  [ E13A438F9E51DD034730678E33B73290 ] clwvd           C:\Windows\system32\DRIVERS\clwvd.sys
14:23:56.0662 5496  clwvd - ok
14:23:56.0692 5496  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
14:23:56.0722 5496  CmBatt - ok
14:23:56.0762 5496  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
14:23:56.0772 5496  cmdide - ok
14:23:56.0812 5496  [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG             C:\Windows\system32\Drivers\cng.sys
14:23:56.0842 5496  CNG - ok
14:23:56.0892 5496  [ E0B53D1FEF69106B76C06A0D783916E8 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
14:23:56.0952 5496  CnxtHdAudService - ok
14:23:56.0982 5496  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
14:23:56.0992 5496  Compbatt - ok
14:23:57.0002 5496  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
14:23:57.0022 5496  CompositeBus - ok
14:23:57.0042 5496  COMSysApp - ok
14:23:57.0132 5496  [ 78AF1C499BF02F9814DF959A04A4F9C9 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
14:23:57.0152 5496  cphs - ok
14:23:57.0182 5496  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
14:23:57.0202 5496  crcdisk - ok
14:23:57.0232 5496  [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc        C:\Windows\system32\cryptsvc.dll
14:23:57.0282 5496  CryptSvc - ok
14:23:57.0352 5496  [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
14:23:57.0382 5496  cvhsvc - ok
14:23:57.0412 5496  [ F160B26B26BA4AFE8CECC12ED5AC231E ] CxAudMsg        C:\Windows\system32\CxAudMsg64.exe
14:23:57.0432 5496  CxAudMsg - ok
14:23:57.0512 5496  [ 7F5CD87CA5BDB4D83F992D8C77201483 ] CyberLink PowerDVD 10 MS Monitor Service C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
14:23:57.0532 5496  CyberLink PowerDVD 10 MS Monitor Service - ok
14:23:57.0562 5496  [ 9FAF58E876A3B1DB3030A0A5805F2D86 ] CyberLink PowerDVD 10 MS Service C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
14:23:57.0582 5496  CyberLink PowerDVD 10 MS Service - ok
14:23:57.0622 5496  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
14:23:57.0682 5496  DcomLaunch - ok
14:23:57.0712 5496  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
14:23:57.0762 5496  defragsvc - ok
14:23:57.0802 5496  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
14:23:57.0872 5496  DfsC - ok
14:23:57.0902 5496  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
14:23:57.0942 5496  Dhcp - ok
14:23:57.0962 5496  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
14:23:58.0012 5496  discache - ok
14:23:58.0052 5496  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
14:23:58.0072 5496  Disk - ok
14:23:58.0092 5496  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
14:23:58.0132 5496  Dnscache - ok
14:23:58.0142 5496  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
14:23:58.0202 5496  dot3svc - ok
14:23:58.0222 5496  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
14:23:58.0272 5496  DPS - ok
14:23:58.0302 5496  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
14:23:58.0362 5496  drmkaud - ok
14:23:58.0412 5496  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
14:23:58.0492 5496  DXGKrnl - ok
14:23:58.0512 5496  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
14:23:58.0562 5496  EapHost - ok
14:23:58.0642 5496  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
14:23:58.0772 5496  ebdrv - ok
14:23:58.0792 5496  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
14:23:58.0822 5496  EFS - ok
14:23:58.0882 5496  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
14:23:58.0972 5496  ehRecvr - ok
14:23:58.0982 5496  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
14:23:59.0032 5496  ehSched - ok
14:23:59.0072 5496  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
14:23:59.0122 5496  elxstor - ok
14:23:59.0142 5496  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
14:23:59.0162 5496  ErrDev - ok
14:23:59.0192 5496  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
14:23:59.0252 5496  EventSystem - ok
14:23:59.0352 5496  [ B20A788579E443F768AAB1A24F705D0A ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
14:23:59.0422 5496  EvtEng - ok
14:23:59.0452 5496  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
14:23:59.0502 5496  exfat - ok
14:23:59.0522 5496  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
14:23:59.0572 5496  fastfat - ok
14:23:59.0612 5496  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
14:23:59.0692 5496  Fax - ok
14:23:59.0732 5496  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
14:23:59.0772 5496  fdc - ok
14:23:59.0812 5496  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
14:23:59.0882 5496  fdPHost - ok
14:23:59.0902 5496  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
14:23:59.0942 5496  FDResPub - ok
14:23:59.0962 5496  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
14:23:59.0972 5496  FileInfo - ok
14:23:59.0992 5496  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
14:24:00.0042 5496  Filetrace - ok
14:24:00.0062 5496  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
14:24:00.0072 5496  flpydisk - ok
14:24:00.0092 5496  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
14:24:00.0102 5496  FltMgr - ok
14:24:00.0172 5496  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
14:24:00.0232 5496  FontCache - ok
14:24:00.0262 5496  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:24:00.0272 5496  FontCache3.0.0.0 - ok
14:24:00.0282 5496  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
14:24:00.0292 5496  FsDepends - ok
14:24:00.0312 5496  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
14:24:00.0322 5496  Fs_Rec - ok
14:24:00.0362 5496  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
14:24:00.0372 5496  fvevol - ok
14:24:00.0412 5496  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
14:24:00.0442 5496  gagp30kx - ok
14:24:00.0482 5496  [ 4E1D0A246E10CFDDBF856432418DE404 ] GFNEXSrv        C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
14:24:00.0492 5496  GFNEXSrv ( UnsignedFile.Multi.Generic ) - warning
14:24:00.0492 5496  GFNEXSrv - detected UnsignedFile.Multi.Generic (1)
14:24:00.0522 5496  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
14:24:00.0622 5496  gpsvc - ok
14:24:00.0652 5496  [ 2ED7FF3E1ADA4092632393781518B3A7 ] grmnusb         C:\Windows\system32\drivers\grmnusb.sys
14:24:00.0672 5496  grmnusb - ok
14:24:00.0722 5496  gupdate - ok
14:24:00.0742 5496  gupdatem - ok
14:24:00.0772 5496  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
14:24:00.0822 5496  hcw85cir - ok
14:24:00.0852 5496  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:24:00.0882 5496  HdAudAddService - ok
14:24:00.0912 5496  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
14:24:00.0952 5496  HDAudBus - ok
14:24:00.0982 5496  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
14:24:01.0012 5496  HidBatt - ok
14:24:01.0032 5496  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
14:24:01.0062 5496  HidBth - ok
14:24:01.0072 5496  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
14:24:01.0092 5496  HidIr - ok
14:24:01.0112 5496  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
14:24:01.0172 5496  hidserv - ok
14:24:01.0202 5496  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
14:24:01.0212 5496  HidUsb - ok
14:24:01.0252 5496  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
14:24:01.0332 5496  hkmsvc - ok
14:24:01.0352 5496  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:24:01.0422 5496  HomeGroupListener - ok
14:24:01.0452 5496  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:24:01.0492 5496  HomeGroupProvider - ok
14:24:01.0532 5496  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
14:24:01.0552 5496  HpSAMD - ok
14:24:01.0592 5496  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
14:24:01.0662 5496  HTTP - ok
14:24:01.0682 5496  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
14:24:01.0692 5496  hwpolicy - ok
14:24:01.0722 5496  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
14:24:01.0732 5496  i8042prt - ok
14:24:01.0772 5496  [ 2FDAEC4B02729C48C0FD1B0B4695995B ] iaStor          C:\Windows\system32\drivers\iaStor.sys
14:24:01.0782 5496  iaStor - ok
14:24:01.0842 5496  [ D41861E56E7552C13674D7F147A02464 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
14:24:01.0862 5496  IAStorDataMgrSvc - ok
14:24:01.0892 5496  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
14:24:01.0912 5496  iaStorV - ok
14:24:01.0942 5496  [ 8A4EC1C3F10385181B1066120C610AE5 ] iBtFltCoex      C:\Windows\system32\DRIVERS\iBtFltCoex.sys
14:24:01.0972 5496  iBtFltCoex - ok
14:24:02.0012 5496  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:24:02.0052 5496  idsvc - ok
14:24:02.0282 5496  [ 978D876A581D57E0DE6437674EB0014D ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
14:24:02.0582 5496  igfx - ok
14:24:02.0602 5496  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
14:24:02.0612 5496  iirsp - ok
14:24:02.0642 5496  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
14:24:02.0722 5496  IKEEXT - ok
14:24:02.0752 5496  [ CADDF0927DAC63EDAE48F5C35A61D87D ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
14:24:02.0762 5496  intaud_WaveExtensible - ok
14:24:02.0812 5496  [ AE594CC17C33AC146739494615E14851 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
14:24:02.0842 5496  IntcDAud - ok
14:24:02.0852 5496  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
14:24:02.0862 5496  intelide - ok
14:24:02.0892 5496  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
14:24:02.0912 5496  intelppm - ok
14:24:02.0942 5496  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
14:24:02.0992 5496  IPBusEnum - ok
14:24:03.0022 5496  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:24:03.0062 5496  IpFilterDriver - ok
14:24:03.0092 5496  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
14:24:03.0122 5496  iphlpsvc - ok
14:24:03.0152 5496  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
14:24:03.0192 5496  IPMIDRV - ok
14:24:03.0212 5496  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
14:24:03.0272 5496  IPNAT - ok
14:24:03.0302 5496  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
14:24:03.0322 5496  IRENUM - ok
14:24:03.0342 5496  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
14:24:03.0352 5496  isapnp - ok
14:24:03.0372 5496  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
14:24:03.0392 5496  iScsiPrt - ok
14:24:03.0412 5496  [ 716F66336F10885D935B08174DC54242 ] iwdbus          C:\Windows\system32\drivers\iwdbus.sys
14:24:03.0422 5496  iwdbus - ok
14:24:03.0442 5496  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
14:24:03.0452 5496  kbdclass - ok
14:24:03.0472 5496  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
14:24:03.0502 5496  kbdhid - ok
14:24:03.0522 5496  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
14:24:03.0532 5496  KeyIso - ok
14:24:03.0542 5496  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
