| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: APPL/Solimba.gen .Rechner langsam/80%CPU Auslastung HDD lampe fast immer an.Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
22.05.2013, 21:25
| #16 |
 |  APPL/Solimba.gen .Rechner langsam/80%CPU Auslastung HDD lampe fast immer an. Dann bin ich im falschen Forum  |
|
22.05.2013, 21:26
| #17 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | APPL/Solimba.gen .Rechner langsam/80%CPU Auslastung HDD lampe fast immer an. Der Name "Trojaner" in unserem Board ist nur eine Metapher
__________________
__________________ |
|
22.05.2013, 21:42
| #18 |
| | APPL/Solimba.gen .Rechner langsam/80%CPU Auslastung HDD lampe fast immer an. So,
__________________jetzt kommts.... Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.05.0.1001
www.malwarebytes.org
Database version: v2013.05.22.09
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16576
OH :: OH-VAIO [administrator]
22.05.2013 22:40:36
mbar-log-2013-05-22 (22-40-36).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 33599
Time elapsed: 16 minute(s), 57 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
|
|
22.05.2013, 21:48
| #19 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | APPL/Solimba.gen .Rechner langsam/80%CPU Auslastung HDD lampe fast immer an. aswMBR Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). TDSS-Killer Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
23.05.2013, 17:24
| #20 |
| | APPL/Solimba.gen .Rechner langsam/80%CPU Auslastung HDD lampe fast immer an. Blöde Arbeiterei stört extrem die Freizeitaktivitäten  Also weiter.... Code:
ATTFilter aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-05-23 16:12:37
-----------------------------
16:12:37.606 OS Version: Windows x64 6.1.7601 Service Pack 1
16:12:37.607 Number of processors: 2 586 0x2A07
16:12:37.608 ComputerName: OH-VAIO UserName: OH
16:12:39.828 Initialize success
16:12:54.122 AVAST engine defs: 13052201
16:12:56.146 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
16:12:56.149 Disk 0 Vendor: ST950032 0006 Size: 476940MB BusType: 3
16:12:56.491 Disk 0 MBR read successfully
16:12:56.493 Disk 0 MBR scan
16:12:56.498 Disk 0 Windows 7 default MBR code
16:12:56.551 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 17430 MB offset 2048
16:12:56.589 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 35700736
16:12:56.606 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 459408 MB offset 35905536
16:12:57.072 Disk 0 scanning C:\Windows\system32\drivers
16:13:37.415 Service scanning
16:14:14.909 Modules scanning
16:14:14.929 Disk 0 trace - called modules:
16:14:15.024 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
16:14:15.057 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80064b66a0]
16:14:15.069 3 CLASSPNP.SYS[fffff880013b643f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80046da050]
16:14:17.401 AVAST engine scan C:\Windows
16:15:34.875 AVAST engine scan C:\Windows\system32
16:20:37.689 AVAST engine scan C:\Windows\system32\drivers
16:20:59.703 AVAST engine scan C:\Users\OH
17:15:56.267 AVAST engine scan C:\ProgramData
17:24:58.163 Scan finished successfully
18:20:47.852 Disk 0 MBR has been saved successfully to "C:\Users\OH\Desktop\MBR.dat"
18:20:47.858 The log file has been saved successfully to "C:\Users\OH\Desktop\aswMBR.txt"
 Code:
ATTFilter 18:26:30.0384 14308 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
18:26:32.0397 14308 ============================================================
18:26:32.0397 14308 Current date / time: 2013/05/23 18:26:32.0397
18:26:32.0398 14308 SystemInfo:
18:26:32.0398 14308
18:26:32.0398 14308 OS Version: 6.1.7601 ServicePack: 1.0
18:26:32.0398 14308 Product type: Workstation
18:26:32.0398 14308 ComputerName: OH-VAIO
18:26:32.0399 14308 UserName: OH
18:26:32.0399 14308 Windows directory: C:\Windows
18:26:32.0399 14308 System windows directory: C:\Windows
18:26:32.0399 14308 Running under WOW64
18:26:32.0399 14308 Processor architecture: Intel x64
18:26:32.0399 14308 Number of processors: 2
18:26:32.0399 14308 Page size: 0x1000
18:26:32.0399 14308 Boot type: Normal boot
18:26:32.0399 14308 ============================================================
18:26:33.0322 14308 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:26:33.0328 14308 ============================================================
18:26:33.0328 14308 \Device\Harddisk0\DR0:
18:26:33.0328 14308 MBR partitions:
18:26:33.0328 14308 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x220C000, BlocksNum 0x32000
18:26:33.0328 14308 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x223E000, BlocksNum 0x38148030
18:26:33.0328 14308 ============================================================
18:26:33.0367 14308 C: <-> \Device\Harddisk0\DR0\Partition2
18:26:33.0367 14308 ============================================================
18:26:33.0367 14308 Initialize success
18:26:33.0367 14308 ============================================================
18:28:04.0617 13496 ============================================================
18:28:04.0617 13496 Scan started
18:28:04.0617 13496 Mode: Manual; SigCheck; TDLFS;
18:28:04.0617 13496 ============================================================
18:28:04.0822 13496 ================ Scan system memory ========================
18:28:04.0822 13496 System memory - ok
18:28:04.0822 13496 ================ Scan services =============================
18:28:05.0002 13496 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
18:28:05.0167 13496 1394ohci - ok
18:28:05.0263 13496 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
18:28:05.0296 13496 ACDaemon - ok
18:28:05.0347 13496 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
18:28:05.0383 13496 ACPI - ok
18:28:05.0405 13496 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
18:28:05.0512 13496 AcpiPmi - ok
18:28:05.0584 13496 [ 1474F121C3DF1232D3E7239C03691EE6 ] AdobeActiveFileMonitor9.0 C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
18:28:05.0607 13496 AdobeActiveFileMonitor9.0 - ok
18:28:05.0712 13496 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:28:05.0740 13496 AdobeARMservice - ok
18:28:05.0881 13496 [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:28:05.0905 13496 AdobeFlashPlayerUpdateSvc - ok
18:28:05.0951 13496 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
18:28:05.0977 13496 adp94xx - ok
18:28:06.0032 13496 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
18:28:06.0071 13496 adpahci - ok
18:28:06.0089 13496 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
18:28:06.0107 13496 adpu320 - ok
18:28:06.0134 13496 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:28:06.0292 13496 AeLookupSvc - ok
18:28:06.0343 13496 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
18:28:06.0426 13496 AFD - ok
18:28:06.0452 13496 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
18:28:06.0469 13496 agp440 - ok
18:28:06.0577 13496 [ 1CC3E547FE3DEC8272780F24F3059519 ] AHDDC2 C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe
18:28:06.0663 13496 AHDDC2 - ok
18:28:06.0700 13496 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
18:28:06.0732 13496 ALG - ok
18:28:06.0773 13496 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
18:28:06.0786 13496 aliide - ok
18:28:06.0822 13496 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
18:28:06.0837 13496 amdide - ok
18:28:06.0855 13496 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
18:28:06.0896 13496 AmdK8 - ok
18:28:06.0929 13496 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
18:28:06.0991 13496 AmdPPM - ok
18:28:07.0018 13496 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
18:28:07.0034 13496 amdsata - ok
18:28:07.0062 13496 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
18:28:07.0080 13496 amdsbs - ok
18:28:07.0099 13496 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
18:28:07.0112 13496 amdxata - ok
18:28:07.0197 13496 [ 07B0B7175C61F65483D60577AC864B41 ] AntiVirFirewallService C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe
18:28:07.0265 13496 AntiVirFirewallService - ok
18:28:07.0328 13496 [ 50DDEB8CA3620655B9FF68FFFC41248E ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe
18:28:07.0349 13496 AntiVirMailService - ok
18:28:07.0411 13496 [ BD33282EC067551060DC3A9628160E5B ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
18:28:07.0432 13496 AntiVirSchedulerService - ok
18:28:07.0475 13496 [ 2B73EF0F975642509AB66827C4E9D6C8 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
18:28:07.0496 13496 AntiVirService - ok
18:28:07.0527 13496 [ F46BD152C8A9C4EBAE2EC51B063DE0ED ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
18:28:07.0553 13496 AntiVirWebService - ok
18:28:07.0631 13496 [ 85180CF88C5EBAD73B452A43A004CA51 ] AOL ACS C:\Program Files (x86)\Common Files\AOL\ACS\AOLAcsd.exe
18:28:07.0669 13496 AOL ACS - ok
18:28:07.0717 13496 [ 12BFA9EC4B03CC16BB7D19BAA308AEF2 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys
18:28:07.0746 13496 ApfiltrService - ok
18:28:07.0797 13496 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
18:28:07.0990 13496 AppID - ok
18:28:08.0015 13496 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
18:28:08.0086 13496 AppIDSvc - ok
18:28:08.0150 13496 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
18:28:08.0208 13496 Appinfo - ok
18:28:08.0265 13496 [ 20F6F19FE9E753F2780DC2FA083AD597 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:28:08.0279 13496 Apple Mobile Device - ok
18:28:08.0336 13496 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
18:28:08.0356 13496 arc - ok
18:28:08.0384 13496 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
18:28:08.0398 13496 arcsas - ok
18:28:08.0426 13496 [ C130BC4A51B1382B2BE8E44579EC4C0A ] ArcSoftKsUFilter C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
18:28:08.0437 13496 ArcSoftKsUFilter - ok
18:28:08.0522 13496 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:28:08.0558 13496 aspnet_state - ok
18:28:08.0581 13496 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:28:08.0661 13496 AsyncMac - ok
18:28:08.0688 13496 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
18:28:08.0701 13496 atapi - ok
18:28:08.0741 13496 [ 50F257E19554421B6891E3F998EDCA90 ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys
18:28:08.0821 13496 AthBTPort - ok
18:28:08.0867 13496 [ 4119870B90E1B5E7797D6433D21F9216 ] ATHDFU C:\Windows\System32\Drivers\AthDfu.sys
18:28:08.0918 13496 ATHDFU - ok
18:28:08.0968 13496 [ 650F111D5CDA64C10AE4B9D1BA9D4FFF ] Atheros Bt&Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
18:28:08.0988 13496 Atheros Bt&Wlan Coex Agent ( UnsignedFile.Multi.Generic ) - warning
18:28:08.0988 13496 Atheros Bt&Wlan Coex Agent - detected UnsignedFile.Multi.Generic (1)
18:28:09.0027 13496 [ 4D643CD9E892E559355B7A77D532BD38 ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
18:28:09.0062 13496 AtherosSvc ( UnsignedFile.Multi.Generic ) - warning
18:28:09.0062 13496 AtherosSvc - detected UnsignedFile.Multi.Generic (1)
18:28:09.0178 13496 [ A5E770426D18F8EF332A593F3289DA91 ] athr C:\Windows\system32\DRIVERS\athrx.sys
18:28:09.0363 13496 athr - ok
18:28:09.0410 13496 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:28:09.0494 13496 AudioEndpointBuilder - ok
18:28:09.0519 13496 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
18:28:09.0564 13496 AudioSrv - ok
18:28:09.0607 13496 [ AA63DDD55F620BF96F1114F3BE3691C0 ] avfwim C:\Windows\system32\DRIVERS\avfwim.sys
18:28:09.0622 13496 avfwim - ok
18:28:09.0671 13496 [ 2427ABF5319463B9B7DF062C79967E9E ] avfwot C:\Windows\system32\DRIVERS\avfwot.sys
18:28:09.0820 13496 avfwot - ok
18:28:09.0892 13496 [ 09E6069EF94B345061B4BD3CEBD974C8 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
18:28:09.0908 13496 avgntflt - ok
18:28:09.0946 13496 [ 488486DAD09A5B6C6DBB8B990A8B2307 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
18:28:09.0961 13496 avipbb - ok
18:28:09.0978 13496 [ 490FA25161BF3E51993EB724ECF0ACEB ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
18:28:09.0990 13496 avkmgr - ok
18:28:10.0062 13496 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
18:28:10.0370 13496 AxInstSV - ok
18:28:10.0508 13496 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
18:28:10.0625 13496 b06bdrv - ok
18:28:10.0823 13496 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
18:28:10.0913 13496 b57nd60a - ok
18:28:10.0977 13496 [ 93EE7D9C35AE7E9FFDA148D7805F1421 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
18:28:10.0994 13496 BBSvc - ok
18:28:11.0033 13496 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
18:28:11.0071 13496 BDESVC - ok
18:28:11.0152 13496 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
18:28:11.0258 13496 Beep - ok
18:28:11.0306 13496 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
18:28:11.0383 13496 BFE - ok
18:28:11.0429 13496 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
18:28:11.0533 13496 BITS - ok
18:28:11.0576 13496 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
18:28:11.0607 13496 blbdrive - ok
18:28:11.0664 13496 [ F2060A34C8A75BC24A9222EB4F8C07BD ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
18:28:11.0685 13496 Bonjour Service - ok
18:28:11.0724 13496 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:28:11.0769 13496 bowser - ok
18:28:11.0786 13496 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
18:28:11.0825 13496 BrFiltLo - ok
18:28:11.0840 13496 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
18:28:11.0859 13496 BrFiltUp - ok
18:28:11.0913 13496 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
18:28:11.0979 13496 BridgeMP - ok
18:28:12.0006 13496 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
18:28:12.0056 13496 Browser - ok
18:28:12.0072 13496 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
18:28:12.0160 13496 Brserid - ok
18:28:12.0171 13496 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
18:28:12.0204 13496 BrSerWdm - ok
18:28:12.0244 13496 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
18:28:12.0281 13496 BrUsbMdm - ok
18:28:12.0315 13496 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
18:28:12.0339 13496 BrUsbSer - ok
18:28:12.0396 13496 [ B3BCD755FA9A359D10208CC9F09847CC ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys
18:28:12.0474 13496 BTATH_A2DP - ok
18:28:12.0497 13496 [ 9BBBA9D6DBDEFC8A6542BC7A6EBAF710 ] btath_avdt C:\Windows\system32\drivers\btath_avdt.sys
18:28:12.0544 13496 btath_avdt - ok
18:28:12.0581 13496 [ D838DD1BCB328EFCFAD7A52DE9E3CAFD ] BTATH_BUS C:\Windows\system32\drivers\btath_bus.sys
18:28:12.0628 13496 BTATH_BUS - ok
18:28:12.0656 13496 [ A441B800E04CF8443FAF519207563ABB ] BTATH_HCRP C:\Windows\system32\drivers\btath_hcrp.sys
18:28:12.0694 13496 BTATH_HCRP - ok
18:28:12.0736 13496 [ B16F8429A35BBA2A8EF9DB2E08675B97 ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys
18:28:12.0803 13496 BTATH_LWFLT - ok
18:28:12.0849 13496 [ C24231C6BDFE21735930084A22089AAB ] BTATH_RCP C:\Windows\system32\drivers\btath_rcp.sys
18:28:12.0909 13496 BTATH_RCP - ok
18:28:12.0960 13496 [ 6C4911B6FB92984FBEF775674795CFA2 ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys
18:28:13.0024 13496 BtFilter - ok
18:28:13.0063 13496 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
18:28:13.0112 13496 BthEnum - ok
18:28:13.0146 13496 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
18:28:13.0185 13496 BTHMODEM - ok
18:28:13.0233 13496 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
18:28:13.0278 13496 BthPan - ok
18:28:13.0347 13496 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
18:28:13.0423 13496 BTHPORT - ok
18:28:13.0460 13496 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
18:28:13.0502 13496 bthserv - ok
18:28:13.0530 13496 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
18:28:13.0553 13496 BTHUSB - ok
18:28:13.0612 13496 catchme - ok
18:28:13.0645 13496 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:28:13.0714 13496 cdfs - ok
18:28:13.0754 13496 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
18:28:13.0772 13496 cdrom - ok
18:28:13.0807 13496 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
18:28:13.0863 13496 CertPropSvc - ok
18:28:13.0917 13496 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
18:28:13.0956 13496 circlass - ok
18:28:13.0987 13496 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
18:28:14.0010 13496 CLFS - ok
18:28:14.0070 13496 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:28:14.0098 13496 clr_optimization_v2.0.50727_32 - ok
18:28:14.0126 13496 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:28:14.0140 13496 clr_optimization_v2.0.50727_64 - ok
18:28:14.0194 13496 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:28:14.0221 13496 clr_optimization_v4.0.30319_32 - ok
18:28:14.0262 13496 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:28:14.0291 13496 clr_optimization_v4.0.30319_64 - ok
18:28:14.0323 13496 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
