|
Plagegeister aller Art und deren Bekämpfung: win 7 plötzlich seeehr langsam, html/redir.eb.8Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
25.01.2013, 20:07 | #1 |
| win 7 plötzlich seeehr langsam, html/redir.eb.8 hallo, es ist freitag und mein pc hat wieder mal ein problem. seit heute früh ist er plötzlich seeehr langsam, die programme brauchen ewig zum öffnen, die browserseiten auch, zwischendurch friert alles ein, wenn ich schreibe, verzögert sich alles oft so, dass nur 1 von 10 buchstaben oder so genommen wird usw. malwarebytes hat wohl nichts gefunden: Code:
ATTFilter Malwarebytes Anti-Malware 1.70.0.1100 www.malwarebytes.org Datenbank Version: v2013.01.25.03 Windows 7 x64 NTFS Internet Explorer 9.0.8112.16421 HP Berlin :: HPBERLIN-PC [Administrator] 25.01.2013 10:04:26 mbam-log-2013-01-25 (10-04-26).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 257511 Laufzeit: 7 Minute(n), 57 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) OTL.txt: Code:
ATTFilter OTL logfile created on: 25.01.2013 19:28:19 - Run 7 OTL by OldTimer - Version 3.2.48.0 Folder = C:\Users\HP Berlin\Desktop\AntiSpyware 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy 7,99 Gb Total Physical Memory | 4,93 Gb Available Physical Memory | 61,74% Memory free 11,90 Gb Paging File | 8,88 Gb Available in Paging File | 74,69% Paging File free Paging file location(s): [Binary data over 100 bytes] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 684,15 Gb Total Space | 488,53 Gb Free Space | 71,41% Space Free | Partition Type: NTFS Drive D: | 14,39 Gb Total Space | 2,53 Gb Free Space | 17,55% Space Free | Partition Type: NTFS Drive E: | 698,64 Gb Total Space | 443,06 Gb Free Space | 63,42% Space Free | Partition Type: NTFS Drive O: | 1396,92 Gb Total Space | 819,15 Gb Free Space | 58,64% Space Free | Partition Type: FAT32 Computer Name: HPBERLIN-PC | User Name: HP Berlin | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe (ESET) PRC - C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe () PRC - C:\Program Files (x86)\Spamihilator\spamihilator.exe (Michel Krämer) PRC - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe () PRC - C:\Users\HP Berlin\Desktop\AntiSpyware\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated) PRC - C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.) PRC - C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe () PRC - C:\Program Files (x86)\Belkin\F7D4101\V1\PBN.exe () PRC - c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink) PRC - c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe (CyberLink Corp.) PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation) PRC - C:\Program Files (x86)\Brownie\Brnipmon.exe (Brother Industries, Ltd.) PRC - C:\Program Files (x86)\Brownie\brpjp04a.exe (brother) PRC - C:\Windows\SysWOW64\bgsvcgen.exe (B.H.A Corporation) ========== Modules (No Company Name) ========== MOD - C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe () MOD - C:\Program Files (x86)\Spamihilator\sqlite3.dll () MOD - C:\Program Files (x86)\Spamihilator\zlib1.dll () MOD - C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll () MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll () MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll () MOD - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f92c882fd4e7005c005e208daa04c28d\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\fdeec42fa02f3d789c42be2e33b130eb\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\b2e6d33df15f6ca262db09558982e0f2\Accessibility.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\3060dfcdecbeb8ee65077fb29b217c3d\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\4be2653d1c9804d2ff6e6b66d22764e1\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\500ddd904b1099f95552a81b54223b7f\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\f58ab951b57c8526430486dcf7ee38fd\mscorlib.ni.dll () MOD - C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe () MOD - C:\Program Files (x86)\Belkin\F7D4101\V1\PBN.exe () MOD - C:\Program Files (x86)\Belkin\F7D4101\V1\BelkinwcuiDLL.dll () MOD - C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvcLib.dll () MOD - c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll () ========== Win32 Services (SafeList) ========== SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (RealNetworks Downloader Resolver Service) -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe () SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (AdobeActiveFileMonitor10.0) -- C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated) SRV - (TeamViewer5) -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH) SRV - (CVPND) -- C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (WSWNA3100) -- C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe () SRV - (GameConsoleService) -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe (WildTangent, Inc.) SRV - (WLANBelkinService) -- C:\Program Files (x86)\Belkin\F7D4101\V1\wlansrv.exe () SRV - (getPlusHelper) @C:\Program Files (x86) -- C:\Program Files (x86)\NOS\bin\getPlus_Helper.dll (NOS Microsystems Ltd.) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (IAANTMON) Intel(R) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation) SRV - (ezSharedSvc) -- C:\Windows\SysWOW64\ezsvc7.dll (EasyBits Sofware AS) SRV - (bgsvcgen) -- C:\Windows\SysWOW64\bgsvcgen.exe (B.H.A Corporation) SRV - (AdobeActiveFileMonitor5.0) -- C:\Program Files (x86)\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe () SRV - (CCALib8) -- C:\Program Files (x86)\Canon\CAL\CALMAIN.exe (Canon Inc.) ========== Driver Services (SafeList) ========== DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.) DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.) DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH) DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH) DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH) DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation) DRV:64bit: - (Point64) -- C:\Windows\SysNative\drivers\point64.sys (Microsoft Corporation) DRV:64bit: - (dc3d) MS Hardware Device Detection Driver (USB) -- C:\Windows\SysNative\drivers\dc3d.sys (Microsoft Corporation) DRV:64bit: - (CVPNDRVA) -- C:\Windows\SysNative\drivers\CVPNDRVA.sys () DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions) DRV:64bit: - (teamviewervpn) -- C:\Windows\SysNative\drivers\teamviewervpn.sys (TeamViewer GmbH) DRV:64bit: - (CVirtA) -- C:\Windows\SysNative\drivers\CVirtA64.sys (Cisco Systems, Inc.) DRV:64bit: - (BCMH43XX) -- C:\Windows\SysNative\drivers\bcmwlhigh664.sys (Broadcom Corporation) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek ) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation) DRV:64bit: - (DNE) -- C:\Windows\SysNative\drivers\dne64x.sys (Deterministic Networks, Inc.) DRV:64bit: - (SCMNdisP) -- C:\Windows\SysNative\drivers\SCMNdisP.sys (Windows (R) Codename Longhorn DDK provider) DRV - ({55662437-DA8C-40c0-AADA-2C816A897A49}) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl (CyberLink Corp.) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_AT&c=94&bd=Pavilion&pf=cndt IE:64bit: - HKLM\..\SearchScopes,DefaultScope = IE:64bit: - HKLM\..\SearchScopes\{BD45CD95-A9C1-4209-B2ED-4B9B99703F40}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008 IE:64bit: - HKLM\..\SearchScopes\{D56565BD-FD80-481B-8232-1AAE0340DB2B}: "URL" = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1134&query={searchTerms}&invocationType=tb50hpcndtie7-de-at IE:64bit: - HKLM\..\SearchScopes\{E029F185-AB82-4242-A5F9-8108AE9A16B9}: "URL" = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_AT&c=94&bd=Pavilion&pf=cndt IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2613550 IE - HKLM\..\SearchScopes\{BD45CD95-A9C1-4209-B2ED-4B9B99703F40}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008 IE - HKLM\..\SearchScopes\{D56565BD-FD80-481B-8232-1AAE0340DB2B}: "URL" = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1134&query={searchTerms}&invocationType=tb50hpcndtie7-de-at IE - HKLM\..\SearchScopes\{E029F185-AB82-4242-A5F9-8108AE9A16B9}: "URL" = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/calendar/render?hl=de&tab=wc&gsessionid=ZkAmWI3R7rSgxWfTFbMw3Q IE - HKCU\..\SearchScopes,DefaultScope = {C79569B9-0771-4C65-B14E-845F99A6BCD9} IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2613550 IE - HKCU\..\SearchScopes\{BD45CD95-A9C1-4209-B2ED-4B9B99703F40}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008 IE - HKCU\..\SearchScopes\{C79569B9-0771-4C65-B14E-845F99A6BCD9}: "URL" = hxxp://de.wikipedia.org/wiki/Spezial:Search?search={searchTerms} IE - HKCU\..\SearchScopes\{D56565BD-FD80-481B-8232-1AAE0340DB2B}: "URL" = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1134&query={searchTerms}&invocationType=tb50hpcndtie7-de-at IE - HKCU\..\SearchScopes\{E029F185-AB82-4242-A5F9-8108AE9A16B9}: "URL" = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "https://www.google.com/calendar/render?hl=de&tab=wc&gsessionid=ZkAmWI3R7rSgxWfTFbMw3Q|hxxp://www.babyzimmer.de/forumdisplay.php/4-Das-BZ-Forum|hxxp://www.facebook.com/|hxxp://dailydeal.de/gutscheine/berlin/?geo=on" FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll File not found FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.51204.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.0.282: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.0.282: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer) FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\HP Berlin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}: C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ [2013.01.16 10:31:50 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{34712C68-7391-4c47-94F3-8F88D49AD632}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013.01.18 11:32:15 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.01.21 20:47:03 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.01.21 20:47:03 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.01.04 22:37:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\HP Berlin\AppData\Roaming\mozilla\Extensions [2010.01.04 22:37:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\HP Berlin\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2012.11.01 18:00:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\HP Berlin\AppData\Roaming\mozilla\Firefox\Profiles\13la5nka.default\extensions [2013.01.21 20:47:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2013.01.21 20:47:03 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2013.01.20 18:13:40 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2013.01.20 18:13:40 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2013.01.20 18:13:40 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2013.01.20 18:13:40 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2013.01.20 18:13:40 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2013.01.20 18:13:40 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2012.06.16 10:44:18 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation) O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation) O4:64bit: - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [itype] c:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [boincmgr] C:\Program Files\BOINC\boincmgr.exe (Space Sciences Laboratory) O4 - HKLM..\Run: [boinctray] C:\Program Files\BOINC\boinctray.exe (Space Sciences Laboratory) O4 - HKLM..\Run: [BrStsWnd] C:\Program Files (x86)\Brownie\BrstsW64.exe (brother) O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.) O4 - HKCU..\Run: [TVTip] C:\Programme\TV Movie\TV Movie ClickFinder\tvstart.exe (E.W.E.-Software) O4 - Startup: C:\Users\HP Berlin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2013.01.25 19:22:48 | 000,000,000 | -H-D | M] O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0 O8:64bit: - Extra context menu item: &Citavi Picker... - C:\ProgramData\Swiss Academic Software\Citavi Picker\Internet Explorer\ShowContextMenu.html () O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 File not found O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\HP Berlin\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm () O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\HP Berlin\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 File not found O8 - Extra context menu item: &Citavi Picker... - C:\ProgramData\Swiss Academic Software\Citavi Picker\Internet Explorer\ShowContextMenu.html () O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.) O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 File not found O8 - Extra context menu item: Free YouTube Download - C:\Users\HP Berlin\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm () O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\HP Berlin\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 File not found O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} hxxp://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect118.cab (GMNRev Class) O16 - DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} https://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab (CeWe Color AG & Co. OHG Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} hxxp://www.sibelius.com/download/software/win/ActiveXPlugin.cab (ScorchPlugin Class) O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D4010814-8B20-43BB-A662-6A72EBA2F08C}: DhcpNameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation) O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.01.25 09:54:33 | 000,000,000 | ---D | C] -- C:\Users\HP Berlin\AppData\Local\Programs [2013.01.25 09:12:17 | 000,000,000 | ---D | C] -- C:\Users\HP Berlin\AppData\Local\{3141F689-AF6F-46BD-8ECE-F0CE7AA3E226} [2013.01.24 18:19:33 | 000,000,000 | ---D | C] -- C:\Users\HP Berlin\AppData\Local\{6DD07A9D-D683-4C78-BF72-ED53F3E19CD8} [2013.01.23 10:42:55 | 000,000,000 | ---D | C] -- C:\Users\HP Berlin\AppData\Local\{3F4B12DA-8BEE-4B2B-81CD-9BC86C32A61F} [2013.01.22 22:42:31 | 000,000,000 | ---D | C] -- C:\Users\HP Berlin\AppData\Local\{DC8F48C5-E1E3-4512-8EC7-A89B9CFB0ECB} [2013.01.22 10:05:23 | 000,000,000 | ---D | C] -- C:\Users\HP Berlin\AppData\Local\{AAF2445B-FE33-405F-98EC-705D4FC9BF11} [2013.01.21 20:47:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2013.01.21 19:45:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScape [2013.01.21 19:45:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PhotoScape [2013.01.21 17:39:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3 [2013.01.21 17:20:40 | 000,000,000 | ---D | C] -- C:\Users\HP Berlin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unmechanical [2013.01.21 17:17:35 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2013.01.21 17:12:56 | 000,000,000 | ---D | C] -- C:\Unmechanical [2013.01.21 11:04:55 | 000,000,000 | ---D | C] -- C:\Users\HP Berlin\AppData\Local\{0093E120-A76B-4CA7-A22B-42144FCB2FBA} [2013.01.20 12:20:45 | 000,000,000 | ---D | C] -- C:\Users\HP Berlin\AppData\Local\{C9AF4388-AC5F-4A12-BE2D-6E255C9F648C} [2013.01.20 00:20:25 | 000,000,000 | ---D | C] -- C:\Users\HP Berlin\AppData\Local\{2A9731FF-C286-4426-B15B-3715509E2C96} [2013.01.19 12:20:06 | 000,000,000 | ---D | C] -- C:\Users\HP Berlin\AppData\Local\{0F84E925-CE41-4852-B4F1-DD6A65C24A09} [2013.01.19 00:19:47 | 000,000,000 | ---D | C] -- C:\Users\HP Berlin\AppData\Local\{FFF01040-5E23-4BA6-A996-15E59043512C} [2013.01.18 11:32:20 | 000,000,000 | ---D | C] -- C:\Users\HP Berlin\AppData\Roaming\RealNetworks [2013.01.18 11:32:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RealNetworks [2013.01.18 11:32:13 | 000,000,000 | ---D | C] -- C:\ProgramData\RealNetworks [2013.01.18 11:31:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\xing shared [2013.01.18 11:31:40 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll [2013.01.18 11:31:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks [2013.01.18 11:29:28 | 000,000,000 | ---D | C] -- C:\Users\HP Berlin\AppData\Local\{E22035BE-8A1C-4035-96FA-D953BE37994D} [2013.01.17 14:39:35 | 000,000,000 | ---D | C] -- C:\Users\HP Berlin\AppData\Local\{26A2ABD7-C09C-4949-84EB-1D3BC0D52E23} [2013.01.16 21:22:49 | 000,000,000 | ---D | C] -- C:\Users\HP