Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: tcbhn im Autostart!

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 27.02.2013, 15:39   #1
Babydi
 
tcbhn im Autostart! - Standard

tcbhn im Autostart!



Schönen guten Tag,

mein Laptop ist noch nicht alt und wurde immer langsamer und brauchte
sehr lange zum hoch und runter fahren, auch reagierte er oft nicht wie sonst,
daher habe ich mal in mein Autostart geschaut und diese tcbhn Datei gefunden.
Da ich sie nicht kannte, mal gegooglet.

Bin bei euch gelandet und habe mir auch schon
einige treads dazu durchgelesen.

Das Häckchen im Autostart habe ich entfernt und er fährt sich schneller hoch und runter,
aber weg ist des Ding ja trotdem nicht!

Da so etwas ja immer individuell zu behandeln ist, hoffe ich
auf Hilfe von euch.

Vielen Dank im voraus!

Mfg Babydi

OTL:OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 27.02.2013 16:22:20 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Di\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,86 Gb Total Physical Memory | 2,11 Gb Available Physical Memory | 54,72% Memory free
7,71 Gb Paging File | 6,08 Gb Available in Paging File | 78,86% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 450,16 Gb Total Space | 335,09 Gb Free Space | 74,44% Space Free | Partition Type: NTFS
 
Computer Name: DI-PC | User Name: Di | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Di\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
PRC - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Programme\Winamp\winampa.exe (Nullsoft, Inc.)
PRC - C:\Program Files (x86)\Online Games Manager\ogmservice.exe (RealNetworks, Inc.)
PRC - C:\Program Files (x86)\NTI\Packard Bell MyBackup\IScheduleSvc.exe (NTI Corporation)
PRC - C:\Program Files (x86)\NTI\Packard Bell MyBackup\BackupManagerTray.exe (NTI Corporation)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
PRC - C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.)
PRC - C:\Program Files (x86)\Launch Manager\LMworker.exe (Dritek System Inc.)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
PRC - C:\Programme\Packard Bell\Packard Bell Updater\UpdaterService.exe (Acer Group)
PRC - C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe (Acer Incorporated)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\7d8f6866864f78cf83d3701641c46178\System.ServiceProcess.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\40c7a89fe2cbf3c12a2c39e034da54cf\System.Xaml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\ceda881f46083cfb6356ed39e6bf9dcb\IAStorUtil.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\85a17526c326bfb377b5c2124dce39f2\IAStorCommon.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\b8e60f81fd56934c9f9da7b15bee3376\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\932901ff0ad5e365ffbe705d7459a37e\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\b519f42484e1d488662a9a8a87cb8849\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\fc476bbac36944e352c2f547352ffa64\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\8abaedf6aecb073b22f8801aa0b8babf\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\7cd4aa51f6e6b9330b8f50bba8bb62c6\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\f93dca0e4baa1dcb37cf75392b7c89da\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\6a1ccc1e1a79ce267d3d1808af382cd6\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\NTI\Packard Bell MyBackup\sqlite3.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (ogmservice) -- C:\Program Files (x86)\Online Games Manager\ogmservice.exe (RealNetworks, Inc.)
SRV - (NTI IScheduleSvc) -- C:\Program Files (x86)\NTI\Packard Bell MyBackup\IScheduleSvc.exe (NTI Corporation)
SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (ePowerSvc) -- C:\Programme\Packard Bell\Packard Bell Power Management\ePowerSvc.exe (Acer Incorporated)
SRV - (DsiWMIService) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.)
SRV - (TurboBoost) -- C:\Programme\Intel\TurboBoost\TurboBoost.exe (Intel(R) Corporation)
SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (GameConsoleService) -- C:\Program Files (x86)\Packard Bell Games\Packard Bell Game Console\GameConsoleService.exe (WildTangent, Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (Updater Service) -- C:\Programme\Packard Bell\Packard Bell Updater\UpdaterService.exe (Acer Group)
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (GREGService) -- C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe (Acer Incorporated)
SRV - (AdobeActiveFileMonitor8.0) -- c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (dg_ssudbus) -- C:\Windows\SysNative\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\drivers\nvpciflt.sys (NVIDIA Corporation)
DRV:64bit: - (ssudobex) -- C:\Windows\SysNative\drivers\ssudobex.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (ssudmdm) -- C:\Windows\SysNative\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation)
DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation)
DRV:64bit: - (dc3d) -- C:\Windows\SysNative\drivers\dc3d.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (bScsiMSa) -- C:\Windows\SysNative\drivers\bScsiMSa.sys (Broadcom Corporation)
DRV:64bit: - (bScsiSDa) -- C:\Windows\SysNative\drivers\bScsiSDa.sys (Broadcom Corporation)
DRV:64bit: - (b57xdmp) -- C:\Windows\SysNative\drivers\b57xdmp.sys (Broadcom Corporation)
DRV:64bit: - (b57xdbd) -- C:\Windows\SysNative\drivers\b57xdbd.sys (Broadcom Corporation)
DRV:64bit: - (k57nd60a) -- C:\Windows\SysNative\drivers\k57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (TurboB) -- C:\Windows\SysNative\drivers\TurboB.sys (Intel(R) Corporation)
DRV:64bit: - (nusb3xhc) -- C:\Windows\SysNative\drivers\nusb3xhc.sys (Renesas Electronics Corporation)
DRV:64bit: - (nusb3hub) -- C:\Windows\SysNative\drivers\nusb3hub.sys (Renesas Electronics Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)
DRV:64bit: - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NewTech Infosystems Corporation)
DRV - (FsUsbExDisk) -- C:\Windows\SysWOW64\FsUsbExDisk.Sys ()
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://packardbell.msn.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://packardbell.msn.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=APBTDF&pc=MAPB&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://packardbell.msn.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://packardbell.msn.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=APBTDF&pc=MAPB&src=IE-SearchBox
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://packardbell.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
IE - HKCU\..\SearchScopes,DefaultScope = {E5F4A20C-FB92-4965-A07A-ECA625355F1C}
IE - HKCU\..\SearchScopes\{4327FABE-3C22-4689-8DBF-D226CF777FE9}: "URL" = hxxp://www.searchplusnetwork.com/?sp=vit4&q={searchTerms}
IE - HKCU\..\SearchScopes\{E5F4A20C-FB92-4965-A07A-ECA625355F1C}: "URL" = hxxp://search.softonic.com/INF1205T01/tb_v1?q={searchTerms}&SearchSource=4&cc=&r=935
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..extensions.enabledAddons: toolbar%40web.de:2.1.3
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.2
FF - prefs.js..keyword.URL: "hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSource=2&cc=&q="
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_168.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_168.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.15.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.15.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}: C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.02.06 07:19:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.02.23 12:13:08 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.02.06 07:19:42 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.02.23 12:13:08 | 000,000,000 | ---D | M]
 
[2011.06.30 21:12:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Di\AppData\Roaming\mozilla\Extensions
[2012.12.22 22:53:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Di\AppData\Roaming\mozilla\Firefox\Profiles\wmm65f2g.default\extensions
[2012.06.13 14:16:37 | 000,000,000 | ---D | M] (WEB.DE MailCheck) -- C:\Users\Di\AppData\Roaming\mozilla\Firefox\Profiles\wmm65f2g.default\extensions\toolbar@web.de
[2012.06.07 12:14:36 | 000,005,489 | ---- | M] () -- C:\Users\Di\AppData\Roaming\mozilla\firefox\profiles\wmm65f2g.default\searchplugins\webde-suche.xml
[2013.02.06 07:19:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.02.06 07:19:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\distribution\extensions
[2013.02.06 07:19:39 | 000,000,000 | ---D | M] (WEB.DE MailCheck) -- C:\Program Files (x86)\mozilla firefox\distribution\extensions\toolbar@web.de
[2013.02.06 07:19:42 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.06.20 17:14:20 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2012.06.01 17:33:00 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.08.30 06:55:50 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.06.01 17:33:00 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.01 17:33:00 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.01 17:33:00 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.01 17:33:00 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome ==========
 
CHR - default_search_provider: ()
CHR - default_search_provider: search_url = 
CHR - default_search_provider: suggest_url = 
CHR - homepage: hxxp://www.searchplusnetwork.com/?sp=vit4
CHR - Extension: No name found = C:\Users\Di\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
CHR - Extension: No name found = C:\Users\Di\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
CHR - Extension: No name found = C:\Users\Di\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Browser Companion Helper Verifier) - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Program Files (x86)\BrowserCompanion\updatebhoWin32.dll ( )
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Programme\Packard Bell\Packard Bell Power Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NTI\Packard Bell MyBackup\BackupManagerTray.exe (NTI Corporation)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [WinampAgent] C:\Programme\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKCU..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKCU..\Run: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent File not found
O4 - HKCU..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup File not found
O4 - HKCU..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = [binary data]
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Di\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Di\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\Di\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Di\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 80.69.102.158 80.69.100.102
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{51446FAD-2B95-410A-BF7D-352296514E1B}: DhcpNameServer = 80.69.102.158 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6D81DF6E-CB73-4DAD-8436-0FC057F4E4E0}: DhcpNameServer = 80.69.102.158 80.69.100.102
O18:64bit: - Protocol\Handler\base64 - No CLSID value found
O18:64bit: - Protocol\Handler\chrome - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\prox - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\base64 {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll File not found
O18 - Protocol\Handler\chrome {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll File not found
O18 - Protocol\Handler\prox {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{933a07d3-b6e3-11e0-99e6-1c7508dd9fb1}\Shell - "" = AutoRun
O33 - MountPoints2\{933a07d3-b6e3-11e0-99e6-1c7508dd9fb1}\Shell\AutoRun\command - "" = E:\autorun.bat
O33 - MountPoints2\{a2ea41b2-3280-11e2-b491-1c7508dd9fb1}\Shell - "" = AutoRun
O33 - MountPoints2\{a2ea41b2-3280-11e2-b491-1c7508dd9fb1}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.02.27 00:04:27 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2013.02.26 23:46:11 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Di\Desktop\OTL.exe
[2013.02.26 23:39:43 | 000,000,000 | ---D | C] -- C:\Users\Di\AppData\Roaming\Malwarebytes
[2013.02.26 23:39:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.02.26 23:39:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.02.26 23:39:30 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.02.26 23:39:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.02.26 23:39:19 | 000,000,000 | ---D | C] -- C:\Users\Di\AppData\Local\Programs
[2013.02.26 23:15:40 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CrashDump
[2013.02.24 23:08:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2013.02.21 22:12:11 | 000,233,472 | ---- | C] (Teruten) -- C:\Windows\SysWow64\FsUsbExService.Exe
[2013.02.08 14:43:53 | 000,000,000 | ---D | C] -- C:\Users\Di\Desktop\Neuer Ordner
[2013.02.08 14:42:10 | 000,000,000 | ---D | C] -- C:\Users\Di\AppData\Roaming\EAC
[2013.02.08 14:42:05 | 000,000,000 | ---D | C] -- C:\Users\Di\AppData\Roaming\AccurateRip
[2013.02.08 14:42:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Exact Audio Copy
[2013.02.08 14:42:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Exact Audio Copy
[2013.02.08 14:37:56 | 000,000,000 | ---D | C] -- C:\Users\Di\Desktop\Vollbeat_Live from beyond Hell above heaven
[2013.02.08 14:35:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft
[2013.02.08 14:35:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft
[2013.02.08 14:24:17 | 000,000,000 | ---D | C] -- C:\Users\Di\Desktop\Handy Bilder alle vom HAndy am 08.02.13
[2013.02.06 07:42:08 | 000,102,936 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\SysNative\drivers\ssudbus.sys
[2013.02.06 07:19:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Users\Di\Desktop\*.tmp files -> C:\Users\Di\Desktop\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.02.27 16:08:54 | 000,377,856 | ---- | M] () -- C:\Users\Di\Desktop\gmer_2.1.19115.exe
[2013.02.27 15:48:21 | 000,000,000 | ---- | M] () -- C:\Users\Di\defogger_reenable
[2013.02.27 15:35:08 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.02.27 15:35:08 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.02.27 15:35:05 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.02.27 15:27:56 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.02.27 15:27:38 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.02.27 15:27:27 | 3104,722,944 | -HS- | M] () -- C:\hiberfil.sys
[2013.02.27 07:21:22 | 000,594,019 | ---- | M] () -- C:\Users\Di\Desktop\adwcleaner_2113.exe
[2013.02.26 23:46:11 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Di\Desktop\OTL.exe
[2013.02.26 23:39:31 | 000,001,121 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.02.22 12:54:12 | 001,500,294 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.02.22 12:54:12 | 000,654,852 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.02.22 12:54:12 | 000,616,694 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.02.22 12:54:12 | 000,130,434 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.02.22 12:54:12 | 000,106,816 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.02.21 22:12:44 | 000,002,014 | ---- | M] () -- C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
[2013.02.20 22:16:45 | 469,765,990 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013.02.14 11:09:25 | 000,289,144 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.02.08 14:42:01 | 000,001,082 | ---- | M] () -- C:\Users\Public\Desktop\Exact Audio Copy.lnk
[2013.02.08 14:35:50 | 000,002,240 | ---- | M] () -- C:\Users\Public\Desktop\Free Audio Converter.lnk
[2013.02.06 07:42:08 | 000,102,936 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\SysNative\drivers\ssudbus.sys
[2013.02.05 09:54:40 | 000,233,472 | ---- | M] (Teruten) -- C:\Windows\SysWow64\FsUsbExService.Exe
[2013.02.05 09:54:40 | 000,037,344 | ---- | M] () -- C:\Windows\SysWow64\FsUsbExDisk.Sys
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Users\Di\Desktop\*.tmp files -> C:\Users\Di\Desktop\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.02.27 16:08:54 | 000,377,856 | ---- | C] () -- C:\Users\Di\Desktop\gmer_2.1.19115.exe
[2013.02.27 15:48:21 | 000,000,000 | ---- | C] () -- C:\Users\Di\defogger_reenable
[2013.02.27 07:21:21 | 000,594,019 | ---- | C] () -- C:\Users\Di\Desktop\adwcleaner_2113.exe
[2013.02.26 23:39:31 | 000,001,121 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.02.21 22:12:44 | 000,002,014 | ---- | C] () -- C:\Users\Public\Desktop\Samsung Kies (Lite).lnk
[2013.02.21 22:12:11 | 000,110,592 | ---- | C] () -- C:\Windows\SysWow64\FsUsbExDevice.Dll
[2013.02.21 22:12:11 | 000,037,344 | ---- | C] () -- C:\Windows\SysWow64\FsUsbExDisk.Sys
[2013.02.20 22:16:45 | 469,765,990 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2013.02.08 14:42:01 | 000,001,082 | ---- | C] () -- C:\Users\Public\Desktop\Exact Audio Copy.lnk
[2013.02.08 14:35:50 | 000,002,240 | ---- | C] () -- C:\Users\Public\Desktop\Free Audio Converter.lnk
[2013.01.03 23:17:33 | 003,076,414 | ---- | C] () -- C:\Users\Di\20121213_090918.jpg
[2012.12.28 19:04:44 | 000,268,952 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.12.28 19:04:28 | 000,682,280 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2012.12.28 19:04:28 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012.12.18 10:06:10 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012.12.15 23:46:47 | 002,784,655 | ---- | C] () -- C:\Users\Di\20121114_200902.jpg
[2012.12.15 23:46:46 | 003,467,164 | ---- | C] () -- C:\Users\Di\20121114_201414.jpg
[2012.12.15 23:46:46 | 003,330,043 | ---- | C] () -- C:\Users\Di\20121114_201605.jpg
[2012.12.15 23:46:46 | 003,178,632 | ---- | C] () -- C:\Users\Di\20121114_201122.jpg
[2012.12.15 23:46:46 | 003,055,920 | ---- | C] () -- C:\Users\Di\20121114_201052.jpg
[2012.12.15 23:46:46 | 002,943,716 | ---- | C] () -- C:\Users\Di\20121114_201209.jpg
[2012.10.28 13:50:57 | 000,003,584 | ---- | C] () -- C:\Users\Di\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.10.20 16:28:58 | 002,404,124 | ---- | C] () -- C:\Users\Di\Scannen0003.jpg
[2012.10.03 13:28:22 | 000,007,598 | ---- | C] () -- C:\Users\Di\AppData\Local\Resmon.ResmonCfg
[2012.02.28 21:06:38 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2011.10.16 16:08:22 | 000,000,112 | ---- | C] () -- C:\Windows\Podcasts.INI
[2011.09.16 11:54:44 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2011.09.16 11:54:44 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2011.09.16 11:54:44 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2011.09.16 11:54:44 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2011.08.19 16:44:49 | 001,527,912 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.06.30 15:56:38 | 000,107,132 | ---- | C] () -- C:\Windows\UninstallFirefox.exe
[2011.06.30 15:56:38 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011.06.30 15:56:33 | 000,002,348 | ---- | C] () -- C:\Windows\mozver.dat
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2011.07.01 10:56:10 | 000,000,000 | ---D | M] -- C:\Users\Di\AppData\Roaming\ACD Systems
[2012.08.03 16:17:48 | 000,000,000 | ---D | M] -- C:\Users\Di\AppData\Roaming\Alawar Stargaze
[2012.08.03 14:58:44 | 000,000,000 | ---D | M] -- C:\Users\Di\AppData\Roaming\AlawarEntertainment
[2012.03.06 22:23:21 | 000,000,000 | ---D | M] -- C:\Users\Di\AppData\Roaming\Arkadium
[2013.02.26 23:58:59 | 000,000,000 | ---D | M] -- C:\Users\Di\AppData\Roaming\BrowserCompanion
[2012.11.08 23:47:16 | 000,000,000 | ---D | M] -- C:\Users\Di\AppData\Roaming\Crown
[2012.06.15 13:38:55 | 000,000,000 | ---D | M] -- C:\Users\Di\AppData\Roaming\DieselPuppet
[2013.02.08 14:35:43 | 000,000,000 | ---D | M] -- C:\Users\Di\AppData\Roaming\DVDVideoSoft
[2012.11.08 20:40:18 | 000,000,000 | ---D | M] -- C:\Users\Di\AppData\Roaming\DVDVideoSoftIEHelpers
[2013.02.08 14:42:11 | 000,000,000 | ---D | M] -- C:\Users\Di\AppData\Roaming\EAC
[2011.07.27 17:03:17 | 000,000,000 | ---D | M] -- C:\Users\Di\AppData\Roaming\GestaltGames
[2011.09.20 12:55:39 | 000,000,000 | ---D | M] -- C:\Users\Di\AppData\Roaming\HomeMedia
[2011.07.27 17:53:59 | 000,000,000 | ---D | M] -- C:\Users\Di\AppData\Roaming\JoyBits
[2012.10.30 22:00:56 | 000,000,000 | ---D | M] -- C:\Users\Di\AppData\Roaming\Meridian93
[2012.12.16 21:18:52 | 000,000,000 | ---D | M] -- C:\Users\Di\AppData\Roaming\My Games
[2012.11.14 21:38:53 | 000,000,000 | ---D | M] -- C:\Users\Di\AppData\Roaming\Mystery of Mortlake Mansion
[2012.08.08 20:11:24 | 000,000,000 | ---D | M] -- C:\Users\Di\AppData\Roaming\Phantasmat_intenium_se
[2012.02.28 21:42:01 | 000,000,000 | ---D | M] -- C:\Users\Di\AppData\Roaming\PlayFirst
[2012.07.07 16:05:34 | 000,000,000 | ---D | M] -- C:\Users\Di\AppData\Roaming\PlayPond
[2012.09.11 19:15:12 | 000,000,000 | ---D | M] -- C:\Users\Di\AppData\Roaming\Samsung
[2011.10.06 20:08:49 | 000,000,000 | ---D | M] -- C:\Users\Di\AppData\Roaming\SNS
[2013.02.19 15:32:18 | 000,000,000 | ---D | M] -- C:\Users\Di\AppData\Roaming\SoftGrid Client
[2012.06.16 18:07:28 | 000,000,000 | ---D | M] -- C:\Users\Di\AppData\Roaming\Temp
[2011.08.19 16:45:49 | 000,000,000 | ---D | M] -- C:\Users\Di\AppData\Roaming\TP
[2011.06.30 16:27:34 | 000,000,000 | ---D | M] -- C:\Users\Di\AppData\Roaming\WildTangent
[2012.11.10 22:26:12 | 000,000,000 | ---D | M] -- C:\Users\Di\AppData\Roaming\Windows Live Writer
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 143 bytes -> C:\ProgramData\Temp:D987CB43
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:7ADB695A
 
