| |
| |||||||
Log-Analyse und Auswertung: Virus tcbhn?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
04.06.2013, 15:28
| #1 |
 |  Virus tcbhn? Hallo liebe Helfer, ich habe folgendes Problem mit meinem Laptop (Windows Vista) Immer wenn ich mein PC Hochfahre kommt diese Meldung: "tcbhn.exe hat ein Problem festgestellt und muss beendet werden". Wie ich hier bereits feststellen durfte, bin ich nicht die Einzige mit diesem "Virus?" ich habe bereits Schritt 1 mit dem Malwarebytes Anti-Malware und Schritt zwei mit dem OTL von Oldtimer durchgeführt. Nun komme ich leider nicht mehr weiter  - ich wäre sehr sehr dankbar für jede Hilfe.Lg Jz° |
|
04.06.2013, 15:30
| #2 |
| /// Malware-holic   |  Virus tcbhn? Hi, und wie sollen wir weiterkommen, ohne die Logs?
__________________http://www.trojaner-board.de/125889-...en-posten.html Malwarebytes Logs mit Funden posten, otl logs posten
__________________ |
|
04.06.2013, 15:55
| #3 |
| | Virus tcbhn? ich hoffe das sind so dir richtigen?
__________________1OTL Logfile: Code:
ATTFilter OTL logfile created on: 04.06.2013 14:51:36 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dermal\Downloads Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 1,28 Gb Available Physical Memory | 42,70% Memory free 6,20 Gb Paging File | 4,30 Gb Available in Paging File | 69,47% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 132,70 Gb Total Space | 30,56 Gb Free Space | 23,03% Space Free | Partition Type: NTFS Drive D: | 116,44 Gb Total Space | 116,18 Gb Free Space | 99,78% Space Free | Partition Type: NTFS Drive E: | 88,46 Gb Total Space | 88,30 Gb Free Space | 99,82% Space Free | Partition Type: NTFS Drive F: | 116,44 Gb Total Space | 116,20 Gb Free Space | 99,80% Space Free | Partition Type: NTFS Computer Name: DERMAL-PC | User Name: Dermal | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Dermal\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files\Avira\AntiVir Desktop\update.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Users\Dermal\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd) PRC - C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) PRC - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) PRC - C:\Program Files\Avira\AntiVir Desktop\updrgui.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.) PRC - C:\ProgramData\GinyasBrowserCompanions\tbhcns.exe (Blabbers Communications Ltd) PRC - c:\Program Files\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.) PRC - C:\Program Files\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.) PRC - C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.) PRC - C:\Users\Dermal\AppData\Roaming\BrowserCompanion\tbhcn.exe () PRC - C:\Program Files\Searchqu Toolbar\Datamngr\datamngrUI.exe (Bandoo Media, inc) PRC - C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE (Microsoft Corporation) PRC - C:\Program Files\Ask.com\Updater\Updater.exe (Ask) PRC - C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.) PRC - C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org) PRC - C:\Program Files\OpenOffice.org 3\program\soffice.bin (OpenOffice.org) PRC - C:\Program Files\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.) PRC - C:\Program Files\Browny02\BrYNSvc.exe (Brother Industries, Ltd.) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Program Files\ASUS\ATK Hotkey\HControl.exe (ASUS) PRC - C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe (ASUS) PRC - C:\Program Files\ASUS\ATK Media\DMedia.exe (ASUS) PRC - C:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe (ASUS) PRC - C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe (ASUS) PRC - C:\Program Files\ASUS\ATK Hotkey\WDC.exe (ASUS) PRC - C:\Program Files\ASUS\ATK Hotkey\KBFiltr.exe (ASUS) PRC - C:\Program Files\ASUS\ATK Hotkey\AsLdrSrv.exe () PRC - C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe (ASUS) PRC - C:\Program Files\ATKGFNEX\GFNEXSrv.exe () ========== Modules (No Company Name) ========== MOD - C:\Users\Dermal\AppData\Local\Google\Chrome\Application\27.0.1453.94\ppGoogleNaClPluginChrome.dll () MOD - C:\Users\Dermal\AppData\Local\Google\Chrome\Application\27.0.1453.94\PepperFlash\pepflashplayer.dll () MOD - C:\Users\Dermal\AppData\Local\Google\Chrome\Application\27.0.1453.94\pdf.dll () MOD - C:\Users\Dermal\AppData\Local\Google\Chrome\Application\27.0.1453.94\ffmpegsumo.dll () MOD - C:\Users\Dermal\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpgoohpbdddibhlhdkenenmmlfofjfkh\1.0.5_0\chromeNPAPI.dll () MOD - C:\Users\Dermal\AppData\Roaming\BrowserCompanion\tbhcn.exe () MOD - C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll () MOD - C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll () MOD - C:\Program Files\OpenOffice.org 3\program\libxml2.dll () MOD - C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF () MOD - C:\Program Files\Brother\BrUtilities\BrLogAPI.dll () MOD - C:\Program Files\ASUS\ATK Hotkey\MsgTran.dll () ========== Services (SafeList) ========== SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (SkypeUpdate) -- C:\Program Files\Skype\Updater\Updater.exe (Skype Technologies) SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (MBAMService) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (MBAMScheduler) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) SRV - (McComponentHostService) -- C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe (McAfee, Inc.) SRV - (McAfee SiteAdvisor Service) -- c:\Program Files\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.) SRV - (Microsoft SharePoint Workspace Audit Service) -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation) SRV - (BrYNSvc) -- C:\Program Files\Browny02\BrYNSvc.exe (Brother Industries, Ltd.) SRV - (ASLDRService) -- C:\Program Files\ASUS\ATK Hotkey\AsLdrSrv.exe () SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (ATKGFNEXSrv) -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe () ========== Driver Services (SafeList) ========== DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found DRV - (hwdatacard) -- system32\DRIVERS\ewusbmdm.sys File not found DRV - (Andbus) -- system32\DRIVERS\lgandbus.sys File not found DRV - (SNP2UVC) -- C:\Windows\System32\drivers\snp2uvc.sys () DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira Operations GmbH & Co. KG) DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG) DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG) DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation) DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (ANDModem) -- C:\Windows\System32\drivers\lgandmodem.sys (LG Electronics Inc.) DRV - (AndDiag) -- C:\Windows\System32\drivers\lganddiag.sys (LG Electronics Inc.) DRV - (AndGps) -- C:\Windows\System32\drivers\lgandgps.sys (LG Electronics Inc.) DRV - (LgBttPort) -- C:\Windows\System32\drivers\lgbtport.sys (LG Electronics Inc.) DRV - (LGVMODEM) -- C:\Windows\System32\drivers\lgvmodem.sys (LG Electronics Inc.) DRV - (lgbusenum) -- C:\Windows\System32\drivers\lgbtbus.sys (LG Electronics Inc.) DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.) DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (kbfiltr) -- C:\Windows\System32\drivers\kbfiltr.sys ( ) DRV - (SiSGbeLH) -- C:\Windows\System32\drivers\SiSGB6.sys (Silicon Integrated Systems Corp.) DRV - (ASMMAP) -- C:\Program Files\ATKGFNEX\ASMMAP.sys () DRV - (MTsensor) -- C:\Windows\System32\drivers\ATKACPI.sys (ATK0100) DRV - (smserial) -- C:\Windows\System32\drivers\smserial.sys (Motorola Inc.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.asus.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com/?crg=3.1010006.10028&barid={FE4FC1EC-41A9-4D59-B6C5-D899C8DDA5A7} IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&appid=101&systemid=406&sr=0&q={searchTerms} IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010006.10028&barid={FE4FC1EC-41A9-4D59-B6C5-D899C8DDA5A7} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2037266627-3019248292-127095963-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.asus.com IE - HKU\S-1-5-21-2037266627-3019248292-127095963-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie IE - HKU\S-1-5-21-2037266627-3019248292-127095963-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie IE - HKU\S-1-5-21-2037266627-3019248292-127095963-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com IE - HKU\S-1-5-21-2037266627-3019248292-127095963-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com/?crg=3.1010006.10028&barid={FE4FC1EC-41A9-4D59-B6C5-D899C8DDA5A7} IE - HKU\S-1-5-21-2037266627-3019248292-127095963-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-2037266627-3019248292-127095963-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie IE - HKU\S-1-5-21-2037266627-3019248292-127095963-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie IE - HKU\S-1-5-21-2037266627-3019248292-127095963-1000\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) IE - HKU\S-1-5-21-2037266627-3019248292-127095963-1000\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847} IE - HKU\S-1-5-21-2037266627-3019248292-127095963-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-2037266627-3019248292-127095963-1000\..\SearchScopes\{0EBA8A82-8106-40E8-8158-884207723351}: "URL" = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 IE - HKU\S-1-5-21-2037266627-3019248292-127095963-1000\..\SearchScopes\{4327FABE-3C22-4689-8DBF-D226CF777FE9}: "URL" = hxxp://www.searchplusnetwork.com/?sp=vit4&q={searchTerms} IE - HKU\S-1-5-21-2037266627-3019248292-127095963-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={sear IE - HKU\S-1-5-21-2037266627-3019248292-127095963-1000\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&appid=101&systemid=406&sr=0&q={searchTerms} IE - HKU\S-1-5-21-2037266627-3019248292-127095963-1000\..\SearchScopes\{BC20CFE5-8809-45BA-ACD0-BB7A411EF052}: "URL" = hxxp://websearch.ask.com/custom/java/redirect?client=ie&tb=ORJ&o=100000026&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000 IE - HKU\S-1-5-21-2037266627-3019248292-127095963-1000\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010006.10028&barid={FE4FC1EC-41A9-4D59-B6C5-D899C8DDA5A7} IE - HKU\S-1-5-21-2037266627-3019248292-127095963-1000\..\SearchScopes\{EFD91EA0-8C3D-429D-A6A2-FA75F1584A5D}: "URL" = hxxp://websearch.search-results.com/redirect?client=ie&tb=STC-SRS&o=41648033&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=96&apn_dtid=YYYYYYYYDE&apn_uid=340D5ADC-5FC1-46D2-AFD1-1CA91B80FB38&apn_sauid=174C2784-EF81-43A6-833F-EFED5AC8A2C6& IE - HKU\S-1-5-21-2037266627-3019248292-127095963-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2037266627-3019248292-127095963-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultengine: "Ask.com" FF - prefs.js..browser.search.defaultenginename: "SweetIM Search" FF - prefs.js..browser.search.defaulturl: "" FF - prefs.js..browser.search.order.1: "Ask.com" FF - prefs.js..browser.search.selectedEngine: "SweetIM Search" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "hxxp://www.searchnu.com/406" FF - prefs.js..extensions.enabledAddons: %7B99079a25-328f-4bd4-be04-00955acaa0a7%7D:4.6.1.01 FF - prefs.js..extensions.enabledAddons: %7BEEE6C361-6118-11DC-9C72-001320C79847%7D:1.9.0.0 FF - prefs.js..extensions.enabledAddons: bbrs_002%40blabbers.com:1.0.5 FF - prefs.js..extensions.enabledAddons: bbrs_003%40blabbers.com:1.0.5 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1 FF - prefs.js..keyword.URL: "hxxp://dts.search-results.com/sr?src=ffb&appid=101&systemid=406&sr=0&q=" FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: "Ask.com" FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "Plus! Network" FF - prefs.js..browser.startup.homepage: "hxxp://www.searchnu.com/406" FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "" FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.) FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Dermal\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Dermal\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2013.04.11 13:37:03 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.05.26 13:12:48 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.05.26 13:12:48 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.04.21 13:43:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dermal\AppData\Roaming\mozilla\Extensions [2013.04.17 18:05:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dermal\AppData\Roaming\mozilla\Firefox\Profiles\kapz8vph.default\extensions [2012.04.21 13:43:36 | 000,000,000 | ---D | M] (Searchqu Toolbar) -- C:\Users\Dermal\AppData\Roaming\mozilla\Firefox\Profiles\kapz8vph.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7} [2012.08.21 17:26:50 | 000,000,000 | ---D | M] (Browser Companion Helper) -- C:\Users\Dermal\AppData\Roaming\mozilla\Firefox\Profiles\kapz8vph.default\extensions\bbrs_002@blabbers.com [2013.01.25 22:36:50 | 000,000,000 | ---D | M] (Ginyas Browser Companions) -- C:\Users\Dermal\AppData\Roaming\mozilla\Firefox\Profiles\kapz8vph.default\extensions\bbrs_003@blabbers.com [2013.04.17 18:05:13 | 000,190,000 | ---- | M] () (No name found) -- C:\Users\Dermal\AppData\Roaming\mozilla\firefox\profiles\kapz8vph.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi [2013.05.26 12:46:03 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Dermal\AppData\Roaming\mozilla\firefox\profiles\kapz8vph.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\0324adea3b6ec02af09ea4ae9424591b_expire [2013.05.26 19:13:58 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Dermal\AppData\Roaming\mozilla\firefox\profiles\kapz8vph.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\03fe40bd6af654165bc287eea782c910_expire [2012.08.28 15:26:33 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Dermal\AppData\Roaming\mozilla\firefox\profiles\kapz8vph.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\170f337942c410233f577de5778810a6_expire [2012.08.28 16:29:10 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Dermal\AppData\Roaming\mozilla\firefox\profiles\kapz8vph.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\1bcf5a8f2429c4942ad539ef2c5df336_expire [2013.05.26 12:46:06 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Dermal\AppData\Roaming\mozilla\firefox\profiles\kapz8vph.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\1dd4a0fdeff86d7113af5bf9018092d1_expire [2013.05.26 12:46:06 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Dermal\AppData\Roaming\mozilla\firefox\profiles\kapz8vph.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\24779e9d2de93d13d7e07b527a1684d4_expire [2013.03.01 00:30:49 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Dermal\AppData\Roaming\mozilla\firefox\profiles\kapz8vph.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\292124057d00cb0fa73db6b90d079658_expire [2013.01.03 00:48:55 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Dermal\AppData\Roaming\mozilla\firefox\profiles\kapz8vph.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\2a86ac4f3322238b4f27d14a09839275_expire [2013.05.26 19:13:58 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Dermal\AppData\Roaming\mozilla\firefox\profiles\kapz8vph.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\3b6b74d5a92c729ce36a9d055d3db8e9_expire [2012.08.28 15:26:32 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Dermal\AppData\Roaming\mozilla\firefox\profiles\kapz8vph.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\4ad053d40dfa5cab7948e9251df6e3d9_expire [2013.05.26 19:13:58 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Dermal\AppData\Roaming\mozilla\firefox\profiles\kapz8vph.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\4c84596d3a88c66ad9d449a45c76dd89_expire [2013.05.26 12:46:04 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Dermal\AppData\Roaming\mozilla\firefox\profiles\kapz8vph.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\4d3d10bd28ff623813254a49b26be41f_expire [2012.10.20 15:20:47 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Dermal\AppData\Roaming\mozilla\firefox\profiles\kapz8vph.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\5f4ce27504a73ff97d1936c597c769e5_expire [2013.01.03 00:48:56 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Dermal\AppData\Roaming\mozilla\firefox\profiles\kapz8vph.