Berlin\AppData\Local\{10CDEBC0-9516-45AD-B617-167E78705FE9} [2013.01.16 10:32:55 | 000,000,000 | ---D | C] -- C:\Users\HP Berlin\AppData\Roaming\TuneUp Software [2013.01.16 10:32:48 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software [2013.01.16 10:32:24 | 000,000,000 | -HSD | C] -- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} [2013.01.16 10:32:24 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files [2013.01.16 10:31:46 | 000,000,000 | ---D | C] -- C:\Users\HP Berlin\AppData\Roaming\OpenCandy [2013.01.16 10:31:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft [2013.01.16 10:31:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft [2013.01.16 09:22:28 | 000,000,000 | ---D | C] -- C:\Users\HP Berlin\AppData\Local\{B0833CA2-571E-4F50-9B60-B3734321D4E4} [2013.01.15 12:16:39 | 000,000,000 | ---D | C] -- C:\Users\HP Berlin\Documents\RhinoSoft [2013.01.15 12:08:06 | 000,000,000 | ---D | C] -- C:\Users\HP Berlin\AppData\Local\{8DB237E7-3B8E-4286-A1FB-5B8D44089AF2} [2013.01.14 15:26:11 | 000,000,000 | ---D | C] -- C:\Users\HP Berlin\AppData\Local\{08E74A41-7E90-4B7B-B19F-E22DC0641B9E} [2013.01.13 12:07:27 | 000,000,000 | ---D | C] -- C:\Users\HP Berlin\AppData\Local\{3E93FCFE-2BBF-46A3-92E1-3C69641127FB} [2013.01.13 00:07:07 | 000,000,000 | ---D | C] -- C:\Users\HP Berlin\AppData\Local\{514E49BC-9CEC-4211-9A3C-C994A8A42EF9} [2013.01.12 12:06:48 | 000,000,000 | ---D | C] -- C:\Users\HP Berlin\AppData\Local\{81B49E22-1280-44A5-A93D-E0CEF2885D8A} [2013.01.12 00:06:23 | 000,000,000 | ---D | C] -- C:\Users\HP Berlin\AppData\Local\{BEAC72C7-F3C3-44B9-B099-C27FF1B5A464} [2013.01.11 09:06:44 | 000,000,000 | ---D | C] -- C:\Users\HP Berlin\AppData\Local\{B31D45E5-A91F-450C-9834-76FD5C524D81} [2013.01.10 21:06:24 | 000,000,000 | ---D | C] -- C:\Users\HP Berlin\AppData\Local\{DB8400D2-DD5F-4520-8790-75A62625E449} [2013.01.10 09:06:05 | 000,000,000 | ---D | C] -- C:\Users\HP Berlin\AppData\Local\{9C5FC7AA-93B5-4E53-8206-D92BC2ED4468} [2013.01.09 12:36:22 | 000,000,000 | ---D | C] -- C:\Users\HP Berlin\AppData\Local\{DD65E038-3CFB-48FD-AD6B-C33367B2C862} [2013.01.08 22:40:34 | 000,000,000 | ---D | C] -- C:\Users\HP Berlin\AppData\Local\{8E6389EA-D07D-4AE6-BE8E-6C81D2D4C5E9} [2013.01.08 10:40:13 | 000,000,000 | ---D | C] -- C:\Users\HP Berlin\AppData\Local\{3FE22054-CE6C-485F-B336-FBD9A900A3AC} [2013.01.07 21:38:49 | 000,000,000 | ---D | C] -- C:\Users\HP Berlin\AppData\Local\{5B69C5C7-A253-4A12-A869-4ABFA8054BCA} [2013.01.07 09:38:29 | 000,000,000 | ---D | C] -- C:\Users\HP Berlin\AppData\Local\{9E7FDCE9-F4AF-4748-8EF0-1629B669BCD5} [2013.01.06 10:41:39 | 000,000,000 | ---D | C] -- C:\Users\HP Berlin\AppData\Local\{C391AA47-BE2A-4927-B025-AD2901CEF379} [2013.01.05 22:14:23 | 000,000,000 | ---D | C] -- C:\Users\HP Berlin\AppData\Local\{DAF2F35F-5D1C-4098-B187-A8FF8FE97800} [2013.01.05 11:49:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla [2013.01.05 10:14:04 | 000,000,000 | ---D | C] -- C:\Users\HP Berlin\AppData\Local\{4B3BDEB1-C7D0-4D99-9F72-FA6558784898} [2013.01.04 18:17:38 | 000,000,000 | ---D | C] -- C:\Users\HP Berlin\AppData\Local\{6835AF31-7B5A-4B66-AF92-092AD4F6BBF5} [2012.12.28 09:17:37 | 000,000,000 | ---D | C] -- C:\Users\HP Berlin\AppData\Local\{EF6D371C-2D74-4D81-9321-FE8B48552905} [2012.12.27 12:04:26 | 000,000,000 | ---D | C] -- C:\Users\HP Berlin\AppData\Local\{04E9E2BC-D110-4F4A-A3F0-594FD615DB65} [2012.12.27 00:04:03 | 000,000,000 | ---D | C] -- C:\Users\HP Berlin\AppData\Local\{DABE898A-D631-4CED-AADA-10C4F83659EE} [2 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.01.25 19:21:56 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.01.25 16:14:22 | 000,015,568 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.01.25 16:14:22 | 000,015,568 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.01.25 16:13:19 | 000,007,626 | ---- | M] () -- C:\Users\HP Berlin\AppData\Local\Resmon.ResmonCfg [2013.01.25 16:00:59 | 000,000,794 | ---- | M] () -- C:\Windows\Brownie.ini [2013.01.25 15:59:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.01.25 15:59:34 | 2140,467,199 | -HS- | M] () -- C:\hiberfil.sys [2013.01.25 10:49:12 | 739,675,181 | ---- | M] () -- C:\Windows\MEMORY.DMP [2013.01.23 10:41:02 | 000,000,432 | ---- | M] () -- C:\Windows\BRWMARK.INI [2013.01.21 19:45:30 | 000,001,033 | ---- | M] () -- C:\Users\HP Berlin\Desktop\PhotoScape.lnk [2013.01.21 17:39:32 | 000,001,108 | ---- | M] () -- C:\Users\Public\Desktop\Picasa 3.lnk [2013.01.21 17:20:56 | 000,001,781 | ---- | M] () -- C:\Users\Public\Desktop\Unmechanical.lnk [2013.01.21 17:20:28 | 001,589,518 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2013.01.21 17:20:28 | 000,696,638 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.01.21 17:20:28 | 000,651,956 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.01.21 17:20:28 | 000,147,934 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.01.21 17:20:28 | 000,120,888 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.01.21 17:20:24 | 001,589,518 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.01.18 11:31:40 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll [2013.01.16 10:33:12 | 000,001,241 | ---- | M] () -- C:\Users\HP Berlin\Desktop\DVDVideoSoft Free Studio.lnk [2013.01.14 22:36:28 | 000,033,588 | ---- | M] () -- C:\Users\HP Berlin\Desktop\Notes on Neanderthals.rtf [2 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.01.25 16:13:19 | 000,007,626 | ---- | C] () -- C:\Users\HP Berlin\AppData\Local\Resmon.ResmonCfg [2013.01.21 19:45:30 | 000,001,033 | ---- | C] () -- C:\Users\HP Berlin\Desktop\PhotoScape.lnk [2013.01.21 17:39:32 | 000,001,108 | ---- | C] () -- C:\Users\Public\Desktop\Picasa 3.lnk [2013.01.21 17:20:56 | 000,001,781 | ---- | C] () -- C:\Users\Public\Desktop\Unmechanical.lnk [2013.01.16 10:33:12 | 000,001,241 | ---- | C] () -- C:\Users\HP Berlin\Desktop\DVDVideoSoft Free Studio.lnk [2013.01.14 22:36:28 | 000,033,588 | ---- | C] () -- C:\Users\HP Berlin\Desktop\Notes on Neanderthals.rtf [2012.12.25 00:12:47 | 000,022,898 | ---- | C] () -- C:\Windows\HL-3070CW.INI [2012.12.24 20:04:56 | 000,000,153 | ---- | C] () -- C:\Windows\BRVIDEO.INI [2012.12.24 20:04:56 | 000,000,000 | ---- | C] () -- C:\Windows\brmx2001.ini [2012.12.24 20:04:02 | 000,000,432 | ---- | C] () -- C:\Windows\BRWMARK.INI [2012.12.24 20:03:56 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\BRTCPCON.DLL [2012.12.24 20:03:55 | 000,000,114 | ---- | C] () -- C:\Windows\SysWow64\BRLMW03A.INI [2012.12.24 20:00:28 | 000,000,794 | ---- | C] () -- C:\Windows\Brownie.ini [2012.06.30 21:31:01 | 001,589,518 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012.06.16 10:30:21 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2012.06.16 10:30:21 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2012.06.16 10:30:21 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2012.06.16 10:30:21 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2012.06.16 10:30:21 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2011.08.23 20:25:53 | 000,074,240 | ---- | C] () -- C:\Windows\AKDeInstall.exe [2011.06.08 15:51:36 | 000,111,932 | ---- | C] () -- C:\Windows\SysWow64\EPPICPrinterDB.dat [2011.06.08 15:51:36 | 000,031,053 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern131.dat [2011.06.08 15:51:36 | 000,027,417 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern121.dat [2011.06.08 15:51:36 | 000,026,154 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern1.dat [2011.06.08 15:51:36 | 000,024,903 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern3.dat [2011.06.08 15:51:36 | 000,021,390 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern5.dat [2011.06.08 15:51:36 | 000,020,148 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern2.dat [2011.06.08 15:51:36 | 000,011,811 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern4.dat [2011.06.08 15:51:36 | 000,004,943 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern6.dat [2011.06.08 15:51:36 | 000,001,146 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_DU.dat [2011.06.08 15:51:36 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_PT.dat [2011.06.08 15:51:36 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_BP.dat [2011.06.08 15:51:36 | 000,001,136 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_ES.dat [2011.06.08 15:51:36 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_FR.dat [2011.06.08 15:51:36 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_CF.dat [2011.06.08 15:51:36 | 000,001,120 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_IT.dat [2011.06.08 15:51:36 | 000,001,107 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_GE.dat [2011.06.08 15:51:36 | 000,001,104 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_EN.dat [2011.06.08 15:51:36 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini ========== LOP Check ========== [2010.08.31 09:00:39 | 000,000,552 | ---- | M] () -- C:\Windows\Tasks\PCDRScheduledMaintenance.job [2012.11.24 09:28:16 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== < End of report > Code:
ATTFilter OTL Extras logfile created on: 26.11.2012 10:26:48 - Run 6 OTL by OldTimer - Version 3.2.48.0 Folder = C:\Users\HP Berlin\Desktop\AntiSpyware 64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy 7,99 Gb Total Physical Memory | 5,75 Gb Available Physical Memory | 71,93% Memory free 11,90 Gb Paging File | 9,57 Gb Available in Paging File | 80,43% Paging File free Paging file location(s): [Binary data over 100 bytes] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 684,15 Gb Total Space | 491,97 Gb Free Space | 71,91% Space Free | Partition Type: NTFS Drive D: | 14,39 Gb Total Space | 2,53 Gb Free Space | 17,55% Space Free | Partition Type: NTFS Drive E: | 698,64 Gb Total Space | 504,82 Gb Free Space | 72,26% Space Free | Partition Type: NTFS Unable to calculate disk information. Drive O: | 1396,92 Gb Total Space | 839,31 Gb Free Space | 60,08% Space Free | Partition Type: FAT32 Computer Name: HPBERLIN-PC | User Name: HP Berlin | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan) Directory [CEWE FOTOSCHAU] -- "C:\Program Files (x86)\SCHLECKER\SCHLECKER Foto Digital Service\CEWE FOTOSCHAU.exe" -d "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Directory [SCHLECKER Foto Digital Service] -- "C:\Program Files (x86)\SCHLECKER\SCHLECKER Foto Digital Service\SCHLECKER Foto Digital Service.exe" "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" () Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan) Directory [CEWE FOTOSCHAU] -- "C:\Program Files (x86)\SCHLECKER\SCHLECKER Foto Digital Service\CEWE FOTOSCHAU.exe" -d "%1" () Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" () Directory [SCHLECKER Foto Digital Service] -- "C:\Program Files (x86)\SCHLECKER\SCHLECKER Foto Digital Service\SCHLECKER Foto Digital Service.exe" "%1" () Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirewallDisableNotify" = 0 "AntiVirusDisableNotify" = 0 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== System Restore Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 ========== Firewall Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile] [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 "DefaultOutboundAction" = 0 "DefaultInboundAction" = 1 "DisableUnicastResponsesToMulticastBroadcast" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 "DefaultOutboundAction" = 0 "DefaultInboundAction" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 "DefaultOutboundAction" = 0 "DefaultInboundAction" = 1 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files (x86)\fotobuch\Designer 2.0\Designer.exe" = C:\Program Files (x86)\fotobuch\Designer 2.0\Designer.exe:*:Designer.exe -- () "C:\Program Files (x86)\fotobuch\Designer 2.0\Designer.exe" = C:\Program Files (x86)\fotobuch\Designer 2.0\Designer.exe:*:Designer.exe -- () ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{0A6723F1-3AA5-4178-A134-378DFD45C9DD}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{2F5FB749-1B56-4F53-8ADB-1AE77AC19E15}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{30F7E1EA-4ACC-4B21-90F4-3266647E4E0B}" = lport=139 | protocol=6 | dir=in | app=system | "{37982EEA-E668-4804-983F-16B4ECADA90A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{3FE195CA-DACC-45C3-A17B-B519D76A3FA6}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe | "{445CAABC-9528-4371-BE02-38A95611AD55}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{46198814-B7C6-442B-84A0-9915B1F345AF}" = lport=10243 | protocol=6 | dir=in | app=system | "{4F7C2CFA-DF80-45BF-A619-7FD42A20FF3C}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{57C75115-701B-4DDB-A8D3-C6C2FC0E73F2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{5C139211-916A-4472-B674-4F9588905141}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{66C05EB8-41FA-432B-978B-F81DD97BD24C}" = lport=445 | protocol=6 | dir=in | app=system | "{73AB7051-BCB8-4F39-8850-013CBE62F07E}" = rport=139 | protocol=6 | dir=out | app=system | "{7B127F56-E23A-40B6-A3E1-0BFBE18201C4}" = lport=137 | protocol=17 | dir=in | app=system | "{7B8EB3BD-48B0-410B-BB7B-729068BF66AD}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{7B915E9C-D0BD-497E-96FC-7D73C7A094F5}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{7EAF5E7C-22AA-425E-9236-D9AE254B7768}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{893E1496-5BAF-4611-B4F3-35F6958A15AF}" = rport=445 | protocol=6 | dir=out | app=system | "{A11796D3-B610-4572-B96B-B5733AD49081}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{A789C1F8-BDA6-4E11-AB15-94B64B29EAEC}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{B99B63A6-6704-4806-A31A-CBD27FF86385}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{C46FD838-F370-4FB8-9BBD-BFE2BB3D21AE}" = rport=138 | protocol=17 | dir=out | app=system | "{D570279A-C23E-45E3-98B9-6293B8109E35}" = rport=137 | protocol=17 | dir=out | app=system | "{D83548CD-891C-4AF8-A147-227D4CEEBE80}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{F3DCE4C2-A6BA-40DF-A559-C756A07A84E2}" = lport=2869 | protocol=6 | dir=in | app=system | "{FC62FB21-724A-4002-8F9B-45D678464F21}" = rport=10243 | protocol=6 | dir=out | app=system | "{FF93FBAD-D33D-44A0-8823-5E1F2B265085}" = lport=138 | protocol=17 | dir=in | app=system | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{00426580-9ED5-4086-84F4-BCD2D955E7D3}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | "{04157473-AD19-427C-A1EC-E2E2B8A5B405}" = protocol=6 | dir=in | app=c:\program files\spamihilator\cdcc.exe | "{06011756-9F1E-488C-8488-0BEFA68DB070}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | "{0E644D02-DA0A-4740-97A5-1DFC549EBB46}" = protocol=17 | dir=in | app=c:\program files\spamihilator\dccproc.exe | "{1038B6B3-8008-4289-91FA-BB024639C61F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{1246896F-3FB6-4B4A-AE7E-76A6D712B4BD}" = protocol=6 | dir=in | app=c:\program files\spamihilator\dccproc.exe | "{49D25E51-A077-455D-BBFD-EFDDE6F92F4F}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{4A6B2281-4B33-4A87-B3D4-C1FC43DEAEA8}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{5D9632EA-5BF4-47E5-BA2E-A24ADBA0F1EA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{62C37E21-43C8-45B1-9CCF-948FC7DC5C14}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | "{6FD5C595-8E48-45E4-ABD5-E063803224B1}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{73E77AE3-AB57-48D1-A9EC-557C04A8C3F3}" = protocol=17 | dir=in | app=c:\program files\spamihilator\spamihilator.exe | "{75E23F31-B9E5-4DB8-AFFF-79297D1D67F2}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe | "{7AC716B8-197A-465E-A9B9-04815AC0B2C8}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{88EE2069-9573-4CF0-9FA2-B178C3A5849E}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{89F109EA-945C-48CA-8C36-1810DD70A418}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{8BB68255-F14C-48C0-A050-AA89F03C896A}" = protocol=6 | dir=in | app=c:\program files\spamihilator\spamihilator.exe | "{9ACDEE99-9124-4EFE-B3AA-AF8F9D5BE477}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | "{9D04A4BE-A3FB-40C5-B433-60432A99EA17}" = protocol=17 | dir=in | app=c:\program files\spamihilator\cdcc.exe | "{9E39D92A-B621-4941-AE43-902B9C4FBEE1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{9F5CD7B7-9201-45E5-942F-F93CAA8E8ECF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{9FFDAA89-1AB4-46DC-B94C-8FFE4C74FB54}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{AD814EF6-5D1A-427D-8497-13D08AA46E31}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{ADAAE05A-71EB-4674-A1C2-72D8370ED6EE}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | "{C5F1BEA8-0071-44F1-AA8A-E83DBF173EED}" = protocol=6 | dir=out | app=system | "{CA37F01F-C9E8-4534-BE0C-5819A8AB164F}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{CBFBAAD6-7115-40EE-94B9-9CE0054EF007}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{CD11C58A-E577-48D9-B13F-31E458643A14}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{D112E899-0A10-4EDF-8B84-7032A3705F11}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe | "{DD37C8FA-FBA3-4D7C-BEEC-AED4EB6E5D57}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{EEA85D8E-D5B6-489E-A41B-6642922D4302}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{F8AC9631-8608-4EEB-A96B-B424083CC915}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "TCP Query User{102458A7-93BA-4D2D-B502-45DF3BB2900A}C:\users\hp berlin\appdata\roaming\biyva\myasi.exe" = protocol=6 | dir=in | app=c:\users\hp berlin\appdata\roaming\biyva\myasi.exe | "TCP Query User{84C1C32E-56CB-4A32-B885-A62A7503272E}C:\program files (x86)\macromedia\dreamweaver 4\dreamweaver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\macromedia\dreamweaver 4\dreamweaver.exe | "TCP Query User{A5A45BC6-9DCF-4B5B-A37A-EA078AEC33B8}C:\users\hp berlin\appdata\roaming\biyva\myasi.exe" = protocol=6 | dir=in | app=c:\users\hp berlin\appdata\roaming\biyva\myasi.exe | "TCP Query User{E52E0D2E-1531-4222-BDA3-D944DD821488}C:\program files (x86)\ws_ftp pro\wsftppro.