| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: laptop auf einmal langsamWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
14.02.2013, 17:23
| #1 |
 |  laptop auf einmal langsam hallo mein laptop ist plötzlich so langsam und ich glaube der lüfter ist auch lauter kann mir jemand helfen gruß kai |
|
14.02.2013, 17:24
| #2 |
| /// Malware-holic   | laptop auf einmal langsam hi
__________________Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
ATTFilter activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
C:\Windows\system32\*.tsp
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
__________________ |
|
14.02.2013, 18:24
| #3 |
| | laptop auf einmal langsam OTL Logfile:
__________________Code:
ATTFilter OTL logfile created on: 14.02.2013 18:10:07 - Run 2 OTL by OldTimer - Version 3.2.69.0 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,87 Gb Total Physical Memory | 2,41 Gb Available Physical Memory | 62,37% Memory free 7,73 Gb Paging File | 6,21 Gb Available in Paging File | 80,38% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 254,14 Gb Total Space | 161,27 Gb Free Space | 63,46% Space Free | Partition Type: NTFS Drive D: | 29,00 Gb Total Space | 27,80 Gb Free Space | 95,87% Space Free | Partition Type: NTFS Computer Name: PC-PC | User Name: cocco | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\cocco\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\IB Updater\ExtensionUpdaterService.exe () PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) PRC - C:\ProgramData\DatacardService\DCSHelper.exe (Huawei Technologies Co., Ltd.) PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.) ========== Modules (No Company Name) ========== ========== Services (SafeList) ========== SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies) SRV - (IB Updater) -- C:\Programme\IB Updater\ExtensionUpdaterService.exe () SRV - (NisSrv) -- c:\Programme\Microsoft Security Client\NisSrv.exe (Microsoft Corporation) SRV - (MsMpSvc) -- c:\Programme\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation) SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) SRV - (HWDeviceService64.exe) -- C:\ProgramData\DatacardService\HWDeviceService64.exe () SRV - (HPSLPSVC) -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL (Hewlett-Packard Co.) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation) SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) SRV - (Lenovo ReadyComm ConnSvc) -- C:\Programme\Lenovo\ReadyComm\ConnSvc.exe (Lenovo Group Limited) SRV - (Lenovo ReadyComm AppSvc) -- C:\Programme\Lenovo\ReadyComm\AppSvc.exe (Lenovo Group Limited) SRV - (PS_MDP) -- C:\Program Files (x86)\Lenovo\ReadyComm\PS_MDP.dll (Lenovo Group Limited) SRV - (IGRS) -- C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe (Lenovo Group Limited) SRV - (ReadyComm.DirectRouter) -- C:\Program Files (x86)\Lenovo\ReadyComm\common\router.dll (Lenovo Group Limited) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira Operations GmbH & Co. KG) DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG) DRV:64bit: - (ManyCam) -- C:\Windows\SysNative\drivers\mcvidrv_x64.sys (ManyCam LLC) DRV:64bit: - (mcaudrv_simple) -- C:\Windows\SysNative\drivers\mcaudrv_x64.sys (ManyCam LLC) DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG) DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation) DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.) DRV:64bit: - (Fs_Rec) -- C:\windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.) DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation) DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation) DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation) DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation) DRV:64bit: - (SbFw) -- C:\Windows\SysNative\drivers\SbFw.sys (Sunbelt Software, Inc.) DRV:64bit: - (SbTis) -- C:\Windows\SysNative\drivers\sbtis.sys (Sunbelt Software, Inc.) DRV:64bit: - (sbhips) -- C:\Windows\SysNative\drivers\sbhips.sys (Sunbelt Software, Inc.) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (SBFWIMCLMP) -- C:\Windows\SysNative\drivers\SbFwIm.sys (Sunbelt Software, Inc.) DRV:64bit: - (SBFWIMCL) -- C:\Windows\SysNative\drivers\SbFwIm.sys (Sunbelt Software, Inc.) DRV:64bit: - (huawei_enumerator) -- C:\Windows\SysNative\drivers\ew_jubusenum.sys (Huawei Technologies Co., Ltd.) DRV:64bit: - (hwdatacard) -- C:\Windows\SysNative\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.) DRV:64bit: - (ewusbmbb) -- C:\Windows\SysNative\drivers\ewusbwwan.sys (Huawei Technologies Co., Ltd.) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (ew_hwusbdev) -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys (Huawei Technologies Co., Ltd.) DRV:64bit: - (TFsExDisk) -- C:\Windows\SysNative\drivers\TFsExDisk.sys (Teruten Inc) DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.) DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation) DRV:64bit: - (usbsmi) -- C:\Windows\SysNative\drivers\SMIksdrv.sys (SMI) DRV:64bit: - (CnxtHdAudService) -- C:\Windows\SysNative\drivers\CHDRT64.sys (Conexant Systems Inc.) DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation) DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation) DRV:64bit: - (ACPIVPC) -- C:\Windows\SysNative\drivers\AcpiVpc.sys (Lenovo Corporation) DRV:64bit: - (HECIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation) DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek ) DRV:64bit: - (wsvd) -- C:\Windows\SysNative\drivers\wsvd.sys (CyberLink) DRV:64bit: - (wdmirror) -- C:\Windows\SysNative\drivers\WDMirror.sys (Lenovo) DRV:64bit: - (Bridge0) -- C:\Windows\SysNative\drivers\WDBridge.sys (Lenovo) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation) DRV:64bit: - (netw5v64) -- C:\Windows\SysNative\drivers\netw5v64.sys (Intel Corporation) DRV:64bit: - (k57nd60a) -- C:\Windows\SysNative\drivers\k57nd60a.sys (Broadcom Corporation) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (KMWDFILTER) -- C:\Windows\SysNative\drivers\KMWDFILTER.sys (Windows (R) Codename Longhorn DDK provider) DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation) DRV - (TFsExDisk) -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys (Teruten Inc) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) DRV - (StarOpen) -- C:\windows\SysWow64\drivers\StarOpen.sys () ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-1267310097-3752901941-3059132480-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google IE - HKU\S-1-5-21-1267310097-3752901941-3059132480-1004\..\URLSearchHook: {D8278076-BC68-4484-9233-6E7F1628B56C} - No CLSID value found IE - HKU\S-1-5-21-1267310097-3752901941-3059132480-1004\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-1267310097-3752901941-3059132480-1004\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://www.delta-search.com/?q={searchTerms}&affID=119776&babsrc=SP_ss&mntrId=3e90c085000000000000002682a68352 IE - HKU\S-1-5-21-1267310097-3752901941-3059132480-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1267310097-3752901941-3059132480-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.selectedEngine: "Delta Search" FF - prefs.js..browser.search.suggest.enabled: false FF - prefs.js..browser.search.update: false FF - prefs.js..browser.startup.homepage: "hxxp://www.ebay.de/?rvr_id=249600547409&clk_rvr_id=249600547409&crlp=8429659726_477281_477301&UA=%3F*F%3F&GUID=574602aa1310a479ed833623ff42dd80&agid=2013570406&tm_kw=ebay&siteid=77&MT_ID=1324&tt_encode=raw&keyword=ebay&geo_id=6631&ff4=477281_477301|hxxp://www.t-online.de/|hxxp://de.yahoo.com/|hxxp://www.hugendubel.de/1/1000000/ebooks.html" FF - prefs.js..extensions.enabledAddons: ich%40maltegoetz.de:1.4.3 FF - prefs.js..extensions.enabledAddons: %7B195A3098-0BD5-4e90-AE22-BA1C540AFD1E%7D:4.0.4 FF - prefs.js..extensions.enabledAddons: 2020Player_IKEA%402020Technologies.com:5.0.94.0 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.2 FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_5_502_149.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_149.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll File not found FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\IB UPDATER\FIREFOX [2012.12.20 11:25:18 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.12.03 15:51:19 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.02.06 10:33:19 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.02.06 10:32:25 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.02.06 10:33:19 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.02.06 10:32:25 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.12.03 15:51:19 | 000,000,000 | ---D | M] [2011.07.23 14:16:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\cocco\AppData\Roaming\mozilla\Extensions [2013.02.14 16:43:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\cocco\AppData\Roaming\mozilla\Firefox\Profiles\85ly5gs5.default\extensions [2012.11.30 11:59:22 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Users\cocco\AppData\Roaming\mozilla\Firefox\Profiles\85ly5gs5.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2013.01.18 19:13:41 | 000,000,000 | ---D | M] (20-20 3D Viewer - IKEA) -- C:\Users\cocco\AppData\Roaming\mozilla\Firefox\Profiles\85ly5gs5.default\extensions\2020Player_IKEA@2020Technologies.com [2012.10.13 16:04:38 | 000,000,000 | ---D | M] (German Dictionary) -- C:\Users\cocco\AppData\Roaming\mozilla\Firefox\Profiles\85ly5gs5.default\extensions\de-DE@dictionaries.addons.mozilla.org [2012.09.16 06:53:20 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\cocco\AppData\Roaming\mozilla\Firefox\Profiles\85ly5gs5.default\extensions\ich@maltegoetz.de [2013.02.09 13:53:06 | 000,224,945 | ---- | M] () (No name found) -- C:\Users\cocco\AppData\Roaming\mozilla\firefox\profiles\85ly5gs5.default\extensions\gophoto@gophoto.it.xpi [2012.12.13 21:29:00 | 000,199,445 | ---- | M] () (No name found) -- C:\Users\cocco\AppData\Roaming\mozilla\firefox\profiles\85ly5gs5.default\extensions\movie2kdownloader@movie2kdownloader.com.xpi [2012.12.11 19:48:55 | 000,036,098 | ---- | M] () (No name found) -- C:\Users\cocco\AppData\Roaming\mozilla\firefox\profiles\85ly5gs5.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi [2013.02.14 16:43:59 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\cocco\AppData\Roaming\mozilla\firefox\profiles\85ly5gs5.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012.07.07 13:58:26 | 000,014,714 | ---- | M] () (No name found) -- C:\Users\cocco\AppData\Roaming\mozilla\firefox\profiles\85ly5gs5.default\extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi [2013.02.08 20:10:15 | 000,001,294 | ---- | M] () -- C:\Users\cocco\AppData\Roaming\mozilla\firefox\profiles\85ly5gs5.default\searchplugins\delta.xml [2013.02.06 10:32:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2013.02.06 10:33:19 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012.04.06 07:59:02 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2012.01.23 10:50:38 | 000,170,080 | ---- | M] (Tracker Software Products (Canada) Ltd.) -- C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2013.01.05 16:11:17 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2013.01.05 16:11:17 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2013.01.05 16:11:17 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2013.01.05 16:11:17 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2013.01.05 16:11:17 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2013.01.05 16:11:17 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2012.04.10 18:54:50 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O4:64bit: - HKLM..\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited) O4:64bit: - HKLM..\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1267310097-3752901941-3059132480-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1267310097-3752901941-3059132480-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\S-1-5-21-1267310097-3752901941-3059132480-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run-Disabled: New Application = C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\cocco\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm () O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\cocco\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O8 - Extra context menu item: Free YouTube Download - C:\Users\cocco\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm () O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\cocco\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm () O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 10.3.0) O16:64bit: - DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03) O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22) O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{34D41D7E-9D16-4775-80A6-B9D1A0875CF8}: NameServer = 193.189.244.206 193.189.244.225 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B9AC4254-765A-4B65-B82D-A72069B93558}: NameServer = 193.189.244.225 193.189.244.206 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DC61E5D9-B1D5-40BE-A003-2DFDE213449C}: DhcpNameServer = 192.168.178.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll File not found O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll File not found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.02.14 17:35:30 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\cocco\Desktop\OTL.exe [2013.02.14 07:23:48 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll [2013.02.14 07:23:48 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll [2013.02.14 07:23:42 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll [2013.02.14 07:23:41 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll [2013.02.14 07:23:40 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe [2013.02.14 07:23:39 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\url.dll [2013.02.14 07:23:39 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll [2013.02.14 07:23:39 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe [2013.02.14 07:23:36 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl [2013.02.14 07:23:35 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll [2013.02.14 07:23:35 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl [2013.02.14 07:23:34 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll [2013.02.14 07:23:28 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll [2013.02.14 07:23:28 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll [2013.02.14 07:23:27 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll [2013.02.13 19:22:34 | 005,553,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntoskrnl.exe [2013.02.13 19:22:31 | 003,967,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntkrnlpa.exe [2013.02.13 19:22:30 | 003,913,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntoskrnl.exe [2013.02.13 19:22:15 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winsrv.dll [2013.02.13 19:22:13 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\setup16.exe [2013.02.13 19:22:13 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntvdm64.dll [2013.02.13 19:22:13 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\instnm.exe [2013.02.13 19:22:12 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wow32.dll [2013.02.13 19:22:11 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\user.exe [2013.02.13 19:22:03 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\FWPKCLNT.SYS [2013.02.13 05:15:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2013.02.13 05:15:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2013.02.09 13:42:11 | 000,000,000 | ---D | C] -- C:\Users\cocco\Desktop\eBay-Fotos [2013.02.08 20:09:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Gophoto.it [2013.02.08 20:09:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Movie2KDownloader.com [2013.02.08 20:09:08 | 000,000,000 | ---D | C] -- C:\Users\cocco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\hdvidcodec.com [2013.02.08 20:09:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\hdvidcodec.com [2013.02.06 10:32:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2013.01.28 20:51:06 | 000,000,000 | ---D | C] -- C:\Users\cocco\AppData\Roaming\DivX [2013.01.28 20:48:19 | 000,000,000 | ---D | C] -- C:\Program Files\DivX [2013.01.28 20:46:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX [2013.01.28 20:46:07 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX [2013.01.28 08:28:23 | 000,000,000 | ---D | C] -- C:\Users\cocco\Desktop\sina [2013.01.27 15:16:09 | 000,000,000 | ---D | C] -- C:\Users\cocco\Documents\Eigene Scans [2013.01.18 19:39:40 | 000,750,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\win32spl.dll [2013.01.18 19:39:39 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\win32spl.dll [2013.01.18 19:39:07 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ncrypt.dll [2013.01.18 19:39:04 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\usp10.dll [2013.01.18 19:38:26 | 000,045,568 | ---- | C] (Microsoft) -- C:\windows\SysWow64\oflc-nz.rs [2013.01.18 19:38:26 | 000,045,568 | ---- | C] (Microsoft) -- C:\windows\SysNative\oflc-nz.rs [2013.01.18 19:38:26 | 000,043,520 | ---- | C] (Microsoft) -- C:\windows\SysWow64\csrr.rs [2013.01.18 19:38:26 | 000,043,520 | ---- | C] (Microsoft) -- C:\windows\SysNative\csrr.rs [2013.01.18 19:38:25 | 000,046,592 | ---- | C] (Microsoft) -- C:\windows\SysWow64\fpb.rs [2013.01.18 19:38:25 | 000,046,592 | ---- | C] (Microsoft) -- C:\windows\SysNative\fpb.rs [2013.01.18 19:38:25 | 000,044,544 | ---- | C] (Microsoft) -- C:\windows\SysWow64\pegibbfc.rs [2013.01.18 19:38:25 | 000,044,544 | ---- | C] (Microsoft) -- C:\windows\SysNative\pegibbfc.rs [2013.01.18 19:38:25 | 000,040,960 | ---- | C] (Microsoft) -- C:\windows\SysWow64\cob-au.rs [2013.01.18 19:38:25 | 000,040,960 | ---- | C] (Microsoft) -- C:\windows\SysNative\cob-au.rs [2013.01.18 19:38:25 | 000,030,720 | ---- | C] (Microsoft) -- C:\windows\SysWow64\usk.rs [2013.01.18 19:38:25 | 000,030,720 | ---- | C] (Microsoft) -- C:\windows\SysNative\usk.rs [2013.01.18 19:38:25 | 000,021,504 | ---- | C] (Microsoft) -- C:\windows\SysWow64\grb.rs [2013.01.18 19:38:25 | 000,015,360 | ---- | C] (Microsoft) -- C:\windows\SysWow64\djctq.rs [2013.01.18 19:38:25 | 000,015,360 | ---- | C] (Microsoft) -- C:\windows\SysNative\djctq.rs [2013.01.18 19:38:23 | 000,021,504 | ---- | C] (Microsoft) -- C:\windows\SysNative\grb.rs [2013.01.18 19:38:23 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysWow64\pegi-pt.rs [2013.01.18 19:38:23 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysNative\pegi-pt.rs [2013.01.18 19:38:23 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysWow64\pegi.rs [2013.01.18 19:38:23 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysNative\pegi.rs [2013.01.18 19:38:22 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\gameux.dll [2013.01.18 19:38:22 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Wpc.dll [2013.01.18 19:38:21 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\gameux.dll [2013.01.18 19:38:21 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Wpc.dll [2013.01.18 19:38:19 | 000,051,712 | ---- | C] (Microsoft) -- C:\windows\SysNative\esrb.rs [2013.01.18 19:38:18 | 000,055,296 | ---- | C] (Microsoft) -- C:\windows\SysWow64\cero.rs [2013.01.18 19:38:18 | 000,055,296 | ---- | C] (Microsoft) -- C:\windows\SysNative\cero.rs [2013.01.18 19:38:18 | 000,051,712 | ---- | C] (Microsoft) -- C:\windows\SysWow64\esrb.rs [2013.01.18 19:38:18 | 000,023,552 | ---- | C] (Microsoft) -- C:\windows\SysWow64\oflc.rs [2013.01.18 19:38:18 | 000,023,552 | ---- | C] (Microsoft) -- C:\windows\SysNative\oflc.rs [2013.01.18 19:38:18 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysWow64\pegi-fi.rs [2013.01.18 19:38:18 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysNative\pegi-fi.rs [2013.01.18 19:37:09 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KernelBase.dll [2013.01.18 19:37:07 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kernel32.dll [2013.01.18 19:37:05 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64win.dll [2013.01.18 19:37:05 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\conhost.exe [2013.01.18 19:37:05 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64.dll [2013.01.18 19:37:05 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64cpu.dll [2013.01.18 19:37:04 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntvdm64.dll [2013.01.18 19:37:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-string-l1-1-0.dll [2013.01.18 19:37:02 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll [2013.01.18 19:37:02 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-file-l1-1-0.dll [2013.01.18 19:37:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll [2013.01.18 19:37:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll [2013.01.18 19:37:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll [2013.01.18 19:37:00 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-security-base-l1-1-0.dll [2013.01.18 19:37:00 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll [2013.01.18 19:37:00 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll [2013.01.18 19:37:00 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll [2013.01.18 19:37:00 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll [2013.01.18 19:37:00 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll [2013.01.18 19:37:00 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-synch-l1-1-0.dll [2013.01.18 19:37:00 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll [2013.01.18 19:37:00 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll [2013.01.18 19:37:00 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-util-l1-1-0.dll [2013.01.18 19:37:00 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll [2013.01.18 19:37:00 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll [2013.01.18 19:37:00 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-profile-l1-1-0.dll [2013.01.18 19:36:59 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll [2013.01.18 19:36:59 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll [2013.01.18 19:36:59 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll [2013.01.18 19:36:59 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll [2013.01.18 19:36:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll [2013.01.18 19:36:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll [2013.01.18 19:36:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll [2013.01.18 19:36:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll [2013.01.18 19:36:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-misc-l1-1-0.dll [2013.01.18 19:36:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll [2013.01.18 19:36:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-memory-l1-1-0.dll [2013.01.18 19:36:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll [2013.01.18 19:36:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll [2013.01.18 19:36:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll [2013.01.18 19:36:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-io-l1-1-0.dll [2013.01.18 19:36:58 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll [2013.01.18 19:36:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll [2013.01.18 19:36:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll [2013.01.18 19:36:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll [2013.01.18 19:36:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-heap-l1-1-0.dll [2013.01.18 19:36:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll [2013.01.18 19:36:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll [2013.01.18 19:36:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll [2013.01.18 19:36:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-handle-l1-1-0.dll [2013.01.18 19:36:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll [2013.01.18 19:36:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll [2013.01.18 19:36:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll [2013.01.18 19:36:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll [2013.01.18 19:36:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-debug-l1-1-0.dll [2013.01.18 19:36:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll [2013.01.18 19:36:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll [2013.01.18 19:36:57 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll [2013.01.18 19:36:57 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll [2013.01.18 19:36:57 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-localization-l1-1-0.dll [2013.01.18 19:36:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll [2013.01.18 19:36:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll [2013.01.18 19:36:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-console-l1-1-0.dll [2013.01.18 19:36:29 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskhost.exe [2013.01.16 13:12:35 | 000,000,000 | ---D | C] -- C:\Users\cocco\Documents\Neuer Ordner [1 C:\windows\SysNative\drivers\*.tmp files -> C:\windows\SysNative\drivers\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.02.14 17:39:01 | 000,001,102 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job [2013.02.14 17:35:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\cocco\Desktop\OTL.exe [2013.02.14 17:26:01 | 000,000,884 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job [2013.02.14 15:52:28 | 001,002,253 | ---- | M] () -- C:\Users\cocco\Desktop\hartz kai.jpg [2013.02.14 15:39:00 | 000,001,098 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job [2013.02.14 14:48:30 | 000,013,424 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.02.14 14:48:30 | 000,013,424 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.02.14 14:41:07 | 000,000,326 | ---- | M] () -- C:\windows\tasks\GlaryInitialize.job [2013.02.14 14:40:49 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat [2013.02.14 07:55:52 | 000,315,032 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT [2013.02.14 07:30:59 | 001,522,286 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI [2013.02.14 07:30:59 | 000,654,852 | ---- | M] () -- C:\windows\SysNative\perfh007.dat [2013.02.14 07:30:59 | 000,616,694 | ---- | M] () -- C:\windows\SysNative\perfh009.dat [2013.02.14 07:30:59 | 000,130,434 | ---- | M] () -- C:\windows\SysNative\perfc007.dat [2013.02.14 07:30:59 | 000,106,816 | ---- | M] () -- C:\windows\SysNative\perfc009.dat [2013.02.13 17:03:41 | 000,020,992 | ---- | M] () -- C:\Users\cocco\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2013.02.13 07:09:09 | 000,065,590 | ---- | M] () -- C:\Users\cocco\Desktop\Angebot Wulf.pdf [2013.02.13 05:28:17 | 000,015,732 | ---- | M] () -- C:\Users\cocco\Documents\ebay.odt [2013.02.08 10:11:02 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2013.02.08 09:26:35 | 000,697,712 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe [2013.02.08 09:26:35 | 000,074,096 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl [2013.01.25 17:15:00 | 000,000,402 | ---- | M] () -- C:\windows\tasks\1-Click Maintenance.job [2013.01.18 19:57:36 | 000,001,151 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2013.01.18 17:36:15 | 000,061,272 | ---- | M] () -- C:\Users\cocco\MultiChannelCheckoutPrintPdf.pdf [2013.01.16 15:03:00 | 000,013,587 | ---- | M] () -- C:\Users\cocco\Desktop\bewerbung.odt [1 C:\windows\SysNative\drivers\*.tmp files -> C:\windows\SysNative\drivers\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.02.14 15:24:59 | 001,002,253 | ---- | C] () -- C:\Users\cocco\Desktop\hartz kai.jpg [2013.02.13 07:09:09 | 000,065,590 | ---- | C] () -- C:\Users\cocco\Desktop\Angebot Wulf.pdf [2013.02.13 05:28:14 | 000,015,732 | ---- | C] () -- C:\Users\cocco\Documents\ebay.odt [2013.02.08 10:11:02 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2013.01.18 19:57:36 | 000,001,151 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2013.01.18 17:36:14 | 000,061,272 | ---- | C] () -- C:\Users\cocco\MultiChannelCheckoutPrintPdf.pdf [2013.01.16 15:02:59 | 000,013,587 | ---- | C] () -- C:\Users\cocco\Desktop\bewerbung.odt [2012.12.21 12:24:26 | 000,000,523 | ---- | C] () -- C:\windows\wininit.ini [2012.12.12 03:52:39 | 082,238,291 | ---- | C] () -- C:\Users\cocco\mäxle neu.xpp [2012.10.09 23:47:10 | 000,000,058 | ---- | C] () -- C:\Users\cocco\AppData\Roaming\mbam.context.scan [2012.10.02 08:23:30 | 222,139,670 | ---- | C] () -- C:\Users\cocco\mäxle2.bak [2012.10.02 08:23:30 | 222,139,558 | ---- | C] () -- C:\Users\cocco\mäxle2.xpp [2012.09.25 10:21:13 | 082,145,412 | ---- | C] () -- C:\Users\cocco\mäxle.xpp [2012.09.25 10:21:13 | 082,145,393 | ---- | C] () -- C:\Users\cocco\mäxle.bak [2012.07.29 18:48:35 | 007,111,590 | ---- | C] () -- C:\Users\cocco\AppData\Local\census.cache [2012.07.29 18:38:11 | 000,118,033 | ---- | C] () -- C:\Users\cocco\AppData\Local\ars.cache [2012.06.21 15:34:27 | 000,000,034 | ---- | C] () -- C:\windows\cdplayer.ini [2012.04.06 09:35:11 | 000,000,036 | ---- | C] () -- C:\Users\cocco\AppData\Local\housecall.guid.cache [2012.02.25 06:24:22 | 000,000,000 | ---- | C] () -- C:\Users\cocco\AppData\Local\{8A30A419-CD73-4841-822B-31045D1742DD} [2012.01.22 01:54:14 | 000,000,024 | ---- | C] () -- C:\Users\cocco\AppData\Roaming\xpy.ini [2011.12.23 20:58:24 | 000,974,848 | ---- | C] () -- C:\windows\SysWow64\cis-2.4.dll [2011.12.23 20:58:24 | 000,081,920 | ---- | C] () -- C:\windows\SysWow64\issacapi_bs-2.3.dll [2011.12.23 20:58:24 | 000,065,536 | ---- | C] () -- C:\windows\SysWow64\issacapi_pe-2.3.dll [2011.12.23 20:58:24 | 000,057,344 | ---- | C] () -- C:\windows\SysWow64\issacapi_se-2.3.dll [2011.12.03 15:46:10 | 000,244,612 | ---- | C] () -- C:\windows\hpoins19.dat [2011.12.03 15:46:10 | 000,013,898 | ---- | C] () -- C:\windows\hpomdl19.dat [2011.08.13 17:53:59 | 000,020,992 | ---- | C] () -- C:\Users\cocco\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.04.26 08:06:18 | 000,000,064 | ---- | C] () -- C:\windows\SysWow64\rp_stats.dat [2011.04.26 08:06:18 | 000,000,044 | ---- | C] () -- C:\windows\SysWow64\rp_rules.dat [2010.12.17 10:45:32 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt [2010.11.25 22:01:28 | 000,000,088 | ---- | C] () -- C:\ProgramData\profile.xml ========== ZeroAccess Check ========== [2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2011.11.20 17:58:11 | 000,000,000 | ---D | M] -- C:\Users\cocco\AppData\Roaming\.minecraft [2012.04.07 14:25:13 | 000,000,000 | ---D | M] -- C:\Users\cocco\AppData\Roaming\Ad-Aware Antivirus [2012.08.30 12:35:02 | 000,000,000 | ---D | M] -- C:\Users\cocco\AppData\Roaming\Audacity [2012.12.10 10:48:26 | 000,000,000 | ---D | M] -- C:\Users\cocco\AppData\Roaming\Canon [2011.07.23 14:15:47 | 000,000,000 | ---D | M] -- C:\Users\cocco\AppData\Roaming\CheckPoint [2012.11.10 13:00:47 | 000,000,000 | ---D | M] -- C:\Users\cocco\AppData\Roaming\DVDVideoSoft [2012.08.26 12:19:22 | 000,000,000 | ---D | M] -- C:\Users\cocco\AppData\Roaming\DVDVideoSoftIEHelpers [2011.09.04 15:14:50 | 000,000,000 | ---D | M] -- C:\Users\cocco\AppData\Roaming\Garmin [2012.11.05 09:19:16 | 000,000,000 | ---D | M] -- C:\Users\cocco\AppData\Roaming\GlarySoft [2013.01.09 12:37:56 | 000,000,000 | ---D | M] -- C:\Users\cocco\AppData\Roaming\ICQ-Profile [2013.01.18 19:13:44 | 000,000,000 | ---D | M] -- C:\Users\cocco\AppData\Roaming\ICQM [2013.01.18 19:14:03 | 000,000,000 | ---D | M] -- C:\Users\cocco\AppData\Roaming\IrfanView [2012.11.10 15:03:30 | 000,000,000 | ---D | M] -- C:\Users\cocco\AppData\Roaming\ManyCam [2013.01.18 19:14:03 | 000,000,000 | ---D | M] -- C:\Users\cocco\AppData\Roaming\Mobile Partner [2011.11.08 19:22:06 | 000,000,000 | ---D | M] -- C:\Users\cocco\AppData\Roaming\OpenOffice.org [2012.01.16 13:18:00 | 000,000,000 | ---D | M] -- C:\Users\cocco\AppData\Roaming\Samsung [2013.02.14 15:12:21 | 000,000,000 | ---D | M] -- C:\Users\cocco\AppData\Roaming\SoftGrid Client [2012.11.05 10:15:41 | 000,000,000 | ---D | M] -- C:\Users\cocco\AppData\Roaming\TuneUp Software [2012.04.07 15:49:57 | 000,000,000 | ---D | M] -- C:\Users\cocco\AppData\Roaming\{90140011-0066-0407-0000-0000000FF1CE} ========== Purity Check ========== < End of report > OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 14.02.2013 18:10:07 - Run 2
OTL by OldTimer - Version 3.2.69.0
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,87 Gb Total Physical Memory | 2,41 Gb Available Physical Memory | 62,37% Memory free
7,73 Gb Paging File | 6,21 Gb Available in Paging File | 80,38% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 254,14 Gb Total Space | 161,27 Gb Free Space | 63,46% Space Free | Partition Type: NTFS
Drive D: | 29,00 Gb Total Space | 27,80 Gb Free Space | 95,87% Space Free | Partition Type: NTFS
Computer Name: PC-PC | User Name: cocco | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-1267310097-3752901941-3059132480-1004\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0E8F35D4-A1BC-4DA6-BA89-96A027279590}" = rport=139 | protocol=6 | dir=out | app=system |
"{1562BBA5-5B3B-4E9D-9751-6FFB80D29E02}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{1D35F81D-EA64-4FB4-8B3E-B20A1A08F592}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{24064D47-FE02-4ED6-8DC2-8FC5A6C7D84B}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{2B349BD8-4EF3-47BD-8B31-B4290878A9E1}" = lport=137 | protocol=17 | dir=in | app=system |
"{33946CE4-9E74-4EF8-BCDB-6FDD946E36F2}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{36059024-BB0E-49EE-BEE5-7BC519890FB9}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4B848BD3-01EC-437B-B594-CDF6E2A01E89}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4E694933-09F2-4143-BA62-04B182491EDB}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{55972CEA-BFD1-40CF-8C62-A9042FED240B}" = rport=137 | protocol=17 | dir=out | app=system |
"{60FC71A0-5130-46B3-833D-43B749DBC330}" = lport=10243 | protocol=6 | dir=in | app=system |
"{709AD5FA-DF08-46A5-A89A-542369E49016}" = lport=445 | protocol=6 | dir=in | app=system |
"{8837E5AF-4439-42D1-9680-9B64525B620C}" = lport=2869 | protocol=6 | dir=in | app=system |
"{8C93196B-90AF-42BA-A7F7-8CEB2FB589E1}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9275364F-026F-4897-AAAD-273E16748B8B}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{9FD52752-6B91-4113-969F-C7792DDB78F6}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{ADE5C945-F2B1-4CA5-9C0E-E20093FEF599}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{AE88CEEA-4CDB-4810-8E80-E8FBDF5A9520}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B4A36BB3-A089-4F4E-A675-B2B25B6DF8E8}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B541E624-9CFF-49C5-AE04-E940D62020F6}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C9E3250E-D88E-4B12-9044-2E9A7CADF883}" = rport=10243 | protocol=6 | dir=out | app=system |
"{E3FDF14D-E781-4540-A036-DF5C4A38535D}" = lport=2869 | protocol=6 | dir=in | app=system |
"{E503B238-5088-4844-B580-98178FFD83D4}" = lport=139 | protocol=6 | dir=in | app=system |
"{E630FD68-F94C-4A51-9B99-ADF62E6C0758}" = rport=445 | protocol=6 | dir=out | app=system |
"{E9A695CA-A309-4776-ABB1-2AB4E0297D77}" = lport=138 | protocol=17 | dir=in | app=system |
"{EA162D60-1A14-4AF4-ADE9-EB4A7E540BC4}" = rport=138 | protocol=17 | dir=out | app=system |
"{F16367C3-CBEC-4405-8F4E-8E16B3BAA5E5}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01ABA33C-8026-4351-AA9A-861D1EE8F68B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposfx08.exe |
"{03D07422-B634-4FA9-9AE4-E7E530726046}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{069D1163-8461-472E-9A2A-45EEFD4FB618}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{0778C272-DC47-4E9E-A600-1E167FBF93E1}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{10EDECD9-BABC-4952-A323-37F4A143EA9D}" = protocol=6 | dir=out | app=system |
"{1849FC57-5357-4CF8-B614-0728406D2460}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqsudi.exe |
"{1BF05FFD-C7F4-46E8-9B3A-499426443E75}" = dir=out | app=c:\program files\lenovo\readycomm\connsvc.exe |
"{23A4C698-6E7F-41DE-B336-FF14EDE708AB}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{284BFFCA-F209-47B9-81B1-F85EC28E4B27}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{28EEA7B0-0011-4543-945F-9E9FD8A44D44}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{295C0200-ADCB-403B-A7E1-F303E7C37779}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{2B5AC8E2-4A36-4BD4-A7FF-D8FAB4992714}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{30B0186F-DA10-406E-BA02-038AD4DD3F91}" = dir=out | app=c:\program files\lenovo\readycomm\appsvc.exe |
"{3238C20A-09BB-4FF5-B612-E8124B8D379C}" = dir=in | app=c:\program files\lenovo\readycomm\appsvc.exe |
"{38B7CE82-06EA-4D91-8F3F-E7CFA3BEFF92}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"{38EEDF7A-342B-448B-917E-2DE8C4793931}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpzwiz01.exe |
"{3991F1FB-CF35-4B9C-8DED-6ACBBA783C9A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{3A27C86F-5484-4445-89C0-6B751C006D90}" = dir=in | app=c:\users\cocco\appdata\local\microsoft\skydrive\skydrive.exe |
"{3BCB8396-BB13-4C21-B3A5-94F21325479D}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{3E8CF362-D892-4E20-AC70-4C9A4BB04A39}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{40A41657-71E9-4CFB-9313-7BF96C03391D}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{447FEA31-A1E1-40EA-BC6B-25EBA663C5DC}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{44E74DDE-F266-47C8-825F-A3F0F6260336}" = dir=out | app=c:\program files (x86)\lenovo\readycomm\common\igrs.exe |
"{45CD5E2C-5357-48F0-B4D2-33C156DE105C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{51B4790D-A5D1-4966-B38C-3CEDD13EF6BF}" = dir=out | app=c:\program files\lenovo\readycomm\projectionist.exe |
"{522267BA-A140-4590-8D5A-21B7FC430DD4}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{612D005A-49DC-4CCA-BB30-1BE37B2200CF}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{67616116-2203-421B-B5E6-1B93357B9354}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{69B3999B-D8DA-4453-9004-8C4785012092}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{6FEB80F7-AF6F-4D1C-9553-04652F6EAA88}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{71E50892-B105-4B4B-87FE-4BC942994B96}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{731DD34C-B497-4E70-858C-3F703017582D}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{74473971-71E8-4B42-BAD4-21C0400924AF}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{7A6BC6DA-B245-442C-9D48-BA30E498D830}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqfxt08.exe |
"{7C8A03E9-B030-42F8-A3BC-C618E9027F51}" = dir=in | app=c:\program files\lenovo\readycomm\connsvc.exe |
"{831F1821-D78B-4954-8A9A-4EF2FCA3E885}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{84065740-F0A9-425E-9386-73231F1F1FB2}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxs08.exe |
"{98981F44-E566-49FB-9557-8385F4434C43}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{9B42B00D-962C-49F6-B680-9AB4B6F4A646}" = dir=out | app=c:\program files\lenovo\readycomm\readycomm.exe |
"{9C07578B-E88B-40AA-AFFA-65C4BAD5773B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9F7AAA23-AC6D-4C45-80DD-85FD033F40D7}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{A421E559-D3FA-485D-B276-7FC08ADEA178}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{A6DD3B24-5727-4007-BAE3-0595EB0399CA}" = dir=out | app=c:\program files (x86)\lenovo\readycomm\common\igrs.exe |
"{A7E39AE4-8D4B-418B-9C24-62BC545EF113}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B0FF2664-9C18-4382-A44D-DC0A3E52A996}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpse.exe |
"{B111ECEA-338E-441F-BC20-A0099D2FD799}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B27C7900-AB00-424C-B8E1-EAA22C61037A}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{B2C52FF9-62EE-4BBA-9A8F-8194BFFB4C08}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B495F9A8-1EB8-41F8-8EE7-BE01936C4EAF}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqcopy2.exe |
"{B5D49F7A-CC2E-432B-BB7F-3DE73A1AD8F9}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{B9735DC3-3D6B-4568-9548-CC0BCAD8AADA}" = dir=out | app=c:\windows\system32\igrssvcs.exe |
"{BABEA0C3-78D8-4C34-8FA9-2863A4AD5F66}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{C7AAB971-3CA4-407D-A472-3920E823A526}" = dir=in | app=c:\windows\system32\igrssvcs.exe |
"{C7E8A382-EEB4-422A-A28E-D11A9656F208}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{C90CB032-4AEF-4B88-862F-94D1F5F0019F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{CA741657-16F4-4CA0-AD11-9E8DD72F1156}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{D1E9B6CB-390E-4452-9405-E7CCD15CA502}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{D74A44EF-932A-4F71-8B87-A6D7D4243FE2}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{D816829C-9615-42A0-81EF-D6027DFA7C4A}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D93EAB69-9294-4F5D-B6ED-D2087C9D21C8}" = dir=in | app=c:\program files (x86)\lenovo\readycomm\common\igrs.exe |
"{D98A97AA-D072-43B4-884D-21DFE4806416}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D9C562D0-85F8-4A83-83F0-3B134EC82ECD}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{DB0CEABE-6ECA-46B0-A715-3DB29B5028A4}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqnrs08.exe |
"{E0B7CB73-C905-477F-B7B8-2C38CCC92194}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{E1EC8C75-84C1-4F18-A0D4-C5D562969529}" = dir=in | app=c:\program files\lenovo\readycomm\projectionist.exe |
"{E9AE08AC-57E0-465D-B2E9-B95B8473C486}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxm08.exe |
"{F2BC0183-6F35-4892-B306-576EEE679E98}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpsapp.exe |
"{FE1E062A-C40F-40AC-917A-33DAB83122B7}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{FF024627-8C4F-4012-8AAB-97B2650BBA6B}" = dir=in | app=c:\program files (x86)\lenovo\readycomm\common\igrs.exe |
"TCP Query User{77A4C503-F621-41A0-8EDB-502F97F577F1}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"TCP Query User{C1094704-5A39-48AD-A51B-147D56A160A6}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"TCP Query User{ED4B02AD-6D0A-4E3B-AE4E-8F509C5FC6DA}C:\program files (x86)\eidos interactive\pyro studios\praetorians\praetorians.exe" = protocol=6 | dir=in | app=c:\program files (x86)\eidos interactive\pyro studios\praetorians\praetorians.exe |
"UDP Query User{1A0123E3-3D02-4C7F-A554-89656747AB6F}C:\program files (x86)\eidos interactive\pyro studios\praetorians\praetorians.exe" = protocol=17 | dir=in | app=c:\program files (x86)\eidos interactive\pyro studios\praetorians\praetorians.exe |
"UDP Query User{303F9159-697E-491A-AFE8-3C47AE5CBA7E}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"UDP Query User{658279A2-2A46-4E4D-8AE5-99BEE6850735}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}" = Network64
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{08C3441C-4FAF-48D3-A551-70DD6031734F}" = Microsoft Baseline Security Analyzer 2.2
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack
"{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}" = iTunes
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86417003FF}" = Java(TM) 7 Update 3 (64-bit)
"{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}" = Network64
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}" = Apple Mobile Device Support
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9ED333F8-3E6C-4A38-BAFA-728454121CDA}" = PDF-XChange Viewer
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B61ED343-0B14-4241-999C-490CB1A20DA4}" = HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{C78D3032-9DFD-41D0-9DE9-58EAE750CBA4}" = Microsoft Security Client
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client DE-DE Language Pack
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
"0A4175B489A1B4A6E07E11B063A6263480C51D71" = Windows-Treiberpaket - Lenovo (ACPIVPC) System (10/19/2009 5.4.0.1)
"49CF605F02C7954F4E139D18828DE298CD59217C" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0)
"CCleaner" = CCleaner
"CNXT_AUDIO_HDA" = Conexant HD Audio
"FinePrint" = FinePrint
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.51
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft Security Client" = Microsoft Security Essentials
"NVIDIA Drivers" = NVIDIA Drivers
"Samsung Mobile phone USB driver Drive" = Samsung Mobile phone USB driver Drive Software
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{0CE226F3-EB27-4ECD-BBF5-F088716779FD}" = Energy Management
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{104066F4-5897-4067-85D3-4C88B67CCF75}" = AIO_Scan
"{17542DBF-E17C-4562-BC4D-FA3EF3076C45}" = Lenovo ReadyComm 5
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{2B818257-E6C7-4841-8C29-C5C9A982BCE5}" = RICOH Media Driver ver.2.07.01.02
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4B407A54-6CF2-42B5-B419-E900B2E36972}" = 1500
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{510D2239-6C2E-457B-9590-485EC552D94D}" = Garmin USB Drivers
"{592ED299-14EF-4C0E-93B4-B687CD5A2EBE}_is1" = posterXXL.de Bestellsoftware 4.80
"{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{690F5BA3-5DEB-42CD-962B-F687EE59FAA7}" = Windows Live Essentials
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{76C66170-C538-4E77-B54D-48E136B5B533}" = Lenovo ReadyComm 5.0 Service
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7D542452-84EB-47C0-97BA-735C523AB555}" = Garmin Training Center
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows Vista and Later
"{8991E763-21F5-4DEA-A938-5D9D77DCB488}" = Broadcom 802.11 Wireless Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F6B13E2-B93F-4203-9BD4-5DC18C9F9DEB}" = AIO_CDB_Software
"{A2101ACC-DC36-42AA-A576-6FD6A8D466DA}" = 1500_Help
"{A4C6B32D-5088-40AF-B74D-CDABEF144F04}" = 1500Trb
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAC8AF92-DAEC-45D2-B77D-36699E3751A9}" = Praetorians
"{AE364ACC-B9DF-466B-B4EA-AEECD0CD581E}" = Windows Live Messenger
"{AFBAB9A0-DDE8-49AE-8C17-A01B61BEE64B}" = Garmin MapSource
"{B2164CCB-C002-4B80-8550-7535D80DF237}" = Lenovo DirectShare
"{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}" = Google Earth
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B727564C-47D3-473A-AC9E-F4BE7B1BD5D3}" = Windows Live UX Platform Language Pack
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
"{DFB19121-0609-49C1-92B1-546E5A940FE8}" = Onekey Theater
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1203F8C-FF34-4968-A4A5-B4F1F8533DAB}" = Photo Common
"{E7112940-5F8E-4918-B9FE-251F2F8DC81F}" = AIO_CDB_ProductContext
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F2235E5E-7881-4293-9B6F-04B2609FBFF0}" = Windows Live Messenger
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FE7AD27A-62B1-44F6-B69C-25D1ECA94F5D}" = Lenovo EasyCamera
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"1ClickDownload" = HDVidCodec
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Audiograbber" = Audiograbber 1.83 SE
"Avira AntiVir Desktop" = Avira Free Antivirus
"ESET Online Scanner" = ESET Online Scanner v3
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.35.1031
"Glary Utilities_is1" = Glary Utilities 2.50.0.1632
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery
"InstallShield_{B2164CCB-C002-4B80-8550-7535D80DF237}" = Lenovo DirectShare
"IrfanView" = IrfanView (remove only)
"ManyCam" = ManyCam 3.0.92 (remove only)
"Mobile Partner" = Mobile Partner
"Mozilla Firefox 18.0.2 (x86 de)" = Mozilla Firefox 18.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"VLC media player" = VLC media player 1.1.11
"WinLiveSuite" = Windows Live Essentials
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1267310097-3752901941-3059132480-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"MyFreeCodec" = MyFreeCodec
"SkyDriveSetup.exe" = Microsoft SkyDrive
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 12.02.2013 03:25:46 | Computer Name = PC-PC | Source = CVHSVC | ID = 100
Description = Nur zur Information. (Patch task for {90140011-0066-0407-0000-0000000FF1CE}):
DownloadLatest Failed: Zurzeit sind keine aktiven Netzwerkverbindungen verfügbar.
Der Vorgang wird von BITS wiederholt, sobald der Adapter über eine Verbindung verfügt.
Error - 12.02.2013 10:37:37 | Computer Name = PC-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files
(x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder
Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion
steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt
stehende Komponenten:. Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 12.02.2013 10:39:06 | Computer Name = PC-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\posterxxl.de bestellsoftware\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei
"c:\program files (x86)\posterxxl.de bestellsoftware\DelZip179.dll" in Zeile 8.
Der
Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 12.02.2013 10:39:27 | Computer Name = PC-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\spybot - search & destroy\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei
"c:\program files (x86)\spybot - search & destroy\DelZip179.dll" in Zeile 8. Der
Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 13.02.2013 02:50:25 | Computer Name = PC-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files
(x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder
Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion
steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt
stehende Komponenten:. Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 13.02.2013 02:51:56 | Computer Name = PC-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\posterxxl.de bestellsoftware\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei
"c:\program files (x86)\posterxxl.de bestellsoftware\DelZip179.dll" in Zeile 8.
Der
Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 13.02.2013 02:52:19 | Computer Name = PC-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\spybot - search & destroy\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei
"c:\program files (x86)\spybot - search & destroy\DelZip179.dll" in Zeile 8. Der
Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 13.02.2013 04:36:58 | Computer Name = PC-PC | Source = Application Hang | ID = 1002
Description = Programm iexplore.exe, Version 9.0.8112.16457 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: 17ac Startzeit: 01ce09c4ec99da43 Endzeit: 130 Anwendungspfad:
C:\Program Files\Internet Explorer\iexplore.exe Berichts-ID:
Error - 14.02.2013 10:12:19 | Computer Name = PC-PC | Source = Application Virtualization Client | ID = 5009
Description = {hap=12:app=Microsoft Word Starter 2010 9014006604070000:tid=C44:usr=cocco}
Application
Virtualization Client konnte keine Verbindung mit der Datenstrom-URL 'hxxp://c2r.microsoft.com/ConsumerC2R/de-de/14.0.4763.1000/ConsumerC2R.de-de_14.0.6129.5001.sft'
herstellen (Rückgabecode 16001E0A-000001D1, ursprünglicher Rückgabecode 16001E0A-000001D1).
Error - 14.02.2013 10:12:19 | Computer Name = PC-PC | Source = Application Virtualization Client | ID = 3008
Description = {hap=12:app=Microsoft Word Starter 2010 9014006604070000:tid=C44:usr=cocco}
Der
Client konnte keine Verbindung mit Application Virtualization Server herstellen
(Rückgabecode 16001E0A-000001D1).
[ Media Center Events ]
Error - 12.06.2012 13:52:35 | Computer Name = PC-PC | Source = MCUpdate | ID = 0
Description = 19:52:28 - Fehler beim Herstellen der Internetverbindung. 19:52:28
- Serververbindung konnte nicht hergestellt werden..
Error - 14.06.2012 03:29:51 | Computer Name = PC-PC | Source = MCUpdate | ID = 0
Description = 09:29:50 - Fehler beim Herstellen der Internetverbindung. 09:29:51
- Serververbindung konnte nicht hergestellt werden..
Error - 14.06.2012 03:30:01 | Computer Name = PC-PC | Source = MCUpdate | ID = 0
Description = 09:29:56 - Fehler beim Herstellen der Internetverbindung. 09:29:56
- Serververbindung konnte nicht hergestellt werden..
[ System Events ]
Error - 14.02.2013 02:58:37 | Computer Name = PC-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "ReadyComm.DirectRouter" wurde aufgrund folgenden Fehlers
nicht gestartet: %%2
Error - 14.02.2013 07:18:39 | Computer Name = PC-PC | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\StarOpen.SYS
nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
des Treibers zu erhalten.
