Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Perison Network Ltd will beim Computerstart berechtigung

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 17.06.2013, 17:07   #1
Nichtsofit
 
Perison Network Ltd will beim Computerstart berechtigung - Standard

Perison Network Ltd will beim Computerstart berechtigung



Hallo Zusammen,

immer wenn ich meinen PC hochfahre kommt ein Fenster mit der Frage ob ich es zulassen will das das folgende Programm Änderungen vornehmen darf:
Perison Network Ltd
wssetup.exe
Leider habe ich schon beide Optionen benutzt, "Ja" und "Nein"
Da ich hier schon darüber gelesen habe möchte ich um Hilfe bitten das Problem los zu werden.

Mein Otl sieht folgendermaßen aus:

OTL logfile created on: 17.06.2013 16:53:36 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\*****\Downloads\Problemloesung
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16614)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

5,99 Gb Total Physical Memory | 3,79 Gb Available Physical Memory | 63,18% Memory free
11,98 Gb Paging File | 9,40 Gb Available in Paging File | 78,50% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 223,47 Gb Total Space | 134,41 Gb Free Space | 60,15% Space Free | Partition Type: NTFS
Drive D: | 100,00 Mb Total Space | 70,35 Mb Free Space | 70,35% Space Free | Partition Type: NTFS
Drive E: | 596,17 Gb Total Space | 472,80 Gb Free Space | 79,31% Space Free | Partition Type: NTFS
Drive F: | 596,07 Gb Total Space | 481,89 Gb Free Space | 80,84% Space Free | Partition Type: NTFS

Computer Name: *****-PC | User Name: ***** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\*****\Downloads\Problemloesung\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Windows\SysWOW64\jmdp\stij.exe ()
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe (G Data Software AG)
PRC - C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe (G Data Software AG)
PRC - C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe (G Data Software AG)
PRC - C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe (G Data Software AG)
PRC - C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe (G Data Software AG)
PRC - C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.)
PRC - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
PRC - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung)
PRC - C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
PRC - C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 9\LiveTunerService.exe ()
PRC - C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 9\LiveTuner.exe (Ashampoo Development GmbH & Co. KG)
PRC - C:\Windows\SysWOW64\cjpcsc.exe (REINER SCT)
PRC - C:\Program Files (x86)\PureSync\PureSyncTray.exe (Jumping Bytes)
PRC - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
PRC - C:\Program Files (x86)\Marvell\storage\svc\mvraidsvc.exe (Marvell)
PRC - C:\Program Files (x86)\Marvell\storage\tray\MarvellTray.exe ()
PRC - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Marvell\storage\Apache2\bin\httpd.exe (Apache Software Foundation)
PRC - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
PRC - C:\Programme\ASUS\TurboV\TurboV.exe ()
PRC - C:\Program Files (x86)\Analog Devices\SoundMAX\SoundMAX.exe (Analog Devices, Inc.)
PRC - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe ()
PRC - C:\ASUS.SYS\CONFIG\DVMExportService.exe (DeviceVM)


========== Modules (No Company Name) ==========

MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\1c1b8d6691a13ec734b45b17f2f2e58c\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\5d5b1b0c6e8a714de39a06e3b61f35fe\System.Management.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\7d8f6866864f78cf83d3701641c46178\System.ServiceProcess.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\40c7a89fe2cbf3c12a2c39e034da54cf\System.Xaml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\6ded1c6dbf61d19f839da66c951d8fa9\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\78ecbee4a7444353dce52afb9d9d795c\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\60674dde4b56087c189f576f36f6720f\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\1f0bb5336d1706c9b8ad2330f3642760\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\9b2940478ec555990b37af5448b8f509\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\a1949f57d2ec260e09768e98fecb0559\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\fc476bbac36944e352c2f547352ffa64\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\ddc3e8c2774eaec614d6775983652980\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\93a17ba6cb6753328f25466bc0bf1cb1\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\f93dca0e4baa1dcb37cf75392b7c89da\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\6a1ccc1e1a79ce267d3d1808af382cd6\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\ppGoogleNaClPluginChrome.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\pdf.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\libglesv2.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\libegl.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\ffmpegsumo.dll ()
MOD - C:\Windows\SysWOW64\jmdp\stij.exe ()
MOD - C:\Windows\SysWOW64\jmdp\lmrn.dll ()
MOD - C:\Windows\SysWOW64\jmdp\sqlite3.dll ()
MOD - C:\Users\*****\AppData\Local\Temp\d6ebea43-a7f6-428d-ab33-ddb1ea1983ec\CliSecureRT.dll ()
MOD - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
MOD - C:\Program Files (x86)\Marvell\storage\tray\MarvellTray.exe ()
MOD - C:\Windows\SysWOW64\MvAccelerator.dll ()
MOD - C:\Programme\ASUS\TurboV\TurboV.exe ()
MOD - C:\Programme\ASUS\TurboV\OcProfile.dll ()
MOD - C:\Programme\ASUS\TurboV\TvOcLib.dll ()
MOD - C:\Programme\ASUS\TurboV\pngio.dll ()


========== Services (SafeList) ==========

SRV:64bit: - (IBUpdaterService) -- C:\Windows\SysNative\dmwu.exe ()
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (AEADIFilters) -- C:\Windows\SysNative\AEADISRV.EXE (Andrea Electronics Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (AVKWCtl) -- C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlX64.exe (G Data Software AG)
SRV - (AVKProxy) -- C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe (G Data Software AG)
SRV - (GDFwSvc) -- C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe (G Data Software AG)
SRV - (GDScan) -- C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe (G Data Software AG)
SRV - (AVKService) -- C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe (G Data Software AG)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (WO_LiveService) -- C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 9\LiveTunerService.exe ()
SRV - (cjpcsc) -- C:\Windows\SysWOW64\cjpcsc.exe (REINER SCT)
SRV - (FLEXnet Licensing Service 64) -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Acresso Software Inc.)
SRV - (LBTServ) -- C:\Programme\Common Files\Logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (Fabs) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®)
SRV - (Marvell Storage Management) -- C:\Program Files (x86)\Marvell\storage\svc\mvraidsvc.exe (Marvell)
SRV - (MSUWebService) -- C:\Program Files (x86)\Marvell\storage\Apache2\bin\httpd.exe (Apache Software Foundation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (mitsijm2011) -- C:\Programme\Autodesk\Inventor 2011\Moldflow\bin\mitsijm.exe ()
SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (DfSdkS) -- C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 9\DfsdkS64.exe (mst software GmbH, Germany)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (AsSysCtrlService) -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe ()
SRV - (MDES) -- C:\ASUS.SYS\CONFIG\DVMExportService.exe (DeviceVM)