18:28:14.0349 13496 CmBatt - ok
18:28:14.0368 13496 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:28:14.0382 13496 cmdide - ok
18:28:14.0413 13496 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
18:28:14.0459 13496 CNG - ok
18:28:14.0559 13496 [ 1F394DF3714ED4280047810790E6DF69 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
18:28:14.0654 13496 CnxtHdAudService - ok
18:28:14.0689 13496 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
18:28:14.0701 13496 Compbatt - ok
18:28:14.0727 13496 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
18:28:14.0763 13496 CompositeBus - ok
18:28:14.0786 13496 COMSysApp - ok
18:28:14.0807 13496 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
18:28:14.0820 13496 crcdisk - ok
18:28:14.0859 13496 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:28:14.0908 13496 CryptSvc - ok
18:28:14.0998 13496 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
18:28:15.0059 13496 cvhsvc - ok
18:28:15.0095 13496 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
18:28:15.0165 13496 DcomLaunch - ok
18:28:15.0205 13496 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
18:28:15.0268 13496 defragsvc - ok
18:28:15.0301 13496 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:28:15.0357 13496 DfsC - ok
18:28:15.0416 13496 [ D51B32BA3897F630D99713B74B40D6A2 ] DfSdkS C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\DfsdkS64.exe
18:28:15.0433 13496 DfSdkS ( UnsignedFile.Multi.Generic ) - warning
18:28:15.0433 13496 DfSdkS - detected UnsignedFile.Multi.Generic (1)
18:28:15.0466 13496 [ B9430166FEB246F6070A62B3554932C9 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
18:28:15.0480 13496 dg_ssudbus - ok
18:28:15.0524 13496 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
18:28:15.0597 13496 Dhcp - ok
18:28:15.0627 13496 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
18:28:15.0679 13496 discache - ok
18:28:15.0728 13496 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
18:28:15.0742 13496 Disk - ok
18:28:15.0775 13496 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:28:15.0843 13496 Dnscache - ok
18:28:15.0875 13496 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
18:28:15.0937 13496 dot3svc - ok
18:28:15.0984 13496 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
18:28:16.0018 13496 Dot4 - ok
18:28:16.0052 13496 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
18:28:16.0070 13496 Dot4Print - ok
18:28:16.0095 13496 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
18:28:16.0127 13496 dot4usb - ok
18:28:16.0167 13496 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
18:28:16.0227 13496 DPS - ok
18:28:16.0260 13496 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:28:16.0286 13496 drmkaud - ok
18:28:16.0330 13496 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:28:16.0405 13496 DXGKrnl - ok
18:28:16.0441 13496 [ 50AD8FC1DC800FF36087994C8F7FDFF2 ] e1yexpress C:\Windows\system32\DRIVERS\e1y60x64.sys
18:28:16.0470 13496 e1yexpress - ok
18:28:16.0498 13496 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
18:28:16.0552 13496 EapHost - ok
18:28:16.0663 13496 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
18:28:16.0778 13496 ebdrv - ok
18:28:16.0809 13496 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
18:28:16.0832 13496 EFS - ok
18:28:16.0883 13496 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:28:16.0947 13496 ehRecvr - ok
18:28:16.0961 13496 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
18:28:16.0990 13496 ehSched - ok
18:28:17.0039 13496 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
18:28:17.0067 13496 elxstor - ok
18:28:17.0090 13496 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:28:17.0116 13496 ErrDev - ok
18:28:17.0157 13496 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
18:28:17.0216 13496 EventSystem - ok
18:28:17.0240 13496 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
18:28:17.0283 13496 exfat - ok
18:28:17.0331 13496 Fabs - ok
18:28:17.0355 13496 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:28:17.0601 13496 fastfat - ok
18:28:17.0645 13496 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
18:28:17.0725 13496 Fax - ok
18:28:17.0751 13496 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
18:28:17.0787 13496 fdc - ok
18:28:17.0823 13496 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
18:28:17.0870 13496 fdPHost - ok
18:28:17.0894 13496 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
18:28:17.0952 13496 FDResPub - ok
18:28:17.0983 13496 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:28:17.0997 13496 FileInfo - ok
18:28:18.0025 13496 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:28:18.0080 13496 Filetrace - ok
18:28:18.0187 13496 [ 5BD96D8C5411ACE71A7EAACAF0EF2903 ] FirebirdServerMAGIXInstance C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
18:28:18.0303 13496 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning
18:28:18.0303 13496 FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1)
18:28:18.0346 13496 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
18:28:18.0362 13496 flpydisk - ok
18:28:18.0406 13496 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:28:18.0429 13496 FltMgr - ok
18:28:18.0481 13496 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
18:28:18.0550 13496 FontCache - ok
18:28:18.0596 13496 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:28:18.0608 13496 FontCache3.0.0.0 - ok
18:28:18.0620 13496 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
18:28:18.0635 13496 FsDepends - ok
18:28:18.0684 13496 [ B16B626996C74B564005BA855C5DEE90 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
18:28:18.0701 13496 fssfltr - ok
18:28:18.0781 13496 [ 812E1BA5C52A78F13EA6AA10DF708B1D ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
18:28:18.0873 13496 fsssvc - ok
18:28:18.0899 13496 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:28:18.0912 13496 Fs_Rec - ok
18:28:18.0938 13496 [ FA169871D8FADCC6539C4E8726610286 ] FTDIBUS C:\Windows\system32\drivers\ftdibus.sys
18:28:18.0951 13496 FTDIBUS - ok
18:28:18.0988 13496 [ 24237091348D1EFB5635A1CF9649E311 ] FTSER2K C:\Windows\system32\drivers\ftser2k.sys
18:28:19.0000 13496 FTSER2K - ok
18:28:19.0057 13496 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
18:28:19.0082 13496 fvevol - ok
18:28:19.0108 13496 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
18:28:19.0121 13496 gagp30kx - ok
18:28:19.0208 13496 [ 2973B4EB7BE10A0D491B2037DCAAE88F ] Garmin Core Update Service C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
18:28:19.0226 13496 Garmin Core Update Service - ok
18:28:19.0253 13496 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:28:19.0266 13496 GEARAspiWDM - ok
18:28:19.0299 13496 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
18:28:19.0370 13496 gpsvc - ok
18:28:19.0421 13496 [ 2ED7FF3E1ADA4092632393781518B3A7 ] grmnusb C:\Windows\system32\drivers\grmnusb.sys
18:28:19.0433 13496 grmnusb - ok
18:28:19.0486 13496 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:28:19.0499 13496 gupdate - ok
18:28:19.0519 13496 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:28:19.0528 13496 gupdatem - ok
18:28:19.0555 13496 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
18:28:19.0595 13496 hcw85cir - ok
18:28:19.0643 13496 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:28:19.0690 13496 HdAudAddService - ok
18:28:19.0718 13496 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
18:28:19.0750 13496 HDAudBus - ok
18:28:19.0781 13496 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
18:28:19.0815 13496 HidBatt - ok
18:28:19.0863 13496 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
18:28:19.0900 13496 HidBth - ok
18:28:19.0919 13496 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
18:28:19.0939 13496 HidIr - ok
18:28:19.0959 13496 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
18:28:20.0022 13496 hidserv - ok
18:28:20.0070 13496 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
18:28:20.0084 13496 HidUsb - ok
18:28:20.0120 13496 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:28:20.0183 13496 hkmsvc - ok
18:28:20.0212 13496 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:28:20.0277 13496 HomeGroupListener - ok
18:28:20.0303 13496 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:28:20.0336 13496 HomeGroupProvider - ok
18:28:20.0360 13496 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
18:28:20.0376 13496 HpSAMD - ok
18:28:20.0416 13496 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:28:20.0496 13496 HTTP - ok
18:28:20.0562 13496 [ 4B5C07DB91A0099272FAAE732E1152BD ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys
18:28:20.0628 13496 hwdatacard - ok
18:28:20.0661 13496 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
18:28:20.0677 13496 hwpolicy - ok
18:28:20.0713 13496 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
18:28:20.0733 13496 i8042prt - ok
18:28:20.0764 13496 [ F7CE9BE72EDAC499B713ECA6DAE5D26F ] iaStor C:\Windows\system32\drivers\iaStor.sys
18:28:20.0786 13496 iaStor - ok
18:28:20.0835 13496 [ B25F192EA1F84A316EB7C19EFCCCF33D ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
18:28:20.0846 13496 IAStorDataMgrSvc - ok
18:28:20.0889 13496 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
18:28:20.0914 13496 iaStorV - ok
18:28:21.0012 13496 [ 3CC7B3BB1A9EA201A040883EDFAA67A0 ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
18:28:21.0104 13496 IconMan_R - ok
18:28:21.0175 13496 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:28:21.0239 13496 idsvc - ok
18:28:21.0520 13496 [ EFE5A0AF39A8E179624117C521F1E012 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
18:28:21.0920 13496 igfx - ok
18:28:21.0947 13496 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
18:28:21.0959 13496 iirsp - ok
18:28:22.0013 13496 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
18:28:22.0101 13496 IKEEXT - ok
18:28:22.0158 13496 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
18:28:22.0187 13496 IntcDAud - ok
18:28:22.0209 13496 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
18:28:22.0222 13496 intelide - ok
18:28:22.0254 13496 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
18:28:22.0286 13496 intelppm - ok
18:28:22.0312 13496 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:28:22.0370 13496 IPBusEnum - ok
18:28:22.0391 13496 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:28:22.0433 13496 IpFilterDriver - ok
18:28:22.0465 13496 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
18:28:22.0524 13496 iphlpsvc - ok
18:28:22.0552 13496 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
18:28:22.0583 13496 IPMIDRV - ok
18:28:22.0608 13496 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
18:28:22.0669 13496 IPNAT - ok
18:28:22.0749 13496 [ D38469601B72D2DA4F847FC642174E21 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
18:28:22.0800 13496 iPod Service - ok
18:28:22.0841 13496 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:28:22.0877 13496 IRENUM - ok
18:28:22.0911 13496 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:28:22.0924 13496 isapnp - ok
18:28:22.0946 13496 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
18:28:22.0965 13496 iScsiPrt - ok
18:28:22.0987 13496 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
18:28:23.0000 13496 kbdclass - ok
18:28:23.0023 13496 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
18:28:23.0053 13496 kbdhid - ok
18:28:23.0070 13496 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
18:28:23.0083 13496 KeyIso - ok
18:28:23.0110 13496 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:28:23.0125 13496 KSecDD - ok
18:28:23.0144 13496 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
18:28:23.0160 13496 KSecPkg - ok
18:28:23.0186 13496 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
18:28:23.0243 13496 ksthunk - ok
18:28:23.0272 13496 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
18:28:23.0321 13496 KtmRm - ok
18:28:23.0356 13496 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
18:28:23.0416 13496 LanmanServer - ok
18:28:23.0453 13496 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:28:23.0514 13496 LanmanWorkstation - ok
18:28:23.0548 13496 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:28:23.0727 13496 lltdio - ok
18:28:23.0756 13496 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:28:23.0841 13496 lltdsvc - ok
18:28:23.0861 13496 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
18:28:23.0922 13496 lmhosts - ok
18:28:23.0988 13496 [ 98B16E756243BEA9410E32025B19C06F ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
18:28:24.0004 13496 LMS - ok
18:28:24.0027 13496 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
18:28:24.0043 13496 LSI_FC - ok
18:28:24.0066 13496 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
18:28:24.0081 13496 LSI_SAS - ok
18:28:24.0121 13496 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
18:28:24.0134 13496 LSI_SAS2 - ok
18:28:24.0158 13496 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
18:28:24.0174 13496 LSI_SCSI - ok
18:28:24.0193 13496 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
18:28:24.0247 13496 luafv - ok
18:28:24.0361 13496 [ DDCC236009C707761D60E5C76D639176 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe
18:28:24.0400 13496 McComponentHostService - ok
18:28:24.0443 13496 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:28:24.0482 13496 Mcx2Svc - ok
18:28:24.0532 13496 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
18:28:24.0562 13496 megasas - ok
18:28:24.0597 13496 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
18:28:24.0627 13496 MegaSR - ok
18:28:24.0657 13496 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\drivers\HECIx64.sys
18:28:24.0670 13496 MEIx64 - ok
18:28:24.0698 13496 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
18:28:24.0743 13496 MMCSS - ok
18:28:24.0756 13496 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
18:28:24.0809 13496 Modem - ok
18:28:24.0840 13496 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:28:24.0877 13496 monitor - ok
18:28:24.0908 13496 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:28:24.0923 13496 mouclass - ok
18:28:24.0947 13496 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:28:24.0976 13496 mouhid - ok
18:28:25.0000 13496 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
18:28:25.0016 13496 mountmgr - ok
18:28:25.0107 13496 [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:28:25.0124 13496 MozillaMaintenance - ok
18:28:25.0146 13496 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
18:28:25.0165 13496 mpio - ok
18:28:25.0179 13496 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:28:25.0219 13496 mpsdrv - ok
18:28:25.0265 13496 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
18:28:25.0330 13496 MpsSvc - ok
18:28:25.0350 13496 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:28:25.0388 13496 MRxDAV - ok
18:28:25.0424 13496 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:28:25.0474 13496 mrxsmb - ok
18:28:25.0504 13496 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:28:25.0525 13496 mrxsmb10 - ok
18:28:25.0539 13496 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:28:25.0554 13496 mrxsmb20 - ok
18:28:25.0581 13496 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
18:28:25.0594 13496 msahci - ok
18:28:25.0622 13496 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:28:25.0639 13496 msdsm - ok
18:28:25.0655 13496 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
18:28:25.0692 13496 MSDTC - ok
18:28:25.0719 13496 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:28:25.0780 13496 Msfs - ok
18:28:25.0792 13496 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
18:28:25.0842 13496 mshidkmdf - ok
18:28:25.0854 13496 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:28:25.0866 13496 msisadrv - ok
18:28:25.0896 13496 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:28:25.0955 13496 MSiSCSI - ok
18:28:25.0959 13496 msiserver - ok
18:28:25.0985 13496 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:28:26.0046 13496 MSKSSRV - ok
18:28:26.0072 13496 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:28:26.0127 13496 MSPCLOCK - ok
18:28:26.0146 13496 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:28:26.0199 13496 MSPQM - ok
18:28:26.0221 13496 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:28:26.0242 13496 MsRPC - ok
18:28:26.0275 13496 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
18:28:26.0288 13496 mssmbios - ok
18:28:26.0316 13496 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:28:26.0374 13496 MSTEE - ok
18:28:26.0396 13496 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
18:28:26.0421 13496 MTConfig - ok
18:28:26.0451 13496 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
18:28:26.0464 13496 Mup - ok
18:28:26.0490 13496 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