14:24:03.0562 5496  KSecDD - ok
14:24:03.0582 5496  [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
14:24:03.0592 5496  KSecPkg - ok
14:24:03.0612 5496  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
14:24:03.0662 5496  ksthunk - ok
14:24:03.0712 5496  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
14:24:03.0802 5496  KtmRm - ok
14:24:03.0842 5496  [ A4A9CA24E54E81C6C3E469EAEB4B3F42 ] L1C             C:\Windows\system32\DRIVERS\L1C62x64.sys
14:24:03.0852 5496  L1C - ok
14:24:03.0882 5496  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
14:24:03.0912 5496  LanmanServer - ok
14:24:03.0932 5496  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:24:03.0982 5496  LanmanWorkstation - ok
14:24:04.0012 5496  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
14:24:04.0042 5496  lltdio - ok
14:24:04.0062 5496  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
14:24:04.0112 5496  lltdsvc - ok
14:24:04.0132 5496  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
14:24:04.0182 5496  lmhosts - ok
14:24:04.0232 5496  [ 926EBA26A8B49D1597751CED06B50862 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
14:24:04.0242 5496  LMS - ok
14:24:04.0282 5496  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
14:24:04.0302 5496  LSI_FC - ok
14:24:04.0322 5496  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
14:24:04.0332 5496  LSI_SAS - ok
14:24:04.0342 5496  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
14:24:04.0352 5496  LSI_SAS2 - ok
14:24:04.0372 5496  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
14:24:04.0382 5496  LSI_SCSI - ok
14:24:04.0412 5496  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
14:24:04.0462 5496  luafv - ok
14:24:04.0492 5496  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
14:24:04.0512 5496  Mcx2Svc - ok
14:24:04.0522 5496  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
14:24:04.0532 5496  megasas - ok
14:24:04.0562 5496  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
14:24:04.0582 5496  MegaSR - ok
14:24:04.0612 5496  [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
14:24:04.0622 5496  MEIx64 - ok
14:24:04.0652 5496  [ 8A43D23ACE2E8C95A2D87B6E9599DEDA ] MemeoBackgroundService C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
14:24:04.0662 5496  MemeoBackgroundService - ok
14:24:04.0672 5496  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
14:24:04.0722 5496  MMCSS - ok
14:24:04.0742 5496  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
14:24:04.0792 5496  Modem - ok
14:24:04.0822 5496  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
14:24:04.0852 5496  monitor - ok
14:24:04.0872 5496  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
14:24:04.0882 5496  mouclass - ok
14:24:04.0902 5496  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
14:24:04.0922 5496  mouhid - ok
14:24:04.0952 5496  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
14:24:04.0962 5496  mountmgr - ok
14:24:05.0032 5496  [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:24:05.0052 5496  MozillaMaintenance - ok
14:24:05.0072 5496  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
14:24:05.0092 5496  mpio - ok
14:24:05.0102 5496  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
14:24:05.0132 5496  mpsdrv - ok
14:24:05.0172 5496  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
14:24:05.0232 5496  MpsSvc - ok
14:24:05.0262 5496  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
14:24:05.0322 5496  MRxDAV - ok
14:24:05.0352 5496  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
14:24:05.0382 5496  mrxsmb - ok
14:24:05.0412 5496  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:24:05.0432 5496  mrxsmb10 - ok
14:24:05.0452 5496  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:24:05.0482 5496  mrxsmb20 - ok
14:24:05.0512 5496  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
14:24:05.0522 5496  msahci - ok
14:24:05.0542 5496  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
14:24:05.0552 5496  msdsm - ok
14:24:05.0562 5496  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
14:24:05.0592 5496  MSDTC - ok
14:24:05.0622 5496  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
14:24:05.0662 5496  Msfs - ok
14:24:05.0692 5496  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
14:24:05.0732 5496  mshidkmdf - ok
14:24:05.0742 5496  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
14:24:05.0752 5496  msisadrv - ok
14:24:05.0772 5496  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
14:24:05.0822 5496  MSiSCSI - ok
14:24:05.0822 5496  msiserver - ok
14:24:05.0842 5496  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
14:24:05.0892 5496  MSKSSRV - ok
14:24:05.0902 5496  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
14:24:05.0982 5496  MSPCLOCK - ok
14:24:06.0002 5496  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
14:24:06.0032 5496  MSPQM - ok
14:24:06.0052 5496  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
14:24:06.0072 5496  MsRPC - ok
14:24:06.0082 5496  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
14:24:06.0092 5496  mssmbios - ok
14:24:06.0102 5496  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
14:24:06.0152 5496  MSTEE - ok
14:24:06.0172 5496  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
14:24:06.0202 5496  MTConfig - ok
14:24:06.0212 5496  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
14:24:06.0222 5496  Mup - ok
14:24:06.0252 5496  [ F217D7718FD7577AF331E89910B2D21E ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
14:24:06.0272 5496  MyWiFiDHCPDNS - ok
14:24:06.0292 5496  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
14:24:06.0352 5496  napagent - ok
14:24:06.0392 5496  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
14:24:06.0412 5496  NativeWifiP - ok
14:24:06.0452 5496  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
14:24:06.0492 5496  NDIS - ok
14:24:06.0512 5496  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
14:24:06.0542 5496  NdisCap - ok
14:24:06.0562 5496  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
14:24:06.0602 5496  NdisTapi - ok
14:24:06.0622 5496  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
14:24:06.0662 5496  Ndisuio - ok
14:24:06.0682 5496  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
14:24:06.0732 5496  NdisWan - ok
14:24:06.0752 5496  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
14:24:06.0792 5496  NDProxy - ok
14:24:06.0812 5496  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
14:24:06.0872 5496  NetBIOS - ok
14:24:06.0902 5496  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
14:24:06.0952 5496  NetBT - ok
14:24:06.0982 5496  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
14:24:06.0992 5496  Netlogon - ok
14:24:07.0022 5496  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
14:24:07.0072 5496  Netman - ok
14:24:07.0092 5496  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
14:24:07.0142 5496  netprofm - ok
14:24:07.0172 5496  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:24:07.0222 5496  NetTcpPortSharing - ok
14:24:07.0392 5496  [ 9FD1BE1881446D954FF77244AE58FBCB ] NETwNs64        C:\Windows\system32\DRIVERS\NETwNs64.sys
14:24:07.0622 5496  NETwNs64 - ok
14:24:07.0652 5496  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
14:24:07.0662 5496  nfrd960 - ok
14:24:07.0692 5496  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
14:24:07.0722 5496  NlaSvc - ok
14:24:07.0742 5496  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
14:24:07.0772 5496  Npfs - ok
14:24:07.0802 5496  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
14:24:07.0872 5496  nsi - ok
14:24:07.0892 5496  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
14:24:07.0932 5496  nsiproxy - ok
14:24:08.0002 5496  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
14:24:08.0092 5496  Ntfs - ok
14:24:08.0102 5496  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
14:24:08.0142 5496  Null - ok
14:24:08.0172 5496  [ 01266516E6E88D183A2B58722EEB4443 ] nusb3hub        C:\Windows\system32\drivers\nusb3hub.sys
14:24:08.0192 5496  nusb3hub - ok
14:24:08.0222 5496  [ 5EC04F55CC5F165F21752712437DF638 ] nusb3xhc        C:\Windows\system32\drivers\nusb3xhc.sys
14:24:08.0252 5496  nusb3xhc - ok
14:24:08.0502 5496  [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:24:08.0862 5496  nvlddmkm - ok
14:24:08.0882 5496  [ 918841B2454F4F2BD94479692079490B ] nvpciflt        C:\Windows\system32\DRIVERS\nvpciflt.sys
14:24:08.0892 5496  nvpciflt - ok
14:24:08.0922 5496  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
14:24:08.0932 5496  nvraid - ok
14:24:08.0962 5496  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
14:24:08.0972 5496  nvstor - ok
14:24:09.0002 5496  [ DDFAFCE89A5C93D04712B86F94E9FCBA ] nvsvc           C:\Windows\system32\nvvsvc.exe
14:24:09.0042 5496  nvsvc - ok
14:24:09.0112 5496  [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
14:24:09.0182 5496  nvUpdatusService - ok
14:24:09.0202 5496  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
14:24:09.0212 5496  nv_agp - ok
14:24:09.0242 5496  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
14:24:09.0282 5496  ohci1394 - ok
14:24:09.0302 5496  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:24:09.0312 5496  ose - ok
14:24:09.0452 5496  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:24:09.0612 5496  osppsvc - ok
14:24:09.0642 5496  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
14:24:09.0692 5496  p2pimsvc - ok
14:24:09.0712 5496  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
14:24:09.0742 5496  p2psvc - ok
14:24:09.0752 5496  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\drivers\parport.sys
14:24:09.0782 5496  Parport - ok
14:24:09.0812 5496  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
14:24:09.0822 5496  partmgr - ok
14:24:09.0832 5496  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
14:24:09.0872 5496  PcaSvc - ok
14:24:09.0882 5496  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
14:24:09.0902 5496  pci - ok
14:24:09.0922 5496  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
14:24:09.0932 5496  pciide - ok
14:24:09.0952 5496  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
14:24:09.0972 5496  pcmcia - ok
14:24:09.0992 5496  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
14:24:10.0002 5496  pcw - ok
14:24:10.0022 5496  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
14:24:10.0072 5496  PEAUTH - ok
14:24:10.0092 5496  [ EE926C59CBD4DC4DC9FBB85014A2F1A5 ] PEGAGFN         C:\Program Files (x86)\PHotkey\PEGAGFN.sys
14:24:10.0102 5496  PEGAGFN - ok
14:24:10.0162 5496  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
14:24:10.0192 5496  PerfHost - ok
14:24:10.0222 5496  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
14:24:10.0302 5496  pla - ok
14:24:10.0352 5496  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
14:24:10.0432 5496  PlugPlay - ok