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ws_ftp pro\wsftppro.exe | "UDP Query User{541FCEAC-C572-4E00-962C-F65FB624CE20}C:\program files (x86)\macromedia\dreamweaver 4\dreamweaver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\macromedia\dreamweaver 4\dreamweaver.exe | "UDP Query User{7DC7B10E-DB97-4F83-88FD-6ECF7E8525C0}C:\program files (x86)\ws_ftp pro\wsftppro.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ws_ftp pro\wsftppro.exe | "UDP Query User{E869A862-D593-4352-B36B-50FBC58E2511}C:\users\hp berlin\appdata\roaming\biyva\myasi.exe" = protocol=17 | dir=in | app=c:\users\hp berlin\appdata\roaming\biyva\myasi.exe | "UDP Query User{FA483786-E7FA-404E-9D26-E6AC6A497359}C:\users\hp berlin\appdata\roaming\biyva\myasi.exe" = protocol=17 | dir=in | app=c:\users\hp berlin\appdata\roaming\biyva\myasi.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack "{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64) "{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}" = Windows Live Family Safety "{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant "{2128559D-BBCD-4744-87F0-7C0CD5CFB464}" = Windows Live Family Safety "{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition) "{26280024-DFB7-4967-90DB-7F9C6660D01E}" = HP MediaSmart SmartMenu "{26F481C6-8DBE-4F8B-9D8D-715081C23ADE}" = Adobe Premiere Elements 10 "{2BF35D84-6377-4F70-9F39-97CF67E67FFF}" = Microsoft IntelliPoint 8.0 "{3BBD5B14-D5E1-4863-946F-BE91A2B0C3AE}" = Spamihilator 1.0.0 (64-Bit) "{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll "{3DAE9A67-DD8D-4EDB-91F7-7B5132B1864D}" = SmartSound Premiere Elements 10 x64 Plugin "{467D5E81-8349-4892-9E81-C3674ED8E451}" = Cisco Systems VPN Client 5.0.07.0290 "{48F04AD2-77E9-45F3-8A4F-F5D38E519F02}" = BOINC "{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended "{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010 "{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010 "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{98C8DF59-BE5F-4EC2-9B12-FD2A54928EDB}" = Microsoft IntelliType Pro 8.0 "{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 "{B8AD779A-82DA-4365-A7D0-AD3DCFC55CFF}" = Apple Mobile Device Support "{CF8FFD12-602B-422D-AF1D-511B411E7632}" = iTunes "{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}" = Microsoft SQL Server Compact 3.5 SP2 x64 ENU "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter "{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "GPL Ghostscript 9.05" = GPL Ghostscript "GSview 5.0" = GSview 5.0 "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended "Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack "NVIDIA Display Control Panel" = NVIDIA Display Control Panel "NVIDIA Drivers" = NVIDIA Drivers "OfficeTrial" = Testversion von Microsoft Office Home and Student 2007 "PC-Doctor for Windows" = Hardwarediagnosetools "PremElem100" = Adobe Premiere Elements 10 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{11D08055-939C-432b-98C3-E072478A0CD7}" = PSE10 STI Installer "{13702021-43FB-480C-912F-D9B74A538288}" = OpenProj "{15F02176-0D12-4FAF-B2CD-2767C7781427}" = Google SketchUp 8 "{1D273D91-D7D5-4036-8B84-EB4615FF5F81}" = SmartSound Sonicfire Pro 5 "{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources "{1E9A9E08-0366-45EE-9B66-51852F8D9812}" = Open Workbench "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{22D3A614-482C-444A-932C-9DA1B8ECDFD2}" = Elements 10 Organizer "{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library "{25569723-DC5A-4467-A639-79535BF01B71}" = Adobe Help Center 2.1 "{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 17 "{3023EBDA-BF1B-4831-B347-E5018555F26E}" = HP MediaSmart Movie Themes "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack "{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works "{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU "{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go "{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = PowerRecover "{4F46FDB9-B906-47BF-B3D5-C62E01B3C5EE}" = HP Support Assistant "{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime "{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth "{5B295588-59C1-4386-9F85-BB4BEDCB0D22}" = HP Customer Experience Enhancements "{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 "{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.0.0 "{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2 "{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{868291A4-229E-4795-B0B0-E60E87AF53CD}" = Sibelius Scorch (ActiveX Only) "{88E62BD7-A532-48F6-8428-D949BB93A2D7}" = Play Wireless USB Adapter "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System "{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010 "{90140000-0015-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010 "{90140000-0016-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010 "{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010 "{90140000-0019-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010 "{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010 "{90140000-001B-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010 "{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010 "{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010 "{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010 "{90140000-001F-0410-0000-0000000FF1CE}_Office14.PROPLUSR_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002A-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010 "{90140000-002C-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010 "{90140000-0044-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010 "{90140000-006E-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010 "{90140000-00A1-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010 "{90140000-00BA-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1) "{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010 "{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1) "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German) "{959282E3-55A9-49D8-B885-D27CF8A2FD82}" = PHOTOfunSTUDIO 5.0 HD Edition "{969E11AA-8F3A-F162-1A5A-0965E216B6CE}" = Adobe Download Assistant "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{9F06F464-479A-403E-AF92-70CBB8D674A1}" = PRE10STI64Installer "{A127C3C0-055E-38CF-B38F-1E85F8BBBFFE}" = Adobe Community Help "{A1A2ACDC-0C22-4EB1-B958-1898A93DAF28}" = TV Movie ClickFinder "{A436F67F-687E-4736-BD2B-537121A804CF}" = HP Product Detection "{A5BA14E0-7384-11D4-BAE7-00409631A2C8}" = Macromedia Extension Manager "{A7B609FB-83D8-4FC3-8477-1BC65ECFE85B}" = Adobe Photoshop Elements 5.0 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{ABDA9912-5D00-11D4-BAE7-9367CA097955}" = Macromedia Dreamweaver 4 "{AC76BA86-7AD7-1031-7B44-A92000000001}" = Adobe Reader 9.2 - Deutsch "{AD708DF0-9F04-4CB3-821A-85804A833B4D}" = ArcSoft Camera Suite "{ADFB7C0D-854E-4FDA-8861-9447F182AEF9}" = Dynamic Draw 5.4 "{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie "{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail "{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video "{B53E61D7-7C80-40DF-82D2-CF5390D6D20A}" = HP Advisor "{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data "{B8AC1A89-FFD1-4F97-8051-E505A160F562}" = HP Odometer "{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}" = HP Support Information "{C2425F91-1F7B-4037-9A05-9F290184798D}" = NETGEAR WNA3100 wireless USB 2.0 adapter "{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint "{C611CF88-969D-43E6-A877-D6D6439DD081}" = HP Remote Solution "{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D0194539-8118-4FD7-8ABA-912B2D479B48}" = Ulead Photo Explorer 6.0 "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64 "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{D46D081B-F60E-467E-A7C4-117B70D76731}" = HP Update "{D765F1CE-5AE5-4C47-B134-AE58AC474740}" = OpenOffice.org 3.1 "{DB780B85-B4B5-4864-A49C-9B706B169C93}" = TIPCI "{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD "{DD6C316A-FE75-4FBB-9D22-4C1920232B72}" = LightScribe System Software "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E12C6653-1FF0-4686-ADB8-589C13AE761F}" = Citavi "{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager "{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker "{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0 "{E9E34215-82EF-4909-BE2F-F581F0DC9062}" = DirectX for Managed Code Update (Summer 2004) "{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support "{ECE80888-45E5-46FD-8E0C-FEF3648847BB}" = Sibelius Scorch (all browsers) "{EE549AF9-8FAA-4584-83B2-ECF1BC9DC1FF}" = Adobe Photoshop Elements 10 "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F3B912F5-EB57-45AA-B3D1-EB532BCF6EF8}" = HP Setup "{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0 "{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials "{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "8781-9705-0578-2960" = Medienmanager 1.3.0 "8BF2152B-6835-4FF3-A2EC-5BDAB46DCDFF_is1" = Accord CD Ripper Free 6.3.2 "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX "Adobe Photoshop 7.0" = Adobe Photoshop 7.0 "Adobe Photoshop Elements 10" = Adobe Photoshop Elements 10 "Adobe Photoshop Elements 5" = Adobe Photoshop Elements 5.0 "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.9 "Astrorix Gold" = Astrorix Gold "Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.11 (Unicode) "Aura Video Converter_is1" = Aura Video Converter 1.2.3 "Aura4You Software Manager_is1" = Aura4You Software Manager 1.0.1 "Avira AntiVir Desktop" = Avira Free Antivirus "CAL" = Canon Camera Access Library "CameraWindowDVC5" = Canon Camera Window DC_DV 5 for ZoomBrowser EX "CameraWindowDVC6" = Canon Camera Window DC_DV 6 for ZoomBrowser EX "CameraWindowMC" = Canon Camera Window MC 6 for ZoomBrowser EX "CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task "Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX "Carlton Books Demo" = Carlton Books Demo "CassetteMate" = CassetteMate "Cell_Biology_Interactive" = Cell Biology Interactive "chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help "com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant "CSCLIB" = Canon Camera Support Core Library "Cuber Extreme" = Cuber Extreme "Designer 2.0_is1" = Designer 2.0 "EasyBits Magic Desktop" = Magic Desktop "EOS Utility" = Canon Utilities EOS Utility "EVEREST Ultimate Edition_is1" = EVEREST Ultimate Edition v5.30 "FFsim" = Feuerwehr-Simulator 2010 "FileZilla Client" = FileZilla Client 3.5.3 "Free 3D Video Maker_is1" = Free 3D Video Maker version 1.0.1.426 "Free 3GP Video Converter_is1" = Free 3GP Video Converter version 3.7.26.602 "Free Audio CD Burner_is1" = Free Audio CD Burner version 1.2 "Free Audio CD to MP3 Converter_is1" = Free Audio CD to MP3 Converter version 1.3.12.1228 "Free Audio Converter_is1" = Free Audio Converter version 2.2.9 "Free Audio Dub_is1" = Free Audio Dub version 1.7.9.602 "Free DVD Video Converter_is1" = Free DVD Video Converter version 2.0.11.1005 "Free Video Dub_is1" = Free Video Dub version 1.8.12.602 "Free Video Flip and Rotate_is1" = Free Video Flip and Rotate version 1.8.12.602 "Free Video to Flash Converter_is1" = Free Video to Flash Converter version 4.7.25.602 "Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.3 "HandBrake" = HandBrake 0.9.6 "HijackThis" = HijackThis 2.0.2 "HP Remote Solution" = HP Remote Solution "InstallShield_{1D273D91-D7D5-4036-8B84-EB4615FF5F81}" = SmartSound Sonicfire Pro 5 "InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe "InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = HP MediaSmart Movie Themes "InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go "InstallShield_{88E62BD7-A532-48F6-8428-D949BB93A2D7}" = Play Wireless USB Adapter "InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video "InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data "InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint "InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector "InstallShield_{DB780B85-B4B5-4864-A49C-9B706B169C93}" = Texas Instruments PCIxx21/x515/xx12 drivers. "InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD "IrfanView" = IrfanView (remove only) "LAME for Audacity_is1" = LAME v3.98.2 for Audacity "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.0.1400 "Mozilla Firefox 15.0.1 (x86 de)" = Mozilla Firefox 15.0.1 (x86 de) "MultitrackStudio_is1" = MultitrackStudio Lite 6.0 "Office14.PROPLUSR" = Microsoft Office Professional Plus 2010 "PDF reDirect" = PDF reDirect (remove only) "phase-6" = phase-6 2.3.1a "PhotoStitch" = Canon Utilities PhotoStitch "PixelNet Foto Client" = PixelNet Foto Client 4.8 "Rainlendar2" = Rainlendar2 (remove only) "RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX "RealPlayer 12.0" = RealPlayer "RemoteCaptureTask" = Canon RemoteCapture Task for ZoomBrowser EX "SCHLECKER Foto Digital Service" = SCHLECKER Foto Digital Service "Scratch" = Scratch "StarBall_is1" = Star Ball "TeamViewer 5" = TeamViewer 5 "TFA_Nexus" = TFA_Nexus "Uninstall_is1" = Uninstall 1.0.0.1 "VLC media player" = VLC media player 1.1.10 "WildTangent hp Master Uninstall" = HP Games "WildTangent wildgames Master Uninstall" = WildTangent-Spiele "WinFuture xp-Iso-Builder 3_is1" = WinFuture xp-Iso-Builder 3.0.8 "WinGimp-2.0_is1" = GIMP 2.6.10 "WinLiveSuite" = Windows Live Essentials "Winsyntax" = Winsyntax 2.0 "WMBackup-BackupfürWindowsMail" = WMBackup - Windows Mail Backup "WS_FTP Pro" = Ipswitch WS_FTP Pro "ZoomBrowser EX" = Canon Utilities ZoomBrowser EX ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-165768795-3393855570-1586056821-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{EE20E438-B675-4421-AB07-928F0EC9FB22}_is1" = Albelli Fotobücher "Dropbox" = Dropbox "UnityWebPlayer" = Unity Web Player ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 25.11.2012 13:21:03 | Computer Name = HPBerlin-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei. . Error - 25.11.2012 13:21:03 | Computer Name = HPBerlin-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei. . Error - 25.11.2012 13:21:03 | Computer Name = HPBerlin-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei. . Error - 25.11.2012 13:23:02 | Computer Name = HPBerlin-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei. . Error - 25.11.2012 13:23:02 | Computer Name = HPBerlin-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei. . Error - 25.11.2012 13:23:02 | Computer Name = HPBerlin-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei. . Error - 25.11.2012 13:23:02 | Computer Name = HPBerlin-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei. . Error - 25.11.2012 13:23:02 | Computer Name = HPBerlin-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei. . Error - 25.11.2012 13:23:02 | Computer Name = HPBerlin-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei. . Error - 25.11.2012 13:23:02 | Computer Name = HPBerlin-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei. . Error - 25.11.2012 13:23:02 | Computer Name = HPBerlin-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei. . [ System Events ] Error - 24.11.2012 19:30:06 | Computer Name = HPBerlin-PC | Source = Schannel | ID = 36888 Description = Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10. Error - 24.11.2012 19:30:06 | Computer Name = HPBerlin-PC | Source = Schannel | ID = 36888 Description = Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10. Error - 24.11.2012 19:30:06 | Computer Name = HPBerlin-PC | Source = Schannel | ID = 36888 Description = Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10. Error - 24.11.2012 19:30:06 | Computer Name = HPBerlin-PC | Source = Schannel | ID = 36888 Description = Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10. Error - 25.11.2012 05:37:10 | Computer Name = HPBerlin-PC | Source = Service Control Manager | ID = 7009 Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Belkin WLAN service erreicht. Error - 25.11.2012 05:37:10 | Computer Name = HPBerlin-PC | Source = Service Control Manager | ID = 7000 Description = Der Dienst "Belkin WLAN service" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error - 26.11.2012 04:54:21 | Computer Name = HPBerlin-PC | Source = Service Control Manager | ID = 7009 Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Belkin WLAN service erreicht. Error - 26.11.2012 04:54:21 | Computer Name = HPBerlin-PC | Source = Service Control Manager | ID = 7000 Description = Der Dienst "Belkin WLAN service" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error - 26.11.2012 05:21:11 | Computer Name = HPBerlin-PC | Source = Service Control Manager | ID = 7009 Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Belkin WLAN service erreicht. Error - 26.11.2012 05:21:11 | Computer Name = HPBerlin-PC | Source = Service Control Manager | ID = 7000 Description = Der Dienst "Belkin WLAN service" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 < End of report > was schlagt ihr vor? neben avira läuft auch gerade ESET. welche programme soll ich noch drüberlaufen lassen? danke, shopgirl |
25.01.2013, 20:08 | #2 |
| win 7 plötzlich seeehr langsam, html/redir.eb.8 Hat oben keinen Platz mehr gehabt:
__________________TDSS Killer: Code:
ATTFilter 15:19:47.0636 5456 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35 15:19:47.0823 5456 ============================================================ 15:19:47.0823 5456 Current date / time: 2012/11/23 15:19:47.0823 15:19:47.0823 5456 SystemInfo: 15:19:47.0823 5456 15:19:47.0823 5456 OS Version: 6.1.7600 ServicePack: 0.0 15:19:47.0823 5456 Product type: Workstation 15:19:47.0823 5456 ComputerName: HPBERLIN-PC 15:19:47.0823 5456 UserName: HP Berlin 15:19:47.0823 5456 Windows directory: C:\Windows 15:19:47.0823 5456 System windows directory: C:\Windows 15:19:47.0823 5456 Running under WOW64 15:19:47.0823 5456 Processor architecture: Intel x64 15:19:47.0823 5456 Number of processors: 8 15:19:47.0823 5456 Page size: 0x1000 15:19:47.0823 5456 Boot type: Normal boot 15:19:47.0823 5456 ============================================================ 15:19:48.0228 5456 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 15:19:48.0244 5456 Drive \Device\Harddisk1\DR1 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 15:19:48.0244 5456 Drive \Device\Harddisk2\DR2 - Size: 0x15D50F66000 (1397.27 Gb), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W' 15:19:48.0260 5456 ============================================================ 15:19:48.0260 5456 \Device\Harddisk0\DR0: 15:19:48.0260 5456 MBR partitions: 15:19:48.0260 5456 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000 15:19:48.0260 5456 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x5584C800 15:19:48.0260 5456 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x5587F000, BlocksNum 0x1CC6800 15:19:48.0260 5456 \Device\Harddisk1\DR1: 15:19:48.0260 5456 MBR partitions: 15:19:48.0260 5456 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x575452C2 15:19:48.0260 5456 \Device\Harddisk2\DR2: 15:19:48.0260 5456 MBR partitions: 15:19:48.0260 5456 \Device\Harddisk2\DR2\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0xAEA86702 15:19:48.0260 5456 ============================================================ 15:19:48.0275 5456 C: <-> \Device\Harddisk0\DR0\Partition2 15:19:48.0291 5456 E: <-> \Device\Harddisk1\DR1\Partition1 15:19:48.0338 5456 D: <-> \Device\Harddisk0\DR0\Partition3 15:19:48.0338 5456 O: <-> \Device\Harddisk2\DR2\Partition1 15:19:48.0338 5456 ============================================================ 15:19:48.0338 5456 Initialize success 15:19:48.0338 5456 ============================================================ 15:19:53.0564 0488 ============================================================ 15:19:53.0564 0488 Scan started 15:19:53.0564 0488 Mode: Manual; SigCheck; TDLFS; 15:19:53.0564 0488 ============================================================ 15:19:54.0437 0488 ================ Scan system memory ======================== 15:19:54.0437 0488 System memory - ok 15:19:54.0437 0488 ================ Scan services ============================= 15:19:54.0593 0488 [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys 15:19:54.0718 0488 1394ohci - ok 15:19:54.0734 0488 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys 15:19:54.0749 0488 ACPI - ok 15:19:54.0749 0488 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys 15:19:54.0843 0488 AcpiPmi - ok 15:19:54.0983 0488 [ 047BD1EB681453A7FE492A71802AC9F3 ] AdobeActiveFileMonitor10.0 C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe 15:19:54.0999 0488 AdobeActiveFileMonitor10.0 - ok 15:19:55.0092 0488 [ 177FF6608B48638D4066726F3A3F8444 ] AdobeActiveFileMonitor5.0 C:\Program Files (x86)\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe 15:19:55.0139 0488 AdobeActiveFileMonitor5.0 ( UnsignedFile.Multi.Generic ) - warning 15:19:55.0139 0488 AdobeActiveFileMonitor5.0 - detected UnsignedFile.Multi.Generic (1) 15:19:55.0186 0488 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys 15:19:55.0217 0488 adp94xx - ok 15:19:55.0264 0488 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys 15:19:55.0295 0488 adpahci - ok 15:19:55.0311 0488 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys 15:19:55.0326 0488 adpu320 - ok 15:19:55.0358 0488 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 15:19:55.0498 0488 AeLookupSvc - ok 15:19:55.0529 0488 [ B9384E03479D2506BC924C16A3DB87BC ] AFD C:\Windows\system32\drivers\afd.sys 15:19:55.0607 0488 AFD - ok 15:19:55.0654 0488 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys 15:19:55.0670 0488 agp440 - ok 15:19:55.0716 0488 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe 15:19:55.0779 0488 ALG - ok 15:19:55.0794 0488 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys 15:19:55.0810 0488 aliide - ok 15:19:55.0826 0488 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\DRIVERS\amdide.sys 15:19:55.0841 0488 amdide - ok 15:19:55.0872 0488 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys 15:19:55.0904 0488 AmdK8 - ok 15:19:55.0935 0488 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys 15:19:55.0966 0488 AmdPPM - ok 15:19:55.0982 0488 [ 7A4B413614C055935567CF88A9734D38 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys 15:19:55.0997 0488 amdsata - ok 15:19:56.0044 0488 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys 15:19:56.0075 0488 amdsbs - ok 15:19:56.0106 0488 [ B4AD0CACBAB298671DD6F6EF7E20679D ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys 15:19:56.0122 0488 amdxata - ok 15:19:56.0200 0488 [ 0A1CC583E8147004E4AD4625D7FBF88C ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe 15:19:56.0231 0488 AntiVirSchedulerService - ok 15:19:56.0262 0488 [ C9A36EF935ACED86AEDF93E97E606911 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe 15:19:56.0309 0488 AntiVirService - ok 15:19:56.0325 0488 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\Windows\system32\drivers\appid.sys 15:19:56.0434 0488 AppID - ok 15:19:56.0450 0488 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll 15:19:56.0496 0488 AppIDSvc - ok 15:19:56.0528 0488 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\Windows\System32\appinfo.dll 15:19:56.0590 0488 Appinfo - ok 15:19:56.0668 0488 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 15:19:56.0699 0488 Apple Mobile Device - ok 15:19:56.0762 0488 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys 15:19:56.0777 0488 arc - ok 15:19:56.0808 0488 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys 15:19:56.0808 0488 arcsas - ok 15:19:56.0918 0488 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 15:19:56.0964 0488 aspnet_state - ok 15:19:56.0996 0488 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 15:19:57.0089 0488 AsyncMac - ok 15:19:57.0120 0488 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\DRIVERS\atapi.sys 15:19:57.0136 0488 atapi - ok 15:19:57.0167 0488 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 15:19:57.0214 0488 AudioEndpointBuilder - ok 15:19:57.0230 0488 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\Windows\System32\Audiosrv.dll 15:19:57.0261 0488 AudioSrv - ok 15:19:57.0323 0488 [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys 15:19:57.0386 0488 avgntflt - ok 15:19:57.0417 0488 [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys 15:19:57.0448 0488 avipbb - ok 15:19:57.0479 0488 [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys 15:19:57.0495 0488 avkmgr - ok 15:19:57.0510 0488 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\Windows\System32\AxInstSV.dll 15:19:57.0604 0488 AxInstSV - ok 15:19:57.0620 0488 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys 15:19:57.0698 0488 b06bdrv - ok 15:19:57.0713 0488 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 15:19:57.0760 0488 b57nd60a - ok 15:19:57.0822 0488 [ E49110A58A32E9450356686A95DD7763 ] BCMH43XX C:\Windows\system32\DRIVERS\bcmwlhigh664.sys 15:19:57.0869 0488 BCMH43XX - ok 15:19:57.0885 0488 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll 15:19:57.0947 0488 BDESVC - ok 15:19:57.0963 0488 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys 15:19:58.0025 0488 Beep - ok 15:19:58.0056 0488 [ 4992C609A6315671463E30F6512BC022 ] BFE C:\Windows\System32\bfe.dll 15:19:58.0103 0488 BFE - ok 15:19:58.0212 0488 [ ACC9C8C560C567FAD6F79C977AB2EA09 ] bgsvcgen C:\Windows\SysWOW64\bgsvcgen.exe 15:19:58.0244 0488 bgsvcgen - ok 15:19:58.0290 0488 [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS C:\Windows\system32\qmgr.dll 15:19:58.0368 0488 BITS - ok 15:19:58.0400 0488 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 15:19:58.0431 0488 blbdrive - ok 15:19:58.0509 0488 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 15:19:58.0540 0488 Bonjour Service - ok 15:19:58.0571 0488 [ 91CE0D3DC57DD377E690A2D324022B08 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 15:19:58.0618 0488 bowser - ok 15:19:58.0649 0488 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys 15:19:58.0696 0488 BrFiltLo - ok 15:19:58.0712 0488 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys 15:19:58.0743 0488 BrFiltUp - ok 15:19:58.0758 0488 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys 15:19:58.0852 0488 BridgeMP - ok 15:19:58.0899 0488 [ 94FBC06F294D58D02361918418F996E3 ] Browser C:\Windows\System32\browser.dll 15:19:58.0930 0488 Browser - ok 15:19:58.0946 0488 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys 15:19:58.0977 0488 Brserid - ok 15:19:58.0992 0488 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 15:19:59.0024 0488 BrSerWdm - ok 15:19:59.0039 0488 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 15:19:59.0055 0488 BrUsbMdm - ok 15:19:59.0086 0488 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 15:19:59.0133 0488 BrUsbSer - ok 15:19:59.0148 0488 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys 15:19:59.0211 0488 BTHMODEM - ok 15:19:59.0242 0488 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll 15:19:59.0320 0488 bthserv - ok 15:19:59.0382 0488 catchme - ok 15:19:59.0445 0488 [ 5753532C476B83119D85AA43B1B10AB3 ] CCALib8 C:\Program Files (x86)\Canon\CAL\CALMAIN.exe 15:19:59.0507 0488 CCALib8 ( UnsignedFile.Multi.Generic ) - warning 15:19:59.0507 0488 CCALib8 - detected UnsignedFile.Multi.Generic (1) 15:19:59.0538 0488 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 15:19:59.0585 0488 cdfs - ok 15:19:59.0601 0488 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 15:19:59.0632 0488 cdrom - ok 15:19:59.0679 0488 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\Windows\System32\certprop.dll 15:19:59.0741 0488 CertPropSvc - ok 15:19:59.0757 0488 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys 15:19:59.0788 0488 circlass - ok 15:19:59.0819 0488 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys 15:19:59.0850 0488 CLFS - ok 15:19:59.0897 0488 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 15:19:59.0928 0488 clr_optimization_v2.0.50727_32 - ok 15:19:59.0960 0488 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 15:19:59.0991 0488 clr_optimization_v2.0.50727_64 - ok 15:20:00.0053 0488 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 15:20:00.0084 0488 clr_optimization_v4.0.30319_32 - ok 15:20:00.0131 0488 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 15:20:00.0178 0488 clr_optimization_v4.0.30319_64 - ok 15:20:00.0194 0488 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 15:20:00.0225 0488 CmBatt - ok 15:20:00.0256 0488 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys 15:20:00.0272 0488 cmdide - ok 15:20:00.0287 0488 [ F95FD4CB7DA00BA2A63CE9F6B5C053E1 ] CNG C:\Windows\system32\Drivers\cng.sys 15:20:00.0318 0488 CNG - ok 15:20:00.0350 0488 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 15:20:00.0365 0488 Compbatt - ok 15:20:00.0381 0488 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys 15:20:00.0412 0488 CompositeBus - ok 15:20:00.0428 0488 COMSysApp - ok 15:20:00.0443 0488 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys 15:20:00.0459 0488 crcdisk - ok 15:20:00.0490 0488 [ 8C57411B66282C01533CB776F98AD384 ] CryptSvc C:\Windows\system32\cryptsvc.dll 15:20:00.0537 0488 CryptSvc - ok 15:20:00.0584 0488 [ 44BDDEB03C84A1C993C992FFB5700357 ] CVirtA C:\Windows\system32\DRIVERS\CVirtA64.sys 15:20:00.0599 0488 CVirtA - ok 15:20:00.0677 0488 [ 66257CB4E4FB69887CDDC71663741435 ] CVPND C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe 15:20:00.0708 0488 CVPND - ok 15:20:00.0771 0488 [ CC8E52DAA9826064BA464DBE531F2BB5 ] CVPNDRVA C:\Windows\system32\Drivers\CVPNDRVA.sys 15:20:00.0771 0488 CVPNDRVA - ok 15:20:00.0833 0488 [ 23D4B856725F5FC3C4F410C150AB107B ] dc3d C:\Windows\system32\DRIVERS\dc3d.sys 15:20:00.0849 0488 dc3d - ok 15:20:00.0896 0488 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\Windows\system32\rpcss.dll 15:20:00.0942 0488 DcomLaunch - ok 15:20:00.0974 0488 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll 15:20:01.0020 0488 defragsvc - ok 15:20:01.0036 0488 [ 3F1DC527070ACB87E40AFE46EF6DA749 ] DfsC C:\Windows\system32\Drivers\dfsc.sys 15:20:01.0083 0488 DfsC - ok 15:20:01.0114 0488 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\Windows\system32\dhcpcore.dll 15:20:01.0208 0488 Dhcp - ok 15:20:01.0239 0488 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys 15:20:01.0286 0488 discache - ok 15:20:01.0317 0488 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys 15:20:01.0348 0488 Disk - ok 15:20:01.0395 0488 [ 05CB5910B3CA6019FC3CCA815EE06FFB ] DNE C:\Windows\system32\DRIVERS\dne64x.sys 15:20:01.0410 0488 DNE - ok 15:20:01.0426 0488 [ 676108C4E3AA6F6B34633748BD0BEBD9 ] Dnscache