18:28:26.0560 13496 napagent - ok
18:28:26.0614 13496 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:28:26.0657 13496 NativeWifiP - ok
18:28:26.0705 13496 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
18:28:26.0764 13496 NDIS - ok
18:28:26.0794 13496 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
18:28:26.0836 13496 NdisCap - ok
18:28:26.0857 13496 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:28:26.0895 13496 NdisTapi - ok
18:28:26.0925 13496 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:28:26.0976 13496 Ndisuio - ok
18:28:27.0001 13496 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:28:27.0056 13496 NdisWan - ok
18:28:27.0080 13496 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:28:27.0120 13496 NDProxy - ok
18:28:27.0163 13496 [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
18:28:27.0178 13496 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
18:28:27.0178 13496 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
18:28:27.0221 13496 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:28:27.0293 13496 NetBIOS - ok
18:28:27.0317 13496 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
18:28:27.0359 13496 NetBT - ok
18:28:27.0373 13496 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
18:28:27.0385 13496 Netlogon - ok
18:28:27.0431 13496 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
18:28:27.0507 13496 Netman - ok
18:28:27.0547 13496 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:28:27.0560 13496 NetMsmqActivator - ok
18:28:27.0578 13496 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:28:27.0590 13496 NetPipeActivator - ok
18:28:27.0614 13496 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
18:28:27.0679 13496 netprofm - ok
18:28:27.0701 13496 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:28:27.0712 13496 NetTcpActivator - ok
18:28:27.0735 13496 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:28:27.0746 13496 NetTcpPortSharing - ok
18:28:27.0857 13496 [ 82FFC84EC3AFC2F2D38DB880F50157C0 ] Netzmanager Service C:\Program Files\Netzmanager\NMInfraIS2\Netzmanager_Service.exe
18:28:27.0960 13496 Netzmanager Service ( UnsignedFile.Multi.Generic ) - warning
18:28:27.0960 13496 Netzmanager Service - detected UnsignedFile.Multi.Generic (1)
18:28:28.0007 13496 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
18:28:28.0023 13496 nfrd960 - ok
18:28:28.0067 13496 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
18:28:28.0088 13496 NlaSvc - ok
18:28:28.0136 13496 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:28:28.0180 13496 Npfs - ok
18:28:28.0202 13496 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
18:28:28.0242 13496 nsi - ok
18:28:28.0250 13496 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:28:28.0302 13496 nsiproxy - ok
18:28:28.0361 13496 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:28:28.0451 13496 Ntfs - ok
18:28:28.0466 13496 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
18:28:28.0519 13496 Null - ok
18:28:28.0795 13496 [ DD81FBC57AB9134CDDC5CE90880BFD80 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:28:29.0175 13496 nvlddmkm - ok
18:28:29.0233 13496 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:28:29.0263 13496 nvraid - ok
18:28:29.0289 13496 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:28:29.0307 13496 nvstor - ok
18:28:29.0346 13496 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:28:29.0361 13496 nv_agp - ok
18:28:29.0387 13496 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
18:28:29.0432 13496 ohci1394 - ok
18:28:29.0470 13496 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:28:29.0488 13496 ose - ok
18:28:29.0638 13496 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:28:29.0941 13496 osppsvc - ok
18:28:30.0001 13496 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
18:28:30.0085 13496 p2pimsvc - ok
18:28:30.0141 13496 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
18:28:30.0193 13496 p2psvc - ok
18:28:30.0230 13496 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
18:28:30.0266 13496 Parport - ok
18:28:30.0293 13496 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:28:30.0308 13496 partmgr - ok
18:28:30.0323 13496 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
18:28:30.0362 13496 PcaSvc - ok
18:28:30.0387 13496 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
18:28:30.0403 13496 pci - ok
18:28:30.0422 13496 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
18:28:30.0434 13496 pciide - ok
18:28:30.0448 13496 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
18:28:30.0466 13496 pcmcia - ok
18:28:30.0479 13496 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
18:28:30.0492 13496 pcw - ok
18:28:30.0516 13496 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:28:30.0582 13496 PEAUTH - ok
18:28:30.0675 13496 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
18:28:30.0721 13496 PerfHost - ok
18:28:30.0785 13496 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
18:28:30.0881 13496 pla - ok
18:28:30.0926 13496 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:28:30.0986 13496 PlugPlay - ok
18:28:31.0077 13496 [ 63694C307273062A2167AE4CE80730EF ] PMBDeviceInfoProvider C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
18:28:31.0117 13496 PMBDeviceInfoProvider - ok
18:28:31.0153 13496 [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
18:28:31.0160 13496 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
18:28:31.0160 13496 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
18:28:31.0172 13496 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
18:28:31.0186 13496 PNRPAutoReg - ok
18:28:31.0209 13496 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
18:28:31.0224 13496 PNRPsvc - ok
18:28:31.0259 13496 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:28:31.0330 13496 PolicyAgent - ok
18:28:31.0363 13496 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
18:28:31.0419 13496 Power - ok
18:28:31.0452 13496 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:28:31.0510 13496 PptpMiniport - ok
18:28:31.0542 13496 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
18:28:31.0575 13496 Processor - ok
18:28:31.0614 13496 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
18:28:31.0658 13496 ProfSvc - ok
18:28:31.0676 13496 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:28:31.0690 13496 ProtectedStorage - ok
18:28:31.0731 13496 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
18:28:31.0791 13496 Psched - ok
18:28:31.0837 13496 [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
18:28:31.0850 13496 PxHlpa64 - ok
18:28:31.0901 13496 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
18:28:31.0976 13496 ql2300 - ok
18:28:31.0992 13496 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
18:28:32.0007 13496 ql40xx - ok
18:28:32.0035 13496 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
18:28:32.0061 13496 QWAVE - ok
18:28:32.0070 13496 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:28:32.0110 13496 QWAVEdrv - ok
18:28:32.0131 13496 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:28:32.0182 13496 RasAcd - ok
18:28:32.0219 13496 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
18:28:32.0260 13496 RasAgileVpn - ok
18:28:32.0294 13496 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
18:28:32.0353 13496 RasAuto - ok
18:28:32.0379 13496 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:28:32.0436 13496 Rasl2tp - ok
18:28:32.0492 13496 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
18:28:32.0541 13496 RasMan - ok
18:28:32.0556 13496 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:28:32.0616 13496 RasPppoe - ok
18:28:32.0644 13496 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:28:32.0695 13496 RasSstp - ok
18:28:32.0726 13496 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:28:32.0787 13496 rdbss - ok
18:28:32.0812 13496 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
18:28:32.0846 13496 rdpbus - ok
18:28:32.0861 13496 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:28:32.0901 13496 RDPCDD - ok
18:28:32.0926 13496 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:28:32.0977 13496 RDPENCDD - ok
18:28:32.0996 13496 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
18:28:33.0034 13496 RDPREFMP - ok
18:28:33.0062 13496 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:28:33.0106 13496 RDPWD - ok
18:28:33.0142 13496 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
18:28:33.0161 13496 rdyboost - ok
18:28:33.0174 13496 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
18:28:33.0218 13496 RemoteAccess - ok
18:28:33.0241 13496 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:28:33.0302 13496 RemoteRegistry - ok
18:28:33.0356 13496 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
18:28:33.0390 13496 RFCOMM - ok
18:28:33.0434 13496 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
18:28:33.0495 13496 RpcEptMapper - ok
18:28:33.0528 13496 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
18:28:33.0543 13496 RpcLocator - ok
18:28:33.0561 13496 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
18:28:33.0607 13496 RpcSs - ok
18:28:33.0642 13496 [ EBBFA2B4E317AF86E93FEC4C04D7A9B3 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
18:28:33.0664 13496 RSPCIESTOR - ok
18:28:33.0684 13496 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:28:33.0725 13496 rspndr - ok
18:28:33.0761 13496 [ 5BDAF690FE82D8E531328DE7E766FB7A ] RT-USB C:\Windows\system32\drivers\RT-USB64.SYS
18:28:33.0776 13496 RT-USB - ok
18:28:33.0815 13496 [ EA5532868BA76923D75BCB2A1448D810 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
18:28:33.0839 13496 RTL8167 - ok
18:28:33.0866 13496 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
18:28:33.0879 13496 SamSs - ok
18:28:33.0904 13496 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:28:33.0920 13496 sbp2port - ok
18:28:33.0940 13496 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:28:33.0987 13496 SCardSvr - ok
18:28:34.0003 13496 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
18:28:34.0058 13496 scfilter - ok
18:28:34.0092 13496 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
18:28:34.0169 13496 Schedule - ok
18:28:34.0187 13496 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
18:28:34.0224 13496 SCPolicySvc - ok
18:28:34.0252 13496 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
18:28:34.0287 13496 sdbus - ok
18:28:34.0317 13496 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:28:34.0343 13496 SDRSVC - ok
18:28:34.0406 13496 [ CC781378E7EDA615D2CDCA3B17829FA4 ] SeaPort C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
18:28:34.0445 13496 SeaPort - ok
18:28:34.0470 13496 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:28:34.0524 13496 secdrv - ok
18:28:34.0556 13496 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
18:28:34.0596 13496 seclogon - ok
18:28:34.0616 13496 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
18:28:34.0669 13496 SENS - ok
18:28:34.0701 13496 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
18:28:34.0752 13496 SensrSvc - ok
18:28:34.0795 13496 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
18:28:34.0828 13496 Serenum - ok
18:28:34.0844 13496 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
18:28:34.0870 13496 Serial - ok
18:28:34.0902 13496 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
18:28:34.0938 13496 sermouse - ok
18:28:34.0974 13496 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
18:28:35.0026 13496 SessionEnv - ok
18:28:35.0059 13496 [ 286D3889E6AB5589646FF8A63CB928AE ] SFEP C:\Windows\system32\drivers\SFEP.sys
18:28:35.0104 13496 SFEP - ok
18:28:35.0113 13496 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:28:35.0131 13496 sffdisk - ok
18:28:35.0151 13496 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:28:35.0185 13496 sffp_mmc - ok
18:28:35.0215 13496 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:28:35.0253 13496 sffp_sd - ok
18:28:35.0283 13496 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
18:28:35.0308 13496 sfloppy - ok
18:28:35.0358 13496 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
18:28:35.0400 13496 Sftfs - ok
18:28:35.0458 13496 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
18:28:35.0505 13496 sftlist - ok
18:28:35.0526 13496 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
18:28:35.0544 13496 Sftplay - ok
18:28:35.0559 13496 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
18:28:35.0570 13496 Sftredir - ok
18:28:35.0597 13496 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
18:28:35.0608 13496 Sftvol - ok
18:28:35.0621 13496 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
18:28:35.0637 13496 sftvsa - ok
18:28:35.0682 13496 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:28:35.0753 13496 SharedAccess - ok
18:28:35.0792 13496 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:28:35.0876 13496 ShellHWDetection - ok
18:28:35.0916 13496 [ 720088AAD691FF1D90BE8EC28727F6CA ] silabenm C:\Windows\system32\DRIVERS\silabenm.sys
18:28:35.0970 13496 silabenm - ok
18:28:35.0990 13496 [ A2C45D9917F1D2136C17A32D9482C257 ] silabser C:\Windows\system32\DRIVERS\silabser.sys
18:28:36.0025 13496 silabser - ok
18:28:36.0070 13496 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
18:28:36.0086 13496 SiSRaid2 - ok
18:28:36.0109 13496 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
18:28:36.0123 13496 SiSRaid4 - ok
18:28:36.0184 13496 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
18:28:36.0201 13496 SkypeUpdate - ok
18:28:36.0217 13496 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:28:36.0257 13496 Smb - ok
18:28:36.0311 13496 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:28:36.0327 13496 SNMPTRAP - ok
18:28:36.0400 13496 [ DDF2EC98AF6FC70608A4F9CE4DB52758 ] SOHCImp C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
18:28:36.0427 13496 SOHCImp - ok
18:28:36.0440 13496 [ 5FA03F5EA6EFEF6D17B4A1A48C40A23C ] SOHDs C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
18:28:36.0452 13496 SOHDs - ok
18:28:36.0503 13496 [ 65E5659E9C2A0762D05657C0E22A7CA2 ] SpfService C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
18:28:36.0519 13496 SpfService - ok
18:28:36.0550 13496 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
18:28:36.0564 13496 spldr - ok
18:28:36.0596 13496 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
18:28:36.0648 13496 Spooler - ok
18:28:36.0759 13496 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
18:28:36.0933 13496 sppsvc - ok
18:28:36.0959 13496 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
18:28:37.0002 13496 sppuinotify - ok
18:28:37.0041 13496 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
18:28:37.0090 13496 srv - ok
18:28:37.0111 13496 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:28:37.0147 13496 srv2 - ok
18:28:37.0164 13496 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:28:37.0182 13496 srvnet - ok
18:28:37.0245 13496 [ 8F8324ED1DE63FFC7B1A02CD2D963C72 ] ssadbus C:\Windows\system32\DRIVERS\ssadbus.sys
18:28:37.0291 13496 ssadbus - ok
18:28:37.0324 13496 [ 58221EFCB74167B73667F0024C661CE0 ] ssadmdfl C:\Windows\system32\DRIVERS\ssadmdfl.sys
18:28:37.0369 13496 ssadmdfl - ok
18:28:37.0396 13496 [ 4DA7C71BFAC5AD71255B7E4CAB980163 ] ssadmdm C:\Windows\system32\DRIVERS\ssadmdm.sys
18:28:37.0438 13496 ssadmdm - ok
18:28:37.0483 13496 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:28:37.0531 13496 SSDPSRV - ok
18:28:37.0548 13496 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:28:37.0589 13496 SstpSvc - ok
18:28:37.0634 13496 [ C692C94FE55CAD0633440236022C27B3 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
18:28:37.0653 13496 ssudmdm - ok
18:28:37.0676 13496 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
18:28:37.0691 13496 stexstor - ok
18:28:37.0731 13496 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
18:28:37.0768 13496 StillCam - ok
18:28:37.0822 13496 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
18:28:38.0119 13496 stisvc - ok
18:28:38.0131 13496 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
18:28:38.0145 13496 swenum - ok
18:28:38.0176 13496 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
18:28:38.0246 13496 swprv - ok
18:28:38.0323 13496 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
18:28:38.0463 13496 SysMain - ok
18:28:38.0506 13496 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:28:38.0529 13496 TabletInputService - ok
18:28:38.0563 13496 [ F0B9D3ED88E56D3CD713DFF21E42AAF0 ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys
18:28:38.0603 13496 tap0901 - ok
18:28:38.0628 13496 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
18:28:38.0676 13496 TapiSrv - ok
18:28:38.0705 13496 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
18:28:38.0765 13496 TBS - ok
18:28:38.0827 13496 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:28:38.0935 13496 Tcpip - ok