========== Driver Services (SafeList) ==========

DRV:64bit: - (HookCentre) -- C:\Windows\SysNative\drivers\HookCentre.sys (G Data Software AG)
DRV:64bit: - (gdwfpcd) -- C:\Windows\SysNative\drivers\gdwfpcd64.sys (G Data Software AG)
DRV:64bit: - (GDMnIcpt) -- C:\Windows\SysNative\drivers\MiniIcpt.sys (G Data Software AG)
DRV:64bit: - (GDBehave) -- C:\Windows\SysNative\drivers\GDBehave.sys (G Data Software AG)
DRV:64bit: - (GRD) -- C:\Windows\SysNative\drivers\GRD.sys (G Data Software)
DRV:64bit: - (GDPkIcpt) -- C:\Windows\SysNative\drivers\PktIcpt.sys (G Data Software AG)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (ssudmdm) -- C:\Windows\SysNative\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (dg_ssudbus) -- C:\Windows\SysNative\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (tbhsd) -- C:\Windows\SysNative\drivers\tbhsd.sys (RapidSolution Software AG)
DRV:64bit: - (GdNetMon) -- C:\Windows\SysNative\drivers\GdNetMon64.sys (G Data Software AG)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (DDUSBKey) -- C:\Windows\SysNative\drivers\ddusbkey.sys ()
DRV:64bit: - (LUsbFilt) -- C:\Windows\SysNative\drivers\LUsbFilt.sys (Logitech, Inc.)
DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV:64bit: - (cjusb) -- C:\Windows\SysNative\drivers\cjusb.sys (REINER SCT)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell)
DRV:64bit: - (UimBus) -- C:\Windows\SysNative\drivers\uimx64.sys (Windows (R) 2000 DDK provider)
DRV:64bit: - (Uim_IM) -- C:\Windows\SysNative\drivers\Uim_IMx64.sys (Paragon)
DRV:64bit: - (hotcore3) -- C:\Windows\SysNative\drivers\hotcore3.sys (Paragon Software Group)
DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ASACPI.sys ()
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (ADIHdAudAddService) -- C:\Windows\SysNative\drivers\ADIHdAud.sys (Analog Devices, Inc.)
DRV:64bit: - (mv61xx) -- C:\Windows\SysNative\drivers\mv61xx.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (GearAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (GRD) -- C:\Windows\SysWOW64\drivers\GRD.sys (G Data Software)
DRV - (LiveTunerPM) -- C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 9\LiveTunerProcessMonitor64.sys ()
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {5786d022-540e-4699-b350-b4be0ae94b79} - C:\Program Files (x86)\Ashampoo_DE\prxtbAsha.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2481020&SSPV=TB_IEOB20
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = FC 46 B8 73 A7 C4 CC 01 [binary data]
IE - HKCU\..\URLSearchHook: {5786d022-540e-4699-b350-b4be0ae94b79} - C:\Program Files (x86)\Ashampoo_DE\prxtbAsha.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {698C0F3E-5915-43B5-BF45-6FE7AA91814C}
IE - HKCU\..\SearchScopes\{698C0F3E-5915-43B5-BF45-6FE7AA91814C}: "URL" = hxxp://www.google.de/search?q={searchTerms}&rlz=
IE - HKCU\..\SearchScopes\{C7107DD5-1E83-4B02-87DC-CAE501F46D34}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2481020&SSPV=TB_IEOB20
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://search.conduit.com/?ctid=CT2481020&SearchSource=13&CUI=SB_CUI"
FF - prefs.js..extensions.enabledAddons: %7BEEE6C361-6118-11DC-9C72-001320C79847%7D:1.9.0.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2481020&SearchSource=2&q="
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: ""

FF - user.js..browser.search.openintab: false

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.15.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013.05.20 18:12:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}: C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2012.01.14 14:57:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.06.01 13:10:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.06.01 13:10:58 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2011.12.27 17:59:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\Extensions
[2013.01.07 17:52:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\Firefox\Profiles\uz047bbb.default\extensions
[2013.01.07 17:52:28 | 000,190,000 | ---- | M] () (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\firefox\profiles\uz047bbb.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
[2012.12.19 17:34:04 | 000,001,052 | ---- | M] () -- C:\Users\*****\AppData\Roaming\mozilla\firefox\profiles\uz047bbb.default\searchplugins\ashampoo-de-customized-web-search.xml
[2013.06.17 15:53:14 | 000,002,120 | ---- | M] () -- C:\Users\*****\AppData\Roaming\mozilla\firefox\profiles\uz047bbb.default\searchplugins\MyStart.xml
[2012.12.10 18:07:02 | 000,003,915 | ---- | M] () -- C:\Users\*****\AppData\Roaming\mozilla\firefox\profiles\uz047bbb.default\searchplugins\sweetim.xml
[2013.06.01 13:10:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2013.06.01 13:10:58 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{googleriginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{go ogle:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParam eter}
CHR - homepage:
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - Extension: YouTube = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google-Suche = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Google Mail = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
CHR - Extension: YouTube = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google-Suche = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Google Mail = C:\Users\*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2012.01.10 18:16:57 | 000,001,794 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 adobe.activate.com
O1 - Hosts: 127.0.0.1 adobeereg.com
O1 - Hosts: 127.0.0.1 www.adobeereg.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 125.252.224.90
O1 - Hosts: 127.0.0.1 125.252.224.91
O1 - Hosts: 127.0.0.1 hl2rcv.adobe.com
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O2 - BHO: (Ashampoo DE Toolbar) - {5786d022-540e-4699-b350-b4be0ae94b79} - C:\Program Files (x86)\Ashampoo_DE\prxtbAsha.dll (Conduit Ltd.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O3 - HKLM\..\Toolbar: (Ashampoo DE Toolbar) - {5786d022-540e-4699-b350-b4be0ae94b79} - C:\Program Files (x86)\Ashampoo_DE\prxtbAsha.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Ashampoo DE Toolbar) - {5786D022-540E-4699-B350-B4BE0AE94B79} - C:\Program Files (x86)\Ashampoo_DE\prxtbAsha.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [Ashampoo WinOptimizer Live-Tuner] C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 9\LiveTuner.exe (Ashampoo Development GmbH & Co. KG)
O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [ErgoMedia] C:\Programme\KYE\ErgoMedia\SyTray.exe (KYE)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [Nvtmru] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [SoundMAX] C:\Program Files (x86)\Analog Devices\SoundMAX\soundmax.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [G Data AntiVirus Tray] C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe (G Data Software AG)
O4 - HKLM..\Run: [GDFirewallTray] C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe (G Data Software AG)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [MSUTray] C:\Program Files (x86)\Marvell\storage\tray\MarvellTray.exe ()
O4 - HKLM..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [Sweetpacks Communicator] C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [TurboV] C:\Program Files\ASUS\TurboV\TurboV.exe ()
O4 - HKCU..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup File not found
O4 - HKCU..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKCU..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung)
O4 - HKCU..\Run: [PureSync] C:\Program Files (x86)\PureSync\PureSyncTray.exe (Jumping Bytes)
O4 - HKCU..\RunOnce: [Flags] Reg Error: Invalid data type. File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: fritz.box ([]* in Local intranet)
O15 - HKCU\..Trusted Domains: fritz.repeater ([]* in Local intranet)
O15 - HKCU\..Trusted Ranges: Range1 ([*] in Local intranet)
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Trusted sites)
O15 - HKCU\..Trusted Ranges: Range1 ([https] in Trusted sites)
O15 - HKCU\..Trusted Ranges: Range2 ([*] in Local intranet)
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} hxxp://support.asus.com.tw/common/asusTek_sys_ctrl.cab (asusTek_sysctrl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{352B59ED-30C2-45D2-9D45-1598BCF07B97}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.01.31 10:55:18 | 000,000,000 | ---D | M] - E:\Auto Cad -- [ NTFS ]
O32 - AutoRun File - [2009.04.23 21:32:57 | 000,001,010 | ---- | M] () - E:\autodeskinfo.txt -- [ NTFS ]
O33 - MountPoints2\{5a7f616d-308e-11e1-8e63-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{5a7f616d-308e-11e1-8e63-806e6f6e6963}\Shell\AutoRun\command - "" = G:\.\Bin\Assetup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2021.11.06 05:12:38 | 000,207,872 | ---- | C] (TODO: <Company name>) -- C:\Windows\SysWow64\MVTrim.dll
[2013.06.07 16:44:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G Data InternetSecurity 2014
[2013.06.06 15:29:25 | 000,033,792 | ---- | C] (IncrediMail, Ltd.) -- C:\Windows\SysNative\ImHttpComm.dll
[2013.06.06 15:29:25 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\WNLT
[2013.06.06 15:29:25 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\jmdp
[2013.06.06 15:29:25 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ARFC
[2013.06.01 13:10:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox

========== Files - Modified Within 30 Days ==========

[2021.11.06 05:12:38 | 000,207,872 | ---- | M] (TODO: <Company name>) -- C:\Windows\SysWow64\MVTrim.dll
[2013.06.17 16:56:57 | 000,000,512 | ---- | M] () -- C:\Windows\SysWow64\za_mv_raid.ev
[2013.06.17 16:51:38 | 000,000,000 | ---- | M] () -- C:\Users\*****\defogger_reenable
[2013.06.17 16:46:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.06.17 16:38:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.06.17 16:33:15 | 000,000,177 | -H-- | M] () -- C:\dvmexp.idx
[2013.06.17 16:00:19 | 000,015,120 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.06.17 16:00:19 | 000,015,120 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.06.17 15:59:09 | 001,613,412 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.06.17 15:59:09 | 000,696,848 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.06.17 15:59:09 | 000,652,166 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.06.17 15:59:09 | 000,148,144 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.06.17 15:59:09 | 000,121,098 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.06.17 15:53:18 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.06.17 15:53:17 | 000,000,241 | ---- | M] () -- C:\Windows\SysWow64\mvcli.ini
[2013.06.17 15:53:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.06.13 09:57:49 | 001,590,370 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.06.07 16:44:08 | 000,001,978 | ---- | M] () -- C:\Users\Public\Desktop\G Data InternetSecurity 2014.lnk
[2013.06.07 16:44:07 | 000,065,368 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\HookCentre.sys
[2013.06.07 16:44:07 | 000,064,856 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\gdwfpcd64.sys
[2013.06.07 16:44:03 | 000,130,392 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\MiniIcpt.sys
[2013.06.07 16:44:03 | 000,060,248 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\GDBehave.sys
[2013.05.31 01:59:44 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013.05.31 01:59:44 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2013.05.30 14:34:39 | 000,001,180 | ---- | M] () -- C:\Windows\wiso.ini
[2013.05.24 08:32:15 | 000,016,944 | ---- | M] (G Data Software) -- C:\Windows\SysNative\drivers\GdPhyMem.sys
[2013.05.24 08:32:14 | 000,107,128 | ---- | M] (G Data Software) -- C:\Windows\SysNative\drivers\GRD.sys
[2013.05.24 08:09:30 | 000,062,808 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\PktIcpt.sys
[2013.05.23 12:36:40 | 001,079,445 | ---- | M] () -- C:\Windows\SysWow64\sig.bin
[2013.05.23 12:36:40 | 000,055,192 | ---- | M] () -- C:\Windows\SysWow64\nmp.map
[2013.05.21 15:31:12 | 001,447,728 | ---- | M] () -- C:\Windows\SysNative\dmwu.exe
[2013.05.21 15:30:18 | 000,033,792 | ---- | M] (IncrediMail, Ltd.) -- C:\Windows\SysNative\ImHttpComm.dll
[2013.05.21 10:32:28 | 000,002,019 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2013.05.20 18:13:00 | 000,002,026 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk

========== Files Created - No Company Name ==========

[2013.06.17 16:51:38 | 000,000,000 | ---- | C] () -- C:\Users\*****\defogger_reenable
[2013.06.06 15:29:25 | 001,447,728 | ---- | C] () -- C:\Windows\SysNative\dmwu.exe
[2013.06.01 17:09:32 | 001,590,370 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.05.31 01:59:44 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013.05.31 01:59:44 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013.05.24 08:09:26 | 000,001,978 | ---- | C] () -- C:\Users\Public\Desktop\G Data InternetSecurity 2014.lnk
[2013.05.21 10:32:28 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2013.05.21 10:32:28 | 000,002,019 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2012.11.09 16:54:27 | 000,004,096 | -H-- | C] () -- C:\Users\*****\AppData\Local\keyfile3.drm
[2012.10.22 19:07:41 | 000,000,017 | ---- | C] () -- C:\Users\*****\AppData\Local\resmon.resmoncfg
[2012.10.20 19:34:24 | 000,000,241 | ---- | C] () -- C:\Windows\SysWow64\mvcli.ini
[2012.08.17 11:22:33 | 000,038,424 | ---- | C] () -- C:\Users\*****\AppData\Roaming\Microsoft Excel 97-2003.ADR
[2012.08.17 10:44:16 | 000,038,426 | ---- | C] () -- C:\Users\*****\AppData\Roaming\Kommagetrennte Werte (Windows).ADR
[2012.07.30 14:16:20 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012.07.30 14:16:18 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2012.07.30 14:16:18 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2012.07.30 14:16:18 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2012.07.30 14:16:18 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2012.06.10 14:16:27 | 000,000,000 | ---- | C] () -- C:\Windows\CleaningLab.INI
[2012.06.10 14:11:53 | 000,010,240 | ---- | C] () -- C:\Windows\SysWow64\vidx16.dll
[2012.06.10 14:11:31 | 000,000,035 | ---- | C] () -- C:\Windows\magix.ini
[2012.06.10 13:38:07 | 000,001,464 | ---- | C] () -- C:\Users\*****\AppData\Local\RecConfig.xml
[2012.05.12 22:11:56 | 001,079,445 | ---- | C] () -- C:\Windows\SysWow64\sig.bin
[2012.02.04 17:30:10 | 000,786,504 | ---- | C] () -- C:\Windows\SysWow64\CNQ9602N.DAT
[2012.02.04 17:30:10 | 000,296,064 | ---- | C] () -- C:\Windows\SysWow64\CNQ9602W.DAT
[2011.12.28 17:13:15 | 000,001,180 | ---- | C] () -- C:\Windows\wiso.ini
[2011.12.27 17:29:10 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2011.12.27 16:01:42 | 000,000,394 | ---- | C] () -- C:\Windows\hbcikrnl.ini
[2011.12.27 16:01:14 | 000,167,936 | ---- | C] () -- C:\Windows\SysWow64\SerialXP.dll
[2011.12.27 16:01:14 | 000,027,648 | ---- | C] () -- C:\Windows\SysWow64\win32com.dll
[2011.12.27 15:56:02 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2011.12.27 15:43:27 | 000,024,576 | R--- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2011.12.27 15:43:27 | 000,013,368 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2011.12.27 15:43:25 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2011.12.27 15:43:25 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2011.12.27 15:36:22 | 000,034,727 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2011.12.27 15:36:09 | 000,025,106 | ---- | C] () -- C:\Windows\Ascd_tmp.ini

========== ZeroAccess Check ==========

[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 05:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012.12.18 18:29:31 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Ashampoo
[2012.06.10 14:08:02 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Audacity
[2012.01.11 19:34:53 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Autodesk
[2011.12.27 18:13:05 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Buhl Data Service
[2012.09.20 16:16:38 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Buhl Data Service GmbH
[2012.02.04 17:30:39 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Canon
[2011.12.28 16:20:13 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\CD-LabelPrint
[2012.12.26 15:40:05 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011.12.27 18:21:06 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\DataDesign
[2012.09.29 09:36:04 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\G Data
[2011.12.27 19:01:11 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Jumping Bytes
[2011.12.27 18:54:06 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Lasersoft Imaging
[2012.10.20 18:44:11 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Leadertech
[2012.04.15 11:09:03 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\MAGIX
[2012.01.14 15:21:04 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\PACE Anti-Piracy
[2012.10.21 17:36:49 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\PCCUStubInstaller
[2012.10.10 16:48:39 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Samsung
[2012.12.18 18:31:04 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Systweak

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:6E64BB99
@Alternate Data Stream - 1203 bytes -> C:\Users\*****\AppData\Local\DL4Tp99XK:jpAGdizm4OGSRuapM4SH0tt73N4
@Alternate Data Stream - 1125 bytes -> C:\Users\*****\AppData\Local\Temp:fHM0FpJ6Z6vChsr4OFsCRJHxjxGWy

< End of report >


OTL Extras logfile created on: 17.06.2013 15:58:45 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\*****\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16614)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

5,99 Gb Total Physical Memory | 3,69 Gb Available Physical Memory | 61,58% Memory free
11,98 Gb Paging File | 9,56 Gb Available in Paging File | 79,83% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 223,47 Gb Total Space | 134,45 Gb Free Space | 60,16% Space Free | Partition Type: NTFS
Drive D: | 100,00 Mb Total Space | 70,35 Mb Free Space | 70,35% Space Free | Partition Type: NTFS
Drive E: | 596,17 Gb Total Space | 472,86 Gb Free Space | 79,32% Space Free | Partition Type: NTFS
Drive F: | 596,07 Gb Total Space | 481,89 Gb Free Space | 80,84% Space Free | Partition Type: NTFS