C:\Windows\System32\dnsrslvr.dll 15:20:01.0488 0488 Dnscache - ok 15:20:01.0520 0488 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\Windows\System32\dot3svc.dll 15:20:01.0535 0488 dot3svc - ok 15:20:01.0551 0488 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\Windows\system32\dps.dll 15:20:01.0566 0488 DPS - ok 15:20:01.0613 0488 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 15:20:01.0629 0488 drmkaud - ok 15:20:01.0644 0488 [ 1633B9ABF52784A1331476397A48CBEF ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 15:20:01.0676 0488 DXGKrnl - ok 15:20:01.0691 0488 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll 15:20:01.0722 0488 EapHost - ok 15:20:01.0800 0488 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys 15:20:01.0910 0488 ebdrv - ok 15:20:01.0941 0488 [ 0793F40B9B8A1BDD266296409DBD91EA ] EFS C:\Windows\System32\lsass.exe 15:20:01.0988 0488 EFS - ok 15:20:02.0066 0488 [ 47C071994C3F649F23D9CD075AC9304A ] ehRecvr C:\Windows\ehome\ehRecvr.exe 15:20:02.0144 0488 ehRecvr - ok 15:20:02.0175 0488 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe 15:20:02.0253 0488 ehSched - ok 15:20:02.0284 0488 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys 15:20:02.0315 0488 elxstor - ok 15:20:02.0315 0488 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys 15:20:02.0346 0488 ErrDev - ok 15:20:02.0378 0488 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll 15:20:02.0409 0488 EventSystem - ok 15:20:02.0440 0488 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys 15:20:02.0487 0488 exfat - ok 15:20:02.0534 0488 ezSharedSvc - ok 15:20:02.0534 0488 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys 15:20:02.0580 0488 fastfat - ok 15:20:02.0643 0488 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\Windows\system32\fxssvc.exe 15:20:02.0705 0488 Fax - ok 15:20:02.0721 0488 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys 15:20:02.0768 0488 fdc - ok 15:20:02.0799 0488 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll 15:20:02.0877 0488 fdPHost - ok 15:20:02.0892 0488 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll 15:20:02.0924 0488 FDResPub - ok 15:20:02.0924 0488 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 15:20:02.0939 0488 FileInfo - ok 15:20:02.0955 0488 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 15:20:03.0002 0488 Filetrace - ok 15:20:03.0017 0488 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys 15:20:03.0033 0488 flpydisk - ok 15:20:03.0048 0488 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 15:20:03.0064 0488 FltMgr - ok 15:20:03.0080 0488 [ BC00505CFDA789ED3BE95D2FF38C4875 ] FontCache C:\Windows\system32\FntCache.dll 15:20:03.0158 0488 FontCache - ok 15:20:03.0204 0488 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 15:20:03.0236 0488 FontCache3.0.0.0 - ok 15:20:03.0251 0488 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 15:20:03.0282 0488 FsDepends - ok 15:20:03.0314 0488 [ 07DA62C960DDCCC2D35836AEAB4FC578 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys 15:20:03.0329 0488 fssfltr - ok 15:20:03.0392 0488 [ 28DDEEEC44E988657B732CF404D504CB ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe 15:20:03.0454 0488 fsssvc - ok 15:20:03.0470 0488 [ E95EF8547DE20CF0603557C0CF7A9462 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 15:20:03.0485 0488 Fs_Rec - ok 15:20:03.0532 0488 [ AE87BA80D0EC3B57126ED2CDC15B24ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 15:20:03.0579 0488 fvevol - ok 15:20:03.0594 0488 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys 15:20:03.0610 0488 gagp30kx - ok 15:20:03.0657 0488 [ E53EE18A21C025DEABCFE0F72FC481BB ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe 15:20:03.0672 0488 GameConsoleService - ok 15:20:03.0704 0488 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 15:20:03.0719 0488 GEARAspiWDM - ok 15:20:03.0766 0488 [ 9599A713E1776B8F69300FC9008F33C1 ] getPlusHelper C:\Program Files (x86)\NOS\bin\getPlus_Helper.dll 15:20:03.0828 0488 getPlusHelper - ok 15:20:03.0844 0488 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\Windows\System32\gpsvc.dll 15:20:03.0891 0488 gpsvc - ok 15:20:03.0938 0488 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 15:20:03.0969 0488 gupdate - ok 15:20:03.0984 0488 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 15:20:04.0000 0488 gupdatem - ok 15:20:04.0031 0488 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 15:20:04.0094 0488 hcw85cir - ok 15:20:04.0094 0488 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 15:20:04.0140 0488 HDAudBus - ok 15:20:04.0140 0488 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys 15:20:04.0172 0488 HidBatt - ok 15:20:04.0172 0488 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys 15:20:04.0203 0488 HidBth - ok 15:20:04.0218 0488 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys 15:20:04.0250 0488 HidIr - ok 15:20:04.0281 0488 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll 15:20:04.0343 0488 hidserv - ok 15:20:04.0359 0488 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 15:20:04.0406 0488 HidUsb - ok 15:20:04.0421 0488 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll 15:20:04.0468 0488 hkmsvc - ok 15:20:04.0499 0488 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll 15:20:04.0530 0488 HomeGroupListener - ok 15:20:04.0562 0488 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll 15:20:04.0577 0488 HomeGroupProvider - ok 15:20:04.0624 0488 [ 0141816A095A3F5A83FFA5B4A47B8023 ] HP Health Check Service C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe 15:20:04.0655 0488 HP Health Check Service ( UnsignedFile.Multi.Generic ) - warning 15:20:04.0655 0488 HP Health Check Service - detected UnsignedFile.Multi.Generic (1) 15:20:04.0686 0488 [ FDF273A845F1FFCCEADF363AAF47582F ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe 15:20:04.0718 0488 hpqwmiex - ok 15:20:04.0733 0488 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys 15:20:04.0749 0488 HpSAMD - ok 15:20:04.0780 0488 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\Windows\system32\drivers\HTTP.sys 15:20:04.0827 0488 HTTP - ok 15:20:04.0827 0488 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 15:20:04.0842 0488 hwpolicy - ok 15:20:04.0858 0488 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 15:20:04.0874 0488 i8042prt - ok 15:20:04.0936 0488 [ 7548066DF68A8A1A56B043359F915F37 ] IAANTMON C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe 15:20:04.0967 0488 IAANTMON - ok 15:20:04.0998 0488 [ 1D004CB1DA6323B1F55CAEF7F94B61D9 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys 15:20:05.0030 0488 iaStor - ok 15:20:05.0045 0488 [ D83EFB6FD45DF9D55E9A1AFC63640D50 ] iaStorV C:\Windows\system32\DRIVERS\iaStorV.sys 15:20:05.0092 0488 iaStorV - ok 15:20:05.0139 0488 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 15:20:05.0201 0488 idsvc - ok 15:20:05.0217 0488 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys 15:20:05.0232 0488 iirsp - ok 15:20:05.0264 0488 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\Windows\System32\ikeext.dll 15:20:05.0326 0488 IKEEXT - ok 15:20:05.0404 0488 [ 3C4B4EE54FEBB09F7E9F58776DE96DCA ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys 15:20:05.0451 0488 IntcAzAudAddService - ok 15:20:05.0466 0488 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\DRIVERS\intelide.sys 15:20:05.0482 0488 intelide - ok 15:20:05.0513 0488 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 15:20:05.0544 0488 intelppm - ok 15:20:05.0560 0488 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll 15:20:05.0607 0488 IPBusEnum - ok 15:20:05.0638 0488 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 15:20:05.0654 0488 IpFilterDriver - ok 15:20:05.0685 0488 [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 15:20:05.0732 0488 iphlpsvc - ok 15:20:05.0763 0488 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys 15:20:05.0794 0488 IPMIDRV - ok 15:20:05.0825 0488 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys 15:20:05.0856 0488 IPNAT - ok 15:20:05.0919 0488 [ 50D6CCC6FF5561F9F56946B3E6164FB8 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 15:20:05.0966 0488 iPod Service - ok 15:20:05.0966 0488 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys 15:20:05.0981 0488 IRENUM - ok 15:20:05.0997 0488 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys 15:20:05.0997 0488 isapnp - ok 15:20:06.0028 0488 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys 15:20:06.0044 0488 iScsiPrt - ok 15:20:06.0059 0488 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 15:20:06.0075 0488 kbdclass - ok 15:20:06.0090 0488 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 15:20:06.0106 0488 kbdhid - ok 15:20:06.0137 0488 [ 0793F40B9B8A1BDD266296409DBD91EA ] KeyIso C:\Windows\system32\lsass.exe 15:20:06.0168 0488 KeyIso - ok 15:20:06.0184 0488 [ E8B6FCC9C83535C67F835D407620BD27 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 15:20:06.0200 0488 KSecDD - ok 15:20:06.0215 0488 [ A8C63880EF6F4D3FEC7B616B9C060215 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 15:20:06.0231 0488 KSecPkg - ok 15:20:06.0231 0488 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 15:20:06.0278 0488 ksthunk - ok 15:20:06.0309 0488 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll 15:20:06.0387 0488 KtmRm - ok 15:20:06.0418 0488 [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer C:\Windows\System32\srvsvc.dll 15:20:06.0465 0488 LanmanServer - ok 15:20:06.0496 0488 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 15:20:06.0543 0488 LanmanWorkstation - ok 15:20:06.0590 0488 [ 108333981C841EB0FF198AA5DFCF3D3B ] LightScribeService c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe 15:20:06.0636 0488 LightScribeService ( UnsignedFile.Multi.Generic ) - warning 15:20:06.0636 0488 LightScribeService - detected UnsignedFile.Multi.Generic (1) 15:20:06.0668 0488 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 15:20:06.0730 0488 lltdio - ok 15:20:06.0746 0488 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll 15:20:06.0808 0488 lltdsvc - ok 15:20:06.0824 0488 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll 15:20:06.0855 0488 lmhosts - ok 15:20:06.0870 0488 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys 15:20:06.0886 0488 LSI_FC - ok 15:20:06.0886 0488 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys 15:20:06.0902 0488 LSI_SAS - ok 15:20:06.0902 0488 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys 15:20:06.0917 0488 LSI_SAS2 - ok 15:20:06.0933 0488 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys 15:20:06.0948 0488 LSI_SCSI - ok 15:20:06.0964 0488 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys 15:20:07.0011 0488 luafv - ok 15:20:07.0042 0488 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 15:20:07.0073 0488 Mcx2Svc - ok 15:20:07.0104 0488 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys 15:20:07.0120 0488 megasas - ok 15:20:07.0136 0488 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys 15:20:07.0151 0488 MegaSR - ok 15:20:07.0214 0488 Microsoft SharePoint Workspace Audit Service - ok 15:20:07.0229 0488 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll 15:20:07.0323 0488 MMCSS - ok 15:20:07.0338 0488 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys 15:20:07.0385 0488 Modem - ok 15:20:07.0401 0488 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys 15:20:07.0432 0488 monitor - ok 15:20:07.0463 0488 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 15:20:07.0479 0488 mouclass - ok 15:20:07.0479 0488 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 15:20:07.0510 0488 mouhid - ok 15:20:07.0541 0488 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 15:20:07.0557 0488 mountmgr - ok 15:20:07.0572 0488 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\Windows\system32\DRIVERS\mpio.sys 15:20:07.0588 0488 mpio - ok 15:20:07.0604 0488 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 15:20:07.0650 0488 mpsdrv - ok 15:20:07.0666 0488 [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc C:\Windows\system32\mpssvc.dll 15:20:07.0713 0488 MpsSvc - ok 15:20:07.0728 0488 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 15:20:07.0760 0488 MRxDAV - ok 15:20:07.0775 0488 [ 767A4C3BCF9410C286CED15A2DB17108 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 15:20:07.0838 0488 mrxsmb - ok 15:20:07.0853 0488 [ 920EE0FF995FCFDEB08C41605A959E1C ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 15:20:07.0884 0488 mrxsmb10 - ok 15:20:07.0884 0488 [ 740D7EA9D72C981510A5292CF6ADC941 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 15:20:07.0900 0488 mrxsmb20 - ok 15:20:07.0916 0488 [ 5C37497276E3B3A5488B23A326A754B7 ] msahci C:\Windows\system32\DRIVERS\msahci.sys 15:20:07.0931 0488 msahci - ok 15:20:07.0947 0488 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys 15:20:07.0962 0488 msdsm - ok 15:20:07.0978 0488 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe 15:20:07.0978 0488 MSDTC - ok 15:20:07.0994 0488 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys 15:20:08.0025 0488 Msfs - ok 15:20:08.0040 0488 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 15:20:08.0072 0488 mshidkmdf - ok 15:20:08.0103 0488 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys 15:20:08.0118 0488 msisadrv - ok 15:20:08.0150 0488 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 15:20:08.0181 0488 MSiSCSI - ok 15:20:08.0181 0488 msiserver - ok 15:20:08.0196 0488 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 15:20:08.0228 0488 MSKSSRV - ok 15:20:08.0243 0488 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 15:20:08.0290 0488 MSPCLOCK - ok 15:20:08.0306 0488 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 15:20:08.0337 0488 MSPQM - ok 15:20:08.0368 0488 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 15:20:08.0384 0488 MsRPC - ok 15:20:08.0384 0488 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys 15:20:08.0399 0488 mssmbios - ok 15:20:08.0399 0488 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 15:20:08.0446 0488 MSTEE - ok 15:20:08.0462 0488 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys 15:20:08.0508 0488 MTConfig - ok 15:20:08.0540 0488 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys 15:20:08.0540 0488 Mup - ok 15:20:08.0586 0488 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\Windows\system32\qagentRT.dll 15:20:08.0633 0488 napagent - ok 15:20:08.0664 0488 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 15:20:08.0696 0488 NativeWifiP - ok 15:20:08.0742 0488 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\Windows\system32\drivers\ndis.sys 15:20:08.0758 0488 NDIS - ok 15:20:08.0774 0488 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 15:20:08.0805 0488 NdisCap - ok 15:20:08.0820 0488 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 15:20:08.0852 0488 NdisTapi - ok 15:20:08.0852 0488 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 15:20:08.0914 0488 Ndisuio - ok 15:20:08.0945 0488 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 15:20:08.0976 0488 NdisWan - ok 15:20:08.0992 0488 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 15:20:09.0054 0488 NDProxy - ok 15:20:09.0086 0488 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 15:20:09.0117 0488 NetBIOS - ok 15:20:09.0117 0488 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 15:20:09.0164 0488 NetBT - ok 15:20:09.0179 0488 [ 0793F40B9B8A1BDD266296409DBD91EA ] Netlogon C:\Windows\system32\lsass.exe 15:20:09.0179 0488 Netlogon - ok 15:20:09.0210 0488 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll 15:20:09.0242 0488 Netman - ok 15:20:09.0273 0488 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 15:20:09.0288 0488 NetMsmqActivator - ok 15:20:09.0304 0488 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 15:20:09.0304 0488 NetPipeActivator - ok 15:20:09.0335 0488 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll 15:20:09.0382 0488 netprofm - ok 15:20:09.0398 0488 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 15:20:09.0398 0488 NetTcpActivator - ok 15:20:09.0398 0488 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 15:20:09.0413 0488 NetTcpPortSharing - ok 15:20:09.0444 0488 