18:28:39.0005 13496 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
18:28:39.0050 13496 TCPIP6 - ok
18:28:39.0084 13496 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:28:39.0097 13496 tcpipreg - ok
18:28:39.0129 13496 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:28:39.0178 13496 TDPIPE - ok
18:28:39.0204 13496 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:28:39.0219 13496 TDTCP - ok
18:28:39.0247 13496 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:28:39.0306 13496 tdx - ok
18:28:39.0361 13496 [ 4283D7125BA4BD0CB50BB0F78B54257A ] TelekomNM6 C:\Program Files\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys
18:28:39.0374 13496 TelekomNM6 - ok
18:28:39.0397 13496 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
18:28:39.0412 13496 TermDD - ok
18:28:39.0444 13496 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
18:28:39.0509 13496 TermService - ok
18:28:39.0521 13496 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
18:28:39.0542 13496 Themes - ok
18:28:39.0566 13496 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
18:28:39.0604 13496 THREADORDER - ok
18:28:39.0630 13496 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
18:28:39.0688 13496 TrkWks - ok
18:28:39.0734 13496 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:28:39.0790 13496 TrustedInstaller - ok
18:28:39.0817 13496 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:28:39.0868 13496 tssecsrv - ok
18:28:39.0897 13496 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
18:28:39.0939 13496 TsUsbFlt - ok
18:28:39.0969 13496 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
18:28:39.0985 13496 TsUsbGD - ok
18:28:40.0005 13496 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:28:40.0056 13496 tunnel - ok
18:28:40.0080 13496 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
18:28:40.0094 13496 uagp35 - ok
18:28:40.0143 13496 [ 1FE69F3C1CA1CF4B7EC7E2E9090FFFDC ] uCamMonitor C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
18:28:40.0159 13496 uCamMonitor - ok
18:28:40.0188 13496 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:28:40.0262 13496 udfs - ok
18:28:40.0297 13496 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:28:40.0326 13496 UI0Detect - ok
18:28:40.0365 13496 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:28:40.0380 13496 uliagpkx - ok
18:28:40.0430 13496 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
18:28:40.0463 13496 umbus - ok
18:28:40.0487 13496 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
18:28:40.0522 13496 UmPass - ok
18:28:40.0664 13496 [ 7A78ED1088890114DFDE2C4AB038D6B6 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
18:28:40.0774 13496 UNS - ok
18:28:40.0805 13496 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
18:28:40.0862 13496 upnphost - ok
18:28:40.0896 13496 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:28:40.0938 13496 usbccgp - ok
18:28:40.0988 13496 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:28:41.0014 13496 usbcir - ok
18:28:41.0042 13496 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
18:28:41.0072 13496 usbehci - ok
18:28:41.0113 13496 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:28:41.0167 13496 usbhub - ok
18:28:41.0197 13496 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
18:28:41.0228 13496 usbohci - ok
18:28:41.0270 13496 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
18:28:41.0312 13496 usbprint - ok
18:28:41.0344 13496 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:28:41.0411 13496 USBSTOR - ok
18:28:41.0444 13496 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
18:28:41.0488 13496 usbuhci - ok
18:28:41.0545 13496 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
18:28:41.0577 13496 usbvideo - ok
18:28:41.0600 13496 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
18:28:41.0658 13496 UxSms - ok
18:28:41.0714 13496 [ DCB1F83AD167D16D263CE57C94E9EEDF ] VAIO Event Service C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
18:28:41.0739 13496 VAIO Event Service - ok
18:28:41.0744 13496 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
18:28:41.0759 13496 VaultSvc - ok
18:28:41.0822 13496 [ D00058C1FFF3F3DE990444A5734E9639 ] VCFw C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
18:28:41.0887 13496 VCFw - ok
18:28:41.0959 13496 [ F19275655B42086C884ABCDAE2C659AE ] VcmIAlzMgr C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
18:28:42.0018 13496 VcmIAlzMgr - ok
18:28:42.0056 13496 [ 2F06D134554BA84FE253DBC481DCFE6D ] VcmINSMgr C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
18:28:42.0082 13496 VcmINSMgr - ok
18:28:42.0112 13496 [ 32A3735F6874B7783C6209ED5CA36D9D ] VcmXmlIfHelper C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
18:28:42.0126 13496 VcmXmlIfHelper - ok
18:28:42.0195 13496 [ D347D3ABE070AA09C22FC37121555D52 ] VCService C:\Program Files\Sony\VAIO Care\VCService.exe
18:28:42.0219 13496 VCService - ok
18:28:42.0262 13496 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
18:28:42.0277 13496 vdrvroot - ok
18:28:42.0307 13496 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
18:28:42.0394 13496 vds - ok
18:28:42.0426 13496 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:28:42.0444 13496 vga - ok
18:28:42.0456 13496 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
18:28:42.0515 13496 VgaSave - ok
18:28:42.0535 13496 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
18:28:42.0553 13496 vhdmp - ok
18:28:42.0569 13496 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
18:28:42.0582 13496 viaide - ok
18:28:42.0625 13496 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:28:42.0638 13496 volmgr - ok
18:28:42.0664 13496 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:28:42.0686 13496 volmgrx - ok
18:28:42.0715 13496 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:28:42.0734 13496 volsnap - ok
18:28:42.0781 13496 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
18:28:42.0797 13496 vsmraid - ok
18:28:42.0870 13496 [ 0ED394BFBA3EB4740F063E0BA5EC7104 ] VSNService C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
18:28:42.0943 13496 VSNService - ok
18:28:42.0999 13496 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
18:28:43.0121 13496 VSS - ok
18:28:43.0247 13496 [ D2D646D4D686C6996BA1FF96E11BE570 ] VUAgent C:\Program Files\Sony\VAIO Update\VUAgent.exe
18:28:43.0324 13496 VUAgent - ok
18:28:43.0349 13496 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
18:28:43.0386 13496 vwifibus - ok
18:28:43.0410 13496 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
18:28:43.0443 13496 vwififlt - ok
18:28:43.0474 13496 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
18:28:43.0518 13496 vwifimp - ok
18:28:43.0550 13496 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
18:28:43.0604 13496 W32Time - ok
18:28:43.0630 13496 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
18:28:43.0655 13496 WacomPen - ok
18:28:43.0690 13496 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
18:28:43.0749 13496 WANARP - ok
18:28:43.0754 13496 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:28:43.0791 13496 Wanarpv6 - ok
18:28:43.0842 13496 [ ECEB715BECE47E101DDEC06B11126066 ] wanatw C:\Windows\system32\DRIVERS\wanatw64.sys
18:28:43.0897 13496 wanatw - ok
18:28:43.0963 13496 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
18:28:44.0032 13496 WatAdminSvc - ok
18:28:44.0084 13496 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
18:28:44.0384 13496 wbengine - ok
18:28:44.0428 13496 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
18:28:44.0462 13496 WbioSrvc - ok
18:28:44.0504 13496 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:28:44.0555 13496 wcncsvc - ok
18:28:44.0612 13496 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:28:44.0670 13496 WcsPlugInService - ok
18:28:44.0703 13496 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
18:28:44.0717 13496 Wd - ok
18:28:44.0753 13496 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:28:44.0800 13496 Wdf01000 - ok
18:28:44.0823 13496 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:28:44.0949 13496 WdiServiceHost - ok
18:28:44.0954 13496 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:28:44.0979 13496 WdiSystemHost - ok
18:28:45.0025 13496 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
18:28:45.0062 13496 WebClient - ok
18:28:45.0070 13496 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:28:45.0139 13496 Wecsvc - ok
18:28:45.0171 13496 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:28:45.0215 13496 wercplsupport - ok
18:28:45.0242 13496 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
18:28:45.0295 13496 WerSvc - ok
18:28:45.0333 13496 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
18:28:45.0373 13496 WfpLwf - ok
18:28:45.0384 13496 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
18:28:45.0396 13496 WIMMount - ok
18:28:45.0413 13496 WinDefend - ok
18:28:45.0426 13496 WinHttpAutoProxySvc - ok
18:28:45.0497 13496 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:28:45.0563 13496 Winmgmt - ok
18:28:45.0641 13496 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
18:28:45.0765 13496 WinRM - ok
18:28:45.0813 13496 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
18:28:45.0844 13496 WinUsb - ok
18:28:45.0882 13496 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
18:28:45.0957 13496 Wlansvc - ok
18:28:46.0136 13496 [ 357CABBF155AFD1D3926E62539D2A3A7 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:28:46.0271 13496 wlidsvc - ok
18:28:46.0284 13496 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
18:28:46.0308 13496 WmiAcpi - ok
18:28:46.0342 13496 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:28:46.0382 13496 wmiApSrv - ok
18:28:46.0442 13496 WMPNetworkSvc - ok
18:28:46.0474 13496 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:28:46.0508 13496 WPCSvc - ok
18:28:46.0533 13496 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:28:46.0571 13496 WPDBusEnum - ok
18:28:46.0599 13496 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:28:46.0640 13496 ws2ifsl - ok
18:28:46.0670 13496 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
18:28:46.0708 13496 wscsvc - ok
18:28:46.0712 13496 WSearch - ok
18:28:46.0811 13496 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
18:28:46.0898 13496 wuauserv - ok
18:28:46.0933 13496 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:28:46.0976 13496 WudfPf - ok
18:28:47.0009 13496 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:28:47.0042 13496 WUDFRd - ok
18:28:47.0079 13496 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:28:47.0130 13496 wudfsvc - ok
18:28:47.0168 13496 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll
18:28:47.0209 13496 WwanSvc - ok
18:28:47.0245 13496 ================ Scan global ===============================
18:28:47.0288 13496 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
18:28:47.0329 13496 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
18:28:47.0351 13496 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
18:28:47.0381 13496 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
18:28:47.0401 13496 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
18:28:47.0409 13496 [Global] - ok
18:28:47.0410 13496 ================ Scan MBR ==================================
18:28:47.0425 13496 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:28:47.0800 13496 \Device\Harddisk0\DR0 - ok
18:28:47.0801 13496 ================ Scan VBR ==================================
18:28:47.0842 13496 [ 17E4E9336971E6A27C013BBE38BD2E65 ] \Device\Harddisk0\DR0\Partition1
18:28:47.0847 13496 \Device\Harddisk0\DR0\Partition1 - ok
18:28:47.0860 13496 [ 3269B3F96ECBC4F83615E362A583E3DC ] \Device\Harddisk0\DR0\Partition2
18:28:47.0864 13496 \Device\Harddisk0\DR0\Partition2 - ok
18:28:47.0864 13496 ============================================================
18:28:47.0865 13496 Scan finished
18:28:47.0865 13496 ============================================================
18:28:47.0887 9264 Detected object count: 7
18:28:47.0887 9264 Actual detected object count: 7
18:30:29.0896 9264 Atheros Bt&Wlan Coex Agent ( UnsignedFile.Multi.Generic ) - skipped by user
18:30:29.0896 9264 Atheros Bt&Wlan Coex Agent ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:30:29.0898 9264 AtherosSvc ( UnsignedFile.Multi.Generic ) - skipped by user
18:30:29.0898 9264 AtherosSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:30:29.0899 9264 DfSdkS ( UnsignedFile.Multi.Generic ) - skipped by user
18:30:29.0899 9264 DfSdkS ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:30:29.0901 9264 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user
18:30:29.0901 9264 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:30:29.0903 9264 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
18:30:29.0903 9264 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:30:29.0906 9264 Netzmanager Service ( UnsignedFile.Multi.Generic ) - skipped by user
18:30:29.0906 9264 Netzmanager Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:30:29.0907 9264 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
18:30:29.0907 9264 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
23.05.2013, 21:39
| #21 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | APPL/Solimba.gen .Rechner langsam/80%CPU Auslastung HDD lampe fast immer an. JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Im Anschluss: adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Danach eine Kontrolle mit OTL bitte:
__________________ --> APPL/Solimba.gen .Rechner langsam/80%CPU Auslastung HDD lampe fast immer an. |
|
23.05.2013, 21:57
| #22 |
| | APPL/Solimba.gen .Rechner langsam/80%CPU Auslastung HDD lampe fast immer an. Junge junge,du lässt dir auch jeden Tag wieder etwas neues einfallen:-) |
|
23.05.2013, 21:59
| #23 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | APPL/Solimba.gen .Rechner langsam/80%CPU Auslastung HDD lampe fast immer an. Das ist mein Intensiv-Waschprogramm. Computerwaschprogramm Platinum 5 Stars sozusagen, für eine Autowäsche mit diesem bezahlt man locker 15 EUR und mehr 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
23.05.2013, 22:11
| #24 |
| | APPL/Solimba.gen .Rechner langsam/80%CPU Auslastung HDD lampe fast immer an. Hmm,das Waschprogr ist zu lang: Der Text, den Sie eingegeben haben, besteht aus 153483 Zeichen und ist damit zu lang. Bitte kürzen Sie den Text auf die maximale Länge von 120000 Zeichen. Oliver Ok,dann erstmal das hier Code:
ATTFilter # AdwCleaner v2.301 - Datei am 23/05/2013 um 23:12:57 erstellt
# Aktualisiert am 16/05/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : OH - OH-VAIO
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\OH\Downloads\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Datei Gelöscht : C:\Windows\Tasks\SpeedUpMyPC.job
Ordner Gelöscht : C:\Program Files (x86)\Viewpoint
Ordner Gelöscht : C:\Users\OH\AppData\Local\PackageAware
Ordner Gelöscht : C:\Windows\Installer\{4BD8E034-E0F4-4509-A753-467A8E854CD8}
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Schlüssel Gelöscht : HKLM\Software\DeviceVM
Schlüssel Gelöscht : HKLM\Software\MetaStream
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Schlüssel Gelöscht : HKLM\Software\Viewpoint
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{17B10E59-09E1-4C39-A738-6774D7AB7778}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1AD2049E-E483-4425-8555-8E0775ACB631}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2D73F2D0-2FAB-458E-977D-2F9050E0ED60}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3E9469AF-E866-4476-B767-810630F1F6E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{47700C35-9E3E-4DAD-934C-0CE28A87237C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{716E443D-7CAA-44F1-866B-F45D00E712CC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72063D77-7590-4DA9-A7F8-F5ECAF3632C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7FC87AC5-FA93-476E-A32C-A941229DED0B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
***** [Internet Browser] *****
-\\ Internet Explorer v10.0.9200.16576
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v21.0 (de)
Datei : C:\Users\OH\AppData\Roaming\Mozilla\Firefox\Profiles\kd3yy7op.default\prefs.js
Gelöscht : user_pref("aol_toolbar.surf.date", "1");
Gelöscht : user_pref("aol_toolbar.surf.lastDate", "23");
Gelöscht : user_pref("aol_toolbar.surf.lastMonth", "4");
Gelöscht : user_pref("aol_toolbar.surf.lastYear", "2013");
Gelöscht : user_pref("aol_toolbar.surf.month", "1");
Gelöscht : user_pref("aol_toolbar.surf.prevMonth", "0");
Gelöscht : user_pref("aol_toolbar.surf.total", "1");
Gelöscht : user_pref("aol_toolbar.surf.week", "1");
Gelöscht : user_pref("aol_toolbar.surf.year", "1");
Gelöscht : user_pref("aolmail_toolbar.winamp.volume", "");
-\\ Google Chrome v27.0.1453.94
Datei : C:\Users\OH\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Die Datei ist sauber.