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\6ff6ea009817b27df633b37777d528cd_expire [2013.01.03 00:48:56 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Dermal\AppData\Roaming\mozilla\firefox\profiles\kapz8vph.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\719f6985083c6f0c2a8fef7aa1f75d63_expire [2013.03.01 00:30:50 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Dermal\AppData\Roaming\mozilla\firefox\profiles\kapz8vph.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\72891ec935a3d247f2da6562ef29a005_expire [2013.01.03 00:48:56 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Dermal\AppData\Roaming\mozilla\firefox\profiles\kapz8vph.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\7e781915f58fe108a6af37bf82ba047b_expire [2012.12.09 10:39:15 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Dermal\AppData\Roaming\mozilla\firefox\profiles\kapz8vph.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\8a8dc36effa0a0300d6fb1a383936a49_expire [2012.11.07 11:23:50 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Dermal\AppData\Roaming\mozilla\firefox\profiles\kapz8vph.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\8ffbb13aa6f702b0cafab391f90d1db7_expire [2013.03.01 00:30:50 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Dermal\AppData\Roaming\mozilla\firefox\profiles\kapz8vph.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\a38dbdd1af07f4236d43e8fd995f57a6_expire [2013.05.26 12:46:03 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Dermal\AppData\Roaming\mozilla\firefox\profiles\kapz8vph.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\a4cc6ab573e4a5fee2a418e22d3c14dc_expire [2013.03.01 00:30:49 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Dermal\AppData\Roaming\mozilla\firefox\profiles\kapz8vph.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\a7e0abb80dabcdbb6dbaec920aa126a0_expire [2013.03.01 00:30:50 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Dermal\AppData\Roaming\mozilla\firefox\profiles\kapz8vph.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\bf73732e1f0b76bac435293ba3880579_expire [2012.10.25 11:07:24 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Dermal\AppData\Roaming\mozilla\firefox\profiles\kapz8vph.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\c6d8337e4b016a68fdbb60b29e7d254d_expire [2012.10.25 11:07:24 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Dermal\AppData\Roaming\mozilla\firefox\profiles\kapz8vph.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\cbb647c72e5b13b52d1392c603dcfde6_expire [2012.12.09 10:39:15 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Dermal\AppData\Roaming\mozilla\firefox\profiles\kapz8vph.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\d89bfd841403290d610bcf662008b443_expire [2012.11.07 11:23:51 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Dermal\AppData\Roaming\mozilla\firefox\profiles\kapz8vph.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\e72174145ae7671ff95578a2089c26b2_expire [2013.05.26 12:46:03 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Dermal\AppData\Roaming\mozilla\firefox\profiles\kapz8vph.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\e919434ec29526b28593c426e4264271_expire [2012.11.07 11:23:50 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Dermal\AppData\Roaming\mozilla\firefox\profiles\kapz8vph.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\ece5f266221b5245c6e3d7e27ddee963_expire [2012.10.20 15:20:47 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Dermal\AppData\Roaming\mozilla\firefox\profiles\kapz8vph.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\ece71b71690fad200cbed95871ef4bb2_expire [2013.03.01 00:30:52 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Dermal\AppData\Roaming\mozilla\firefox\profiles\kapz8vph.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\f03527c67e08602d2e4c18ae7867300d_expire [2013.05.26 12:46:03 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Dermal\AppData\Roaming\mozilla\firefox\profiles\kapz8vph.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\fa74672918974682c82b8d91dfbe0d6b_expire [2013.05.26 12:46:03 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Dermal\AppData\Roaming\mozilla\firefox\profiles\kapz8vph.default\extensions\bbrs_002@blabbers.com\chrome\content\cache\ff4d692d5e7cccbc4b3e9ef4062b1c6f_expire [2013.05.26 12:46:06 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Dermal\AppData\Roaming\mozilla\firefox\profiles\kapz8vph.default\extensions\bbrs_003@blabbers.com\chrome\content\cache\0324adea3b6ec02af09ea4ae9424591b_expire [2013.04.17 18:05:21 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Dermal\AppData\Roaming\mozilla\firefox\profiles\kapz8vph.default\extensions\bbrs_003@blabbers.com\chrome\content\cache\266efba29a8dc2649e413548c9af865c_expire [2013.03.01 00:30:52 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Dermal\AppData\Roaming\mozilla\firefox\profiles\kapz8vph.default\extensions\bbrs_003@blabbers.com\chrome\content\cache\292124057d00cb0fa73db6b90d079658_expire [2013.04.12 18:10:24 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Dermal\AppData\Roaming\mozilla\firefox\profiles\kapz8vph.default\extensions\bbrs_003@blabbers.com\chrome\content\cache\4e6cace4f315fec36500e6b8d99cc694_expire [2013.04.23 14:16:15 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Dermal\AppData\Roaming\mozilla\firefox\profiles\kapz8vph.default\extensions\bbrs_003@blabbers.com\chrome\content\cache\559d3b97ddd036cd43981f82bb643a6b_expire [2013.03.01 00:30:53 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Dermal\AppData\Roaming\mozilla\firefox\profiles\kapz8vph.default\extensions\bbrs_003@blabbers.com\chrome\content\cache\72891ec935a3d247f2da6562ef29a005_expire [2013.03.01 00:30:53 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Dermal\AppData\Roaming\mozilla\firefox\profiles\kapz8vph.default\extensions\bbrs_003@blabbers.com\chrome\content\cache\a38dbdd1af07f4236d43e8fd995f57a6_expire [2013.03.01 00:30:52 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Dermal\AppData\Roaming\mozilla\firefox\profiles\kapz8vph.default\extensions\bbrs_003@blabbers.com\chrome\content\cache\a7e0abb80dabcdbb6dbaec920aa126a0_expire [2013.04.17 18:05:21 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Dermal\AppData\Roaming\mozilla\firefox\profiles\kapz8vph.default\extensions\bbrs_003@blabbers.com\chrome\content\cache\bc417bfcd62af75b6bf321501f63d514_expire [2013.03.01 00:30:53 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Dermal\AppData\Roaming\mozilla\firefox\profiles\kapz8vph.default\extensions\bbrs_003@blabbers.com\chrome\content\cache\bf73732e1f0b76bac435293ba3880579_expire [2013.05.26 12:46:07 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Dermal\AppData\Roaming\mozilla\firefox\profiles\kapz8vph.default\extensions\bbrs_003@blabbers.com\chrome\content\cache\c93f2aa3f7ed8c08097d4d5c3c2c61e1_expire [2013.04.19 20:26:01 | 000,000,013 | ---- | M] () (No name found) -- C:\Users\Dermal\AppData\Roaming\mozilla\firefox\profiles\kapz8vph.default\extensions\bbrs_003@blabbers.com\chrome\content\cache\ff4d692d5e7cccbc4b3e9ef4062b1c6f_expire [2012.08.28 15:32:29 | 000,002,306 | ---- | M] () -- C:\Users\Dermal\AppData\Roaming\mozilla\firefox\profiles\kapz8vph.default\searchplugins\askcomsearch.xml [2012.08.21 17:26:51 | 000,002,792 | ---- | M] () -- C:\Users\Dermal\AppData\Roaming\mozilla\firefox\profiles\kapz8vph.default\searchplugins\Plusnetwork.xml [2012.05.06 14:58:05 | 000,003,367 | ---- | M] () -- C:\Users\Dermal\AppData\Roaming\mozilla\firefox\profiles\kapz8vph.default\searchplugins\search-results.xml [2012.04.21 13:43:29 | 000,002,519 | ---- | M] () -- C:\Users\Dermal\AppData\Roaming\mozilla\firefox\profiles\kapz8vph.default\searchplugins\Search_Results.xml [2013.01.23 16:36:20 | 000,003,998 | ---- | M] () -- C:\Users\Dermal\AppData\Roaming\mozilla\firefox\profiles\kapz8vph.default\searchplugins\sweetim.xml [2013.05.14 23:36:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions [2013.05.26 13:54:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\updated\extensions [2013.05.26 13:54:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\updated\browser\extensions [2013.05.26 13:54:34 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\updated\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2013.04.19 20:02:19 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2013.04.19 20:02:14 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2013.04.19 20:02:14 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2013.04.19 20:02:14 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2013.04.19 20:02:14 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2012.04.21 13:43:29 | 000,002,519 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml [2013.04.19 20:02:14 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2013.04.19 20:02:14 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter} CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Dermal\AppData\Local\Google\Chrome\Application\27.0.1453.94\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Dermal\AppData\Local\Google\Chrome\Application\27.0.1453.94\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Dermal\AppData\Local\Google\Chrome\Application\27.0.1453.94\pdf.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll CHR - plugin: Java(TM) Platform SE 6 U34 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll CHR - plugin: McAfee Security Scanner + (Enabled) = C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_149.dll CHR - plugin: Java Deployment Toolkit 6.0.340.4 (Enabled) = C:\Windows\system32\npdeployJava1.dll CHR - Extension: Ginyas Browser Companions = C:\Users\Dermal\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpgoohpbdddibhlhdkenenmmlfofjfkh\1.0.5_0\ CHR - Extension: SiteAdvisor = C:\Users\Dermal\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.60.126.1_0\ CHR - Extension: SweetIM for Facebook = C:\Users\Dermal\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.2.0.0_0\ CHR - Extension: Ginyas Browser Companions = C:\Users\Dermal\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpgoohpbdddibhlhdkenenmmlfofjfkh\1.0.5_0\ CHR - Extension: SiteAdvisor = C:\Users\Dermal\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.60.126.1_0\ CHR - Extension: SweetIM for Facebook = C:\Users\Dermal\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.2.0.0_0\ O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll () O2 - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files\Searchqu Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media, inc) O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files\Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll () O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. O3 - HKU\S-1-5-21-2037266627-3019248292-127095963-1000\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask) O3 - HKU\S-1-5-21-2037266627-3019248292-127095963-1000\..\Toolbar\WebBrowser: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask) O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe (ASUS) O4 - HKLM..\Run: [ATKOSD2] C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe (ASUS) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [B2C_AGENT] C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe (LG Electronics) O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation) O4 - HKLM..\Run: [BrStsMon00] C:\Program Files\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.) O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.) O4 - HKLM..\Run: [DATAMNGR] C:\Program Files\Searchqu Toolbar\Datamngr\datamngrUI.exe (Bandoo Media, inc) O4 - HKLM..\Run: [HControlUser] C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe (ASUS) O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation) O4 - HKLM..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.) O4 - HKLM..\Run: [Sweetpacks Communicator] C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.) O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-21-2037266627-3019248292-127095963-1000..\Run: [OfficeSyncProcess] C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE (Microsoft Corporation) O4 - HKU\S-1-5-21-2037266627-3019248292-127095963-1000..\Run: [Spotify Web Helper] C:\Users\Dermal\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd) O4 - Startup: C:\Users\Dermal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe () O4 - Startup: C:\Users\Dermal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tbhcn.lnk = C:\Users\Dermal\AppData\Roaming\BrowserCompanion\tbhcn.exe () O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.) O8 - Extra context menu item: An OneNote s&enden - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0B61915F-9D44-4468-8989-C4BA1B9B61ED}: DhcpNameServer = 192.168.0.1 O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - AppInit_DLLs: (C:\PROGRA~1\SEARCH~1\Datamngr\datamngr.dll) - C:\Program Files\Searchqu Toolbar\Datamngr\datamngr.dll (Bandoo Media, inc) O20 - AppInit_DLLs: (C:\PROGRA~1\SEARCH~1\Datamngr\IEBHO.dll) - C:\Program Files\Searchqu Toolbar\Datamngr\IEBHO.dll (Bandoo Media, inc) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Users\Dermal\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\Dermal\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{02bb70cf-cbe3-11e0-b7c8-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{02bb70cf-cbe3-11e0-b7c8-806e6f6e6963}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{078ada24-f5c7-11e0-a9f8-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{078ada24-f5c7-11e0-a9f8-806e6f6e6963}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{0c08a811-b6e3-11e0-ad77-00248c730cf8}\Shell - "" = AutoRun O33 - MountPoints2\{0c08a811-b6e3-11e0-ad77-00248c730cf8}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{0c08a814-b6e3-11e0-ad77-00248c730cf8}\Shell - "" = AutoRun O33 - MountPoints2\{0c08a814-b6e3-11e0-ad77-00248c730cf8}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{38f15be5-b234-11e0-a017-a1418167cca7}\Shell - "" = AutoRun O33 - MountPoints2\{38f15be5-b234-11e0-a017-a1418167cca7}\Shell\AutoRun\command - "" = I:\AutoRun.exe O33 - MountPoints2\{38f15bea-b234-11e0-a017-a1418167cca7}\Shell - "" = AutoRun O33 - MountPoints2\{38f15bea-b234-11e0-a017-a1418167cca7}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{42de91a6-b2fc-11e0-af34-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{42de91a6-b2fc-11e0-af34-806e6f6e6963}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{4ee0245f-e477-11e0-a6e1-00248c730cf8}\Shell - "" = AutoRun O33 - MountPoints2\{4ee0245f-e477-11e0-a6e1-00248c730cf8}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{4ee02461-e477-11e0-a6e1-00248c730cf8}\Shell - "" = AutoRun O33 - MountPoints2\{4ee02461-e477-11e0-a6e1-00248c730cf8}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{648b4ceb-fafc-11e0-962a-00248c730cf8}\Shell - "" = AutoRun O33 - MountPoints2\{648b4ceb-fafc-11e0-962a-00248c730cf8}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{8eb5c91b-fda5-11e0-96e8-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{8eb5c91b-fda5-11e0-96e8-806e6f6e6963}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{925e922e-0bca-11e1-882c-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{925e922e-0bca-11e1-882c-806e6f6e6963}\Shell\AutoRun\command - "" = H:\AutoRun.exe O33 - MountPoints2\{b4c39f6a-a270-11e2-b484-00248c730cf8}\Shell - "" = AutoRun O33 - MountPoints2\{b4c39f6a-a270-11e2-b484-00248c730cf8}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2013.06.03 22:32:06 | 000,000,000 | ---D | C] -- C:\Users\Dermal\AppData\Roaming\Malwarebytes [2013.06.03 22:31:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2013.06.03 22:31:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013.06.03 22:31:49 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2013.06.03 22:31:49 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2013.05.26 13:12:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime [2013.05.26 13:12:10 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime [2013.05.26 13:01:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2013.05.26 13:00:27 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2013.05.26 13:00:22 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1 [2013.05.26 13:00:21 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2013.05.26 12:54:22 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2013.05.16 23:31:19 