14:24:10.0442 5496  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
14:24:10.0472 5496  PNRPAutoReg - ok
14:24:10.0502 5496  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
14:24:10.0512 5496  PNRPsvc - ok
14:24:10.0542 5496  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
14:24:10.0602 5496  PolicyAgent - ok
14:24:10.0632 5496  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
14:24:10.0682 5496  Power - ok
14:24:10.0712 5496  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
14:24:10.0762 5496  PptpMiniport - ok
14:24:10.0792 5496  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
14:24:10.0812 5496  Processor - ok
14:24:10.0842 5496  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
14:24:10.0882 5496  ProfSvc - ok
14:24:10.0892 5496  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:24:10.0902 5496  ProtectedStorage - ok
14:24:10.0922 5496  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
14:24:10.0972 5496  Psched - ok
14:24:11.0022 5496  [ FB46E9A827A8799EBD7BFA9128C91F37 ] PSI             C:\Windows\system32\DRIVERS\psi_mf.sys
14:24:11.0042 5496  PSI - ok
14:24:11.0062 5496  [ 543A4EF0923BF70D126625B034EF25AF ] PSI_SVC_2       c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
14:24:11.0082 5496  PSI_SVC_2 - ok
14:24:11.0142 5496  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
14:24:11.0212 5496  ql2300 - ok
14:24:11.0222 5496  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
14:24:11.0232 5496  ql40xx - ok
14:24:11.0252 5496  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
14:24:11.0272 5496  QWAVE - ok
14:24:11.0292 5496  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
14:24:11.0322 5496  QWAVEdrv - ok
14:24:11.0342 5496  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
14:24:11.0372 5496  RasAcd - ok
14:24:11.0412 5496  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
14:24:11.0452 5496  RasAgileVpn - ok
14:24:11.0472 5496  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
14:24:11.0522 5496  RasAuto - ok
14:24:11.0542 5496  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
14:24:11.0592 5496  Rasl2tp - ok
14:24:11.0612 5496  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
14:24:11.0662 5496  RasMan - ok
14:24:11.0672 5496  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
14:24:11.0722 5496  RasPppoe - ok
14:24:11.0732 5496  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
14:24:11.0782 5496  RasSstp - ok
14:24:11.0802 5496  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
14:24:11.0852 5496  rdbss - ok
14:24:11.0882 5496  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
14:24:11.0912 5496  rdpbus - ok
14:24:11.0922 5496  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
14:24:11.0972 5496  RDPCDD - ok
14:24:11.0992 5496  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
14:24:12.0042 5496  RDPENCDD - ok
14:24:12.0062 5496  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
14:24:12.0102 5496  RDPREFMP - ok
14:24:12.0152 5496  [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
14:24:12.0202 5496  RdpVideoMiniport - ok
14:24:12.0242 5496  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
14:24:12.0302 5496  RDPWD - ok
14:24:12.0322 5496  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
14:24:12.0342 5496  rdyboost - ok
14:24:12.0402 5496  [ B9A0810D16EA7935B10A5499ABA61DC3 ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
14:24:12.0462 5496  RegSrvc - ok
14:24:12.0482 5496  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
14:24:12.0522 5496  RemoteAccess - ok
14:24:12.0542 5496  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
14:24:12.0592 5496  RemoteRegistry - ok
14:24:12.0632 5496  [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
14:24:12.0652 5496  RFCOMM - ok
14:24:12.0732 5496  [ 0B169FE016039571ECC6DB70073F8979 ] RichVideo64     C:\Program Files\CyberLink\Shared files\RichVideo64.exe
14:24:12.0762 5496  RichVideo64 - ok
14:24:12.0772 5496  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
14:24:12.0852 5496  RpcEptMapper - ok
14:24:12.0872 5496  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
14:24:12.0882 5496  RpcLocator - ok
14:24:12.0902 5496  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
14:24:12.0942 5496  RpcSs - ok
14:24:12.0962 5496  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
14:24:13.0002 5496  rspndr - ok
14:24:13.0022 5496  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
14:24:13.0032 5496  SamSs - ok
14:24:13.0042 5496  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
14:24:13.0052 5496  sbp2port - ok
14:24:13.0072 5496  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
14:24:13.0122 5496  SCardSvr - ok
14:24:13.0132 5496  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
14:24:13.0182 5496  scfilter - ok
14:24:13.0212 5496  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
14:24:13.0292 5496  Schedule - ok
14:24:13.0322 5496  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
14:24:13.0352 5496  SCPolicySvc - ok
14:24:13.0362 5496  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
14:24:13.0402 5496  SDRSVC - ok
14:24:13.0422 5496  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
14:24:13.0462 5496  secdrv - ok
14:24:13.0482 5496  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
14:24:13.0522 5496  seclogon - ok
14:24:13.0602 5496  [ 9044795E9D1A912D5F1B8DF6211850FD ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
14:24:13.0642 5496  Secunia PSI Agent - ok
14:24:13.0702 5496  [ 8B1A72E4FB63A9C068B08E1F9B70482A ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe
14:24:13.0762 5496  Secunia Update Agent - ok
14:24:13.0792 5496  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
14:24:13.0852 5496  SENS - ok
14:24:13.0882 5496  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
14:24:13.0902 5496  SensrSvc - ok
14:24:13.0932 5496  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\drivers\serenum.sys
14:24:13.0962 5496  Serenum - ok
14:24:13.0992 5496  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\drivers\serial.sys
14:24:14.0012 5496  Serial - ok
14:24:14.0052 5496  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
14:24:14.0072 5496  sermouse - ok
14:24:14.0102 5496  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
14:24:14.0152 5496  SessionEnv - ok
14:24:14.0172 5496  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
14:24:14.0192 5496  sffdisk - ok
14:24:14.0212 5496  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
14:24:14.0222 5496  sffp_mmc - ok
14:24:14.0232 5496  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
14:24:14.0252 5496  sffp_sd - ok
14:24:14.0282 5496  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
14:24:14.0302 5496  sfloppy - ok
14:24:14.0352 5496  [ C6CC9297BD53E5229653303E556AA539 ] Sftfs           C:\Windows\system32\DRIVERS\Sftfslh.sys
14:24:14.0382 5496  Sftfs - ok
14:24:14.0412 5496  [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
14:24:14.0432 5496  sftlist - ok
14:24:14.0442 5496  [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay         C:\Windows\system32\DRIVERS\Sftplaylh.sys
14:24:14.0452 5496  Sftplay - ok
14:24:14.0472 5496  [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys
14:24:14.0482 5496  Sftredir - ok
14:24:14.0482 5496  [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys
14:24:14.0492 5496  Sftvol - ok
14:24:14.0502 5496  [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
14:24:14.0522 5496  sftvsa - ok
14:24:14.0542 5496  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
14:24:14.0602 5496  SharedAccess - ok
14:24:14.0632 5496  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:24:14.0682 5496  ShellHWDetection - ok
14:24:14.0712 5496  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
14:24:14.0722 5496  SiSRaid2 - ok
14:24:14.0732 5496  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
14:24:14.0742 5496  SiSRaid4 - ok
14:24:14.0782 5496  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
14:24:14.0842 5496  Smb - ok
14:24:14.0852 5496  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
14:24:14.0892 5496  SNMPTRAP - ok
14:24:14.0902 5496  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
14:24:14.0912 5496  spldr - ok
14:24:14.0942 5496  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
14:24:14.0982 5496  Spooler - ok
14:24:15.0052 5496  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
14:24:15.0202 5496  sppsvc - ok
14:24:15.0212 5496  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
14:24:15.0252 5496  sppuinotify - ok
14:24:15.0282 5496  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
14:24:15.0322 5496  srv - ok
14:24:15.0342 5496  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
14:24:15.0372 5496  srv2 - ok
14:24:15.0382 5496  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
14:24:15.0402 5496  srvnet - ok
14:24:15.0432 5496  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
14:24:15.0482 5496  SSDPSRV - ok
14:24:15.0492 5496  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
14:24:15.0542 5496  SstpSvc - ok
14:24:15.0592 5496  [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
14:24:15.0602 5496  Stereo Service - ok
14:24:15.0622 5496  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
14:24:15.0632 5496  stexstor - ok
14:24:15.0662 5496  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
14:24:15.0692 5496  stisvc - ok
14:24:15.0702 5496  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
14:24:15.0712 5496  swenum - ok
14:24:15.0732 5496  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
14:24:15.0772 5496  swprv - ok
14:24:15.0802 5496  [ 772493A8945495F1A287BF6C4CA25B48 ] SynTP           C:\Windows\system32\drivers\SynTP.sys
14:24:15.0822 5496  SynTP - ok
14:24:15.0852 5496  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
14:24:15.0922 5496  SysMain - ok
14:24:15.0932 5496  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:24:15.0962 5496  TabletInputService - ok
14:24:15.0982 5496  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
14:24:16.0042 5496  TapiSrv - ok
14:24:16.0052 5496  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
14:24:16.0102 5496  TBS - ok
14:24:16.0192 5496  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
14:24:16.0302 5496  Tcpip - ok
14:24:16.0372 5496  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
14:24:16.0422 5496  TCPIP6 - ok
14:24:16.0442 5496  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
14:24:16.0472 5496  tcpipreg - ok
14:24:16.0492 5496  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
14:24:16.0542 5496  TDPIPE - ok
14:24:16.0572 5496  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
14:24:16.0592 5496  TDTCP - ok
14:24:16.0612 5496  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
14:24:16.0672 5496  tdx - ok
14:24:16.0692 5496  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