Error - 14.02.2013 07:20:09 | Computer Name = PC-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
Lbd SBRE StarOpen
Error - 14.02.2013 07:22:27 | Computer Name = PC-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "ReadyComm.DirectRouter" wurde aufgrund folgenden Fehlers
nicht gestartet: %%2
Error - 14.02.2013 09:35:49 | Computer Name = PC-PC | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\StarOpen.SYS
nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
des Treibers zu erhalten.
Error - 14.02.2013 09:36:28 | Computer Name = PC-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
Lbd SBRE StarOpen
Error - 14.02.2013 09:38:39 | Computer Name = PC-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "ReadyComm.DirectRouter" wurde aufgrund folgenden Fehlers
nicht gestartet: %%2
Error - 14.02.2013 09:40:41 | Computer Name = PC-PC | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\StarOpen.SYS
nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
des Treibers zu erhalten.
Error - 14.02.2013 09:41:16 | Computer Name = PC-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
Lbd SBRE StarOpen
Error - 14.02.2013 09:43:23 | Computer Name = PC-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "ReadyComm.DirectRouter" wurde aufgrund folgenden Fehlers
nicht gestartet: %%2
< End of report >
|
|
14.02.2013, 20:54
| #4 |
| /// Malware-holic | laptop auf einmal langsam Hi evtl. musst du den FF nach dem Fix neu installieren. otl fix Fixen mit OTL
Code:
ATTFilter :OTL
O7 - HKU\S-1-5-21-1267310097-3752901941-3059132480-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run-Disabled: New Application = C:\Program
Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
:files
:Commands
[emptytemp]
Hinweis: Die Datei bitte wie in der Anleitung zum UpChannel angegeben auch da hochladen. Bitte NICHT die ZIP-Datei hier als Anhang in den Thread posten! Drücke bitte die  + E Taste.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
16.02.2013, 08:28
| #5 |
| | laptop auf einmal langsam Error: Unable to interpret <OTL Logfile: Code:
ATTFilter OTL logfile created on: 16.02.2013 08:11:19 - Run 3> in the current context! Error: Unable to interpret <OTL by OldTimer - Version 3.2.69.0 Folder = C:Desktop> in the current context! Error: Unable to interpret <64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation> in the current context! Error: Unable to interpret <Internet Explorer (Version = 9.0.8112.16421)> in the current context! Error: Unable to interpret <Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <3,87 Gb Total Physical Memory | 2,68 Gb Available Physical Memory | 69,37% Memory free> in the current context! Error: Unable to interpret <7,73 Gb Paging File | 6,32 Gb Available in Paging File | 81,75% Paging File free> in the current context! Error: Unable to interpret <Paging file location(s): ?:\pagefile.sys [binary data]> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)> in the current context! Error: Unable to interpret <Drive C: | 254,14 Gb Total Space | 161,38 Gb Free Space | 63,50% Space Free | Partition Type: NTFS> in the current context! Error: Unable to interpret <Drive D: | 29,00 Gb Total Space | 27,80 Gb Free Space | 95,87% Space Free | Partition Type: NTFS> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <Computer Name: PC-PC | User Name: cocco | Logged in as Administrator.> in the current context! Error: Unable to interpret <Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans> in the current context! Error: Unable to interpret <Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <========== Processes (SafeList) ==========> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <PRC - C:\Users\cocco\Desktop\OTL.exe (OldTimer Tools)> in the current context! Error: Unable to interpret <PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)> in the current context! Error: Unable to interpret <PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)> in the current context! Error: Unable to interpret <PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)> in the current context! Error: Unable to interpret <PRC - C:\Programme\IB Updater\ExtensionUpdaterService.exe ()> in the current context! Error: Unable to interpret <PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)> in the current context! Error: Unable to interpret <PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)> in the current context! Error: Unable to interpret <PRC - C:\ProgramData\DatacardService\DCSHelper.exe (Huawei Technologies Co., Ltd.)> in the current context! Error: Unable to interpret <PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)> in the current context! Error: Unable to interpret <PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)> in the current context! Error: Unable to interpret <PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)> in the current context! Error: Unable to interpret <PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <========== Modules (No Company Name) ==========> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <========== Services (SafeList) ==========> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)> in the current context! Error: Unable to interpret <SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)> in the current context! Error: Unable to interpret <SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)> in the current context! Error: Unable to interpret <SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)> in the current context! Error: Unable to interpret <SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)> in the current context! Error: Unable to interpret <SRV - (IB Updater) -- C:\Programme\IB Updater\ExtensionUpdaterService.exe ()> in the current context! Error: Unable to interpret <SRV - (NisSrv) -- c:\Programme\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)> in the current context! Error: Unable to interpret <SRV - (MsMpSvc) -- c:\Programme\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)> in the current context! Error: Unable to interpret <SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)> in the current context! Error: Unable to interpret <SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)> in the current context! Error: Unable to interpret <SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)> in the current context! Error: Unable to interpret <SRV - (HWDeviceService64.exe) -- C:\ProgramData\DatacardService\HWDeviceService64.exe ()> in the current context! Error: Unable to interpret <SRV - (HPSLPSVC) -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL (Hewlett-Packard Co.)> in the current context! Error: Unable to interpret <SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)> in the current context! Error: Unable to interpret <SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)> in the current context! Error: Unable to interpret <SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)> in the current context! Error: Unable to interpret <SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)> in the current context! Error: Unable to interpret <SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)> in the current context! Error: Unable to interpret <SRV - (Lenovo ReadyComm ConnSvc) -- C:\Programme\Lenovo\ReadyComm\ConnSvc.exe (Lenovo Group Limited)> in the current context! Error: Unable to interpret <SRV - (Lenovo ReadyComm AppSvc) -- C:\Programme\Lenovo\ReadyComm\AppSvc.exe (Lenovo Group Limited)> in the current context! Error: Unable to interpret <SRV - (PS_MDP) -- C:\Program Files (x86)\Lenovo\ReadyComm\PS_MDP.dll (Lenovo Group Limited)> in the current context! Error: Unable to interpret <SRV - (IGRS) -- C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe (Lenovo Group Limited)> in the current context! Error: Unable to interpret <SRV - (ReadyComm.DirectRouter) -- C:\Program Files (x86)\Lenovo\ReadyComm\common\router.dll (Lenovo Group Limited)> in the current context! Error: Unable to interpret <SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <========== Driver Services (SafeList) ==========> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira Operations GmbH & Co. KG)> in the current context! Error: Unable to interpret <DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)> in the current context! Error: Unable to interpret <DRV:64bit: - (ManyCam) -- C:\Windows\SysNative\drivers\mcvidrv_x64.sys (ManyCam LLC)> in the current context! Error: Unable to interpret <DRV:64bit: - (mcaudrv_simple) -- C:\Windows\SysNative\drivers\mcaudrv_x64.sys (ManyCam LLC)> in the current context! Error: Unable to interpret <DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)> in the current context! Error: Unable to interpret <DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation)> in the current context! Error: Unable to interpret <DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)> in the current context! Error: Unable to interpret <DRV:64bit: - (Fs_Rec) -- C:\windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)> in the current context! Error: Unable to interpret <DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)> in the current context! Error: Unable to interpret <DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation)> in the current context! Error: Unable to interpret <DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation)> in the current context! Error: Unable to interpret <DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation)> in the current context! Error: Unable to interpret <DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation)> in the current context! Error: Unable to interpret <DRV:64bit: - (SbFw) -- C:\Windows\SysNative\drivers\SbFw.sys (Sunbelt Software, Inc.)> in the current context! Error: Unable to interpret <DRV:64bit: - (SbTis) -- C:\Windows\SysNative\drivers\sbtis.sys (Sunbelt Software, Inc.)> in the current context! Error: Unable to interpret <DRV:64bit: - (sbhips) -- C:\Windows\SysNative\drivers\sbhips.sys (Sunbelt Software, Inc.)> in the current context! Error: Unable to interpret <DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)> in the current context! Error: Unable to interpret <DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)> in the current context! Error: Unable to interpret <DRV:64bit: - (SBFWIMCLMP) -- C:\Windows\SysNative\drivers\SbFwIm.sys (Sunbelt Software, Inc.)> in the current context! Error: Unable to interpret <DRV:64bit: - (SBFWIMCL) -- C:\Windows\SysNative\drivers\SbFwIm.sys (Sunbelt Software, Inc.)> in the current context! Error: Unable to interpret <DRV:64bit: - (huawei_enumerator) -- C:\Windows\SysNative\drivers\ew_jubusenum.sys (Huawei Technologies Co., Ltd.)> in the current context! Error: Unable to interpret <DRV:64bit: - (hwdatacard) -- C:\Windows\SysNative\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)> in the current context! Error: Unable to interpret <DRV:64bit: - (ewusbmbb) -- C:\Windows\SysNative\drivers\ewusbwwan.sys (Huawei Technologies Co., Ltd.)> in the current context! Error: Unable to interpret <DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)> in the current context! Error: Unable to interpret <DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)> in the current context! Error: Unable to interpret <DRV:64bit: - (ew_hwusbdev) -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys (Huawei Technologies Co., Ltd.)> in the current context! Error: Unable to interpret <DRV:64bit: - (TFsExDisk) -- C:\Windows\SysNative\drivers\TFsExDisk.sys (Teruten Inc)> in the current context! Error: Unable to interpret <DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)> in the current context! Error: Unable to interpret <DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)> in the current context! Error: Unable to interpret <DRV:64bit: - (usbsmi) -- C:\Windows\SysNative\drivers\SMIksdrv.sys (SMI)> in the current context! Error: Unable to interpret <DRV:64bit: - (CnxtHdAudService) -- C:\Windows\SysNative\drivers\CHDRT64.sys (Conexant Systems Inc.)> in the current context! Error: Unable to interpret <DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)> in the current context! Error: Unable to interpret <DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)> in the current context! Error: Unable to interpret <DRV:64bit: - (ACPIVPC) -- C:\Windows\SysNative\drivers\AcpiVpc.sys (Lenovo Corporation)> in the current context! Error: Unable to interpret <DRV:64bit: - (HECIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)> in the current context! Error: Unable to interpret <DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )> in the current context! Error: Unable to interpret <DRV:64bit: - (wsvd) -- C:\Windows\SysNative\drivers\wsvd.sys (CyberLink)> in the current context! Error: Unable to interpret <DRV:64bit: - (wdmirror) -- C:\Windows\SysNative\drivers\WDMirror.sys (Lenovo)> in the current context! Error: Unable to interpret <DRV:64bit: - (Bridge0) -- C:\Windows\SysNative\drivers\WDBridge.sys (Lenovo)> in the current context! Error: Unable to interpret <DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)> in the current context! Error: Unable to interpret <DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)> in the current context! Error: Unable to interpret <DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)> in the current context! Error: Unable to interpret <DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)> in the current context! Error: Unable to interpret <DRV:64bit: - (netw5v64) -- C:\Windows\SysNative\drivers\netw5v64.sys (Intel Corporation)> in the current context! Error: Unable to interpret <DRV:64bit: - (k57nd60a) -- C:\Windows\SysNative\drivers\k57nd60a.sys (Broadcom Corporation)> in the current context! Error: Unable to interpret <DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)> in the current context! Error: Unable to interpret <DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)> in the current context! Error: Unable to interpret <DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)> in the current context! Error: Unable to interpret <DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)> in the current context! Error: Unable to interpret <DRV:64bit: - (KMWDFILTER) -- C:\Windows\SysNative\drivers\KMWDFILTER.sys (Windows (R) Codename Longhorn DDK provider)> in the current context! Error: Unable to interpret <DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)> in the current context! Error: Unable to interpret <DRV - (TFsExDisk) -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys (Teruten Inc)> in the current context! Error: Unable to interpret <DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)> in the current context! Error: Unable to interpret <DRV - (StarOpen) -- C:\windows\SysWow64\drivers\StarOpen.sys ()> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <========== Standard Registry (SafeList) ==========> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <========== Internet Explorer ==========> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <IE:64bit: - HKLM\..\SearchScopes,DefaultScope = > in the current context! Error: Unable to interpret <IE - HKLM\..\SearchScopes,DefaultScope = > in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/> in the current context! Error: Unable to interpret <IE - HKCU\..\URLSearchHook: {D8278076-BC68-4484-9233-6E7F1628B56C} - No CLSID value found> in the current context! Error: Unable to interpret <IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}> in the current context! Error: Unable to interpret <IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://www.delta-search.com/?q={searchTerms}&affID=119776&babsrc=SP_ss&mntrId=3e90c085000000000000002682a68352> in the current context! Error: Unable to interpret <IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0> in the current context! Error: Unable to interpret <IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <========== FireFox ==========> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <FF - prefs.js..browser.search.selectedEngine: "Delta Search"> in the current context! Error: Unable to interpret <FF - prefs.js..browser.search.suggest.enabled: false> in the current context! Error: Unable to interpret <FF - prefs.js..browser.search.update: false> in the current context! Error: Unable to interpret <FF - prefs.js..browser.startup.homepage: "hxxp://www.ebay.de/?rvr_id=249600547409&clk_rvr_id=249600547409&crlp=8429659726_477281_477301&UA=%3F*F%3F&GUID=574602aa1310a479ed833623ff42dd80&agid=2013570406&tm_kw=ebay&siteid=77&MT_ID=1324&tt_encode=raw&keyword=ebay&geo_id=6631&ff4=477281_477301|hxxp://www.t-online.de/|hxxp://de.yahoo.com/|hxxp://www.hugendubel.de/1/1000000/ebooks.html"> in the current context! Error: Unable to interpret <FF - prefs.js..extensions.enabledAddons: ich%40maltegoetz.de:1.4.3> in the current context! Error: Unable to interpret <FF - prefs.js..extensions.enabledAddons: %7B195A3098-0BD5-4e90-AE22-BA1C540AFD1E%7D:4.0.4> in the current context! Error: Unable to interpret <FF - prefs.js..extensions.enabledAddons: 2020Player_IKEA%402020Technologies.com:5.0.94.0> in the current context! Error: Unable to interpret <FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.2> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_5_502_149.dll File not found> in the current context! Error: Unable to interpret <FF:64bit: - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)> in the current context! Error: Unable to interpret <FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)> in the current context! Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_149.dll ()> in the current context! Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found> in the current context! Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()> in the current context! Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll File not found> in the current context! Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)> in the current context! Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)> in the current context! Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)> in the current context! Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)> in the current context! Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)> in the current context! Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found> in the current context! Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)> in the current context! Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\IB UPDATER\FIREFOX [2012.12.20 11:25:18 | 000,000,000 | ---D | M]> in the current context! Error: Unable to interpret <FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker> in the current context! Error: Unable to interpret <FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.12.03 15:51:19 | 000,000,000 | ---D | M]> in the current context! Error: Unable to interpret <FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.02.06 10:33:19 | 000,000,000 | ---D | M]> in the current context! Error: Unable to interpret <FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.02.06 10:32:25 | 000,000,000 | ---D | M]> in the current context! Error: Unable to interpret <FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.02.06 10:33:19 | 000,000,000 | ---D | M]> in the current context! Error: Unable to interpret <FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.02.06 10:32:25 | 000,000,000 | ---D | M]> in the current context! Error: Unable to interpret <FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.12.03 15:51:19 | 000,000,000 | ---D | M]> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <[2011.07.23 14:16:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\cocco\AppData\Roaming\mozilla\Extensions> in the current context! Error: Unable to interpret <[2013.02.14 16:43:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\cocco\AppData\Roaming\mozilla\Firefox\Profiles\85ly5gs5.default\extensions> in the current context! Error: Unable to interpret <[2012.11.30 11:59:22 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Users\cocco\AppData\Roaming\mozilla\Firefox\Profiles\85ly5gs5.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}> in the current context! Error: Unable to interpret <[2013.01.18 19:13:41 | 000,000,000 | ---D | M] (20-20 3D Viewer - IKEA) -- C:\Users\cocco\AppData\Roaming\mozilla\Firefox\Profiles\85ly5gs5.default\extensions\2020Player_IKEA@2020Technologies.com> in the current context! Error: Unable to interpret <[2012.10.13 16:04:38 | 000,000,000 | ---D | M] (German Dictionary) -- C:\Users\cocco\AppData\Roaming\mozilla\Firefox\Profiles\85ly5gs5.default\extensions\de-DE@dictionaries.addons.mozilla.org> in the current context! Error: Unable to interpret <[2012.09.16 06:53:20 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\cocco\AppData\Roaming\mozilla\Firefox\Profiles\85ly5gs5.default\extensions\ich@maltegoetz.de> in the current context! Error: Unable to interpret <[2013.02.09 13:53:06 | 000,224,945 | ---- | M] () (No name found) -- C:\Users\cocco\AppData\Roaming\mozilla\firefox\profiles\85ly5gs5.default\extensions\gophoto@gophoto.it.xpi> in the current context! Error: Unable to interpret <[2012.12.13 21:29:00 | 000,199,445 | ---- | M] () (No name found) -- C:\Users\cocco\AppData\Roaming\mozilla\firefox\profiles\85ly5gs5.default\extensions\movie2kdownloader@movie2kdownloader.com.xpi> in the current context! Error: Unable to interpret <[2012.12.11 19:48:55 | 000,036,098 | ---- | M] () (No name found) -- C:\Users\cocco\AppData\Roaming\mozilla\firefox\profiles\85ly5gs5.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi> in the current context! Error: Unable to interpret <[2013.02.14 16:43:59 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\cocco\AppData\Roaming\mozilla\firefox\profiles\85ly5gs5.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi> in the current context! Error: Unable to interpret <[2012.07.07 13:58:26 | 000,014,714 | ---- | M] () (No name found) -- C:\Users\cocco\AppData\Roaming\mozilla\firefox\profiles\85ly5gs5.default\extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi> in the current context! Error: Unable to interpret <[2013.02.08 20:10:15 | 000,001,294 | ---- | M] () -- C:\Users\cocco\AppData\Roaming\mozilla\firefox\profiles\85ly5gs5.default\searchplugins\delta.xml> in the current context! Error: Unable to interpret <[2013.02.06 10:32:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions> in the current context! Error: Unable to interpret <[2013.02.06 10:33:19 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll> in the current context! Error: Unable to interpret <[2012.04.06 07:59:02 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll> in the current context! Error: Unable to interpret <[2012.01.23 10:50:38 | 000,170,080 | ---- | M] (Tracker Software Products (Canada) Ltd.) -- C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll> in the current context! Error: Unable to interpret <[2013.01.05 16:11:17 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml> in the current context! Error: Unable to interpret <[2013.01.05 16:11:17 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml> in the current context! Error: Unable to interpret <[2013.01.05 16:11:17 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml> in the current context! Error: Unable to interpret <[2013.01.05 16:11:17 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml> in the current context! Error: Unable to interpret <[2013.01.05 16:11:17 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml> in the current context! Error: Unable to interpret <[2013.01.05 16:11:17 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <O1 HOSTS File: ([2012.04.10 18:54:50 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts> in the current context! Error: Unable to interpret <O1 - Hosts: 127.0.0.1 localhost> in the current context! Error: Unable to interpret <O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)> in the current context! Error: Unable to interpret <O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)> in the current context! Error: Unable to interpret <O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)> in the current context! Error: Unable to interpret <O4:64bit: - HKLM..\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)> in the current context! Error: Unable to interpret <O4:64bit: - HKLM..\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited)> in the current context! Error: Unable to interpret <O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)> in the current context! Error: Unable to interpret <O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present> in the current context! Error: Unable to interpret <O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0> in the current context! Error: Unable to interpret <O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5> in the current context! Error: Unable to interpret <O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present> in the current context! Error: Unable to interpret <O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0> in the current context! Error: Unable to interpret <O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run-Disabled: New Application = C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)> in the current context! Error: Unable to interpret <O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\cocco\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()> in the current context! Error: Unable to interpret <O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\cocco\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()> in the current context! Error: Unable to interpret <O8 - Extra context menu item: Free YouTube Download - C:\Users\cocco\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()> in the current context! Error: Unable to interpret <O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\cocco\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()> in the current context! Error: Unable to interpret <O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)> in the current context! Error: Unable to interpret <O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)> in the current context! Error: Unable to interpret <O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)> in the current context! Error: Unable to interpret <O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)> in the current context! Error: Unable to interpret <O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 10.3.0)> in the current context! Error: Unable to interpret <O16:64bit: - DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03)> in the current context! Error: Unable to interpret <O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03)> in the current context! Error: Unable to interpret <O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)> in the current context! Error: Unable to interpret <O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)> in the current context! Error: Unable to interpret <O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)> in the current context! Error: Unable to interpret <O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)> in the current context! Error: Unable to interpret <O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)> in the current context! Error: Unable to interpret <O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1> in the current context! Error: Unable to interpret <O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{34D41D7E-9D16-4775-80A6-B9D1A0875CF8}: NameServer = 193.189.244.206 193.189.244.225> in the current context! Error: Unable to interpret <O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B9AC4254-765A-4B65-B82D-A72069B93558}: NameServer = 193.189.244.225 193.189.244.206> in the current context! Error: Unable to interpret <O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DC61E5D9-B1D5-40BE-A003-2DFDE213449C}: DhcpNameServer = 192.168.178.1> in the current context! Error: Unable to interpret <O18:64bit: - Protocol\Handler\livecall - No CLSID value found> in the current context! Error: Unable to interpret <O18:64bit: - Protocol\Handler\msnim - No CLSID value found> in the current context! Error: Unable to interpret <O18:64bit: - Protocol\Handler\skype4com - No CLSID value found> in the current context! Error: Unable to interpret <O18 - Protocol\Handler\livecall - No CLSID value found> in the current context! Error: Unable to interpret <O18 - Protocol\Handler\msnim - No CLSID value found> in the current context! Error: Unable to interpret <O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)> in the current context! Error: Unable to interpret <O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)> in the current context! Error: Unable to interpret <O20:64bit: - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)> in the current context! Error: Unable to interpret <O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)> in the current context! Error: Unable to interpret <O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)> in the current context! Error: Unable to interpret <O32 - HKLM CDRom: AutoRun - 1> in the current context! Error: Unable