Computer Name: *****-PC | User Name: ***** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2441805510-1751477841-1142050219-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01E9FF20-0E0A-428D-951B-30E32E3001D3}" = lport=10243 | protocol=6 | dir=in | app=system |
"{052BEE6F-A76B-4A34-B9F3-D06CD2DDBD95}" = lport=2869 | protocol=6 | dir=in | app=system |
"{06C69F24-3F01-4F11-A09B-AC93974C6BA9}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{14733C39-FBAA-4650-9CCB-5B2F4B613078}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1C647B67-63A1-419A-9A08-787F06168FFB}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1E18D4E3-843E-4765-B87B-F17742770B19}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{2057FC9D-887B-4B88-87B6-208C2137A1FA}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{404EE5C5-826B-4D17-B5AB-194CC20D37A8}" = lport=137 | protocol=17 | dir=in | app=system |
"{57EFEE5B-1CD9-4976-8E12-E41E3D44C3D0}" = lport=138 | protocol=17 | dir=in | app=system |
"{641DB5C0-1129-46F6-9E37-2BECCDB2C5DD}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{6F87DA7A-13B8-454C-AAAA-0864CAF64387}" = rport=139 | protocol=6 | dir=out | app=system |
"{770E9779-B49A-4777-8C37-74D2F7517FEF}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{79180D86-DF6E-4012-87E7-612ABFE02FB1}" = rport=10243 | protocol=6 | dir=out | app=system |
"{7C7C8D6E-16B9-4684-B715-3ED6F7AD43C5}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8B667C91-4948-4472-B689-AC8C0A974673}" = rport=138 | protocol=17 | dir=out | app=system |
"{95A0E1CB-71F1-4EDC-A194-DED5A23044C8}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{BE0BF730-4F37-4AAB-91BB-EFEE1F041E92}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C436D4E2-0549-473A-B420-AC9164D0AAE6}" = rport=445 | protocol=6 | dir=out | app=system |
"{C8E2B26C-35BF-4C57-9D50-57C9BE5976B5}" = lport=445 | protocol=6 | dir=in | app=system |
"{DD58D302-5A0E-44B2-A465-EC351880F449}" = rport=137 | protocol=17 | dir=out | app=system |
"{ECA0EB1D-DAF1-468D-BFB9-BF78CDF2A71C}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FDCC37BE-65E6-418E-86F2-9E0E72EEA2D8}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FDD79631-F0FE-4E5D-A209-070827BE8CDE}" = lport=139 | protocol=6 | dir=in | app=system |
"{FE038FEE-0FB5-4DF2-BCFF-E026CBA89E32}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{035BB39D-D58B-4F0B-8A61-93823C7AEAA0}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{0FF2631D-A6DD-44FF-86C2-642C37621E4D}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{103F7400-CC46-4DBD-9710-F449A98FB942}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{14E5DDFB-67A1-4FFF-B994-846B91C0DFC1}" = protocol=17 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"{1FFA24C0-627B-427E-AD3D-96F27E3130EE}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{2F023EDA-7647-4E2B-B750-474D45F6ECA1}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{3D9840CC-A8BA-4DFA-B891-90DE66BB2529}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{40B79C9D-E9F7-4E66-8280-83BC15A2BD32}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{41056411-4AF8-46B7-9030-F1B5C690541D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{414AE72A-3830-41D7-A87A-7568CF7A298B}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{4787A206-946C-470A-B594-880B1F67B7B7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4D8981C9-B122-4905-9180-1684720AD75D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5057F3C6-99A4-40AE-BE95-E80F3FE02218}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5C4C8219-3D59-46BE-B43B-5B39CE8FCD99}" = protocol=6 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"{697633FF-5A9D-4A66-9345-62A601FAED7B}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{6D20A860-4372-485B-A6AC-F10F05110D14}" = protocol=6 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe |
"{6FC1E0AC-52E3-4C35-AFB4-428A3ED13A32}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{7336D907-3D56-4974-A136-BCD9EF779FD8}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe |
"{78E1064F-12B8-4EB8-A241-B566C564CBD5}" = protocol=6 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"{80627EB3-EEA8-47D2-93F0-E36D04D18E05}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe |
"{870A9D5F-E9CB-4B1D-8FA0-46F0278425F2}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe |
"{8B21FE8A-E99A-4D8A-AEBB-3F56ED415398}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{929992D8-7FC6-4F00-B2AF-28428F0AED36}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{AA120C91-6AC1-4F63-9F25-CE530EB4112A}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{AD7393EE-09C1-4628-945A-F417CCFDED69}" = protocol=6 | dir=out | app=system |
"{B234FFD3-B35A-407A-9D5E-7A610BAFB8A4}" = protocol=17 | dir=in | app=c:\windows\syswow64\arfc\wrtc.exe |
"{B631604F-4603-4B1C-A926-3B2E3A4C9B97}" = protocol=17 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe |
"{B84930EE-5850-47FC-AAEF-87A59AD9C75A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{BE4DC64E-4EFB-4195-8A83-5F7BC708105B}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{C5DBE682-7C01-4AE8-91FD-9CBA4B1BF508}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe |
"{D3D1463B-C5F9-46C3-B35E-ABAF91CF0CB3}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D5013749-EAAE-4CE1-A1CE-9CEDB191E40A}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D595041F-D66D-45FF-8DAF-F17A8BE6F2DE}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{E1C8C0D3-A5E6-4026-8C8E-0238C856421C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E4D5DAAA-E370-4C3B-A149-48028CC6CB41}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{EE5CFFE5-9C41-47BA-90AE-805DE542C826}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{F20617D6-4A55-477E-816A-D7DBB66E2774}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP5200" = Canon iP5200
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ9602" = CanoScan 9000F Scanner Driver
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5783F2D7-9005-0407-1102-0060B0CE6BBA}" = AutoCAD Mechanical 2011 Language Pack - Deutsch
"{5783F2D7-9005-0409-0102-0060B0CE6BBA}" = AutoCAD Mechanical 2011
"{5783F2D7-9028-0409-0100-0060B0CE6BBA}" = DWG TrueView 2011
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{66C10F29-31F0-4A9B-B2CF-465F488AE086}" = CorelDRAW Graphics Suite X5 - Windows Shell Extension 64 Bit
"{7244B345-B413-408B-9D04-F55BE1CC93FA}" = Autodesk Inventor Content Center Libraries 2011 (Desktop Content)
"{7F4DD591-1564-0409-0000-7107D70F3DB4}" = Autodesk Inventor Professional 2011
"{7F4DD591-1564-0409-0001-7107D70F3DB4}" = Autodesk Inventor Professional 2011 Language Pack - Deutsch
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{ACF9459F-3585-487A-A84E-B1A3A0D12165}" = Autodesk Vault 2011 (Client)
"{ACF9459F-3585-487F-A84E-B1A3A0D12165}" = Autodesk Vault 2011 (Client) German Language Pack
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 320.18
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 320.18
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 320.18
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.5
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 320.18
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 4.11.9
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{E2EF3441-468D-4568-881E-370F22E2D49F}_is1" = PC-WELT-Win7SP2 1.0
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"AutoCAD Mechanical 2011" = AutoCAD Mechanical 2011
"Autodesk Inventor Professional 2011" = Autodesk Inventor Professional 2011 Deutsch
"CANONIJINBOXADDON100" = Canon Inkjet Printer Driver Add-On Module
"DeskProto 5.0 (64 bit)_is1" = DeskProto 5.0 (64 bit)
"DeskProto 6.0 (64 bit)_is1" = DeskProto 6.0
"DWG TrueView 2011" = DWG TrueView 2011
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"sp6" = Logitech SetPoint 6.32
"VLC media player" = VLC media player 2.0.2