14:24:16.0702 5496  TermDD - ok
14:24:16.0732 5496  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
14:24:16.0792 5496  TermService - ok
14:24:16.0802 5496  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
14:24:16.0832 5496  Themes - ok
14:24:16.0862 5496  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
14:24:16.0902 5496  THREADORDER - ok
14:24:16.0912 5496  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
14:24:16.0962 5496  TrkWks - ok
14:24:17.0002 5496  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:24:17.0062 5496  TrustedInstaller - ok
14:24:17.0072 5496  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
14:24:17.0102 5496  tssecsrv - ok
14:24:17.0122 5496  [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
14:24:17.0162 5496  TsUsbFlt - ok
14:24:17.0182 5496  [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
14:24:17.0202 5496  TsUsbGD - ok
14:24:17.0252 5496  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
14:24:17.0342 5496  tunnel - ok
14:24:17.0352 5496  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
14:24:17.0372 5496  uagp35 - ok
14:24:17.0382 5496  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
14:24:17.0452 5496  udfs - ok
14:24:17.0472 5496  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
14:24:17.0502 5496  UI0Detect - ok
14:24:17.0522 5496  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
14:24:17.0532 5496  uliagpkx - ok
14:24:17.0552 5496  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
14:24:17.0582 5496  umbus - ok
14:24:17.0602 5496  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
14:24:17.0632 5496  UmPass - ok
14:24:17.0772 5496  [ FDF92EC84FECEE834FB10A2A0A19BCDA ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
14:24:17.0862 5496  UNS - ok
14:24:17.0882 5496  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
14:24:17.0922 5496  upnphost - ok
14:24:17.0942 5496  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
14:24:17.0972 5496  usbaudio - ok
14:24:17.0992 5496  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
14:24:18.0032 5496  usbccgp - ok
14:24:18.0062 5496  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
14:24:18.0092 5496  usbcir - ok
14:24:18.0112 5496  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\drivers\usbehci.sys
14:24:18.0142 5496  usbehci - ok
14:24:18.0162 5496  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\drivers\usbhub.sys
14:24:18.0192 5496  usbhub - ok
14:24:18.0212 5496  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
14:24:18.0232 5496  usbohci - ok
14:24:18.0252 5496  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\drivers\usbprint.sys
14:24:18.0282 5496  usbprint - ok
14:24:18.0292 5496  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:24:18.0332 5496  USBSTOR - ok
14:24:18.0332 5496  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
14:24:18.0362 5496  usbuhci - ok
14:24:18.0402 5496  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
14:24:18.0412 5496  usbvideo - ok
14:24:18.0462 5496  [ 7B28E2FBE75115660FAB31079C0A9F29 ] usb_rndisx      C:\Windows\system32\drivers\usb8023x.sys
14:24:18.0502 5496  usb_rndisx - ok
14:24:18.0512 5496  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
14:24:18.0562 5496  UxSms - ok
14:24:18.0582 5496  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
14:24:18.0592 5496  VaultSvc - ok
14:24:18.0592 5496  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
14:24:18.0602 5496  vdrvroot - ok
14:24:18.0622 5496  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
14:24:18.0672 5496  vds - ok
14:24:18.0712 5496  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
14:24:18.0742 5496  vga - ok
14:24:18.0752 5496  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
14:24:18.0802 5496  VgaSave - ok
14:24:18.0812 5496  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
14:24:18.0832 5496  vhdmp - ok
14:24:18.0862 5496  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
14:24:18.0872 5496  viaide - ok
14:24:18.0882 5496  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
14:24:18.0902 5496  volmgr - ok
14:24:18.0922 5496  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
14:24:18.0932 5496  volmgrx - ok
14:24:18.0962 5496  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
14:24:18.0982 5496  volsnap - ok
14:24:18.0992 5496  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
14:24:19.0002 5496  vsmraid - ok
14:24:19.0042 5496  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
14:24:19.0132 5496  VSS - ok
14:24:19.0142 5496  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
14:24:19.0172 5496  vwifibus - ok
14:24:19.0192 5496  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
14:24:19.0212 5496  vwififlt - ok
14:24:19.0232 5496  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
14:24:19.0262 5496  vwifimp - ok
14:24:19.0292 5496  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
14:24:19.0332 5496  W32Time - ok
14:24:19.0342 5496  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
14:24:19.0372 5496  WacomPen - ok
14:24:19.0392 5496  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
14:24:19.0422 5496  WANARP - ok
14:24:19.0442 5496  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
14:24:19.0472 5496  Wanarpv6 - ok
14:24:19.0512 5496  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
14:24:19.0582 5496  wbengine - ok
14:24:19.0592 5496  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
14:24:19.0632 5496  WbioSrvc - ok
14:24:19.0652 5496  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
14:24:19.0682 5496  wcncsvc - ok
14:24:19.0702 5496  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:24:19.0722 5496  WcsPlugInService - ok
14:24:19.0742 5496  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
14:24:19.0752 5496  Wd - ok
14:24:19.0782 5496  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
14:24:19.0812 5496  Wdf01000 - ok
14:24:19.0822 5496  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
14:24:19.0932 5496  WdiServiceHost - ok
14:24:19.0932 5496  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
14:24:19.0962 5496  WdiSystemHost - ok
14:24:19.0982 5496  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
14:24:20.0012 5496  WebClient - ok
14:24:20.0032 5496  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
14:24:20.0082 5496  Wecsvc - ok
14:24:20.0102 5496  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
14:24:20.0152 5496  wercplsupport - ok
14:24:20.0172 5496  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
14:24:20.0222 5496  WerSvc - ok
14:24:20.0242 5496  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
14:24:20.0282 5496  WfpLwf - ok
14:24:20.0292 5496  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
14:24:20.0302 5496  WIMMount - ok
14:24:20.0322 5496  WinDefend - ok
14:24:20.0342 5496  WinHttpAutoProxySvc - ok
14:24:20.0382 5496  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
14:24:20.0442 5496  Winmgmt - ok
14:24:20.0492 5496  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
14:24:20.0582 5496  WinRM - ok
14:24:20.0622 5496  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
14:24:20.0682 5496  Wlansvc - ok
14:24:20.0722 5496  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
14:24:20.0742 5496  wlcrasvc - ok
14:24:20.0852 5496  [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:24:20.0952 5496  wlidsvc - ok
14:24:20.0972 5496  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
14:24:21.0002 5496  WmiAcpi - ok
14:24:21.0022 5496  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
14:24:21.0062 5496  wmiApSrv - ok
14:24:21.0082 5496  WMPNetworkSvc - ok
14:24:21.0092 5496  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
14:24:21.0112 5496  WPCSvc - ok
14:24:21.0122 5496  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
14:24:21.0132 5496  WPDBusEnum - ok
14:24:21.0162 5496  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
14:24:21.0192 5496  ws2ifsl - ok
14:24:21.0212 5496  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
14:24:21.0242 5496  wscsvc - ok
14:24:21.0252 5496  WSearch - ok
14:24:21.0312 5496  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
14:24:21.0382 5496  wuauserv - ok
14:24:21.0402 5496  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
14:24:21.0422 5496  WudfPf - ok
14:24:21.0452 5496  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
14:24:21.0482 5496  WUDFRd - ok
14:24:21.0512 5496  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
14:24:21.0532 5496  wudfsvc - ok
14:24:21.0572 5496  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\Windows\System32\wwansvc.dll
14:24:21.0612 5496  WwanSvc - ok
14:24:21.0652 5496  ================ Scan global ===============================
14:24:21.0662 5496  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
14:24:21.0702 5496  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
14:24:21.0712 5496  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
14:24:21.0732 5496  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
14:24:21.0752 5496  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
14:24:21.0752 5496  [Global] - ok
14:24:21.0752 5496  ================ Scan MBR ==================================
14:24:21.0762 5496  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:24:22.0182 5496  \Device\Harddisk0\DR0 - ok
14:24:22.0182 5496  ================ Scan VBR ==================================
14:24:22.0192 5496  [ 8258BDA4AD2F287A4770B18255AEF14A ] \Device\Harddisk0\DR0\Partition1
14:24:22.0192 5496  \Device\Harddisk0\DR0\Partition1 - ok
14:24:22.0232 5496  [ A07423F1CF94CBFC342FB18D08226CE4 ] \Device\Harddisk0\DR0\Partition2
14:24:22.0232 5496  \Device\Harddisk0\DR0\Partition2 - ok
14:24:22.0272 5496  [ 741F0DF247989B217406A831BC9782F7 ] \Device\Harddisk0\DR0\Partition3
14:24:22.0272 5496  \Device\Harddisk0\DR0\Partition3 - ok
14:24:22.0272 5496  ============================================================
14:24:22.0272 5496  Scan finished
14:24:22.0272 5496  ============================================================
14:24:22.0292 5180  Detected object count: 4
14:24:22.0292 5180  Actual detected object count: 4
14:26:07.0040 5180  Bluetooth Device Monitor ( UnsignedFile.Multi.Generic ) - skipped by user
14:26:07.0040 5180  Bluetooth Device Monitor ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:26:07.0040 5180  Bluetooth Media Service ( UnsignedFile.Multi.Generic ) - skipped by user
14:26:07.0040 5180  Bluetooth Media Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:26:07.0040 5180  Bluetooth OBEX Service ( UnsignedFile.Multi.Generic ) - skipped by user
14:26:07.0040 5180  Bluetooth OBEX Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:26:07.0040 5180  GFNEXSrv ( UnsignedFile.Multi.Generic ) - skipped by user
14:26:07.0040 5180  GFNEXSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:34:38.0980 4768  Deinitialize success
         