to interpret <O34 - HKLM BootExecute: (autocheck autochk *)> in the current context! Error: Unable to interpret <O35:64bit: - HKLM\..comfile [open] -- "%1" %*> in the current context! Error: Unable to interpret <O35:64bit: - HKLM\..exefile [open] -- "%1" %*> in the current context! Error: Unable to interpret <O35 - HKLM\..comfile [open] -- "%1" %*> in the current context! Error: Unable to interpret <O35 - HKLM\..exefile [open] -- "%1" %*> in the current context! Error: Unable to interpret <O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*> in the current context! Error: Unable to interpret <O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*> in the current context! Error: Unable to interpret <O37 - HKLM\...com [@ = comfile] -- "%1" %*> in the current context! Error: Unable to interpret <O37 - HKLM\...exe [@ = exefile] -- "%1" %*> in the current context! Error: Unable to interpret <O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)> in the current context! Error: Unable to interpret <O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)> in the current context! Error: Unable to interpret <O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <========== Files/Folders - Created Within 30 Days ==========> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <[2013.02.14 18:32:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware> in the current context! Error: Unable to interpret <[2013.02.14 18:32:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes> in the current context! Error: Unable to interpret <[2013.02.14 18:32:34 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys> in the current context! Error: Unable to interpret <[2013.02.14 18:32:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware> in the current context! Error: Unable to interpret <[2013.02.14 18:32:19 | 000,000,000 | ---D | C] -- C:\Users\cocco\AppData\Local\Programs> in the current context! Error: Unable to interpret <[2013.02.14 17:35:30 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\cocco\Desktop\OTL.exe> in the current context! Error: Unable to interpret <[2013.02.14 07:23:48 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll> in the current context! Error: Unable to interpret <[2013.02.14 07:23:48 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll> in the current context! Error: Unable to interpret <[2013.02.14 07:23:42 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll> in the current context! Error: Unable to interpret <[2013.02.14 07:23:41 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll> in the current context! Error: Unable to interpret <[2013.02.14 07:23:40 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe> in the current context! Error: Unable to interpret <[2013.02.14 07:23:39 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\url.dll> in the current context! Error: Unable to interpret <[2013.02.14 07:23:39 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll> in the current context! Error: Unable to interpret <[2013.02.14 07:23:39 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe> in the current context! Error: Unable to interpret <[2013.02.14 07:23:36 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl> in the current context! Error: Unable to interpret <[2013.02.14 07:23:35 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll> in the current context! Error: Unable to interpret <[2013.02.14 07:23:35 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl> in the current context! Error: Unable to interpret <[2013.02.14 07:23:34 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll> in the current context! Error: Unable to interpret <[2013.02.14 07:23:28 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll> in the current context! Error: Unable to interpret <[2013.02.14 07:23:28 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll> in the current context! Error: Unable to interpret <[2013.02.14 07:23:27 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll> in the current context! Error: Unable to interpret <[2013.02.13 19:22:34 | 005,553,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntoskrnl.exe> in the current context! Error: Unable to interpret <[2013.02.13 19:22:31 | 003,967,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntkrnlpa.exe> in the current context! Error: Unable to interpret <[2013.02.13 19:22:30 | 003,913,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntoskrnl.exe> in the current context! Error: Unable to interpret <[2013.02.13 19:22:15 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winsrv.dll> in the current context! Error: Unable to interpret <[2013.02.13 19:22:13 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\setup16.exe> in the current context! Error: Unable to interpret <[2013.02.13 19:22:13 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntvdm64.dll> in the current context! Error: Unable to interpret <[2013.02.13 19:22:13 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\instnm.exe> in the current context! Error: Unable to interpret <[2013.02.13 19:22:12 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wow32.dll> in the current context! Error: Unable to interpret <[2013.02.13 19:22:11 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\user.exe> in the current context! Error: Unable to interpret <[2013.02.13 19:22:03 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\FWPKCLNT.SYS> in the current context! Error: Unable to interpret <[2013.02.13 05:15:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype> in the current context! Error: Unable to interpret <[2013.02.13 05:15:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype> in the current context! Error: Unable to interpret <[2013.02.08 20:09:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Gophoto.it> in the current context! Error: Unable to interpret <[2013.02.08 20:09:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Movie2KDownloader.com> in the current context! Error: Unable to interpret <[2013.02.08 20:09:08 | 000,000,000 | ---D | C] -- C:\Users\cocco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\hdvidcodec.com> in the current context! Error: Unable to interpret <[2013.02.08 20:09:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\hdvidcodec.com> in the current context! Error: Unable to interpret <[2013.02.06 10:32:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox> in the current context! Error: Unable to interpret <[2013.01.28 20:51:06 | 000,000,000 | ---D | C] -- C:\Users\cocco\AppData\Roaming\DivX> in the current context! Error: Unable to interpret <[2013.01.28 20:48:19 | 000,000,000 | ---D | C] -- C:\Program Files\DivX> in the current context! Error: Unable to interpret <[2013.01.28 20:46:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX> in the current context! Error: Unable to interpret <[2013.01.28 20:46:07 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX> in the current context! Error: Unable to interpret <[2013.01.27 15:16:09 | 000,000,000 | ---D | C] -- C:\Users\cocco\Documents\Eigene Scans> in the current context! Error: Unable to interpret <[2013.01.18 19:39:40 | 000,750,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\win32spl.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:39:39 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\win32spl.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:39:07 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ncrypt.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:39:04 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\usp10.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:38:26 | 000,045,568 | ---- | C] (Microsoft) -- C:\windows\SysWow64\oflc-nz.rs> in the current context! Error: Unable to interpret <[2013.01.18 19:38:26 | 000,045,568 | ---- | C] (Microsoft) -- C:\windows\SysNative\oflc-nz.rs> in the current context! Error: Unable to interpret <[2013.01.18 19:38:26 | 000,043,520 | ---- | C] (Microsoft) -- C:\windows\SysWow64\csrr.rs> in the current context! Error: Unable to interpret <[2013.01.18 19:38:26 | 000,043,520 | ---- | C] (Microsoft) -- C:\windows\SysNative\csrr.rs> in the current context! Error: Unable to interpret <[2013.01.18 19:38:25 | 000,046,592 | ---- | C] (Microsoft) -- C:\windows\SysWow64\fpb.rs> in the current context! Error: Unable to interpret <[2013.01.18 19:38:25 | 000,046,592 | ---- | C] (Microsoft) -- C:\windows\SysNative\fpb.rs> in the current context! Error: Unable to interpret <[2013.01.18 19:38:25 | 000,044,544 | ---- | C] (Microsoft) -- C:\windows\SysWow64\pegibbfc.rs> in the current context! Error: Unable to interpret <[2013.01.18 19:38:25 | 000,044,544 | ---- | C] (Microsoft) -- C:\windows\SysNative\pegibbfc.rs> in the current context! Error: Unable to interpret <[2013.01.18 19:38:25 | 000,040,960 | ---- | C] (Microsoft) -- C:\windows\SysWow64\cob-au.rs> in the current context! Error: Unable to interpret <[2013.01.18 19:38:25 | 000,040,960 | ---- | C] (Microsoft) -- C:\windows\SysNative\cob-au.rs> in the current context! Error: Unable to interpret <[2013.01.18 19:38:25 | 000,030,720 | ---- | C] (Microsoft) -- C:\windows\SysWow64\usk.rs> in the current context! Error: Unable to interpret <[2013.01.18 19:38:25 | 000,030,720 | ---- | C] (Microsoft) -- C:\windows\SysNative\usk.rs> in the current context! Error: Unable to interpret <[2013.01.18 19:38:25 | 000,021,504 | ---- | C] (Microsoft) -- C:\windows\SysWow64\grb.rs> in the current context! Error: Unable to interpret <[2013.01.18 19:38:25 | 000,015,360 | ---- | C] (Microsoft) -- C:\windows\SysWow64\djctq.rs> in the current context! Error: Unable to interpret <[2013.01.18 19:38:25 | 000,015,360 | ---- | C] (Microsoft) -- C:\windows\SysNative\djctq.rs> in the current context! Error: Unable to interpret <[2013.01.18 19:38:23 | 000,021,504 | ---- | C] (Microsoft) -- C:\windows\SysNative\grb.rs> in the current context! Error: Unable to interpret <[2013.01.18 19:38:23 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysWow64\pegi-pt.rs> in the current context! Error: Unable to interpret <[2013.01.18 19:38:23 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysNative\pegi-pt.rs> in the current context! Error: Unable to interpret <[2013.01.18 19:38:23 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysWow64\pegi.rs> in the current context! Error: Unable to interpret <[2013.01.18 19:38:23 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysNative\pegi.rs> in the current context! Error: Unable to interpret <[2013.01.18 19:38:22 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\gameux.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:38:22 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Wpc.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:38:21 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\gameux.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:38:21 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Wpc.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:38:19 | 000,051,712 | ---- | C] (Microsoft) -- C:\windows\SysNative\esrb.rs> in the current context! Error: Unable to interpret <[2013.01.18 19:38:18 | 000,055,296 | ---- | C] (Microsoft) -- C:\windows\SysWow64\cero.rs> in the current context! Error: Unable to interpret <[2013.01.18 19:38:18 | 000,055,296 | ---- | C] (Microsoft) -- C:\windows\SysNative\cero.rs> in the current context! Error: Unable to interpret <[2013.01.18 19:38:18 | 000,051,712 | ---- | C] (Microsoft) -- C:\windows\SysWow64\esrb.rs> in the current context! Error: Unable to interpret <[2013.01.18 19:38:18 | 000,023,552 | ---- | C] (Microsoft) -- C:\windows\SysWow64\oflc.rs> in the current context! Error: Unable to interpret <[2013.01.18 19:38:18 | 000,023,552 | ---- | C] (Microsoft) -- C:\windows\SysNative\oflc.rs> in the current context! Error: Unable to interpret <[2013.01.18 19:38:18 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysWow64\pegi-fi.rs> in the current context! Error: Unable to interpret <[2013.01.18 19:38:18 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysNative\pegi-fi.rs> in the current context! Error: Unable to interpret <[2013.01.18 19:37:09 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KernelBase.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:37:07 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kernel32.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:37:05 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64win.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:37:05 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\conhost.exe> in the current context! Error: Unable to interpret <[2013.01.18 19:37:05 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:37:05 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64cpu.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:37:04 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntvdm64.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:37:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-string-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:37:02 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:37:02 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-file-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:37:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:37:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:37:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:37:00 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-security-base-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:37:00 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:37:00 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:37:00 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:37:00 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:37:00 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:37:00 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-synch-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:37:00 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:37:00 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:37:00 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-util-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:37:00 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:37:00 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:37:00 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-profile-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:36:59 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:36:59 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:36:59 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:36:59 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:36:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:36:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:36:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:36:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:36:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-misc-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:36:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:36:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-memory-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:36:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:36:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:36:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:36:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-io-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:36:58 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:36:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:36:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:36:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:36:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-heap-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:36:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:36:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:36:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:36:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-handle-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:36:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:36:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:36:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:36:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:36:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-debug-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:36:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:36:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:36:57 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:36:57 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:36:57 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-localization-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:36:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:36:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:36:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-console-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:36:29 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskhost.exe> in the current context! Error: Unable to interpret <[1 C:\windows\SysNative\drivers\*.tmp files -> C:\windows\SysNative\drivers\*.tmp -> ]> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <========== Files - Modified Within 30 Days ==========> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <[2013.02.16 07:51:04 | 001,500,294 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI> in the current context! Error: Unable to interpret <[2013.02.16 07:51:04 | 000,654,852 | ---- | M] () -- C:\windows\SysNative\perfh007.dat> in the current context! Error: Unable to interpret <[2013.02.16 07:51:04 | 000,616,694 | ---- | M] () -- C:\windows\SysNative\perfh009.dat> in the current context! Error: Unable to interpret <[2013.02.16 07:51:04 | 000,130,434 | ---- | M] () -- C:\windows\SysNative\perfc007.dat> in the current context! Error: Unable to interpret <[2013.02.16 07:51:04 | 000,106,816 | ---- | M] () -- C:\windows\SysNative\perfc009.dat> in the current context! Error: Unable to interpret <[2013.02.16 07:45:53 | 000,013,424 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0> in the current context! Error: Unable to interpret <[2013.02.16 07:45:53 | 000,013,424 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0> in the current context! Error: Unable to interpret <[2013.02.16 07:43:01 | 000,010,927 | ---- | M] () -- C:\Users\cocco\Desktop\leerebay.odt> in the current context! Error: Unable to interpret <[2013.02.16 07:39:09 | 000,001,102 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job> in the current context! Error: Unable to interpret <[2013.02.16 07:38:15 | 000,001,098 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job> in the current context! Error: Unable to interpret <[2013.02.16 07:38:14 | 000,000,326 | ---- | M] () -- C:\windows\tasks\GlaryInitialize.job> in the current context! Error: Unable to interpret <[2013.02.16 07:37:56 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat> in the current context! Error: Unable to interpret <[2013.02.15 21:26:00 | 000,000,884 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job> in the current context! Error: Unable to interpret <[2013.02.15 17:52:11 | 000,000,402 | ---- | M] () -- C:\windows\tasks\1-Click Maintenance.job> in the current context! Error: Unable to interpret <[2013.02.15 16:43:12 | 000,010,013 | ---- | M] () -- C:\Users\cocco\Desktop\telefonnummern.odt> in the current context! Error: Unable to interpret <[2013.02.14 17:35:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\cocco\Desktop\OTL.exe> in the current context! Error: Unable to interpret <[2013.02.14 07:55:52 | 000,315,032 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT> in the current context! Error: Unable to interpret <[2013.02.13 17:03:41 | 000,020,992 | ---- | M] () -- C:\Users\cocco\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini> in the current context! Error: Unable to interpret <[2013.02.13 05:28:17 | 000,015,732 | ---- | M] () -- C:\Users\cocco\Documents\ebay.odt> in the current context! Error: Unable to interpret <[2013.02.08 10:11:02 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk> in the current context! Error: Unable to interpret <[2013.02.08 09:26:35 | 000,697,712 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe> in the current context! Error: Unable to interpret <[2013.02.08 09:26:35 | 000,074,096 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl> in the current context! Error: Unable to interpret <[2013.01.18 19:57:36 | 000,001,151 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk> in the current context! Error: Unable to interpret <[2013.01.18 17:36:15 | 000,061,272 | ---- | M] () -- C:\Users\cocco\MultiChannelCheckoutPrintPdf.pdf> in the current context! Error: Unable to interpret <[1 C:\windows\SysNative\drivers\*.tmp files -> C:\windows\SysNative\drivers\*.tmp -> ]> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <========== Files Created - No Company Name ==========> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <[2013.02.16 07:42:56 | 000,010,927 | ---- | C] () -- C:\Users\cocco\Desktop\leerebay.odt> in the current context! Error: Unable to interpret <[2013.02.15 16:43:10 | 000,010,013 | ---- | C] () -- C:\Users\cocco\Desktop\telefonnummern.odt> in the current context! Error: Unable to interpret <[2013.02.13 05:28:14 | 000,015,732 | ---- | C] () -- C:\Users\cocco\Documents\ebay.odt> in the current context! Error: Unable to interpret <[2013.02.08 10:11:02 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk> in the current context! Error: Unable to interpret <[2013.01.18 19:57:36 | 000,001,151 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk> in the current context! Error: Unable to interpret <[2013.01.18 17:36:14 | 000,061,272 | ---- | C] () -- C:\Users\cocco\MultiChannelCheckoutPrintPdf.pdf> in the current context! Error: Unable to interpret <[2012.12.21 12:24:26 | 000,000,523 | ---- | C] () -- C:\windows\wininit.ini> in the current context! Error: Unable to interpret <[2012.12.12 03:52:39 | 082,238,291 | ---- | C] () -- C:\Users\cocco\mäxle neu.xpp> in the current context! Error: Unable to interpret <[2012.10.09 23:47:10 | 000,000,058 | ---- | C] () -- C:\Users\cocco\AppData\Roaming\mbam.context.scan> in the current context! Error: Unable to interpret <[2012.10.02 08:23:30 | 222,139,670 | ---- | C] () -- C:\Users\cocco\mäxle2.bak> in the current context! Error: Unable to interpret <[2012.10.02 08:23:30 | 222,139,558 | ---- | C] () -- C:\Users\cocco\mäxle2.xpp> in the current context! Error: Unable to interpret <[2012.09.25 10:21:13 | 082,145,412 | ---- | C] () -- C:\Users\cocco\mäxle.xpp> in the current context! Error: Unable to interpret <[2012.09.25 10:21:13 | 082,145,393 | ---- | C] () -- C:\Users\cocco\mäxle.bak> in the current context! Error: Unable to interpret <[2012.07.29 18:48:35 | 007,111,590 | ---- | C] () -- C:\Users\cocco\AppData\Local\census.cache> in the current context! Error: Unable to interpret <[2012.07.29 18:38:11 | 000,118,033 | ---- | C] () -- C:\Users\cocco\AppData\Local\ars.cache> in the current context! Error: Unable to interpret <[2012.06.21 15:34:27 | 000,000,034 | ---- | C] () -- C:\windows\cdplayer.ini> in the current context! Error: Unable to interpret <[2012.04.06 09:35:11 | 000,000,036 | ---- | C] () -- C:\Users\cocco\AppData\Local\housecall.guid.cache> in the current context! Error: Unable to interpret <[2012.02.25 06:24:22 | 000,000,000 | ---- | C] () -- C:\Users\cocco\AppData\Local\{8A30A419-CD73-4841-822B-31045D1742DD}> in the current context! Error: Unable to interpret <[2012.01.22 01:54:14 | 000,000,024 | ---- | C] () -- C:\Users\cocco\AppData\Roaming\xpy.ini> in the current context! Error: Unable to interpret <[2011.12.23 20:58:24 | 000,974,848 | ---- | C] () -- C:\windows\SysWow64\cis-2.4.dll> in the current context! Error: Unable to interpret <[2011.12.23 20:58:24 | 000,081,920 | ---- | C] () -- C:\windows\SysWow64\issacapi_bs-2.3.dll> in the current context! Error: Unable to interpret <[2011.12.23 20:58:24 | 000,065,536 | ---- | C] () -- C:\windows\SysWow64\issacapi_pe-2.3.dll> in the current context! Error: Unable to interpret <[2011.12.23 20:58:24 | 000,057,344 | ---- | C] () -- C:\windows\SysWow64\issacapi_se-2.3.dll> in the current context! Error: Unable to interpret <[2011.12.03 15:46:10 | 000,244,612 | ---- | C] () -- C:\windows\hpoins19.dat> in the current context! Error: Unable to interpret <[2011.12.03 15:46:10 | 000,013,898 | ---- | C] () -- C:\windows\hpomdl19.dat> in the current context! Error: Unable to interpret <[2011.08.13 17:53:59 | 000,020,992 | ---- | C] () -- C:\Users\cocco\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini> in the current context! Error: Unable to interpret <[2011.04.26 08:06:18 | 000,000,064 | ---- | C] () -- C:\windows\SysWow64\rp_stats.dat> in the current context! Error: Unable to interpret <[2011.04.26 08:06:18 | 000,000,044 | ---- | C] () -- C:\windows\SysWow64\rp_rules.dat> in the current context! Error: Unable to interpret <[2010.12.17 10:45:32 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt> in the current context! Error: Unable to interpret <[2010.11.25 22:01:28 | 000,000,088 | ---- | C] () -- C:\ProgramData\profile.xml> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <========== ZeroAccess Check ==========> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64> in the current context! Error: Unable to interpret <"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)> in the current context! Error: Unable to interpret <"ThreadingModel" = Apartment> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]> in the current context! Error: Unable to interpret <"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)> in the current context! Error: Unable to interpret <"ThreadingModel" = Apartment> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64> in the current context! Error: Unable to interpret <"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)> in the current context! Error: Unable to interpret <"ThreadingModel" = Free> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]> in the current context! Error: Unable to interpret <"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)> in the current context! Error: Unable to interpret <"ThreadingModel" = Free> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64> in the current context! Error: Unable to interpret <"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)> in the current context! Error: Unable to interpret <"ThreadingModel" = Both> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <========== LOP Check ==========> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <[2011.11.20 17:58:11 | 000,000,000 | ---D | M] -- C:\Users\cocco\AppData\Roaming\.minecraft> in the current context! Error: Unable to interpret <[2012.04.07 14:25:13 | 000,000,000 | ---D | M] -- C:\Users\cocco\AppData\Roaming\Ad-Aware Antivirus> in the current context! Error: Unable to interpret <[2012.08.30 12:35:02 | 000,000,000 | ---D | M] -- C:\Users\cocco\AppData\Roaming\Audacity> in the current context! Error: Unable to interpret <[2012.12.10 10:48:26 | 000,000,000 | ---D | M] -- C:\Users\cocco\AppData\Roaming\Canon> in the current context! Error: Unable to interpret <[2011.07.23 14:15:47 | 000,000,000 | ---D | M] -- C:\Users\cocco\AppData\Roaming\CheckPoint> in the current context! Error: Unable to interpret <[2012.11.10 13:00:47 | 000,000,000 | ---D | M] -- C:\Users\cocco\AppData\Roaming\DVDVideoSoft> in the current context! Error: Unable to interpret <[2012.08.26 12:19:22 | 000,000,000 | ---D | M] -- C:\Users\cocco\AppData\Roaming\DVDVideoSoftIEHelpers> in the current context! Error: Unable to interpret <[2011.09.04 15:14:50 | 000,000,000 | ---D | M] -- C:\Users\cocco\AppData\Roaming\Garmin> in the current context! Error: Unable to interpret <[2012.11.05 09:19:16 | 000,000,000 | ---D | M] -- C:\Users\cocco\AppData\Roaming\GlarySoft> in the current context! Error: Unable to interpret <[2013.01.09 12:37:56 | 000,000,000 | ---D | M] -- C:\Users\cocco\AppData\Roaming\ICQ-Profile> in the current context! Error: Unable to interpret <[2013.01.18 19:13:44 | 000,000,000 | ---D | M] -- C:\Users\cocco\AppData\Roaming\ICQM> in the current context! Error: Unable to interpret <[2013.01.18 19:14:03 | 000,000,000 | ---D | M] -- C:\Users\cocco\AppData\Roaming\IrfanView> in the current context! Error: Unable to interpret <[2012.11.10 15:03:30 | 000,000,000 | ---D | M] -- C:\Users\cocco\AppData\Roaming\ManyCam> in the current context! Error: Unable to interpret <[2013.01.18 19:14:03 | 000,000,000 | ---D | M] -- C:\Users\cocco\AppData\Roaming\Mobile Partner> in the current context! Error: Unable to interpret <[2011.11.08 19:22:06 | 000,000,000 | ---D | M] -- C:\Users\cocco\AppData\Roaming\OpenOffice.org> in the current context! Error: Unable to interpret <[2012.01.16 13:18:00 | 000,000,000 | ---D | M] -- C:\Users\cocco\AppData\Roaming\Samsung> in the current context! Error: Unable to interpret <[2013.02.14 15:12:21 | 000,000,000 | ---D | M] -- C:\Users\cocco\AppData\Roaming\SoftGrid Client> in the current context! Error: Unable to interpret <[2012.11.05 10:15:41 | 000,000,000 | ---D | M] -- C:\Users\cocco\AppData\Roaming\TuneUp Software> in the current context! Error: Unable to interpret <[2012.04.07 15:49:57 | 000,000,000 | ---D | M] -- C:\Users\cocco\AppData\Roaming\{90140011-0066-0407-0000-0000000FF1CE}> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <========== Purity Check ==========> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret << End of report > > in the current context! OTL by OldTimer - Version 3.2.69.0 log created on 02162013_082745 |