*************************
AdwCleaner[S1].txt - [54249 octets] - [05/02/2013 10:42:42]
AdwCleaner[S2].txt - [4413 octets] - [23/05/2013 23:12:57]
########## EOF - C:\AdwCleaner[S2].txt - [4473 octets] ##########
Code:
ATTFilter OTL logfile created on: 23.05.2013 23:23:13 - Run 3 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\OH\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16576) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,95 Gb Total Physical Memory | 2,06 Gb Available Physical Memory | 52,09% Memory free 7,90 Gb Paging File | 5,57 Gb Available in Paging File | 70,59% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 448,64 Gb Total Space | 320,81 Gb Free Space | 71,51% Space Free | Partition Type: NTFS Computer Name: OH-VAIO | User Name: OH | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler.exe (Google Inc.) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe (Garmin Ltd or its subsidiaries) PRC - C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe (Garmin Ltd or its subsidiaries) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.) PRC - C:\Users\OH\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.) PRC - C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe () PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.) PRC - C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\DataCardMonitor.exe (Huawei Technologies Co., Ltd.) PRC - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG) PRC - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros) PRC - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe (Sony Corporation) PRC - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation) PRC - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation) PRC - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.) PRC - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation) PRC - C:\Programme\Sony\VAIO Care\VCService.exe (Sony Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) PRC - C:\Programme\Sony\VAIO Care\listener.exe (Sony of America Corporation) PRC - C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation) PRC - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation) PRC - C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated) PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) PRC - C:\Program Files (x86)\Common Files\aol\1357462529\ee\aolsoftware.exe (AOL Inc.) PRC - C:\Users\OH\AppData\Roaming\T-Mobile Internet Manager\ouc.exe (Huawei Technologies Co., Ltd.) PRC - C:\Program Files (x86)\RauchFrei\RauchFrei.exe (SWR3.online) ========== Modules (No Company Name) ========== MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\1770f4fb3b437d05badf13679e8ff0bd\System.ServiceModel.Routing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\6f750662bfef47bb20c17230472d8e7f\System.ServiceModel.Discovery.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\d30d2f75af7cdf3880c1b5d1a2622d81\System.ServiceModel.Channels.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\950a487ee233b20ac56f1e2fbe7b29f6\System.ServiceModel.Activities.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\ce2164d32e319ee1d047119316c19557\System.IdentityModel.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\35f10af8371c9953294e6bdc86b5458b\System.ServiceModel.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\b24c65edc1e2688b3f42830b0c620492\System.ServiceModel.Web.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\2bb04ca46f8374826e4e6cafae120aa1\System.Runtime.DurableInstancing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\c9508bbbee390fa5c287a84d1a88d7d9\System.Runtime.Serialization.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\3801a5e161089434ffe30b9350881308\System.Xml.Linq.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\30e3a21202000677d0a9270572251477\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\716959df79685a1eae0fc14275a32b0f\WindowsBase.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\764f15e86c82662e977bd418bd6318c1\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\1f0bb5336d1706c9b8ad2330f3642760\PresentationFramework.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\6ded1c6dbf61d19f839da66c951d8fa9\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\9b2940478ec555990b37af5448b8f509\PresentationCore.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\93a17ba6cb6753328f25466bc0bf1cb1\System.Core.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\a1949f57d2ec260e09768e98fecb0559\WindowsBase.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\ddc3e8c2774eaec614d6775983652980\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\5ecf01964c70e453d71e5d7653912ff9\System.Web.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.WorkflowServ#\17b4a6296ab10e2cf9a1a54a73a13ec4\System.WorkflowServices.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\a9ecbe8beef8c04f60f9127ec6599abf\SMDiagnostics.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\40c7a89fe2cbf3c12a2c39e034da54cf\System.Xaml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\85a17526c326bfb377b5c2124dce39f2\IAStorCommon.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\ceda881f46083cfb6356ed39e6bf9dcb\IAStorUtil.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\78ecbee4a7444353dce52afb9d9d795c\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\fc476bbac36944e352c2f547352ffa64\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\60674dde4b56087c189f576f36f6720f\PresentationFramework.Aero.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\f93dca0e4baa1dcb37cf75392b7c89da\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\6a1ccc1e1a79ce267d3d1808af382cd6\mscorlib.ni.dll () MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll () MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll () ========== Services (SafeList) ========== SRV:64bit: - (SampleCollector) -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe (Sony Corporation) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (AntiVirWebService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira Operations GmbH & Co. KG) SRV - (AntiVirMailService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe (Avira Operations GmbH & Co. KG) SRV - (Garmin Core Update Service) -- C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe (Garmin Ltd or its subsidiaries) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirFirewallService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe (Avira Operations GmbH & Co. KG) SRV - (McComponentHostService) -- C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe (McAfee, Inc.) SRV - (VUAgent) -- C:\Programme\Sony\VAIO Update\VUAgent.exe (Sony Corporation) SRV - (AHDDC2) -- C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe () SRV - (Netzmanager Service) -- C:\Programme\Netzmanager\NMInfraIS2\Netzmanager_Service.exe (Deutsche Telekom AG) SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies) SRV - (IconMan_R) -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Realsil Microelectronics Inc.) SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) SRV - (Fabs) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG) SRV - (VcmIAlzMgr) -- C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation) SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®) SRV - (Atheros Bt&Wlan Coex Agent) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros) SRV - (AtherosSvc) -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe (Atheros Commnucations) SRV - (VAIO Event Service) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation) SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.) SRV - (VSNService) -- C:\Programme\Sony\VAIO Smart Network\VSNService.exe (Sony Corporation) SRV - (SeaPort) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation) SRV - (uCamMonitor) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.) SRV - (SOHCImp) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe (Sony Corporation) SRV - (SOHDs) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe (Sony Corporation) SRV - (VcmXmlIfHelper) -- C:\Programme\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe (Sony Corporation) SRV - (VcmINSMgr) -- C:\Programme\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe (Sony Corporation) SRV - (VCService) -- C:\Programme\Sony\VAIO Care\VCService.exe (Sony Corporation) SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) SRV - (SpfService) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe (Sony Corporation) SRV - (VCFw) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation) SRV - (PMBDeviceInfoProvider) -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation) SRV - (AdobeActiveFileMonitor9.0) -- C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated) SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.) SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation) SRV - (DfSdkS) -- C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\DfsdkS64.exe (mst software GmbH, Germany) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (AOL ACS) -- C:\Program Files (x86)\Common Files\AOL\ACS\AOLAcsd.exe (AOL LLC) ========== Driver Services (SafeList) ========== DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira Operations GmbH & Co. KG) DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG) DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG) DRV:64bit: - (avfwot) -- C:\Windows\SysNative\drivers\avfwot.sys (Avira GmbH) DRV:64bit: - (avfwim) -- C:\Windows\SysNative\drivers\avfwim.sys (Avira GmbH) DRV:64bit: - (ssudmdm) -- C:\Windows\SysNative\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr)) DRV:64bit: - (dg_ssudbus) -- C:\Windows\SysNative\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr)) DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation) DRV:64bit: - (RSPCIESTOR) -- C:\Windows\SysNative\drivers\RtsPStor.sys (Realtek Semiconductor Corp.) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation) DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation) DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation) DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation) DRV:64bit: - (ApfiltrService) -- C:\Windows\SysNative\drivers\Apfiltr.sys (Alps Electric Co., Ltd.) DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.) DRV:64bit: - (ssadmdm) -- C:\Windows\SysNative\drivers\ssadmdm.sys (MCCI Corporation) DRV:64bit: - (ssadbus) -- C:\Windows\SysNative\drivers\ssadbus.sys (MCCI Corporation) DRV:64bit: - (ssadmdfl) -- C:\Windows\SysNative\drivers\ssadmdfl.sys (MCCI Corporation) DRV:64bit: - (tap0901) -- C:\Windows\SysNative\drivers\tap0901.sys (The OpenVPN Project) DRV:64bit: - (BtFilter) -- C:\Windows\SysNative\drivers\btfilter.sys (Atheros) DRV:64bit: - (BTATH_RCP) -- C:\Windows\SysNative\drivers\btath_rcp.sys (Atheros) DRV:64bit: - (BTATH_LWFLT) -- C:\Windows\SysNative\drivers\btath_lwflt.sys (Atheros) DRV:64bit: - (BTATH_A2DP) -- C:\Windows\SysNative\drivers\btath_a2dp.sys (Atheros) DRV:64bit: - (BTATH_HCRP) -- C:\Windows\SysNative\drivers\btath_hcrp.sys (Atheros) DRV:64bit: - (btath_avdt) -- C:\Windows\SysNative\drivers\btath_avdt.sys (Atheros) DRV:64bit: - (ATHDFU) -- C:\Windows\SysNative\drivers\AthDfu.sys (Windows (R) Win 7 DDK provider) DRV:64bit: - (AthBTPort) -- C:\Windows\SysNative\drivers\btath_flt.sys (Atheros) DRV:64bit: - (BTATH_BUS) -- C:\Windows\SysNative\drivers\btath_bus.sys (Atheros) DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation) DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation) DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek ) DRV:64bit: - (CnxtHdAudService) -- C:\Windows\SysNative\drivers\CHDRT64.sys (Conexant Systems Inc.) DRV:64bit: - (FTDIBUS) -- C:\Windows\SysNative\drivers\ftdibus.sys (FTDI Ltd.) DRV:64bit: - (FTSER2K) -- C:\Windows\SysNative\drivers\ftser2k.sys (FTDI Ltd.) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation) DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation) DRV:64bit: - (RT-USB) -- C:\Windows\SysNative\drivers\RT-USB64.SYS (Ross-Tech LLC) DRV:64bit: - (SFEP) -- C:\Windows\SysNative\drivers\SFEP.sys (Sony Corporation) DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions) DRV:64bit: - (silabser) -- C:\Windows\SysNative\drivers\silabser.sys (Silicon Laboratories) DRV:64bit: - (silabenm) -- C:\Windows\SysNative\drivers\silabenm.sys (Silicon Laboratories, Inc.) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation) DRV:64bit: - (e1yexpress) -- C:\Windows\SysNative\drivers\e1y60x64.sys (Intel Corporation) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (ArcSoftKsUFilter) -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys (ArcSoft, Inc.) DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.) DRV:64bit: - (grmnusb) -- C:\Windows\SysNative\drivers\grmnusb.sys (GARMIN Corp.) DRV:64bit: - (hwdatacard) -- C:\Windows\SysNative\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.) DRV:64bit: - (wanatw) -- C:\Windows\SysNative\drivers\wanatw64.sys (America Online, Inc.) DRV - (avfwot) -- C:\Windows\SysWOW64\drivers\avfwot.sys (Avira GmbH) DRV - (TelekomNM6) -- C:\Programme\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-4989281-2294219093-863846339-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.sm.de IE - HKU\S-1-5-21-4989281-2294219093-863846339-1001\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-4989281-2294219093-863846339-1001\..\SearchScopes\{06797DD0-B899-40BB-A36C-BF7F382FD418}: "URL" = hxxp://de.shopping.com/?linkin_id=8056363 IE - HKU\S-1-5-21-4989281-2294219093-863846339-1001\..\SearchScopes\{27C0E32C-9041-4E45-9647-D0E3AEBF7103}: "URL" = hxxp://rover.ebay.com/rover/1/707-37276-16609-21/4?satitle={searchTerms} IE - HKU\S-1-5-21-4989281-2294219093-863846339-1001\..\SearchScopes\{6083E34B-C277-41EF-8A48-3CF29E852A36}: "URL" = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices IE - HKU\S-1-5-21-4989281-2294219093-863846339-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "https://www.google.de/" FF - prefs.js..extensions.enabledAddons: %7B195A3098-0BD5-4e90-AE22-BA1C540AFD1E%7D:4.0.4 FF - prefs.js..extensions.enabledAddons: %7B1DEC6447-C74F-4886-9002-202C27C703F1%7D:1.12.0.0 FF - prefs.js..extensions.enabledAddons: %7Bfa1cfe8c-66b4-4469-b360-b60c79d70c28%7D:5.22.35.9399 FF - prefs.js..extensions.enabledAddons: %7Bd49175b3-3fd8-43b8-b28e-da5d47f3c398%7D:1.0.49 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.05.22 19:21:44 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.05.22 19:21:39 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.04.01 18:13:36 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\addlyrics@addlyrics.net: C:\Program Files (x86)\AddLyrics\FF\ FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.05.22 19:21:44 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.05.22 19:21:39 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.04.01 18:13:36 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2011.06.09 22:03:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\OH\AppData\Roaming\mozilla\Extensions [2013.05.23 21:45:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\OH\AppData\Roaming\mozilla\Firefox\Profiles\kd3yy7op.default\extensions [2012.11.30 21:44:37 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Users\OH\AppData\Roaming\mozilla\Firefox\Profiles\kd3yy7op.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2013.04.03 06:39:11 | 000,000,000 | ---D | M] ("AOL Mail Toolbar") -- C:\Users\OH\AppData\Roaming\mozilla\Firefox\Profiles\kd3yy7op.default\extensions\{fa1cfe8c-66b4-4469-b360-b60c79d70c28} [2012.09.17 18:06:42 | 000,128,244 | ---- | M] () (No name found) -- C:\Users\OH\AppData\Roaming\mozilla\firefox\profiles\kd3yy7op.default\extensions\{1DEC6447-C74F-4886-9002-202C27C703F1}.xpi [2013.05.23 21:45:58 | 000,395,933 | ---- | M] () (No name found) -- C:\Users\OH\AppData\Roaming\mozilla\firefox\profiles\kd3yy7op.default\extensions\{d49175b3-3fd8-43b8-b28e-da5d47f3c398}.xpi [2013.04.03 06:39:16 | 000,002,530 | ---- | M] () -- C:\Users\OH\AppData\Roaming\mozilla\firefox\profiles\kd3yy7op.default\searchplugins\aol-search.xml [2012.12.12 10:20:29 | 000,001,052 | ---- | M] () -- C:\Users\OH\AppData\Roaming\mozilla\firefox\profiles\kd3yy7op.default\searchplugins\ashampoo-de-customized-web-search.xml [2013.05.22 19:21:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2013.05.22 19:21:39 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013.05.22 19:21:39 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2013.05.22 19:21:39 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2013.05.22 19:21:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions [2013.05.22 19:21:44 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter} CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\pdf.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll CHR - plugin: Java(TM) Platform SE 7 U21 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll CHR - plugin: McAfee Security Scanner + (Enabled) = C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll CHR - plugin: MetaStream 3 Plugin (Enabled) = C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll O1 HOSTS File: ([2013.05.21 23:32:42 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.) O2 - BHO: (AddLyrics) - {4145006D-47F8-42F2-8186-2225AAFECDD3} - C:\Program Files (x86)\AddLyrics\AddLyrics.dll File not found O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O4:64bit: - HKLM..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.) O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations) O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications) O4:64bit: - HKLM..\Run: [cAudioFilterAgent] C:\Programme\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe (Conexant Systems, Inc.) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [DataCardMonitor] C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\DataCardMonitor.exe (Huawei Technologies Co., Ltd.) O4 - HKLM..\Run: [HostManager] C:\Program Files (x86)\Common Files\AOL\1357462529\ee\AOLSoftware.exe (AOL Inc.) O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation) O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.) O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation) O4 - HKU\S-1-5-21-4989281-2294219093-863846339-1001..\Run: [BrowserMask] C:\Program Files (x86)\AntiBrowserSpy\AntiBrowserSpyBrowserMaske.exe (Microsoft) O4 - HKU\S-1-5-21-4989281-2294219093-863846339-1001..\Run: [GarminExpressTrayApp] C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe (Garmin Ltd or its subsidiaries) O4 - HKU\S-1-5-21-4989281-2294219093-863846339-1001..\Run: [HP Officejet 4620 series (NET)] C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.) O4 - HKU\S-1-5-21-4989281-2294219093-863846339-1001..\Run: [HW_OPENEYE_OUC_T-Mobile Internet Manager] C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\UpdateDog\ouc.exe (Huawei Technologies Co., Ltd.) O4 - HKU\S-1-5-21-4989281-2294219093-863846339-1001..\Run: [ICQ] C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.) O4 - HKU\S-1-5-21-4989281-2294219093-863846339-1001..