Alt 15.06.2013, 13:53   #7
markusg
/// Malware-holic
 
Hier kommt schon wieder einer mit Perion Network / mssetup - Problem - Standard

Hier kommt schon wieder einer mit Perion Network / mssetup - Problem



Hi,
Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 15.06.2013, 14:32   #8
Hippocampus
 
Hier kommt schon wieder einer mit Perion Network / mssetup - Problem - Standard

Hier kommt schon wieder einer mit Perion Network / mssetup - Problem



Hallo, Markus,

hier das Combo-Logfile:
Code:
ATTFilter
ComboFix 13-06-13.01 - C 15.06.2013  15:03:42.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.4007.2095 [GMT 2:00]
ausgeführt von:: c:\users\H\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
c:\users\C\AppData\Roaming\.#
c:\users\C\AppData\Roaming\.#\MBX@74C@1F32740.###
c:\users\C\AppData\Roaming\.#\MBX@74C@1F32770.###
c:\users\H\AppData\Roaming\.#
c:\windows\IsUn0407.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-05-15 bis 2013-06-15  ))))))))))))))))))))))))))))))
.
.
2013-06-15 13:11 . 2013-06-15 13:11	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2013-06-15 13:11 . 2013-06-15 13:11	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-06-15 13:11 . 2013-06-15 13:11	--------	d-----w-	c:\users\C\AppData\Local\temp
2013-06-12 15:46 . 2013-05-08 06:39	1910632	----a-w-	c:\windows\system32\drivers\tcpip.sys
2013-06-12 15:28 . 2013-06-12 15:28	9089416	----a-w-	c:\windows\SysWow64\FlashPlayerInstaller.exe
2013-06-05 12:09 . 2013-06-05 12:09	--------	d-----w-	c:\users\H\AppData\Local\DoNotTrackPlus
2013-06-05 12:08 . 2013-06-05 12:08	--------	d-----w-	c:\users\H\AppData\Local\AskToolbar
2013-06-02 17:24 . 2013-06-02 17:24	--------	d-----w-	c:\users\H\AppData\Local\SpeQ Mathematics
2013-06-02 17:07 . 2013-06-02 17:07	--------	d-----w-	c:\users\C\AppData\Local\SpeQ Mathematics
2013-06-02 17:07 . 2013-06-02 17:07	--------	d-----w-	c:\program files (x86)\SpeQ Mathematics
2013-05-22 14:44 . 2013-05-22 14:44	262552	----a-w-	c:\program files (x86)\Mozilla Firefox\browser\components\browsercomps.dll
2013-05-22 14:40 . 2013-06-02 16:48	--------	d-----w-	c:\program files\CCleaner
2013-05-16 19:56 . 2013-05-16 19:57	--------	d-----w-	c:\programdata\Protexis
2013-05-16 19:56 . 2013-05-16 19:56	--------	d-----w-	c:\users\H\AppData\Roaming\Corel
2013-05-16 16:14 . 2013-05-16 16:16	--------	d-----w-	C:\afd17e3f4751294f1715ee225bf2f7c1
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-06-12 20:44 . 2011-11-03 20:34	75825640	----a-w-	c:\windows\system32\MRT.exe
2013-06-12 15:28 . 2012-04-10 07:22	692104	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-06-12 15:28 . 2011-11-07 16:44	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-05-15 17:48 . 2011-03-29 02:36	22240	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-07 12:06 . 2013-05-07 12:06	83160	----a-w-	c:\windows\system32\drivers\avnetflt.sys
2013-05-02 18:11 . 2013-05-02 18:11	95648	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-05-02 18:11 . 2012-08-25 13:26	866720	----a-w-	c:\windows\SysWow64\npDeployJava1.dll
2013-05-02 18:11 . 2011-11-07 16:45	788896	----a-w-	c:\windows\SysWow64\deployJava1.dll
2013-05-02 12:09 . 2013-05-02 12:09	311200	----a-w-	c:\windows\system32\javaws.exe
2013-05-02 12:09 . 2013-05-02 12:09	188832	----a-w-	c:\windows\system32\javaw.exe
2013-05-02 12:09 . 2013-05-02 12:09	188320	----a-w-	c:\windows\system32\java.exe
2013-05-02 12:09 . 2013-05-02 12:09	108448	----a-w-	c:\windows\system32\WindowsAccessBridge-64.dll
2013-05-02 12:09 . 2012-12-20 18:11	1092512	----a-w-	c:\windows\system32\npDeployJava1.dll
2013-05-02 12:09 . 2011-11-07 16:45	971680	----a-w-	c:\windows\system32\deployJava1.dll
2013-04-27 19:42 . 2013-04-27 19:42	163504	----a-w-	c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10144.bin
2013-04-13 05:49 . 2013-05-16 10:29	135168	----a-w-	c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49 . 2013-05-16 10:29	350208	----a-w-	c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49 . 2013-05-16 10:29	308736	----a-w-	c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49 . 2013-05-16 10:29	111104	----a-w-	c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45 . 2013-05-16 10:29	474624	----a-w-	c:\windows\apppatch\AcSpecfc.dll
2013-04-13 04:45 . 2013-05-16 10:29	2176512	----a-w-	c:\windows\apppatch\AcGenral.dll
2013-04-12 14:45 . 2013-04-24 10:47	1656680	----a-w-	c:\windows\system32\drivers\ntfs.sys
2013-04-10 06:01 . 2013-05-16 10:29	265064	----a-w-	c:\windows\system32\drivers\dxgmms1.sys
2013-04-10 06:01 . 2013-05-16 10:29	983400	----a-w-	c:\windows\system32\drivers\dxgkrnl.sys
2013-04-10 03:30 . 2013-05-16 10:29	3153920	----a-w-	c:\windows\system32\win32k.sys
2013-04-09 13:13 . 2013-05-02 12:06	110264	----a-w-	c:\windows\system32\pdfcmon.dll
2013-04-04 12:50 . 2013-04-12 13:24	25928	----a-w-	c:\windows\system32\drivers\mbam.sys
2013-03-29 15:37 . 2013-03-29 15:37	28600	----a-w-	c:\windows\system32\drivers\avkmgr.sys
2013-03-29 15:37 . 2013-03-29 15:37	130016	----a-w-	c:\windows\system32\drivers\avipbb.sys
2013-03-29 15:37 . 2013-03-29 15:37	100712	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2013-03-19 06:04 . 2013-04-10 13:13	5550424	----a-w-	c:\windows\system32\ntoskrnl.exe
2013-03-19 05:53 . 2013-05-16 10:29	48640	----a-w-	c:\windows\system32\wwanprotdim.dll
2013-03-19 05:53 . 2013-05-16 10:29	230400	----a-w-	c:\windows\system32\wwansvc.dll
2013-03-19 05:46 . 2013-04-10 13:13	43520	----a-w-	c:\windows\system32\csrsrv.dll
2013-03-19 05:04 . 2013-04-10 13:13	3968856	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04 . 2013-04-10 13:13	3913560	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47 . 2013-04-10 13:13	6656	----a-w-	c:\windows\SysWow64\apisetschema.dll
2013-03-19 03:06 . 2013-04-10 13:13	112640	----a-w-	c:\windows\system32\smss.exe
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2013-03-10 1521800]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2013-03-10 22:38	1521800	----a-w-	c:\program files (x86)\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2013-03-10 1521800]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ccleaner"="c:\program files\CCleaner\CCleaner64.exe" [2013-04-23 6070040]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2011-04-14 113288]
"Dolby Advanced Audio v2"="c:\program files (x86)\Dolby Advanced Audio v2\pcee4.exe" [2011-02-03 506712]
"Sweetpacks Communicator"="c:\program files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe" [2012-02-26 295728]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-05-07 345312]
"ApnUpdater"="c:\program files (x86)\Ask.com\Updater\Updater.exe" [2013-03-10 1644680]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS;c:\windows\SYSNATIVE\drivers\AmUStor.SYS [x]
R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
R3 btmaudio;Intel Bluetooth Audio Service;c:\windows\system32\drivers\btmaud.sys;c:\windows\SYSNATIVE\drivers\btmaud.sys [x]
R3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
R3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