|
16.02.2013, 08:30
| #6 |
| | laptop auf einmal langsam Error: Unable to interpret <OTL Logfile: Code:
ATTFilter OTL logfile created on: 16.02.2013 08:11:19 - Run 3> in the current context! Error: Unable to interpret <OTL by OldTimer - Version 3.2.69.0 Folder = C:Desktop> in the current context! Error: Unable to interpret <64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation> in the current context! Error: Unable to interpret <Internet Explorer (Version = 9.0.8112.16421)> in the current context! Error: Unable to interpret <Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <3,87 Gb Total Physical Memory | 2,68 Gb Available Physical Memory | 69,37% Memory free> in the current context! Error: Unable to interpret <7,73 Gb Paging File | 6,32 Gb Available in Paging File | 81,75% Paging File free> in the current context! Error: Unable to interpret <Paging file location(s): ?:\pagefile.sys [binary data]> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)> in the current context! Error: Unable to interpret <Drive C: | 254,14 Gb Total Space | 161,38 Gb Free Space | 63,50% Space Free | Partition Type: NTFS> in the current context! Error: Unable to interpret <Drive D: | 29,00 Gb Total Space | 27,80 Gb Free Space | 95,87% Space Free | Partition Type: NTFS> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <Computer Name: PC-PC | User Name: cocco | Logged in as Administrator.> in the current context! Error: Unable to interpret <Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans> in the current context! Error: Unable to interpret <Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <========== Processes (SafeList) ==========> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <PRC - C:\Users\cocco\Desktop\OTL.exe (OldTimer Tools)> in the current context! Error: Unable to interpret <PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)> in the current context! Error: Unable to interpret <PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)> in the current context! Error: Unable to interpret <PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)> in the current context! Error: Unable to interpret <PRC - C:\Programme\IB Updater\ExtensionUpdaterService.exe ()> in the current context! Error: Unable to interpret <PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)> in the current context! Error: Unable to interpret <PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)> in the current context! Error: Unable to interpret <PRC - C:\ProgramData\DatacardService\DCSHelper.exe (Huawei Technologies Co., Ltd.)> in the current context! Error: Unable to interpret <PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)> in the current context! Error: Unable to interpret <PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)> in the current context! Error: Unable to interpret <PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)> in the current context! Error: Unable to interpret <PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <========== Modules (No Company Name) ==========> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <========== Services (SafeList) ==========> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)> in the current context! Error: Unable to interpret <SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)> in the current context! Error: Unable to interpret <SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)> in the current context! Error: Unable to interpret <SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)> in the current context! Error: Unable to interpret <SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)> in the current context! Error: Unable to interpret <SRV - (IB Updater) -- C:\Programme\IB Updater\ExtensionUpdaterService.exe ()> in the current context! Error: Unable to interpret <SRV - (NisSrv) -- c:\Programme\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)> in the current context! Error: Unable to interpret <SRV - (MsMpSvc) -- c:\Programme\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)> in the current context! Error: Unable to interpret <SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)> in the current context! Error: Unable to interpret <SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)> in the current context! Error: Unable to interpret <SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)> in the current context! Error: Unable to interpret <SRV - (HWDeviceService64.exe) -- C:\ProgramData\DatacardService\HWDeviceService64.exe ()> in the current context! Error: Unable to interpret <SRV - (HPSLPSVC) -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL (Hewlett-Packard Co.)> in the current context! Error: Unable to interpret <SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)> in the current context! Error: Unable to interpret <SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)> in the current context! Error: Unable to interpret <SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)> in the current context! Error: Unable to interpret <SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)> in the current context! Error: Unable to interpret <SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)> in the current context! Error: Unable to interpret <SRV - (Lenovo ReadyComm ConnSvc) -- C:\Programme\Lenovo\ReadyComm\ConnSvc.exe (Lenovo Group Limited)> in the current context! Error: Unable to interpret <SRV - (Lenovo ReadyComm AppSvc) -- C:\Programme\Lenovo\ReadyComm\AppSvc.exe (Lenovo Group Limited)> in the current context! Error: Unable to interpret <SRV - (PS_MDP) -- C:\Program Files (x86)\Lenovo\ReadyComm\PS_MDP.dll (Lenovo Group Limited)> in the current context! Error: Unable to interpret <SRV - (IGRS) -- C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe (Lenovo Group Limited)> in the current context! Error: Unable to interpret <SRV - (ReadyComm.DirectRouter) -- C:\Program Files (x86)\Lenovo\ReadyComm\common\router.dll (Lenovo Group Limited)> in the current context! Error: Unable to interpret <SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <========== Driver Services (SafeList) ==========> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira Operations GmbH & Co. KG)> in the current context! Error: Unable to interpret <DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)> in the current context! Error: Unable to interpret <DRV:64bit: - (ManyCam) -- C:\Windows\SysNative\drivers\mcvidrv_x64.sys (ManyCam LLC)> in the current context! Error: Unable to interpret <DRV:64bit: - (mcaudrv_simple) -- C:\Windows\SysNative\drivers\mcaudrv_x64.sys (ManyCam LLC)> in the current context! Error: Unable to interpret <DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)> in the current context! Error: Unable to interpret <DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation)> in the current context! Error: Unable to interpret <DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)> in the current context! Error: Unable to interpret <DRV:64bit: - (Fs_Rec) -- C:\windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)> in the current context! Error: Unable to interpret <DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)> in the current context! Error: Unable to interpret <DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation)> in the current context! Error: Unable to interpret <DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation)> in the current context! Error: Unable to interpret <DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation)> in the current context! Error: Unable to interpret <DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation)> in the current context! Error: Unable to interpret <DRV:64bit: - (SbFw) -- C:\Windows\SysNative\drivers\SbFw.sys (Sunbelt Software, Inc.)> in the current context! Error: Unable to interpret <DRV:64bit: - (SbTis) -- C:\Windows\SysNative\drivers\sbtis.sys (Sunbelt Software, Inc.)> in the current context! Error: Unable to interpret <DRV:64bit: - (sbhips) -- C:\Windows\SysNative\drivers\sbhips.sys (Sunbelt Software, Inc.)> in the current context! Error: Unable to interpret <DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)> in the current context! Error: Unable to interpret <DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)> in the current context! Error: Unable to interpret <DRV:64bit: - (SBFWIMCLMP) -- C:\Windows\SysNative\drivers\SbFwIm.sys (Sunbelt Software, Inc.)> in the current context! Error: Unable to interpret <DRV:64bit: - (SBFWIMCL) -- C:\Windows\SysNative\drivers\SbFwIm.sys (Sunbelt Software, Inc.)> in the current context! Error: Unable to interpret <DRV:64bit: - (huawei_enumerator) -- C:\Windows\SysNative\drivers\ew_jubusenum.sys (Huawei Technologies Co., Ltd.)> in the current context! Error: Unable to interpret <DRV:64bit: - (hwdatacard) -- C:\Windows\SysNative\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)> in the current context! Error: Unable to interpret <DRV:64bit: - (ewusbmbb) -- C:\Windows\SysNative\drivers\ewusbwwan.sys (Huawei Technologies Co., Ltd.)> in the current context! Error: Unable to interpret <DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)> in the current context! Error: Unable to interpret <DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)> in the current context! Error: Unable to interpret <DRV:64bit: - (ew_hwusbdev) -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys (Huawei Technologies Co., Ltd.)> in the current context! Error: Unable to interpret <DRV:64bit: - (TFsExDisk) -- C:\Windows\SysNative\drivers\TFsExDisk.sys (Teruten Inc)> in the current context! Error: Unable to interpret <DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)> in the current context! Error: Unable to interpret <DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)> in the current context! Error: Unable to interpret <DRV:64bit: - (usbsmi) -- C:\Windows\SysNative\drivers\SMIksdrv.sys (SMI)> in the current context! Error: Unable to interpret <DRV:64bit: - (CnxtHdAudService) -- C:\Windows\SysNative\drivers\CHDRT64.sys (Conexant Systems Inc.)> in the current context! Error: Unable to interpret <DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)> in the current context! Error: Unable to interpret <DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)> in the current context! Error: Unable to interpret <DRV:64bit: - (ACPIVPC) -- C:\Windows\SysNative\drivers\AcpiVpc.sys (Lenovo Corporation)> in the current context! Error: Unable to interpret <DRV:64bit: - (HECIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)> in the current context! Error: Unable to interpret <DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )> in the current context! Error: Unable to interpret <DRV:64bit: - (wsvd) -- C:\Windows\SysNative\drivers\wsvd.sys (CyberLink)> in the current context! Error: Unable to interpret <DRV:64bit: - (wdmirror) -- C:\Windows\SysNative\drivers\WDMirror.sys (Lenovo)> in the current context! Error: Unable to interpret <DRV:64bit: - (Bridge0) -- C:\Windows\SysNative\drivers\WDBridge.sys (Lenovo)> in the current context! Error: Unable to interpret <DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)> in the current context! Error: Unable to interpret <DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)> in the current context! Error: Unable to interpret <DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)> in the current context! Error: Unable to interpret <DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)> in the current context! Error: Unable to interpret <DRV:64bit: - (netw5v64) -- C:\Windows\SysNative\drivers\netw5v64.sys (Intel Corporation)> in the current context! Error: Unable to interpret <DRV:64bit: - (k57nd60a) -- C:\Windows\SysNative\drivers\k57nd60a.sys (Broadcom Corporation)> in the current context! Error: Unable to interpret <DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)> in the current context! Error: Unable to interpret <DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)> in the current context! Error: Unable to interpret <DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)> in the current context! Error: Unable to interpret <DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)> in the current context! Error: Unable to interpret <DRV:64bit: - (KMWDFILTER) -- C:\Windows\SysNative\drivers\KMWDFILTER.sys (Windows (R) Codename Longhorn DDK provider)> in the current context! Error: Unable to interpret <DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)> in the current context! Error: Unable to interpret <DRV - (TFsExDisk) -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys (Teruten Inc)> in the current context! Error: Unable to interpret <DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)> in the current context! Error: Unable to interpret <DRV - (StarOpen) -- C:\windows\SysWow64\drivers\StarOpen.sys ()> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <========== Standard Registry (SafeList) ==========> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <========== Internet Explorer ==========> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <IE:64bit: - HKLM\..\SearchScopes,DefaultScope = > in the current context! Error: Unable to interpret <IE - HKLM\..\SearchScopes,DefaultScope = > in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/> in the current context! Error: Unable to interpret <IE - HKCU\..\URLSearchHook: {D8278076-BC68-4484-9233-6E7F1628B56C} - No CLSID value found> in the current context! Error: Unable to interpret <IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}> in the current context! Error: Unable to interpret <IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://www.delta-search.com/?q={searchTerms}&affID=119776&babsrc=SP_ss&mntrId=3e90c085000000000000002682a68352> in the current context! Error: Unable to interpret <IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0> in the current context! Error: Unable to interpret <IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <========== FireFox ==========> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <FF - prefs.js..browser.search.selectedEngine: "Delta Search"> in the current context! Error: Unable to interpret <FF - prefs.js..browser.search.suggest.enabled: false> in the current context! Error: Unable to interpret <FF - prefs.js..browser.search.update: false> in the current context! Error: Unable to interpret <FF - prefs.js..browser.startup.homepage: "hxxp://www.ebay.de/?rvr_id=249600547409&clk_rvr_id=249600547409&crlp=8429659726_477281_477301&UA=%3F*F%3F&GUID=574602aa1310a479ed833623ff42dd80&agid=2013570406&tm_kw=ebay&siteid=77&MT_ID=1324&tt_encode=raw&keyword=ebay&geo_id=6631&ff4=477281_477301|hxxp://www.t-online.de/|hxxp://de.yahoo.com/|hxxp://www.hugendubel.de/1/1000000/ebooks.html"> in the current context! Error: Unable to interpret <FF - prefs.js..extensions.enabledAddons: ich%40maltegoetz.de:1.4.3> in the current context! Error: Unable to interpret <FF - prefs.js..extensions.enabledAddons: %7B195A3098-0BD5-4e90-AE22-BA1C540AFD1E%7D:4.0.4> in the current context! Error: Unable to interpret <FF - prefs.js..extensions.enabledAddons: 2020Player_IKEA%402020Technologies.com:5.0.94.0> in the current context! Error: Unable to interpret <FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.2> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_5_502_149.dll File not found> in the current context! Error: Unable to interpret <FF:64bit: - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)> in the current context! Error: Unable to interpret <FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)> in the current context! Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_149.dll ()> in the current context! Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found> in the current context! Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()> in the current context! Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll File not found> in the current context! Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)> in the current context! Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)> in the current context! Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)> in the current context! Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)> in the current context! Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)> in the current context! Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found> in the current context! Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)> in the current context! Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\IB UPDATER\FIREFOX [2012.12.20 11:25:18 | 000,000,000 | ---D | M]> in the current context! Error: Unable to interpret <FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker> in the current context! Error: Unable to interpret <FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.12.03 15:51:19 | 000,000,000 | ---D | M]> in the current context! Error: Unable to interpret <FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.02.06 10:33:19 | 000,000,000 | ---D | M]> in the current context! Error: Unable to interpret <FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.02.06 10:32:25 | 000,000,000 | ---D | M]> in the current context! Error: Unable to interpret <FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.02.06 10:33:19 | 000,000,000 | ---D | M]> in the current context! Error: Unable to interpret <FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.02.06 10:32:25 | 000,000,000 | ---D | M]> in the current context! Error: Unable to interpret <FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.12.03 15:51:19 | 000,000,000 | ---D | M]> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <[2011.07.23 14:16:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\cocco\AppData\Roaming\mozilla\Extensions> in the current context! Error: Unable to interpret <[2013.02.14 16:43:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\cocco\AppData\Roaming\mozilla\Firefox\Profiles\85ly5gs5.default\extensions> in the current context! Error: Unable to interpret <[2012.11.30 11:59:22 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Users\cocco\AppData\Roaming\mozilla\Firefox\Profiles\85ly5gs5.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}> in the current context! Error: Unable to interpret <[2013.01.18 19:13:41 | 000,000,000 | ---D | M] (20-20 3D Viewer - IKEA) -- C:\Users\cocco\AppData\Roaming\mozilla\Firefox\Profiles\85ly5gs5.default\extensions\2020Player_IKEA@2020Technologies.com> in the current context! Error: Unable to interpret <[2012.10.13 16:04:38 | 000,000,000 | ---D | M] (German Dictionary) -- C:\Users\cocco\AppData\Roaming\mozilla\Firefox\Profiles\85ly5gs5.default\extensions\de-DE@dictionaries.addons.mozilla.org> in the current context! Error: Unable to interpret <[2012.09.16 06:53:20 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\cocco\AppData\Roaming\mozilla\Firefox\Profiles\85ly5gs5.default\extensions\ich@maltegoetz.de> in the current context! Error: Unable to interpret <[2013.02.09 13:53:06 | 000,224,945 | ---- | M] () (No name found) -- C:\Users\cocco\AppData\Roaming\mozilla\firefox\profiles\85ly5gs5.default\extensions\gophoto@gophoto.it.xpi> in the current context! Error: Unable to interpret <[2012.12.13 21:29:00 | 000,199,445 | ---- | M] () (No name found) -- C:\Users\cocco\AppData\Roaming\mozilla\firefox\profiles\85ly5gs5.default\extensions\movie2kdownloader@movie2kdownloader.com.xpi> in the current context! Error: Unable to interpret <[2012.12.11 19:48:55 | 000,036,098 | ---- | M] () (No name found) -- C:\Users\cocco\AppData\Roaming\mozilla\firefox\profiles\85ly5gs5.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi> in the current context! Error: Unable to interpret <[2013.02.14 16:43:59 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\cocco\AppData\Roaming\mozilla\firefox\profiles\85ly5gs5.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi> in the current context! Error: Unable to interpret <[2012.07.07 13:58:26 | 000,014,714 | ---- | M] () (No name found) -- C:\Users\cocco\AppData\Roaming\mozilla\firefox\profiles\85ly5gs5.default\extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi> in the current context! Error: Unable to interpret <[2013.02.08 20:10:15 | 000,001,294 | ---- | M] () -- C:\Users\cocco\AppData\Roaming\mozilla\firefox\profiles\85ly5gs5.default\searchplugins\delta.xml> in the current context! Error: Unable to interpret <[2013.02.06 10:32:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions> in the current context! Error: Unable to interpret <[2013.02.06 10:33:19 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll> in the current context! Error: Unable to interpret <[2012.04.06 07:59:02 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll> in the current context! Error: Unable to interpret <[2012.01.23 10:50:38 | 000,170,080 | ---- | M] (Tracker Software Products (Canada) Ltd.) -- C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll> in the current context! Error: Unable to interpret <[2013.01.05 16:11:17 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml> in the current context! Error: Unable to interpret <[2013.01.05 16:11:17 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml> in the current context! Error: Unable to interpret <[2013.01.05 16:11:17 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml> in the current context! Error: Unable to interpret <[2013.01.05 16:11:17 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml> in the current context! Error: Unable to interpret <[2013.01.05 16:11:17 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml> in the current context! Error: Unable to interpret <[2013.01.05 16:11:17 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <O1 HOSTS File: ([2012.04.10 18:54:50 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts> in the current context! Error: Unable to interpret <O1 - Hosts: 127.0.0.1 localhost> in the current context! Error: Unable to interpret <O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)> in the current context! Error: Unable to interpret <O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)> in the current context! Error: Unable to interpret <O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)> in the current context! Error: Unable to interpret <O4:64bit: - HKLM..\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)> in the current context! Error: Unable to interpret <O4:64bit: - HKLM..\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited)> in the current context! Error: Unable to interpret <O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)> in the current context! Error: Unable to interpret <O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present> in the current context! Error: Unable to interpret <O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0> in the current context! Error: Unable to interpret <O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5> in the current context! Error: Unable to interpret <O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present> in the current context! Error: Unable to interpret <O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0> in the current context! Error: Unable to interpret <O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run-Disabled: New Application = C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)> in the current context! Error: Unable to interpret <O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\cocco\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()> in the current context! Error: Unable to interpret <O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\cocco\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()> in the current context! Error: Unable to interpret <O8 - Extra context menu item: Free YouTube Download - C:\Users\cocco\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()> in the current context! Error: Unable to interpret <O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\cocco\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()> in the current context! Error: Unable to interpret <O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)> in the current context! Error: Unable to interpret <O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)> in the current context! Error: Unable to interpret <O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)> in the current context! Error: Unable to interpret <O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)> in the current context! Error: Unable to interpret <O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 10.3.0)> in the current context! Error: Unable to interpret <O16:64bit: - DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03)> in the current context! Error: Unable to interpret <O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03)> in the current context! Error: Unable to interpret <O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)> in the current context! Error: Unable to interpret <O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)> in the current context! Error: Unable to interpret <O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)> in the current context! Error: Unable to interpret <O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)> in the current context! Error: Unable to interpret <O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)> in the current context! Error: Unable to interpret <O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1> in the current context! Error: Unable to interpret <O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{34D41D7E-9D16-4775-80A6-B9D1A0875CF8}: NameServer = 193.189.244.206 193.189.244.225> in the current context! Error: Unable to interpret <O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B9AC4254-765A-4B65-B82D-A72069B93558}: NameServer = 193.189.244.225 193.189.244.206> in the current context! Error: Unable to interpret <O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DC61E5D9-B1D5-40BE-A003-2DFDE213449C}: DhcpNameServer = 192.168.178.1> in the current context! Error: Unable to interpret <O18:64bit: - Protocol\Handler\livecall - No CLSID value found> in the current context! Error: Unable to interpret <O18:64bit: - Protocol\Handler\msnim - No CLSID value found> in the current context! Error: Unable to interpret <O18:64bit: - Protocol\Handler\skype4com - No CLSID value found> in the current context! Error: Unable to interpret <O18 - Protocol\Handler\livecall - No CLSID value found> in the current context! Error: Unable to interpret <O18 - Protocol\Handler\msnim - No CLSID value found> in the current context! Error: Unable to interpret <O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)> in the current context! Error: Unable to interpret <O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)> in the current context! Error: Unable to interpret <O20:64bit: - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)> in the current context! Error: Unable to interpret <O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)> in the current context! Error: Unable to interpret <O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)> in the current context! Error: Unable to interpret <O32 - HKLM CDRom: AutoRun - 1> in the current context! Error: Unable to interpret <O34 - HKLM BootExecute: (autocheck autochk *)> in the current context! Error: Unable to interpret <O35:64bit: - HKLM\..comfile [open] -- "%1" %*> in the current context! Error: Unable to interpret <O35:64bit: - HKLM\..exefile [open] -- "%1" %*> in the current context! Error: Unable to interpret <O35 - HKLM\..comfile [open] -- "%1" %*> in the current context! Error: Unable to interpret <O35 - HKLM\..exefile [open] -- "%1" %*> in the current context! Error: Unable to interpret <O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*> in the current context! Error: Unable to interpret <O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*> in the current context! Error: Unable to interpret <O37 - HKLM\...com [@ = comfile] -- "%1" %*> in the current context! Error: Unable to interpret <O37 - HKLM\...exe [@ = exefile] -- "%1" %*> in the current context! Error: Unable to interpret <O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)> in the current context! Error: Unable to interpret <O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)> in the current context! Error: Unable to interpret <O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <========== Files/Folders - Created Within 30 Days ==========> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <[2013.02.14 18:32:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware> in the current context! Error: Unable to interpret <[2013.02.14 