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{51DD370C-6690-424E-9674-5F14468B323F}" = Corel Graphics - Windows Shell Extension
"_{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}" = CorelDRAW(R) Graphics Suite X5
"{024521CF-C07E-4F8E-8481-0D75695E03AF}" = PxMergeModule
"{02F0B8AE-7501-4333-AFBE-6BAABFEC7637}" = WISO Steuer-Sparbuch 2011
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0CC1DAFB-40C8-4903-953D-471E541477C7}" = WISO Steuer-Sparbuch 2012
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{14DC0059-00F1-4F62-BD1A-AB23CD51A95E}" = Adobe AIR
"{153F529B-694F-44D7-8C90-E9036281B3E9}" = PureSync
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1BBD8D70-721A-41AD-AC8F-7308A0C8FA92}" = Adobe Creative Suite 5 Master Collection
"{1D100F10-A39C-4970-9A6A-663EF7F9865C}" = ErgoMedia
"{1E1DFF42-2EE8-4852-A7AB-C5174321D68F}" = Paragon Backup & Recovery™ 11 Kompakt
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{24D9A3E0-D086-4B62-AF93-63CF6B05CB48}" = CorelDRAW Graphics Suite X5 - Custom Data
"{260ED378-2B8C-4831-ADAE-D0712D119AC5}" = CorelDRAW Graphics Suite X5 - VSTA
"{26945917-E053-45F6-AF98-309730CFC318}" = Visual Basic for Applications (R) Core
"{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime
"{32394A59-A39C-4C90-A9A5-F16B0C7442E1}" = Express Gate Tools
"{3472C84E-2FD0-439F-B27F-C290C1E4CD8B}" = CorelDRAW Graphics Suite X5 - Filters
"{354D00E0-C7C9-4BC1-BC12-08C4977AA827}" = SlimDX Redistributable (June 2010)
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{40D791E4-6119-4213-8E0F-4D3ACF659B2D}" = MAGIX MP3 deluxe 17
"{46B70DEB-97B3-4E38-B746-EC16905E6A8F}" = WISO Sparbuch 2010
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1
"{51DD370C-6690-424E-9674-5F14468B323F}" = Corel Graphics - Windows Shell Extension
"{54B8F4A1-02B0-4D32-8F37-925526C0EEC6}" = CorelDRAW Graphics Suite X5 - Connect
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{5545EEE4-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2701.01)
"{56B83336-FBC1-4C46-8613-90A9E3B440D6}" = EPU-6 Engine
"{57400C1E-BC51-4ECE-AD2A-A6096204DDEC}" = CorelDRAW Graphics Suite X5 - VBA
"{59123CCF-FED2-46FF-9293-D1DC80042219}" = CorelDRAW Graphics Suite X5 - Redist
"{62978C1C-FE2E-4A4E-851D-3EB406C9EBC2}" = CorelDRAW Graphics Suite X5 - Draw
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{6C5F8503-55D2-4398-858C-362B7A7AF51C}" = Firebird SQL Server - MAGIX Edition
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{7683B745-6060-41FD-AA75-0BBB383FEAD4}" = SweetIM for Messenger 3.7
"{7765322A-8601-47D3-AC60-B66677450D7B}" = G Data InternetSecurity 2014
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{8D20B4D7-3422-4099-9332-39F27E617A6F}" = Autodesk Design Review 2011
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.AccessR_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.AccessR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.AccessR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.AccessR_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.SingleImage_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91140000-0015-0000-0000-0000000FF1CE}" = Microsoft Office Access 2010
"{91140000-0015-0000-0000-0000000FF1CE}_Office14.AccessR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91B33C97-93EB-244C-F687-71D85E45A206}_is1" = Ashampoo Burning Studio 12 v.12.0.3
"{9244E956-5939-4B88-930C-0699D4AB2B95}" = CorelDRAW Graphics Suite X5 - WT
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}" = FARO LS 1.1.406.58
"{975951E7-14D0-49AF-A630-89680D12D7F6}" = Autodesk Material Library 2011 Medium Image library
"{983F7145-CABF-4EDD-9F3D-E06B2F024BD3}" = CorelDRAW Graphics Suite X5 - FontNav
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DEABCB6-B759-4D52-92F8-51B34A2B4D40}" = Autodesk Material Library 2011
"{A1B04B6B-25BB-48AD-8BD9-D31A86E89F3E}" = CorelDRAW Graphics Suite X5 - PHOTO-PAINT
"{A31951C5-DCD8-4DFE-A525-CFC701F54792}" = TurboV
"{A63717DD-1FEB-4BFF-9AB9-5381BF1AA0A2}" = MAGIX Speed burnR (MSI)
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{AC76BA86-1033-F400-7760-000000000005}" = Adobe Acrobat X Pro - English, Français, Deutsch
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.02) - Deutsch
"{AF681245-7DA0-409C-B0B7-F46C7B50F5BE}" = MAGIX Screenshare
"{B399C91E-96F2-4265-9884-1C9A10E9FCF4}" = CorelDRAW Graphics Suite X5
"{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}" = Internet Explorer Toolbar 4.6 by SweetPacks
"{CA3861BA-1D96-4D66-B577-318E1602C4F3}" = CorelDRAW Graphics Suite X5 - Common
"{CD1E078C-A6B9-47DA-B035-6365C85C7832}" = Autodesk Material Library 2011 Base Image library
"{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}" = CorelDRAW Graphics Suite X5 - Setup Files
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D596EEA2-C6C8-45D3-89DF-FA2DBE99F829}" = Visual Basic for Applications (R) Core - English
"{D642FF8D-438D-4545-A1D5-2EDB4BCAE3BA}" = CorelDRAW Graphics Suite X5 - Photozoom Plugin
"{D6CC2FAF-F827-4091-96A1-D32CC9B69C79}" = WISO Steuer-Sparbuch 2013
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DAC580DB-6629-43B9-98DD-8BABA515B958}" = WISO Mein Geld 2013 Professional
"{DBD3859D-364F-4390-ABBC-FF106F7A5CF0}" = MAGIX Mp3 Deluxe 17 Update
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DE6CBC04-8673-4DBA-BA81-07F1639CEB5F}" = CorelDRAW Graphics Suite X5 - IPM
"{E34C6AA4-AE8E-4677-912A-92FC2E039DD9}" = CorelDRAW Graphics Suite X5 - EN
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}" = Update Manager for SweetPacks 1.1
"{ED8EF3C2-FA5B-4A1E-950D-5A0227161F97}" = ArcSoft PhotoStudio 6
"{EDB98D5A-A6FB-425C-BFB7-51A0924B762D}" = CorelDRAW Graphics Suite X5 - Capture
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{FC338210-F594-11D3-BA24-00001C3AB4DF}" = cyberJack Base Components
"{FE4B83DE-85CF-4DE5-90CE-A2735A0E1F21}" = CorelDRAW Graphics Suite X5 - VideoBrowser
"5513-1208-7298-9440" = JDownloader 0.9
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Advanced Driver Updater_is1" = Advanced Driver Updater
"Ashampoo Burning Studio 2010 Advanced_is1" = Ashampoo Burning Studio 2010 Advanced 9.25
"Ashampoo Internet Accelerator 3_is1" = Ashampoo Internet Accelerator 3 v.3.20
"Ashampoo WinOptimizer 9_is1" = Ashampoo WinOptimizer 9 v.9.04.31
"Ashampoo_DE Toolbar" = Ashampoo DE Toolbar
"Autodesk Design Review 2011" = Autodesk Design Review 2011
"Autodesk Vault 2011 (Client)" = Autodesk Vault 2011 (Client)
"CanonSolutionMenu" = Canon Utilities Solution Menu
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Easy3dSim_is1" = Easy3dSim V1.0
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"Google Chrome" = Google Chrome
"Host OpenAL (ADI)" = Host OpenAL (ADI)
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"MAGIX_MSI_mp3maker_17" = MAGIX MP3 deluxe 17
"MagniDriver" = marvell 91xx driver
"Marvell Miniport Driver" = Marvell Miniport Driver
"MediaNavigation.CDLabelPrint" = CD-LabelPrint
"Mozilla Firefox 21.0 (x86 de)" = Mozilla Firefox 21.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 3.1" = Canon MP Navigator EX 3.1
"mv61xxDriver" = marvell 61xx
"mvMSU" = Marvell Storage Utility V4
"NC-EAS(Y)V3_is1" = NC-EAS(Y) V3.02
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.AccessR" = Microsoft Access 2010
"Office14.SingleImage" = Microsoft Office Home and Business 2010
"PureSync" = PureSync 3.5.0
"SilverFast CanonSDK-SE" = SilverFast CanonSDK-SE 6.6.1r5
"WISO Mein Geld 2013 Professional" = WISO Mein Geld 2013 Professional
"WNLT" = IB Updater Service