R3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys;c:\windows\SYSNATIVE\drivers\intelaud.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys;c:\windows\SYSNATIVE\DRIVERS\psi_mf.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe;c:\program files (x86)\Secunia\PSI\PSIA.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R4 CyberLink PowerDVD 10 MS Monitor Service;CyberLink PowerDVD 10 MS Monitor Service;c:\program files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe;c:\program files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [x]
R4 CyberLink PowerDVD 10 MS Service;CyberLink PowerDVD 10 MS Service;c:\program files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe;c:\program files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [x]
R4 RichVideo64;Cyberlink RichVideo64 Service(CRVS);c:\program files\CyberLink\Shared files\RichVideo64.exe;c:\program files\CyberLink\Shared files\RichVideo64.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 AntiVirWebService;Avira Browser-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [x]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 CxAudMsg;Conexant Audio Message Service;c:\windows\system32\CxAudMsg64.exe;c:\windows\SYSNATIVE\CxAudMsg64.exe [x]
S2 GFNEXSrv;GFNEX Service;c:\program files (x86)\PHotkey\GFNEXSrv.exe;c:\program files (x86)\PHotkey\GFNEXSrv.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 MemeoBackgroundService;MemeoBackgroundService;c:\program files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe;c:\program files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe [x]
S2 PEGAGFN;PEGAGFN;c:\program files (x86)\PHotkey\PEGAGFN.sys;c:\program files (x86)\PHotkey\PEGAGFN.sys [x]
S2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe;c:\program files (x86)\Secunia\PSI\sua.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys;c:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\drivers\iwdbus.sys;c:\windows\SYSNATIVE\drivers\iwdbus.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys;c:\windows\SYSNATIVE\drivers\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys;c:\windows\SYSNATIVE\drivers\nusb3xhc.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 25853560
*Deregistered* - 25853560
.
Inhalt des "geplante Tasks" Ordners
.
2013-06-15 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-10 20:27]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmartAudio"="c:\program files\CONEXANT\SAII\SAIICpl.exe" [2010-12-14 316032]
"IntelPAN"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-09-16 1935120]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-05-19 10365952]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-10-03 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-10-03 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-10-03 416024]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://mystart.incredibar.com/mb139?a=6R8xNmP91U&i=26
mLocal Page = c:\windows\SysWOW64\blank.htm
LSP: c:\program files (x86)\Avira\AntiVir Desktop\avsda.dll
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\C\AppData\Roaming\Mozilla\Firefox\Profiles\9th9xc1b.default\
FF - prefs.js: browser.search.selectedEngine - Startpage HTTPS - Deutsch
FF - prefs.js: browser.startup.homepage - about:blank
FF - user.js: extensions.incredibar_i.newTab - false
FF - user.js: extensions.incredibar_i.tlbrSrchUrl - hxxp://mystart.Incredibar.com/?a=6R8xNmP91U&loc=IB_TB&i=26&search=
FF - user.js: extensions.incredibar_i.id - 948776190000000000004c809339644a
FF - user.js: extensions.incredibar_i.instlDay - 15523
FF - user.js: extensions.incredibar_i.vrsn - 1.5.11.14
FF - user.js: extensions.incredibar_i.vrsni - 1.5.11.14
FF - user.js: extensions.incredibar_i.vrsnTs - 1.5.11.1421:14
FF - user.js: extensions.incredibar_i.prtnrId - Incredibar
FF - user.js: extensions.incredibar_i.prdct - incredibar
FF - user.js: extensions.incredibar_i.aflt - orgnl
FF - user.js: extensions.incredibar_i.smplGrp - none
FF - user.js: extensions.incredibar_i.tlbrId - base
FF - user.js: extensions.incredibar_i.instlRef - 
FF - user.js: extensions.incredibar_i.dfltLng - 
FF - user.js: extensions.incredibar_i.excTlbr - false
FF - user.js: extensions.incredibar_i.ms_url_id - 
FF - user.js: extensions.incredibar_i.upn2 - 6R8xNmP91U
FF - user.js: extensions.incredibar_i.upn2n - 92824637425982338
FF - user.js: extensions.incredibar_i.productid - 26
FF - user.js: extensions.incredibar_i.installerproductid - 26
FF - user.js: extensions.incredibar_i.did - 10669
FF - user.js: extensions.incredibar_i.ppd - 123%5F1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-ALDI SÜD Mah Jong - c:\windows\system32\Uninstall ALDI SÜD Mah Jong.exe
.
.
"ImagePath"="\"c:\program files\CyberLink\Shared files\RichVideo64.exe\"\00Z
[\]^_¯\00\00¯\00\00\00\00HIJKLMNO\00\00\00\00\00\00\00\00\03\00\00\00|}~¯\00\00¯\00\00\00\00x\00\00\00\00\00\00\00\00‘’“"
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_7_700_224.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-06-15  15:23:46
ComboFix-quarantined-files.txt  2013-06-15 13:23
.
Vor Suchlauf: 9 Verzeichnis(se), 327.051.943.936 Bytes frei
Nach Suchlauf: 12 Verzeichnis(se), 326.527.102.976 Bytes frei
.
- - End Of File - - 4C991439EAD3C37995A779200393F264
D41D8CD98F00B204E9800998ECF8427E
         

Alt 15.06.2013, 15:13   #9
markusg
/// Malware-holic
 
Hier kommt schon wieder einer mit Perion Network / mssetup - Problem - Standard

Hier kommt schon wieder einer mit Perion Network / mssetup - Problem



Hi,
malwarebytes:
Downloade Dir bitte Malwarebytes
  • Installiere
    das Programm in den vorgegebenen Pfad.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Starte Malwarebytes, klicke auf Aktualisierung --> Suche
    nach Aktualisierung
  • Wenn das Update beendet wurde, aktiviere vollständiger Scan durchführen und drücke auf Scannen.
  • Wenn der Scan beendet
    ist, klicke auf Ergebnisse anzeigen.
  • Versichere Dich, dass alle Funde markiert sind und drücke Entferne Auswahl.
  • Poste
    das Logfile, welches sich in Notepad öffnet, hier in den Thread.
  • Nachträglich kannst du den Bericht unter "Log Dateien" finden.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 15.06.2013, 16:37   #10
Hippocampus
 
Hier kommt schon wieder einer mit Perion Network / mssetup - Problem - Standard

Hier kommt schon wieder einer mit Perion Network / mssetup - Problem



Hallo, Markus,

ich hatte Antimalwarebytes auf meinem Computer; allerdings ließ es sich nicht aktualisieren. Habe es daher über die Systemsteuerung gelöscht und neu installiert. Beim Erststart blieb das Programm beim Aktualisieren der Datei hängen, da ging nichts mehr weiter; ich mußte es über den Task-Manager ausschalten. Beim erneuten Starten des Programms jetzt wieder das gleiche Problem: Es läßt sich nicht aktualisieren; beim Klicken auf Update erscheint folgendes Bild (Screenshot s. Anhang). Der Button "Suche nach Aktualisierungen" ist tot. Was mach´ ich da falsch?

Tut mir leid um die Holperstelle.

Gruß

Hippocampus
Angehängte Dateien
Dateityp: pdf Screenshot.pdf (49,1 KB, 192x aufgerufen)

Alt 15.06.2013, 17:22   #11
Hippocampus
 
Hier kommt schon wieder einer mit Perion Network / mssetup - Problem - Standard

Hier kommt schon wieder einer mit Perion Network / mssetup - Problem



Hallo, Markus,

NACHTRAG: Ich habe mich auf Eurem Board in älteren Einträgen umgesehen und eine Lösung gefunden: Wenn ich Antimalware mit Rechtsklick und als Administrator starte, dann klappt´s. Dies nur vorab; sobald ich die Scans habe, stell´ ich sie herein.