18:32:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes> in the current context! Error: Unable to interpret <[2013.02.14 18:32:34 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys> in the current context! Error: Unable to interpret <[2013.02.14 18:32:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware> in the current context! Error: Unable to interpret <[2013.02.14 18:32:19 | 000,000,000 | ---D | C] -- C:\Users\cocco\AppData\Local\Programs> in the current context! Error: Unable to interpret <[2013.02.14 17:35:30 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\cocco\Desktop\OTL.exe> in the current context! Error: Unable to interpret <[2013.02.14 07:23:48 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll> in the current context! Error: Unable to interpret <[2013.02.14 07:23:48 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll> in the current context! Error: Unable to interpret <[2013.02.14 07:23:42 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll> in the current context! Error: Unable to interpret <[2013.02.14 07:23:41 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll> in the current context! Error: Unable to interpret <[2013.02.14 07:23:40 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe> in the current context! Error: Unable to interpret <[2013.02.14 07:23:39 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\url.dll> in the current context! Error: Unable to interpret <[2013.02.14 07:23:39 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll> in the current context! Error: Unable to interpret <[2013.02.14 07:23:39 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe> in the current context! Error: Unable to interpret <[2013.02.14 07:23:36 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl> in the current context! Error: Unable to interpret <[2013.02.14 07:23:35 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll> in the current context! Error: Unable to interpret <[2013.02.14 07:23:35 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl> in the current context! Error: Unable to interpret <[2013.02.14 07:23:34 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll> in the current context! Error: Unable to interpret <[2013.02.14 07:23:28 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll> in the current context! Error: Unable to interpret <[2013.02.14 07:23:28 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll> in the current context! Error: Unable to interpret <[2013.02.14 07:23:27 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll> in the current context! Error: Unable to interpret <[2013.02.13 19:22:34 | 005,553,512 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntoskrnl.exe> in the current context! Error: Unable to interpret <[2013.02.13 19:22:31 | 003,967,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntkrnlpa.exe> in the current context! Error: Unable to interpret <[2013.02.13 19:22:30 | 003,913,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntoskrnl.exe> in the current context! Error: Unable to interpret <[2013.02.13 19:22:15 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\winsrv.dll> in the current context! Error: Unable to interpret <[2013.02.13 19:22:13 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\setup16.exe> in the current context! Error: Unable to interpret <[2013.02.13 19:22:13 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ntvdm64.dll> in the current context! Error: Unable to interpret <[2013.02.13 19:22:13 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\instnm.exe> in the current context! Error: Unable to interpret <[2013.02.13 19:22:12 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wow32.dll> in the current context! Error: Unable to interpret <[2013.02.13 19:22:11 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\user.exe> in the current context! Error: Unable to interpret <[2013.02.13 19:22:03 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\FWPKCLNT.SYS> in the current context! Error: Unable to interpret <[2013.02.13 05:15:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype> in the current context! Error: Unable to interpret <[2013.02.13 05:15:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype> in the current context! Error: Unable to interpret <[2013.02.08 20:09:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Gophoto.it> in the current context! Error: Unable to interpret <[2013.02.08 20:09:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Movie2KDownloader.com> in the current context! Error: Unable to interpret <[2013.02.08 20:09:08 | 000,000,000 | ---D | C] -- C:\Users\cocco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\hdvidcodec.com> in the current context! Error: Unable to interpret <[2013.02.08 20:09:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\hdvidcodec.com> in the current context! Error: Unable to interpret <[2013.02.06 10:32:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox> in the current context! Error: Unable to interpret <[2013.01.28 20:51:06 | 000,000,000 | ---D | C] -- C:\Users\cocco\AppData\Roaming\DivX> in the current context! Error: Unable to interpret <[2013.01.28 20:48:19 | 000,000,000 | ---D | C] -- C:\Program Files\DivX> in the current context! Error: Unable to interpret <[2013.01.28 20:46:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX> in the current context! Error: Unable to interpret <[2013.01.28 20:46:07 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX> in the current context! Error: Unable to interpret <[2013.01.27 15:16:09 | 000,000,000 | ---D | C] -- C:\Users\cocco\Documents\Eigene Scans> in the current context! Error: Unable to interpret <[2013.01.18 19:39:40 | 000,750,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\win32spl.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:39:39 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\win32spl.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:39:07 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ncrypt.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:39:04 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\usp10.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:38:26 | 000,045,568 | ---- | C] (Microsoft) -- C:\windows\SysWow64\oflc-nz.rs> in the current context! Error: Unable to interpret <[2013.01.18 19:38:26 | 000,045,568 | ---- | C] (Microsoft) -- C:\windows\SysNative\oflc-nz.rs> in the current context! Error: Unable to interpret <[2013.01.18 19:38:26 | 000,043,520 | ---- | C] (Microsoft) -- C:\windows\SysWow64\csrr.rs> in the current context! Error: Unable to interpret <[2013.01.18 19:38:26 | 000,043,520 | ---- | C] (Microsoft) -- C:\windows\SysNative\csrr.rs> in the current context! Error: Unable to interpret <[2013.01.18 19:38:25 | 000,046,592 | ---- | C] (Microsoft) -- C:\windows\SysWow64\fpb.rs> in the current context! Error: Unable to interpret <[2013.01.18 19:38:25 | 000,046,592 | ---- | C] (Microsoft) -- C:\windows\SysNative\fpb.rs> in the current context! Error: Unable to interpret <[2013.01.18 19:38:25 | 000,044,544 | ---- | C] (Microsoft) -- C:\windows\SysWow64\pegibbfc.rs> in the current context! Error: Unable to interpret <[2013.01.18 19:38:25 | 000,044,544 | ---- | C] (Microsoft) -- C:\windows\SysNative\pegibbfc.rs> in the current context! Error: Unable to interpret <[2013.01.18 19:38:25 | 000,040,960 | ---- | C] (Microsoft) -- C:\windows\SysWow64\cob-au.rs> in the current context! Error: Unable to interpret <[2013.01.18 19:38:25 | 000,040,960 | ---- | C] (Microsoft) -- C:\windows\SysNative\cob-au.rs> in the current context! Error: Unable to interpret <[2013.01.18 19:38:25 | 000,030,720 | ---- | C] (Microsoft) -- C:\windows\SysWow64\usk.rs> in the current context! Error: Unable to interpret <[2013.01.18 19:38:25 | 000,030,720 | ---- | C] (Microsoft) -- C:\windows\SysNative\usk.rs> in the current context! Error: Unable to interpret <[2013.01.18 19:38:25 | 000,021,504 | ---- | C] (Microsoft) -- C:\windows\SysWow64\grb.rs> in the current context! Error: Unable to interpret <[2013.01.18 19:38:25 | 000,015,360 | ---- | C] (Microsoft) -- C:\windows\SysWow64\djctq.rs> in the current context! Error: Unable to interpret <[2013.01.18 19:38:25 | 000,015,360 | ---- | C] (Microsoft) -- C:\windows\SysNative\djctq.rs> in the current context! Error: Unable to interpret <[2013.01.18 19:38:23 | 000,021,504 | ---- | C] (Microsoft) -- C:\windows\SysNative\grb.rs> in the current context! Error: Unable to interpret <[2013.01.18 19:38:23 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysWow64\pegi-pt.rs> in the current context! Error: Unable to interpret <[2013.01.18 19:38:23 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysNative\pegi-pt.rs> in the current context! Error: Unable to interpret <[2013.01.18 19:38:23 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysWow64\pegi.rs> in the current context! Error: Unable to interpret <[2013.01.18 19:38:23 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysNative\pegi.rs> in the current context! Error: Unable to interpret <[2013.01.18 19:38:22 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\gameux.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:38:22 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\Wpc.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:38:21 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\gameux.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:38:21 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\Wpc.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:38:19 | 000,051,712 | ---- | C] (Microsoft) -- C:\windows\SysNative\esrb.rs> in the current context! Error: Unable to interpret <[2013.01.18 19:38:18 | 000,055,296 | ---- | C] (Microsoft) -- C:\windows\SysWow64\cero.rs> in the current context! Error: Unable to interpret <[2013.01.18 19:38:18 | 000,055,296 | ---- | C] (Microsoft) -- C:\windows\SysNative\cero.rs> in the current context! Error: Unable to interpret <[2013.01.18 19:38:18 | 000,051,712 | ---- | C] (Microsoft) -- C:\windows\SysWow64\esrb.rs> in the current context! Error: Unable to interpret <[2013.01.18 19:38:18 | 000,023,552 | ---- | C] (Microsoft) -- C:\windows\SysWow64\oflc.rs> in the current context! Error: Unable to interpret <[2013.01.18 19:38:18 | 000,023,552 | ---- | C] (Microsoft) -- C:\windows\SysNative\oflc.rs> in the current context! Error: Unable to interpret <[2013.01.18 19:38:18 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysWow64\pegi-fi.rs> in the current context! Error: Unable to interpret <[2013.01.18 19:38:18 | 000,020,480 | ---- | C] (Microsoft) -- C:\windows\SysNative\pegi-fi.rs> in the current context! Error: Unable to interpret <[2013.01.18 19:37:09 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\KernelBase.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:37:07 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\kernel32.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:37:05 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64win.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:37:05 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\conhost.exe> in the current context! Error: Unable to interpret <[2013.01.18 19:37:05 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:37:05 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wow64cpu.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:37:04 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ntvdm64.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:37:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-string-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:37:02 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-file-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:37:02 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-file-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:37:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:37:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:37:01 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:37:00 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-security-base-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:37:00 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:37:00 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:37:00 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:37:00 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:37:00 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:37:00 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-synch-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:37:00 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:37:00 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:37:00 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-util-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:37:00 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:37:00 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:37:00 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-profile-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:36:59 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:36:59 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:36:59 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:36:59 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:36:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:36:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:36:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:36:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:36:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-misc-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:36:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:36:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-memory-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:36:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:36:59 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:36:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-io-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:36:59 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-io-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:36:58 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-security-base-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:36:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:36:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:36:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:36:58 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-heap-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:36:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-util-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:36:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:36:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:36:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-handle-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:36:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:36:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:36:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:36:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:36:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-debug-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:36:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:36:58 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:36:57 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:36:57 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:36:57 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-localization-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:36:57 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:36:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysWow64\api-ms-win-core-console-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:36:56 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\windows\SysNative\api-ms-win-core-console-l1-1-0.dll> in the current context! Error: Unable to interpret <[2013.01.18 19:36:29 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\taskhost.exe> in the current context! Error: Unable to interpret <[1 C:\windows\SysNative\drivers\*.tmp files -> C:\windows\SysNative\drivers\*.tmp -> ]> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <========== Files - Modified Within 30 Days ==========> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <[2013.02.16 07:51:04 | 001,500,294 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI> in the current context! Error: Unable to interpret <[2013.02.16 07:51:04 | 000,654,852 | ---- | M] () -- C:\windows\SysNative\perfh007.dat> in the current context! Error: Unable to interpret <[2013.02.16 07:51:04 | 000,616,694 | ---- | M] () -- C:\windows\SysNative\perfh009.dat> in the current context! Error: Unable to interpret <[2013.02.16 07:51:04 | 000,130,434 | ---- | M] () -- C:\windows\SysNative\perfc007.dat> in the current context! Error: Unable to interpret <[2013.02.16 07:51:04 | 000,106,816 | ---- | M] () -- C:\windows\SysNative\perfc009.dat> in the current context! Error: Unable to interpret <[2013.02.16 07:45:53 | 000,013,424 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0> in the current context! Error: Unable to interpret <[2013.02.16 07:45:53 | 000,013,424 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0> in the current context! Error: Unable to interpret <[2013.02.16 07:43:01 | 000,010,927 | ---- | M] () -- C:\Users\cocco\Desktop\leerebay.odt> in the current context! Error: Unable to interpret <[2013.02.16 07:39:09 | 000,001,102 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job> in the current context! Error: Unable to interpret <[2013.02.16 07:38:15 | 000,001,098 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job> in the current context! Error: Unable to interpret <[2013.02.16 07:38:14 | 000,000,326 | ---- | M] () -- C:\windows\tasks\GlaryInitialize.job> in the current context! Error: Unable to interpret <[2013.02.16 07:37:56 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat> in the current context! Error: Unable to interpret <[2013.02.15 21:26:00 | 000,000,884 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job> in the current context! Error: Unable to interpret <[2013.02.15 17:52:11 | 000,000,402 | ---- | M] () -- C:\windows\tasks\1-Click Maintenance.job> in the current context! Error: Unable to interpret <[2013.02.15 16:43:12 | 000,010,013 | ---- | M] () -- C:\Users\cocco\Desktop\telefonnummern.odt> in the current context! Error: Unable to interpret <[2013.02.14 17:35:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\cocco\Desktop\OTL.exe> in the current context! Error: Unable to interpret <[2013.02.14 07:55:52 | 000,315,032 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT> in the current context! Error: Unable to interpret <[2013.02.13 17:03:41 | 000,020,992 | ---- | M] () -- C:\Users\cocco\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini> in the current context! Error: Unable to interpret <[2013.02.13 05:28:17 | 000,015,732 | ---- | M] () -- C:\Users\cocco\Documents\ebay.odt> in the current context! Error: Unable to interpret <[2013.02.08 10:11:02 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk> in the current context! Error: Unable to interpret <[2013.02.08 09:26:35 | 000,697,712 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe> in the current context! Error: Unable to interpret <[2013.02.08 09:26:35 | 000,074,096 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl> in the current context! Error: Unable to interpret <[2013.01.18 19:57:36 | 000,001,151 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk> in the current context! Error: Unable to interpret <[2013.01.18 17:36:15 | 000,061,272 | ---- | M] () -- C:\Users\cocco\MultiChannelCheckoutPrintPdf.pdf> in the current context! Error: Unable to interpret <[1 C:\windows\SysNative\drivers\*.tmp files -> C:\windows\SysNative\drivers\*.tmp -> ]> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <========== Files Created - No Company Name ==========> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <[2013.02.16 07:42:56 | 000,010,927 | ---- | C] () -- C:\Users\cocco\Desktop\leerebay.odt> in the current context! Error: Unable to interpret <[2013.02.15 16:43:10 | 000,010,013 | ---- | C] () -- C:\Users\cocco\Desktop\telefonnummern.odt> in the current context! Error: Unable to interpret <[2013.02.13 05:28:14 | 000,015,732 | ---- | C] () -- C:\Users\cocco\Documents\ebay.odt> in the current context! Error: Unable to interpret <[2013.02.08 10:11:02 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk> in the current context! Error: Unable to interpret <[2013.01.18 19:57:36 | 000,001,151 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk> in the current context! Error: Unable to interpret <[2013.01.18 17:36:14 | 000,061,272 | ---- | C] () -- C:\Users\cocco\MultiChannelCheckoutPrintPdf.pdf> in the current context! Error: Unable to interpret <[2012.12.21 12:24:26 | 000,000,523 | ---- | C] () -- C:\windows\wininit.ini> in the current context! Error: Unable to interpret <[2012.12.12 03:52:39 | 082,238,291 | ---- | C] () -- C:\Users\cocco\mäxle neu.xpp> in the current context! Error: Unable to interpret <[2012.10.09 23:47:10 | 000,000,058 | ---- | C] () -- C:\Users\cocco\AppData\Roaming\mbam.context.scan> in the current context! Error: Unable to interpret <[2012.10.02 08:23:30 | 222,139,670 | ---- | C] () -- C:\Users\cocco\mäxle2.bak> in the current context! Error: Unable to interpret <[2012.10.02 08:23:30 | 222,139,558 | ---- | C] () -- C:\Users\cocco\mäxle2.xpp> in the current context! Error: Unable to interpret <[2012.09.25 10:21:13 | 082,145,412 | ---- | C] () -- C:\Users\cocco\mäxle.xpp> in the current context! Error: Unable to interpret <[2012.09.25 10:21:13 | 082,145,393 | ---- | C] () -- C:\Users\cocco\mäxle.bak> in the current context! Error: Unable to interpret <[2012.07.29 18:48:35 | 007,111,590 | ---- | C] () -- C:\Users\cocco\AppData\Local\census.cache> in the current context! Error: Unable to interpret <[2012.07.29 18:38:11 | 000,118,033 | ---- | C] () -- C:\Users\cocco\AppData\Local\ars.cache> in the current context! Error: Unable to interpret <[2012.06.21 15:34:27 | 000,000,034 | ---- | C] () -- C:\windows\cdplayer.ini> in the current context! Error: Unable to interpret <[2012.04.06 09:35:11 | 000,000,036 | ---- | C] () -- C:\Users\cocco\AppData\Local\housecall.guid.cache> in the current context! Error: Unable to interpret <[2012.02.25 06:24:22 | 000,000,000 | ---- | C] () -- C:\Users\cocco\AppData\Local\{8A30A419-CD73-4841-822B-31045D1742DD}> in the current context! Error: Unable to interpret <[2012.01.22 01:54:14 | 000,000,024 | ---- | C] () -- C:\Users\cocco\AppData\Roaming\xpy.ini> in the current context! Error: Unable to interpret <[2011.12.23 20:58:24 | 000,974,848 | ---- | C] () -- C:\windows\SysWow64\cis-2.4.dll> in the current context! Error: Unable to interpret <[2011.12.23 20:58:24 | 000,081,920 | ---- | C] () -- C:\windows\SysWow64\issacapi_bs-2.3.dll> in the current context! Error: Unable to interpret <[2011.12.23 20:58:24 | 000,065,536 | ---- | C] () -- C:\windows\SysWow64\issacapi_pe-2.3.dll> in the current context! Error: Unable to interpret <[2011.12.23 20:58:24 | 000,057,344 | ---- | C] () -- C:\windows\SysWow64\issacapi_se-2.3.dll> in the current context! Error: Unable to interpret <[2011.12.03 15:46:10 | 000,244,612 | ---- | C] () -- C:\windows\hpoins19.dat> in the current context! Error: Unable to interpret <[2011.12.03 15:46:10 | 000,013,898 | ---- | C] () -- C:\windows\hpomdl19.dat> in the current context! Error: Unable to interpret <[2011.08.13 17:53:59 | 000,020,992 | ---- | C] () -- C:\Users\cocco\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini> in the current context! Error: Unable to interpret <[2011.04.26 08:06:18 | 000,000,064 | ---- | C] () -- C:\windows\SysWow64\rp_stats.dat> in the current context! Error: Unable to interpret <[2011.04.26 08:06:18 | 000,000,044 | ---- | C] () -- C:\windows\SysWow64\rp_rules.dat> in the current context! Error: Unable to interpret <[2010.12.17 10:45:32 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt> in the current context! Error: Unable to interpret <[2010.11.25 22:01:28 | 000,000,088 | ---- | C] () -- C:\ProgramData\profile.xml> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <========== ZeroAccess Check ==========> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64> in the current context! Error: Unable to interpret <"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)> in the current context! Error: Unable to interpret <"ThreadingModel" = Apartment> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]> in the current context! Error: Unable to interpret <"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)> in the current context! Error: Unable to interpret <"ThreadingModel" = Apartment> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64> in the current context! Error: Unable to interpret <"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)> in the current context! Error: Unable to interpret <"ThreadingModel" = Free> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]> in the current context! Error: Unable to interpret <"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)> in the current context! Error: Unable to interpret <"ThreadingModel" = Free> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64> in the current context! Error: Unable to interpret <"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)> in the current context! Error: Unable to interpret <"ThreadingModel" = Both> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <========== LOP Check ==========> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <[2011.11.20 17:58:11 | 000,000,000 | ---D | M] -- C:\Users\cocco\AppData\Roaming\.minecraft> in the current context! Error: Unable to interpret <[2012.04.07 14:25:13 | 000,000,000 | ---D | M] -- C:\Users\cocco\AppData\Roaming\Ad-Aware Antivirus> in the current context! Error: Unable to interpret <[2012.08.30 12:35:02 | 000,000,000 | ---D | M] -- C:\Users\cocco\AppData\Roaming\Audacity> in the current context! Error: Unable to interpret <[2012.12.10 10:48:26 | 000,000,000 | ---D | M] -- C:\Users\cocco\AppData\Roaming\Canon> in the current context! Error: Unable to interpret <[2011.07.23 14:15:47 | 000,000,000 | ---D | M] -- C:\Users\cocco\AppData\Roaming\CheckPoint> in the current context! Error: Unable to interpret <[2012.11.10 13:00:47 | 000,000,000 | ---D | M] -- C:\Users\cocco\AppData\Roaming\DVDVideoSoft> in the current context! Error: Unable to interpret <[2012.08.26 12:19:22 | 000,000,000 | ---D | M] -- C:\Users\cocco\AppData\Roaming\DVDVideoSoftIEHelpers> in the current context! Error: Unable to interpret <[2011.09.04 15:14:50 | 000,000,000 | ---D | M] -- C:\Users\cocco\AppData\Roaming\Garmin> in the current context! Error: Unable to interpret <[2012.11.05 09:19:16 | 000,000,000 | ---D | M] -- C:\Users\cocco\AppData\Roaming\GlarySoft> in the current context! Error: Unable to interpret <[2013.01.09 12:37:56 | 000,000,000 | ---D | M] -- C:\Users\cocco\AppData\Roaming\ICQ-Profile> in the current context! Error: Unable to interpret <[2013.01.18 19:13:44 | 000,000,000 | ---D | M] -- C:\Users\cocco\AppData\Roaming\ICQM> in the current context! Error: Unable to interpret <[2013.01.18 19:14:03 | 000,000,000 | ---D | M] -- C:\Users\cocco\AppData\Roaming\IrfanView> in the current context! Error: Unable to interpret <[2012.11.10 15:03:30 | 000,000,000 | ---D | M] -- C:\Users\cocco\AppData\Roaming\ManyCam> in the current context! Error: Unable to interpret <[2013.01.18 19:14:03 | 000,000,000 | ---D | M] -- C:\Users\cocco\AppData\Roaming\Mobile Partner> in the current context! Error: Unable to interpret <[2011.11.08 19:22:06 | 000,000,000 | ---D | M] -- C:\Users\cocco\AppData\Roaming\OpenOffice.org> in the current context! Error: Unable to interpret <[2012.01.16 13:18:00 | 000,000,000 | ---D | M] -- C:\Users\cocco\AppData\Roaming\Samsung> in the current context! Error: Unable to interpret <[2013.02.14 15:12:21 | 000,000,000 | ---D | M] -- C:\Users\cocco\AppData\Roaming\SoftGrid Client> in the current context! Error: Unable to interpret <[2012.11.05 10:15:41 | 000,000,000 | ---D | M] -- C:\Users\cocco\AppData\Roaming\TuneUp Software> in the current context! Error: Unable to interpret <[2012.04.07 15:49:57 | 000,000,000 | ---D | M] -- C:\Users\cocco\AppData\Roaming\{90140011-0066-0407-0000-0000000FF1CE}> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret <========== Purity Check ==========> in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret < > in the current context! Error: Unable to interpret << End of report > > in the current context! OTL by OldTimer - Version 3.2.69.0 log created on 02162013_082745 |
|
17.02.2013, 17:19
| #7 |
| /// Malware-holic | laptop auf einmal langsam du sollst nicht das Logfile einfügen, sondern bitte mein Script, versuchs noch mal.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
17.02.2013, 17:40
| #8 |