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 11.06.2013 10:10:35 | Computer Name = *****-PC | Source = Apache Service | ID = 3299
Description = The Apache service named reported the following error: >>> httpd.exe:
Could not reliably determine the server's fully qualified domain name, using 192.168.0.104
for ServerName .

Error - 12.06.2013 03:29:32 | Computer Name = *****-PC | Source = Apache Service | ID = 3299
Description = The Apache service named reported the following error: >>> httpd.exe:
Could not reliably determine the server's fully qualified domain name, using 192.168.0.104
for ServerName .

Error - 13.06.2013 03:20:37 | Computer Name = *****-PC | Source = Apache Service | ID = 3299
Description = The Apache service named reported the following error: >>> httpd.exe:
Could not reliably determine the server's fully qualified domain name, using 192.168.0.104
for ServerName .

Error - 13.06.2013 03:41:05 | Computer Name = *****-PC | Source = Apache Service | ID = 3299
Description = The Apache service named reported the following error: >>> httpd.exe:
Could not reliably determine the server's fully qualified domain name, using 192.168.0.104
for ServerName .

Error - 13.06.2013 04:07:11 | Computer Name = *****-PC | Source = Apache Service | ID = 3299
Description = The Apache service named reported the following error: >>> httpd.exe:
Could not reliably determine the server's fully qualified domain name, using 192.168.0.104
for ServerName .

Error - 13.06.2013 17:30:52 | Computer Name = *****-PC | Source = Apache Service | ID = 3299
Description = The Apache service named reported the following error: >>> httpd.exe:
Could not reliably determine the server's fully qualified domain name, using 192.168.0.104
for ServerName .

Error - 14.06.2013 03:19:35 | Computer Name = *****-PC | Source = Apache Service | ID = 3299
Description = The Apache service named reported the following error: >>> httpd.exe:
Could not reliably determine the server's fully qualified domain name, using 192.168.0.104
for ServerName .

Error - 15.06.2013 03:35:26 | Computer Name = *****-PC | Source = Apache Service | ID = 3299
Description = The Apache service named reported the following error: >>> httpd.exe:
Could not reliably determine the server's fully qualified domain name, using 192.168.0.104
for ServerName .

Error - 16.06.2013 14:59:19 | Computer Name = *****-PC | Source = Apache Service | ID = 3299
Description = The Apache service named reported the following error: >>> httpd.exe:
Could not reliably determine the server's fully qualified domain name, using 192.168.0.104
for ServerName .

Error - 17.06.2013 09:53:15 | Computer Name = *****-PC | Source = Apache Service | ID = 3299
Description = The Apache service named reported the following error: >>> httpd.exe:
Could not reliably determine the server's fully qualified domain name, using 192.168.0.104
for ServerName .

[ System Events ]
Error - 01.06.2013 10:54:17 | Computer Name = *****-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden
Fehlers nicht gestartet: %%1069

Error - 06.06.2013 10:35:53 | Computer Name = *****-PC | Source = BROWSER | ID = 8032
Description =

Error - 07.06.2013 10:34:15 | Computer Name = *****-PC | Source = DCOM | ID = 10010
Description =

Error - 10.06.2013 14:15:21 | Computer Name = *****-PC | Source = SCardSvr | ID = 610
Description =

Error - 10.06.2013 14:15:49 | Computer Name = *****-PC | Source = SCardSvr | ID = 610
Description =

Error - 10.06.2013 14:17:21 | Computer Name = *****-PC | Source = SCardSvr | ID = 610
Description =

Error - 10.06.2013 14:17:41 | Computer Name = *****-PC | Source = SCardSvr | ID = 610
Description =

Error - 13.06.2013 04:26:45 | Computer Name = *****-PC | Source = SCardSvr | ID = 610
Description =

Error - 13.06.2013 04:27:11 | Computer Name = *****-PC | Source = SCardSvr | ID = 610
Description =

Error - 15.06.2013 04:42:07 | Computer Name = *****-PC | Source = bowser | ID = 8003
Description =


< End of report >


Die GMER Datei:

GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-06-17 17:47:41
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk2\DR2 -> \Device\Ide\IdeDeviceP1T0L0-4 MKNSSDCR240GB-DX rev.330ABBF0 223,57GB
Running: gmer_2.1.19163.exe; Driver: C:\Users\*****\AppData\Local\Temp\ugloypog.sys