< End of report >
         
--- --- ---

einen Extra.txt habe ich leider nicht gefunden!


Gmer:
GMER Logfile:
Code:
ATTFilter
GMER 2.1.19115 - hxxp://www.gmer.net
Rootkit scan 2013-02-27 16:19:54
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 WDC_WD50 rev.01.0 465,76GB
Running: gmer_2.1.19115.exe; Driver: C:\Users\Di\AppData\Local\Temp\pxtdapoc.sys
 
 
---- User code sections - GMER 2.1 ----
 
.text C:\Program Files (x86)\NTI\Packard Bell MyBackup\IScheduleSvc.exe[1860] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000750b1465 2 bytes [0B, 75]
.text C:\Program Files (x86)\NTI\Packard Bell MyBackup\IScheduleSvc.exe[1860] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000750b14bb 2 bytes [0B, 75]
.text ... * 2
.text C:\Program Files (x86)\Online Games Manager\ogmservice.exe[1900] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000750b1465 2 bytes [0B, 75]
.text C:\Program Files (x86)\Online Games Manager\ogmservice.exe[1900] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000750b14bb 2 bytes [0B, 75]
.text ... * 2
.text C:\Windows\SysWOW64\PnkBstrA.exe[1964] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 322 0000000071221a22 2 bytes [22, 71]
.text C:\Windows\SysWOW64\PnkBstrA.exe[1964] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 496 0000000071221ad0 2 bytes [22, 71]
.text C:\Windows\SysWOW64\PnkBstrA.exe[1964] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 552 0000000071221b08 2 bytes [22, 71]
.text C:\Windows\SysWOW64\PnkBstrA.exe[1964] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 730 0000000071221bba 2 bytes [22, 71]
.text C:\Windows\SysWOW64\PnkBstrA.exe[1964] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 762 0000000071221bda 2 bytes [22, 71]
.text C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[2524] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000750b1465 2 bytes [0B, 75]
.text C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[2524] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000750b14bb 2 bytes [0B, 75]
.text ... * 2
.text C:\Program Files (x86)\Samsung\Kies\Kies.exe[3708] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000750b1465 2 bytes [0B, 75]
.text C:\Program Files (x86)\Samsung\Kies\Kies.exe[3708] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000750b14bb 2 bytes [0B, 75]
.text ... * 2
.text C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe[3720] C:\Windows\SysWOW64\ntdll.dll!DbgBreakPoint 0000000076ec000c 1 byte [C3]
.text C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe[3720] C:\Windows\SysWOW64\ntdll.dll!DbgUiRemoteBreakin 0000000076f4f85a 5 bytes JMP 0000000176efd571
.text C:\Program Files (x86)\NTI\Packard Bell MyBackup\BackupManagerTray.exe[3248] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000750b1465 2 bytes [0B, 75]
.text C:\Program Files (x86)\NTI\Packard Bell MyBackup\BackupManagerTray.exe[3248] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000750b14bb 2 bytes [0B, 75]
.text ... * 2
.text C:\Program Files (x86)\Launch Manager\LManager.exe[1676] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000750b1465 2 bytes [0B, 75]
.text C:\Program Files (x86)\Launch Manager\LManager.exe[1676] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000750b14bb 2 bytes [0B, 75]
.text ... * 2
.text C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe[3348] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000750b1465 2 bytes [0B, 75]
.text C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe[3348] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000750b14bb 2 bytes [0B, 75]
.text ... * 2
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[1520] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000750b1465 2 bytes [0B, 75]
.text C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe[1520] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000750b14bb 2 bytes [0B, 75]
.text ... * 2
 
---- EOF - GMER 2.1 ----
         
--- --- ---

Alt 27.02.2013, 15:42   #2
markusg
/// Malware-holic
 
tcbhn im Autostart! - Standard

tcbhn im Autostart!



hi wohin zeigt der dateipfad im autostart?
__________________

__________________

Alt 27.02.2013, 15:51   #3
Babydi
 
tcbhn im Autostart! - Standard

tcbhn im Autostart!



Hy,

C:\Users\Di\AppData\Roaming\BROWSE~1\tbhcn.exe-interval=10 -IEsearch=0-FFhome=0
-FFsearch=0 -CHhome=0 -CHsearch=0 -pubId=ginyas_377 -affId=g377_sfexp_de
__________________

Alt 27.02.2013, 16:18   #4
markusg
/// Malware-holic
 
tcbhn im Autostart! - Standard

tcbhn im Autostart!



ok danke
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 27.02.2013, 16:33   #5
Babydi
 
tcbhn im Autostart! - Standard

tcbhn im Autostart!