| | laptop auf einmal langsam --- --- --- All processes killed ========== OTL ========== Registry value HKEY_USERS\S-1-5-21-1267310097-3752901941-3059132480-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run-Disabled\\New Application deleted successfully. ========== FILES ========== ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: AppData ->Temp folder emptied: 0 bytes User: coc ->Temp folder emptied: 18527569 bytes ->Temporary Internet Files folder emptied: 328124 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 89125144 bytes ->Flash cache emptied: 845 bytes User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: PC ->Temp folder emptied: 0 bytes User: Public ->Temp folder emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 385567 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 186096 bytes RecycleBin emptied: 181880 bytes Total Files Cleaned = 104,00 mb OTL by OldTimer - Version 3.2.69.0 log created on 02172013_181942 Files\Folders moved on Reboot... File\Folder C:\Users\cocco\AppData\Local\Temp\Temporary Internet Files\Content.IE5\P795Z4SW\ebay_de[1].htm not found! File\Folder C:\Users\cocco\AppData\Local\Temp\Temporary Internet Files\Content.IE5\53Z3DAHH\;cat=0;items=;sz=300x250;u=i_5661755809285888810_m_184971;;tile=2;um=0;us=13;eb_trk=184971;pr=20;xp=20;np=20;uz=;fbi=;sbi=; fbo=;sbo=;fse=;sse=;fvi=;svi=;ord=1361121480340;[1].htm not found! File\Folder C:\Users\cocco\AppData\Local\Temp\Temporary Internet Files\Content.IE5\53Z3DAHH\ms=;sz=300x250;u=i_5661755788347923207_m_167585;;dcopt=ist;tile=1;um=0;us=13;eb_trk=167585;pr=20;xp=20;np=20;uz=;fbi=;sbi=; fbo=;sbo=;fse=;sse=;fvi=;svi=;ord=1361121480262;[2].htm not found! File\Folder C:\Users\cocco\AppData\Local\Temp\Temporary Internet Files\Content.IE5\30RR6HH0\10613[1].htm not found! File\Folder C:\Users\cocco\AppData\Local\Temp\Temporary Internet Files\Content.IE5\30RR6HH0\10614[1].htm not found! File\Folder C:\Users\cocco\AppData\Local\Temp\Cookies\KUTY50RF.txt not found! C:\Users\cocco\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. File\Folder C:\Users\cocco\AppData\Local\Temp\~DF60EBA1E3C28FEC28.TMP not found! File\Folder C:\Users\cocco\AppData\Local\Temp\~DF7CFA111B09601B3B.TMP not found! File\Folder C:\Users\cocco\AppData\Local\Temp\~DF817FEA06DC75BCB0.TMP not found! File\Folder C:\Users\cocco\AppData\Local\Temp\~DFABDFD1660861C3F5.TMP not found! File\Folder C:\Users\cocco\AppData\Local\Temp\~DFF1563C8307F5A0CD.TMP not found! File\Folder C:\Users\cocco\AppData\Local\Temp\~DFF925991F38DBE3AA.TMP not found! C:\Users\cocco\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\ED8654D5-B9F0-4DD9-B3E8-F8F560086FDF.dat moved successfully. C:\Users\cocco\AppData\Local\Mozilla\Firefox\Profiles\85ly5gs5.default\startupCache\startupCache.4.little moved successfully. PendingFileRenameOperations files... Registry entries deleted on Reboot... Geändert von englojag (17.02.2013 um 18:22 Uhr) |
|
18.02.2013, 15:32
| #9 |
| /// Malware-holic | laptop auf einmal langsam Hi, Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
19.02.2013, 10:16
| #10 |
| | laptop auf einmal langsam 18:19:13.0163 3720 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42 18:19:13.0334 3720 ============================================================ 18:19:13.0334 3720 Current date / time: 2013/02/18 18:19:13.0334 18:19:13.0334 3720 SystemInfo: 18:19:13.0334 3720 18:19:13.0334 3720 OS Version: 6.1.7601 ServicePack: 1.0 18:19:13.0334 3720 Product type: Workstation 18:19:13.0334 3720 ComputerName: PC-PC 18:19:13.0334 3720 UserName: cocc 18:19:13.0334 3720 Windows directory: C:\windows 18:19:13.0334 3720 System windows directory: C:\windows 18:19:13.0334 3720 Running under WOW64 18:19:13.0334 3720 Processor architecture: Intel x64 18:19:13.0334 3720 Number of processors: 4 18:19:13.0334 3720 Page size: 0x1000 18:19:13.0334 3720 Boot type: Normal boot 18:19:13.0334 3720 ============================================================ 18:19:15.0066 3720 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 18:19:15.0082 3720 ============================================================ 18:19:15.0082 3720 \Device\Harddisk0\DR0: 18:19:15.0082 3720 MBR partitions: 18:19:15.0082 3720 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x64000 18:19:15.0082 3720 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64800, BlocksNum 0x1FC49800 18:19:15.0097 3720 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1FCAE800, BlocksNum 0x39FD800 18:19:15.0097 3720 ============================================================ 18:19:15.0160 3720 C: <-> \Device\Harddisk0\DR0\Partition2 18:19:15.0191 3720 D: <-> \Device\Harddisk0\DR0\Partition3 18:19:15.0191 3720 ============================================================ 18:19:15.0191 3720 Initialize success 18:19:15.0191 3720 ============================================================ 18:19:48.0218 3272 ============================================================ 18:19:48.0218 3272 Scan started 18:19:48.0218 3272 Mode: Manual; 18:19:48.0218 3272 ============================================================ 18:19:48.0983 3272 ================ Scan system memory ======================== 18:19:48.0983 3272 System memory - ok 18:19:48.0983 3272 ================ Scan services ============================= 18:19:49.0232 3272 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys 18:19:49.0248 3272 1394ohci - ok 18:19:49.0279 3272 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys 18:19:49.0295 3272 ACPI - ok 18:19:49.0326 3272 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys 18:19:49.0326 3272 AcpiPmi - ok 18:19:49.0373 3272 [ DC201246A14CB3B274DF59FAF539AB07 ] ACPIVPC C:\windows\system32\DRIVERS\AcpiVpc.sys 18:19:49.0373 3272 ACPIVPC - ok 18:19:49.0560 3272 [ EC807244904FA170C299AB06D87FBDBE ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 18:19:49.0560 3272 AdobeFlashPlayerUpdateSvc - ok 18:19:49.0622 3272 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys 18:19:49.0638 3272 adp94xx - ok 18:19:49.0669 3272 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\DRIVERS\adpahci.sys 18:19:49.0685 3272 adpahci - ok 18:19:49.0700 3272 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys 18:19:49.0700 3272 adpu320 - ok 18:19:49.0747 3272 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll 18:19:49.0747 3272 AeLookupSvc - ok 18:19:49.0794 3272 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys 18:19:49.0809 3272 AFD - ok 18:19:49.0841 3272 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys 18:19:49.0841 3272 agp440 - ok 18:19:49.0872 3272 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe 18:19:49.0872 3272 ALG - ok 18:19:49.0903 3272 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys 18:19:49.0903 3272 aliide - ok 18:19:49.0934 3272 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys 18:19:49.0934 3272 amdide - ok 18:19:49.0965 3272 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys 18:19:49.0965 3272 AmdK8 - ok 18:19:49.0981 3272 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys 18:19:49.0981 3272 AmdPPM - ok 18:19:50.0012 3272 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys 18:19:50.0012 3272 amdsata - ok 18:19:50.0043 3272 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys 18:19:50.0043 3272 amdsbs - ok 18:19:50.0059 3272 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys 18:19:50.0075 3272 amdxata - ok 18:19:50.0231 3272 [ 459465DA28E49B358ECFE0D788F328F4 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe 18:19:50.0262 3272 AntiVirSchedulerService - ok 18:19:50.0340 3272 [ BCDD17E8469D647A71B347C4B6F86685 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe 18:19:50.0355 3272 AntiVirService - ok 18:19:50.0371 3272 aotkgvrc - ok 18:19:50.0418 3272 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys 18:19:50.0418 3272 AppID - ok 18:19:50.0449 3272 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll 18:19:50.0449 3272 AppIDSvc - ok 18:19:50.0480 3272 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll 18:19:50.0480 3272 Appinfo - ok 18:19:50.0558 3272 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 18:19:50.0605 3272 Apple Mobile Device - ok 18:19:50.0652 3272 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\DRIVERS\arc.sys 18:19:50.0652 3272 arc - ok 18:19:50.0667 3272 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\DRIVERS\arcsas.sys 18:19:50.0667 3272 arcsas - ok 18:19:50.0699 3272 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys 18:19:50.0699 3272 AsyncMac - ok 18:19:50.0745 3272 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys 18:19:50.0745 3272 atapi - ok 18:19:50.0792 3272 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll 18:19:50.0792 3272 AudioEndpointBuilder - ok 18:19:50.0808 3272 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll 18:19:50.0823 3272 AudioSrv - ok 18:19:50.0886 3272 [ BFE9598EBC3934CF8D876A303849C896 ] avgntflt C:\windows\system32\DRIVERS\avgntflt.sys 18:19:50.0886 3272 avgntflt - ok 18:19:50.0964 3272 [ F74D86A9FB35FA5F24627B8DBBF3A9A4 ] avipbb C:\windows\system32\DRIVERS\avipbb.sys 18:19:50.0964 3272 avipbb - ok 18:19:51.0011 3272 [ CD0E732347BF09717E0BDDC0C66699AB ] avkmgr C:\windows\system32\DRIVERS\avkmgr.sys 18:19:51.0011 3272 avkmgr - ok 18:19:51.0057 3272 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll 18:19:51.0057 3272 AxInstSV - ok 18:19:51.0104 3272 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\DRIVERS\bxvbda.sys 18:19:51.0104 3272 b06bdrv - ok 18:19:51.0135 3272 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys 18:19:51.0151 3272 b57nd60a - ok 18:19:51.0167 3272 bcljykme - ok 18:19:51.0276 3272 [ 5B5C36B2EC500462A715DB6BCBAF5DA7 ] BCM43XX C:\windows\system32\DRIVERS\bcmwl664.sys 18:19:51.0354 3272 BCM43XX - ok 18:19:51.0416 3272 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll 18:19:51.0416 3272 BDESVC - ok 18:19:51.0463 3272 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys 18:19:51.0463 3272 Beep - ok 18:19:51.0525 3272 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll 18:19:51.0541 3272 BFE - ok 18:19:51.0588 3272 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\system32\qmgr.dll 18:19:51.0603 3272 BITS - ok 18:19:51.0635 3272 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys 18:19:51.0635 3272 blbdrive - ok 18:19:51.0759 3272 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 18:19:51.0775 3272 Bonjour Service - ok 18:19:51.0822 3272 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys 18:19:51.0822 3272 bowser - ok 18:19:51.0853 3272 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys 18:19:51.0853 3272 BrFiltLo - ok 18:19:51.0869 3272 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys 18:19:51.0869 3272 BrFiltUp - ok 18:19:51.0915 3272 [ 34F786535F9245E4028C57B28248C9D8 ] Bridge0 C:\windows\system32\drivers\WDBridge.sys 18:19:51.0915 3272 Bridge0 - ok 18:19:51.0947 3272 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\windows\system32\DRIVERS\bridge.sys 18:19:51.0947 3272 BridgeMP - ok 18:19:52.0009 3272 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll 18:19:52.0009 3272 Browser - ok 18:19:52.0040 3272 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys 18:19:52.0040 3272 Brserid - ok 18:19:52.0071 3272 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys 18:19:52.0087 3272 BrSerWdm - ok 18:19:52.0087 3272 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys 18:19:52.0087 3272 BrUsbMdm - ok 18:19:52.0103 3272 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys 18:19:52.0103 3272 BrUsbSer - ok 18:19:52.0149 3272 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\windows\system32\drivers\BthEnum.sys 18:19:52.0149 3272 BthEnum - ok 18:19:52.0165 3272 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys 18:19:52.0165 3272 BTHMODEM - ok 18:19:52.0181 3272 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\windows\system32\DRIVERS\bthpan.sys 18:19:52.0181 3272 BthPan - ok 18:19:52.0227 3272 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys 18:19:52.0227 3272 BTHPORT - ok 18:19:52.0274 3272 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll 18:19:52.0274 3272 bthserv - ok 18:19:52.0305 3272 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys 18:19:52.0305 3272 BTHUSB - ok 18:19:52.0337 3272 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys 18:19:52.0337 3272 cdfs - ok 18:19:52.0383 3272 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys 18:19:52.0399 3272 cdrom - ok 18:19:52.0446 3272 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll 18:19:52.0446 3272 CertPropSvc - ok 18:19:52.0461 3272 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\DRIVERS\circlass.sys 18:19:52.0461 3272 circlass - ok 18:19:52.0493 3272 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys 18:19:52.0508 3272 CLFS - ok 18:19:52.0571 3272 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 18:19:52.0617 3272 clr_optimization_v2.0.50727_32 - ok 18:19:52.0664 3272 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 18:19:52.0680 3272 clr_optimization_v2.0.50727_64 - ok 18:19:52.0758 3272 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 18:19:52.0773 3272 clr_optimization_v4.0.30319_32 - ok 18:19:52.0805 3272 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 18:19:52.0805 3272 clr_optimization_v4.0.30319_64 - ok 18:19:52.0851 3272 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys 18:19:52.0851 3272 CmBatt - ok 18:19:52.0883 3272 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys 18:19:52.0883 3272 cmdide - ok 18:19:52.0929 3272 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys 18:19:52.0945 3272 CNG - ok 18:19:53.0007 3272 [ 7247A4D0875F5F28919E0787E11B7B57 ] CnxtHdAudService C:\windows\system32\drivers\CHDRT64.sys 18:19:53.0023 3272 CnxtHdAudService - ok 18:19:53.0054 3272 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys 18:19:53.0054 3272 Compbatt - ok 18:19:53.0070 3272 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys 18:19:53.0085 3272 CompositeBus - ok 18:19:53.0085 3272 COMSysApp - ok 18:19:53.0117 3272 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys 18:19:53.0117 3272 crcdisk - ok 18:19:53.0179 3272 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\windows\system32\cryptsvc.dll 18:19:53.0179 3272 CryptSvc - ok 18:19:53.0226 3272 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll 18:19:53.0241 3272 DcomLaunch - ok 18:19:53.0273 3272 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll 18:19:53.0288 3272 defragsvc - ok 18:19:53.0335 3272 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys 18:19:53.0335 3272 DfsC - ok 18:19:53.0382 3272 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll 18:19:53.0397 3272 Dhcp - ok 18:19:53.0429 3272 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys 18:19:53.0429 3272 discache - ok 18:19:53.0475 3272 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\DRIVERS\disk.sys 18:19:53.0475 3272 Disk - ok 18:19:53.0475 3272 dmfonujw - ok 18:19:53.0522 3272 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll 18:19:53.0522 3272 Dnscache - ok 18:19:53.0569 3272 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll 18:19:53.0569 3272 dot3svc - ok 18:19:53.0631 3272 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\windows\system32\DRIVERS\Dot4.sys 18:19:53.0631 3272 Dot4 - ok 18:19:53.0663 3272 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\windows\system32\DRIVERS\Dot4Prt.sys 18:19:53.0663 3272 Dot4Print - ok 18:19:53.0678 3272 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\windows\system32\DRIVERS\dot4usb.sys 18:19:53.0678 3272 dot4usb - ok 18:19:53.0709 3272 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll 18:19:53.0709 3272 DPS - ok 18:19:53.0741 3272 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys 18:19:53.0741 3272 drmkaud - ok 18:19:53.0803 3272 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys 18:19:53.0819 3272 DXGKrnl - ok 18:19:53.0850 3272 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll 18:19:53.0865 3272 EapHost - ok 18:19:53.0975 3272 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\DRIVERS\evbda.sys 18:19:54.0068 3272 ebdrv - ok 18:19:54.0115 3272 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe 18:19:54.0115 3272 EFS - ok 18:19:54.0193 3272 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe 18:19:54.0224 3272 ehRecvr - ok 18:19:54.0255 3272 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe 18:19:54.0271 3272 ehSched - ok 18:19:54.0318 3272 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\DRIVERS\elxstor.sys 18:19:54.0318 3272 elxstor - ok 18:19:54.0333 3272 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys 18:19:54.0333 3272 ErrDev - ok 18:19:54.0396 3272 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll 18:19:54.0396 3272 EventSystem - ok 18:19:54.0443 3272 [ 334C907536E815E56CD13108A6D5FB9D ] ewusbmbb C:\windows\system32\DRIVERS\ewusbwwan.sys 18:19:54.0458 3272 ewusbmbb - ok 18:19:54.0489 3272 [ 86F7951BBCEE4A86E79A97306BD14318 ] ew_hwusbdev C:\windows\system32\DRIVERS\ew_hwusbdev.sys 18:19:54.0489 3272 ew_hwusbdev - ok 18:19:54.0521 3272 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys 18:19:54.0536 3272 exfat - ok 18:19:54.0552 3272 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys 18:19:54.0552 3272 fastfat - ok 18:19:54.0630 3272 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe 18:19:54.0645 3272 Fax - ok 18:19:54.0661 3272 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\DRIVERS\fdc.sys 18:19:54.0661 3272 fdc - ok 18:19:54.0692 3272 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll 18:19:54.0692 3272 fdPHost - ok 18:19:54.0723 3272 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll 18:19:54.0723 3272 FDResPub - ok 18:19:54.0755 3272 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys 18:19:54.0755 3272 FileInfo - ok 18:19:54.0770 3272 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys 18:19:54.0770 3272 Filetrace - ok 18:19:54.0786 3272 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys 18:19:54.0786 3272 flpydisk - ok 18:19:54.0817 3272 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys 18:19:54.0833 3272 FltMgr - ok 18:19:54.0895 3272 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll 18:19:54.0911 3272 FontCache - ok 18:19:54.0973 3272 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 18:19:55.0004 3272 FontCache3.0.0.0 - ok 18:19:55.0035 3272 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys 18:19:55.0051 3272 FsDepends - ok 18:19:55.0067 3272 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys 18:19:55.0067 3272 Fs_Rec - ok 18:19:55.0098 3272 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys 18:19:55.0113 3272 fvevol - ok 18:19:55.0145 3272 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys 18:19:55.0145 3272 gagp30kx - ok 18:19:55.0207 3272 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys 18:19:55.0207 3272 GEARAspiWDM - ok 18:19:55.0254 3272 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll 18:19:55.0269 3272 gpsvc - ok 18:19:55.0363 3272 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 18:19:55.0363 3272 gupdate - ok 18:19:55.0379 3272 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 18:19:55.0379 3272 gupdatem - ok 18:19:55.0394 3272 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys 18:19:55.0394 3272 hcw85cir - ok 18:19:55.0441 3272 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys 18:19:55.0441 3272 HdAudAddService - ok 18:19:55.0472 3272 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys 18:19:55.0472 3272 HDAudBus - ok 18:19:55.0503 3272 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\windows\system32\DRIVERS\HECIx64.sys 18:19:55.0503 3272 HECIx64 - ok 18:19:55.0519 3272 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys 18:19:55.0519 3272 HidBatt - ok 18:19:55.0550 3272 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys 18:19:55.0550 3272 HidBth - ok 18:19:55.0581 3272 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\DRIVERS\hidir.sys 18:19:55.0581 3272 HidIr - ok 18:19:55.0613 3272 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\System32\hidserv.dll 18:19:55.0613 3272 hidserv - ok 18:19:55.0659 3272 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys 18:19:55.0659 3272 HidUsb - ok 18:19:55.0691 3272 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll 18:19:55.0691 3272 hkmsvc - ok 18:19:55.0737 3272 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll 18:19:55.0737 3272 HomeGroupListener - ok 18:19:55.0784 3272 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll 18:19:55.0784 3272 HomeGroupProvider - ok 18:19:55.0878 3272 [ 1DAE5C46D42B02A6D5862E1482EFB390 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll 18:19:55.0893 3272 hpqcxs08 - ok 18:19:55.0925 3272 [ 99E8EEF42FE2F4AF29B08C3355DD7685 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll 18:19:55.0956 3272 hpqddsvc - ok 18:19:56.0003 3272 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys 18:19:56.0003 3272 HpSAMD - ok 18:19:56.0127 3272 [ F37882F128EFACEFE353E0BAE2766909 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL 18:19:56.0143 3272 HPSLPSVC - ok 18:19:56.0190 3272 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys 18:19:56.0205 3272 HTTP - ok 18:19:56.0252 3272 [ 1642C62F1FD5E1FF44608283994A7BB8 ] huawei_enumerator C:\windows\system32\DRIVERS\ew_jubusenum.sys 18:19:56.0252 3272 huawei_enumerator - ok 18:19:56.0299 3272 [ 04D1DE1E8ACE40CA396502C90524E945 ] hwdatacard C:\windows\system32\DRIVERS\ewusbmdm.sys 18:19:56.0315 3272 hwdatacard - ok 18:19:56.0361 3272 HWDeviceService64.exe - ok 18:19:56.0393 3272 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys 18:19:56.0393 3272 hwpolicy - ok 18:19:56.0424 3272 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys 18:19:56.0424 3272 i8042prt - ok 18:19:56.0455 3272 [ 42E00996DFC13C46366689C0EA8ABC5E ] iaStor C:\windows\system32\DRIVERS\iaStor.sys 18:19:56.0471 3272 iaStor - ok 18:19:56.0517 3272 [ 48362E5DB5CB2C000C514EE1F3890ACD ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe 18:19:56.0533 3272 IAStorDataMgrSvc - ok 18:19:56.0564 3272 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys 18:19:56.0580 3272 iaStorV - ok 18:19:56.0673 3272 [ 4F8413B0D925164C679FCE772D8AA1EE ] IB Updater C:\Program Files\IB Updater\ExtensionUpdaterService.exe 18:19:56.0798 3272 IB Updater - ok 18:19:56.0876 3272 [ DAF66902F08796F9C694901660E5A64A ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe 18:19:56.0923 3272 IDriverT - ok 18:19:56.0985 3272 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 18:19:57.0063 3272 idsvc - ok 18:19:57.0251 3272 [ A87261EF1546325B559374F5689CF5BC ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys 18:19:57.0422 3272 igfx - ok 18:19:57.0500 3272 [ D951D20153E51928F9DB2227D6FF5C7A ] IGRS C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe 18:19:57.0516 3272 IGRS - ok 18:19:57.0563 3272 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys 18:19:57.0563 3272 iirsp - ok 18:19:57.0609 3272 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll 18:19:57.0625 3272 IKEEXT - ok 18:19:57.0656 3272 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys 18:19:57.0656 3272 intelide - ok 18:19:57.0672 3272 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys 18:19:57.0672 3272 intelppm - ok 18:19:57.0719 3272 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll 18:19:57.0719 3272 IPBusEnum - ok 18:19:57.0765 3272 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys 18:19:57.0765 3272 IpFilterDriver - ok 18:19:57.0828 3272 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\windows\System32\iphlpsvc.dll 18:19:57.0828 3272 iphlpsvc - ok 18:19:57.0875 3272 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys 18:19:57.0875 3272 IPMIDRV - ok 18:19:57.0937 3272 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys 18:19:57.0937 3272 IPNAT - ok 18:19:57.0999 3272 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe 18:19:58.0031 3272 iPod Service - ok 18:19:58.0077 3272 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys 18:19:58.0077 3272 IRENUM - ok 18:19:58.0109 3272 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys 18:19:58.0109 3272 isapnp - ok 18:19:58.0140 3272 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys 18:19:58.0155 3272 iScsiPrt - ok 18:19:58.0155 3272 ixmeyuom - ok 18:19:58.0171 3272 jtsdrilg - ok 18:19:58.0202 3272 [ 7DBAFE10C1B777305C80BEA42FBDA710 ] k57nd60a C:\windows\system32\DRIVERS\k57nd60a.sys 18:19:58.0218 3272 k57nd60a - ok 18:19:58.0233 3272 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\drivers\kbdclass.sys 18:19:58.0233 3272 kbdclass - ok 18:19:58.0265 3272 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\drivers\kbdhid.sys 18:19:58.0280 3272 kbdhid - ok 18:19:58.0311 3272 kcnnsaut - ok 18:19:58.0327 3272 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe 18:19:58.0327 3272 KeyIso - ok 18:19:58.0358 3272 [ 07071C1E3CD8F0F9114AAC8B072CA1E5 ] KMWDFILTER C:\windows\system32\DRIVERS\KMWDFILTER.sys 18:19:58.0358 3272 KMWDFILTER - ok 18:19:58.0389 3272 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys 18:19:58.0405 3272 KSecDD - ok 18:19:58.0436 3272 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys 18:19:58.0452 3272 KSecPkg - ok 18:19:58.0483 3272 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys 18:19:58.0483 3272 ksthunk - ok 18:19:58.0514 3272 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll 18:19:58.0530 3272 KtmRm - ok 18:19:58.0530 3272 kwwmsayj - ok 18:19:58.0592 3272 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\System32\srvsvc.dll 18:19:58.0592 3272 LanmanServer - ok 18:19:58.0623 3272 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll 18:19:58.0623 3272 LanmanWorkstation - ok 18:19:58.0639 3272 Lbd - ok 18:19:58.0717 3272 [ 7FCB3EC66361F157BCD5B5C33CE2AC16 ] Lenovo ReadyComm AppSvc C:\Program Files\Lenovo\ReadyComm\AppSvc.exe 18:19:58.0764 3272 Lenovo ReadyComm AppSvc - ok 18:19:58.0811 3272 [ 5287074E79E4BA82510886F684DC5F72 ] Lenovo ReadyComm ConnSvc C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe 18:19:58.0873 3272 Lenovo ReadyComm ConnSvc - ok 18:19:58.0889 3272 ljhabbel - ok 18:19:58.0920 3272 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys 18:19:58.0935 3272 lltdio - ok 18:19:58.0967 3272 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll 18:19:58.0982 3272 lltdsvc - ok 18:19:58.0998 3272 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll 18:19:58.0998 3272 lmhosts - ok 18:19:59.0076 3272 [ 1E2F802846EB944E0333EFEE7C9532A8 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe 18:19:59.0107 3272 LMS - ok 18:19:59.0123 3272 locmcguz - ok 18:19:59.0169 3272 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys 18:19:59.0169 3272 LSI_FC - ok 18:19:59.0201 3272 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys 18:19:59.0201 3272 LSI_SAS - ok 18:19:59.0216 3272 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys 18:19:59.0216 3272 LSI_SAS2 - ok 18:19:59.0216 3272 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys 18:19:59.0232 3272 LSI_SCSI - ok 18:19:59.0263 3272 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys 18:19:59.0263 3272 luafv - ok 18:19:59.0334 3272 [ DE585D1D266805E5EEDAE911FDD16F38 ] ManyCam C:\windows\system32\DRIVERS\mcvidrv_x64.sys 18:19:59.0334 3272 ManyCam - ok 18:19:59.0384 3272 [ 2E7FFDEF8BAFD04CBB517507B821E878 ] mcaudrv_simple C:\windows\system32\drivers\mcaudrv_x64.sys 18:19:59.0394 3272 mcaudrv_simple - ok 18:19:59.0424 3272 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll 18:19:59.0434 3272 Mcx2Svc - ok 18:19:59.0454 3272 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\DRIVERS\megasas.sys 18:19:59.0454 3272 megasas - ok 18:19:59.0494 3272 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys 18:19:59.0494 3272 MegaSR - ok 18:19:59.0504 3272 mevoslvi - ok 18:19:59.0534 3272 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll 18:19:59.0544 3272 MMCSS - ok 18:19:59.0564 3272 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys 18:19:59.0564 3272 Modem - ok 18:19:59.0604 3272 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys 18:19:59.0614 3272 monitor - ok 18:19:59.0644 3272 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys 18:19:59.0654 3272 mouclass - ok 18:19:59.0694 3272 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys 18:19:59.0694 3272 mouhid - ok 18:19:59.0734 3272 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys 18:19:59.0734 3272 mountmgr - ok 18:19:59.0840 3272 [ 51A84B690DF519DCF656F780243D953E ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 18:19:59.0855 3272 MozillaMaintenance - ok 18:19:59.0918 3272 [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter C:\windows\system32\DRIVERS\MpFilter.sys 18:19:59.0933 3272 MpFilter - ok 18:19:59.0965 3272 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys 18:19:59.0965 3272 mpio - ok 18:20:00.0011 3272 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys 18:20:00.0011 3272 mpsdrv - ok 18:20:00.0058 3272 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\windows\system32\mpssvc.dll 18:20:00.0074 3272 MpsSvc - ok 18:20:00.0105 3272 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys 18:20:00.0105 3272 MRxDAV - ok 18:20:00.0136 3272 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys 18:20:00.0152 3272 mrxsmb - ok 18:20:00.0183 3272 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys 18:20:00.0183 3272 