Alt 15.06.2013, 17:23   #12
markusg
/// Malware-holic
 
Hier kommt schon wieder einer mit Perion Network / mssetup - Problem - Standard

Hier kommt schon wieder einer mit Perion Network / mssetup - Problem



sehr gut.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 15.06.2013, 19:50   #13
Hippocampus
 
Hier kommt schon wieder einer mit Perion Network / mssetup - Problem - Standard

Hier kommt schon wieder einer mit Perion Network / mssetup - Problem



Hier das Log von Malwarebytes:
Code:
ATTFilter
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.06.15.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16614
C :: H- [Administrator]

15.06.2013 18:24:13
mbam-log-2013-06-15 (18-24-13).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|Q:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 668520
Laufzeit: 1 Stunde(n), 49 Minute(n), 57 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
         
Sieht doch schon mal ganz gut aus ...

Alt 15.06.2013, 19:54   #14
markusg
/// Malware-holic
 
Hier kommt schon wieder einer mit Perion Network / mssetup - Problem - Standard

Hier kommt schon wieder einer mit Perion Network / mssetup - Problem



joa, und jetzt kommen wir zur Adware.

lade den CCleaner standard:
CCleaner - Download - Filepony
falls der CCleaner
bereits instaliert, überspringen.
öffnen, Tools (extras),uninstall Llist, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 15.06.2013, 20:32   #15
Hippocampus
 
Hier kommt schon wieder einer mit Perion Network / mssetup - Problem - Standard

Hier kommt schon wieder einer mit Perion Network / mssetup - Problem



Hier die Liste:

Code:
ATTFilter
Adobe AIR	Adobe Systems Incorporated	22.05.2013 3.7.0.1860 unnötig

Adobe Flash Player 11 ActiveX	Adobe Systems Incorporated	11.06.2013	6,00MB	11.7.700.224 notwendig

Adobe Flash Player 11 Plugin	Adobe Systems Incorporated	12.06.2013	6,00MB	11.7.700.224 notwendig

Alcor Micro USB Card Reader	Alcor Micro Corp.	10.11.2011	2,88MB	1.8.1217.36096 notwendig

ALDI SÜD Mah Jong		16.02.2012		unnötig
AMI VR-pulse OS Switcher	American Megatrends Inc.	07.11.2011	372KB	1.1 unbekannt

Ashampoo Burning Studio	Ashampoo GmbH & Co. KG	07.11.2011	135MB	10.0.10 notwendig
Ashampoo Photo Commander	Ashampoo GmbH & Co. KG	07.11.2011	154MB	9.2.0 notwendig
Ashampoo Photo Optimizer	Ashampoo GmbH & Co. KG	07.11.2011	57,5MB	4.0.0 notwendig
Ashampoo Snap	Ashampoo GmbH & Co. KG	07.11.2011	24,7MB	4.3.0                 notwendig

Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver	Atheros Communications Inc.	10.11.2011		1.0.0.35  unbekannt

Audacity 2.0	Audacity Team	08.04.2012	42,1MB notwendig	

Audiograbber 1.83 SE	Audiograbber Deutschland	07.08.2012		1.83 SE    	notwendig

Audiograbber MP3-Plugin (64 bit)	AG	07.08.2012		1.0  notwendig

Avira Free Antivirus	Avira	07.05.2013	122MB	13.0.0.3640 notwendig

Avira SearchFree Toolbar plus Web Protection	Ask.com	29.03.2013	9,90MB	1.15.20.0 leider notwendig wegen Avira

Avira SearchFree Toolbar plus Web Protection Updater	Ask.com	29.03.2013		1.2.4.37949  leider notwendig wegen Avira

CCleaner	Piriform	24.05.2013		4.02 notwendig

Conexant HD Audio	Conexant	10.11.2011		8.54.14.50 notwendig

Control ActiveX de Windows Live Mesh para conexiones remotas	Microsoft Corporation	07.11.2011	5,57MB	15.4.5722.2 unbekannt
Contrôle ActiveX Windows Live Mesh pour connexions à distance	Microsoft Corporation	07.11.2011	5,57MB	15.4.5722.2 unbekannt

Corel Graphics - Windows Shell Extension	Corel Corporation	16.02.2012	2,93MB	15.2.0.686  unbekannt
CorelDRAW Essentials X5	Corel Corporation	16.02.2012	3,56GB	15.2.0.686  unbekannt
CorelDRAW Essentials X5 - Extra Content	Corel Corporation	16.02.2012		unbekannt

CyberLink LabelPrint	CyberLink Corp.	17.11.2011	57,4MB	2.5.3624    	unbekannt
CyberLink MediaEspresso	CyberLink Corp.	17.11.2011	158MB	6.5.1508_36229 unbekannt
CyberLink MediaShow	CyberLink Corp.	17.11.2011	389MB	5.1.2414 unbekannt
CyberLink PhotoNow	CyberLink Corp.	17.11.2011	21,7MB	1.1.7717 	unbekannt
CyberLink Power2Go	CyberLink Corp.	17.11.2011	233MB	7.0.0.1327 	unbekannt
CyberLink PowerDirector	CyberLink Corp.	16.02.2012	379MB	9.0.0.3419a	unbekannt
CyberLink PowerDVD 10	CyberLink Corp.	17.11.2011	276MB	10.0.3510.02	unbekannt
CyberLink PowerDVD Copy	CyberLink Corp.	17.11.2011	30,9MB	1.5.1306 unbekannt
CyberLink PowerProducer	CyberLink Corp.	17.11.2011	183MB	5.0.2.3503	unbekannt
CyberLink WaveEditor	CyberLink Corp.	17.11.2011	22,7MB	1.0.1.3320	unbekannt
CyberLink YouCam 5	CyberLink Corp.	17.11.2011	317MB	5.0.1108	unbekannt

Dolby Advanced Audio v2	Dolby Laboratories Inc	15.11.2011	12,9MB	7.2.7000.4 notwendig

Eraser 6.0.10.2620	The Eraser Project	25.08.2012	2,35MB	6.0.2620	notwendig

Eumex 800 V1.30	T-Home	26.04.2012	19,2MB	1.30.0000 notwendig

FileHippo.com Update Checker		25.08.2012	notwendig	

Foxit Reader	Foxit Corporation	02.06.2013	79,8MB	6.0.3.524 notwendig

FreeCAD 0.12	Juergen Riegel (FreeCAD@juergen-riegel.net)	27.12.2012	171MB	0.12.5284	notwendig

Garmin Communicator Plugin	Garmin Ltd or its subsidiaries	25.08.2012	14,6MB	4.0.1		notwendig
Garmin Communicator Plugin x64	Garmin Ltd or its subsidiaries	25.08.2012	22,7MB	4.0.1		notwendig
Garmin TOPO Deutschland Süd v3	Garmin Ltd or its subsidiaries	15.03.2012	630MB	3.0.0.0	notwendig
Garmin USB Drivers	Garmin Ltd or its subsidiaries	25.08.2012	117KB	2.3.0.0	notwendig
Garmin WebUpdater	Garmin Ltd or its subsidiaries	15.06.2012	15,6MB	2.5.6		notwendig

Google Earth	Google	09.04.2013	173MB	7.0.3.8542	notwendig

GPS-Track-Analyse.NET 6.0		15.03.2012	6,72MB	notwendig

Intel(R) Management Engine Components	Intel Corporation	03.11.2011		7.0.0.1118 unbekannt
Intel(R) Processor Graphics	Intel Corporation	27.11.2012		9.17.10.2867	unbekannt
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology	Intel Corporation	10.11.2011	90,5MB	1.2.0.0587	unbekannt
Intel(R) PROSet/Wireless WiFi Software	Intel Corporation	10.11.2011	134MB	14.2.1000	unbekannt
Intel(R) Rapid Storage Technology	Intel Corporation	10.11.2011		10.6.0.1002	unbekannt
Intel(R) WiDi	Intel Corporation	10.11.2011	145MB	2.2.14.0	unbekannt

IrfanView (remove only)	Irfan Skiljan	28.11.2012	2,00MB	4.35	notwendig

Java 7 Update 21	Oracle	02.05.2013	129MB	7.0.210 wohl notwendig
Java 7 Update 21 (64-bit)	Oracle	02.05.2013	128MB	7.0.210 wohl notwenig

JonDo		16.02.2012		notwendig

Malwarebytes Anti-Malware Version 1.75.0.1300	Malwarebytes Corporation	15.06.2013	19,2MB	1.75.0.1300	notwendig