17:29:41.0182 5344 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
17:29:41.0244 5344 ============================================================
17:29:41.0244 5344 Current date / time: 2013/02/27 17:29:41.0244
17:29:41.0244 5344 SystemInfo:
17:29:41.0244 5344
17:29:41.0244 5344 OS Version: 6.1.7601 ServicePack: 1.0
17:29:41.0244 5344 Product type: Workstation
17:29:41.0244 5344 ComputerName: DI-PC
17:29:41.0244 5344 UserName: Di
17:29:41.0244 5344 Windows directory: C:\Windows
17:29:41.0244 5344 System windows directory: C:\Windows
17:29:41.0244 5344 Running under WOW64
17:29:41.0244 5344 Processor architecture: Intel x64
17:29:41.0244 5344 Number of processors: 4
17:29:41.0244 5344 Page size: 0x1000
17:29:41.0244 5344 Boot type: Normal boot
17:29:41.0244 5344 ============================================================
17:29:41.0696 5344 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:29:41.0696 5344 ============================================================
17:29:41.0696 5344 \Device\Harddisk0\DR0:
17:29:41.0696 5344 MBR partitions:
17:29:41.0696 5344 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1F00800, BlocksNum 0x32000
17:29:41.0696 5344 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1F32800, BlocksNum 0x38453000
17:29:41.0696 5344 ============================================================
17:29:41.0728 5344 C: <-> \Device\Harddisk0\DR0\Partition2
17:29:41.0728 5344 ============================================================
17:29:41.0728 5344 Initialize success
17:29:41.0728 5344 ============================================================
17:29:47.0718 5412 ============================================================
17:29:47.0718 5412 Scan started
17:29:47.0718 5412 Mode: Manual; SigCheck; TDLFS;
17:29:47.0718 5412 ============================================================
17:29:48.0170 5412 ================ Scan system memory ========================
17:29:48.0170 5412 System memory - ok
17:29:48.0170 5412 ================ Scan services =============================
17:29:48.0467 5412 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
17:29:48.0529 5412 1394ohci - ok
17:29:48.0576 5412 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
17:29:48.0592 5412 ACPI - ok
17:29:48.0654 5412 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
17:29:48.0732 5412 AcpiPmi - ok
17:29:48.0841 5412 [ 34400005DE52842C4D6D4EE978B4D7CE ] AdobeActiveFileMonitor8.0 c:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
17:29:48.0857 5412 AdobeActiveFileMonitor8.0 - ok
17:29:48.0966 5412 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:29:48.0966 5412 AdobeARMservice - ok
17:29:49.0013 5412 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
17:29:49.0028 5412 adp94xx - ok
17:29:49.0060 5412 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
17:29:49.0075 5412 adpahci - ok
17:29:49.0091 5412 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
17:29:49.0091 5412 adpu320 - ok
17:29:49.0169 5412 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:29:49.0309 5412 AeLookupSvc - ok
17:29:49.0372 5412 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
17:29:49.0418 5412 AFD - ok
17:29:49.0465 5412 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
17:29:49.0481 5412 agp440 - ok
17:29:49.0496 5412 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
17:29:49.0543 5412 ALG - ok
17:29:49.0574 5412 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
17:29:49.0574 5412 aliide - ok
17:29:49.0590 5412 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
17:29:49.0606 5412 amdide - ok
17:29:49.0621 5412 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
17:29:49.0637 5412 AmdK8 - ok
17:29:49.0652 5412 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
17:29:49.0668 5412 AmdPPM - ok
17:29:49.0699 5412 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
17:29:49.0715 5412 amdsata - ok
17:29:49.0746 5412 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
17:29:49.0762 5412 amdsbs - ok
17:29:49.0777 5412 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:29:49.0777 5412 amdxata - ok
17:29:49.0933 5412 [ 459465DA28E49B358ECFE0D788F328F4 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
17:29:49.0933 5412 AntiVirSchedulerService - ok
17:29:50.0011 5412 [ BCDD17E8469D647A71B347C4B6F86685 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
17:29:50.0011 5412 AntiVirService - ok
17:29:50.0089 5412 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
17:29:50.0120 5412 AppID - ok
17:29:50.0167 5412 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:29:50.0230 5412 AppIDSvc - ok
17:29:50.0308 5412 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
17:29:50.0339 5412 Appinfo - ok
17:29:50.0417 5412 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
17:29:50.0417 5412 arc - ok
17:29:50.0432 5412 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
17:29:50.0448 5412 arcsas - ok
17:29:50.0464 5412 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:29:50.0495 5412 AsyncMac - ok
17:29:50.0557 5412 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
17:29:50.0557 5412 atapi - ok
17:29:50.0635 5412 [ C8679A07267F030704168E45E27C3D43 ] athr C:\Windows\system32\DRIVERS\athrx.sys
17:29:50.0744 5412 athr - ok
17:29:50.0791 5412 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:29:50.0854 5412 AudioEndpointBuilder - ok
17:29:50.0869 5412 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
17:29:50.0900 5412 AudioSrv - ok
17:29:50.0963 5412 [ BFE9598EBC3934CF8D876A303849C896 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
17:29:50.0978 5412 avgntflt - ok
17:29:51.0010 5412 [ F74D86A9FB35FA5F24627B8DBBF3A9A4 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
17:29:51.0010 5412 avipbb - ok
17:29:51.0041 5412 [ CD0E732347BF09717E0BDDC0C66699AB ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
17:29:51.0056 5412 avkmgr - ok
17:29:51.0103 5412 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:29:51.0181 5412 AxInstSV - ok
17:29:51.0244 5412 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
17:29:51.0290 5412 b06bdrv - ok
17:29:51.0337 5412 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
17:29:51.0368 5412 b57nd60a - ok
17:29:51.0400 5412 [ 2618E15514736FB469B105CE729B6D9D ] b57xdbd C:\Windows\system32\DRIVERS\b57xdbd.sys
17:29:51.0400 5412 b57xdbd - ok
17:29:51.0415 5412 [ BABA4F0E2978B69B4E0B260EF7150DD6 ] b57xdmp C:\Windows\system32\DRIVERS\b57xdmp.sys
17:29:51.0431 5412 b57xdmp - ok
17:29:51.0462 5412 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
17:29:51.0509 5412 BDESVC - ok
17:29:51.0524 5412 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
17:29:51.0556 5412 Beep - ok
17:29:51.0649 5412 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
17:29:51.0727 5412 BFE - ok
17:29:51.0805 5412 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
17:29:51.0868 5412 BITS - ok
17:29:51.0899 5412 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
17:29:51.0930 5412 blbdrive - ok
17:29:51.0961 5412 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:29:52.0008 5412 bowser - ok
17:29:52.0039 5412 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:29:52.0086 5412 BrFiltLo - ok
17:29:52.0086 5412 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:29:52.0149 5412 BrFiltUp - ok
17:29:52.0211 5412 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
17:29:52.0258 5412 Browser - ok
17:29:52.0258 5412 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:29:52.0320 5412 Brserid - ok
17:29:52.0336 5412 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:29:52.0367 5412 BrSerWdm - ok
17:29:52.0383 5412 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:29:52.0398 5412 BrUsbMdm - ok
17:29:52.0414 5412 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:29:52.0445 5412 BrUsbSer - ok
17:29:52.0507 5412 [ 65349B60F2F5325759525199E26DA1A6 ] bScsiMSa C:\Windows\system32\DRIVERS\bScsiMSa.sys
17:29:52.0507 5412 bScsiMSa - ok
17:29:52.0539 5412 [ E6CC56662F6C6B787A1FBEA4CD247AE0 ] bScsiSDa C:\Windows\system32\DRIVERS\bScsiSDa.sys
17:29:52.0554 5412 bScsiSDa - ok
17:29:52.0570 5412 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
17:29:52.0585 5412 BTHMODEM - ok
17:29:52.0632 5412 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
17:29:52.0695 5412 bthserv - ok
17:29:52.0710 5412 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:29:52.0741 5412 cdfs - ok
17:29:52.0819 5412 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:29:52.0851 5412 cdrom - ok
17:29:52.0929 5412 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
17:29:52.0975 5412 CertPropSvc - ok
17:29:53.0007 5412 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
17:29:53.0022 5412 circlass - ok
17:29:53.0053 5412 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
17:29:53.0069 5412 CLFS - ok
17:29:53.0147 5412 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:29:53.0163 5412 clr_optimization_v2.0.50727_32 - ok
17:29:53.0178 5412 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:29:53.0194 5412 clr_optimization_v2.0.50727_64 - ok
17:29:53.0272 5412 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:29:53.0272 5412 clr_optimization_v4.0.30319_32 - ok
17:29:53.0319 5412 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:29:53.0319 5412 clr_optimization_v4.0.30319_64 - ok
17:29:53.0350 5412 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
17:29:53.0365 5412 CmBatt - ok
17:29:53.0381 5412 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:29:53.0397 5412 cmdide - ok
17:29:53.0443 5412 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
17:29:53.0475 5412 CNG - ok
17:29:53.0506 5412 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
17:29:53.0506 5412 Compbatt - ok
17:29:53.0553 5412 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
17:29:53.0599 5412 CompositeBus - ok
17:29:53.0599 5412 COMSysApp - ok
17:29:53.0615 5412 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
17:29:53.0631 5412 crcdisk - ok
17:29:53.0662 5412 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:29:53.0740 5412 CryptSvc - ok
17:29:53.0849 5412 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
17:29:53.0880 5412 cvhsvc - ok
17:29:53.0943 5412 [ 7AF9DAC504FBD047CBC3E64AE52C92BF ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys
17:29:54.0005 5412 dc3d - ok
17:29:54.0052 5412 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:29:54.0130 5412 DcomLaunch - ok
17:29:54.0192 5412 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
17:29:54.0255 5412 defragsvc - ok
17:29:54.0301 5412 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:29:54.0364 5412 DfsC - ok
17:29:54.0426 5412 [ 41AC348DBD378F618CB4FDEE54270692 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
17:29:54.0442 5412 dg_ssudbus - ok
17:29:54.0504 5412 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
17:29:54.0520 5412 Dhcp - ok
17:29:54.0551 5412 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
17:29:54.0582 5412 discache - ok
17:29:54.0629 5412 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
17:29:54.0629 5412 Disk - ok
17:29:54.0660 5412 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:29:54.0723 5412 Dnscache - ok
17:29:54.0754 5412 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
17:29:54.0816 5412 dot3svc - ok
17:29:54.0863 5412 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
17:29:54.0894 5412 DPS - ok
17:29:54.0925 5412 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:29:54.0957 5412 drmkaud - ok
17:29:55.0035 5412 [ 470F7F19188AB45463F8B612D6DDE7C8 ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe
17:29:55.0050 5412 DsiWMIService - ok
17:29:55.0113 5412 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:29:55.0128 5412 DXGKrnl - ok
17:29:55.0159 5412 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
17:29:55.0206 5412 EapHost - ok
17:29:55.0300 5412 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
17:29:55.0425 5412 ebdrv - ok
17:29:55.0456 5412 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
17:29:55.0503 5412 EFS - ok
17:29:55.0549 5412 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:29:55.0596 5412 ehRecvr - ok
17:29:55.0627 5412 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
17:29:55.0659 5412 ehSched - ok
17:29:55.0705 5412 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
17:29:55.0721 5412 elxstor - ok
17:29:55.0799 5412 [ F2E893846021CEE30AC7612B5BE66330 ] ePowerSvc C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
17:29:55.0815 5412 ePowerSvc - ok
17:29:55.0830 5412 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:29:55.0861 5412 ErrDev - ok
17:29:55.0893 5412 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
17:29:55.0955 5412 EventSystem - ok
17:29:56.0002 5412 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
17:29:56.0033 5412 exfat - ok
17:29:56.0049 5412 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:29:56.0095 5412 fastfat - ok
17:29:56.0142 5412 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
17:29:56.0220 5412 Fax - ok
17:29:56.0236 5412 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
17:29:56.0267 5412 fdc - ok
17:29:56.0298 5412 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
17:29:56.0329 5412 fdPHost - ok
17:29:56.0345 5412 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
17:29:56.0376 5412 FDResPub - ok
17:29:56.0392 5412 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:29:56.0407 5412 FileInfo - ok
17:29:56.0407 5412 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:29:56.0439 5412 Filetrace - ok
17:29:56.0501 5412 [ ABEDFD48AC042C6AAAD32452E77217A1 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
17:29:56.0517 5412 FLEXnet Licensing Service - ok
17:29:56.0532 5412 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
17:29:56.0548 5412 flpydisk - ok
17:29:56.0595 5412 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:29:56.0595 5412 FltMgr - ok
17:29:56.0657 5412 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
17:29:56.0719 5412 FontCache - ok
17:29:56.0782 5412 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:29:56.0782 5412 FontCache3.0.0.0 - ok
17:29:56.0782 5412 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:29:56.0797 5412 FsDepends - ok
17:29:56.0907 5412 [ DDEE99DC54EFA20BD5A442CD733C4462 ] FsUsbExDisk C:\Windows\SysWOW64\FsUsbExDisk.SYS
17:29:56.0938 5412 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - warning
17:29:56.0938 5412 FsUsbExDisk - detected UnsignedFile.Multi.Generic (1)
17:29:56.0985 5412 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:29:56.0985 5412 Fs_Rec - ok
17:29:57.0031 5412 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:29:57.0047 5412 fvevol - ok
17:29:57.0078 5412 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
17:29:57.0078 5412 gagp30kx - ok
17:29:57.0172 5412 [ CE16683CFD11FE70BDE435DDA5EA1FCA ] GameConsoleService C:\Program Files (x86)\Packard Bell Games\Packard Bell Game Console\GameConsoleService.exe
17:29:57.0187 5412 GameConsoleService - ok
17:29:57.0234 5412 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
17:29:57.0281 5412 gpsvc - ok
17:29:57.0328 5412 [ 0191DEE9B9EB7902AF2CF4F67301095D ] GREGService C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe
17:29:57.0328 5412 GREGService - ok
17:29:57.0406 5412 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:29:57.0406 5412 gupdate - ok
17:29:57.0421 5412 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:29:57.0437 5412 gupdatem - ok
17:29:57.0453 5412 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:29:57.0484 5412 hcw85cir - ok
17:29:57.0531 5412 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:29:57.0562 5412 HdAudAddService - ok
17:29:57.0609 5412 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
17:29:57.0655 5412 HDAudBus - ok
17:29:57.0687 5412 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
17:29:57.0702 5412 HidBatt - ok
17:29:57.0718 5412 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
17:29:57.0749 5412 HidBth - ok
17:29:57.0780 5412 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
17:29:57.0811 5412 HidIr - ok
17:29:57.0843 5412 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
17:29:57.0874 5412 hidserv - ok
17:29:57.0905 5412 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:29:57.0921 5412 HidUsb - ok
17:29:57.0952 5412 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:29:57.0999 5412 hkmsvc - ok
17:29:58.0045 5412 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:29:58.0108 5412 HomeGroupListener - ok
17:29:58.0139 5412 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:29:58.0170 5412 HomeGroupProvider - ok
17:29:58.0186 5412 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
17:29:58.0201 5412 HpSAMD - ok
17:29:58.0248 5412 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:29:58.0311 5412 HTTP - ok