\Run: [SWR3RauchFrei] C:\Program Files (x86)\RauchFrei\RauchFrei.exe (SWR3.online) O4 - Startup: C:\Users\OH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MFT VCDS Updater.lnk = File not found O4 - Startup: C:\Users\OH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () O4 - Startup: C:\Users\OH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Ross-Tech VCDS DRV Updater.lnk = C:\PCI-Tuning\VCDS-PCI\VCDS.exe (Ross-Tech, LLC) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-4989281-2294219093-863846339-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-4989281-2294219093-863846339-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe (Hewlett-Packard) O9 - Extra 'Tools' menuitem : HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe (Hewlett-Packard) O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000020 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O13 - gopher Prefix: missing O15 - HKU\S-1-5-21-4989281-2294219093-863846339-1001\..Trusted Domains: aol.com ([objects] * is out of zone range - 5) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_13-windows-i586.cab (Reg Error: Value error.) O16 - DPF: {CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_13-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_13-windows-i586.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7CB938F2-7400-48A7-8010-03EA6E22EC79}: DhcpNameServer = 192.168.178.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll File not found O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll File not found O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.05.23 23:16:18 | 000,000,000 | R--D | C] -- C:\Users\OH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices [2013.05.23 22:59:59 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT [2013.05.23 22:59:23 | 000,000,000 | ---D | C] -- C:\JRT [2013.05.22 22:21:38 | 000,000,000 | ---D | C] -- C:\Users\OH\Desktop\mbar [2013.05.22 19:21:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2013.05.22 19:01:07 | 000,000,000 | -HSD | C] -- C:\found.001 [2013.05.21 23:35:33 | 000,000,000 | ---D | C] -- C:\Windows\temp [2013.05.21 23:23:37 | 000,000,000 | ---D | C] -- C:\ComboFix [2013.05.21 23:21:56 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2013.05.21 23:21:56 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2013.05.21 23:21:56 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2013.05.21 23:18:08 | 000,000,000 | ---D | C] -- C:\Qoobox [2013.05.21 23:16:34 | 000,000,000 | ---D | C] -- C:\Windows\erdnt [2013.05.19 12:25:56 | 000,000,000 | ---D | C] -- C:\Users\OH\Documents\104 [2013.05.16 06:09:11 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2013.05.16 06:09:10 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013.05.16 06:09:10 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2013.05.16 06:09:08 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2013.05.16 06:09:07 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2013.05.16 06:09:07 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2013.05.16 06:09:07 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2013.05.16 06:09:05 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2013.05.16 06:09:05 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2013.05.16 06:09:05 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2013.05.16 06:09:05 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2013.05.16 06:09:04 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013.05.16 06:09:01 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013.05.16 06:09:01 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013.05.16 06:09:00 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013.05.15 17:07:22 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys [2013.05.15 17:07:22 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll [2013.05.15 17:06:57 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll [2013.05.15 17:06:56 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll [2013.05.15 17:06:53 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll [2013.05.15 17:06:53 | 000,111,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe [2013.05.15 17:06:21 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanprotdim.dll [2013.05.06 00:41:01 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN [2013.05.02 11:16:05 | 000,083,160 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avnetflt.sys [2013.04.30 10:59:23 | 000,000,000 | ---D | C] -- C:\Users\OH\Documents\skanowanie0001 [2013.04.29 09:23:31 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2013.04.27 21:12:48 | 000,000,000 | ---D | C] -- C:\Users\OH\AppData\Roaming\AntiBrowserSpy 2009 [2013.04.27 21:12:09 | 000,000,000 | ---D | C] -- C:\Users\OH\AppData\Local\Abelssoft [2013.04.27 21:12:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AntiBrowserSpy [2013.04.27 21:11:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AntiBrowserSpy [2013.04.27 21:09:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\COMPUTERBILD-Abzockschutz [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.05.23 23:23:16 | 000,020,928 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.05.23 23:23:16 | 000,020,928 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.05.23 23:20:13 | 001,614,892 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.05.23 23:20:13 | 000,697,534 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.05.23 23:20:13 | 000,652,812 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.05.23 23:20:13 | 000,148,540 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.05.23 23:20:13 | 000,121,486 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.05.23 23:16:27 | 000,001,942 | ---- | M] () -- C:\Users\OH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet 4620 series (Netzwerk).lnk [2013.05.23 23:15:48 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.05.23 23:15:29 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl [2013.05.23 23:15:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.05.23 23:14:55 | 3180,220,416 | -HS- | M] () -- C:\hiberfil.sys [2013.05.23 23:14:00 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.05.23 23:06:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.05.23 21:15:31 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2013.05.23 18:20:47 | 000,000,512 | ---- | M] () -- C:\Users\OH\Desktop\MBR.dat [2013.05.21 23:32:42 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2013.05.20 21:48:15 | 000,020,368 | ---- | M] () -- C:\test.xml [2013.05.19 12:25:56 | 000,285,580 | ---- | M] () -- C:\Users\OH\Documents\104.zip [2013.05.16 18:46:12 | 000,445,024 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013.05.15 00:07:22 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013.05.15 00:07:22 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013.05.06 00:41:28 | 000,000,871 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk [2013.05.06 00:40:11 | 000,001,132 | ---- | M] () -- C:\Users\OH\Desktop\SuchMaschine.lnk [2013.05.04 08:05:57 | 507,805,743 | ---- | M] () -- C:\Windows\MEMORY.DMP [2013.05.02 11:15:12 | 000,083,160 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avnetflt.sys [2013.04.30 10:59:23 | 001,396,910 | ---- | M] () -- C:\Users\OH\Documents\skanowanie0001.zip [2013.04.27 21:12:04 | 000,001,075 | ---- | M] () -- C:\Users\OH\Desktop\AntiBrowserSpy.lnk [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.05.23 18:20:47 | 000,000,512 | ---- | C] () -- C:\Users\OH\Desktop\MBR.dat [2013.05.21 23:21:56 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2013.05.21 23:21:56 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2013.05.21 23:21:56 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2013.05.21 23:21:56 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2013.05.21 23:21:56 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2013.05.19 12:25:51 | 000,285,580 | ---- | C] () -- C:\Users\OH\Documents\104.zip [2013.05.06 00:40:11 | 000,001,132 | ---- | C] () -- C:\Users\OH\Desktop\SuchMaschine.lnk [2013.04.30 10:59:00 | 001,396,910 | ---- | C] () -- C:\Users\OH\Documents\skanowanie0001.zip [2013.04.29 09:23:29 | 507,805,743 | ---- | C] () -- C:\Windows\MEMORY.DMP [2013.04.27 21:12:04 | 000,001,075 | ---- | C] () -- C:\Users\OH\Desktop\AntiBrowserSpy.lnk [2013.03.15 10:28:10 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini [2013.03.06 10:05:37 | 000,999,424 | ---- | C] () -- C:\Windows\SysWow64\fathmail.dll [2013.03.06 00:35:52 | 000,148,375 | ---- | C] () -- C:\Windows\hphins33.dat [2013.03.06 00:35:52 | 000,000,512 | ---- | C] () -- C:\Windows\hphmdl33.dat [2013.03.06 00:02:32 | 000,148,426 | ---- | C] () -- C:\Windows\hphins33.dat.temp [2013.03.06 00:02:32 | 000,000,512 | ---- | C] () -- C:\Windows\hphmdl33.dat.temp [2013.01.06 10:06:00 | 000,000,002 | ---- | C] () -- C:\Windows\msoffice.ini [2012.08.07 23:38:16 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [2012.07.19 23:17:42 | 000,007,596 | ---- | C] () -- C:\Users\OH\AppData\Local\Resmon.ResmonCfg [2011.12.03 18:30:38 | 000,000,132 | ---- | C] () -- C:\Windows\ODBC.INI [2011.11.25 19:47:56 | 000,000,017 | ---- | C] () -- C:\Windows\SysWow64\shortcut_ex.dat [2011.09.16 11:54:48 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe [2011.09.16 11:54:44 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll [2011.09.16 11:54:44 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll [2011.09.16 11:54:44 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll [2011.09.16 11:54:44 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll [2011.06.09 22:24:03 | 000,000,335 | ---- | C] () -- C:\Windows\nsreg.dat ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2013.04.27 21:12:48 | 000,000,000 | ---D | M] -- C:\Users\OH\AppData\Roaming\AntiBrowserSpy 2009 [2013.04.03 21:49:28 | 000,000,000 | ---D | M] -- C:\Users\OH\AppData\Roaming\AnvSoft [2012.01.13 21:48:20 | 000,000,000 | ---D | M] -- C:\Users\OH\AppData\Roaming\Canneverbe Limited [2012.12.11 14:39:13 | 000,000,000 | ---D | M] -- C:\Users\OH\AppData\Roaming\EasyPCGate [2013.04.20 23:26:37 | 000,000,000 | ---D | M] -- C:\Users\OH\AppData\Roaming\Garmin [2011.06.13 23:30:06 | 000,000,000 | ---D | M] -- C:\Users\OH\AppData\Roaming\GetRightToGo [2013.03.29 12:20:49 | 000,000,000 | ---D | M] -- C:\Users\OH\AppData\Roaming\GoPro [2013.03.06 10:35:29 | 000,000,000 | ---D | M] -- C:\Users\OH\AppData\Roaming\GSA AV Guard [2012.12.09 23:55:22 | 000,000,000 | ---D | M] -- C:\Users\OH\AppData\Roaming\hastasoft [2013.05.16 18:49:27 | 000,000,000 | ---D | M] -- C:\Users\OH\AppData\Roaming\ICQ [2012.12.11 14:39:11 | 000,000,000 | ---D | M] -- C:\Users\OH\AppData\Roaming\ImagesWords [2013.04.09 22:41:29 | 000,000,000 | ---D | M] -- C:\Users\OH\AppData\Roaming\MAGIX [2011.06.23 21:55:10 | 000,000,000 | ---D | M] -- C:\Users\OH\AppData\Roaming\OpenOffice.org [2012.12.09 23:56:10 | 000,000,000 | ---D | M] -- C:\Users\OH\AppData\Roaming\SaferMail [2011.10.24 19:10:07 | 000,000,000 | ---D | M] -- C:\Users\OH\AppData\Roaming\Samsung [2012.02.23 00:15:21 | 000,000,000 | ---D | M] -- C:\Users\OH\AppData\Roaming\ScanMaster-ELM [2011.08.12 02:35:47 | 000,000,000 | ---D | M] -- C:\Users\OH\AppData\Roaming\ScanMaster-ELM - DEMO [2013.05.20 19:48:07 | 000,000,000 | ---D | M] -- C:\Users\OH\AppData\Roaming\SoftGrid Client [2011.07.06 10:14:03 | 000,000,000 | ---D | M] -- C:\Users\OH\AppData\Roaming\T-Mobile [2012.12.07 21:44:07 | 000,000,000 | ---D | M] -- C:\Users\OH\AppData\Roaming\T-Mobile Internet Manager [2012.07.18 19:04:32 | 000,000,000 | ---D | M] -- C:\Users\OH\AppData\Roaming\Temp [2012.12.07 22:32:26 | 000,000,000 | ---D | M] -- C:\Users\OH\AppData\Roaming\Thunderbird [2011.06.18 10:00:26 | 000,000,000 | ---D | M] -- C:\Users\OH\AppData\Roaming\TP [2012.07.11 09:15:10 | 000,000,000 | ---D | M] -- C:\Users\OH\AppData\Roaming\Uniblue [2011.06.17 11:50:06 | 000,000,000 | ---D | M] -- C:\Users\OH\AppData\Roaming\Windows Live Writer [2013.04.03 21:44:15 | 000,000,000 | ---D | M] -- C:\Users\OH\AppData\Roaming\XMedia Recode [2012.07.21 15:13:50 | 000,000,000 | ---D | M] -- C:\Users\OH\AppData\Roaming\XnView ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:054203E4 < End of report > |
|
26.05.2013, 10:44
| #25 |
| | APPL/Solimba.gen .Rechner langsam/80%CPU Auslastung HDD lampe fast immer an. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 4.9.4 (05.06.2013:1) OS: Windows 7 Home Premium x64 Ran by OH on 26.05.2013 at 11:35:55,94 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installedbrowserextensions Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\crossrider Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0031257.BHO Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0031257.BHO.1 Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0031257.Sandbox Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0031257.Sandbox.1 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\CrossriderApp0031257.BHO Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\CrossriderApp0031257.BHO.1 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\CrossriderApp0031257.Sandbox Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\CrossriderApp0031257.Sandbox.1 Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{11111111-1111-1111-1111-110311121157} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{22222222-2222-2222-2222-220322122257} Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311121157} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\wow6432node\clsid\{11111111-1111-1111-1111-110311121157} Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\wow6432node\clsid\{22222222-2222-2222-2222-220322122257} ~~~ Files Successfully deleted: [File] C:\Windows\prefetch\DELTA BABYLON.EXE-29E8F62D.pf ~~~ Folders Successfully deleted: [Folder] "C:\ProgramData\babylon" Successfully deleted: [Folder] "C:\Users\OH\AppData\Roaming\babylon" Successfully deleted: [Folder] "C:\Users\OH\appdata\local\babylon" ~~~ FireFox Successfully deleted: [File] C:\Users\OH\AppData\Roaming\mozilla\firefox\profiles\kd3yy7op.default\searchplugins\babylon.xml Successfully deleted the following from C:\Users\OH\AppData\Roaming\mozilla\firefox\profiles\kd3yy7op.default\prefs.js user_pref("aol_toolbar.surf.date", "82"); user_pref("aol_toolbar.surf.lastDate", "26"); user_pref("aol_toolbar.surf.lastMonth", "4"); user_pref("aol_toolbar.surf.lastYear", "2013"); user_pref("aol_toolbar.surf.month", "672"); user_pref("aol_toolbar.surf.prevMonth", "0"); user_pref("aol_toolbar.surf.total", "675"); user_pref("aol_toolbar.surf.week", "82"); user_pref("aol_toolbar.surf.year", "672"); user_pref("aolmail_toolbar.search.searchtype", "web"); user_pref("browser.newtab.url", "hxxp://www.my-online-search.com/?babsrc=NT_ofln&mntrId=D06C00FF2055374D&cat=delta&dlb=1&affID=120519"); user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.backgroundjs", "\n\n/**************************************************** user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.internaldb.cache/530e52021dc20843b1aa62957edeb9f8.value", "%22var%20adsDe user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.internaldb.cache/5cdf8a7ef2ec84abac286c67587b78d9.value", "%22function%20 user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.internaldb.cache/d5baae4ef839769f8eb7e9f9d82d8a40_DE.value", "%22var%20ca user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.internaldb.cache/d9fe5d2850f1ed167451b193e8bd0e0c_DE.value", "%22var%20ca user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.js", "\n\n /************************************************************ user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.plugins.plugin_1.code", "appAPI._cr_config={appID:function(){var a=appAPI user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.plugins.plugin_102.code", "if (typeof appAPI.internal.monetization === \" user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.plugins.plugin_104.code", "if (typeof appAPI.internal.monetization === \" user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.plugins.plugin_119.code", "if (typeof appAPI.internal.monetization === \" user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.plugins.plugin_13.name", "CrossriderAppUtils"); user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.plugins.plugin_14.name", "CrossriderUtils"); user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.plugins.plugin_16.code", "if((typeof isBackground===\"undefined\"||isBack user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.plugins.plugin_17.code", "if(typeof window!==\"undefined\"){\n/*!\n * jQu user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.plugins.plugin_21.code", "var CrossriderDebugManager=(function(h){var f={ user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.plugins.plugin_22.code", "(function(a){appAPI.queueManager={queue:[],regi user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.plugins.plugin_28.code", "var CrossriderInitializerPlugin=(function(e){va user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.plugins.plugin_47.code", "(function(){appAPI.ready=function(a){appAPI.res user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.plugins.plugin_78.name", "CrossriderInfo"); user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.plugins.plugin_87.code", "var CROSSRIDER_PLATFORM=true;var JQ=bbrsJQ=$jqu user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.plugins.plugin_91.code", "(function(c){if(typeof appAPI.internal.monetiza user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.plugins.plugin_92.code", "if(typeof appAPI.internal.monetization===\"unde user_pref("extensions.crossrider.bic", "13edb581b989e09c74c387ec1b8ec11a"); Emptied folder: C:\Users\OH\AppData\Roaming\mozilla\firefox\profiles\kd3yy7op.default\minidumps [4 files] ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 26.05.2013 at 11:41:57,84 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 7 Home Premium x64
Ran by OH on 26.05.2013 at 11:35:55,94
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installedbrowserextensions
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\Software\crossrider
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0031257.BHO
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0031257.BHO.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0031257.Sandbox
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0031257.Sandbox.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\CrossriderApp0031257.BHO
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\CrossriderApp0031257.BHO.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\CrossriderApp0031257.Sandbox
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\classes\CrossriderApp0031257.Sandbox.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{11111111-1111-1111-1111-110311121157}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\clsid\{22222222-2222-2222-2222-220322122257}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311121157}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\wow6432node\clsid\{11111111-1111-1111-1111-110311121157}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\wow6432node\clsid\{22222222-2222-2222-2222-220322122257}