Medion Home Cinema	CyberLink Corp.	17.11.2011	37,2MB	8.0.3216 	unnötig

Memeo Instant Backup	Memeo Inc.	16.02.2012		4.60.0.7943	unbekannt

Microsoft .NET Framework 4 Client Profile	Microsoft Corporation	03.11.2011	38,8MB	4.0.30319	unbekannt
Microsoft Mathematics (64-Bit)	Microsoft Corporation	16.02.2012	20,1MB	4.0 notwendig
Microsoft Office 2010	Microsoft Corporation	07.11.2011	6,31MB	14.0.4763.1000	unbekannt
Microsoft Office Klick-und-Los 2010	Microsoft Corporation	17.02.2012		14.0.4763.1000	notwendig
Microsoft Office Starter 2010 - Deutsch	Microsoft Corporation	17.02.2012		14.0.4763.1000	notwendig
Microsoft PowerPoint Viewer	Microsoft Corporation	22.03.2013	155MB	14.0.6029.1000	notwendig
Microsoft Silverlight	Microsoft Corporation	13.03.2013	50,6MB	5.1.20125.0	unbekannt
Microsoft SQL Server 2005 Compact Edition [ENU]	Microsoft Corporation	07.11.2011	1,69MB	3.1.0000
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053	Microsoft Corporation	03.11.2011	260KB	8.0.50727.4053	unbekannt
Microsoft Visual C++ 2005 Redistributable	Microsoft Corporation	17.02.2012	300KB	8.0.61001	unbekannt
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17	Microsoft Corporation	10.11.2011	788KB	9.0.30729	unbekannt
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161	Microsoft Corporation	17.02.2012	788KB	9.0.30729.6161	unbekannt
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17	Microsoft Corporation	10.11.2011	596KB	9.0.30729	unbekannt
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161	Microsoft Corporation	17.02.2012	600KB	9.0.30729.6161	unbekannt
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219	Microsoft Corporation	13.05.2012	12,2MB	10.0.40219	unbekannt

Mozilla Firefox 21.0 (x86 de)	Mozilla	22.05.2013	44,5MB	21.0	 	notwendig
Mozilla Maintenance Service	Mozilla	22.05.2013	333KB	21.0	notwendig

Mp3tag v2.54	Florian Heidenreich	28.12.2012		v2.54	notwendig

MSXML 4.0 SP2 (KB973688)	Microsoft Corporation	03.11.2011	1,34MB	4.20.9876.0	unbekannt
MSXML 4.0 SP3 Parser	Microsoft Corporation	25.08.2012	1,47MB	4.30.2100.0	unbekannt
MSXML 4.0 SP3 Parser (KB2721691)	Microsoft Corporation	26.08.2012	1,53MB	4.30.2114.0	unbekannt
MSXML 4.0 SP3 Parser (KB2758694)	Microsoft Corporation	09.01.2013	1,54MB	4.30.2117.0	unbekannt

NAVIGON Fresh 3.4.1	NAVIGON	07.06.2012		3.4.1 notwendig

NVIDIA 3D Vision Treiber 306.97	NVIDIA Corporation	27.11.2012		306.97	unbekannt
NVIDIA Grafiktreiber 306.97	NVIDIA Corporation	27.11.2012		306.97	unbekannt
NVIDIA PhysX	NVIDIA Corporation	10.11.2011	78,9MB	9.10.0513	unbekannt
NVIDIA Update 1.10.8	NVIDIA Corporation	27.11.2012		1.10.8	unbekannt

PCSUITE SHREDDER	Markement GmbH	16.02.2012	21,4MB	unbekannt

PDFCreator	pdfforge	02.05.2013		1.7.0		notwenig

PHotkey	Pegatron Corporation	10.11.2011		1.00.0045	unbekannt

PlayReady PC Runtime amd64	Microsoft Corporation	16.02.2012	2,05MB	1.3.0	unbekannt

PowerDirector	CyberLink Corp.	17.11.2011	379MB	9.0.0.3419a	unbekannt

Renesas Electronics USB 3.0 Host Controller Driver	Renesas Electronics Corporation	10.11.2011	1,22MB	2.1.16.0 unbekannt

Secunia PSI (3.0.0.3001)	Secunia	25.08.2012	5,77MB	3.0.0.3001	notwendig

Spelling Dictionaries Support For Adobe Reader X	Adobe Systems Incorporated	07.11.2011	85,6MB	10.0.0	unbekannt

SpeQ Mathematics 3.4		02.06.2013		3.4	notwendig

sv.net	ITSG GmbH	20.12.2012		13.0	notwendig

Sweet Home 3D version 3.4	eTeks	20.02.2012	99,7MB	notwendig	

Synaptics Pointing Device Driver	Synaptics Incorporated	10.11.2011	46,4MB	15.3.27.1	notwendig

Update Manager for SweetPacks 1.0	SweetIM Technologies Ltd.	01.07.2012	2,48MB	1.0.0005	unbekannt

Versandhelfer	DPITS-Projekt_DHLVersandhelfer	17.12.2012		1.3	notwendig

VLC media player 2.0.6	VideoLAN	12.04.2013		2.0.6		notwendig

Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (06/03/2009 2.3.0.0)	Garmin	25.08.2012		06/03/2009 2.3.0.0	notwendig

Windows Live Essentials	Microsoft Corporation	07.11.2011		15.4.3538.0513	unbekannt
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen	Microsoft Corporation	07.11.2011	5,57MB	15.4.5722.2	unbekannt
Windows Live Mesh ActiveX Control for Remote Connections	Microsoft Corporation	07.11.2011	5,37MB	15.4.5722.2	unbekannt
Windows Live Mesh ActiveX control for remote connections	Microsoft Corporation	07.11.2011	5,57MB	15.4.5722.2	unbekannt
Windows Live Mesh ActiveX-objekt til fjernforbindelser	Microsoft Corporation	07.11.2011	5,57MB	15.4.5722.2	unbekannt
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz	Microsoft Corporation	07.11.2011	5,57MB	15.4.5722.2	unbekannt
Windows-Treiberpaket - T-Home Net  (06/30/2010 6.0.6000.16384)	T-Home	20.12.2012		06/30/2010 6.0.6000.16384	unbekannt

YTD Video Downloader 3.9.6	GreenTree Applications SRL	07.02.2013		3.9.6	notwenig
         

Antwort

Themen zu Hier kommt schon wieder einer mit Perion Network / mssetup - Problem
adobe, audiograbber, avira, downloader, error, flash player, format, google, home, homepage, iexplore.exe, install.exe, logfile, microsoft office starter 2010, mozilla, msiexec.exe, problem, programm, registry, richtlinie, rundll, scan, secunia psi, security, software, starten, svchost.exe, tcp, udp, usb, windows



Ähnliche Themen: Hier kommt schon wieder einer mit Perion Network / mssetup - Problem


  1. Problem mit wssetup Perion Network
    Plagegeister aller Art und deren Bekämpfung - 12.07.2013 (24)
  2. hat perion network ltd mit einem virus zu tun?
    Plagegeister aller Art und deren Bekämpfung - 08.07.2013 (38)
  3. wssetup.exe von Perion Network Ltd.
    Log-Analyse und Auswertung - 03.07.2013 (12)
  4. wssetup.exe von Perion Network Ltd. - OTL Log File bereits erstellt
    Log-Analyse und Auswertung - 21.06.2013 (5)
  5. wssetup von Perion Network Ltd. versucht auf meinen Computer zuzugreifen
    Plagegeister aller Art und deren Bekämpfung - 17.06.2013 (7)
  6. wssetup von perion network ltd kommt immer nach Start des PC
    Plagegeister aller Art und deren Bekämpfung - 16.06.2013 (7)
  7. Perion Network - wssetup.exe
    Plagegeister aller Art und deren Bekämpfung - 15.06.2013 (7)
  8. Perion Network
    Plagegeister aller Art und deren Bekämpfung - 15.06.2013 (1)
  9. wssetup.exe Perion Network Ltd.
    Plagegeister aller Art und deren Bekämpfung - 14.06.2013 (7)
  10. wssetup.exe Perion Network Ltd. - Hilfe, ich will das los werden!
    Log-Analyse und Auswertung - 14.06.2013 (3)
  11. Hab ich mir was eingefangen? wssetup.exe Perion Network Ltd.
    Log-Analyse und Auswertung - 11.06.2013 (10)
  12. Probleme mit wssetup.exe Perion Network Ltd.
    Log-Analyse und Auswertung - 08.06.2013 (9)
  13. wssetup.exe Perion Network Ltd.
    Plagegeister aller Art und deren Bekämpfung - 08.06.2013 (11)
  14. Habe mir wohl was eingefangen! wssetup.exe Perion Network Ltd.
    Plagegeister aller Art und deren Bekämpfung - 06.06.2013 (15)
  15. Schon wieder einer: 'TR/Skelf.A' [trojan]
    Plagegeister aller Art und deren Bekämpfung - 20.05.2012 (2)
  16. TR/Vundo.Gen-Befall...schon wieder einer!
    Mülltonne - 22.11.2007 (0)
  17. Hier Stimmt schon wieder was nicht plz help!
    Plagegeister aller Art und deren Bekämpfung - 18.03.2005 (11)

Zum Thema Hier kommt schon wieder einer mit Perion Network / mssetup - Problem - Liebe Leute, ich bin, wie ich sehe, nicht der einzige mit dem Problem: Beim Starten kommt gelegentlich die Aufforderung, das Programm wssetup.exe auszuführen. Ich habe bisher immer auf "Nein" geklickt. - Hier kommt schon wieder einer mit Perion Network / mssetup - Problem...
Archiv
Du betrachtest: Hier kommt schon wieder einer mit Perion Network / mssetup - Problem auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.