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2013.05.16 23:20:28 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2013.05.16 23:20:28 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2013.05.16 23:20:28 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2013.05.16 23:20:28 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2013.05.16 23:20:27 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2013.05.16 23:20:27 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2013.05.16 23:20:26 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2013.05.16 22:16:25 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll [2013.05.16 22:16:10 | 002,049,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2013.05.14 23:44:56 | 000,000,000 | ---D | C] -- C:\Users\Dermal\{09eaafdd-d0b5-4aa7-ae4c-e2eb31169664} [2013.05.14 23:38:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2013.05.14 23:37:46 | 000,263,584 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe [2013.05.14 23:37:27 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe [2013.05.14 23:37:27 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe [2013.05.14 23:37:27 | 000,094,112 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll [2013.05.14 23:24:30 | 000,000,000 | ---D | C] -- C:\Users\Dermal\AppData\Roaming\Skype [2013.05.14 23:24:17 | 000,000,000 | R--D | C] -- C:\Program Files\Skype [2013.05.14 23:24:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2013.05.14 23:24:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2013.05.14 23:24:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype ========== Files - Modified Within 30 Days ========== [2013.06.04 14:47:26 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\GinyasBrowserCompanions Chrome Watcher.job [2013.06.04 14:45:52 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\GinyasBrowserCompanions FireFox Watcher.job [2013.06.04 14:45:45 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\GinyasBrowserCompanions Stats Report.job [2013.06.04 14:45:44 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.06.04 14:45:44 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\GinyasBrowserCompanions Update Checker.job [2013.06.04 14:45:20 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2013.06.04 14:45:19 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2013.06.04 14:45:16 | 000,027,934 | ---- | M] () -- C:\ProgramData\nvModes.001 [2013.06.04 14:45:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.06.04 14:45:07 | 3220,529,152 | -HS- | M] () -- C:\hiberfil.sys [2013.06.03 23:01:16 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.06.03 22:29:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.06.03 22:24:01 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2037266627-3019248292-127095963-1000UA.job [2013.06.03 19:24:00 | 000,001,072 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2037266627-3019248292-127095963-1000Core.job [2013.06.03 17:14:05 | 000,027,934 | ---- | M] () -- C:\ProgramData\nvModes.dat [2013.05.31 16:37:40 | 000,000,680 | ---- | M] () -- C:\Users\Dermal\AppData\Local\d3d9caps.dat [2013.05.28 11:25:04 | 000,002,060 | ---- | M] () -- C:\Users\Dermal\Documents\Desktop\Google Chrome.lnk [2013.05.26 13:12:28 | 000,001,693 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk [2013.05.26 13:01:53 | 000,001,631 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2013.05.22 16:34:06 | 000,628,992 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2013.05.22 16:34:06 | 000,596,246 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2013.05.22 16:34:06 | 000,104,320 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2013.05.22 16:34:05 | 000,126,704 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2013.05.17 17:12:53 | 000,398,632 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2013.05.16 12:35:47 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2013.05.16 12:35:47 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2013.05.15 17:04:40 | 000,034,816 | ---- | M] () -- C:\Users\Dermal\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2013.05.14 23:44:19 | 002,399,861 | ---- | M] (Macrovision Corporation) -- C:\Windows\snuninst.exe [2013.05.14 23:44:19 | 001,772,544 | ---- | M] () -- C:\Windows\System32\drivers\snp2uvc.sys [2013.05.14 23:44:19 | 000,176,128 | ---- | M] ( ) -- C:\Windows\System32\csnp2uvc.dll [2013.05.14 23:44:19 | 000,015,497 | ---- | M] () -- C:\Windows\snp2uvc.ini [2013.05.14 23:44:19 | 000,013,022 | ---- | M] () -- C:\Windows\snp2uvc.src [2013.05.14 23:44:18 | 000,028,160 | ---- | M] () -- C:\Windows\System32\drivers\sncduvc.sys [2013.05.14 23:37:03 | 000,094,112 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll [2013.05.14 23:37:02 | 000,263,584 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe [2013.05.14 23:37:02 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe [2013.05.14 23:37:02 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe [2013.05.14 23:37:01 | 000,866,720 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npdeployJava1.dll [2013.05.14 23:37:01 | 000,788,896 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll [2013.05.14 23:24:17 | 000,001,880 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2013.05.05 21:12:55 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb ========== Files Created - No Company Name ========== [2013.05.26 13:12:28 | 000,001,693 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk [2013.05.26 13:01:53 | 000,001,631 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2013.05.14 23:24:17 | 000,001,880 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk [2013.04.23 13:57:22 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI [2013.04.23 13:56:09 | 000,000,050 | ---- | C] () -- C:\Windows\System32\BRIDF10A.DAT [2013.04.23 10:44:11 | 000,039,670 | ---- | C] () -- C:\Users\Dermal\Antwort Prof. Lichtenberg.pdf [2013.03.24 15:53:37 | 000,104,386 | ---- | C] () -- C:\Users\Dermal\ESt2012_Lemmermeier_Jasmin.elfo [2012.05.06 15:18:31 | 000,087,187 | ---- | C] () -- C:\Users\Dermal\ESt2011_Lemmermeier_Jasmin.elfo [2012.01.06 14:52:50 | 000,053,248 | ---- | C] () -- C:\Windows\System32\CommonDL.dll [2012.01.06 14:52:50 | 000,002,411 | ---- | C] () -- C:\Windows\System32\lgAxconfig.ini [2011.12.12 22:37:31 | 000,000,680 | ---- | C] () -- C:\Users\Dermal\AppData\Local\d3d9caps.dat [2011.08.01 13:11:12 | 000,034,816 | ---- | C] () -- C:\Users\Dermal\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.07.28 13:19:28 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll [2011.07.28 13:19:28 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin [2011.07.22 14:17:48 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin [2011.07.22 13:32:38 | 000,027,934 | ---- | C] () -- C:\ProgramData\nvModes.001 [2011.07.20 20:31:51 | 000,027,934 | ---- | C] () -- C:\ProgramData\nvModes.dat [2011.07.20 05:22:09 | 000,015,928 | ---- | C] ( ) -- C:\Windows\System32\drivers\kbfiltr.sys ========== ZeroAccess Check ========== [2006.11.02 14:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 19:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 08:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 08:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both < End of report > 2. OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 04.06.2013 14:51:41 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dermal\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 1,28 Gb Available Physical Memory | 42,70% Memory free
6,20 Gb Paging File | 4,30 Gb Available in Paging File | 69,47% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 132,70 Gb Total Space | 30,56 Gb Free Space | 23,03% Space Free | Partition Type: NTFS
Drive D: | 116,44 Gb Total Space | 116,18 Gb Free Space | 99,78% Space Free | Partition Type: NTFS
Drive E: | 88,46 Gb Total Space | 88,30 Gb Free Space | 99,82% Space Free | Partition Type: NTFS
Drive F: | 116,44 Gb Total Space | 116,20 Gb Free Space | 99,80% Space Free | Partition Type: NTFS
Computer Name: DERMAL-PC | User Name: Dermal | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1EDF6277-A2E7-4A7D-89D6-FAE8B6EA79FE}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=c:\windows\system32\svchost.exe |
"{4CC3BAAD-3B8A-418D-83AF-96F10D1A1EBB}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=c:\windows\system32\svchost.exe |
"{6119A857-C943-44F9-95F6-3D0CB78049A5}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=c:\windows\system32\svchost.exe |
"{BE8B0433-8A36-45C0-967D-C67F904B5C63}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=c:\windows\system32\svchost.exe |
"{C3F3A749-7204-4EAA-BD3B-148FE4ACBEE9}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=c:\windows\system32\svchost.exe |
"{C6016FD5-F326-4901-B31A-73D6B354E26E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{C6B69AD7-71AD-4104-87A7-675DDD9A89C4}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{E0733061-6E03-4A8C-A929-F43933E5B70B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{FFAEE613-128E-4CAD-A91E-A9D821707E26}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=c:\windows\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{16315847-9F65-4145-A968-FCBAE0F76A9F}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{1AB69057-AA5B-4FB0-9F16-9D45F99410C1}" = protocol=6 | dir=in | app=c:\program files\searchqu toolbar\datamngr\toolbar\dtuser.exe |
"{273EF3D5-5DDE-4A39-B545-1D71C6AC6725}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{467AF039-A019-48E9-9D1A-72BB7F91E614}" = protocol=17 | dir=in | app=c:\program files\searchqu toolbar\datamngr\toolbar\dtuser.exe |
"{518F3DC9-F50F-41E5-9493-93AE2871DD33}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{71608CCE-96E0-4FC6-A07B-A4207F870726}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{740B5BEC-DF3E-4879-9C03-452A3B1B0EAF}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{9625E9EC-D143-4CD2-95D2-4F6DD7BDA8EF}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{985EA574-8304-4D48-976A-30B4CC952851}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{A17521B5-2A9D-4543-8B14-B8FC6039D8E1}" = protocol=6 | dir=in | app=c:\windows\system32\msiexec.exe |
"{AB6C521E-3FC4-4559-A63E-B176759D13DE}" = protocol=6 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe |
"{B3E44081-8E13-4EC5-9CE0-53BB1351E6F8}" = protocol=17 | dir=in | app=c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe |
"{B55DBEE5-9E29-4126-A8B8-C882C2ED7B2B}" = protocol=17 | dir=in | app=c:\windows\system32\msiexec.exe |
"{C792B0D5-215E-405C-8902-634F771B07FC}" = protocol=6 | dir=out | svc=upnphost | app=c:\windows\system32\svchost.exe |
"{CB031F71-0078-44FF-9332-2C5A631BCF78}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{D40C86D7-9B58-483E-968E-F7A97277C939}" = dir=in | app=c:\program files\itunes\itunes.exe |
"TCP Query User{029C294C-917D-4E33-8027-0B1595CE5C3D}C:\users\dermal\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\dermal\appdata\roaming\spotify\spotify.exe |
"TCP Query User{8D05D08C-F402-48F3-9AAB-4CFD9FB8E9FA}C:\users\dermal\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\dermal\appdata\roaming\spotify\spotify.exe |
"UDP Query User{20EFD520-6B84-42D5-B591-0F17E8F767BB}C:\users\dermal\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\dermal\appdata\roaming\spotify\spotify.exe |
"UDP Query User{752C062D-4E29-4983-8267-D7D93BBD541A}C:\users\dermal\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\dermal\appdata\roaming\spotify\spotify.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{36C95AD3-D330-4BAA-884A-9F3EFD15A5EA}" = Corel Home Office 5.0.36
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{080FE95E-5A89-4A54-BAAA-D769971B7C2D}" = Corel Home Office 5.0.36
"{0C2B62AD-B645-4785-B4E9-595FEDE6B0D0}" = LG United Mobile Drivers
"{11E568E0-3244-4BCB-875E-F334269DFDCB}" = iTunes
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83217021FF}" = Java 7 Update 21
"{34B32B70-8081-11E2-89AF-B8AC6F98CCE3}" = Google Earth Plug-in
"{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}" = McAfee SiteAdvisor
"{36C95AD3-D330-4BAA-884A-9F3EFD15A5EA}" = Corel Home Office
"{3B05F2FB-745B-4012-ADF2-439F36B2E70B}" = ATKOSD2
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7C05592D-424B-46CB-B505-E0013E8E75C9}" = ATK Hotkey
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90850407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003
"{925F1DB6-E86E-4378-9091-D1F68B0583C9}" = iCloud
"{953AA732-9AFB-49C9-84A4-7F96CA0A08DA}" = SweetPacks bundle uninstaller
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A0C9DF2B-89B5-4483-8983-18A68200F1B4}" = SweetIM for Messenger 3.7
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.7) - Deutsch
"{AC7EE5F1-0DE4-4256-8E43-92B73C8E6019}" = LG Bluetooth Drivers
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}" = Internet Explorer Toolbar 4.6 by SweetPacks
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D1E5870E-E3E5-4475-98A6-ADD614524ADF}" = ATK Media
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{E14ADE0E-75F3-4A46-87E5-26692DD626EC}" = Apple Mobile Device Support
"{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}" = Update Manager for SweetPacks 1.1
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FB83EAC4-E3F6-4666-B45B-44522F2344B6}" = Brother MFL-Pro Suite DCP-J125
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"ElsterFormular 13.2.0.8623p" = ElsterFormular
"FeedDemon_is1" = FeedDemon
"GinyasBrowserCompanions" = GinyasBrowserCompanions
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox 20.0.1 (x86 de)" = Mozilla Firefox 20.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA Drivers" = NVIDIA Drivers
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Picasa 3" = Picasa 3
"Searchqu Toolbar" = Searchqu Toolbar
"USB2.0 UVC 1.3M WebCam" = USB2.0 UVC 1.3M WebCam
"VLC media player" = VLC media player 2.0.5
"Winamp" = Winamp
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2037266627-3019248292-127095963-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Ask Toolbar Updater
"Google Chrome" = Google Chrome
"Spotify" = Spotify
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 01.06.2013 12:32:01 | Computer Name = Dermal-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 4883
Error - 03.06.2013 04:10:08 | Computer Name = Dermal-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung tbhcns.exe, Version 1.0.0.5, Zeitstempel 0x50f25761,
fehlerhaftes Modul tbhcns.exe, Version 1.0.0.5, Zeitstempel 0x50f25761, Ausnahmecode
0x40000015, Fehleroffset 0x0007a2fd, Prozess-ID 0x2bc, Anwendungsstartzeit 01ce6031ac55ef20.
Error - 03.06.2013 15:36:31 | Computer Name = Dermal-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung tbhcns.exe, Version 1.0.0.5, Zeitstempel 0x50f25761,
fehlerhaftes Modul tbhcns.exe, Version 1.0.0.5, Zeitstempel 0x50f25761, Ausnahmecode
0x40000015, Fehleroffset 0x0007a2fd, Prozess-ID 0xaac, Anwendungsstartzeit 01ce6091a5996f0c.
Error - 03.06.2013 15:37:20 | Computer Name = Dermal-PC | Source = WinMgmt | ID = 10
Description =
Error - 03.06.2013 15:39:29 | Computer Name = Dermal-PC | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 1
Error - 03.06.2013 15:39:29 | Computer Name = Dermal-PC | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 2
Error - 03.06.2013 15:39:29 | Computer Name = Dermal-PC | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 3
Error - 03.06.2013 15:39:29 | Computer Name = Dermal-PC | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 4
Error - 03.06.2013 15:39:29 | Computer Name = Dermal-PC | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 5
Error - 03.06.2013 15:39:29 | Computer Name = Dermal-PC | Source = Bonjour Service | ID = 100
Description = ERROR: handle_resolve_request bad interfaceIndex 6
[ System Events ]
Error - 28.05.2013 04:46:01 | Computer Name = Dermal-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
Error - 29.05.2013 04:01:53 | Computer Name = Dermal-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
Error - 30.05.2013 09:06:51 | Computer Name = Dermal-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
Error - 03.06.2013 15:39:07 | Computer Name = Dermal-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
Error - 03.06.2013 16:12:33 | Computer Name = Dermal-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 03.06.2013 um 22:10:08 unerwartet heruntergefahren.