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys 15:20:09.0460 0488 nfrd960 - ok 15:20:09.0507 0488 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\Windows\System32\nlasvc.dll 15:20:09.0569 0488 NlaSvc - ok 15:20:09.0585 0488 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys 15:20:09.0600 0488 Npfs - ok 15:20:09.0616 0488 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll 15:20:09.0647 0488 nsi - ok 15:20:09.0663 0488 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 15:20:09.0725 0488 nsiproxy - ok 15:20:09.0756 0488 [ 356698A13C4630D5B31C37378D469196 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 15:20:09.0803 0488 Ntfs - ok 15:20:09.0803 0488 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys 15:20:09.0850 0488 Null - ok 15:20:10.0068 0488 [ F0FBFE1E29FF233B0E000054C1FB968A ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys 15:20:10.0178 0488 nvlddmkm - ok 15:20:10.0209 0488 [ 3E38712941E9BB4DDBEE00AFFE3FED3D ] nvraid C:\Windows\system32\DRIVERS\nvraid.sys 15:20:10.0224 0488 nvraid - ok 15:20:10.0256 0488 [ 477DC4D6DEB99BE37084C9AC6D013DA1 ] nvstor C:\Windows\system32\DRIVERS\nvstor.sys 15:20:10.0271 0488 nvstor - ok 15:20:10.0302 0488 [ 4E70B5247914426722621180B8764514 ] nvsvc C:\Windows\system32\nvvsvc.exe 15:20:10.0318 0488 nvsvc - ok 15:20:10.0349 0488 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys 15:20:10.0365 0488 nv_agp - ok 15:20:10.0365 0488 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys 15:20:10.0396 0488 ohci1394 - ok 15:20:10.0458 0488 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 15:20:10.0474 0488 ose - ok 15:20:10.0614 0488 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 15:20:10.0708 0488 osppsvc - ok 15:20:10.0724 0488 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 15:20:10.0786 0488 p2pimsvc - ok 15:20:10.0802 0488 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll 15:20:10.0817 0488 p2psvc - ok 15:20:10.0848 0488 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys 15:20:10.0848 0488 Parport - ok 15:20:10.0864 0488 [ 7DAA117143316C4A1537E074A5A9EAF0 ] partmgr C:\Windows\system32\drivers\partmgr.sys 15:20:10.0880 0488 partmgr - ok 15:20:10.0895 0488 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll 15:20:10.0926 0488 PcaSvc - ok 15:20:10.0958 0488 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\Windows\system32\DRIVERS\pci.sys 15:20:10.0973 0488 pci - ok 15:20:10.0989 0488 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\DRIVERS\pciide.sys 15:20:10.0989 0488 pciide - ok 15:20:11.0004 0488 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys 15:20:11.0020 0488 pcmcia - ok 15:20:11.0036 0488 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys 15:20:11.0036 0488 pcw - ok 15:20:11.0067 0488 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys 15:20:11.0129 0488 PEAUTH - ok 15:20:11.0207 0488 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe 15:20:11.0238 0488 PerfHost - ok 15:20:11.0301 0488 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\Windows\system32\pla.dll 15:20:11.0394 0488 pla - ok 15:20:11.0457 0488 [ 23157D583244400E1D7FBAEE2E4B31B7 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 15:20:11.0504 0488 PlugPlay - ok 15:20:11.0519 0488 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 15:20:11.0535 0488 PNRPAutoReg - ok 15:20:11.0550 0488 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 15:20:11.0566 0488 PNRPsvc - ok 15:20:11.0597 0488 [ B23F79E41E30ED500586151A9EF27D8F ] Point64 C:\Windows\system32\DRIVERS\point64.sys 15:20:11.0597 0488 Point64 - ok 15:20:11.0628 0488 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 15:20:11.0691 0488 PolicyAgent - ok 15:20:11.0722 0488 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll 15:20:11.0753 0488 Power - ok 15:20:11.0784 0488 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 15:20:11.0831 0488 PptpMiniport - ok 15:20:11.0847 0488 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys 15:20:11.0878 0488 Processor - ok 15:20:11.0909 0488 [ F381975E1F4346DE875CB07339CE8D3A ] ProfSvc C:\Windows\system32\profsvc.dll 15:20:11.0972 0488 ProfSvc - ok 15:20:12.0003 0488 [ 0793F40B9B8A1BDD266296409DBD91EA ] ProtectedStorage C:\Windows\system32\lsass.exe 15:20:12.0003 0488 ProtectedStorage - ok 15:20:12.0018 0488 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\Windows\system32\DRIVERS\pacer.sys 15:20:12.0050 0488 Psched - ok 15:20:12.0081 0488 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys 15:20:12.0096 0488 PxHlpa64 - ok 15:20:12.0143 0488 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys 15:20:12.0206 0488 ql2300 - ok 15:20:12.0221 0488 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys 15:20:12.0221 0488 ql40xx - ok 15:20:12.0252 0488 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll 15:20:12.0268 0488 QWAVE - ok 15:20:12.0284 0488 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 15:20:12.0284 0488 QWAVEdrv - ok 15:20:12.0315 0488 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 15:20:12.0330 0488 RasAcd - ok 15:20:12.0362 0488 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 15:20:12.0393 0488 RasAgileVpn - ok 15:20:12.0393 0488 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll 15:20:12.0455 0488 RasAuto - ok 15:20:12.0486 0488 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 15:20:12.0549 0488 Rasl2tp - ok 15:20:12.0564 0488 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\Windows\System32\rasmans.dll 15:20:12.0611 0488 RasMan - ok 15:20:12.0642 0488 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 15:20:12.0689 0488 RasPppoe - ok 15:20:12.0705 0488 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 15:20:12.0736 0488 RasSstp - ok 15:20:12.0767 0488 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 15:20:12.0845 0488 rdbss - ok 15:20:12.0876 0488 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys 15:20:12.0876 0488 rdpbus - ok 15:20:12.0892 0488 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 15:20:12.0923 0488 RDPCDD - ok 15:20:12.0923 0488 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 15:20:12.0970 0488 RDPENCDD - ok 15:20:12.0986 0488 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 15:20:13.0017 0488 RDPREFMP - ok 15:20:13.0017 0488 [ 8A3E6BEA1C53EA6177FE2B6EBA2C80D7 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 15:20:13.0079 0488 RDPWD - ok 15:20:13.0095 0488 [ 634B9A2181D98F15941236886164EC8B ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 15:20:13.0110 0488 rdyboost - ok 15:20:13.0126 0488 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll 15:20:13.0157 0488 RemoteAccess - ok 15:20:13.0188 0488 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll 15:20:13.0235 0488 RemoteRegistry - ok 15:20:13.0251 0488 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 15:20:13.0282 0488 RpcEptMapper - ok 15:20:13.0298 0488 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe 15:20:13.0329 0488 RpcLocator - ok 15:20:13.0360 0488 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\Windows\system32\rpcss.dll 15:20:13.0407 0488 RpcSs - ok 15:20:13.0422 0488 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 15:20:13.0469 0488 rspndr - ok 15:20:13.0516 0488 [ 91296F0B2653281B2F11E0FCE56AA427 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys 15:20:13.0532 0488 RTL8167 - ok 15:20:13.0547 0488 [ 0793F40B9B8A1BDD266296409DBD91EA ] SamSs C:\Windows\system32\lsass.exe 15:20:13.0563 0488 SamSs - ok 15:20:13.0578 0488 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys 15:20:13.0594 0488 sbp2port - ok 15:20:13.0625 0488 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll 15:20:13.0656 0488 SCardSvr - ok 15:20:13.0672 0488 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 15:20:13.0734 0488 scfilter - ok 15:20:13.0766 0488 [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule C:\Windows\system32\schedsvc.dll 15:20:13.0812 0488 Schedule - ok 15:20:13.0875 0488 [ 6011CDF54BB6F4C69F38FACCDAD73D7E ] SCMNdisP C:\Windows\system32\DRIVERS\scmndisp.sys 15:20:13.0890 0488 SCMNdisP - ok 15:20:13.0937 0488 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\Windows\System32\certprop.dll 15:20:13.0968 0488 SCPolicySvc - ok 15:20:13.0984 0488 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\Windows\System32\SDRSVC.dll 15:20:14.0046 0488 SDRSVC - ok 15:20:14.0062 0488 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys 15:20:14.0109 0488 secdrv - ok 15:20:14.0109 0488 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\Windows\system32\seclogon.dll 15:20:14.0140 0488 seclogon - ok 15:20:14.0171 0488 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll 15:20:14.0234 0488 SENS - ok 15:20:14.0265 0488 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll 15:20:14.0312 0488 SensrSvc - ok 15:20:14.0327 0488 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys 15:20:14.0343 0488 Serenum - ok 15:20:14.0358 0488 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys 15:20:14.0405 0488 Serial - ok 15:20:14.0421 0488 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys 15:20:14.0468 0488 sermouse - ok 15:20:14.0483 0488 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\Windows\system32\sessenv.dll 15:20:14.0546 0488 SessionEnv - ok 15:20:14.0561 0488 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys 15:20:14.0608 0488 sffdisk - ok 15:20:14.0624 0488 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys 15:20:14.0655 0488 sffp_mmc - ok 15:20:14.0670 0488 [ 178298F767FE638C9FEDCBDEF58BB5E4 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys 15:20:14.0702 0488 sffp_sd - ok 15:20:14.0733 0488 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys 15:20:14.0764 0488 sfloppy - ok 15:20:14.0811 0488 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll 15:20:14.0858 0488 SharedAccess - ok 15:20:14.0873 0488 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll 15:20:14.0904 0488 ShellHWDetection - ok 15:20:14.0936 0488 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys 15:20:14.0951 0488 SiSRaid2 - ok 15:20:14.0982 0488 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys 15:20:14.0998 0488 SiSRaid4 - ok 15:20:15.0014 0488 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys 15:20:15.0060 0488 Smb - ok 15:20:15.0092 0488 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe 15:20:15.0138 0488 SNMPTRAP - ok 15:20:15.0154 0488 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys 15:20:15.0170 0488 spldr - ok 15:20:15.0185 0488 [ F8E1FA03CB70D54A9892AC88B91D1E7B ] Spooler C:\Windows\System32\spoolsv.exe 15:20:15.0248 0488 Spooler - ok 15:20:15.0310 0488 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\Windows\system32\sppsvc.exe 15:20:15.0419 0488 sppsvc - ok 15:20:15.0435 0488 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll 15:20:15.0482 0488 sppuinotify - ok 15:20:15.0497 0488 [ DE6F5658DA951C4BC8E498570B5B0D5F ] srv C:\Windows\system32\DRIVERS\srv.sys 15:20:15.0528 0488 srv - ok 15:20:15.0575 0488 [ 4D33D59C0B930C523D29F9BD40CDA9D2 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 15:20:15.0606 0488 srv2 - ok 15:20:15.0638 0488 [ 5A663FD67049267BC5C3F3279E631FFB ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 15:20:15.0653 0488 srvnet - ok 15:20:15.0669 0488 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 15:20:15.0716 0488 SSDPSRV - ok 15:20:15.0731 0488 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll 15:20:15.0762 0488 SstpSvc - ok 15:20:15.0778 0488 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys 15:20:15.0778 0488 stexstor - ok 15:20:15.0794 0488 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\Windows\System32\wiaservc.dll 15:20:15.0809 0488 stisvc - ok 15:20:15.0825 0488 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys 15:20:15.0825 0488 swenum - ok 15:20:15.0840 0488 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll 15:20:15.0872 0488 swprv - ok 15:20:15.0918 0488 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\Windows\system32\sysmain.dll 15:20:15.0981 0488 SysMain - ok 15:20:15.0996 0488 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll 15:20:16.0012 0488 TabletInputService - ok 15:20:16.0043 0488 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\Windows\System32\tapisrv.dll 15:20:16.0090 0488 TapiSrv - ok 15:20:16.0090 0488 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll 15:20:16.0137 0488 TBS - ok 15:20:16.0184 0488 [ 90A2D722CF64D911879D6C4A4F802A4D ] Tcpip C:\Windows\system32\drivers\tcpip.sys 15:20:16.0230 0488 Tcpip - ok 15:20:16.0277 0488 [ 90A2D722CF64D911879D6C4A4F802A4D ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 15:20:16.0324 0488 TCPIP6 - ok 15:20:16.0340 0488 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 15:20:16.0371 0488 tcpipreg - ok 15:20:16.0386 0488 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 15:20:16.0433 0488 TDPIPE - ok 15:20:16.0449 0488 [ E4245BDA3190A582D55ED09E137401A9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 15:20:16.0464 0488 TDTCP - ok 15:20:16.0480 0488 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\Windows\system32\DRIVERS\tdx.sys 15:20:16.0511 0488 tdx - ok 15:20:16.0605 0488 [ 5624ACD0B7900BEABBD329443A4F4454 ] TeamViewer5 C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe 15:20:16.0636 0488 TeamViewer5 - ok 15:20:16.0667 0488 [ F5520DBB47C60EE83024B38720ABDA24 ] teamviewervpn C:\Windows\system32\DRIVERS\teamviewervpn.sys 15:20:16.0667 0488 teamviewervpn - ok 15:20:16.0683 0488 [ C448651339196C0E869A355171875522 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys 15:20:16.0698 0488 TermDD - ok 15:20:16.0730 0488 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\Windows\System32\termsrv.dll 15:20:16.0792 0488 TermService - ok 15:20:16.0823 0488 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll 15:20:16.0839 0488 Themes - ok 15:20:16.0870 0488 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll 15:20:16.0917 0488 THREADORDER - ok 15:20:16.0932 0488 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll 15:20:16.0964 0488 TrkWks - ok 15:20:17.0026 0488 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 15:20:17.0057 0488 TrustedInstaller - ok 15:20:17.0088 0488 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 15:20:17.0151 0488 tssecsrv - ok 15:20:17.0166 0488 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 15:20:17.0213 0488 tunnel - ok 15:20:17.0244 0488 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys 15:20:17.0260 0488 uagp35 - ok 15:20:17.0276 0488 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs C:\Windows\system32\DRIVERS\udfs.sys 15:20:17.0307 0488 udfs - ok 15:20:17.0322 0488 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe 15:20:17.0338 0488 UI0Detect - ok 15:20:17.0354 0488 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys 15:20:17.0354 0488 uliagpkx - ok 15:20:17.0369 0488 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\Windows\system32\DRIVERS\umbus.sys 15:20:17.0385 0488 umbus - ok 15:20:17.0416 0488 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys 15:20:17.0432 0488 UmPass - ok 15:20:17.0447 0488 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll 15:20:17.0463 0488 upnphost - ok 15:20:17.0494 0488 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys 15:20:17.0510 0488 USBAAPL64 - ok 15:20:17.0541 0488 [ 77B01BC848298223A95D4EC23E1785A1 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys 15:20:17.0556 0488 usbaudio - ok 15:20:17.0588 0488 [ B26AFB54A534D634523C4FB66765B026 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 15:20:17.0619 0488 usbccgp - ok 15:20:17.0634 0488 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys 15:20:17.0681 0488 usbcir - ok 15:20:17.0697 0488 [ 2EA4AFF7BE7EB4632E3AA8595B0803B5 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 15:20:17.0728 0488 usbehci - ok 15:20:17.0759 0488 [ 4C9042B8DF86C1E8E6240C218B99B39B ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 15:20:17.0806 0488 usbhub - ok 15:20:17.0822 0488 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys 15:20:17.0853 0488 usbohci - ok 15:20:17.0868 0488 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 15:20:17.0900 0488 usbprint - ok 15:20:17.0931 0488 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys 15:20:17.0946 0488 usbscan - ok 15:20:17.0962 0488 [ 080D3820DA6C046BE82FC8B45A893E83 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 15:20:17.0993 0488 USBSTOR - ok 15:20:18.0009 0488 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys 15:20:18.0024 0488 usbuhci - ok 15:20:18.0040 0488 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll 15:20:18.0087 0488 UxSms - ok 15:20:18.0102 0488 [ 0793F40B9B8A1BDD266296409DBD91EA ] VaultSvc C:\Windows\system32\lsass.exe 15:20:18.0102 0488 VaultSvc - ok 15:20:18.0134 0488 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys 15:20:18.0134 0488 vdrvroot - ok 15:20:18.0165 0488 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\Windows\System32\vds.exe 15:20:18.0212 0488 vds - ok 15:20:18.0243 0488 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 15:20:18.0258 0488 vga - ok 15:20:18.0274 0488 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys 15:20:18.0321 0488 VgaSave - ok 15:20:18.0352 0488 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys 15:20:18.0352 0488 vhdmp - ok 15:20:18.0368 0488 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\DRIVERS\viaide.sys 15:20:18.0368 0488 viaide - ok 15:20:18.0383 0488 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys 15:20:18.0399 0488 volmgr - ok 15:20:18.0414 0488 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 15:20:18.0430 0488 volmgrx - ok 15:20:18.0446 0488 [ 58F82EED8CA24B461441F9C3E4F0BF5C ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys 15:20:18.0461 0488 volsnap - ok 15:20:18.0477 0488 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys 15:20:18.0492 0488 vsmraid - ok 15:20:18.0539 0488 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\Windows\system32\vssvc.exe 15:20:18.0617 0488 VSS - ok 15:20:18.0633 0488 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys 15:20:18.0648 0488 vwifibus - ok 15:20:18.0695 0488 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys 15:20:18.0711 0488 vwififlt - ok 15:20:18.0742 0488 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys 15:20:18.0758 0488 vwifimp - ok 15:20:18.0773 0488 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll 15:20:18.0804 0488 W32Time - ok 15:20:18.0820 0488 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys 15:20:18.0851 0488 WacomPen - ok 15:20:18.0882 0488 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 15:20:18.0960 0488 WANARP - ok 15:20:18.0960 0488 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 15:20:18.0976 0488 Wanarpv6 - ok 15:20:19.0023 0488 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\Windows\system32\wbengine.exe 15:20:19.0101 0488 wbengine - ok 15:20:19.0116 0488 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 15:20:19.0148 0488 WbioSrvc - ok 15:20:19.0163 0488 [ 8321C2CA3B62B61B293CDA3451984468 ] wcncsvc C:\Windows\System32\wcncsvc.dll 15:20:19.0194 0488 wcncsvc - ok 15:20:19.0194 0488 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 15:20:19.0226 0488 WcsPlugInService - ok 15:20:19.0241 0488 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys 15:20:19.0257 0488 Wd - ok 15:20:19.0288 0488 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 15:20:19.0304 0488 Wdf01000 - ok 15:20:19.0319 0488 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll 15:20:19.0350 0488 WdiServiceHost - ok 15:20:19.0366 0488 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll 15:20:19.0397 0488 WdiSystemHost - ok 15:20:19.0413 0488 [ 733006127F235BE7C35354EBEE7B9A7B ] WebClient C:\Windows\System32\webclnt.dll 15:20:19.0460 0488 WebClient - ok 15:20:19.0475 0488 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll 15:20:19.0506 0488 Wecsvc - ok 15:20:19.0522 0488 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll 15:20:19.0584 0488 wercplsupport - ok 15:20:19.0600 0488 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll 15:20:19.0647 0488 WerSvc - ok 15:20:19.0662 0488 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 15:20:19.0678 0488 WfpLwf - ok 15:20:19.0694 0488 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys 15:20:19.0694 0488 WIMMount - ok 15:20:19.0709 0488 WinDefend - ok 15:20:19.0709 0488 WinHttpAutoProxySvc - ok 15:20:19.0756 0488 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 15:20:19.0772 0488 Winmgmt - ok 15:20:19.0818 0488 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\Windows\system32\WsmSvc.dll 15:20:19.0912 0488 WinRM - ok 15:20:19.0959 0488 [ 817EAFF5D38674EDD7713B9DFB8E9791 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 15:20:19.0990 0488 WinUsb - ok 15:20:20.0052 0488 [ 0F695800783C3F9E577B94BF1E71D95A ] WLANBelkinService C:\Program Files (x86)\Belkin\F7D4101\V1\wlansrv.exe 15:20:20.0068 0488 WLANBelkinService ( UnsignedFile.Multi.Generic ) - warning 15:20:20.0068 0488 WLANBelkinService - detected UnsignedFile.Multi.Generic (1) 15:20:20.0084 0488 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll 15:20:20.0146 0488 Wlansvc - ok 15:20:20.0255 0488 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 15:20:20.0318 0488 wlidsvc - ok 15:20:20.0333 0488 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys 15:20:20.0364 0488 WmiAcpi - ok 15:20:20.0380 0488 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 15:20:20.0427 0488 wmiApSrv - ok 15:20:20.0427 0488 WMPNetworkSvc - ok 15:20:20.0458 0488 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll 15:20:20.0489 0488 WPCSvc - ok 15:20:20.0520 0488 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 15:20:20.0536 0488 WPDBusEnum - ok 15:20:20.0567 0488 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 15:20:20.0614 0488 ws2ifsl - ok 15:20:20.0630 0488 [ 8F9F3969933C02DA96EB0F84576DB43E ] wscsvc C:\Windows\system32\wscsvc.dll 15:20:20.0676 0488 wscsvc - ok 15:20:20.0676 0488 WSearch - ok 15:20:20.0723 0488 [ 76FBEFAB6677AF9C498116F1AAEA8BDB ] WSWNA3100 C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe 15:20:20.0770 0488 WSWNA3100 ( UnsignedFile.Multi.Generic ) - warning 15:20:20.0770 0488 WSWNA3100 - detected UnsignedFile.Multi.Generic (1) 15:20:20.0832 0488 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll 15:20:20.0910 0488 wuauserv - ok 15:20:20.0926 0488 [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 15:20:20.0957 0488 WudfPf - ok 15:20:20.0988 0488 [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 15:20:21.0051 0488 WUDFRd - ok 15:20:21.0066 0488 [ B551D6637AA0E132C18AC6E504F7B79B ] wudfsvc C:\Windows\System32\WUDFSvc.dll 15:20:21.0144 0488 wudfsvc - ok 15:20:21.0160 0488 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll 15:20:21.0207 0488 WwanSvc - ok 15:20:21.0300 0488 [ 74983ADDCA2D9618512C088D856D6615 ] {55662437-DA8C-40c0-AADA-2C816A897A49} c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl 15:20:21.0300 0488 {55662437-DA8C-40c0-AADA-2C816A897A49} - ok 15:20:21.0332 0488 ================ Scan global =============================== 15:20:21.0347 0488 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll 15:20:21.0363 0488 [ B200DECA2186858595A97FBE63E896CC ] C:\Windows\system32\winsrv.dll 15:20:21.0363 0488 [ B200DECA2186858595A97FBE63E896CC ] C:\Windows\system32\winsrv.dll 15:20:21.0394 0488 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll 15:20:21.0410 0488 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe 15:20:21.0425 0488 [Global] - ok 15:20:21.0425 0488 ================ Scan MBR ================================== 15:20:21.0425 0488 [ 353F71FFD05627A1E79698548889C581 ] \Device\Harddisk0\DR0 15:20:21.0628 0488 \Device\Harddisk0\DR0 - ok 15:20:21.0628 0488 [ 4606A12AED5E4CE105136C6C9C8EA568 ] \Device\Harddisk1\DR1 15:20:21.0706 0488 \Device\Harddisk1\DR1 - ok 15:20:21.0722 0488 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk2\DR2 15:20:22.0689 0488 \Device\Harddisk2\DR2 - ok 15:20:22.0689 0488 ================ Scan VBR ================================== 15:20:22.0704 0488 [ CD4044DC58EE61929C177AF7FA813318 ] \Device\Harddisk0\DR0\Partition1 15:20:22.0704 0488 \Device\Harddisk0\DR0\Partition1 - ok 15:20:22.0720 0488 [ 5FA5CDF5485FB8FD38C82997B94A4E67 ] \Device\Harddisk0\DR0\Partition2 15:20:22.0720 0488 \Device\Harddisk0\DR0\Partition2 - ok 15:20:22.0736 0488 [ CF22E3603587FC318B0C0F172036F534 ] \Device\Harddisk0\DR0\Partition3 15:20:22.0751 0488 \Device\Harddisk0\DR0\Partition3 - ok 15:20:22.0751 0488 [ D2081CB93FE1B3D64A5AAAF7417E4E7A ] \Device\Harddisk1\DR1\Partition1 15:20:22.0751 0488 \Device\Harddisk1\DR1\Partition1 - ok 15:20:22.0751 0488 [ 24C33367AF2B127B146B79558F096340 ] \Device\Harddisk2\DR2\Partition1 15:20:22.0751 0488 \Device\Harddisk2\DR2\Partition1 - ok 15:20:22.0751 0488 ============================================================ 15:20:22.0751 0488 Scan finished 15:20:22.0751 0488 ============================================================ 15:20:22.0767 5972 Detected object count: 6 15:20:22.0767 5972 Actual detected object count: 6 15:20:32.0439 5972 AdobeActiveFileMonitor5.0 ( UnsignedFile.Multi.Generic ) - skipped by user 15:20:32.0439 5972 AdobeActiveFileMonitor5.0 ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:20:32.0439 5972 CCALib8 ( UnsignedFile.Multi.Generic ) - skipped by user 15:20:32.0439 5972 CCALib8 ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:20:32.0439 5972 HP Health Check Service ( UnsignedFile.Multi.Generic ) - skipped by user 15:20:32.0439 5972 HP Health Check Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:20:32.0439 5972 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user 15:20:32.0439 5972 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:20:32.0439 5972 WLANBelkinService ( UnsignedFile.Multi.Generic ) - skipped by user 15:20:32.0439 5972 WLANBelkinService ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:20:32.0439 5972 WSWNA3100 ( UnsignedFile.Multi.Generic ) - skipped by user 15:20:32.0439 5972 WSWNA3100 ( UnsignedFile.Multi.Generic ) - User select action: Skip 15:23:20.0129 3112 Deinitialize success Code:
ATTFilter Avira Free Antivirus Report file date: Freitag, 25. Jänner 2013 16:17 Scanning for 4721264 virus strains and unwanted programs. The program is running as an unrestricted full version. Online services are available. Licensee : Avira Free Antivirus Serial number : 0000149996-ADJIE-0000001 Platform : Windows 7 Home Premium Windows version : (plain) [6.1.7600] Boot mode : Normally booted Username : HP Berlin Computer name : HPBERLIN-PC Version information: BUILD.DAT : 12.0.0.1125 Bytes 02.05.2012 17:40:00 AVSCAN.EXE : 12.3.0.15 466896 Bytes 01.05.2012 22:48:51 AVSCAN.DLL : 12.3.0.15 54736 Bytes 02.05.2012 13:31:39 LUKE.DLL : 12.3.0.15 68304 Bytes 01.05.2012 23:31:47 AVSCPLR.DLL : 12.3.0.14 97032 Bytes 01.05.2012 22:13:36 AVREG.DLL : 12.3.0.17 232200 Bytes 20.06.2012 11:28:33 VBASE000.VDF : 7.10.0.0 19875328 Bytes 06.11.2009 18:18:34 VBASE001.VDF : 7.11.0.0 13342208 Bytes 14.12.2010 23:23:21 VBASE002.VDF : 7.11.19.170 14374912 Bytes 20.12.2011 23:32:24 VBASE003.VDF : 7.11.21.238 4472832 Bytes 01.02.2012 09:58:50 VBASE004.VDF : 7.11.26.44 4329472 Bytes 28.03.2012 10:43:53 VBASE005.VDF : 7.11.34.116 4034048 Bytes 29.06.2012 17:36:28 VBASE006.VDF : 7.11.41.250 4902400 Bytes 06.09.2012 17:54:49 VBASE007.VDF : 7.11.50.230 3904512 Bytes 22.11.2012 18:23:18 VBASE008.VDF : 7.11.55.142 2214912 Bytes 03.01.2013 16:56:09 VBASE009.VDF : 7.11.55.143 2048 Bytes 03.01.2013 16:56:09 VBASE010.VDF : 7.11.55.144 2048 Bytes 03.01.2013 16:56:09 VBASE011.VDF : 7.11.55.145 2048 Bytes 03.01.2013 16:56:09 VBASE012.VDF : 7.11.55.146 2048 Bytes 03.01.2013 16:56:09 VBASE013.VDF : 7.11.55.196 260096 Bytes 04.01.2013 16:56:09 VBASE014.VDF : 7.11.56.23 206848 Bytes 07.01.2013 17:58:57 VBASE015.VDF : 7.11.56.83 186880 Bytes 08.01.2013 17:58:58 VBASE016.VDF : 7.11.56.145 135168 Bytes 09.01.2013 18:55:14 VBASE017.VDF : 7.11.56.211 139776 Bytes 11.01.2013 18:55:15 VBASE018.VDF : 7.11.57.11 153088 Bytes 13.01.2013 18:55:14 VBASE019.VDF : 7.11.57.75 165888 Bytes 15.01.2013 18:55:34 VBASE020.VDF : 7.11.57.163 190976 Bytes 17.01.2013 18:55:15 VBASE021.VDF : 7.11.57.219 119808 Bytes 18.01.2013 18:55:14 VBASE022.VDF : 7.11.58.7 167936 Bytes 21.01.2013 18:55:25 VBASE023.VDF : 7.11.58.49 140288 Bytes 22.01.2013 18:55:24 VBASE024.VDF : 7.11.58.119 137728 Bytes 24.01.2013 18:55:27 VBASE025.VDF : 7.11.58.120 2048 Bytes 24.01.2013 18:55:27 VBASE026.VDF : 7.11.58.121 2048 Bytes 24.01.2013 18:55:27 VBASE027.VDF : 7.11.58.122 2048 Bytes 24.01.2013 18:55:27 VBASE028.VDF : 7.11.58.123 2048 Bytes 24.01.2013 18:55:27 VBASE029.VDF : 7.11.58.124 2048 Bytes 24.01.2013 18:55:28 VBASE030.VDF : 7.11.58.125 2048 Bytes 24.01.2013 18:55:28 VBASE031.VDF : 7.11.58.140 27136 Bytes 24.01.2013 18:55:28 Engine version : 8.2.10.238 AEVDF.DLL : 8.1.2.10 102772 Bytes 11.07.2012 14:40:48 AESCRIPT.DLL : 8.1.4.84 467322 Bytes 24.01.2013 18:55:32 AESCN.DLL : 8.1.10.0 131445 Bytes 13.12.2012 19:30:20 AESBX.DLL : 8.2.5.12 606578 Bytes 20.06.2012 11:28:32 AERDL.DLL : 8.2.0.88 643444 Bytes 10.01.2013 18:55:19 AEPACK.DLL : 8.3.1.2 819574 Bytes 20.12.2012 19:30:15 AEOFFICE.DLL : 8.1.2.50 201084 Bytes 05.11.2012 18:14:21 AEHEUR.DLL : 8.1.4.182 5706104 Bytes 24.01.2013 18:55:31 AEHELP.DLL : 8.1.25.2 258423 Bytes 14.10.2012 20:03:03 AEGEN.DLL : 8.1.6.16 434549 Bytes 24.01.2013 18:55:28 AEEXP.DLL : 8.3.0.14 188788 Bytes 24.01.2013 18:55:32 AEEMU.DLL : 8.1.3.2 393587 Bytes 11.07.2012 14:40:41 AECORE.DLL : 8.1.30.0 201079 Bytes 13.12.2012 19:30:19 AEBB.DLL : 8.1.1.4 53619 Bytes 05.11.2012 18:14:17 AVWINLL.DLL : 12.3.0.15 27344 Bytes 01.05.2012 22:59:21 AVPREF.DLL : 12.3.0.15 51920 Bytes 01.05.2012 22:44:31 AVREP.DLL : 12.3.0.15 179208 Bytes 01.05.2012 22:13:35 AVARKT.DLL : 12.3.0.15 211408 Bytes 01.05.2012 22:21:32 AVEVTLOG.DLL : 12.3.0.15 169168 Bytes 01.05.2012 22:28:49 SQLITE3.DLL : 3.7.0.1 398288 Bytes 16.04.2012 21:11:02 AVSMTP.DLL : 12.3.0.15 63440 Bytes 01.05.2012 22:51:35 NETNT.DLL : 12.3.0.15 17104 Bytes 01.05.2012 23:33:29 RCIMAGE.DLL : 12.3.0.15 4450000 Bytes 02.05.2012 00:03:52 RCTEXT.DLL : 12.3.0.15 96720 Bytes 02.05.2012 13:40:44 Configuration settings for the scan: Jobname.............................: Manual Selection Configuration file..................: C:\ProgramData\Avira\AntiVir Desktop\PROFILES\folder.avp Logging.............................: default Primary action......................: Interactive Secondary action....................: Ignore Scan master boot sector.............: on Scan boot sector....................: on Boot sectors........................: C:, Process scan........................: on Scan registry.......................: on Search for rootkits.................: off Integrity checking of system files..: off Scan all files......................: Intelligent file selection Scan archives.......................: on Recursion depth.....................: 20 Smart extensions....................: on Macro heuristic.....................: on File heuristic......................: Complete Deviating risk categories...........: +PCK,+PFS,+SPR, Start of the scan: Freitag, 25. Jänner 2013 16:17 Starting master boot sector scan: Master boot sector HD0 [INFO] No virus was found! [INFO] Please restart the search with Administrator rights Master boot sector HD1 [INFO] No virus was found! [INFO] Please restart the search with Administrator rights Master boot sector HD2 [INFO] No virus was found! [INFO] Please restart the search with Administrator rights Master boot sector HD3 [INFO] No virus was found! Master boot sector HD4 [INFO] No virus was found! Master boot sector HD5 [INFO] No virus was found! Master boot sector HD6 [INFO] No virus was found! Start scanning boot sectors: Boot sector 'C:\' [INFO] No virus was found! [INFO] Please restart the search with Administrator rights C:\Program Files (x86)\Handbrake\uninst.exe [WARNING] Invalid end of file The scan of running processes will be started Scan process 'avscan.exe' - '1' Module(s) have been scanned Scan process 'avcenter.exe' - '1' Module(s) have been scanned Scan process 'iexplore.exe' - '1' Module(s) have been scanned Scan process 'iexplore.exe' - '1' Module(s) have been scanned Scan process 'iexplore.exe' - '1' Module(s) have been scanned Scan process 'recordingmanager.exe' - '1' Module(s) have been scanned Scan process 'iexplore.exe' - '1' Module(s) have been scanned Scan process 