mrxsmb10 - ok 18:20:00.0199 3272 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys 18:20:00.0199 3272 mrxsmb20 - ok 18:20:00.0245 3272 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\drivers\msahci.sys 18:20:00.0245 3272 msahci - ok 18:20:00.0277 3272 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys 18:20:00.0277 3272 msdsm - ok 18:20:00.0292 3272 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe 18:20:00.0308 3272 MSDTC - ok 18:20:00.0355 3272 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys 18:20:00.0355 3272 Msfs - ok 18:20:00.0370 3272 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys 18:20:00.0370 3272 mshidkmdf - ok 18:20:00.0401 3272 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys 18:20:00.0401 3272 msisadrv - ok 18:20:00.0433 3272 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll 18:20:00.0433 3272 MSiSCSI - ok 18:20:00.0433 3272 msiserver - ok 18:20:00.0464 3272 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys 18:20:00.0464 3272 MSKSSRV - ok 18:20:00.0542 3272 [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe 18:20:00.0542 3272 MsMpSvc - ok 18:20:00.0589 3272 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys 18:20:00.0589 3272 MSPCLOCK - ok 18:20:00.0620 3272 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys 18:20:00.0620 3272 MSPQM - ok 18:20:00.0667 3272 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys 18:20:00.0682 3272 MsRPC - ok 18:20:00.0713 3272 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\drivers\mssmbios.sys 18:20:00.0713 3272 mssmbios - ok 18:20:00.0729 3272 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys 18:20:00.0745 3272 MSTEE - ok 18:20:00.0760 3272 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys 18:20:00.0760 3272 MTConfig - ok 18:20:00.0791 3272 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys 18:20:00.0807 3272 Mup - ok 18:20:00.0838 3272 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll 18:20:00.0838 3272 napagent - ok 18:20:00.0885 3272 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys 18:20:00.0885 3272 NativeWifiP - ok 18:20:00.0947 3272 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\windows\system32\drivers\ndis.sys 18:20:00.0963 3272 NDIS - ok 18:20:00.0979 3272 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys 18:20:00.0979 3272 NdisCap - ok 18:20:01.0010 3272 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys 18:20:01.0025 3272 NdisTapi - ok 18:20:01.0072 3272 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys 18:20:01.0072 3272 Ndisuio - ok 18:20:01.0103 3272 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys 18:20:01.0119 3272 NdisWan - ok 18:20:01.0135 3272 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys 18:20:01.0135 3272 NDProxy - ok 18:20:01.0197 3272 [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll 18:20:01.0197 3272 Net Driver HPZ12 - ok 18:20:01.0228 3272 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys 18:20:01.0228 3272 NetBIOS - ok 18:20:01.0275 3272 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys 18:20:01.0275 3272 NetBT - ok 18:20:01.0291 3272 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe 18:20:01.0291 3272 Netlogon - ok 18:20:01.0337 3272 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll 18:20:01.0353 3272 Netman - ok 18:20:01.0384 3272 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll 18:20:01.0384 3272 netprofm - ok 18:20:01.0431 3272 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 18:20:01.0462 3272 NetTcpPortSharing - ok 18:20:01.0634 3272 [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64 C:\windows\system32\DRIVERS\netw5v64.sys 18:20:01.0774 3272 netw5v64 - ok 18:20:01.0821 3272 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys 18:20:01.0821 3272 nfrd960 - ok 18:20:01.0883 3272 [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv C:\windows\system32\DRIVERS\NisDrvWFP.sys 18:20:01.0883 3272 NisDrv - ok 18:20:01.0930 3272 [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe 18:20:01.0930 3272 NisSrv - ok 18:20:01.0961 3272 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\windows\System32\nlasvc.dll 18:20:01.0977 3272 NlaSvc - ok 18:20:01.0977 3272 nmtpdmep - ok 18:20:02.0008 3272 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys 18:20:02.0008 3272 Npfs - ok 18:20:02.0039 3272 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll 18:20:02.0039 3272 nsi - ok 18:20:02.0071 3272 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys 18:20:02.0071 3272 nsiproxy - ok 18:20:02.0149 3272 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\windows\system32\drivers\Ntfs.sys 18:20:02.0180 3272 Ntfs - ok 18:20:02.0211 3272 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys 18:20:02.0211 3272 Null - ok 18:20:02.0258 3272 [ 181E7FE39211E04128A30708906627D8 ] NVHDA C:\windows\system32\drivers\nvhda64v.sys 18:20:02.0258 3272 NVHDA - ok 18:20:02.0570 3272 [ A1777644C3D044494658DA850A4A16D8 ] nvlddmkm C:\windows\system32\DRIVERS\nvlddmkm.sys 18:20:02.0929 3272 nvlddmkm - ok 18:20:02.0975 3272 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys 18:20:02.0975 3272 nvraid - ok 18:20:03.0007 3272 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys 18:20:03.0007 3272 nvstor - ok 18:20:03.0053 3272 [ B8E361851BFB7152E0A2D6031C4DB1E9 ] nvsvc C:\windows\system32\nvvsvc.exe 18:20:03.0069 3272 nvsvc - ok 18:20:03.0085 3272 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys 18:20:03.0100 3272 nv_agp - ok 18:20:03.0100 3272 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys 18:20:03.0100 3272 ohci1394 - ok 18:20:03.0116 3272 ouzvwkfr - ok 18:20:03.0147 3272 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll 18:20:03.0163 3272 p2pimsvc - ok 18:20:03.0178 3272 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll 18:20:03.0194 3272 p2psvc - ok 18:20:03.0224 3272 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\DRIVERS\parport.sys 18:20:03.0224 3272 Parport - ok 18:20:03.0254 3272 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys 18:20:03.0254 3272 partmgr - ok 18:20:03.0294 3272 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll 18:20:03.0294 3272 PcaSvc - ok 18:20:03.0334 3272 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys 18:20:03.0334 3272 pci - ok 18:20:03.0354 3272 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\drivers\pciide.sys 18:20:03.0354 3272 pciide - ok 18:20:03.0374 3272 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys 18:20:03.0384 3272 pcmcia - ok 18:20:03.0404 3272 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys 18:20:03.0404 3272 pcw - ok 18:20:03.0444 3272 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys 18:20:03.0454 3272 PEAUTH - ok 18:20:03.0544 3272 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe 18:20:03.0544 3272 PerfHost - ok 18:20:03.0636 3272 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll 18:20:03.0667 3272 pla - ok 18:20:03.0699 3272 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll 18:20:03.0714 3272 PlugPlay - ok 18:20:03.0777 3272 [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll 18:20:03.0777 3272 Pml Driver HPZ12 - ok 18:20:03.0808 3272 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll 18:20:03.0808 3272 PNRPAutoReg - ok 18:20:03.0839 3272 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll 18:20:03.0855 3272 PNRPsvc - ok 18:20:03.0886 3272 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll 18:20:03.0901 3272 PolicyAgent - ok 18:20:03.0933 3272 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll 18:20:03.0933 3272 Power - ok 18:20:03.0979 3272 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys 18:20:03.0979 3272 PptpMiniport - ok 18:20:04.0011 3272 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\DRIVERS\processr.sys 18:20:04.0011 3272 Processor - ok 18:20:04.0057 3272 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll 18:20:04.0057 3272 ProfSvc - ok 18:20:04.0073 3272 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe 18:20:04.0089 3272 ProtectedStorage - ok 18:20:04.0135 3272 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys 18:20:04.0135 3272 Psched - ok 18:20:04.0151 3272 PS_MDP - ok 18:20:04.0213 3272 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys 18:20:04.0245 3272 ql2300 - ok 18:20:04.0260 3272 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys 18:20:04.0260 3272 ql40xx - ok 18:20:04.0276 3272 qvjhtlsp - ok 18:20:04.0307 3272 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll 18:20:04.0323 3272 QWAVE - ok 18:20:04.0338 3272 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys 18:20:04.0338 3272 QWAVEdrv - ok 18:20:04.0369 3272 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys 18:20:04.0369 3272 RasAcd - ok 18:20:04.0385 3272 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys 18:20:04.0385 3272 RasAgileVpn - ok 18:20:04.0416 3272 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll 18:20:04.0416 3272 RasAuto - ok 18:20:04.0463 3272 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys 18:20:04.0463 3272 Rasl2tp - ok 18:20:04.0510 3272 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll 18:20:04.0525 3272 RasMan - ok 18:20:04.0572 3272 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys 18:20:04.0572 3272 RasPppoe - ok 18:20:04.0603 3272 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys 18:20:04.0603 3272 RasSstp - ok 18:20:04.0650 3272 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys 18:20:04.0650 3272 rdbss - ok 18:20:04.0681 3272 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys 18:20:04.0681 3272 rdpbus - ok 18:20:04.0713 3272 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys 18:20:04.0713 3272 RDPCDD - ok 18:20:04.0744 3272 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys 18:20:04.0744 3272 RDPENCDD - ok 18:20:04.0759 3272 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys 18:20:04.0775 3272 RDPREFMP - ok 18:20:04.0806 3272 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys 18:20:04.0806 3272 RDPWD - ok 18:20:04.0837 3272 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys 18:20:04.0853 3272 rdyboost - ok 18:20:04.0853 3272 ReadyComm.DirectRouter - ok 18:20:04.0915 3272 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll 18:20:04.0915 3272 RemoteAccess - ok 18:20:04.0947 3272 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll 18:20:04.0947 3272 RemoteRegistry - ok 18:20:05.0009 3272 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys 18:20:05.0009 3272 RFCOMM - ok 18:20:05.0040 3272 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll 18:20:05.0040 3272 RpcEptMapper - ok 18:20:05.0056 3272 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe 18:20:05.0071 3272 RpcLocator - ok 18:20:05.0103 3272 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\system32\rpcss.dll 18:20:05.0118 3272 RpcSs - ok 18:20:05.0118 3272 rsdrlsnt - ok 18:20:05.0149 3272 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys 18:20:05.0149 3272 rspndr - ok 18:20:05.0212 3272 [ 5AAB4808E8CCAE8C2ECDA5B791260616 ] RSUSBSTOR C:\windows\system32\Drivers\RtsUStor.sys 18:20:05.0212 3272 RSUSBSTOR - ok 18:20:05.0274 3272 [ 3B01789EE4EAEE97F5EB46B711387D5E ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys 18:20:05.0274 3272 RTL8167 - ok 18:20:05.0290 3272 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe 18:20:05.0290 3272 SamSs - ok 18:20:05.0368 3272 [ CDB954C736D51DC5FA712C039AF4F683 ] SbFw C:\windows\system32\drivers\SbFw.sys 18:20:05.0368 3272 SbFw - ok 18:20:05.0415 3272 [ 5DE22E3CB6140213DA2E0599B08D525C ] SBFWIMCL C:\windows\system32\DRIVERS\sbfwim.sys 18:20:05.0430 3272 SBFWIMCL - ok 18:20:05.0446 3272 [ 5DE22E3CB6140213DA2E0599B08D525C ] SBFWIMCLMP C:\windows\system32\DRIVERS\SBFWIM.sys 18:20:05.0446 3272 SBFWIMCLMP - ok 18:20:05.0477 3272 [ A5BC45F8C2F30350E7566799C86B2F5D ] sbhips C:\windows\system32\drivers\sbhips.sys 18:20:05.0493 3272 sbhips - ok 18:20:05.0524 3272 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys 18:20:05.0524 3272 sbp2port - ok 18:20:05.0539 3272 SBRE - ok 18:20:05.0617 3272 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe 18:20:05.0633 3272 SBSDWSCService - ok 18:20:05.0680 3272 [ F9955774A6BF0A5CA696F591C7B80A79 ] SbTis C:\windows\system32\drivers\sbtis.sys 18:20:05.0680 3272 SbTis - ok 18:20:05.0712 3272 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll 18:20:05.0712 3272 SCardSvr - ok 18:20:05.0743 3272 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys 18:20:05.0743 3272 scfilter - ok 18:20:05.0821 3272 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll 18:20:05.0837 3272 Schedule - ok 18:20:05.0868 3272 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll 18:20:05.0868 3272 SCPolicySvc - ok 18:20:05.0962 3272 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll 18:20:05.0962 3272 SDRSVC - ok 18:20:06.0024 3272 [ 16A252022535B680046F6E34E136D378 ] SeaPort C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 18:20:06.0086 3272 SeaPort - ok 18:20:06.0133 3272 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys 18:20:06.0133 3272 secdrv - ok 18:20:06.0164 3272 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll 18:20:06.0164 3272 seclogon - ok 18:20:06.0196 3272 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\system32\sens.dll 18:20:06.0196 3272 SENS - ok 18:20:06.0211 3272 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll 18:20:06.0211 3272 SensrSvc - ok 18:20:06.0227 3272 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\DRIVERS\serenum.sys 18:20:06.0227 3272 Serenum - ok 18:20:06.0274 3272 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\DRIVERS\serial.sys 18:20:06.0274 3272 Serial - ok 18:20:06.0289 3272 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\DRIVERS\sermouse.sys 18:20:06.0289 3272 sermouse - ok 18:20:06.0352 3272 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll 18:20:06.0352 3272 SessionEnv - ok 18:20:06.0383 3272 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys 18:20:06.0383 3272 sffdisk - ok 18:20:06.0398 3272 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys 18:20:06.0398 3272 sffp_mmc - ok 18:20:06.0414 3272 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys 18:20:06.0414 3272 sffp_sd - ok 18:20:06.0445 3272 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys 18:20:06.0445 3272 sfloppy - ok 18:20:06.0492 3272 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll 18:20:06.0508 3272 SharedAccess - ok 18:20:06.0539 3272 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll 18:20:06.0554 3272 ShellHWDetection - ok 18:20:06.0570 3272 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys 18:20:06.0570 3272 SiSRaid2 - ok 18:20:06.0586 3272 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys 18:20:06.0586 3272 SiSRaid4 - ok 18:20:06.0679 3272 [ FF0DB4D9A08864A5C7B67477CD8E3B2A ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe 18:20:06.0835 3272 SkypeUpdate - ok 18:20:06.0882 3272 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys 18:20:06.0882 3272 Smb - ok 18:20:06.0913 3272 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe 18:20:06.0913 3272 SNMPTRAP - ok 18:20:06.0929 3272 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys 18:20:06.0929 3272 spldr - ok 18:20:06.0976 3272 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe 18:20:06.0991 3272 Spooler - ok 18:20:07.0116 3272 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe 18:20:07.0210 3272 sppsvc - ok 18:20:07.0241 3272 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll 18:20:07.0241 3272 sppuinotify - ok 18:20:07.0272 3272 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys 18:20:07.0288 3272 srv - ok 18:20:07.0303 3272 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys 18:20:07.0319 3272 srv2 - ok 18:20:07.0334 3272 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys 18:20:07.0350 3272 srvnet - ok 18:20:07.0381 3272 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll 18:20:07.0397 3272 SSDPSRV - ok 18:20:07.0412 3272 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll 18:20:07.0412 3272 SstpSvc - ok 18:20:07.0444 3272 StarOpen - ok 18:20:07.0490 3272 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\DRIVERS\stexstor.sys 18:20:07.0490 3272 stexstor - ok 18:20:07.0537 3272 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll 18:20:07.0553 3272 stisvc - ok 18:20:07.0568 3272 sujgruth - ok 18:20:07.0600 3272 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\drivers\swenum.sys 18:20:07.0600 3272 swenum - ok 18:20:07.0646 3272 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll 18:20:07.0662 3272 swprv - ok 18:20:07.0740 3272 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll 18:20:07.0771 3272 SysMain - ok 18:20:07.0802 3272 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll 18:20:07.0818 3272 TabletInputService - ok 18:20:07.0849 3272 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll 18:20:07.0865 3272 TapiSrv - ok 18:20:07.0880 3272 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll 18:20:07.0896 3272 TBS - ok 18:20:07.0990 3272 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\windows\system32\drivers\tcpip.sys 18:20:08.0021 3272 Tcpip - ok 18:20:08.0093 3272 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys 18:20:08.0109 3272 TCPIP6 - ok 18:20:08.0140 3272 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys 18:20:08.0140 3272 tcpipreg - ok 18:20:08.0187 3272 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys 18:20:08.0187 3272 TDPIPE - ok 18:20:08.0202 3272 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys 18:20:08.0202 3272 TDTCP - ok 18:20:08.0234 3272 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys 18:20:08.0234 3272 tdx - ok 18:20:08.0249 3272 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\drivers\termdd.sys 18:20:08.0249 3272 TermDD - ok 18:20:08.0296 3272 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll 18:20:08.0312 3272 TermService - ok 18:20:08.0343 3272 [ 48D9D00C2E0E72C3D4F52772C80355F6 ] TFsExDisk C:\windows\System32\Drivers\TFsExDisk.sys 18:20:08.0358 3272 TFsExDisk - ok 18:20:08.0358 3272 tguvpsos - ok 18:20:08.0390 3272 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll 18:20:08.0405 3272 Themes - ok 18:20:08.0421 3272 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll 18:20:08.0436 3272 THREADORDER - ok 18:20:08.0436 3272 tqjrjbxr - ok 18:20:08.0452 3272 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll 18:20:08.0452 3272 TrkWks - ok 18:20:08.0499 3272 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe 18:20:08.0514 3272 TrustedInstaller - ok 18:20:08.0530 3272 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys 18:20:08.0530 3272 tssecsrv - ok 18:20:08.0561 3272 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys 18:20:08.0561 3272 TsUsbFlt - ok 18:20:08.0624 3272 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys 18:20:08.0624 3272 tunnel - ok 18:20:08.0655 3272 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys 18:20:08.0655 3272 uagp35 - ok 18:20:08.0702 3272 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys 18:20:08.0702 3272 udfs - ok 18:20:08.0748 3272 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe 18:20:08.0748 3272 UI0Detect - ok 18:20:08.0764 3272 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys 18:20:08.0764 3272 uliagpkx - ok 18:20:08.0795 3272 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\drivers\umbus.sys 18:20:08.0795 3272 umbus - ok 18:20:08.0826 3272 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\DRIVERS\umpass.sys 18:20:08.0826 3272 UmPass - ok 18:20:08.0967 3272 [ AF905F4966CFC8B973623AB150CD4B2B ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe 18:20:08.0998 3272 UNS - ok 18:20:09.0045 3272 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll 18:20:09.0045 3272 upnphost - ok 18:20:09.0060 3272 upxeydbr - ok 18:20:09.0107 3272 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\windows\system32\Drivers\usbaapl64.sys 18:20:09.0107 3272 USBAAPL64 - ok 18:20:09.0138 3272 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\windows\system32\drivers\usbaudio.sys 18:20:09.0138 3272 usbaudio - ok 18:20:09.0170 3272 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys 18:20:09.0170 3272 usbccgp - ok 18:20:09.0201 3272 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys 18:20:09.0201 3272 usbcir - ok 18:20:09.0232 3272 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\drivers\usbehci.sys 18:20:09.0232 3272 usbehci - ok 18:20:09.0263 3272 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys 18:20:09.0263 3272 usbhub - ok 18:20:09.0310 3272 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\drivers\usbohci.sys 18:20:09.0310 3272 usbohci - ok 18:20:09.0326 3272 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys 18:20:09.0326 3272 usbprint - ok 18:20:09.0372 3272 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys 18:20:09.0372 3272 usbscan - ok 18:20:09.0450 3272 [ F379A62017F92A7D60002D53000DD126 ] usbsmi C:\windows\system32\DRIVERS\SMIksdrv.sys 18:20:09.0466 3272 usbsmi - ok 18:20:09.0482 3272 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS 18:20:09.0482 3272 USBSTOR - ok 18:20:09.0513 3272 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys 18:20:09.0513 3272 usbuhci - ok 18:20:09.0560 3272 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys 18:20:09.0560 3272 usbvideo - ok 18:20:09.0591 3272 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll 18:20:09.0591 3272 UxSms - ok 18:20:09.0622 3272 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe 18:20:09.0622 3272 VaultSvc - ok 18:20:09.0638 3272 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys 18:20:09.0638 3272 vdrvroot - ok 18:20:09.0684 3272 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe 18:20:09.0700 3272 vds - ok 18:20:09.0731 3272 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys 18:20:09.0747 3272 vga - ok 18:20:09.0762 3272 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys 18:20:09.0762 3272 VgaSave - ok 18:20:09.0809 3272 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys 18:20:09.0809 3272 vhdmp - ok 18:20:09.0825 3272 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys 18:20:09.0825 3272 viaide - ok 18:20:09.0856 3272 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys 18:20:09.0856 3272 volmgr - ok 18:20:09.0887 3272 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys 18:20:09.0903 3272 volmgrx - ok 18:20:09.0934 3272 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\windows\system32\drivers\volsnap.sys 18:20:09.0950 3272 volsnap - ok 18:20:09.0981 3272 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys 18:20:09.0981 3272 vsmraid - ok 18:20:10.0059 3272 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe 18:20:10.0090 3272 VSS - ok 18:20:10.0106 3272 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys 18:20:10.0106 3272 vwifibus - ok 18:20:10.0137 3272 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys 18:20:10.0137 3272 vwififlt - ok 18:20:10.0184 3272 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll 18:20:10.0184 3272 W32Time - ok 18:20:10.0199 3272 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys 18:20:10.0215 3272 WacomPen - ok 18:20:10.0246 3272 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys 18:20:10.0246 3272 WANARP - ok 18:20:10.0246 3272 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys 18:20:10.0262 3272 Wanarpv6 - ok 18:20:10.0340 3272 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe 18:20:10.0371 3272 wbengine - ok 18:20:10.0402 3272 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll 18:20:10.0418 3272 WbioSrvc - ok 18:20:10.0449 3272 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll 18:20:10.0464 3272 wcncsvc - ok 18:20:10.0480 3272 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll 18:20:10.0480 3272 WcsPlugInService - ok 18:20:10.0511 3272 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\DRIVERS\wd.sys 18:20:10.0511 3272 Wd - ok 18:20:10.0542 3272 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys 18:20:10.0558 3272 Wdf01000 - ok 18:20:10.0574 3272 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll 18:20:10.0589 3272 WdiServiceHost - ok 18:20:10.0589 3272 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll 18:20:10.0605 3272 WdiSystemHost - ok 18:20:10.0640 3272 [ 2A444ACF7DD446505BCC801F8F6AE5FD ] wdmirror C:\windows\system32\DRIVERS\WDMirror.sys 18:20:10.0640 3272 wdmirror - ok 18:20:10.0690 3272 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll 18:20:10.0700 3272 WebClient - ok 18:20:10.0730 3272 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll 18:20:10.0740 3272 Wecsvc - ok 18:20:10.0760 3272 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll 18:20:10.0770 3272 wercplsupport - ok 18:20:10.0796 3272 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll 18:20:10.0796 3272 WerSvc - ok 18:20:10.0858 3272 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys 18:20:10.0858 3272 WfpLwf - ok 18:20:10.0905 3272 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\windows\system32\DRIVERS\wimfltr.sys 18:20:10.0905 3272 WimFltr - ok 18:20:10.0936 3272 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys 18:20:10.0936 3272 WIMMount - ok 18:20:10.0952 3272 WinDefend - ok 18:20:10.0968 3272 WinHttpAutoProxySvc - ok 18:20:11.0030 3272 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll 18:20:11.0030 3272 Winmgmt - ok 18:20:11.0124 3272 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll 18:20:11.0155 3272 WinRM - ok 18:20:11.0217 3272 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys 18:20:11.0217 3272 WinUsb - ok 18:20:11.0248 3272 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll 18:20:11.0280 3272 Wlansvc - ok 18:20:11.0420 3272 [ 357CABBF155AFD1D3926E62539D2A3A7 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 18:20:11.0451 3272 wlidsvc - ok 18:20:11.0498 3272 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys 18:20:11.0498 3272 WmiAcpi - ok 18:20:11.0529 3272 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe 18:20:11.0545 3272 wmiApSrv - ok 18:20:11.0576 3272 WMPNetworkSvc - ok 18:20:11.0607 3272 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll 18:20:11.0607 3272 WPCSvc - ok 18:20:11.0638 3272 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll 18:20:11.0638 3272 WPDBusEnum - ok 18:20:11.0685 3272 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys 18:20:11.0685 3272 ws2ifsl - ok 18:20:11.0716 3272 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\windows\system32\wscsvc.dll 18:20:11.0732 3272 wscsvc - ok 18:20:11.0732 3272 WSearch - ok 18:20:11.0779 3272 [ 83575C43B2BFE9AB0661A7F957E843C0 ] wsvd C:\windows\system32\DRIVERS\wsvd.sys 18:20:11.0794 3272 wsvd - ok 18:20:11.0888 3272 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll 18:20:11.0935 3272 wuauserv - ok 18:20:11.0966 3272 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\windows\system32\drivers\WudfPf.sys 18:20:11.0982 3272 WudfPf - ok 18:20:12.0013 3272 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys 18:20:12.0013 3272 WUDFRd - ok 18:20:12.0044 3272 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\windows\System32\WUDFSvc.dll 18:20:12.0044 3272 wudfsvc - ok 18:20:12.0075 3272 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll 18:20:12.0091 3272 WwanSvc - ok 18:20:12.0122 3272 ================ Scan global =============================== 18:20:12.0153 3272 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll 18:20:12.0200 3272 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\windows\system32\winsrv.dll 18:20:12.0216 3272 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\windows\system32\winsrv.dll 18:20:12.0247 3272 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll 18:20:12.0278 3272 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe 18:20:12.0294 3272 [Global] - ok 18:20:12.0294 3272 ================ Scan MBR ================================== 18:20:12.0309 3272 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 18:20:12.0528 3272 \Device\Harddisk0\DR0 - ok 18:20:12.0528 3272 ================ Scan VBR ================================== 18:20:12.0528 3272 [ 7CCB044C7E6964773CAA3EAB6719A790 ] \Device\Harddisk0\DR0\Partition1 18:20:12.0528 3272 \Device\Harddisk0\DR0\Partition1 - ok 18:20:12.0543 3272 [ 14CE666E094802C52B4BEAC4F4B3460C ] \Device\Harddisk0\DR0\Partition2 18:20:12.0543 3272 \Device\Harddisk0\DR0\Partition2 - ok 18:20:12.0574 3272 [ D4CF8F75105FD1FA657F497F50BC7577 ] \Device\Harddisk0\DR0\Partition3 18:20:12.0590 3272 \Device\Harddisk0\DR0\Partition3 - ok 18:20:12.0590 3272 ============================================================ 18:20:12.0590 3272 Scan finished 18:20:12.0590 3272 ============================================================ 18:20:12.0606 4196 Detected object count: 0 18:20:12.0606 4196 Actual detected object count: 0 18:30:44.0415 4580 Deinitialize success |
|
19.02.2013, 12:31
| #11 |
| /// Malware-holic | laptop auf einmal langsam bitte prüfe die Bilder von der Anleitung und scanne noch mal.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
| Themen zu laptop auf einmal langsam |
| auf einmal, glaube, langsam, laptop, lüfter, plötzlich |
Linear-Darstellung