Error - 03.06.2013 16:16:22 | Computer Name = Dermal-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
Error - 04.06.2013 08:50:45 | Computer Name = Dermal-PC | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
Error - 04.06.2013 08:51:58 | Computer Name = Dermal-PC | Source = Service Control Manager | ID = 7006
Description =
Error - 04.06.2013 08:51:58 | Computer Name = Dermal-PC | Source = Service Control Manager | ID = 7006
Description =
Error - 04.06.2013 08:51:58 | Computer Name = Dermal-PC | Source = Service Control Manager | ID = 7031
Description =
< End of report >
|
|
04.06.2013, 16:19
| #4 |
| /// Malware-holic | Virus tcbhn? was ist mit den Malwarebytes Logs mit funden? link steht oben.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
04.06.2013, 16:24
| #5 |
| | Virus tcbhn? Oh je, da merkt Mann und Frau sofort wie wenig Ahnung ich habe, Moment bitte Malwarebytes Anti-Malware (Test) 1.75.0.1300 Malwarebytes : Free Anti-Malware download Datenbank Version: v2013.06.03.09 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 9.0.8112.16421 Dermal :: DERMAL-PC [Administrator] Schutz: Aktiviert 03.06.2013 22:33:16 mbam-log-2013-06-03 (22-33-16).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 209700 Laufzeit: 14 Minute(n), 12 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 24 HKCR\CLSID\{00cbb66b-1d3b-46d3-9577-323a336acb50} (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\TypeLib\{8830DDF0-3042-404D-A62C-384A85E34833} (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767} (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\wit4ie.WitBHO.2 (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\wit4ie.WitBHO (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00CBB66B-1D3B-46D3-9577-323A336ACB50} (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00CBB66B-1D3B-46D3-9577-323A336ACB50} (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00CBB66B-1D3B-46D3-9577-323A336ACB50} (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\CLSID\{5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\TypeLib\{830B56CB-FD22-44AA-9887-7898F4F4158D} (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\tdataprotocol.CTData.1 (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\tdataprotocol.CTData (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\TypeLib\{955B782E-CDC8-4CEE-B6F6-AD7D541A8D8A} (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03} (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\updatebho.TimerBHO.1 (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\updatebho.TimerBHO (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BrowserCompanion (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\PROTOCOLS\HANDLER\BASE64 (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\PROTOCOLS\HANDLER\CHROME (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\PROTOCOLS\HANDLER\PROX (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Registrierungswerte: 3 HKCR\protocols\Handler\base64|CLSID (PUP.Blabbers) -> Daten: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\protocols\Handler\chrome|CLSID (PUP.Blabbers) -> Daten: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\protocols\Handler\prox|CLSID (PUP.Blabbers) -> Daten: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 4 C:\Program Files\BrowserCompanion (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Dateien: 175 C:\Program Files\BrowserCompanion\jsloader.dll (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files\GinyasBrowserCompanions\tdataprotocol.dll (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files\GinyasBrowserCompanions\updatebhoWin32.dll (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\Downloads\SoftonicDownloader_fuer_openoffice.exe (PUP.OfferBundler.ST) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\Local\Temp\blabbers-ff-le.xpi (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files\BrowserCompanion\blabbers-ff-full.xpi (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files\BrowserCompanion\blabbers-ch.crx (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files\BrowserCompanion\logo.ico (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files\BrowserCompanion\tdataprotocol.dll (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files\BrowserCompanion\terms.lnk.url (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files\BrowserCompanion\toolbar.dll (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files\BrowserCompanion\uninstall.exe (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files\BrowserCompanion\updatebhoWin32.dll (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files\BrowserCompanion\updater.ini (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files\BrowserCompanion\widgetserv.exe (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\BCHelper.exe (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cmpchanged.js (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cmpguid.js (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\fix2.js (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\fix3.js (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\fix4.js (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\fixJQ1_71.js (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\fixJQ1_71_2.js (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\fixJQ1_83.js (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\icon.png (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\jquery4toolbar.js (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\jquery4toolbar183.js (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\lock.js (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\witapi.js (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\witmain.js (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\wittoolbar.js (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\witwidgetapi.js (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\xcodechange.js (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\0324adea3b6ec02af09ea4ae9424591b (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\0324adea3b6ec02af09ea4ae9424591b_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\1048fa0383ec8c1a4365d4bd4fed1de5 (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\1048fa0383ec8c1a4365d4bd4fed1de5_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\150b7566b7871fb6e0ef44753d0c6dc3_DE (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\170f337942c410233f577de5778810a6 (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\170f337942c410233f577de5778810a6_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\1bb25568f8455e74906142466f792c87_DE (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\a6d4447986c4e442d92ed00b149c14f3_DE (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\a74277a9a3c0203a3093f810f43fbc11 (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\a74277a9a3c0203a3093f810f43fbc11_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\a7e0abb80dabcdbb6dbaec920aa126a0 (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\a7e0abb80dabcdbb6dbaec920aa126a0_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\a95092a9bd34f5cfc98f78ca74502f36_DE (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\aa36bceec49c832079e270icmc219ats (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\b05d96ac67439cfd5fe7b0e92a12aad7 (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\4d3d10bd28ff623813254a49b26be41f_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\4e6cace4f315fec36500e6b8d99cc694 (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\4e6cace4f315fec36500e6b8d99cc694_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\5c07ce6ac7fa7b9ff2f3fd7a4d77eef8 (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\5c07ce6ac7fa7b9ff2f3fd7a4d77eef8_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\62cce7d26ab5636bceb113b988d56c59_DE (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\6496a43cad388e4b78f1ecce8fcffc27_DE (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\e9e14a99847657c53e1cc29cc55ab7af_DE (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\ece5f266221b5245c6e3d7e27ddee963 (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\ece5f266221b5245c6e3d7e27ddee963_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\ee2135fec207a636822e2513020c079a (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\ee2135fec207a636822e2513020c079a_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\ee2135fec207a636822e2513020c079a_gb (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\eeab68dd74d26245087956fb3caf6937_DE (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\f03527c67e08602d2e4c18ae7867300d (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\f03527c67e08602d2e4c18ae7867300d_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\f4ccea2a6ad53baa45d89d9f7e154d52 (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\f4ccea2a6ad53baa45d89d9f7e154d52_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\2a86ac4f3322238b4f27d14a09839275 (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\2a86ac4f3322238b4f27d14a09839275_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\2e0dda2d2281da01c330dc3e12b45a9d_DE (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\2e699bb621ffe89ade68eaef9df0d2d9 (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\2e699bb621ffe89ade68eaef9df0d2d9_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\2e699bb621ffe89ade68eaef9df0d2d9_gb (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\37091c82e454e973f83aa9f9bf210de7 (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\37091c82e454e973f83aa9f9bf210de7_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\37091c82e454e973f83aa9f9bf210de7_gb (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\38126fd00e0eb9d5ca912a5939b4755d (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\38126fd00e0eb9d5ca912a5939b4755d_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\38207d71d9cc86fb6daebc118ce6286c_DE (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\1bcf5a8f2429c4942ad539ef2c5df336 (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\292124057d00cb0fa73db6b90d079658_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\39a8406052ad9440d3281b40177026f3 (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\4d3d10bd28ff623813254a49b26be41f (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\6d091eb0bf44b762a039ee138e6b165c_DE (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\7c0022298b948a99e406a6310bffea7f (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\8ffbb13aa6f702b0cafab391f90d1db7 (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\b05d96ac67439cfd5fe7b0e92a12aad7_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\e7215b147326809c45f6cf0952274624_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\e919434ec29526b28593c426e4264271_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\f533eb92f0947be539a3f9a7d664740d (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\c75261e846ce457d11060410767952c4 (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\c75261e846ce457d11060410767952c4_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\c75261e846ce457d11060410767952c4_gb (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\cf28706faad49b5cccfc9e9e3ebbd818 (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\cf28706faad49b5cccfc9e9e3ebbd818_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\cf28706faad49b5cccfc9e9e3ebbd818_gb (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\cf7237815e1d6e308528f35aa14a7d67 (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\cf7237815e1d6e308528f35aa14a7d67_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\d5747e13728fd7df356bc13545143ea6_DE (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\d6418e300158fb16d8396d122d4b423b_DE (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\e02b35320e5111f1b626466c13c70a0a (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\e02b35320e5111f1b626466c13c70a0a_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\e3cd5b2c64ca319aadec7c28c6c6feba_DE (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\e6c109bf52ef89fe99f9a9379617ab0e_DE (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\e7215b147326809c45f6cf0952274624 (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\8ffbb13aa6f702b0cafab391f90d1db7_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\9c2afdb0a6d9bf59b300144154b58c67_DE (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\9c86b973456448ae01f1cbc0d6cf607a_DE (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\9f19d2c7f497b1b304104fc69cbb3edc (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\9f19d2c7f497b1b304104fc69cbb3edc_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\a227f4517bd7937e697182f46906a6b4_DE (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\a2853631512ec717cfd936b9a1f41b5c (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\a2853631512ec717cfd936b9a1f41b5c_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\a38dbdd1af07f4236d43e8fd995f57a6 (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\a38dbdd1af07f4236d43e8fd995f57a6_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\a4978ceb564459d3d64682b37d89bbe3 (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\a4978ceb564459d3d64682b37d89bbe3_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\a4978ceb564459d3d64682b37d89bbe3_gb (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\a4cc6ab573e4a5fee2a418e22d3c14dc (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\a4cc6ab573e4a5fee2a418e22d3c14dc_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\1bcf5a8f2429c4942ad539ef2c5df336_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\231785d024a11371bfc94ffff0a4b741_DE (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\2328e1768b820b18ab2f301c9ff88e2c (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\2328e1768b820b18ab2f301c9ff88e2c_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\24779e9d2de93d13d7e07b527a1684d4 (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\24779e9d2de93d13d7e07b527a1684d4_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\253712f62fa354f36c490a3f42ba9bfc_DE (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\277a8fa54e28ecd52962c65ae09f7923 (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\277a8fa54e28ecd52962c65ae09f7923_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\286965653b415f505622ea74d2bd3bbe_DE (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\292124057d00cb0fa73db6b90d079658 (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\6f8b3140943075f95ae0c74c1a13b752_DE (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\6ff6ea009817b27df633b37777d528cd (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\6ff6ea009817b27df633b37777d528cd_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\72891ec935a3d247f2da6562ef29a005 (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\72891ec935a3d247f2da6562ef29a005_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\7bd3aa56e980a7e140e8f472f611f921 (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\7bd3aa56e980a7e140e8f472f611f921_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\e72174145ae7671ff95578a2089c26b2 (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\e72174145ae7671ff95578a2089c26b2_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\e7395ccc0c22b2cca7bf3e0c7db4d8a6_DE (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\e7d8325da90d91d3c4e7720f0e629e17 (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\e7d8325da90d91d3c4e7720f0e629e17_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\e7d8325da90d91d3c4e7720f0e629e17_version (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\e919434ec29526b28593c426e4264271 (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\f533eb92f0947be539a3f9a7d664740d_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\f74a531fb1de737c8688c7f788c8c80e (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\f74a531fb1de737c8688c7f788c8c80e_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\fa74672918974682c82b8d91dfbe0d6b (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\fa74672918974682c82b8d91dfbe0d6b_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\ff4d692d5e7cccbc4b3e9ef4062b1c6f (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\ff4d692d5e7cccbc4b3e9ef4062b1c6f_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\7c0022298b948a99e406a6310bffea7f_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\7c0022298b948a99e406a6310bffea7f_gb (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\867f10e9a70010ef71d15c41fd2874be (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\867f10e9a70010ef71d15c41fd2874be_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\897979c67bed116efad1a04f5f229ecd_DE (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\8f43b50088266b9870b42ce6ef7ffbde (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\8f43b50088266b9870b42ce6ef7ffbde_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\8f43b50088266b9870b42ce6ef7ffbde_gb (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\8fd0e5f2c42f56c41599ca329ef70350_DE (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\39a8406052ad9440d3281b40177026f3_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\3b6b74d5a92c729ce36a9d055d3db8e9 (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\3b6b74d5a92c729ce36a9d055d3db8e9_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\4713e82e27fb9719d76577d1585acb00_DE (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\477f5134e73f0099219c494cb23f6657_DE (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\4ad053d40dfa5cab7948e9251df6e3d9 (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\4ad053d40dfa5cab7948e9251df6e3d9_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\b1ee91b2ef2163f40d85f38713cdc027 (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\b1ee91b2ef2163f40d85f38713cdc027_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\b1ee91b2ef2163f40d85f38713cdc027_gb (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\b3688636ecfdc491aea728939c15f43e_DE (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\b5080fd498f4580cd85cbf8ff41766c5_DE (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\bf73732e1f0b76bac435293ba3880579 (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Dermal\AppData\LocalLow\bbrs_002.tb\content\cache\bf73732e1f0b76bac435293ba3880579_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) 2013/06/03 22:32:15 +0200 DERMAL-PC Dermal MESSAGE Executing scheduled update: Daily 2013/06/03 22:32:22 +0200 DERMAL-PC Dermal MESSAGE Starting protection 2013/06/03 22:32:22 +0200 DERMAL-PC Dermal MESSAGE Protection started successfully 2013/06/03 22:32:22 +0200 DERMAL-PC Dermal MESSAGE Starting IP protection 2013/06/03 22:32:39 +0200 DERMAL-PC Dermal MESSAGE Scheduled update executed successfully: database updated from version v2013.04.04.07 to version v2013.06.03.09 2013/06/03 22:32:54 +0200 DERMAL-PC Dermal MESSAGE IP Protection started successfully 2013/06/03 22:32:54 +0200 DERMAL-PC Dermal MESSAGE Starting database refresh 2013/06/03 22:32:54 +0200 DERMAL-PC Dermal MESSAGE Stopping IP protection 2013/06/03 22:32:56 +0200 DERMAL-PC Dermal MESSAGE IP Protection stopped successfully 2013/06/03 22:33:02 +0200 DERMAL-PC Dermal MESSAGE Database refreshed successfully 2013/06/03 22:33:02 +0200 DERMAL-PC Dermal MESSAGE Starting IP protection 2013/06/03 22:33:11 +0200 DERMAL-PC Dermal MESSAGE IP Protection started successfully 2013/06/03 23:09:57 +0200 DERMAL-PC (null) MESSAGE Starting protection 2013/06/03 23:09:57 +0200 DERMAL-PC (null) MESSAGE Protection started successfully 2013/06/03 23:09:57 +0200 DERMAL-PC (null) MESSAGE Starting IP protection 2013/06/03 23:10:04 +0200 DERMAL-PC (null) MESSAGE IP Protection started successfully 2013/06/04 14:45:23 +0200 DERMAL-PC (null) MESSAGE Executing scheduled update: Daily 2013/06/04 14:45:31 +0200 DERMAL-PC (null) MESSAGE Starting protection 2013/06/04 14:45:31 +0200 DERMAL-PC (null) MESSAGE Protection started successfully 2013/06/04 14:45:31 +0200 DERMAL-PC (null) MESSAGE Starting IP protection 2013/06/04 14:45:41 +0200 DERMAL-PC Dermal MESSAGE Scheduled update executed successfully: database updated from version v2013.06.03.09 to version v2013.06.04.04 2013/06/04 14:45:42 +0200 DERMAL-PC Dermal MESSAGE IP Protection started successfully 2013/06/04 14:45:42 +0200 DERMAL-PC Dermal MESSAGE Starting database refresh 2013/06/04 14:45:42 +0200 DERMAL-PC Dermal MESSAGE Stopping IP protection 2013/06/04 14:45:42 +0200 DERMAL-PC Dermal MESSAGE IP Protection stopped successfully 2013/06/04 14:45:47 +0200 DERMAL-PC Dermal MESSAGE Database refreshed successfully 2013/06/04 14:45:47 +0200 DERMAL-PC Dermal MESSAGE Starting IP protection 2013/06/04 14:45:56 +0200 DERMAL-PC Dermal MESSAGE IP Protection started successfully |
|
04.06.2013, 16:25
| #6 |
| /// Malware-holic | Virus tcbhn? Hi, Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ --> Virus tcbhn? |
|
04.06.2013, 16:30
| #7 |
| | Virus tcbhn? Hi, ich habe mir TDSSKiller.exe runtergeladen und der Suchlauf war negativ..."No threats found" - hatte es falsch eingestellt starte den Scan erneut |
|
04.06.2013, 16:34
| #8 |
| /// Malware-holic | Virus tcbhn? lass solche zwischenposts bitte weg, einfach log posten wenn du es richtig gemacht hast.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
04.06.2013, 16:46
| #9 |
| | Virus tcbhn? Ich habe eine Textdatei gefunden, sie ist allerdings zu Groß zum "normalen" versenden und wenn ich sie Zippen will, verweigert mir bzw. dem 7-ZiP (Freeware) der Laptop den Zugriff, obwohl ich als Admin angemeldet bin. |
|
04.06.2013, 16:51
| #10 |
| /// Malware-holic | Virus tcbhn? Teinle und posten bitte
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
04.06.2013, 16:53
| #11 |
| | Virus tcbhn? 17:27:04.0203 3076 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42 17:27:04.0414 3076 ============================================================ 17:27:04.0415 3076 Current date / time: 2013/06/04 17:27:04.0414 17:27:04.0415 3076 SystemInfo: 17:27:04.0415 3076 17:27:04.0415 3076 OS Version: 6.0.6002 ServicePack: 2.0 17:27:04.0415 3076 Product type: Workstation 17:27:04.0415 3076 ComputerName: DERMAL-PC 17:27:04.0415 3076 UserName: Dermal 17:27:04.0415 3076 Windows directory: C:\Windows 17:27:04.0415 3076 System windows directory: C:\Windows 17:27:04.0415 3076 Processor architecture: Intel x86 17:27:04.0415 3076 Number of processors: 2 17:27:04.0415 3076 Page size: 0x1000 17:27:04.0415 3076 Boot type: Normal boot 17:27:04.0415 3076 ============================================================ 17:27:07.0555 3076 Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 17:27:07.0594 3076 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050 17:27:20.0295 3076 ============================================================ 17:27:20.0296 3076 \Device\Harddisk1\DR1: 17:27:20.0296 3076 MBR partitions: 17:27:20.0296 3076 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E2000 17:27:20.0296 3076 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0xE8E2800, BlocksNum 0xE8E1D81 17:27:20.0296 3076 \Device\Harddisk0\DR0: 17:27:20.0296 3076 MBR partitions: 17:27:20.0296 3076 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1771000, BlocksNum 0x10966000 17:27:20.0562 3076 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x120D7800, BlocksNum 0xB0ED800 17:27:20.0562 3076 ============================================================ 17:27:20.0651 3076 C: <-> \Device\Harddisk0\DR0\Partition1 17:27:20.0994 3076 D: <-> \Device\Harddisk1\DR1\Partition1 17:27:21.0062 3076 E: <-> \Device\Harddisk0\DR0\Partition2 17:27:21.0107 3076 F: <-> \Device\Harddisk1\DR1\Partition2 17:27:21.0108 3076 ============================================================ 17:27:21.0108 3076 Initialize success 17:27:21.0108 3076 ============================================================ 17:28:06.0249 3144 ============================================================ 17:28:06.0249 3144 Scan started 17:28:06.0249 3144 Mode: Manual; 17:28:06.0249 3144 ============================================================ 17:28:08.0082 3144 ================ Scan system memory ======================== 17:28:08.0082 3144 System memory - ok 17:28:08.0082 3144 ================ Scan services ============================= 17:28:08.0264 3144 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys 17:28:08.0267 3144 ACPI - ok 17:28:08.0390 3144 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe 17:28:08.0393 3144 AdobeARMservice - ok 17:28:08.0493 3144 [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe 17:28:08.0497 3144 AdobeFlashPlayerUpdateSvc - ok 17:28:08.0571 3144 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 17:28:08.0582 3144 adp94xx - ok 17:28:08.0612 3144 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys 17:28:08.0617 3144 adpahci - ok 17:28:08.0650 3144 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys 17:28:08.0651 3144 adpu160m - ok 17:28:08.0676 3144 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 17:28:08.0677 3144 adpu320 - ok 17:28:08.0729 3144 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 17:28:08.0730 3144 AeLookupSvc - ok 17:28:08.0815 3144 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys 17:28:08.0819 3144 AFD - ok 17:28:08.0861 3144 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys 17:28:08.0862 3144 agp440 - ok 17:28:08.0886 3144 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys 17:28:08.0888 3144 aic78xx - ok 17:28:08.0907 3144 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe 17:28:08.0909 3144 ALG - ok 17:28:08.0942 3144 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys 17:28:08.0944 3144 aliide - ok 17:28:08.0975 3144 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys 17:28:08.0976 3144 amdagp - ok 17:28:08.0988 3144 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys 17:28:08.0990 3144 amdide - ok 17:28:09.0016 3144 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys 17:28:09.0017 3144 AmdK7 - ok 17:28:09.0044 3144 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 17:28:09.0045 3144 AmdK8 - ok 17:28:09.0067 3144 Andbus - ok 17:28:09.0095 3144 [ 8E0BF6F3B2C9C292BC7CE0DE727CDD56 ] AndDiag C:\Windows\system32\DRIVERS\lganddiag.sys 17:28:09.0096 3144 AndDiag - ok 17:28:09.0105 3144 [ 1D2C90E25483363D54B652898BBC8F2A ] AndGps C:\Windows\system32\DRIVERS\lgandgps.sys 17:28:09.0108 3144 AndGps - ok 17:28:09.0139 3144 [ B1B06A95DA2CAC7FA19832C60C348C85 ] ANDModem C:\Windows\system32\DRIVERS\lgandmodem.sys 17:28:09.0140 3144 ANDModem - ok 17:28:09.0215 3144 [ D9A92E6DD41C5ADC045AE485026AA40C ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe 17:28:09.0217 3144 AntiVirSchedulerService - ok 17:28:09.0250 3144 [ 66A7A38F7C439153B758548375EB9E5E ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe 17:28:09.0252 3144 AntiVirService - ok 17:28:09.0298 3144 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll 17:28:09.0299 3144 Appinfo - ok 17:28:09.0419 3144 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 17:28:09.0420 3144 Apple Mobile Device - ok 17:28:09.0443 3144 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys 17:28:09.0445 3144 arc - ok 17:28:09.0474 3144 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys 17:28:09.0475 3144 arcsas - ok 17:28:09.0584 3144 [ EB1807795CD3EEAA3288B4A30DE254E8 ] ASLDRService C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe 17:28:09.0585 3144 ASLDRService - ok 17:28:09.0634 3144 [ 7B4D08D2017AC06689D422E06C43F0AA ] ASMMAP C:\Program Files\ATKGFNEX\ASMMAP.sys 17:28:09.0635 3144 ASMMAP - ok 17:28:09.0675 3144 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 17:28:09.0677 3144 AsyncMac - ok 17:28:09.0717 3144 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys 17:28:09.0717 3144 atapi - ok 17:28:09.0784 3144 [ 2846F5EE802889D500FCF5CC48B28381 ] athr C:\Windows\system32\DRIVERS\athr.sys 17:28:09.0875 3144 athr - ok 17:28:09.0892 3144 [ 7C157574A181B19B9DCF5F339E25337E ] ATKGFNEXSrv C:\Program Files\ATKGFNEX\GFNEXSrv.exe 17:28:09.0893 3144 ATKGFNEXSrv - ok 17:28:09.0932 3144 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 17:28:09.0938 3144 AudioEndpointBuilder - ok 17:28:09.0952 3144 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll 17:28:09.0955 3144 Audiosrv - ok 17:28:10.0033 3144 [ 87425709A251386064C99B684BF96F72 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys 17:28:10.0034 3144 avgntflt - ok 17:28:10.0055 3144 [ D50FBA68163BC498F2C136E0E5BA8E2F ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys 17:28:10.0057 3144 avipbb - ok 17:28:10.0069 3144 [ CB8741CD7B126499FED40C9B197F6AC5 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys 17:28:10.0070 3144 avkmgr - ok 17:28:10.0126 3144 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys 17:28:10.0127 3144 Beep - ok 17:28:10.0291 3144 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll 17:28:10.0327 3144 BFE - ok 17:28:10.0431 3144 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll 17:28:10.0465 3144 BITS - ok 17:28:10.0494 3144 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys 17:28:10.0495 3144 blbdrive - ok 17:28:10.0569 3144 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 17:28:10.0578 3144 Bonjour Service - ok 17:28:10.0614 3144 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys 17:28:10.0615 3144 bowser - ok 17:28:10.0636 3144 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys 17:28:10.0638 3144 BrFiltLo - ok 17:28:10.0656 3144 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys 17:28:10.0658 3144 BrFiltUp - ok 17:28:10.0695 3144 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll 17:28:10.0697 3144 Browser - ok 17:28:10.0729 3144 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys 17:28:10.0731 3144 Brserid - ok 17:28:10.0766 3144 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys 17:28:10.0768 3144 BrSerWdm - ok 17:28:10.0833 3144 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys 17:28:10.0835 3144 BrUsbMdm - ok 17:28:10.0855 3144 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys 17:28:10.0858 3144 BrUsbSer - ok 17:28:10.0930 3144 [ EA7E57F87D6FEE5FD6C5F813C04E8CD2 ] BrYNSvc C:\Program Files\Browny02\BrYNSvc.exe 17:28:10.0934 3144 BrYNSvc - ok 17:28:10.0974 3144 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys 17:28:10.0976 3144 BTHMODEM - ok 17:28:11.0004 3144 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 17:28:11.0006 3144 cdfs - ok 17:28:11.0103 3144 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 17:28:11.0105 3144 cdrom - ok 17:28:11.0196 3144 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll 17:28:11.0198 3144 CertPropSvc - ok 17:28:11.0223 3144 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys 17:28:11.0225 3144 circlass - ok 17:28:11.0259 3144 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys 17:28:11.0301 3144 CLFS - ok 17:28:11.0380 3144 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 17:28:11.0382 3144 clr_optimization_v2.0.50727_32 - ok 17:28:11.0443 3144 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 17:28:11.0445 3144 clr_optimization_v4.0.30319_32 - ok 17:28:11.0483 3144 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 17:28:11.0485 3144 CmBatt - ok 17:28:11.0505 3144 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys 17:28:11.0507 3144 cmdide - ok 17:28:11.0530 3144 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 17:28:11.0531 3144 Compbatt - ok 17:28:11.0541 3144 COMSysApp - ok 17:28:11.0551 3144 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 17:28:11.0553 3144 crcdisk - ok 17:28:11.0569 3144 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys 17:28:11.0570 3144 Crusoe - ok 17:28:11.0644 3144 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll 17:28:11.0646 3144 CryptSvc - ok 17:28:11.0715 3144 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll 17:28:11.0742 3144 DcomLaunch - ok 17:28:11.0784 3144 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys 17:28:11.0786 3144 DfsC - ok 17:28:11.0933 3144 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe 17:28:11.0976 3144 DFSR - ok 17:28:12.0044 3144 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll 17:28:12.0048 3144 Dhcp - ok 17:28:12.0086 3144 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys 17:28:12.0087 3144 disk - ok 17:28:12.0131 3144 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll 17:28:12.0133 3144 Dnscache - ok 17:28:12.0172 3144 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll 17:28:12.0175 3144 dot3svc - ok 17:28:12.0204 3144 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll 17:28:12.0206 3144 DPS - ok 17:28:12.0244 3144 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 17:28:12.0246 3144 drmkaud - ok 17:28:12.0296 3144 [ 5DE0FAEC9E5D1AAE74F8568897891A01 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 17:28:12.0301 3144 DXGKrnl - ok 17:28:12.0348 3144 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys 17:28:12.0349 3144 E1G60 - ok 17:28:12.0393 3144 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll 17:28:12.0396 3144 EapHost - ok 17:28:12.0436 3144 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys 17:28:12.0439 3144 Ecache - ok 17:28:12.0504 3144 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 17:28:12.0511 3144 ehRecvr - ok 17:28:12.0530 3144 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe 17:28:12.0531 3144 ehSched - ok 17:28:12.0549 3144 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll 17:28:12.0550 3144 ehstart - ok 17:28:12.0597 3144 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys 17:28:12.0604 3144 elxstor - ok 17:28:12.0660 3144 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll 17:28:12.0670 3144 EMDMgmt - ok 17:28:12.0703 3144 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys 17:28:12.0705 3144 ErrDev - ok 17:28:12.0759 3144 