---- User code sections - GMER 2.1 ----

.text C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe[1752] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000763b1465 2 bytes [3B, 76]
.text C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe[1752] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000763b14bb 2 bytes [3B, 76]
.text ... * 2
.text C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[2508] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 00000000763b1465 2 bytes [3B, 76]
.text C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE[2508] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 00000000763b14bb 2 bytes [3B, 76]
.text ... * 2
.text C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 9\LiveTunerService.exe[2932] C:\Windows\syswow64\PSAPI.dll!GetModuleInformation + 69 00000000763b1465 2 bytes [3B, 76]
.text C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 9\LiveTunerService.exe[2932] C:\Windows\syswow64\PSAPI.dll!GetModuleInformation + 155 00000000763b14bb 2 bytes [3B, 76]
.text ... * 2
.text C:\Program Files (x86)\PureSync\PureSyncTray.exe[2940] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 00000000763b1465 2 bytes [3B, 76]
.text C:\Program Files (x86)\PureSync\PureSyncTray.exe[2940] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 00000000763b14bb 2 bytes [3B, 76]
.text ... * 2
.text C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe[712] C:\Windows\SysWOW64\ntdll.dll!DbgUiRemoteBreakin 000000007742f85a 1 byte [C3]
.text C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe[712] C:\Windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll!getJit + 32 0000000067649380 4 bytes [C8, 10, 01, 10]
.text C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe[712] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000763b1465 2 bytes [3B, 76]
.text C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe[712] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000763b14bb 2 bytes [3B, 76]
.text ... * 2
.text C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe[3704] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000763b1465 2 bytes [3B, 76]
.text C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe[3704] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000763b14bb 2 bytes [3B, 76]
.text ... * 2
.text C:\Windows\SysWOW64\jmdp\stij.exe[5352] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000763b1465 2 bytes [3B, 76]
.text C:\Windows\SysWOW64\jmdp\stij.exe[5352] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000763b14bb 2 bytes [3B, 76]
.text ... * 2

---- Threads - GMER 2.1 ----

Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [5616:5892] 000007fefb702a7c

---- Registry - GMER 2.1 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\eventlog\Application@Sources MSDMine?DfSdk
Reg HKLM\SYSTEM\ControlSet002\services\eventlog\Application@Sources MSDMine?DfSdk

---- EOF - GMER 2.1 ----

Von Defogger hab ich das gefunden:


defogger_disable by jpshortstuff (23.02.10.1)
Log created at 16:52 on 17/06/2013 (*****)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-


Ich hoffe es kann mir jemand hier Helfen.

Danke und Gruß Nichtsofit

Alt 17.06.2013, 17:09   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Perison Network Ltd will beim Computerstart berechtigung - Standard

Perison Network Ltd will beim Computerstart berechtigung



Zitat:
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 adobe.activate.com
O1 - Hosts: 127.0.0.1 adobeereg.com
O1 - Hosts: 127.0.0.1 Registration
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 125.252.224.90
O1 - Hosts: 127.0.0.1 125.252.224.91
Dateien, wie Crack.exe, Keygen.exe oder Patch.exe sind zu 99,9% gefährliche Schädlinge, mit denen man nicht Spaßen sollte.
Ausserdem sind diese illegal und wir unterstützen die Verwendung von geklauter Software nicht. Somit beschränkt sich der Support auf
Anleitung zum Neu aufsetzten
__________________

__________________

Alt 17.06.2013, 19:50   #3
Nichtsofit
 
Perison Network Ltd will beim Computerstart berechtigung - Standard

Perison Network Ltd will beim Computerstart berechtigung



Hey Schrauber,
danke für deine Antwort.

Gruß Nichtsofit
__________________

Alt 17.06.2013, 20:02   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Perison Network Ltd will beim Computerstart berechtigung - Standard

Perison Network Ltd will beim Computerstart berechtigung



jup.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Perison Network Ltd will beim Computerstart berechtigung
antivirus, bho, desktop, error, excel, firefox, flash player, geld, google, helper, hängen, iexplore.exe, install.exe, intranet, logfile, mp3, msiexec.exe, ntdll.dll, plug-in, problem, programm, registry, scan, security, senden, software, svchost.exe, updates, visual studio, windows




Ähnliche Themen: Perison Network Ltd will beim Computerstart berechtigung


  1. keine Ausreichende Berechtigung ... und das ist anscheinend nur die Speitze des Eisbergs
    Log-Analyse und Auswertung - 10.11.2013 (13)
  2. Adware bei Computerstart
    Plagegeister aller Art und deren Bekämpfung - 10.09.2013 (9)
  3. Windows 8: webcake + antivir Berechtigung fehlt
    Log-Analyse und Auswertung - 07.08.2013 (5)
  4. Nach Virus keine Berechtigung für externe Festplatte mehr
    Log-Analyse und Auswertung - 04.08.2013 (12)
  5. wssetup.exe von Perion erscheint nach Computerstart - wie kann ich dies entfernen
    Plagegeister aller Art und deren Bekämpfung - 06.07.2013 (14)
  6. wssetup.exe von Perion erscheint nach Computerstart
    Plagegeister aller Art und deren Bekämpfung - 12.06.2013 (9)
  7. White Screen nach Computerstart Windows Vista
    Plagegeister aller Art und deren Bekämpfung - 21.10.2012 (24)
  8. Keine Berechtigung zum Löschen/Kopieren - einziger Administrator
    Log-Analyse und Auswertung - 25.06.2012 (5)
  9. Trojan.Sirefef.FR (Bitdefender Internet Sec. 2012 sagt "Datei beim Computerstart entfernt)
    Plagegeister aller Art und deren Bekämpfung - 25.05.2012 (24)
  10. Kann nicht auf meine Programme zugreifen. Fehlende berechtigung!
    Plagegeister aller Art und deren Bekämpfung - 01.09.2011 (1)
  11. Probleme im Bereich Berechtigung / Updates von files / Zugriff
    Plagegeister aller Art und deren Bekämpfung - 24.11.2010 (1)
  12. Antivir Guard bei Computerstart immer gestoppt
    Antiviren-, Firewall- und andere Schutzprogramme - 14.11.2010 (3)
  13. Keine Berechtigung Windows 7
    Alles rund um Windows - 14.10.2010 (1)
  14. Antivir Guard bei Computerstart immer gestoppt
    Antiviren-, Firewall- und andere Schutzprogramme - 24.07.2009 (18)
  15. WE öffnet ständig bei Computerstart zwei Fenster
    Log-Analyse und Auswertung - 24.01.2009 (2)
  16. WinXP: Warum User mit eingeschränkter Berechtigung?
    Alles rund um Windows - 22.10.2008 (2)
  17. Problem mit Computerstart
    Log-Analyse und Auswertung - 19.09.2005 (1)

Zum Thema Perison Network Ltd will beim Computerstart berechtigung - Hallo Zusammen, immer wenn ich meinen PC hochfahre kommt ein Fenster mit der Frage ob ich es zulassen will das das folgende Programm Änderungen vornehmen darf: Perison Network Ltd wssetup.exe - Perison Network Ltd will beim Computerstart berechtigung...
Archiv
Du betrachtest: Perison Network Ltd will beim Computerstart berechtigung auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.