~~~ Files
Successfully deleted: [File] C:\Windows\prefetch\DELTA BABYLON.EXE-29E8F62D.pf
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\Users\OH\AppData\Roaming\babylon"
Successfully deleted: [Folder] "C:\Users\OH\appdata\local\babylon"
~~~ FireFox
Successfully deleted: [File] C:\Users\OH\AppData\Roaming\mozilla\firefox\profiles\kd3yy7op.default\searchplugins\babylon.xml
Successfully deleted the following from C:\Users\OH\AppData\Roaming\mozilla\firefox\profiles\kd3yy7op.default\prefs.js
user_pref("aol_toolbar.surf.date", "82");
user_pref("aol_toolbar.surf.lastDate", "26");
user_pref("aol_toolbar.surf.lastMonth", "4");
user_pref("aol_toolbar.surf.lastYear", "2013");
user_pref("aol_toolbar.surf.month", "672");
user_pref("aol_toolbar.surf.prevMonth", "0");
user_pref("aol_toolbar.surf.total", "675");
user_pref("aol_toolbar.surf.week", "82");
user_pref("aol_toolbar.surf.year", "672");
user_pref("aolmail_toolbar.search.searchtype", "web");
user_pref("browser.newtab.url", "hxxp://www.my-online-search.com/?babsrc=NT_ofln&mntrId=D06C00FF2055374D&cat=delta&dlb=1&affID=120519");
user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.backgroundjs", "\n\n/****************************************************
user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.internaldb.cache/530e52021dc20843b1aa62957edeb9f8.value", "%22var%20adsDe
user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.internaldb.cache/5cdf8a7ef2ec84abac286c67587b78d9.value", "%22function%20
user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.internaldb.cache/d5baae4ef839769f8eb7e9f9d82d8a40_DE.value", "%22var%20ca
user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.internaldb.cache/d9fe5d2850f1ed167451b193e8bd0e0c_DE.value", "%22var%20ca
user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.js", "\n\n /************************************************************
user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.plugins.plugin_1.code", "appAPI._cr_config={appID:function(){var a=appAPI
user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.plugins.plugin_102.code", "if (typeof appAPI.internal.monetization === \"
user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.plugins.plugin_104.code", "if (typeof appAPI.internal.monetization === \"
user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.plugins.plugin_119.code", "if (typeof appAPI.internal.monetization === \"
user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.plugins.plugin_13.name", "CrossriderAppUtils");
user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.plugins.plugin_14.name", "CrossriderUtils");
user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.plugins.plugin_16.code", "if((typeof isBackground===\"undefined\"||isBack
user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.plugins.plugin_17.code", "if(typeof window!==\"undefined\"){\n/*!\n * jQu
user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.plugins.plugin_21.code", "var CrossriderDebugManager=(function(h){var f={
user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.plugins.plugin_22.code", "(function(a){appAPI.queueManager={queue:[],regi
user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.plugins.plugin_28.code", "var CrossriderInitializerPlugin=(function(e){va
user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.plugins.plugin_47.code", "(function(){appAPI.ready=function(a){appAPI.res
user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.plugins.plugin_78.name", "CrossriderInfo");
user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.plugins.plugin_87.code", "var CROSSRIDER_PLATFORM=true;var JQ=bbrsJQ=$jqu
user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.plugins.plugin_91.code", "(function(c){if(typeof appAPI.internal.monetiza
user_pref("extensions.a509508ef0b144616a5570d58601be33dc4a581e90ea646dba18558e021ee138ccom31257.31257.plugins.plugin_92.code", "if(typeof appAPI.internal.monetization===\"unde
user_pref("extensions.crossrider.bic", "13edb581b989e09c74c387ec1b8ec11a");
Emptied folder: C:\Users\OH\AppData\Roaming\mozilla\firefox\profiles\kd3yy7op.default\minidumps [4 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 26.05.2013 at 11:41:57,84
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
26.05.2013, 18:22
| #26 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | APPL/Solimba.gen .Rechner langsam/80%CPU Auslastung HDD lampe fast immer an. Du hast JRT nach OTL laufen lassen, mach bitte ein neues OTL-Log (extras.txt brauch ich nicht)
__________________ Logfiles bitte immer in CODE-Tags posten |
|
26.05.2013, 21:11
| #27 |
| | APPL/Solimba.gen .Rechner langsam/80%CPU Auslastung HDD lampe fast immer an.Code:
ATTFilter OTL logfile created on: 26.05.2013 21:23:30 - Run 4 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\OH\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16576) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,95 Gb Total Physical Memory | 2,07 Gb Available Physical Memory | 52,31% Memory free 7,90 Gb Paging File | 5,15 Gb Available in Paging File | 65,16% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 448,64 Gb Total Space | 320,61 Gb Free Space | 71,46% Space Free | Partition Type: NTFS Computer Name: OH-VAIO | User Name: OH | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Program Files (x86)\Google\Update\1.3.21.145\GoogleCrashHandler.exe (Google Inc.) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe (Garmin Ltd or its subsidiaries) PRC - C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe (Garmin Ltd or its subsidiaries) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.) PRC - C:\Users\OH\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\AOL Desktop 9.7\waol.exe (AOL Inc.) PRC - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.) PRC - C:\Program Files (x86)\Common Files\AOL\Topspeed\3.0\aoltpsd3.exe (AOL Inc.) PRC - C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe () PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.) PRC - C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\DataCardMonitor.exe (Huawei Technologies Co., Ltd.) PRC - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG) PRC - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros) PRC - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe (Sony Corporation) PRC - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation) PRC - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation) PRC - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.) PRC - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation) PRC - C:\Programme\Sony\VAIO Care\VCService.exe (Sony Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) PRC - C:\Programme\Sony\VAIO Care\listener.exe (Sony of America Corporation) PRC - C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation) PRC - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation) PRC - C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated) PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) PRC - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe (Adobe Systems Incorporated) PRC - C:\Program Files (x86)\Common Files\aol\1357462529\ee\aolsoftware.exe (AOL Inc.) PRC - C:\Users\OH\AppData\Roaming\T-Mobile Internet Manager\ouc.exe (Huawei Technologies Co., Ltd.) PRC - C:\Program Files (x86)\Common Files\AOL\ACS\AOLAcsd.exe (AOL LLC) PRC - C:\Program Files (x86)\RauchFrei\RauchFrei.exe (SWR3.online) ========== Modules (No Company Name) ========== MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\1770f4fb3b437d05badf13679e8ff0bd\System.ServiceModel.Routing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\6f750662bfef47bb20c17230472d8e7f\System.ServiceModel.Discovery.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\d30d2f75af7cdf3880c1b5d1a2622d81\System.ServiceModel.Channels.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\950a487ee233b20ac56f1e2fbe7b29f6\System.ServiceModel.Activities.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\ce2164d32e319ee1d047119316c19557\System.IdentityModel.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\35f10af8371c9953294e6bdc86b5458b\System.ServiceModel.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\b24c65edc1e2688b3f42830b0c620492\System.ServiceModel.Web.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\2bb04ca46f8374826e4e6cafae120aa1\System.Runtime.DurableInstancing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\c9508bbbee390fa5c287a84d1a88d7d9\System.Runtime.Serialization.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\3801a5e161089434ffe30b9350881308\System.Xml.Linq.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\30e3a21202000677d0a9270572251477\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\716959df79685a1eae0fc14275a32b0f\WindowsBase.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\764f15e86c82662e977bd418bd6318c1\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\1f0bb5336d1706c9b8ad2330f3642760\PresentationFramework.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\6ded1c6dbf61d19f839da66c951d8fa9\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\9b2940478ec555990b37af5448b8f509\PresentationCore.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\93a17ba6cb6753328f25466bc0bf1cb1\System.Core.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\a1949f57d2ec260e09768e98fecb0559\WindowsBase.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\ddc3e8c2774eaec614d6775983652980\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\5ecf01964c70e453d71e5d7653912ff9\System.Web.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.WorkflowServ#\17b4a6296ab10e2cf9a1a54a73a13ec4\System.WorkflowServices.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\a9ecbe8beef8c04f60f9127ec6599abf\SMDiagnostics.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\40c7a89fe2cbf3c12a2c39e034da54cf\System.Xaml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\85a17526c326bfb377b5c2124dce39f2\IAStorCommon.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\ceda881f46083cfb6356ed39e6bf9dcb\IAStorUtil.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\78ecbee4a7444353dce52afb9d9d795c\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\fc476bbac36944e352c2f547352ffa64\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\60674dde4b56087c189f576f36f6720f\PresentationFramework.Aero.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\f93dca0e4baa1dcb37cf75392b7c89da\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\6a1ccc1e1a79ce267d3d1808af382cd6\mscorlib.ni.dll () MOD - C:\Program Files (x86)\AOL Desktop 9.7\zlib.dll () MOD - C:\Program Files (x86)\AOL Desktop 9.7\Components\Tier2Svc.dll () MOD - C:\Program Files (x86)\AOL Desktop 9.7\Components\DataSvcs.dll () MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll () MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll () MOD - C:\Program Files (x86)\ffdshow\ffdshow.ax () ========== Services (SafeList) ========== SRV:64bit: - (SampleCollector) -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe (Sony Corporation) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (AntiVirWebService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira Operations GmbH & Co. KG) SRV - (AntiVirMailService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe (Avira Operations GmbH & Co. KG) SRV - (Garmin Core Update Service) -- C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe (Garmin Ltd or its subsidiaries) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirFirewallService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe (Avira Operations GmbH & Co. KG) SRV - (McComponentHostService) -- C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe (McAfee, Inc.) SRV - (VUAgent) -- C:\Programme\Sony\VAIO Update\VUAgent.exe (Sony Corporation) SRV - (AHDDC2) -- C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe () SRV - (Netzmanager Service) -- C:\Programme\Netzmanager\NMInfraIS2\Netzmanager_Service.exe (Deutsche Telekom AG) SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies) SRV - (IconMan_R) -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Realsil Microelectronics Inc.) SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) SRV - (Fabs) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG) SRV - (VcmIAlzMgr) -- C:\Programme\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe (Sony Corporation) SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®) SRV - (Atheros Bt&Wlan Coex Agent) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros) SRV - (AtherosSvc) -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe (Atheros Commnucations) SRV - (VAIO Event Service) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation) SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.) SRV - (VSNService) -- C:\Programme\Sony\VAIO Smart Network\VSNService.exe (Sony Corporation) SRV - (SeaPort) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation) SRV - (uCamMonitor) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (ArcSoft, Inc.) SRV - (SOHCImp) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe (Sony Corporation) SRV - (SOHDs) -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe (Sony Corporation) SRV - (VcmXmlIfHelper) -- C:\Programme\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe (Sony Corporation) SRV - (VcmINSMgr) -- C:\Programme\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe (Sony Corporation) SRV - (VCService) -- C:\Programme\Sony\VAIO Care\VCService.exe (Sony Corporation) SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) SRV - (SpfService) -- C:\Programme\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe (Sony Corporation) SRV - (VCFw) -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe (Sony Corporation) SRV - (PMBDeviceInfoProvider) -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation) SRV - (AdobeActiveFileMonitor9.0) -- C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated) SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.) SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation) SRV - (DfSdkS) -- C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\DfsdkS64.exe (mst software GmbH, Germany) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (AOL ACS) -- C:\Program Files (x86)\Common Files\AOL\ACS\AOLAcsd.exe (AOL LLC) ========== Driver Services (SafeList) ========== DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira Operations GmbH & Co. KG) DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG) DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG) DRV:64bit: - (avfwot) -- C:\Windows\SysNative\drivers\avfwot.sys (Avira GmbH) DRV:64bit: - (avfwim) -- C:\Windows\SysNative\drivers\avfwim.sys (Avira GmbH) DRV:64bit: - (ssudmdm) -- C:\Windows\SysNative\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr)) DRV:64bit: - (dg_ssudbus) -- C:\Windows\SysNative\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr)) DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation) DRV:64bit: - (RSPCIESTOR) -- C:\Windows\SysNative\drivers\RtsPStor.sys (Realtek Semiconductor Corp.) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation) DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation) DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation) DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation) DRV:64bit: - (ApfiltrService) -- C:\Windows\SysNative\drivers\Apfiltr.sys (Alps Electric Co., Ltd.) DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.) DRV:64bit: - (ssadmdm) -- C:\Windows\SysNative\drivers\ssadmdm.sys (MCCI Corporation) DRV:64bit: - (ssadbus) -- C:\Windows\SysNative\drivers\ssadbus.sys (MCCI Corporation) DRV:64bit: - (ssadmdfl) -- C:\Windows\SysNative\drivers\ssadmdfl.sys (MCCI Corporation) DRV:64bit: - (tap0901) -- C:\Windows\SysNative\drivers\tap0901.sys (The OpenVPN Project) DRV:64bit: - (BtFilter) -- C:\Windows\SysNative\drivers\btfilter.sys (Atheros) DRV:64bit: - (BTATH_RCP) -- C:\Windows\SysNative\drivers\btath_rcp.sys (Atheros) DRV:64bit: - (BTATH_LWFLT) -- C:\Windows\SysNative\drivers\btath_lwflt.sys (Atheros) DRV:64bit: - (BTATH_A2DP) -- C:\Windows\SysNative\drivers\btath_a2dp.sys (Atheros) DRV:64bit: - (BTATH_HCRP) -- C:\Windows\SysNative\drivers\btath_hcrp.sys (Atheros) DRV:64bit: - (btath_avdt) -- C:\Windows\SysNative\drivers\btath_avdt.sys (Atheros) DRV:64bit: - (ATHDFU) -- C:\Windows\SysNative\drivers\AthDfu.sys (Windows (R) Win 7 DDK provider) DRV:64bit: - (AthBTPort) -- C:\Windows\SysNative\drivers\btath_flt.sys (Atheros) DRV:64bit: - (BTATH_BUS) -- C:\Windows\SysNative\drivers\btath_bus.sys (Atheros) DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation) DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation) DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek ) DRV:64bit: - (CnxtHdAudService) -- C:\Windows\SysNative\drivers\CHDRT64.sys (Conexant Systems Inc.) DRV:64bit: - (FTDIBUS) -- C:\Windows\SysNative\drivers\ftdibus.sys (FTDI Ltd.) DRV:64bit: - (FTSER2K) -- C:\Windows\SysNative\drivers\ftser2k.sys (FTDI Ltd.) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation) DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation) DRV:64bit: - (RT-USB) -- C:\Windows\SysNative\drivers\RT-USB64.SYS (Ross-Tech LLC) DRV:64bit: - (SFEP) -- C:\Windows\SysNative\drivers\SFEP.sys (Sony Corporation) DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions) DRV:64bit: - (silabser) -- C:\Windows\SysNative\drivers\silabser.sys (Silicon Laboratories) DRV:64bit: - (silabenm) -- C:\Windows\SysNative\drivers\silabenm.sys (Silicon Laboratories, Inc.) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation) DRV:64bit: - (e1yexpress) -- C:\Windows\SysNative\drivers\e1y60x64.sys (Intel Corporation) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (ArcSoftKsUFilter) -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys (ArcSoft, Inc.) DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.) DRV:64bit: - (grmnusb) -- C:\Windows\SysNative\drivers\grmnusb.sys (GARMIN Corp.) DRV:64bit: - (hwdatacard) -- C:\Windows\SysNative\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.) DRV:64bit: - (wanatw) -- C:\Windows\SysNative\drivers\wanatw64.sys (America Online, Inc.) DRV - (avfwot) -- C:\Windows\SysWOW64\drivers\avfwot.sys (Avira GmbH) DRV - (TelekomNM6) -- C:\Programme\Netzmanager\NMInfraIS2\Driver\TelekomNM6.sys (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-4989281-2294219093-863846339-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.sm.de IE - HKU\S-1-5-21-4989281-2294219093-863846339-1001\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-4989281-2294219093-863846339-1001\..\SearchScopes\{06797DD0-B899-40BB-A36C-BF7F382FD418}: "URL" = hxxp://de.shopping.com/?linkin_id=8056363 IE - HKU\S-1-5-21-4989281-2294219093-863846339-1001\..\SearchScopes\{27C0E32C-9041-4E45-9647-D0E3AEBF7103}: "URL" = hxxp://rover.ebay.com/rover/1/707-37276-16609-21/4?satitle={searchTerms} IE - HKU\S-1-5-21-4989281-2294219093-863846339-1001\..