17:29:58.0357 5412 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:29:58.0357 5412 hwpolicy - ok
17:29:58.0404 5412 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
17:29:58.0420 5412 i8042prt - ok
17:29:58.0467 5412 [ F7CE9BE72EDAC499B713ECA6DAE5D26F ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
17:29:58.0482 5412 iaStor - ok
17:29:58.0607 5412 [ B25F192EA1F84A316EB7C19EFCCCF33D ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
17:29:58.0607 5412 IAStorDataMgrSvc - ok
17:29:58.0638 5412 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:29:58.0654 5412 iaStorV - ok
17:29:58.0716 5412 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:29:58.0732 5412 idsvc - ok
17:29:59.0059 5412 [ 553228E67639F52C9BD86362C0C64F85 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
17:29:59.0403 5412 igfx - ok
17:29:59.0449 5412 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
17:29:59.0449 5412 iirsp - ok
17:29:59.0496 5412 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
17:29:59.0543 5412 IKEEXT - ok
17:29:59.0668 5412 [ DD1FC331286A33F396945115AE4E5E8A ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
17:29:59.0746 5412 IntcAzAudAddService - ok
17:29:59.0808 5412 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
17:29:59.0871 5412 IntcDAud - ok
17:29:59.0886 5412 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
17:29:59.0886 5412 intelide - ok
17:29:59.0917 5412 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:29:59.0933 5412 intelppm - ok
17:29:59.0964 5412 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:29:59.0995 5412 IPBusEnum - ok
17:30:00.0058 5412 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:30:00.0105 5412 IpFilterDriver - ok
17:30:00.0167 5412 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:30:00.0245 5412 iphlpsvc - ok
17:30:00.0276 5412 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
17:30:00.0292 5412 IPMIDRV - ok
17:30:00.0307 5412 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:30:00.0354 5412 IPNAT - ok
17:30:00.0385 5412 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:30:00.0417 5412 IRENUM - ok
17:30:00.0417 5412 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:30:00.0432 5412 isapnp - ok
17:30:00.0463 5412 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
17:30:00.0479 5412 iScsiPrt - ok
17:30:00.0510 5412 [ 81458A917F8CC7A5171759218D64FA3A ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
17:30:00.0510 5412 k57nd60a - ok
17:30:00.0526 5412 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:30:00.0541 5412 kbdclass - ok
17:30:00.0588 5412 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
17:30:00.0619 5412 kbdhid - ok
17:30:00.0651 5412 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
17:30:00.0666 5412 KeyIso - ok
17:30:00.0682 5412 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:30:00.0682 5412 KSecDD - ok
17:30:00.0713 5412 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:30:00.0729 5412 KSecPkg - ok
17:30:00.0744 5412 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
17:30:00.0775 5412 ksthunk - ok
17:30:00.0807 5412 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
17:30:00.0838 5412 KtmRm - ok
17:30:00.0885 5412 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
17:30:00.0931 5412 LanmanServer - ok
17:30:00.0978 5412 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:30:01.0025 5412 LanmanWorkstation - ok
17:30:01.0056 5412 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:30:01.0103 5412 lltdio - ok
17:30:01.0134 5412 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:30:01.0181 5412 lltdsvc - ok
17:30:01.0197 5412 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:30:01.0243 5412 lmhosts - ok
17:30:01.0290 5412 [ D7E0BED3EA21D7BDDD410ADE51708D90 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
17:30:01.0306 5412 LMS - ok
17:30:01.0337 5412 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
17:30:01.0353 5412 LSI_FC - ok
17:30:01.0368 5412 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
17:30:01.0368 5412 LSI_SAS - ok
17:30:01.0384 5412 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:30:01.0399 5412 LSI_SAS2 - ok
17:30:01.0415 5412 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:30:01.0415 5412 LSI_SCSI - ok
17:30:01.0446 5412 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
17:30:01.0477 5412 luafv - ok
17:30:01.0524 5412 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:30:01.0571 5412 Mcx2Svc - ok
17:30:01.0602 5412 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
17:30:01.0618 5412 megasas - ok
17:30:01.0633 5412 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
17:30:01.0633 5412 MegaSR - ok
17:30:01.0649 5412 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
17:30:01.0665 5412 MEIx64 - ok
17:30:01.0696 5412 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
17:30:01.0727 5412 MMCSS - ok
17:30:01.0758 5412 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
17:30:01.0805 5412 Modem - ok
17:30:01.0836 5412 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:30:01.0852 5412 monitor - ok
17:30:01.0899 5412 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:30:01.0914 5412 mouclass - ok
17:30:01.0945 5412 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:30:01.0945 5412 mouhid - ok
17:30:01.0992 5412 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:30:01.0992 5412 mountmgr - ok
17:30:02.0117 5412 [ 51A84B690DF519DCF656F780243D953E ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:30:02.0117 5412 MozillaMaintenance - ok
17:30:02.0133 5412 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
17:30:02.0148 5412 mpio - ok
17:30:02.0148 5412 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:30:02.0179 5412 mpsdrv - ok
17:30:02.0226 5412 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:30:02.0257 5412 MpsSvc - ok
17:30:02.0304 5412 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:30:02.0320 5412 MRxDAV - ok
17:30:02.0335 5412 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:30:02.0398 5412 mrxsmb - ok
17:30:02.0429 5412 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:30:02.0445 5412 mrxsmb10 - ok
17:30:02.0476 5412 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:30:02.0507 5412 mrxsmb20 - ok
17:30:02.0538 5412 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
17:30:02.0538 5412 msahci - ok
17:30:02.0569 5412 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:30:02.0585 5412 msdsm - ok
17:30:02.0601 5412 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
17:30:02.0601 5412 MSDTC - ok
17:30:02.0616 5412 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:30:02.0663 5412 Msfs - ok
17:30:02.0679 5412 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:30:02.0710 5412 mshidkmdf - ok
17:30:02.0710 5412 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:30:02.0725 5412 msisadrv - ok
17:30:02.0757 5412 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:30:02.0788 5412 MSiSCSI - ok
17:30:02.0788 5412 msiserver - ok
17:30:02.0819 5412 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:30:02.0850 5412 MSKSSRV - ok
17:30:02.0866 5412 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:30:02.0913 5412 MSPCLOCK - ok
17:30:02.0928 5412 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:30:02.0959 5412 MSPQM - ok
17:30:03.0006 5412 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:30:03.0022 5412 MsRPC - ok
17:30:03.0053 5412 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
17:30:03.0069 5412 mssmbios - ok
17:30:03.0084 5412 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:30:03.0131 5412 MSTEE - ok
17:30:03.0131 5412 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
17:30:03.0147 5412 MTConfig - ok
17:30:03.0162 5412 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
17:30:03.0162 5412 Mup - ok
17:30:03.0209 5412 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
17:30:03.0256 5412 napagent - ok
17:30:03.0287 5412 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:30:03.0318 5412 NativeWifiP - ok
17:30:03.0365 5412 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
17:30:03.0381 5412 NDIS - ok
17:30:03.0412 5412 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:30:03.0459 5412 NdisCap - ok
17:30:03.0474 5412 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:30:03.0505 5412 NdisTapi - ok
17:30:03.0568 5412 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:30:03.0599 5412 Ndisuio - ok
17:30:03.0646 5412 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:30:03.0708 5412 NdisWan - ok
17:30:03.0786 5412 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:30:03.0817 5412 NDProxy - ok
17:30:03.0880 5412 [ 7D2633295EB6FF2B938185874884059D ] Nero BackItUp Scheduler 4.0 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
17:30:03.0895 5412 Nero BackItUp Scheduler 4.0 - ok
17:30:03.0927 5412 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:30:03.0942 5412 NetBIOS - ok
17:30:03.0989 5412 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:30:04.0036 5412 NetBT - ok
17:30:04.0067 5412 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
17:30:04.0083 5412 Netlogon - ok
17:30:04.0114 5412 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
17:30:04.0161 5412 Netman - ok
17:30:04.0176 5412 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
17:30:04.0207 5412 netprofm - ok
17:30:04.0239 5412 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:30:04.0254 5412 NetTcpPortSharing - ok
17:30:04.0270 5412 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
17:30:04.0285 5412 nfrd960 - ok
17:30:04.0332 5412 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
17:30:04.0348 5412 NlaSvc - ok
17:30:04.0363 5412 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:30:04.0395 5412 Npfs - ok
17:30:04.0426 5412 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
17:30:04.0457 5412 nsi - ok
17:30:04.0473 5412 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:30:04.0504 5412 nsiproxy - ok
17:30:04.0566 5412 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:30:04.0613 5412 Ntfs - ok
17:30:04.0675 5412 [ D27A4546417ED7C4AEA7B3420D4F1F50 ] NTI IScheduleSvc C:\Program Files (x86)\NTI\Packard Bell MyBackup\IScheduleSvc.exe
17:30:04.0675 5412 NTI IScheduleSvc - ok
17:30:04.0691 5412 [ 64DDD0DEE976302F4BD93E5EFCC2F013 ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
17:30:04.0707 5412 NTIDrvr - ok
17:30:04.0707 5412 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
17:30:04.0753 5412 Null - ok
17:30:04.0800 5412 [ 786DB821BFD57C0551DBBE4F75384A7D ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
17:30:04.0831 5412 nusb3hub - ok
17:30:04.0863 5412 [ DAA8005CAF745042BB427A1ED7433354 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
17:30:04.0894 5412 nusb3xhc - ok
17:30:05.0159 5412 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:30:05.0518 5412 nvlddmkm - ok
17:30:05.0549 5412 [ 918841B2454F4F2BD94479692079490B ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
17:30:05.0549 5412 nvpciflt - ok
17:30:05.0596 5412 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:30:05.0596 5412 nvraid - ok
17:30:05.0627 5412 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:30:05.0643 5412 nvstor - ok
17:30:05.0736 5412 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] nvsvc C:\Windows\system32\nvvsvc.exe
17:30:05.0752 5412 nvsvc - ok
17:30:05.0830 5412 [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
17:30:05.0877 5412 nvUpdatusService - ok
17:30:05.0923 5412 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:30:05.0923 5412 nv_agp - ok
17:30:06.0017 5412 [ 0182074B2B8915C8371EA5A006BAC44E ] ogmservice C:\Program Files (x86)\Online Games Manager\ogmservice.exe
17:30:06.0033 5412 ogmservice - ok
17:30:06.0064 5412 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
17:30:06.0079 5412 ohci1394 - ok
17:30:06.0157 5412 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:30:06.0157 5412 ose - ok
17:30:06.0329 5412 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:30:06.0469 5412 osppsvc - ok
17:30:06.0501 5412 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:30:06.0532 5412 p2pimsvc - ok
17:30:06.0563 5412 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
17:30:06.0594 5412 p2psvc - ok
17:30:06.0625 5412 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
17:30:06.0641 5412 Parport - ok
17:30:06.0672 5412 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:30:06.0688 5412 partmgr - ok
17:30:06.0703 5412 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
17:30:06.0750 5412 PcaSvc - ok
17:30:06.0781 5412 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
17:30:06.0797 5412 pci - ok
17:30:06.0828 5412 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
17:30:06.0828 5412 pciide - ok
17:30:06.0859 5412 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
17:30:06.0875 5412 pcmcia - ok
17:30:06.0875 5412 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
17:30:06.0891 5412 pcw - ok
17:30:06.0906 5412 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:30:06.0953 5412 PEAUTH - ok
17:30:06.0984 5412 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
17:30:07.0015 5412 PerfHost - ok
17:30:07.0062 5412 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
17:30:07.0140 5412 pla - ok
17:30:07.0171 5412 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:30:07.0234 5412 PlugPlay - ok
17:30:07.0249 5412 PnkBstrA - ok
17:30:07.0265 5412 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:30:07.0281 5412 PNRPAutoReg - ok
17:30:07.0312 5412 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:30:07.0327 5412 PNRPsvc - ok
17:30:07.0374 5412 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:30:07.0421 5412 PolicyAgent - ok
17:30:07.0452 5412 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
17:30:07.0483 5412 Power - ok
17:30:07.0530 5412 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:30:07.0561 5412 PptpMiniport - ok
17:30:07.0577 5412 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
17:30:07.0624 5412 Processor - ok
17:30:07.0655 5412 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
17:30:07.0702 5412 ProfSvc - ok
17:30:07.0702 5412 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:30:07.0717 5412 ProtectedStorage - ok
17:30:07.0749 5412 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:30:07.0795 5412 Psched - ok
17:30:07.0827 5412 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
17:30:07.0827 5412 PxHlpa64 - ok
17:30:07.0889 5412 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
17:30:07.0936 5412 ql2300 - ok
17:30:07.0951 5412 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
17:30:07.0967 5412 ql40xx - ok
17:30:07.0983 5412 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
17:30:07.0998 5412 QWAVE - ok
17:30:08.0014 5412 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:30:08.0029 5412 QWAVEdrv - ok
17:30:08.0045 5412 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:30:08.0092 5412 RasAcd - ok
17:30:08.0107 5412 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:30:08.0154 5412 RasAgileVpn - ok
17:30:08.0170 5412 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
17:30:08.0201 5412 RasAuto - ok
17:30:08.0232 5412 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:30:08.0279 5412 Rasl2tp - ok
17:30:08.0326 5412 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
17:30:08.0388 5412 RasMan - ok
17:30:08.0419 5412 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:30:08.0451 5412 RasPppoe - ok
17:30:08.0466 5412 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:30:08.0513 5412 RasSstp - ok
17:30:08.0544 5412 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:30:08.0591 5412 rdbss - ok
17:30:08.0607 5412 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
17:30:08.0638 5412 rdpbus - ok
17:30:08.0653 5412 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:30:08.0669 5412 RDPCDD - ok
17:30:08.0700 5412 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:30:08.0747 5412 RDPENCDD - ok
17:30:08.0763 5412 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:30:08.0794 5412 RDPREFMP - ok
17:30:08.0841 5412 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:30:08.0887 5412 RDPWD - ok
17:30:08.0934 5412 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:30:08.0950 5412 rdyboost - ok
17:30:08.0981 5412 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:30:09.0012 5412 RemoteAccess - ok
17:30:09.0043 5412 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:30:09.0075 5412 RemoteRegistry - ok
17:30:09.0184 5412 [ CC6943E37FF6B0DAFF4B2580B0BB9721 ] RichVideo C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
17:30:09.0199 5412 RichVideo ( UnsignedFile.Multi.Generic ) - warning
17:30:09.0199 5412 RichVideo - detected UnsignedFile.Multi.Generic (1)