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll 17:28:12.0836 3144 EventSystem - ok 17:28:12.0879 3144 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys 17:28:12.0880 3144 exfat - ok 17:28:12.0914 3144 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys 17:28:12.0916 3144 fastfat - ok 17:28:12.0944 3144 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys 17:28:12.0945 3144 fdc - ok 17:28:12.0971 3144 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll 17:28:12.0973 3144 fdPHost - ok 17:28:12.0982 3144 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll 17:28:12.0985 3144 FDResPub - ok 17:28:13.0013 3144 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 17:28:13.0015 3144 FileInfo - ok 17:28:13.0040 3144 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys 17:28:13.0042 3144 Filetrace - ok 17:28:13.0061 3144 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys 17:28:13.0063 3144 flpydisk - ok 17:28:13.0089 3144 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 17:28:13.0091 3144 FltMgr - ok 17:28:13.0149 3144 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll 17:28:13.0169 3144 FontCache - ok 17:28:13.0243 3144 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 17:28:13.0245 3144 FontCache3.0.0.0 - ok 17:28:13.0275 3144 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 17:28:13.0276 3144 Fs_Rec - ok 17:28:13.0313 3144 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 17:28:13.0314 3144 gagp30kx - ok 17:28:13.0371 3144 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 17:28:13.0371 3144 GEARAspiWDM - ok 17:28:13.0418 3144 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll 17:28:13.0431 3144 gpsvc - ok 17:28:13.0519 3144 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe 17:28:13.0520 3144 gupdate - ok 17:28:13.0541 3144 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe 17:28:13.0543 3144 gupdatem - ok 17:28:13.0571 3144 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe 17:28:13.0572 3144 gusvc - ok 17:28:13.0628 3144 [ 3F90E001369A07243763BD5A523D8722 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 17:28:13.0632 3144 HdAudAddService - ok 17:28:13.0672 3144 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 17:28:13.0678 3144 HDAudBus - ok 17:28:13.0704 3144 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys 17:28:13.0704 3144 HidBth - ok 17:28:13.0725 3144 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys 17:28:13.0726 3144 HidIr - ok 17:28:13.0760 3144 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll 17:28:13.0762 3144 hidserv - ok 17:28:13.0799 3144 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 17:28:13.0808 3144 HidUsb - ok 17:28:13.0869 3144 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll 17:28:13.0872 3144 hkmsvc - ok 17:28:13.0909 3144 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys 17:28:13.0909 3144 HpCISSs - ok 17:28:13.0943 3144 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys 17:28:13.0949 3144 HTTP - ok 17:28:13.0967 3144 hwdatacard - ok 17:28:14.0013 3144 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys 17:28:14.0013 3144 i2omp - ok 17:28:14.0053 3144 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 17:28:14.0054 3144 i8042prt - ok 17:28:14.0084 3144 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys 17:28:14.0088 3144 iaStorV - ok 17:28:14.0180 3144 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 17:28:14.0199 3144 idsvc - ok 17:28:14.0241 3144 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys 17:28:14.0242 3144 iirsp - ok 17:28:14.0279 3144 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll 17:28:14.0312 3144 IKEEXT - ok 17:28:14.0351 3144 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys 17:28:14.0353 3144 intelide - ok 17:28:14.0383 3144 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 17:28:14.0384 3144 intelppm - ok 17:28:14.0413 3144 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll 17:28:14.0416 3144 IPBusEnum - ok 17:28:14.0435 3144 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 17:28:14.0437 3144 IpFilterDriver - ok 17:28:14.0478 3144 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 17:28:14.0481 3144 iphlpsvc - ok 17:28:14.0490 3144 IpInIp - ok 17:28:14.0523 3144 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys 17:28:14.0524 3144 IPMIDRV - ok 17:28:14.0552 3144 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys 17:28:14.0554 3144 IPNAT - ok 17:28:14.0651 3144 [ E3E71649A926CB34FA4D7AB75DCE126C ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 17:28:14.0655 3144 iPod Service - ok 17:28:14.0698 3144 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys 17:28:14.0700 3144 IRENUM - ok 17:28:14.0729 3144 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys 17:28:14.0731 3144 isapnp - ok 17:28:14.0766 3144 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys 17:28:14.0768 3144 iScsiPrt - ok 17:28:14.0829 3144 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys 17:28:14.0830 3144 iteatapi - ok 17:28:14.0864 3144 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys 17:28:14.0865 3144 iteraid - ok 17:28:14.0898 3144 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 17:28:14.0899 3144 kbdclass - ok 17:28:14.0927 3144 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 17:28:14.0929 3144 kbdhid - ok 17:28:14.0968 3144 [ 27BD4AC228EF6C0D490617C32E86A672 ] kbfiltr C:\Windows\system32\DRIVERS\kbfiltr.sys 17:28:14.0970 3144 kbfiltr - ok 17:28:14.0990 3144 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe 17:28:14.0993 3144 KeyIso - ok 17:28:15.0041 3144 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 17:28:15.0050 3144 KSecDD - ok 17:28:15.0098 3144 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll 17:28:15.0108 3144 KtmRm - ok 17:28:15.0145 3144 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32\srvsvc.dll 17:28:15.0149 3144 LanmanServer - ok 17:28:15.0184 3144 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 17:28:15.0189 3144 LanmanWorkstation - ok 17:28:15.0224 3144 [ 4DD47B5AF0B24871EBB9EFC012A7474E ] LgBttPort C:\Windows\system32\DRIVERS\lgbtport.sys 17:28:15.0226 3144 LgBttPort - ok 17:28:15.0254 3144 [ 1D038CA6C529203087A990E5E97887B4 ] lgbusenum C:\Windows\system32\DRIVERS\lgbtbus.sys 17:28:15.0255 3144 lgbusenum - ok 17:28:15.0281 3144 [ 26F1976A330195D62A6224C76968CF0D ] LGVMODEM C:\Windows\system32\DRIVERS\lgvmodem.sys 17:28:15.0294 3144 LGVMODEM - ok 17:28:15.0328 3144 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 17:28:15.0330 3144 lltdio - ok 17:28:15.0372 3144 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll 17:28:15.0377 3144 lltdsvc - ok 17:28:15.0405 3144 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll 17:28:15.0408 3144 lmhosts - ok 17:28:15.0431 3144 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 17:28:15.0432 3144 LSI_FC - ok 17:28:15.0450 3144 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 17:28:15.0452 3144 LSI_SAS - ok 17:28:15.0477 3144 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 17:28:15.0478 3144 LSI_SCSI - ok 17:28:15.0495 3144 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys 17:28:15.0497 3144 luafv - ok 17:28:15.0539 3144 [ 4470E3C1E0C3378E4CAB137893C12C3A ] MBAMProtector C:\Windows\system32\drivers\mbam.sys 17:28:15.0540 3144 MBAMProtector - ok 17:28:15.0593 3144 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe 17:28:15.0608 3144 MBAMScheduler - ok 17:28:15.0648 3144 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe 17:28:15.0671 3144 MBAMService - ok 17:28:15.0717 3144 [ 0DB7527DB188C7D967A37BB51BBF3963 ] MBAMSwissArmy C:\Windows\system32\drivers\mbamswissarmy.sys 17:28:15.0718 3144 MBAMSwissArmy - ok 17:28:15.0804 3144 [ AA44024C1796F40D43F2E6C08B47A564 ] McAfee SiteAdvisor Service c:\PROGRA~1\mcafee\SITEAD~1\mcsacore.exe 17:28:15.0806 3144 McAfee SiteAdvisor Service - ok 17:28:15.0907 3144 [ DDCC236009C707761D60E5C76D639176 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe 17:28:15.0910 3144 McComponentHostService - ok 17:28:15.0944 3144 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 17:28:15.0947 3144 Mcx2Svc - ok 17:28:15.0990 3144 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys 17:28:15.0991 3144 megasas - ok 17:28:16.0051 3144 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys 17:28:16.0061 3144 MegaSR - ok 17:28:16.0273 3144 Microsoft SharePoint Workspace Audit Service - ok 17:28:16.0348 3144 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll 17:28:16.0350 3144 MMCSS - ok 17:28:16.0363 3144 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys 17:28:16.0365 3144 Modem - ok 17:28:16.0398 3144 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys 17:28:16.0399 3144 monitor - ok 17:28:16.0409 3144 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 17:28:16.0411 3144 mouclass - ok 17:28:16.0434 3144 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 17:28:16.0436 3144 mouhid - ok 17:28:16.0462 3144 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys 17:28:16.0468 3144 MountMgr - ok 17:28:16.0516 3144 [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe 17:28:16.0517 3144 MozillaMaintenance - ok 17:28:16.0543 3144 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys 17:28:16.0544 3144 mpio - ok 17:28:16.0572 3144 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 17:28:16.0573 3144 mpsdrv - ok 17:28:16.0621 3144 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll 17:28:16.0635 3144 MpsSvc - ok 17:28:16.0660 3144 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys 17:28:16.0661 3144 Mraid35x - ok 17:28:16.0693 3144 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 17:28:16.0696 3144 MRxDAV - ok 17:28:16.0722 3144 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 17:28:16.0724 3144 mrxsmb - ok 17:28:16.0761 3144 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 17:28:16.0766 3144 mrxsmb10 - ok 17:28:16.0783 3144 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 17:28:16.0785 3144 mrxsmb20 - ok 17:28:16.0824 3144 [ 28023E86F17001F7CD9B15A5BC9AE07D ] msahci C:\Windows\system32\drivers\msahci.sys 17:28:16.0825 3144 msahci - ok 17:28:16.0848 3144 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys 17:28:16.0849 3144 msdsm - ok 17:28:16.0876 3144 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe 17:28:16.0878 3144 MSDTC - ok 17:28:16.0916 3144 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys 17:28:16.0917 3144 Msfs - ok 17:28:16.0960 3144 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 17:28:16.0961 3144 msisadrv - ok 17:28:16.0999 3144 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 17:28:17.0002 3144 MSiSCSI - ok 17:28:17.0009 3144 msiserver - ok 17:28:17.0045 3144 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 17:28:17.0047 3144 MSKSSRV - ok 17:28:17.0081 3144 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 17:28:17.0083 3144 MSPCLOCK - ok 17:28:17.0095 3144 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 17:28:17.0098 3144 MSPQM - ok 17:28:17.0122 3144 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 17:28:17.0124 3144 MsRPC - ok 17:28:17.0138 3144 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys 17:28:17.0139 3144 mssmbios - ok 17:28:17.0172 3144 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 17:28:17.0173 3144 MSTEE - ok 17:28:17.0208 3144 [ 97AFFA9D95FFE20EEE6229BC6BE166CF ] MTsensor C:\Windows\system32\DRIVERS\ATKACPI.sys 17:28:17.0209 3144 MTsensor - ok 17:28:17.0239 3144 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys 17:28:17.0240 3144 Mup - ok 17:28:17.0283 3144 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll 17:28:17.0316 3144 napagent - ok 17:28:17.0350 3144 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 17:28:17.0352 3144 NativeWifiP - ok 17:28:17.0392 3144 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys 17:28:17.0397 3144 NDIS - ok 17:28:17.0424 3144 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 17:28:17.0425 3144 NdisTapi - ok 17:28:17.0442 3144 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 17:28:17.0444 3144 Ndisuio - ok 17:28:17.0476 3144 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 17:28:17.0478 3144 NdisWan - ok 17:28:17.0492 3144 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 17:28:17.0494 3144 NDProxy - ok 17:28:17.0511 3144 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 17:28:17.0512 3144 NetBIOS - ok 17:28:17.0543 3144 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys 17:28:17.0545 3144 netbt - ok 17:28:17.0567 3144 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe 17:28:17.0569 3144 Netlogon - ok 17:28:17.0602 3144 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll 17:28:17.0608 3144 Netman - ok 17:28:17.0634 3144 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll 17:28:17.0640 3144 netprofm - ok 17:28:17.0669 3144 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 17:28:17.0671 3144 NetTcpPortSharing - ok 17:28:17.0716 3144 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 17:28:17.0717 3144 nfrd960 - ok 17:28:17.0744 3144 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll 17:28:17.0747 3144 NlaSvc - ok 17:28:17.0795 3144 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys 17:28:17.0797 3144 Npfs - ok 17:28:17.0816 3144 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll 17:28:17.0820 3144 nsi - ok 17:28:17.0829 3144 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 17:28:17.0831 3144 nsiproxy - ok 17:28:17.0889 3144 [ 2C1121F2B87E9A6B12485DF53CD848C7 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 17:28:17.0923 3144 Ntfs - ok 17:28:17.0942 3144 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys 17:28:17.0943 3144 ntrigdigi - ok 17:28:17.0964 3144 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys 17:28:17.0965 3144 Null - ok 17:28:18.0163 3144 [ 4C14177AF506F02FC39C60D7801DD372 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys 17:28:18.0318 3144 nvlddmkm - ok 17:28:18.0351 3144 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys 17:28:18.0352 3144 nvraid - ok 17:28:18.0374 3144 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys 17:28:18.0375 3144 nvstor - ok 17:28:18.0426 3144 [ 731E5D1484D792CABAE3D94BFC6A4F9C ] nvsvc C:\Windows\system32\nvvsvc.exe 17:28:18.0430 3144 nvsvc - ok 17:28:18.0461 3144 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 17:28:18.0462 3144 nv_agp - ok 17:28:18.0473 3144 NwlnkFlt - ok 17:28:18.0481 3144 NwlnkFwd - ok 17:28:18.0521 3144 [ 790E27C3DB53410B40FF9EF2FD10A1D9 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys 17:28:18.0522 3144 ohci1394 - ok 17:28:18.0562 3144 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 17:28:18.0563 3144 ose - ok 17:28:18.0724 3144 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 17:28:18.0823 3144 osppsvc - ok 17:28:18.0870 3144 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll 17:28:18.0880 3144 p2pimsvc - ok 17:28:18.0914 3144 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll 17:28:18.0921 3144 p2psvc - ok 17:28:18.0964 3144 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys 17:28:18.0965 3144 Parport - ok 17:28:19.0009 3144 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys 17:28:19.0010 3144 partmgr - ok 17:28:19.0034 3144 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys 17:28:19.0036 3144 Parvdm - ok 17:28:19.0059 3144 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll 17:28:19.0061 3144 PcaSvc - ok 17:28:19.0097 3144 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys 17:28:19.0099 3144 pci - ok 17:28:19.0133 3144 [ 1636D43F10416AEB483BC6001097B26C ] pciide C:\Windows\system32\drivers\pciide.sys 17:28:19.0135 3144 pciide - ok 17:28:19.0159 3144 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 17:28:19.0161 3144 pcmcia - ok 17:28:19.0410 3144 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys 17:28:19.0453 3144 PEAUTH - ok 17:28:19.0534 3144 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll 17:28:19.0578 3144 pla - ok 17:28:19.0612 3144 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll 17:28:19.0621 3144 PlugPlay - ok 17:28:19.0648 3144 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll 17:28:19.0656 3144 PNRPAutoReg - ok 17:28:19.0682 3144 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll 17:28:19.0690 3144 PNRPsvc - ok 17:28:19.0727 3144 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 17:28:19.0732 3144 PolicyAgent - ok 17:28:19.0774 3144 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 17:28:19.0775 3144 PptpMiniport - ok 17:28:19.0802 3144 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys 17:28:19.0803 3144 Processor - ok 17:28:19.0852 3144 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll 17:28:19.0855 3144 ProfSvc - ok 17:28:19.0876 3144 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe 17:28:19.0879 3144 ProtectedStorage - ok 17:28:19.0906 3144 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys 17:28:19.0907 3144 PSched - ok 17:28:19.0983 3144 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys 17:28:20.0017 