\SearchScopes\{6083E34B-C277-41EF-8A48-3CF29E852A36}: "URL" = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices IE - HKU\S-1-5-21-4989281-2294219093-863846339-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "https://www.google.de/" FF - prefs.js..extensions.enabledAddons: %7B195A3098-0BD5-4e90-AE22-BA1C540AFD1E%7D:4.0.4 FF - prefs.js..extensions.enabledAddons: %7B1DEC6447-C74F-4886-9002-202C27C703F1%7D:1.12.0.0 FF - prefs.js..extensions.enabledAddons: %7Bfa1cfe8c-66b4-4469-b360-b60c79d70c28%7D:5.22.35.9399 FF - prefs.js..extensions.enabledAddons: %7Bd49175b3-3fd8-43b8-b28e-da5d47f3c398%7D:1.0.49 FF - prefs.js..extensions.enabledAddons: 509508ef-0b14-4616-a557-0d58601be33d%40c4a581e9-0ea6-46db-a185-58e021ee138c.com:0.91.21 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.05.22 19:21:44 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.05.22 19:21:39 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.04.01 18:13:36 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\addlyrics@addlyrics.net: C:\Program Files (x86)\AddLyrics\FF\ FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.05.22 19:21:44 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.05.22 19:21:39 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.04.01 18:13:36 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2011.06.09 22:03:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\OH\AppData\Roaming\mozilla\Extensions [2013.05.25 23:05:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\OH\AppData\Roaming\mozilla\Firefox\Profiles\kd3yy7op.default\extensions [2012.11.30 21:44:37 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Users\OH\AppData\Roaming\mozilla\Firefox\Profiles\kd3yy7op.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2013.04.03 06:39:11 | 000,000,000 | ---D | M] ("AOL Mail Toolbar") -- C:\Users\OH\AppData\Roaming\mozilla\Firefox\Profiles\kd3yy7op.default\extensions\{fa1cfe8c-66b4-4469-b360-b60c79d70c28} [2013.05.25 23:05:21 | 000,000,000 | ---D | M] ("Plus-HD-1.3") -- C:\Users\OH\AppData\Roaming\mozilla\Firefox\Profiles\kd3yy7op.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com [2013.05.25 23:05:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\OH\AppData\Roaming\mozilla\Firefox\Profiles\kd3yy7op.default\extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com\chrome\content\extensionCode [2012.09.17 18:06:42 | 000,128,244 | ---- | M] () (No name found) -- C:\Users\OH\AppData\Roaming\mozilla\firefox\profiles\kd3yy7op.default\extensions\{1DEC6447-C74F-4886-9002-202C27C703F1}.xpi [2013.05.23 21:45:58 | 000,395,933 | ---- | M] () (No name found) -- C:\Users\OH\AppData\Roaming\mozilla\firefox\profiles\kd3yy7op.default\extensions\{d49175b3-3fd8-43b8-b28e-da5d47f3c398}.xpi [2013.04.03 06:39:16 | 000,002,530 | ---- | M] () -- C:\Users\OH\AppData\Roaming\mozilla\firefox\profiles\kd3yy7op.default\searchplugins\aol-search.xml [2012.12.12 10:20:29 | 000,001,052 | ---- | M] () -- C:\Users\OH\AppData\Roaming\mozilla\firefox\profiles\kd3yy7op.default\searchplugins\ashampoo-de-customized-web-search.xml [2013.05.22 19:21:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2013.05.22 19:21:39 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013.05.22 19:21:39 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2013.05.22 19:21:39 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2013.05.22 19:21:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions [2013.05.22 19:21:44 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter} CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.94\pdf.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll CHR - plugin: Java(TM) Platform SE 7 U21 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll CHR - plugin: McAfee Security Scanner + (Enabled) = C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll CHR - plugin: MetaStream 3 Plugin (Enabled) = C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll CHR - Extension: Plus-HD-1.3 = C:\Users\OH\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.23.10_0\crossrider CHR - Extension: Plus-HD-1.3 = C:\Users\OH\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.23.10_0\ O1 HOSTS File: ([2013.05.21 23:32:42 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.) O2 - BHO: (AddLyrics) - {4145006D-47F8-42F2-8186-2225AAFECDD3} - C:\Program Files (x86)\AddLyrics\AddLyrics.dll File not found O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) O4:64bit: - HKLM..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.) O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations) O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications) O4:64bit: - HKLM..\Run: [cAudioFilterAgent] C:\Programme\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe (Conexant Systems, Inc.) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [DataCardMonitor] C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\DataCardMonitor.exe (Huawei Technologies Co., Ltd.) O4 - HKLM..\Run: [HostManager] C:\Program Files (x86)\Common Files\AOL\1357462529\ee\AOLSoftware.exe (AOL Inc.) O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation) O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.) O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation) O4 - HKU\S-1-5-21-4989281-2294219093-863846339-1001..\Run: [AOL Fast Start] C:\Program Files (x86)\AOL Desktop 9.7\AOL.EXE (AOL Inc.) O4 - HKU\S-1-5-21-4989281-2294219093-863846339-1001..\Run: [BrowserMask] C:\Program Files (x86)\AntiBrowserSpy\AntiBrowserSpyBrowserMaske.exe (Microsoft) O4 - HKU\S-1-5-21-4989281-2294219093-863846339-1001..\Run: [GarminExpressTrayApp] C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe (Garmin Ltd or its subsidiaries) O4 - HKU\S-1-5-21-4989281-2294219093-863846339-1001..\Run: [HP Officejet 4620 series (NET)] C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.) O4 - HKU\S-1-5-21-4989281-2294219093-863846339-1001..\Run: [HW_OPENEYE_OUC_T-Mobile Internet Manager] C:\Program Files (x86)\T-Mobile\T-Mobile Internet Manager\UpdateDog\ouc.exe (Huawei Technologies Co., Ltd.) O4 - HKU\S-1-5-21-4989281-2294219093-863846339-1001..\Run: [ICQ] C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.) O4 - HKU\S-1-5-21-4989281-2294219093-863846339-1001..\Run: [SWR3RauchFrei] C:\Program Files (x86)\RauchFrei\RauchFrei.exe (SWR3.online) O4 - Startup: C:\Users\OH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MFT VCDS Updater.lnk = File not found O4 - Startup: C:\Users\OH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () O4 - Startup: C:\Users\OH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Ross-Tech VCDS DRV Updater.lnk = C:\PCI-Tuning\VCDS-PCI\VCDS.exe (Ross-Tech, LLC) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-4989281-2294219093-863846339-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-4989281-2294219093-863846339-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe (Hewlett-Packard) O9 - Extra 'Tools' menuitem : HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe (Hewlett-Packard) O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000020 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O13 - gopher Prefix: missing O15 - HKU\S-1-5-21-4989281-2294219093-863846339-1001\..Trusted Domains: aol.com ([objects] * is out of zone range - 5) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_13-windows-i586.cab (Reg Error: Value error.) O16 - DPF: {CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_13-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_13-windows-i586.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7CB938F2-7400-48A7-8010-03EA6E22EC79}: DhcpNameServer = 192.168.178.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll File not found O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll File not found O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.05.25 12:59:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Plus-HD-1.3 [2013.05.25 12:59:01 | 000,000,000 | ---D | C] -- C:\Program Files\Uninstaller [2013.05.23 23:16:18 | 000,000,000 | R--D | C] -- C:\Users\OH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices [2013.05.23 22:59:59 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT [2013.05.23 22:59:23 | 000,000,000 | ---D | C] -- C:\JRT [2013.05.22 22:21:38 | 000,000,000 | ---D | C] -- C:\Users\OH\Desktop\mbar [2013.05.22 19:21:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2013.05.22 19:01:07 | 000,000,000 | -HSD | C] -- C:\found.001 [2013.05.21 23:35:33 | 000,000,000 | ---D | C] -- C:\Windows\temp [2013.05.21 23:23:37 | 000,000,000 | ---D | C] -- C:\ComboFix [2013.05.21 23:21:56 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2013.05.21 23:21:56 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2013.05.21 23:21:56 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2013.05.21 23:18:08 | 000,000,000 | ---D | C] -- C:\Qoobox [2013.05.21 23:16:34 | 000,000,000 | ---D | C] -- C:\Windows\erdnt [2013.05.19 12:25:56 | 000,000,000 | ---D | C] -- C:\Users\OH\Documents\104 [2013.05.16 06:09:11 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2013.05.16 06:09:10 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013.05.16 06:09:10 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2013.05.16 06:09:08 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2013.05.16 06:09:07 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2013.05.16 06:09:07 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2013.05.16 06:09:07 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2013.05.16 06:09:05 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2013.05.16 06:09:05 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2013.05.16 06:09:05 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2013.05.16 06:09:05 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2013.05.16 06:09:04 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013.05.16 06:09:01 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013.05.16 06:09:01 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013.05.16 06:09:00 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013.05.15 17:07:22 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys [2013.05.15 17:07:22 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll [2013.05.15 17:06:57 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll [2013.05.15 17:06:56 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll [2013.05.15 17:06:53 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll [2013.05.15 17:06:53 | 000,111,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe [2013.05.15 17:06:21 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanprotdim.dll [2013.05.06 00:41:01 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN [2013.05.02 11:16:05 | 000,083,160 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avnetflt.sys [2013.04.30 10:59:23 | 000,000,000 | ---D | C] -- C:\Users\OH\Documents\skanowanie0001 [2013.04.29 09:23:31 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2013.04.27 21:12:48 | 000,000,000 | ---D | C] -- C:\Users\OH\AppData\Roaming\AntiBrowserSpy 2009 [2013.04.27 21:12:09 | 000,000,000 | ---D | C] -- C:\Users\OH\AppData\Local\Abelssoft [2013.04.27 21:12:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AntiBrowserSpy [2013.04.27 21:11:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AntiBrowserSpy [2013.04.27 21:09:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\COMPUTERBILD-Abzockschutz [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.05.26 21:14:00 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.05.26 21:06:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.05.26 19:45:11 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.05.26 19:37:57 | 000,001,742 | ---- | M] () -- C:\Windows\tasks\Plus-HD-1.3-firefoxinstaller.job [2013.05.26 19:32:58 | 000,001,760 | ---- | M] () -- C:\Windows\tasks\Plus-HD-1.3-chromeinstaller.job [2013.05.26 19:32:58 | 000,001,164 | ---- | M] () -- C:\Windows\tasks\Plus-HD-1.3-updater.job [2013.05.26 19:32:57 | 000,001,176 | ---- | M] () -- C:\Windows\tasks\Plus-HD-1.3-codedownloader.job [2013.05.26 19:32:57 | 000,001,076 | ---- | M] () -- C:\Windows\tasks\Plus-HD-1.3-enabler.job [2013.05.26 19:32:50 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.05.23 23:23:16 | 000,020,928 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.05.23 23:23:16 | 000,020,928 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.05.23 23:20:13 | 001,614,892 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.05.23 23:20:13 | 000,697,534 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.05.23 23:20:13 | 000,652,812 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.05.23 23:20:13 | 000,148,540 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.05.23 23:20:13 | 000,121,486 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.05.23 23:16:27 | 000,001,942 | ---- | M] () -- C:\Users\OH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet 4620 series (Netzwerk).lnk [2013.05.23 23:15:29 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl [2013.05.23 23:14:55 | 3180,220,416 | -HS- | M] () -- C:\hiberfil.sys [2013.05.23 21:15:31 | 000,002,183 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2013.05.23 18:20:47 | 000,000,512 | ---- | M] () -- C:\Users\OH\Desktop\MBR.dat [2013.05.21 23:32:42 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2013.05.20 21:48:15 | 000,020,368 | ---- | M] () -- C:\test.xml [2013.05.19 12:25:56 | 000,285,580 | ---- | M] () -- C:\Users\OH\Documents\104.zip [2013.05.16 18:46:12 | 000,445,024 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013.05.15 00:07:22 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013.05.15 00:07:22 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013.05.06 00:41:28 | 000,000,871 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk [2013.05.06 00:40:11 | 000,001,132 | ---- | M] () -- C:\Users\OH\Desktop\SuchMaschine.lnk [2013.05.04 08:05:57 | 507,805,743 | ---- | M] () -- C:\Windows\MEMORY.DMP [2013.05.02 11:15:12 | 000,083,160 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avnetflt.sys [2013.04.30 10:59:23 | 001,396,910 | ---- | M] () -- C:\Users\OH\Documents\skanowanie0001.zip [2013.04.27 21:12:04 | 000,001,075 | ---- | M] () -- C:\Users\OH\Desktop\AntiBrowserSpy.lnk [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.05.25 12:59:34 | 000,001,164 | ---- | C] () -- C:\Windows\tasks\Plus-HD-1.3-updater.job [2013.05.25 12:59:30 | 000,001,076 | ---- | C] () -- C:\Windows\tasks\Plus-HD-1.3-enabler.job [2013.05.25 12:59:28 | 000,001,176 | ---- | C] () -- C:\Windows\tasks\Plus-HD-1.3-codedownloader.job [2013.05.25 12:59:11 | 000,001,742 | ---- | C] () -- C:\Windows\tasks\Plus-HD-1.3-firefoxinstaller.job [2013.05.25 12:59:09 | 000,001,760 | ---- | C] () -- C:\Windows\tasks\Plus-HD-1.3-chromeinstaller.job [2013.05.23 18:20:47 | 000,000,512 | ---- | C] () -- C:\Users\OH\Desktop\MBR.dat [2013.05.21 23:21:56 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2013.05.21 23:21:56 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2013.05.21 23:21:56 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2013.05.21 23:21:56 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2013.05.21 23:21:56 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2013.05.19 12:25:51 | 000,285,580 | ---- | C] () -- C:\Users\OH\Documents\104.zip [2013.05.06 00:40:11 | 000,001,132 | ---- | C] () -- C:\Users\OH\Desktop\SuchMaschine.lnk [2013.04.30 10:59:00 | 001,396,910 | ---- | C] () -- C:\Users\OH\Documents\skanowanie0001.zip [2013.04.29 09:23:29 | 507,805,743 | ---- | C] () -- C:\Windows\MEMORY.DMP [2013.04.27 21:12:04 | 000,001,075 | ---- | C] () -- C:\Users\OH\Desktop\AntiBrowserSpy.lnk [2013.03.15 10:28:10 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini [2013.03.06 10:05:37 | 000,999,424 | ---- | C] () -- C:\Windows\SysWow64\fathmail.dll [2013.03.06 00:35:52 | 000,148,375 | ---- | C] () -- C:\Windows\hphins33.dat [2013.03.06 00:35:52 | 000,000,512 | ---- | C] () -- C:\Windows\hphmdl33.dat [2013.03.06 00:02:32 | 000,148,426 | ---- | C] () -- C:\Windows\hphins33.dat.temp [2013.03.06 00:02:32 | 000,000,512 | ---- | C] () -- C:\Windows\hphmdl33.dat.temp [2013.01.06 10:06:00 | 000,000,002 | ---- | C] () -- C:\Windows\msoffice.ini [2012.08.07 23:38:16 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [2012.07.19 23:17:42 | 000,007,596 | ---- | C] () -- C:\Users\OH\AppData\Local\Resmon.ResmonCfg [2011.12.03 18:30:38 | 000,000,132 | ---- | C] () -- C:\Windows\ODBC.INI [2011.11.25 19:47:56 | 000,000,017 | ---- | C] () -- C:\Windows\SysWow64\shortcut_ex.dat [2011.09.16 11:54:48 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe [2011.09.16 11:54:44 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll [2011.09.16 11:54:44 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll [2011.09.16 11:54:44 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll [2011.09.16 11:54:44 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll [2011.06.09 22:24:03 | 000,000,335 | ---- | C] () -- C:\Windows\nsreg.dat ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== Alternate Data Streams ========== @Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:054203E4 < End of report > |
|
26.05.2013, 22:10
| #28 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | APPL/Solimba.gen .Rechner langsam/80%CPU Auslastung HDD lampe fast immer an. Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle einen Vollscan mit Malwarebytes Anti-Malware (MBAM) (falls du vor kurzem erst einen Vollscan gemacht hast, reicht auch ein Quickscan (spart Zeit), das dann mir bitte auch mitteilen) Hinweis: Denk bitte vorher daran, Malwarebytes Anti-Malware über den Updatebutton zu aktualisieren! Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt: ESET Online Scanner
__________________ Logfiles bitte immer in CODE-Tags posten |
|
27.05.2013, 04:56
| #29 |
| | APPL/Solimba.gen .Rechner langsam/80%CPU Auslastung HDD lampe fast immer an.Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.05.27.01 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16576 OH :: OH-VAIO [Administrator] Schutz: Aktiviert 27.05.2013 05:45:55 MBAM-log-2013-05-27 (05-55-02).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 224064 Laufzeit: 8 Minute(n), 23 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 1 C:\Users\OH\Downloads\FlashPlayer_V.156438353b.exe (PUP.FakeFlash.Domaiq) -> Keine Aktion durchgeführt. (Ende) |
|
27.05.2013, 08:59
| #30 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | APPL/Solimba.gen .Rechner langsam/80%CPU Auslastung HDD lampe fast immer an. einen Vollscan hast du erst kürzlich gemacht? Was ist mit ESET?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu APPL/Solimba.gen .Rechner langsam/80%CPU Auslastung HDD lampe fast immer an. |
| appl/solimba.gen, auslastung, befinden, cpu, cpu auslastung, dateien, festplatte, folge, folgendes, gefunde, guten, lampe, langsamer, löschen, platte, quarantäne, rechner, tagen, verschoben, virenscan, zusammen |
Linear-Darstellung