17:30:09.0215 5412 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:30:09.0246 5412 RpcEptMapper - ok
17:30:09.0277 5412 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
17:30:09.0309 5412 RpcLocator - ok
17:30:09.0355 5412 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
17:30:09.0387 5412 RpcSs - ok
17:30:09.0387 5412 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:30:09.0418 5412 rspndr - ok
17:30:09.0433 5412 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
17:30:09.0433 5412 SamSs - ok
17:30:09.0480 5412 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:30:09.0496 5412 sbp2port - ok
17:30:09.0511 5412 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:30:09.0558 5412 SCardSvr - ok
17:30:09.0589 5412 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:30:09.0621 5412 scfilter - ok
17:30:09.0636 5412 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
17:30:09.0699 5412 Schedule - ok
17:30:09.0730 5412 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
17:30:09.0761 5412 SCPolicySvc - ok
17:30:09.0808 5412 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys
17:30:09.0823 5412 sdbus - ok
17:30:09.0855 5412 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:30:09.0917 5412 SDRSVC - ok
17:30:09.0933 5412 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:30:09.0979 5412 secdrv - ok
17:30:10.0011 5412 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
17:30:10.0057 5412 seclogon - ok
17:30:10.0104 5412 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
17:30:10.0135 5412 SENS - ok
17:30:10.0182 5412 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:30:10.0213 5412 SensrSvc - ok
17:30:10.0229 5412 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
17:30:10.0260 5412 Serenum - ok
17:30:10.0276 5412 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
17:30:10.0291 5412 Serial - ok
17:30:10.0354 5412 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
17:30:10.0401 5412 sermouse - ok
17:30:10.0447 5412 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
17:30:10.0479 5412 SessionEnv - ok
17:30:10.0510 5412 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:30:10.0572 5412 sffdisk - ok
17:30:10.0603 5412 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:30:10.0619 5412 sffp_mmc - ok
17:30:10.0635 5412 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:30:10.0666 5412 sffp_sd - ok
17:30:10.0681 5412 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
17:30:10.0697 5412 sfloppy - ok
17:30:10.0759 5412 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
17:30:10.0775 5412 Sftfs - ok
17:30:10.0884 5412 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
17:30:10.0900 5412 sftlist - ok
17:30:10.0915 5412 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
17:30:10.0931 5412 Sftplay - ok
17:30:10.0931 5412 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
17:30:10.0947 5412 Sftredir - ok
17:30:10.0947 5412 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
17:30:10.0962 5412 Sftvol - ok
17:30:10.0978 5412 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
17:30:10.0993 5412 sftvsa - ok
17:30:11.0040 5412 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:30:11.0071 5412 SharedAccess - ok
17:30:11.0103 5412 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:30:11.0149 5412 ShellHWDetection - ok
17:30:11.0149 5412 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:30:11.0165 5412 SiSRaid2 - ok
17:30:11.0181 5412 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
17:30:11.0196 5412 SiSRaid4 - ok
17:30:11.0212 5412 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:30:11.0259 5412 Smb - ok
17:30:11.0290 5412 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:30:11.0305 5412 SNMPTRAP - ok
17:30:11.0321 5412 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
17:30:11.0337 5412 spldr - ok
17:30:11.0383 5412 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
17:30:11.0430 5412 Spooler - ok
17:30:11.0524 5412 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
17:30:11.0633 5412 sppsvc - ok
17:30:11.0649 5412 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:30:11.0695 5412 sppuinotify - ok
17:30:11.0727 5412 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
17:30:11.0805 5412 srv - ok
17:30:11.0820 5412 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:30:11.0883 5412 srv2 - ok
17:30:11.0898 5412 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:30:11.0929 5412 srvnet - ok
17:30:11.0945 5412 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:30:11.0992 5412 SSDPSRV - ok
17:30:12.0007 5412 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:30:12.0054 5412 SstpSvc - ok
17:30:12.0117 5412 [ C692C94FE55CAD0633440236022C27B3 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
17:30:12.0132 5412 ssudmdm - ok
17:30:12.0179 5412 [ F161567B90721F4C42BD5F95A4C9B2D0 ] ssudobex C:\Windows\system32\DRIVERS\ssudobex.sys
17:30:12.0195 5412 ssudobex - ok
17:30:12.0210 5412 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
17:30:12.0210 5412 stexstor - ok
17:30:12.0273 5412 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
17:30:12.0304 5412 stisvc - ok
17:30:12.0351 5412 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
17:30:12.0351 5412 swenum - ok
17:30:12.0382 5412 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
17:30:12.0413 5412 swprv - ok
17:30:12.0491 5412 [ EF51B22706DB03F0857FADE127C804EC ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
17:30:12.0538 5412 SynTP - ok
17:30:12.0600 5412 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
17:30:12.0694 5412 SysMain - ok
17:30:12.0725 5412 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:30:12.0756 5412 TabletInputService - ok
17:30:12.0787 5412 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
17:30:12.0850 5412 TapiSrv - ok
17:30:12.0897 5412 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
17:30:12.0928 5412 TBS - ok
17:30:12.0990 5412 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:30:13.0053 5412 Tcpip - ok
17:30:13.0099 5412 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:30:13.0131 5412 TCPIP6 - ok
17:30:13.0162 5412 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:30:13.0193 5412 tcpipreg - ok
17:30:13.0224 5412 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:30:13.0255 5412 TDPIPE - ok
17:30:13.0287 5412 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:30:13.0318 5412 TDTCP - ok
17:30:13.0380 5412 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:30:13.0411 5412 tdx - ok
17:30:13.0458 5412 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
17:30:13.0458 5412 TermDD - ok
17:30:13.0521 5412 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
17:30:13.0567 5412 TermService - ok
17:30:13.0567 5412 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
17:30:13.0583 5412 Themes - ok
17:30:13.0614 5412 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
17:30:13.0630 5412 THREADORDER - ok
17:30:13.0645 5412 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
17:30:13.0677 5412 TrkWks - ok
17:30:13.0739 5412 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:30:13.0786 5412 TrustedInstaller - ok
17:30:13.0817 5412 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:30:13.0833 5412 tssecsrv - ok
17:30:13.0895 5412 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
17:30:13.0957 5412 TsUsbFlt - ok
17:30:14.0020 5412 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:30:14.0067 5412 tunnel - ok
17:30:14.0098 5412 [ 48743B69EA47C020A792D8649F753F44 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
17:30:14.0113 5412 TurboB - ok
17:30:14.0160 5412 [ 759F59E3EA3802FF23F93DCDB6FE9171 ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
17:30:14.0160 5412 TurboBoost - ok
17:30:14.0176 5412 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
17:30:14.0191 5412 uagp35 - ok
17:30:14.0238 5412 [ 2E22C1FD397A5A9FFEF55E9D1FC96C00 ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
17:30:14.0238 5412 UBHelper - ok
17:30:14.0285 5412 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:30:14.0332 5412 udfs - ok
17:30:14.0347 5412 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:30:14.0363 5412 UI0Detect - ok
17:30:14.0394 5412 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:30:14.0394 5412 uliagpkx - ok
17:30:14.0441 5412 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
17:30:14.0472 5412 umbus - ok
17:30:14.0488 5412 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
17:30:14.0503 5412 UmPass - ok
17:30:14.0628 5412 [ A678E5DDD974903DD71F503BDCACA218 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
17:30:14.0706 5412 UNS - ok
17:30:14.0753 5412 [ F9EC9ACD504D823D9B9CA98A4F8D3CA2 ] Updater Service C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
17:30:14.0753 5412 Updater Service - ok
17:30:14.0784 5412 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
17:30:14.0815 5412 upnphost - ok
17:30:14.0847 5412 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:30:14.0862 5412 usbccgp - ok
17:30:14.0909 5412 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:30:14.0940 5412 usbcir - ok
17:30:14.0971 5412 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
17:30:14.0987 5412 usbehci - ok
17:30:15.0018 5412 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:30:15.0049 5412 usbhub - ok
17:30:15.0065 5412 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
17:30:15.0065 5412 usbohci - ok
17:30:15.0081 5412 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:30:15.0096 5412 usbprint - ok
17:30:15.0127 5412 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:30:15.0174 5412 USBSTOR - ok
17:30:15.0190 5412 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
17:30:15.0205 5412 usbuhci - ok
17:30:15.0252 5412 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
17:30:15.0268 5412 usbvideo - ok
17:30:15.0299 5412 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
17:30:15.0330 5412 UxSms - ok
17:30:15.0346 5412 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
17:30:15.0346 5412 VaultSvc - ok
17:30:15.0377 5412 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
17:30:15.0377 5412 vdrvroot - ok
17:30:15.0424 5412 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
17:30:15.0455 5412 vds - ok
17:30:15.0471 5412 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:30:15.0502 5412 vga - ok
17:30:15.0517 5412 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
17:30:15.0549 5412 VgaSave - ok
17:30:15.0564 5412 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
17:30:15.0580 5412 vhdmp - ok
17:30:15.0580 5412 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
17:30:15.0595 5412 viaide - ok
17:30:15.0627 5412 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:30:15.0627 5412 volmgr - ok
17:30:15.0673 5412 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:30:15.0689 5412 volmgrx - ok
17:30:15.0705 5412 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:30:15.0720 5412 volsnap - ok
17:30:15.0751 5412 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
17:30:15.0751 5412 vsmraid - ok
17:30:15.0814 5412 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
17:30:15.0907 5412 VSS - ok
17:30:15.0923 5412 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
17:30:15.0954 5412 vwifibus - ok
17:30:16.0001 5412 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
17:30:16.0017 5412 vwififlt - ok
17:30:16.0063 5412 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
17:30:16.0063 5412 vwifimp - ok
17:30:16.0110 5412 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
17:30:16.0141 5412 W32Time - ok
17:30:16.0157 5412 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
17:30:16.0188 5412 WacomPen - ok
17:30:16.0219 5412 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:30:16.0266 5412 WANARP - ok
17:30:16.0266 5412 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:30:16.0297 5412 Wanarpv6 - ok
17:30:16.0344 5412 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
17:30:16.0422 5412 wbengine - ok
17:30:16.0438 5412 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:30:16.0453 5412 WbioSrvc - ok
17:30:16.0500 5412 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:30:16.0531 5412 wcncsvc - ok
17:30:16.0547 5412 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:30:16.0594 5412 WcsPlugInService - ok
17:30:16.0594 5412 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
17:30:16.0609 5412 Wd - ok
17:30:16.0656 5412 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:30:16.0672 5412 Wdf01000 - ok
17:30:16.0687 5412 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:30:16.0765 5412 WdiServiceHost - ok
17:30:16.0765 5412 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:30:16.0781 5412 WdiSystemHost - ok
17:30:16.0828 5412 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
17:30:16.0843 5412 WebClient - ok
17:30:16.0859 5412 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:30:16.0906 5412 Wecsvc - ok
17:30:16.0906 5412 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:30:16.0953 5412 wercplsupport - ok
17:30:16.0984 5412 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
17:30:16.0999 5412 WerSvc - ok
17:30:17.0015 5412 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:30:17.0062 5412 WfpLwf - ok
17:30:17.0077 5412 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:30:17.0077 5412 WIMMount - ok
17:30:17.0093 5412 WinDefend - ok
17:30:17.0093 5412 WinHttpAutoProxySvc - ok
17:30:17.0171 5412 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:30:17.0218 5412 Winmgmt - ok
17:30:17.0296 5412 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
17:30:17.0389 5412 WinRM - ok
17:30:17.0452 5412 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
17:30:17.0452 5412 WinUsb - ok
17:30:17.0483 5412 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
17:30:17.0514 5412 Wlansvc - ok
17:30:17.0623 5412 [ 357CABBF155AFD1D3926E62539D2A3A7 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:30:17.0686 5412 wlidsvc - ok
17:30:17.0717 5412 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
17:30:17.0733 5412 WmiAcpi - ok
17:30:17.0733 5412 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:30:17.0764 5412 wmiApSrv - ok
17:30:17.0779 5412 WMPNetworkSvc - ok
17:30:17.0811 5412 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:30:17.0842 5412 WPCSvc - ok
17:30:17.0889 5412 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:30:17.0904 5412 WPDBusEnum - ok
17:30:17.0904 5412 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:30:17.0935 5412 ws2ifsl - ok
17:30:17.0951 5412 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
17:30:17.0998 5412 wscsvc - ok
17:30:17.0998 5412 WSearch - ok
17:30:18.0076 5412 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
17:30:18.0154 5412 wuauserv - ok
17:30:18.0201 5412 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:30:18.0263 5412 WudfPf - ok
17:30:18.0294 5412 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:30:18.0341 5412 WUDFRd - ok
17:30:18.0372 5412 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:30:18.0388 5412 wudfsvc - ok
17:30:18.0403 5412 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
17:30:18.0466 5412 WwanSvc - ok
17:30:18.0466 5412 ================ Scan global ===============================
17:30:18.0497 5412 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
17:30:18.0497 5412 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
17:30:18.0513 5412 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
17:30:18.0528 5412 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
17:30:18.0559 5412 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
17:30:18.0559 5412 [Global] - ok
17:30:18.0559 5412 ================ Scan MBR ==================================
17:30:18.0575 5412 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:30:19.0012 5412 \Device\Harddisk0\DR0 - ok
17:30:19.0012 5412 ================ Scan VBR ==================================
17:30:19.0012 5412 [ B53BB0A1AA8ECE7B2C253B17446C7F7B ] \Device\Harddisk0\DR0\Partition1
17:30:19.0027 5412 \Device\Harddisk0\DR0\Partition1 - ok
17:30:19.0043 5412 [ 6BE99A984FB4BDBAD2242D61FA5392FA ] \Device\Harddisk0\DR0\Partition2
17:30:19.0059 5412 \Device\Harddisk0\DR0\Partition2 - ok
17:30:19.0059 5412 ============================================================
17:30:19.0059 5412 Scan finished
17:30:19.0059 5412 ============================================================
17:30:19.0059 5404 Detected object count: 2
17:30:19.0059 5404 Actual detected object count: 2
17:32:19.0865 5404 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - skipped by user
17:32:19.0865 5404 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:32:19.0865 5404 RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user
17:32:19.0865 5404 RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip


Alt 27.02.2013, 17:39   #6
markusg
/// Malware-holic
 
tcbhn im Autostart! - Standard

tcbhn im Autostart!



Hi,
Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
--> tcbhn im Autostart!

Alt 27.02.2013, 18:21   #7
Babydi
 
tcbhn im Autostart! - Standard

tcbhn im Autostart!



Hy, Antivir hat gemeckert, irgendwas mit Regystry.. wollte das System voll prüfen, ich bin auf später gegangen und dann ging es. Neustart? Macht er nicht von selbst, soll ich einen machen??

Combofix:
Combofix Logfile:
Code:
ATTFilter
ComboFix 13-02-26.01 - Di 27.02.2013  18:56:41.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.3948.1858 [GMT 1:00]
ausgeführt von:: c:\users\Di\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\BrowserCompanion
c:\program files (x86)\BrowserCompanion\blabbers-ch.crx
c:\program files (x86)\BrowserCompanion\blabbers-ff-full.xpi
c:\program files (x86)\BrowserCompanion\logo.ico
c:\program files (x86)\BrowserCompanion\terms.lnk.url
c:\program files (x86)\BrowserCompanion\toolbar.dll
c:\program files (x86)\BrowserCompanion\uninstall.exe
c:\program files (x86)\BrowserCompanion\updatebhoWin32.dll
c:\program files (x86)\BrowserCompanion\updater.ini
c:\program files (x86)\BrowserCompanion\widgetserv.exe
c:\windows\SysWow64\muzapp.exe
c:\windows\SysWow64\System32\MASetupCleaner.exe
c:\windows\SysWow64\System32\muzapp.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-01-27 bis 2013-02-27  ))))))))))))))))))))))))))))))
.
.
2013-02-27 18:15 . 2013-02-27 18:15	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2013-02-27 18:15 . 2013-02-27 18:15	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-02-26 22:39 . 2013-02-26 22:39	--------	d-----w-	c:\users\Di\AppData\Roaming\Malwarebytes
2013-02-26 22:39 . 2013-02-26 22:39	--------	d-----w-	c:\programdata\Malwarebytes
2013-02-26 22:39 . 2013-02-26 22:39	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2013-02-26 22:39 . 2012-12-14 15:49	24176	----a-w-	c:\windows\system32\drivers\mbam.sys
2013-02-26 22:39 . 2013-02-26 22:39	--------	d-----w-	c:\users\Di\AppData\Local\Programs
2013-02-24 22:08 . 2013-02-24 22:08	95648	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-02-24 22:08 . 2013-02-24 22:08	--------	d-----w-	c:\program files (x86)\Java
2013-02-21 21:12 . 2013-02-05 08:54	37344	----a-w-	c:\windows\SysWow64\FsUsbExDisk.Sys
2013-02-21 21:12 . 2013-02-05 08:54	233472	----a-w-	c:\windows\SysWow64\FsUsbExService.Exe
2013-02-21 21:12 . 2012-12-18 09:08	110592	----a-w-	c:\windows\SysWow64\FsUsbExDevice.Dll
2013-02-13 23:37 . 2013-01-09 01:10	996352	----a-w-	c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-13 23:37 . 2013-01-08 22:01	768000	----a-w-	c:\program files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-13 13:07 . 2013-01-05 05:53	5553512	----a-w-	c:\windows\system32\ntoskrnl.exe
2013-02-13 13:07 . 2013-01-05 05:00	3967848	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2013-02-13 13:07 . 2013-01-05 05:00	3913064	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2013-02-13 13:07 . 2013-01-04 03:26	3153408	----a-w-	c:\windows\system32\win32k.sys
2013-02-13 13:07 . 2013-01-04 05:46	215040	----a-w-	c:\windows\system32\winsrv.dll
2013-02-13 13:07 . 2013-01-04 02:47	25600	----a-w-	c:\windows\SysWow64\setup16.exe
2013-02-13 13:07 . 2013-01-04 04:51	5120	----a-w-	c:\windows\SysWow64\wow32.dll
2013-02-13 13:07 . 2013-01-04 02:47	7680	----a-w-	c:\windows\SysWow64\instnm.exe
2013-02-13 13:07 . 2013-01-04 02:47	14336	----a-w-	c:\windows\SysWow64\ntvdm64.dll
2013-02-13 13:07 . 2013-01-04 02:47	2048	----a-w-	c:\windows\SysWow64\user.exe
2013-02-13 13:07 . 2013-01-03 06:00	1913192	----a-w-	c:\windows\system32\drivers\tcpip.sys
2013-02-13 13:07 . 2013-01-03 06:00	288088	----a-w-	c:\windows\system32\drivers\FWPKCLNT.SYS
2013-02-08 13:42 . 2013-02-08 13:42	--------	d-----w-	c:\users\Di\AppData\Roaming\EAC
2013-02-08 13:42 . 2013-02-08 13:42	--------	d-----w-	c:\users\Di\AppData\Roaming\AccurateRip
2013-02-08 13:42 . 2013-02-08 13:42	--------	d-----w-	c:\program files (x86)\Exact Audio Copy
2013-02-08 13:35 . 2013-02-08 13:35	--------	d-----w-	c:\program files (x86)\DVDVideoSoft
2013-02-08 13:35 . 2013-02-08 13:35	--------	d-----w-	c:\program files (x86)\Common Files\DVDVideoSoft
2013-02-06 06:42 . 2013-02-06 06:42	102936	----a-w-	c:\windows\system32\drivers\ssudbus.sys
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-24 22:08 . 2012-06-07 19:03	861088	----a-w-	c:\windows\SysWow64\npDeployJava1.dll
2013-02-24 22:08 . 2011-09-29 21:22	782240	----a-w-	c:\windows\SysWow64\deployJava1.dll
2013-02-14 21:52 . 2013-01-22 09:35	71024	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-14 21:52 . 2013-01-22 09:35	691568	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-02-13 23:41 . 2011-07-04 17:34	70004024	----a-w-	c:\windows\system32\MRT.exe
2013-01-04 04:43 . 2013-02-13 13:07	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2012-12-28 18:30 . 2012-12-28 18:16	268952	----a-w-	c:\windows\SysWow64\PnkBstrB.xtr
2012-12-28 18:30 . 2012-12-28 18:04	268952	----a-w-	c:\windows\SysWow64\PnkBstrB.exe
2012-12-28 18:29 . 2012-12-28 18:04	268952	----a-w-	c:\windows\SysWow64\PnkBstrB.ex0
2012-12-28 18:09 . 2012-12-28 18:04	75136	----a-w-	c:\windows\SysWow64\PnkBstrA.exe
2012-12-28 18:04 . 2012-12-28 18:04	682280	----a-w-	c:\windows\SysWow64\pbsvc.exe
2012-12-18 09:06 . 2011-11-01 06:37	4659712	----a-w-	c:\windows\SysWow64\Redemption.dll
2012-12-18 09:06 . 2012-12-18 09:06	90112	----a-w-	c:\windows\MAMCityDownload.ocx
2012-12-18 09:06 . 2012-12-18 09:06	330240	----a-w-	c:\windows\MASetupCaller.dll
2012-12-18 09:06 . 2012-12-18 09:06	30568	----a-w-	c:\windows\MusiccityDownload.exe
2012-12-18 09:06 . 2012-01-12 19:04	821824	----a-w-	c:\windows\SysWow64\dgderapi.dll
2012-12-16 17:11 . 2012-12-21 18:16	46080	----a-w-	c:\windows\system32\atmlib.dll
2012-12-16 14:45 . 2012-12-21 18:16	367616	----a-w-	c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-21 18:16	295424	----a-w-	c:\windows\SysWow64\atmfd.dll
2012-12-16 14:13 . 2012-12-21 18:16	34304	----a-w-	c:\windows\SysWow64\atmlib.dll
2012-12-07 13:20 . 2013-01-09 20:42	441856	----a-w-	c:\windows\system32\Wpc.dll
2012-12-07 13:15 . 2013-01-09 20:42	2746368	----a-w-	c:\windows\system32\gameux.dll
2012-12-07 12:26 . 2013-01-09 20:42	308736	----a-w-	c:\windows\SysWow64\Wpc.dll
2012-12-07 12:20 . 2013-01-09 20:42	2576384	----a-w-	c:\windows\SysWow64\gameux.dll
2012-12-07 11:20 . 2013-01-09 20:42	30720	----a-w-	c:\windows\system32\usk.rs
2012-12-07 11:20 . 2013-01-09 20:42	43520	----a-w-	c:\windows\system32\csrr.rs
2012-12-07 11:20 . 2013-01-09 20:42	23552	----a-w-	c:\windows\system32\oflc.rs
2012-12-07 11:20 . 2013-01-09 20:42	45568	----a-w-	c:\windows\system32\oflc-nz.rs
2012-12-07 11:20 . 2013-01-09 20:42	44544	----a-w-	c:\windows\system32\pegibbfc.rs
2012-12-07 11:20 . 2013-01-09 20:42	20480	----a-w-	c:\windows\system32\pegi-fi.rs
2012-12-07 11:20 . 2013-01-09 20:42	20480	----a-w-	c:\windows\system32\pegi-pt.rs
2012-12-07 11:19 . 2013-01-09 20:42	20480	----a-w-	c:\windows\system32\pegi.rs
2012-12-07 11:19 . 2013-01-09 20:42	46592	----a-w-	c:\windows\system32\fpb.rs
2012-12-07 11:19 . 2013-01-09 20:42	40960	----a-w-	c:\windows\system32\cob-au.rs
2012-12-07 11:19 . 2013-01-09 20:42	21504	----a-w-	c:\windows\system32\grb.rs
2012-12-07 11:19 . 2013-01-09 20:42	15360	----a-w-	c:\windows\system32\djctq.rs
2012-12-07 11:19 . 2013-01-09 20:42	55296	----a-w-	c:\windows\system32\cero.rs
2012-12-07 11:19 . 2013-01-09 20:42	51712	----a-w-	c:\windows\system32\esrb.rs
2012-12-07 10:46 . 2013-01-09 20:42	43520	----a-w-	c:\windows\SysWow64\csrr.rs
2012-12-07 10:46 . 2013-01-09 20:42	30720	----a-w-	c:\windows\SysWow64\usk.rs
2012-12-07 10:46 . 2013-01-09 20:42	45568	----a-w-	c:\windows\SysWow64\oflc-nz.rs
2012-12-07 10:46 . 2013-01-09 20:42	44544	----a-w-	c:\windows\SysWow64\pegibbfc.rs
2012-12-07 10:46 . 2013-01-09 20:42	20480	----a-w-	c:\windows\SysWow64\pegi-pt.rs
2012-12-07 10:46 . 2013-01-09 20:42	23552	----a-w-	c:\windows\SysWow64\oflc.rs
2012-12-07 10:46 . 2013-01-09 20:42	20480	----a-w-	c:\windows\SysWow64\pegi-fi.rs
2012-12-07 10:46 . 2013-01-09 20:42	46592	----a-w-	c:\windows\SysWow64\fpb.rs
2012-12-07 10:46 . 2013-01-09 20:42	20480	----a-w-	c:\windows\SysWow64\pegi.rs
2012-12-07 10:46 . 2013-01-09 20:42	21504	----a-w-	c:\windows\SysWow64\grb.rs
2012-12-07 10:46 . 2013-01-09 20:42	40960	----a-w-	c:\windows\SysWow64\cob-au.rs
2012-12-07 10:46 . 2013-01-09 20:42	15360	----a-w-	c:\windows\SysWow64\djctq.rs
2012-12-07 10:46 . 2013-01-09 20:42	55296	----a-w-	c:\windows\SysWow64\cero.rs
2012-12-07 10:46 . 2013-01-09 20:42	51712	----a-w-	c:\windows\SysWow64\esrb.rs
2012-12-03 14:36 . 2012-12-17 06:42	129216	----a-w-	c:\windows\system32\drivers\avipbb.sys
2012-12-03 14:36 . 2012-12-17 06:42	99912	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2012-11-30 05:45 . 2013-01-09 20:42	362496	----a-w-	c:\windows\system32\wow64win.dll
2012-11-30 05:45 . 2013-01-09 20:42	243200	----a-w-	c:\windows\system32\wow64.dll
2012-11-30 05:45 . 2013-01-09 20:42	13312	----a-w-	c:\windows\system32\wow64cpu.dll
2012-11-30 05:43 . 2013-01-09 20:42	16384	----a-w-	c:\windows\system32\ntvdm64.dll
2012-11-30 05:41 . 2013-01-09 20:42	424448	----a-w-	c:\windows\system32\KernelBase.dll
2012-11-30 05:41 . 2013-01-09 20:42	1161216	----a-w-	c:\windows\system32\kernel32.dll
2012-11-30 05:38 . 2013-01-09 20:42	6144	---ha-w-	c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:42	4608	---ha-w-	c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:42	4608	---ha-w-	c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:42	4096	---ha-w-	c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:42	4096	---ha-w-	c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:42	3584	---ha-w-	c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:42	3584	---ha-w-	c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:42	3584	---ha-w-	c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:42	3584	---ha-w-	c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:42	3072	---ha-w-	c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:42	3072	---ha-w-	c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:42	3072	---ha-w-	c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:42	3072	---ha-w-	c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:42	5120	---ha-w-	c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:42	3584	---ha-w-	c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:42	3072	---ha-w-	c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:42	4096	---ha-w-	c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:42	4096	---ha-w-	c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:42	3584	---ha-w-	c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:42	3584	---ha-w-	c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:42	3072	---ha-w-	c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:42	3072	---ha-w-	c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:42	3072	---ha-w-	c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:42	3072	---ha-w-	c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:42	3072	---ha-w-	c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:42	3072	---ha-w-	c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:42	3072	---ha-w-	c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-11-30 05:38 . 2013-01-09 20:42	3072	---ha-w-	c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-11-30 04:53 . 2013-01-09 20:42	274944	----a-w-	c:\windows\SysWow64\KernelBase.dll
2012-11-30 04:45 . 2013-01-09 20:42	4608	---ha-w-	c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 20:42	4096	---ha-w-	c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 20:42	4096	---ha-w-	c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 20:42	4096	---ha-w-	c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 20:42	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 20:42	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 20:42	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 20:42	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 20:42	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 20:42	4096	---ha-w-	c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2012-11-30 04:45 . 2013-01-09 20:42	4096	---ha-w-	c:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-10-28 11:26	220632	----a-w-	c:\users\Di\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-10-28 11:26	220632	----a-w-	c:\users\Di\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-10-28 11:26	220632	----a-w-	c:\users\Di\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KiesPreload"="c:\program files (x86)\Samsung\Kies\Kies.exe" [2013-02-13 1509232]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-09-14 283160]
"BackupManagerTray"="c:\program files (x86)\NTI\Packard Bell MyBackup\BackupManagerTray.exe" [2012-01-05 295448]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-04-27 113288]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-12-09 1025616]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"WinampAgent"="c:\programme\Winamp\winampa.exe" [2012-06-20 74752]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-02-13 385248]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2013-02-13 310128]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;c:\program files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-10-09 169312]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2013-02-06 102936]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\SysWOW64\FsUsbExDisk.SYS [2013-02-05 37344]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2012-09-20 203104]
R3 ssudobex;SAMSUNG Mobile USB OBEX Serial Port(DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudobex.sys [2012-09-20 203104]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-10-08 150016]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2012-10-02 30056]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2010-07-12 55856]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2012-11-16 27800]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2013-02-13 86752]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-12-09 311376]
S2 ePowerSvc;Acer ePower Service;c:\program files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [2010-12-10 868224]
S2 GREGService;GREGService;c:\program files (x86)\Packard Bell\Registration\GREGsvc.exe [2010-01-08 23584]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-09-14 13336]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NTI\Packard Bell MyBackup\IScheduleSvc.exe [2012-01-05 256536]
S2 ogmservice;Online Games Manager;c:\program files (x86)\Online Games Manager\ogmservice.exe [2012-06-08 521344]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-10-08 19192]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-22 2656280]
S2 Updater Service;Updater Service;c:\program files\Packard Bell\Packard Bell Updater\UpdaterService.exe [2010-01-29 243232]
S3 b57xdbd;Broadcom xD Picture Bus Driver Service;c:\windows\system32\DRIVERS\b57xdbd.sys [2010-12-11 67112]
S3 b57xdmp;Broadcom xD Picture vstorp client drv;c:\windows\system32\DRIVERS\b57xdmp.sys [2010-12-11 19496]
S3 bScsiMSa;bScsiMSa;c:\windows\system32\DRIVERS\bScsiMSa.sys [2010-12-15 35368]
S3 bScsiSDa;bScsiSDa;c:\windows\system32\DRIVERS\bScsiSDa.sys [2010-12-11 85544]
S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [2011-05-18 47616]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2010-12-01 411688]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-09-30 80384]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-09-30 180736]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 56388237
*NewlyCreated* - PXTDAPOC
*Deregistered* - 56388237
*Deregistered* - pxtdapoc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-02-27 06:36	1629648	----a-w-	c:\program files (x86)\Google\Chrome\Application\25.0.1364.97\Installer\chrmstp.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2}]
2010-02-16 17:02	114688	----a-w-	c:\program files (x86)\PixiePack Codec Pack\InstallerHelper.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-02-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-02 18:35]
.
2013-02-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-08-02 18:35]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-10-28 11:26	244696	----a-w-	c:\users\Di\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-10-28 11:26	244696	----a-w-	c:\users\Di\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-10-28 11:26	244696	----a-w-	c:\users\Di\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-12-23 11725928]
"Acer ePower Management"="c:\program files\Packard Bell\Packard Bell Power Management\ePowerTray.exe" [2010-12-10 860040]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-12-30 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-12-30 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-12-30 418328]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mDefault_Page_URL = hxxp://packardbell.msn.com
mStart Page = hxxp://packardbell.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Free YouTube Download - c:\users\Di\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to MP3 Converter - c:\users\Di\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
TCP: DhcpNameServer = 80.69.102.158 80.69.100.102
Handler: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - 
Handler: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - 
Handler: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - 
FF - ProfilePath - c:\users\Di\AppData\Roaming\Mozilla\Firefox\Profiles\wmm65f2g.default\
FF - prefs.js: browser.startup.homepage - Google
FF - prefs.js: keyword.URL - hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSource=2&cc=&q=
FF - user.js: extensions.Softonic.rvrtMsg - Click Yes to keep current home page and default search settings, Click No to restore original settings
FF - user.js: extensions.Softonic.autoRvrt - false
FF - user.js: extensions.Softonic_i.hmpg - true
FF - user.js: extensions.Softonic.hmpgUrl - hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSource=13&cc=
FF - user.js: extensions.Softonic.hpOld - hxxp://www.google.de/
FF - user.js: extensions.Softonic.hpNew - hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSource=13&cc=
FF - user.js: extensions.Softonic.dfltSrch - true
FF - user.js: extensions.Softonic.srchPrvdr - Search the web (Softonic)
FF - user.js: extensions.Softonic.keyWordUrl - hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSource=2&cc=&q=
FF - user.js: extensions.Softonic.dspOld - 
FF - user.js: extensions.Softonic.dspNew - Search the web (Softonic)
FF - user.js: extensions.Softonic_i.dnsErr - true
FF - user.js: extensions.Softonic_i.newTab - true
FF - user.js: extensions.Softonic.newTabUrl - hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSource=15&cc=
FF - user.js: extensions.Softonic.tlbrSrchUrl - hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSource=1&cc=&q=
FF - user.js: extensions.Softonic.id - 72c19197000000000000fe55f969a82e
FF - user.js: extensions.Softonic.instlDay - 15559
FF - user.js: extensions.Softonic.vrsn - 1.6.7.4
FF - user.js: extensions.Softonic.vrsni - 1.6.7.4
FF - user.js: extensions.Softonic_i.vrsnTs - 1.6.7.418:29
FF - user.js: extensions.Softonic.prtnrId - softonic
FF - user.js: extensions.Softonic.prdct - Softonic
FF - user.js: extensions.Softonic.aflt - SD
FF - user.js: extensions.Softonic_i.smplGrp - none
FF - user.js: extensions.Softonic.tlbrId - base
FF - user.js: extensions.Softonic.instlRef - INF1205T01
FF - user.js: extensions.Softonic.dfltLng - de
FF - user.js: extensions.Softonic.excTlbr - false
FF - user.js: extensions.Softonic.admin - false
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-EA Core - c:\program files (x86)\Electronic Arts\EADM\Core.exe
Wow6432Node-HKCU-Run-KiesAirMessage - c:\program files (x86)\Samsung\Kies\KiesAirMessage.exe
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-BrowserCompanion - c:\program files (x86)\BrowserCompanion\uninstall.exe
AddRemove-Free YouTube Download 3_is1 - c:\program files (x86)\Common Files\DVDVideoSoft\Uninstall.exe
AddRemove-Free YouTube to MP3 Converter_is1 - c:\program files (x86)\Common Files\DVDVideoSoft\Uninstall.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.032"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.abr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.abr"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.ani"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.apd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.apd"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.arw"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.bay"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.bmp"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.bw"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.cr2"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.crw"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.cs1"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.cur"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.dcr"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.dcx"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.dib"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.djv"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.djvu"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.dng"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.emf"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.eps"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.erf"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.fff"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.fpx"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.gif"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.hdr"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.icl"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.icn"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.iff"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.ilbm"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.int"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.inta"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.iw4"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.j2c"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.j2k"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.jbr"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.jfif"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.jif"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.jp2"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.jpc"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.jpe"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.jpeg"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.jpg"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.jpk"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.jpx"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.kdc"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.lbm"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.mef"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.mos"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.mrw"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.nef"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nrw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.nrw"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.orf"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.pbm"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.pbr"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.pcd"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.pct"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.pcx"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.pef"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.pgm"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.pic"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.pict"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.pix"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.png"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.ppm"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.psd"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.psp"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.pspbrush"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.pspimage"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.raf"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.ras"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.raw"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.rgb"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.rgba"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.rle"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.rsb"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rw2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.rw2"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rwl\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.rwl"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.sgi"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.sr2"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.srf"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.tga"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.thm"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.tif"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.tiff"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.ttc"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.ttf"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v30po\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.v30po"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v30pp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.v30pp"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v30ppf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.v30ppf"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.wbm"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.wbmp"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.wmf"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.xbm"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.xif"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xmp\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.xmp"
.
[HKEY_USERS\S-1-5-21-3363070901-4157279488-546614052-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ACDSee Foto-Manager 12.xpm"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-02-27  19:17:43
ComboFix-quarantined-files.txt  2013-02-27 18:17
.
Vor Suchlauf: 15 Verzeichnis(se), 360.123.277.312 Bytes frei
Nach Suchlauf: 22 Verzeichnis(se), 364.035.444.736 Bytes frei
.
- - End Of File - - E27E4E9DD7B15D1827F26DFA28D67E98
         