3144 ql2300 - ok 17:28:20.0045 3144 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 17:28:20.0047 3144 ql40xx - ok 17:28:20.0083 3144 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll 17:28:20.0088 3144 QWAVE - ok 17:28:20.0105 3144 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 17:28:20.0107 3144 QWAVEdrv - ok 17:28:20.0121 3144 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 17:28:20.0124 3144 RasAcd - ok 17:28:20.0150 3144 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll 17:28:20.0154 3144 RasAuto - ok 17:28:20.0169 3144 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 17:28:20.0171 3144 Rasl2tp - ok 17:28:20.0200 3144 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll 17:28:20.0205 3144 RasMan - ok 17:28:20.0232 3144 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 17:28:20.0233 3144 RasPppoe - ok 17:28:20.0265 3144 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 17:28:20.0267 3144 RasSstp - ok 17:28:20.0298 3144 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 17:28:20.0313 3144 rdbss - ok 17:28:20.0342 3144 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 17:28:20.0345 3144 RDPCDD - ok 17:28:20.0385 3144 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys 17:28:20.0389 3144 rdpdr - ok 17:28:20.0402 3144 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 17:28:20.0403 3144 RDPENCDD - ok 17:28:20.0452 3144 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 17:28:20.0454 3144 RDPWD - ok 17:28:20.0502 3144 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll 17:28:20.0505 3144 RemoteAccess - ok 17:28:20.0537 3144 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll 17:28:20.0540 3144 RemoteRegistry - ok 17:28:20.0566 3144 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe 17:28:20.0568 3144 RpcLocator - ok 17:28:20.0598 3144 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll 17:28:20.0606 3144 RpcSs - ok 17:28:20.0627 3144 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 17:28:20.0628 3144 rspndr - ok 17:28:20.0687 3144 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe 17:28:20.0689 3144 SamSs - ok 17:28:20.0736 3144 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 17:28:20.0737 3144 sbp2port - ok 17:28:20.0775 3144 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll 17:28:20.0779 3144 SCardSvr - ok 17:28:20.0928 3144 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll 17:28:20.0935 3144 Schedule - ok 17:28:20.0975 3144 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll 17:28:20.0976 3144 SCPolicySvc - ok 17:28:21.0023 3144 [ 126EA89BCC413EE45E3004FB0764888F ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys 17:28:21.0024 3144 sdbus - ok 17:28:21.0072 3144 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll 17:28:21.0075 3144 SDRSVC - ok 17:28:21.0095 3144 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys 17:28:21.0097 3144 secdrv - ok 17:28:21.0110 3144 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll 17:28:21.0114 3144 seclogon - ok 17:28:21.0135 3144 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll 17:28:21.0141 3144 SENS - ok 17:28:21.0190 3144 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys 17:28:21.0192 3144 Serenum - ok 17:28:21.0216 3144 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys 17:28:21.0221 3144 Serial - ok 17:28:21.0236 3144 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys 17:28:21.0238 3144 sermouse - ok 17:28:21.0274 3144 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll 17:28:21.0277 3144 SessionEnv - ok 17:28:21.0301 3144 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 17:28:21.0307 3144 sffdisk - ok 17:28:21.0335 3144 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 17:28:21.0380 3144 sffp_mmc - ok 17:28:21.0410 3144 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 17:28:21.0444 3144 sffp_sd - ok 17:28:21.0465 3144 [ C33BFBD6E9E41FCD9FFEF9729E9FAED6 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys 17:28:21.0521 3144 sfloppy - ok 17:28:21.0562 3144 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll 17:28:21.0616 3144 SharedAccess - ok 17:28:21.0676 3144 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll 17:28:21.0680 3144 ShellHWDetection - ok 17:28:21.0706 3144 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys 17:28:21.0707 3144 sisagp - ok 17:28:21.0745 3144 [ F7DA61BD62A16510227656C3477E2B52 ] SiSGbeLH C:\Windows\system32\DRIVERS\SiSGB6.sys 17:28:21.0746 3144 SiSGbeLH - ok 17:28:21.0788 3144 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys 17:28:21.0789 3144 SiSRaid2 - ok 17:28:21.0806 3144 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 17:28:21.0808 3144 SiSRaid4 - ok 17:28:21.0862 3144 [ CA355B308AA537C6B9D67CD3A5485AF9 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe 17:28:21.0864 3144 SkypeUpdate - ok 17:28:21.0965 3144 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe 17:28:22.0049 3144 slsvc - ok 17:28:22.0063 3144 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll 17:28:22.0067 3144 SLUINotify - ok 17:28:22.0100 3144 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys 17:28:22.0103 3144 Smb - ok 17:28:22.0163 3144 [ C8A58FC905C9184FA70E37F71060C64D ] smserial C:\Windows\system32\DRIVERS\smserial.sys 17:28:22.0198 3144 smserial - ok 17:28:22.0240 3144 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe 17:28:22.0245 3144 SNMPTRAP - ok 17:28:22.0329 3144 [ A709DFA1674C1ED61EF7B5F29B38EEB1 ] SNP2UVC C:\Windows\system32\DRIVERS\snp2uvc.sys 17:28:22.0415 3144 SNP2UVC - ok 17:28:22.0448 3144 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys 17:28:22.0449 3144 spldr - ok 17:28:22.0493 3144 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe 17:28:22.0499 3144 Spooler - ok 17:28:22.0546 3144 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys 17:28:22.0551 3144 srv - ok 17:28:22.0588 3144 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 17:28:22.0592 3144 srv2 - ok 17:28:22.0610 3144 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 17:28:22.0613 3144 srvnet - ok 17:28:22.0645 3144 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 17:28:22.0655 3144 SSDPSRV - ok 17:28:22.0685 3144 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys 17:28:22.0687 3144 ssmdrv - ok 17:28:22.0722 3144 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll 17:28:22.0733 3144 SstpSvc - ok 17:28:22.0784 3144 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll 17:28:22.0794 3144 stisvc - ok 17:28:22.0822 3144 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys 17:28:22.0824 3144 swenum - ok 17:28:22.0869 3144 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll 17:28:22.0874 3144 swprv - ok 17:28:22.0898 3144 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys 17:28:22.0899 3144 Symc8xx - ok 17:28:22.0930 3144 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys 17:28:22.0931 3144 Sym_hi - ok 17:28:22.0952 3144 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys 17:28:22.0953 3144 Sym_u3 - ok 17:28:22.0994 3144 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll 17:28:23.0001 3144 SysMain - ok 17:28:23.0033 3144 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll 17:28:23.0045 3144 TabletInputService - ok 17:28:23.0084 3144 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll 17:28:23.0089 3144 TapiSrv - ok 17:28:23.0111 3144 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll 17:28:23.0119 3144 TBS - ok 17:28:23.0189 3144 [ 74E2D020C47BB2B2FCCBA29A518A7EB4 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 17:28:23.0208 3144 Tcpip - ok 17:28:23.0256 3144 [ 74E2D020C47BB2B2FCCBA29A518A7EB4 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys 17:28:23.0263 3144 Tcpip6 - ok 17:28:23.0303 3144 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 17:28:23.0304 3144 tcpipreg - ok 17:28:23.0333 3144 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 17:28:23.0336 3144 TDPIPE - ok 17:28:23.0363 3144 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 17:28:23.0365 3144 TDTCP - ok 17:28:23.0390 3144 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 17:28:23.0392 3144 tdx - ok 17:28:23.0432 3144 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys 17:28:23.0433 3144 TermDD - ok 17:28:23.0475 3144 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll 17:28:23.0482 3144 TermService - ok 17:28:23.0507 3144 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll 17:28:23.0512 3144 Themes - ok 17:28:23.0532 3144 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll 17:28:23.0534 3144 THREADORDER - ok 17:28:23.0565 3144 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll 17:28:23.0570 3144 TrkWks - ok 17:28:23.0613 3144 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 17:28:23.0615 3144 TrustedInstaller - ok 17:28:23.0651 3144 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 17:28:23.0652 3144 tssecsrv - ok 17:28:23.0682 3144 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys 17:28:23.0685 3144 tunmp - ok 17:28:23.0709 3144 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 17:28:23.0710 3144 tunnel - ok 17:28:23.0738 3144 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys 17:28:23.0739 3144 uagp35 - ok 17:28:23.0787 3144 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 17:28:23.0791 3144 udfs - ok 17:28:23.0828 3144 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe 17:28:23.0830 3144 UI0Detect - ok 17:28:23.0853 3144 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 17:28:23.0854 3144 uliagpkx - ok 17:28:23.0871 3144 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys 17:28:23.0877 3144 uliahci - ok 17:28:23.0898 3144 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys 17:28:23.0899 3144 UlSata - ok 17:28:23.0923 3144 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys 17:28:23.0924 3144 ulsata2 - ok 17:28:23.0945 3144 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys 17:28:23.0945 3144 umbus - ok 17:28:23.0988 3144 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll 17:28:23.0995 3144 upnphost - ok 17:28:24.0029 3144 [ 73B41F4EAD65F355962168D766AF0F2E ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys 17:28:24.0030 3144 USBAAPL - ok 17:28:24.0081 3144 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 17:28:24.0082 3144 usbccgp - ok 17:28:24.0126 3144 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys 17:28:24.0127 3144 usbcir - ok 17:28:24.0163 3144 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 17:28:24.0164 3144 usbehci - ok 17:28:24.0184 3144 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 17:28:24.0188 3144 usbhub - ok 17:28:24.0202 3144 [ CE697FEE0D479290D89BEC80DFE793B7 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys 17:28:24.0204 3144 usbohci - ok 17:28:24.0235 3144 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 17:28:24.0237 3144 usbprint - ok 17:28:24.0261 3144 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys 17:28:24.0262 3144 usbscan - ok 17:28:24.0285 3144 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 17:28:24.0287 3144 USBSTOR - ok 17:28:24.0316 3144 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys 17:28:24.0317 3144 usbuhci - ok 17:28:24.0357 3144 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys 17:28:24.0359 3144 usbvideo - ok 17:28:24.0403 3144 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll 17:28:24.0407 3144 UxSms - ok 17:28:24.0442 3144 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe 17:28:24.0453 3144 vds - ok 17:28:24.0489 3144 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 17:28:24.0490 3144 vga - ok 17:28:24.0528 3144 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys 17:28:24.0530 3144 VgaSave - ok 17:28:24.0556 3144 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys 17:28:24.0558 3144 viaagp - ok 17:28:24.0592 3144 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys 17:28:24.0593 3144 ViaC7 - ok 17:28:24.0610 3144 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys 17:28:24.0613 3144 viaide - ok 17:28:24.0624 3144 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys 17:28:24.0626 3144 volmgr - ok 17:28:24.0663 3144 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 17:28:24.0669 3144 volmgrx - ok 17:28:24.0734 3144 [ 786DB5771F05EF300390399F626BF30A ] volsnap C:\Windows\system32\drivers\volsnap.sys 17:28:24.0738 3144 volsnap - ok 17:28:24.0754 3144 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 17:28:24.0756 3144 vsmraid - ok 17:28:24.0798 3144 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe 17:28:24.0811 3144 VSS - ok |
|
04.06.2013, 16:54
| #12 |
| /// Malware-holic | Virus tcbhn? edit...
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
04.06.2013, 16:55
| #13 |
| | Virus tcbhn? 17:28:24.0830 3144 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll 17:28:24.0837 3144 W32Time - ok 17:28:24.0861 3144 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys 17:28:24.0864 3144 WacomPen - ok 17:28:24.0889 3144 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys 17:28:24.0891 3144 Wanarp - ok 17:28:24.0899 3144 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 17:28:24.0903 3144 Wanarpv6 - ok 17:28:24.0940 3144 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll 17:28:24.0946 3144 wcncsvc - ok 17:28:24.0976 3144 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 17:28:24.0979 3144 WcsPlugInService - ok 17:28:25.0000 3144 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys 17:28:25.0001 3144 Wd - ok 17:28:25.0043 3144 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 17:28:25.0052 3144 Wdf01000 - ok 17:28:25.0072 3144 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll 17:28:25.0075 3144 WdiServiceHost - ok 17:28:25.0082 3144 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll 17:28:25.0086 3144 WdiSystemHost - ok 17:28:25.0121 3144 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll 17:28:25.0128 3144 WebClient - ok 17:28:25.0169 3144 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll 17:28:25.0173 3144 Wecsvc - ok 17:28:25.0206 3144 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll 17:28:25.0210 3144 wercplsupport - ok 17:28:25.0246 3144 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll 17:28:25.0250 3144 WerSvc - ok 17:28:25.0300 3144 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll 17:28:25.0302 3144 WinDefend - ok 17:28:25.0312 3144 WinHttpAutoProxySvc - ok 17:28:25.0384 3144 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 17:28:25.0389 3144 Winmgmt - ok 17:28:25.0462 3144 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll 17:28:25.0474 3144 WinRM - ok 17:28:25.0534 3144 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll 17:28:25.0542 3144 Wlansvc - ok 17:28:25.0571 3144 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys 17:28:25.0573 3144 WmiAcpi - ok 17:28:25.0613 3144 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 17:28:25.0615 3144 wmiApSrv - ok 17:28:25.0683 3144 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe 17:28:25.0706 3144 WMPNetworkSvc - ok 17:28:25.0725 3144 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll 17:28:25.0730 3144 WPCSvc - ok 17:28:25.0765 3144 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 17:28:25.0769 3144 WPDBusEnum - ok 17:28:25.0809 3144 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys 17:28:25.0810 3144 WpdUsb - ok 17:28:25.0926 3144 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe 17:28:25.0936 3144 WPFFontCache_v0400 - ok 17:28:25.0958 3144 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 17:28:25.0961 3144 ws2ifsl - ok 17:28:25.0991 3144 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\System32\wscsvc.dll 17:28:25.0995 3144 wscsvc - ok 17:28:26.0003 3144 WSearch - ok 17:28:26.0089 3144 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll 17:28:26.0148 3144 wuauserv - ok 17:28:26.0207 3144 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 17:28:26.0209 3144 WudfPf - ok 17:28:26.0242 3144 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 17:28:26.0245 3144 WUDFRd - ok 17:28:26.0268 3144 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 17:28:26.0273 3144 wudfsvc - ok 17:28:26.0358 3144 [ 7D1F3B131D503EF43EE594B5A2B9B427 ] yukonwlh C:\Windows\system32\DRIVERS\yk60x86.sys 17:28:26.0362 3144 yukonwlh - ok 17:28:26.0372 3144 ================ Scan global =============================== 17:28:26.0415 3144 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll 17:28:26.0464 3144 [ A508314231C49AEE86987CEA3EAECAD1 ] C:\Windows\system32\winsrv.dll 17:28:26.0487 3144 [ A508314231C49AEE86987CEA3EAECAD1 ] C:\Windows\system32\winsrv.dll 17:28:26.0514 3144 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe 17:28:26.0521 3144 [Global] - ok 17:28:26.0523 3144 ================ Scan MBR ================================== 17:28:26.0850 3144 [ 64B1E91C5C6C2157642651010728F90F ] \Device\Harddisk1\DR1 17:28:26.0855 3144 \Device\Harddisk1\DR1 - ok 17:28:26.0878 3144 [ 64B1E91C5C6C2157642651010728F90F ] \Device\Harddisk0\DR0 17:28:27.0180 3144 \Device\Harddisk0\DR0 - ok 17:28:27.0181 3144 ================ Scan VBR ================================== 17:28:27.0186 3144 [ F34B5AA75B3407BE674CD582C4E3CCB3 ] \Device\Harddisk1\DR1\Partition1 17:28:27.0189 3144 \Device\Harddisk1\DR1\Partition1 - ok 17:28:27.0199 3144 [ ACBBC9101078D0266712964CA8F7ED29 ] \Device\Harddisk1\DR1\Partition2 17:28:27.0201 3144 \Device\Harddisk1\DR1\Partition2 - ok 17:28:27.0206 3144 [ 6913F7632F67D5E6C9B398053EF2F8BA ] \Device\Harddisk0\DR0\Partition1 17:28:27.0208 3144 \Device\Harddisk0\DR0\Partition1 - ok 17:28:27.0251 3144 [ DDAC5C10B7A1BD7C05922E84A79F298C ] \Device\Harddisk0\DR0\Partition2 17:28:27.0254 3144 \Device\Harddisk0\DR0\Partition2 - ok 17:28:27.0254 3144 ============================================================ 17:28:27.0254 3144 Scan finished 17:28:27.0254 3144 ============================================================ 17:28:27.0277 5212 Detected object count: 0 17:28:27.0277 5212 Actual detected object count: 0 17:30:37.0367 4468 ============================================================ 17:30:37.0368 4468 Scan started 17:30:37.0368 4468 Mode: Manual; SigCheck; TDLFS; 17:30:37.0368 4468 ============================================================ 17:30:38.0333 4468 ================ Scan system memory ======================== 17:30:38.0333 4468 System memory - ok 17:30:38.0334 4468 ================ Scan services ============================= 17:30:38.0536 4468 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys 17:30:38.0696 4468 ACPI - ok 17:30:38.0831 4468 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe 17:30:38.0847 4468 AdobeARMservice - ok 17:30:38.0930 4468 [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe 17:30:38.0949 4468 AdobeFlashPlayerUpdateSvc - ok 17:30:39.0009 4468 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 17:30:39.0040 4468 adp94xx - ok 17:30:39.0095 4468 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys 17:30:39.0118 4468 adpahci - ok 17:30:39.0144 4468 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys 17:30:39.0164 4468 adpu160m - ok 17:30:39.0180 4468 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 17:30:39.0200 4468 adpu320 - ok 17:30:39.0234 4468 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 17:30:39.0345 4468 AeLookupSvc - ok 17:30:39.0378 4468 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys 17:30:39.0436 4468 AFD - ok 17:30:39.0466 4468 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys 17:30:39.0481 4468 agp440 - ok 17:30:39.0503 4468 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys 17:30:39.0517 4468 aic78xx - ok 17:30:39.0535 4468 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe 17:30:39.0666 4468 ALG - ok 17:30:39.0703 4468 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys 17:30:39.0717 4468 aliide - ok 17:30:39.0746 4468 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys 17:30:39.0761 4468 amdagp - ok 17:30:39.0783 4468 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys 17:30:39.0796 4468 amdide - ok 17:30:39.0821 4468 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys 17:30:39.0866 4468 AmdK7 - ok 17:30:39.0883 4468 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 17:30:39.0943 4468 AmdK8 - ok 17:30:39.0950 4468 Andbus - ok 17:30:39.0978 4468 [ 8E0BF6F3B2C9C292BC7CE0DE727CDD56 ] AndDiag C:\Windows\system32\DRIVERS\lganddiag.sys 17:30:40.0031 4468 AndDiag - ok 17:30:40.0043 4468 [ 1D2C90E25483363D54B652898BBC8F2A ] AndGps C:\Windows\system32\DRIVERS\lgandgps.sys 17:30:40.0081 4468 AndGps - ok 17:30:40.0111 4468 [ B1B06A95DA2CAC7FA19832C60C348C85 ] ANDModem C:\Windows\system32\DRIVERS\lgandmodem.sys 17:30:40.0146 4468 ANDModem - ok 17:30:40.0198 4468 [ D9A92E6DD41C5ADC045AE485026AA40C ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe 17:30:40.0212 4468 AntiVirSchedulerService - ok 17:30:40.0245 4468 [ 66A7A38F7C439153B758548375EB9E5E ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe 17:30:40.0261 4468 AntiVirService - ok 17:30:40.0281 4468 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll 17:30:40.0363 4468 Appinfo - ok 17:30:40.0446 4468 [ 4FE5C6D40664AE07BE5105874357D2ED ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 17:30:40.0466 4468 Apple Mobile Device - ok 17:30:40.0493 4468 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys 17:30:40.0511 4468 arc - ok 17:30:40.0534 4468 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys 17:30:40.0552 4468 arcsas - ok 17:30:40.0633 4468 [ EB1807795CD3EEAA3288B4A30DE254E8 ] ASLDRService C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe 17:30:40.0664 4468 ASLDRService - ok 17:30:40.0705 4468 [ 7B4D08D2017AC06689D422E06C43F0AA ] ASMMAP C:\Program Files\ATKGFNEX\ASMMAP.sys 17:30:40.0720 4468 ASMMAP - ok 17:30:40.0747 4468 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 17:30:40.0820 4468 AsyncMac - ok 17:30:40.0843 4468 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys 17:30:40.0864 4468 atapi - ok 17:30:40.0922 4468 [ 2846F5EE802889D500FCF5CC48B28381 ] athr C:\Windows\system32\DRIVERS\athr.sys 17:30:40.0992 4468 athr - ok 17:30:41.0019 4468 [ 7C157574A181B19B9DCF5F339E25337E ] ATKGFNEXSrv C:\Program Files\ATKGFNEX\GFNEXSrv.exe 17:30:41.0041 4468 ATKGFNEXSrv ( UnsignedFile.Multi.Generic ) - warning 17:30:41.0041 4468 ATKGFNEXSrv - detected UnsignedFile.Multi.Generic (1) 17:30:41.0081 4468 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 17:30:41.0123 4468 AudioEndpointBuilder - ok 17:30:41.0148 4468 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll 17:30:41.0174 4468 Audiosrv - ok 17:30:41.0204 4468 [ 87425709A251386064C99B684BF96F72 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys 17:30:41.0221 4468 avgntflt - ok 17:30:41.0248 4468 [ D50FBA68163BC498F2C136E0E5BA8E2F ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys 17:30:41.0263 4468 avipbb - ok 17:30:41.0275 4468 [ CB8741CD7B126499FED40C9B197F6AC5 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys 17:30:41.0288 4468 avkmgr - ok 17:30:41.0342 4468 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys 17:30:41.0375 4468 Beep - ok 17:30:41.0412 4468 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll 17:30:41.0457 4468 BFE - ok 17:30:41.0512 4468 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll 17:30:41.0592 4468 BITS - ok 17:30:41.0632 4468 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys 17:30:41.0668 4468 blbdrive - ok 17:30:41.0751 4468 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 17:30:41.0777 4468 Bonjour Service - ok 17:30:41.0818 4468 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys 17:30:41.0866 4468 bowser - ok 17:30:41.0896 4468 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys 17:30:41.0951 4468 BrFiltLo - ok 17:30:41.0972 4468 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys 17:30:42.0036 4468 BrFiltUp - ok 17:30:42.0078 4468 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll 17:30:42.0140 4468 Browser - ok 17:30:42.0190 4468 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys 17:30:42.0707 4468 Brserid - ok 17:30:42.0737 4468 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys 17:30:42.0793 4468 BrSerWdm - ok 17:30:42.0815 4468 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys 17:30:42.0886 4468 BrUsbMdm - ok 17:30:42.0903 4468 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys 17:30:42.0964 4468 BrUsbSer - ok 17:30:43.0022 4468 [ EA7E57F87D6FEE5FD6C5F813C04E8CD2 ] BrYNSvc C:\Program Files\Browny02\BrYNSvc.exe 17:30:43.0041 4468 BrYNSvc ( UnsignedFile.Multi.Generic ) - warning 17:30:43.0041 4468 BrYNSvc - detected UnsignedFile.Multi.Generic (1) 17:30:43.0078 4468 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys 17:30:43.0141 4468 BTHMODEM - ok 17:30:43.0174 4468 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 17:30:43.0230 4468 cdfs - ok 17:30:43.0274 4468 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 17:30:43.0320 4468 cdrom - ok 17:30:43.0355 4468 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll 17:30:43.0413 4468 CertPropSvc - ok 17:30:43.0450 4468 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys 17:30:43.0484 4468 circlass - ok 17:30:43.0517 4468 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys 17:30:43.0535 4468 CLFS - ok 17:30:43.0607 4468 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 17:30:43.0623 4468 clr_optimization_v2.0.50727_32 - ok 17:30:43.0681 4468 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 17:30:43.0698 4468 clr_optimization_v4.0.30319_32 - ok 17:30:43.0732 4468 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 17:30:43.0777 4468 CmBatt - ok 17:30:43.0798 4468 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys 17:30:43.0816 4468 cmdide - ok 17:30:43.0935 4468 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 17:30:43.0952 4468 Compbatt - ok 17:30:43.0960 4468 COMSysApp - ok 17:30:43.0972 4468 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 17:30:43.0990 4468 crcdisk - ok 17:30:44.0006 4468 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys 17:30:44.0072 4468 Crusoe - ok 17:30:44.0163 4468 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll 17:30:44.0223 4468 CryptSvc - ok 17:30:44.0275 4468 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll 17:30:44.0310 4468 DcomLaunch - ok 17:30:44.0344 4468 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys 17:30:44.0377 4468 DfsC - ok 17:30:44.0458 4468 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe 17:30:44.0600 4468 DFSR - ok 17:30:44.0648 4468 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll 17:30:44.0702 4468 Dhcp - ok 17:30:44.0735 4468 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys 17:30:44.0755 4468 disk - ok 17:30:44.0791 4468 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll 17:30:44.0841 4468 Dnscache - ok 17:30:44.0877 4468 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll 17:30:44.0932 4468 dot3svc - ok 17:30:44.0964 4468 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll 17:30:45.0028 4468 DPS - ok 17:30:45.0070 4468 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 17:30:45.0134 4468 drmkaud - ok 17:30:45.0180 4468 [ 5DE0FAEC9E5D1AAE74F8568897891A01 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 17:30:45.0288 4468 DXGKrnl - ok 17:30:45.0341 4468 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys 17:30:45.0446 4468 E1G60 - ok 17:30:45.0485 4468 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll 17:30:45.0526 4468 EapHost - ok 17:30:45.0562 4468 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys 17:30:45.0580 4468 Ecache - ok 17:30:45.0652 4468 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 17:30:45.0677 4468 ehRecvr - ok 17:30:45.0689 4468 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe 17:30:45.0736 4468 ehSched - ok 17:30:45.0753 4468 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll 17:30:45.0781 4468 ehstart - ok 17:30:45.0810 4468 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys 17:30:45.0855 4468 elxstor - ok 17:30:45.0920 4468 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll 17:30:46.0138 4468 EMDMgmt - ok 17:30:46.0162 4468 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys 17:30:46.0209 4468 ErrDev - ok 17:30:46.0273 4468 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll 17:30:46.0313 4468 EventSystem - ok 17:30:46.0338 4468 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys 17:30:46.0399 4468 exfat - ok 17:30:46.0440 4468 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys 17:30:46.0482 4468 fastfat - ok 17:30:46.0525 4468 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys 17:30:46.0573 4468 fdc - ok 17:30:46.0608 4468 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll 17:30:46.0642 4468 fdPHost - ok 17:30:46.0654 4468 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll 17:30:46.0727 4468 FDResPub - ok 17:30:46.0750 4468 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 17:30:46.0765 4468 FileInfo - ok 17:30:46.0799 4468 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys 17:30:46.0844 4468 Filetrace - ok 17:30:46.0864 4468 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys 17:30:46.0903 4468 flpydisk - ok 17:30:46.0926 4468 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 17:30:46.0950 4468 FltMgr - ok 17:30:46.0997 4468 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll 17:30:47.0082 4468 FontCache - ok 17:30:47.0169 4468 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 17:30:47.0183 4468 FontCache3.0.0.0 - ok 17:30:47.0212 4468 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 17:30:47.0264 4468 Fs_Rec - ok 17:30:47.0316 4468 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 17:30:47.0331 4468 gagp30kx - ok 17:30:47.0374 4468 [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 17:30:47.0387 4468 GEARAspiWDM - ok 17:30:47.0444 4468 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll 17:30:47.0509 4468 gpsvc - ok 17:30:47.0570 4468 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe 17:30:47.0583 4468 gupdate - ok 17:30:47.0657 4468 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe 17:30:47.0673 4468 gupdatem - ok 17:30:47.0708 4468 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe 17:30:47.0725 4468 gusvc - ok 17:30:47.0787 4468 [ 3F90E001369A07243763BD5A523D8722 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 17:30:47.0935 4468 HdAudAddService - ok 17:30:47.0973 4468 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 17:30:48.0060 4468 HDAudBus - ok 17:30:48.0095 4468 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys 17:30:48.0151 4468 HidBth - ok 17:30:48.0172 4468 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys 17:30:48.0254 4468 HidIr - ok 17:30:48.0296 4468 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll 17:30:48.0337 4468 hidserv - ok 17:30:48.0369 4468 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 17:30:48.0424 4468 HidUsb - ok 17:30:48.0449 4468 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll 17:30:48.0497 4468 hkmsvc - ok 17:30:48.0534 4468 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys 17:30:48.0548 4468 HpCISSs - ok 17:30:48.0579 4468 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys 17:30:48.0669 4468 HTTP - ok 17:30:48.0682 4468 hwdatacard - ok 17:30:48.0726 4468 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys 17:30:48.0744 4468 i2omp - ok 17:30:48.0767 4468 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 17:30:48.0808 4468 i8042prt - ok 17:30:48.0843 4468 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys 17:30:48.0864 4468 iaStorV - ok 17:30:48.0963 4468 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 17:30:49.0017 4468 idsvc - ok 17:30:49.0055 4468 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys 17:30:49.0071 4468 iirsp - ok 17:30:49.0114 4468 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll 17:30:49.0162 4468 IKEEXT - ok 17:30:49.0198 4468 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys 17:30:49.0213 4468 intelide - ok 17:30:49.0241 4468 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 17:30:49.0282 4468 intelppm - ok 17:30:49.0316 4468 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll 17:30:49.0365 4468 IPBusEnum - ok 17:30:49.0382 4468 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 17:30:49.0428 4468 IpFilterDriver - ok 17:30:49.0469 4468 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 17:30:49.0515 4468 iphlpsvc - ok 17:30:49.0523 4468 IpInIp - ok 17:30:49.0548 4468 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys 17:30:49.0579 4468 IPMIDRV - ok 17:30:49.0610 4468 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys 17:30:49.0662 4468 IPNAT - ok 17:30:49.0733 4468 [ E3E71649A926CB34FA4D7AB75DCE126C ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 17:30:49.0806 4468 iPod Service - ok 17:30:49.0823 4468 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys 17:30:49.0853 4468 IRENUM - ok 17:30:49.0887 4468 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys 17:30:49.0904 4468 isapnp - ok 17:30:49.0946 4468 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys 17:30:49.0970 4468 iScsiPrt - ok 17:30:49.0998 4468 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys 17:30:50.0013 4468 iteatapi - ok 17:30:50.0044 4468 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys 17:30:50.0059 4468 iteraid - ok |
|
04.06.2013, 16:56
| #14 |
| /// Malware-holic | Virus tcbhn? Ok passt. Scan mit Combofix
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet Geändert von markusg (04.06.2013 um 17:02 Uhr) |
|
04.06.2013, 17:01
| #15 |
| | Virus tcbhn? Ist der Verlauf wieder der selbe nach den gefundenen Objekten? "Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue." |
|
| Themen zu Virus tcbhn? |
| anti-malware, beendet, bereits, dankbar, einzige, festgestellt, feststellen, folge, folgendes, gestellt, helfer, laptop, liebe, malwarebytes, malwarebytes anti-malware, meldung, nicht mehr, problem, schritt, stelle, tcbhn.exe, virus, virus?, vista, windows, windows vista |
WARNUNG an die MITLESER: 