'wlcomm.exe' - '1' Module(s) have been scanned Scan process 'wlmail.exe' - '1' Module(s) have been scanned Scan process 'brpjp04a.exe' - '1' Module(s) have been scanned Scan process 'CLMLSvc.exe' - '1' Module(s) have been scanned Scan process 'DVDAgent.exe' - '1' Module(s) have been scanned Scan process 'Brnipmon.exe' - '1' Module(s) have been scanned Scan process 'realsched.exe' - '1' Module(s) have been scanned Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned Scan process 'spamihilator.exe' - '1' Module(s) have been scanned Scan process 'PBN.exe' - '1' Module(s) have been scanned Scan process 'tvtip.exe' - '1' Module(s) have been scanned Module is OK -> <C:\Programme\TV Movie ClickFinder\tvtip.exe> [WARNING] The file could not be opened! [NOTE] The file does not exist! [NOTE] Process 'tvtip.exe' was terminated Scan process 'WNA3100.exe' - '1' Module(s) have been scanned Scan process 'MSOSYNC.EXE' - '1' Module(s) have been scanned Scan process 'iexplore.exe' - '1' Module(s) have been scanned Scan process 'iexplore.exe' - '1' Module(s) have been scanned Starting the file scan: Begin scan in 'C:\' <HP> C:\Program Files (x86)\Handbrake\uninst.exe [WARNING] Invalid end of file C:\Users\HP Berlin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\11C4WIHN\tvbilder-001-20130125[1].cftv [WARNING] The file is password protected C:\Users\HP Berlin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\11C4WIHN\tvbilder-002-20130207[1].cftv [WARNING] The file is password protected C:\Users\HP Berlin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\11C4WIHN\tvbilder-006-20130203[1].cftv [WARNING] The file is password protected C:\Users\HP Berlin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\11C4WIHN\tvbilder-010-20130207[1].cftv [WARNING] The file is password protected C:\Users\HP Berlin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\11C4WIHN\tvbilder-109-20130206[1].cftv [WARNING] The file is password protected C:\Users\HP Berlin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\11C4WIHN\tvbilder-190-20130207[1].cftv [WARNING] The file is password protected C:\Users\HP Berlin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\11C4WIHN\tvbilder-511-20130207[1].cftv [WARNING] The file is password protected C:\Users\HP Berlin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\11C4WIHN\tvbilder-541-20130129[1].cftv [WARNING] The file is password protected C:\Users\HP Berlin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\11C4WIHN\tvbilder-565-20130207[1].cftv [WARNING] The file is password protected C:\Users\HP Berlin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\11C4WIHN\tvbilder-593-20130207[1].cftv [WARNING] The file is password protected C:\Users\HP Berlin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\11C4WIHN\tvbilder-625-20130201[1].cftv [WARNING] The file is password protected C:\Users\HP Berlin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\11C4WIHN\tvbilder-625-20130207[1].cftv [WARNING] The file is password protected C:\Users\HP Berlin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\11C4WIHN\tvbilder-671-20130207[1].cftv [WARNING] The file is password protected C:\Users\HP Berlin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\11C4WIHN\tvbilder-672-20130207[1].cftv [WARNING] The file is password protected C:\Users\HP Berlin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\11C4WIHN\tvdaten-premium-038[1].cftv [WARNING] The file is password protected C:\Users\HP Berlin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\11C4WIHN\tvdaten-premium-118[1].cftv [WARNING] The file is password protected C:\Users\HP Berlin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\11C4WIHN\tvdaten-premium-206[1].cftv [WARNING] The file is password protected C:\Users\HP Berlin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\11C4WIHN\tvdaten-premium-512[1].cftv [WARNING] The file is password protected C:\Users\HP Berlin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\11C4WIHN\tvdaten-premium-513[1].cftv [WARNING] The file is password protected C:\Users\HP Berlin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\11C4WIHN\tvdaten-premium-583[1].cftv [WARNING] The file is password protected C:\Users\HP Berlin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\11C4WIHN\tvdaten-premium-621[1].cftv [WARNING] The file is password protected C:\Users\HP Berlin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\11C4WIHN\tvdaten-premium-663[1].cftv [WARNING] The file is password protected C:\Users\HP Berlin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\11C4WIHN\tvdaten-premium-675[1].cftv [WARNING] The file is password protected C:\Users\HP Berlin\AppData\Local\Microsoft\Windows Live Mail\Kobel (kons 51a\Sent Items\125228EB-000006CE.eml [WARNING] The file is password protected C:\Users\HP Berlin\AppData\Local\Microsoft\Windows Live Mail\Kobel (kons 51a\Sent Items\16DB4C5D-0000070F.eml [WARNING] The file is password protected C:\Users\HP Berlin\AppData\Local\Microsoft\Windows Live Mail\Kobel (kons 51a\Sent Items\79F22B86-0000070D.eml [WARNING] The file is password protected C:\Users\HP Berlin\AppData\Roaming\Apple Computer\MobileSync\Backup\7720b8c952392fc87ea77801483cf6b01eb02f98-20110907-220740\0a9ce9b42efcbc7aa54ffebe58bb82cd080a1696 [WARNING] The file is password protected C:\Users\HP Berlin\AppData\Roaming\Apple Computer\MobileSync\Backup\7720b8c952392fc87ea77801483cf6b01eb02f98-20110907-220740\85cc27fbce264aadfdab8fc9e618d3429ee24940 [WARNING] The file is password protected C:\Users\HP Berlin\AppData\Roaming\Apple Computer\MobileSync\Backup\7720b8c952392fc87ea77801483cf6b01eb02f98-20111113-171954\0a9ce9b42efcbc7aa54ffebe58bb82cd080a1696 [WARNING] The file is password protected C:\Users\HP Berlin\AppData\Roaming\Apple Computer\MobileSync\Backup\7720b8c952392fc87ea77801483cf6b01eb02f98-20111113-171954\85cc27fbce264aadfdab8fc9e618d3429ee24940 [WARNING] The file is password protected C:\Users\HP Berlin\AppData\Roaming\Apple Computer\MobileSync\Backup\7720b8c952392fc87ea77801483cf6b01eb02f98-20111113-175130\0a9ce9b42efcbc7aa54ffebe58bb82cd080a1696 [WARNING] The file is password protected C:\Users\HP Berlin\AppData\Roaming\Apple Computer\MobileSync\Backup\7720b8c952392fc87ea77801483cf6b01eb02f98-20111113-175130\85cc27fbce264aadfdab8fc9e618d3429ee24940 [WARNING] The file is password protected C:\Users\HP Berlin\AppData\Roaming\Apple Computer\MobileSync\Backup\7720b8c952392fc87ea77801483cf6b01eb02f98-20111113-181205\0a9ce9b42efcbc7aa54ffebe58bb82cd080a1696 [WARNING] The file is password protected C:\Users\HP Berlin\AppData\Roaming\Apple Computer\MobileSync\Backup\7720b8c952392fc87ea77801483cf6b01eb02f98-20111113-181205\85cc27fbce264aadfdab8fc9e618d3429ee24940 [WARNING] The file is password protected C:\Users\HP Berlin\AppData\Roaming\Apple Computer\MobileSync\Backup\dc11c0ccf27644db194fc798c077d27af5b38f49\0a9ce9b42efcbc7aa54ffebe58bb82cd080a1696 [WARNING] The file is password protected C:\Users\HP Berlin\AppData\Roaming\Apple Computer\MobileSync\Backup\dc11c0ccf27644db194fc798c077d27af5b38f49\85cc27fbce264aadfdab8fc9e618d3429ee24940 [WARNING] The file is password protected C:\Users\HP Berlin\AppData\Roaming\Spamihilator\messages\0000011301.msg [0] Archive type: MIME --> Download het formulier.html [DETECTION] Contains recognition pattern of the PHISH/PayPal.DU phishing file/email C:\Users\HP Berlin\AppData\Roaming\Spamihilator\messages\0000011391.msg [0] Archive type: MIME --> Efax_Corporate.htm [DETECTION] Contains recognition pattern of the HTML/Redir.EB.8 HTML script virus C:\Users\HP Berlin\Downloads\avira_free_antivirus_en.exe [WARNING] The file is password protected C:\Users\HP Berlin\Downloads\avira_free_antivirus_en2012.exe [WARNING] The file is password protected C:\Users\HP Berlin\Downloads\iPhone2,1_4.0_8A293_Restore.zip [WARNING] Invalid compressed data C:\Users\HP Berlin\Music\iTunes\iTunes Media\Mobile Applications\CubeMaze 1.0.ipa [WARNING] The file is password protected C:\Users\HP Berlin\Music\iTunes\iTunes Media\Mobile Applications\Graz Touch 1.0 1.ipa [WARNING] Possible archive bomb: the maximum unpack size has been reached. C:\Windows\SoftwareDistribution\Download\044b75a9933a066fe2c94660a1436533\BITDBAA.tmp [WARNING] No further files can be extracted from this archive. The archive will be closed C:\Windows\SoftwareDistribution\Download\a9520bb77cd0ee0b6665b8f795e49beb\BITEB75.tmp [WARNING] No further files can be extracted from this archive. The archive will be closed C:\Windows\SoftwareDistribution\Download\ba409842c7b3a802bd8c413fad78027a\BITE09F.tmp [WARNING] Invalid compressed data C:\Windows\SoftwareDistribution\Download\bf14795a62e8af76f4b31f9b6a358abb\BITD62A.tmp [WARNING] No further files can be extracted from this archive. The archive will be closed C:\Windows\SoftwareDistribution\Download\c6f0f2de850502132a245b023b1f92f3\BITE806.tmp [WARNING] No further files can be extracted from this archive. The archive will be closed C:\Windows\SoftwareDistribution\Download\c8287a0e7781ce3ea6ab559e9e350639\BITDC86.tmp [WARNING] No further files can be extracted from this archive. The archive will be closed C:\Windows\SoftwareDistribution\Download\cdc8c829f02b1b4d5d3261ff549c4bcf\BITDE00.tmp [WARNING] No further files can be extracted from this archive. The archive will be closed C:\Windows\SoftwareDistribution\Download\ec0520ea2782b9e5ef3a9768e55fa20f\BITE72A.tmp [WARNING] No further files can be extracted from this archive. The archive will be closed Beginning disinfection: C:\Users\HP Berlin\AppData\Roaming\Spamihilator\messages\0000011391.msg [DETECTION] Contains recognition pattern of the HTML/Redir.EB.8 HTML script virus [NOTE] The file was moved to the quarantine directory under the name '57fa56ca.qua'. C:\Users\HP Berlin\AppData\Roaming\Spamihilator\messages\0000011301.msg [DETECTION] Contains recognition pattern of the PHISH/PayPal.DU phishing file/email [NOTE] The file was moved to the quarantine directory under the name '4f6d796d.qua'. End of the scan: Freitag, 25. Jänner 2013 22:24 Used time: 5:13:27 Hour(s) The scan has been done completely. 57223 Scanned directories 2685233 Files were scanned 2 Viruses and/or unwanted programs were found 0 Files were classified as suspicious 0 Files were deleted 0 Viruses and unwanted programs were repaired 2 Files were moved to quarantine 0 Files were renamed 1 Files cannot be scanned 2685230 Files not concerned 154167 Archives were scanned 52 Warnings 3 Notes |
26.01.2013, 09:07 | #3 |
/// Helfer-Team | win 7 plötzlich seeehr langsam, html/redir.eb.8Das sind SPAM Mails, harmlos. Downloade Dir bitte AdwCleaner auf deinen Desktop.
danach: Downloade dir bitte Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________ |
26.01.2013, 10:21 | #4 |
| win 7 plötzlich seeehr langsam, html/redir.eb.8 hallo t'john, danke, dass du dich meines problems annimmst :-) here das logfile vom adwcleaner: Code:
ATTFilter # AdwCleaner v2.108 - Datei am 26/01/2013 um 09:41:52 erstellt # Aktualisiert am 24/01/2013 von Xplode # Betriebssystem : Windows 7 Home Premium (64 bits) # Benutzer : HP Berlin - HPBERLIN-PC # Bootmodus : Normal # Ausgeführt unter : C:\Users\HP Berlin\Downloads\adwcleaner.exe # Option [Löschen] **** [Dienste] **** ***** [Dateien / Ordner] ***** Ordner Gelöscht : C:\Users\HP Berlin\AppData\Roaming\OpenCandy ***** [Registrierungsdatenbank] ***** Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} ***** [Internet Browser] ***** -\\ Internet Explorer v9.0.8112.16455 [OK] Die Registrierungsdatenbank ist sauber. -\\ Mozilla Firefox v18.0.1 (de) Datei : C:\Users\HP Berlin\AppData\Roaming\Mozilla\Firefox\Profiles\13la5nka.default\prefs.js [OK] Die Datei ist sauber. ************************* AdwCleaner[R1].txt - [1620 octets] - [23/11/2012 22:07:43] AdwCleaner[R2].txt - [1549 octets] - [26/01/2013 09:40:06] AdwCleaner[S1].txt - [1172 octets] - [26/11/2012 10:11:31] AdwCleaner[S2].txt - [1323 octets] - [26/01/2013 09:41:52] ########## EOF - C:\AdwCleaner[S2].txt - [1383 octets] ########## mbar log: Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.01.0.1016 www.malwarebytes.org Database version: v2013.01.26.04 Windows 7 x64 NTFS Internet Explorer 9.0.8112.16421 HP Berlin :: HPBERLIN-PC [administrator] 26.01.2013 10:10:07 mbar-log-2013-01-26 (10-10-07).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P Scan options disabled: Objects scanned: 33000 Time elapsed: 11 minute(s), 23 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) danke, shopgirl hm, nach dem neustart ist das win7 hochgefahren, aber nach auswahl des kontos wurde er bald schwarz (wann, weiß ich nicht). abschalten, nochmal hochfahren, hat geklappt, aber er lädt die programme noch immer sehr langsam. wenigstens kann ich inzwischen normal schreiben, das ging vorher auch nicht, da hat er immer jede menge buchstaben "verschluckt". ich habe den eindruck, dass es ihn immer beutelt, wenn ich einen prozess das erste mal starte bzw. einen vorgang das erste mal mache, zb. favoriten aufrufen oder systemsteuerung, das zieht sich beim ersten mal, beim zweiten mal geht es dann. ich mach mal eine datenträgerbereinigung. naja, manche sachen gehen schnell, andere langsam. die meisten langsam, auch zb. neue internettabs/-seiten aufzurufen dauert oft ewig, da kommt schon die rückmeldung, dass die seite nicht reagiert. word und excel gehen schnell auf, firefox schafft es irgendwie gar nicht, iexplorer geht einigermaßen. sidebar von windows braucht lange, phase 6 abruferinnerung geht sofort auf. usw. Geändert von shopgirl86 (26.01.2013 um 10:53 Uhr) |
26.01.2013, 11:21 | #5 |
/// Helfer-Team | win 7 plötzlich seeehr langsam, html/redir.eb.8 Bitte mal ausfuehren: http://www.trojaner-board.de/72874-s...eparieren.html Danach: - neustarten nochmal versuchen |
26.01.2013, 12:03 | #6 |
| win 7 plötzlich seeehr langsam, html/redir.eb.8 hi, ich hab das jetzt gemacht, er hat einiges repariert, aber das problem ist noch da, er braucht sehr lange, um einen vorgang das erste mal zu starten. geht meine festplatte oder was anderes ein? das logfile kann ich grad nicht posten, weil es so lange ist, dass der browser/pc das nicht schafft. soll ich nur die einträge von heute reinkopieren? ich lass es gerade noch einmal laufen. danke, shopgirl |
26.01.2013, 12:06 | #7 |
/// Helfer-Team | win 7 plötzlich seeehr langsam, html/redir.eb.8 Mache mal ein Screenshot von: CrystalDiskInfo - Download - Filepony und von: Open Hardware Monitor - Download - Filepony oder HWMonitor - Temperatur und Voltage Tool |
26.01.2013, 12:29 | #8 |
| win 7 plötzlich seeehr langsam, html/redir.eb.8 hallo, hier mal die screenshots: Danke, shopgirl das ist wirklich sehr seltsam. ich kann zb mit der ganz normalen geschwindigkeit bilder bearbeiten. aber eine neue internetseite aufrufen kann dauern. |
27.01.2013, 15:29 | #9 |
/// Helfer-Team | win 7 plötzlich seeehr langsam, html/redir.eb.8 Laut der Diagnose haben deine Platten bereits fehlerhafte Sektoren. Du solltest dich bald um Ersatz kuemmern. Hast du Firefox mal deinstalliert und mal neu installiert? Windows Repair Tool (AIO)
|
26.03.2013, 04:34 | #10 |
/// Helfer-Team | win 7 plötzlich seeehr langsam, html/redir.eb.8 Fehlende Rückmeldung Gibt es Probleme beim Abarbeiten obiger Anleitung? Um Kapazitäten für andere Hilfesuchende freizumachen, lösche ich dieses Thema aus meinen Benachrichtigungen. Solltest Du weitermachen wollen, schreibe mir eine PN oder eröffne ein neues Thema. http://www.trojaner-board.de/69886-a...-beachten.html Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner sauber ist. |
26.03.2013, 09:56 | #11 |
| win 7 plötzlich seeehr langsam, html/redir.eb.8 hallo, danke für die erinnerung. es gibt keine probleme, aber ich mussten den pc kurz danach - aus anderen gründen - komplett neu aufsetzen, daher war ich damit beschäftigt ;-) danke für die hilfe nocheinmal! shopgirl |
Themen zu win 7 plötzlich seeehr langsam, html/redir.eb.8 |
7-zip, antivir, audacity, bho, bonjour, canon, converter, desktop, firefox, flash player, hijack, hijackthis, home, html/infected.webpage.gen2, html/redir.eb.8, iexplore.exe, langsam, netgear, nexus, nodrives, object, phish/paypal.du, pixel, plug-in, realtek, registry, security, sketchup, software, svchost.exe, warnung |