--- --- ---

Alt 27.02.2013, 18:26   #8
markusg
/// Malware-holic
 
tcbhn im Autostart! - Standard

tcbhn im Autostart!



Hi
ist ok so.

lade den CCleaner standard:
CCleaner - Download - Filepony
falls der CCleaner
bereits instaliert, überspringen.
öffnen, Tools (extras),uninstall Llist, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 27.02.2013, 19:04   #9
Babydi
 
tcbhn im Autostart! - Standard

tcbhn im Autostart!



Acrobat.com Adobe Systems Incorporated 03.12.2010 1,60MB 1.6.65 notwendig
Adobe AIR Adobe Systems Inc. 03.12.2010 1.5.0.7220 notwendig
Adobe Flash Player 11 Plugin Adobe Systems Incorporated 14.02.2013 6,00MB 11.6.602.168 notwendig
Adobe Photoshop Elements 8.0 Adobe Systems Incorporated 30.03.2011 1,54GB 8.0 notwendig
Adobe Reader X (10.1.6) - Deutsch Adobe Systems Incorporated 23.02.2013 122MB 10.1.6 notwendig
Avira Free Antivirus Avira 13.02.2013 129MB 13.0.0.3185 notwendig
Big Fish Games: Game Manager 14.11.2012 3.0.1.60 unnötig
Broadcom Card Reader Driver Installer Broadcom Corporation 30.03.2011 2,73MB 14.4.9.3 unbekannt
Broadcom Gigabit NetLink Controller Broadcom Corporation 30.03.2011 492KB 14.4.8.3 unbekannt
BrowserCompanion 24.07.2012 unbekannt
CCleaner Piriform 25.02.2013 3.28 notwendig
CyberLink MediaEspresso CyberLink Corp. 03.12.2010 217MB 6.0.1027_32100 unbekannt
DEUTSCHLAND SPIELT GAME CENTER INTENIUM GmbH 12.07.2012 1.0.0.46 unnötig
eBay Worldwide OEM 30.06.2011 100KB 2.1.0901 unbekannt
Exact Audio Copy 1.0beta3 Andre Wiethoff 08.02.2013 1.0beta3 notwendig
Free Audio Converter version 5.0.22.128 DVDVideoSoft Ltd. 08.02.2013 68,7MB 5.0.22.128 notwendig
Free YouTube Download 3 version 3.0.7.718 DVDVideoSoft Limited. 20.07.2011 44,7MB notwendig
Free YouTube to MP3 Converter version 3.11.37.1212 DVDVideoSoft Ltd. 22.12.2012 72,8MB 3.11.37.1212 notwendig
Google Chrome Google Inc. 02.08.2011 25.0.1364.97 unnötig
HijackThis 2.0.2 TrendMicro 18.09.2012 2.0.2 notwendig
HomeMedia CyberLink Corporation 30.03.2011 2.0.8423 unbekannt
Identity Card Packard Bell 30.03.2011 1.00.3003 unbekannt
Intel(R) Control Center Intel Corporation 30.03.2011 1.2.1.1007 notwendig
Intel(R) Management Engine Components Intel Corporation 30.03.2011 7.0.0.1144 notwendig
Intel(R) Processor Graphics Intel Corporation 30.03.2011 8.15.10.2272 notwendig
Intel(R) Rapid Storage Technology Intel Corporation 30.03.2011 10.0.0.1046 notwendig
Java 7 Update 15 Oracle 24.02.2013 129MB 7.0.150 notwendig
JavaFX 2.1.1 Oracle Corporation 01.07.2012 20,8MB 2.1.1 unbekannt
Launch Manager Packard Bell 30.03.2011 5.0.3 unbekannt
Malwarebytes Anti-Malware Version 1.70.0.1100 Malwarebytes Corporation 26.02.2013 18,4MB 1.70.0.1100 ? wegen diesem Problem install.
Microsoft .NET Framework 4 Client Profile Microsoft Corporation 12.01.2012 38,8MB 4.0.30320 unbekannt
Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Corporation 12.01.2012 2,93MB 4.0.30320 unbekannt
Microsoft Office 2010 Microsoft Corporation 30.03.2011 6,31MB 14.0.4763.1000 notwendig
Microsoft Office Klick-und-Los 2010 Microsoft Corporation 19.08.2011 14.0.4763.1000 notwendig
Microsoft Office Starter 2010 - Deutsch Microsoft Corporation 19.08.2011 14.0.4763.1000 notwendig
Microsoft PowerPoint Viewer Microsoft Corporation 13.12.2012 178MB 14.0.6029.1000 notwendig
Microsoft Silverlight Microsoft Corporation 09.05.2012 50,6MB 5.1.10411.0 unbekannt
Microsoft SkyDrive Microsoft Corporation 28.10.2012 25,1MB 16.4.6013.0910 unbekannt
Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 30.03.2011 1,69MB 3.1.0000 unbekannt
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Corporation 24.01.2012 252KB 8.0.50727.4053 unbekannt
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 02.07.2011 300KB 8.0.59193 unbekannt
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Corporation 03.12.2010 788KB 9.0.30729.4148 unbekannt
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 02.07.2011 788KB 9.0.30729.6161 unbekannt
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 03.12.2010 596KB 9.0.30729 unbekannt
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 03.12.2010 596KB 9.0.30729.4148 unbekannt
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 02.07.2011 600KB 9.0.30729.6161 unbekannt
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 17.10.2011 16,5MB 10.0.40219 unbekannt
Microsoft WSE 3.0 Runtime Microsoft Corp. 30.01.2012 942KB 3.0.5305.0 unbekannt
Mozilla Firefox 18.0.2 (x86 de) Mozilla 06.02.2013 44,8MB 18.0.2 notwendig
Mozilla Maintenance Service Mozilla 06.02.2013 330KB 18.0.2 notwendig
MSXML 4.0 SP2 (KB954430) Microsoft Corporation 02.07.2011 1,27MB 4.20.9870.0 unbekannt
MSXML 4.0 SP2 (KB973688) Microsoft Corporation 02.07.2011 1,33MB 4.20.9876.0 unbekannt
MyFreeCodec 21.12.2012 unbekannt
Nero 9 Essentials Nero AG 03.12.2010 notwendig
NVIDIA Grafiktreiber 306.97 NVIDIA Corporation 10.10.2012 306.97 notwendig
NVIDIA PhysX-Systemsoftware 9.12.0604 NVIDIA Corporation 14.09.2012 9.12.0604 notwendig
NVIDIA Update 1.10.8 NVIDIA Corporation 10.10.2012 1.10.8 notwendig
Online Games Manager v1.10 Real Networks, Inc. 07.07.2012 1.10.3 ? glaube notwendig
Packard Bell Games WildTangent 30.03.2011 1.0.1.3 unbekannt
Packard Bell MyBackup NTI Corporation 01.02.2012 349MB 3.0.0.100 notwendig
Packard Bell Power Management Packard Bell 30.03.2011 6.00.3001 notwendig
Packard Bell Recovery Management Packard Bell 30.03.2011 5.00.3002 nowendig
Packard Bell Registration Packard Bell 30.03.2011 1.03.3003 notwendig
Packard Bell ScreenSaver Packard Bell 30.03.2011 1.1.0811.2010 notwendig
Packard Bell Social Networks CyberLink Corp. 03.12.2010 26,0MB 2.0.2211 ? glaube notwendig
Packard Bell Updater Packard Bell 03.12.2010 1.02.3001 notwendig
PixiePack Codec Pack None 16.10.2011 17,2MB 1.1.1200.0 unbekannt
PunkBuster Services Even Balance, Inc. 28.12.2012 0.986 unbekannt
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 30.03.2011 6.0.1.6276 notwendig
Renesas Electronics USB 3.0 Host Controller Driver Renesas Electronics Corporation 30.03.2011 1,00MB 2.0.26.0 ? glaube notwendig
SA21xx Device Manager Philips 30.06.2011 1.0 unbekannt
Samsung Kies Samsung Electronics Co., Ltd. 17.01.2013 148MB 2.5.1.12123_2 notwendig
SAMSUNG USB Driver for Mobile Phones SAMSUNG Electronics Co., Ltd. 21.02.2013 42,9MB 1.5.18.0 notwendig
Skype™ 6.1 Skype Technologies S.A. 24.01.2013 20,8MB 6.1.129 notwendig
Synaptics Pointing Device Driver Synaptics Incorporated 30.03.2011 46,4MB 15.1.6.0 unbekannt
System Requirements Lab 19.03.2012 unbekannt
Unreal Tournament G.O.T.Y. Edition 28.12.2012 unbekannt
Video Web Camera CyberLink Corp. 30.03.2011 33,1MB 1.0.1306 notwendig
VLC media player 2.0.2 VideoLAN 04.10.2012 2.0.2 notwendig
Welcome Center Packard Bell 30.03.2011 1.02.3007 notwendig
Winamp Nullsoft, Inc 19.11.2012 5.63 notwendig
Winamp Erkennungs-Plug-in Nullsoft, Inc 19.11.2012 75,0KB 1.0.0.1 notwendig
Windows Live Essentials Microsoft Corporation 28.10.2012 16.4.3505.0912 unbekannt
Windows Media Player Firefox Plugin Microsoft Corp 26.01.2012 296KB 1.0.0.8 unbekannt
WinRAR 4.20 (32-Bit) win.rar GmbH 25.06.2012 4.20.0 notwendig
Wolfenstein - Enemy Territory ACTIVISION 28.12.2012 2.60b unbekannt
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 Intel 30.03.2011 27,5MB 2.0.82.0 notwendig

Alt 27.02.2013, 19:07   #10
markusg
/// Malware-holic
 
tcbhn im Autostart! - Standard

tcbhn im Autostart!



deinstaliere:
Adobe Flash Player alle
Adobe - Adobe Flash Player installieren
neueste version laden, instalieren.
adobe reader:
Adobe - Adobe Reader herunterladen - Alle Versionen
haken bei mcafee security scan raus nehmen

bitte auch mal den adobe reader wie folgt konfigurieren:
adobe reader öffnen, bearbeiten, voreinstellungen.
allgemein:
nur zertifizierte zusatz module verwenden, anhaken.
Sicherheit (erweitert)
Erweiterte Sicherheit anhaken
und alle Dateien auswählen.
internet:
hier sollte alles deaktiviert werden, es ist sehr unsicher pdfs automatisch zu öffnen, zu downloaden etc.
es ist immer besser diese direkt abzuspeichern da man nur so die kontrolle hat was auf dem pc vor geht.
bei javascript den haken bei java script verwenden raus nehmen
bei updater, automatisch instalieren wählen.
übernehmen /ok



deinstaliere:
Big
BrowserCompanion
CyberLink
DEUTSCHLAND
eBay
Google
HijackThis : bitte nicht mehr nutzen, wird nicht mehr entwickelt und macht fehler unter neuen Systemen.
MyFreeCodec
PixiePack
Unreal
Windows Live : alle für dich unnötigen.
Wolfenstein

Öffne CCleaner, analysieren, starten, PC neustarten.
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 27.02.2013, 19:53   #11
Babydi
 
tcbhn im Autostart! - Standard

tcbhn im Autostart!



AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v2.113 - Datei am 27/02/2013 um 20:49:39 erstellt
# Aktualisiert am 23/02/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Di - DI-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Di\Desktop\adwcleaner_2113.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Gelöscht : C:\user.js
Ordner Gelöscht : C:\ProgramData\boost_interprocess
Ordner Gelöscht : C:\ProgramData\Trymedia
Ordner Gelöscht : C:\Users\Di\AppData\LocalLow\bbrs_002.tb
Ordner Gelöscht : C:\Users\Di\AppData\Roaming\BrowserCompanion
Ordner Gelöscht : C:\Users\Di\AppData\Roaming\dvdvideosoftiehelpers

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\IM
Schlüssel Gelöscht : HKCU\Software\ImInstaller
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{963B125B-8B21-49A2-A3A8-E37092276531}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{4327FABE-3C22-4689-8DBF-D226CF777FE9}
Schlüssel Gelöscht : HKLM\Software\BrowserCompanion
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{20EDC024-43C5-423E-B7F5-FD93523E0D9F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{373ED12D-B306-43AC-9485-A7C5133DC34C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{ED6535E7-F778-48A5-A060-549D30024511}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\tdataprotocol.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\updatebho.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\wit4ie.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\base64
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\chrome
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\prox
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{8830DDF0-3042-404D-A62C-384A85E34833}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{955B782E-CDC8-4CEE-B6F6-AD7D541A8D8A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\updatebho.TimerBHO
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\updatebho.TimerBHO.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wit4ie.WitBHO
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wit4ie.WitBHO.2
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_installer_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_installer_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\softonic_ggl_1_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\softonic_ggl_1_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\02bf65d645994df0ab711ea0e293f29d
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\08ab9cbf5344299c7d466bd8e94d7e0a
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\182cbaeb29e16344e6068a8f7880ee1f
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\18d8fb8ec6940d5a914b4a5a489a987b
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\2afc2a4ca5a5fa3b7eb9b68c1bd0f713
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\33b709e6d787d5e9ad13c6d2e7561ee9
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\3cb1e59e3f781367097efff509bd1537
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\4c2650c511b32052b3ea2f2bc2ada406
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\57ba3f53445489d370f4fd720039d66b
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\67e5d2ae09a0f7f7e8a0d2766fb5acb7
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\826ab6f0395d85256a88547e0cd988bf
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\82ff893f84e73cad373b91b8ba78ac78
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\86dcd08c485560adeb3e20f4268c273e
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\b344d627364ac71e5c2cc5782c4aa312
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bab3573d4d9b902ade5e750cb61a6c3f
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\c40ba4951166b25188105b97864d7512
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\c7bdf000efa3f2f32977d770027a79b4
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\c9d31884ce42e5f1b44a7ee2534efc52
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\d93b5ebe950ce6da0abf14a6dda77cde
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\f391612f1dc75ecfd794b51eda4d1db0
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{5ACE96C0-C70A-4A4D-AF14-2E7B869345E1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\bodddioamolcibagionmmobehnbhiakf
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{963B125B-8B21-49A2-A3A8-E37092276531}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03}
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{acaa314b-eeba-48e4-ad47-84e31c44796c}]

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16464

Ersetzt : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSource=15&cc= --> hxxp://www.google.com

-\\ Mozilla Firefox v18.0.2 (de)

Datei : C:\Users\Di\AppData\Roaming\Mozilla\Firefox\Profiles\wmm65f2g.default\prefs.js

C:\Users\Di\AppData\Roaming\Mozilla\Firefox\Profiles\wmm65f2g.default\user.js ... Gelöscht !

Gelöscht : user_pref("extensions.Softonic.admin", false);
Gelöscht : user_pref("extensions.Softonic.aflt", "SD");
Gelöscht : user_pref("extensions.Softonic.autoRvrt", "false");
Gelöscht : user_pref("extensions.Softonic.cntry", "DE");
Gelöscht : user_pref("extensions.Softonic.cv", "cv5");
Gelöscht : user_pref("extensions.Softonic.dfltLng", "de");
Gelöscht : user_pref("extensions.Softonic.dfltSrch", true);
Gelöscht : user_pref("extensions.Softonic.dfltlng", "de");
Gelöscht : user_pref("extensions.Softonic.dfltsrch", true);
Gelöscht : user_pref("extensions.Softonic.dspNew", "Search the web (Softonic)");
Gelöscht : user_pref("extensions.Softonic.dspOld", "");
Gelöscht : user_pref("extensions.Softonic.envrmnt", "production");
Gelöscht : user_pref("extensions.Softonic.excTlbr", false);
Gelöscht : user_pref("extensions.Softonic.hdrMd5", "B299F4B8F503BC44405656696B726AFC");
Gelöscht : user_pref("extensions.Softonic.hmpg", true);
Gelöscht : user_pref("extensions.Softonic.hmpgUrl", "hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSource=1[...]
Gelöscht : user_pref("extensions.Softonic.hpNew", "hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSource=13&[...]
Gelöscht : user_pref("extensions.Softonic.hpOld", "hxxp://www.google.de/");
Gelöscht : user_pref("extensions.Softonic.hrdid", "72c19197000000000000fe55f969a82e");
Gelöscht : user_pref("extensions.Softonic.id", "72c19197000000000000fe55f969a82e");
Gelöscht : user_pref("extensions.Softonic.instlDay", "15559");
Gelöscht : user_pref("extensions.Softonic.instlRef", "INF1205T01");
Gelöscht : user_pref("extensions.Softonic.instlday", "15559");
Gelöscht : user_pref("extensions.Softonic.instlref", "INF1205T01");
Gelöscht : user_pref("extensions.Softonic.isdcmntcmplt", "false");
Gelöscht : user_pref("extensions.Softonic.keyWordUrl", "hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSourc[...]
Gelöscht : user_pref("extensions.Softonic.keywordurl", "hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSourc[...]
Gelöscht : user_pref("extensions.Softonic.lastVrsnTs", "1.6.7.418:29:29");
Gelöscht : user_pref("extensions.Softonic.mntrvrsn", "1.3.0");
Gelöscht : user_pref("extensions.Softonic.newTab", true);
Gelöscht : user_pref("extensions.Softonic.newTabUrl", "hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSource[...]
Gelöscht : user_pref("extensions.Softonic.newtab", true);
Gelöscht : user_pref("extensions.Softonic.newtaburl", "hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSource[...]
Gelöscht : user_pref("extensions.Softonic.prdct", "Softonic");
Gelöscht : user_pref("extensions.Softonic.propectorlck", 83008941);
Gelöscht : user_pref("extensions.Softonic.prtnrId", "softonic");
Gelöscht : user_pref("extensions.Softonic.prtnrid", "softonic");
Gelöscht : user_pref("extensions.Softonic.rvrtMsg", "Click Yes to keep current home page and default search set[...]
Gelöscht : user_pref("extensions.Softonic.savedVrsnTs", "1");
Gelöscht : user_pref("extensions.Softonic.sg", "az");
Gelöscht : user_pref("extensions.Softonic.similarsitesstorage-pid2", "527c4bb9cc3823a7");
Gelöscht : user_pref("extensions.Softonic.smplGrp", "none");
Gelöscht : user_pref("extensions.Softonic.smplgrp", "none");
Gelöscht : user_pref("extensions.Softonic.srch", "");
Gelöscht : user_pref("extensions.Softonic.srchPrvdr", "Search the web (Softonic)");
Gelöscht : user_pref("extensions.Softonic.srchprvdr", "Search the web (Softonic)");
Gelöscht : user_pref("extensions.Softonic.tlbrId", "base");
Gelöscht : user_pref("extensions.Softonic.tlbrSrchUrl", "hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSour[...]
Gelöscht : user_pref("extensions.Softonic.tlbrid", "base");
Gelöscht : user_pref("extensions.Softonic.tlbrsrchurl", "hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSour[...]
Gelöscht : user_pref("extensions.Softonic.vrsn", "1.6.7.4");
Gelöscht : user_pref("extensions.Softonic.vrsnTs", "1.6.7.418:29:29");
Gelöscht : user_pref("extensions.Softonic.vrsni", "1.6.7.4");
Gelöscht : user_pref("extensions.Softonic.vrsnts", "1.6.7.418:29:29");
Gelöscht : user_pref("extensions.Softonic_i.dnsErr", true);
Gelöscht : user_pref("extensions.Softonic_i.hmpg", true);
Gelöscht : user_pref("extensions.Softonic_i.newTab", true);
Gelöscht : user_pref("extensions.Softonic_i.smplGrp", "none");
Gelöscht : user_pref("extensions.Softonic_i.vrsnTs", "1.6.7.418:29:29");
Gelöscht : user_pref("keyword.URL", "hxxp://search.softonic.com/INF1205T01/tb_v1?SearchSource=2&cc=&q=");

-\\ Google Chrome v25.0.1364.97

Datei : C:\Users\Di\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[S1].txt - [11935 octets] - [27/02/2013 20:49:39]

########## EOF - C:\AdwCleaner[S1].txt - [11996 octets] ##########
         
--- --- ---

Geändert von Babydi (27.02.2013 um 20:03 Uhr)

Alt 27.02.2013, 20:49   #12
markusg
/// Malware-holic
 
tcbhn im Autostart! - Standard

tcbhn im Autostart!



Hi,
Hitmanpro laden:
HitmanPro - Download - Filepony
doppelklick, Lizenz, Testlizenz.
Auf scan, nichts löschen.
Log als XML exportieren und posten bzw packen und anhängen
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 27.02.2013, 21:12   #13
Babydi
 
tcbhn im Autostart! - Standard

tcbhn im Autostart!



HitmanPro_20130227_2211.log



XML wollte er nicht hochladen..

Alt 27.02.2013, 21:32   #14
markusg
/// Malware-holic
 
tcbhn im Autostart! - Standard

tcbhn im Autostart!



kookies und potential unwanted (pup) löschen.
dann neustart, neues otl log
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 27.02.2013, 21:37   #15
Babydi
 
tcbhn im Autostart! - Standard

tcbhn im Autostart!



Hy, sorry aber alle cookies, die er mir anzeigt?
potential unwanted (pup) , ist das des blubbers ding ja??

Antwort

Themen zu tcbhn im Autostart!
adobe, antivir, avira, bho, converter, download, explorer, firefox, format, harddisk, home, launch, logfile, microsoft, mp3, ntdll.dll, nvidia, nvidia update, nvpciflt.sys, online games, opera, packard bell, programme, realtek, registry, samsung kies, scan, software, tcbhn, usb, windows, winlogon, wscript.exe



Ähnliche Themen: tcbhn im Autostart!


  1. tcbhn hat ein Problem festgestellt und muß beendet werden
    Log-Analyse und Auswertung - 08.02.2015 (1)
  2. tcbhn wurde beendet
    Log-Analyse und Auswertung - 15.08.2013 (39)
  3. Fehlermeldung: tcbhn wurde geschlossen
    Log-Analyse und Auswertung - 08.07.2013 (11)
  4. TCBHN vom PC runterschmeißen
    Plagegeister aller Art und deren Bekämpfung - 05.07.2013 (5)
  5. tcbhn wurde beendet und geschlossen!
    Log-Analyse und Auswertung - 14.06.2013 (30)
  6. tcbhn wurde beendet und geschlossen
    Plagegeister aller Art und deren Bekämpfung - 13.06.2013 (47)
  7. Virus tcbhn?
    Log-Analyse und Auswertung - 12.06.2013 (41)
  8. Tcbhn wurde beendet und geschlossen - Virus?
    Plagegeister aller Art und deren Bekämpfung - 08.06.2013 (9)
  9. tcbhn.exe wurde beendet und geschlossen.
    Plagegeister aller Art und deren Bekämpfung - 14.05.2013 (17)
  10. tcbhn.exe wurde beendet und geschlossen.
    Plagegeister aller Art und deren Bekämpfung - 07.05.2013 (3)
  11. Tcbhn wurde beendet und geschlossen
    Log-Analyse und Auswertung - 03.05.2013 (7)
  12. tcbhn hat ein Problem festgestellt und muß beendet werden
    Log-Analyse und Auswertung - 28.04.2013 (4)
  13. Meldung: tcbhn wurde beendet und geschlossen
    Plagegeister aller Art und deren Bekämpfung - 23.04.2013 (21)
  14. tcbhn wurde beendet und geschlossen?
    Log-Analyse und Auswertung - 23.04.2013 (8)
  15. tcbhn wurde beendet und geschlossen?
    Plagegeister aller Art und deren Bekämpfung - 22.02.2013 (43)
  16. tcbhn.exe Blabbers gefunden im Startmenü
    Log-Analyse und Auswertung - 08.12.2012 (8)
  17. tcbhn.exe *32
    Plagegeister aller Art und deren Bekämpfung - 21.11.2012 (13)

Zum Thema tcbhn im Autostart! - Schönen guten Tag, mein Laptop ist noch nicht alt und wurde immer langsamer und brauchte sehr lange zum hoch und runter fahren, auch reagierte er oft nicht wie sonst, daher - tcbhn im Autostart!...
Archiv
Du betrachtest: tcbhn im Autostart! auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.