Ungewollte Popups — CHIP-Forum
Ungewollte popups.
Hilfe bei Problemen mit Viren, Trojanern, Würmern, Spyware, Adware und sonstigen Schädlingen. Bitte bei Schädlingsverdacht vor dem Einstellen des Eröffnungsbeitrags Punkt A - D a) der Ersten Hilfe bei Infektionen beachten! Bis zur endgültigen Analyse weder voreilig etwas löschen, noch Antivirenprogramme, etc. installieren, da diese die Analyse stark beeint.
Hallo, Fremder!
Anscheinend sind Sie neu hier. Um zu beginnen, melden Sie sich an oder registrieren sich.
Quick-Links.
Kategorien.
Ungewollte popups.
seit ein paar Tagen bekomme ich bei einigen Seiten immer so etwas wie ein PopUp, welches aber leer ist. Ich kann es wegklicken, es nervt aber und soll ja auch nicht sein. Ich benutze Windows 7. Für Adblock plus habe ich neue Filter aboniert. Ohne Wirkung. Ich würde jetzt gerne ein Log einstellen und darauf hoffen, dass jemand einen Fehler erkennt und mir eine Lösung mitteilt.
OTL Extras logfile created on: 02.09.2013 21:23:18 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\ux31\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16660) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy.
3.90 Gb Total Physical Memory | 2.10 Gb Available Physical Memory | 53.80% Memory free 7.81 Gb Paging File | 5.74 Gb Available in Paging File | 73.53% Paging File free Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 222.47 Gb Total Space | 136.83 Gb Free Space | 61.50% Space Free | Partition Type: NTFS.
Computer Name: UX31-PC | User Name: ux31 | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days.
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithRMP] -- "C:\Users\ux31\AppData\Local\Rich Media Player\rmplayer.exe" "%1" (Radiocom) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\ [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [PlayWithRMP] -- "C:\Users\ux31\AppData\Local\Rich Media Player\rmplayer.exe" "%1" (Radiocom) Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\ [OpenHomePage] -- Reg Error: Value error.
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1.
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0.
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1.
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] " " = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | " " = lport=139 | protocol=6 | dir=in | app=system | " " = rport=445 | protocol=6 | dir=out | app=system | " " = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe | " " = lport=445 | protocol=6 | dir=in | app=system | " " = rport=137 | protocol=17 | dir=out | app=system | " " = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | " " = rport=139 | protocol=6 | dir=out | app=system | " " = rport=138 | protocol=17 | dir=out | app=system | " " = lport=10243 | protocol=6 | dir=in | app=system | " " = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | " " = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | " " = rport=10243 | protocol=6 | dir=out | app=system | " " = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | " " = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | " " = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | " " = lport=137 | protocol=17 | dir=in | app=system | " " = lport=2869 | protocol=6 | dir=in | app=system | " " = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | " " = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | " " = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | " " = lport=138 | protocol=17 | dir=in | app=system | " " = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | " " = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] " " = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | " " = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | " " = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | " " = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | " " = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | " " = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | " " = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | " " = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe | " " = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | " " = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | " " = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | " " = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | " " = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe | " " = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | " " = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | " " = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | " " = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | " " = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | " " = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | " " = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | " " = dir=in | app=c:\program files (x86)\itunes\itunes.exe | " " = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | " " = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | " " = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | " " = protocol=6 | dir=out | app=system | " " = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | " " = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | " " = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | " " = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | " " = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | "TCP Query User C:\program files (x86)\free download manager\fdmwi.exe" = protocol=6 | dir=in | app=c:\program files (x86)\free download manager\fdmwi.exe | "UDP Query User C:\program files (x86)\free download manager\fdmwi.exe" = protocol=17 | dir=in | app=c:\program files (x86)\free download manager\fdmwi.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] " " = Fresco Logic USB3.0 Host Controller " " = Microsoft .NET Framework 4 Client Profile DEU Language Pack " " = Windows Live Family Safety " " = iTunes " " = Windows Live Language Selector " " = Windows Live ID Sign-in Assistant " " = Windows Live Family Safety " " = Bluetooth Win7 Suite (64) " " = 7-Zip 9.20 (x64 edition) " " = Java 7 Update 7 (64-bit) " " = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 " " = Windows Live Family Safety " " = Windows Live Remote Service Resources " " = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 " " = Windows Live Remote Service Resources " " = Windows Live Remote Service Resources " " = Windows Live Remote Service Resources " " = Microsoft Visual C++ 2005 Redistributable (x64) " " = Bonjour " " = Apple Mobile Device Support " " = ASUS Secure Delete " " = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 " " = Windows Live Remote Client Resources " " = Windows Live Remote Client Resources " " = Microsoft Silverlight " " = Microsoft Office Office 64-bit Components 2010 " " = Microsoft Office Shared 64-bit MUI (English) 2010 " " = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 " " = Microsoft Application Error Reporting " " = ASUS Power4Gear Hybrid " " = Microsoft Visual C++ 2005 Redistributable (x64) " " = Windows Live Remote Client Resources " " = Intel(R) Turbo Boost Technology Monitor 2.0 " " = Windows Live Remote Client Resources " " = Windows Live Family Safety " " = Windows Live Remote Client Resources " " = Windows Live Remote Service Resources " " = Windows Live MIME IFilter " " = Windows Live Remote Client " " = Windows Live Family Safety " " = Windows Live Remote Service " " = Windows Live Family Safety " " = Microsoft .NET Framework 4 Client Profile "Elantech" = ETDWare PS/2-X64 10.0.5.2_WHQL "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "Unlocker" = Unlocker 1.9.1-x64 "VLC media player" = VLC media player 2.0.6.
Kommentare.
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.18 "PiccShare" = PiccShare.
========== Last 20 Event Log Errors ==========
[ Application Events ] Error - 07.08.2013 14:14:12 | Computer Name = ux31-PC | Source = Bonjour Service | > Description = Task Scheduling Error: m->NextScheduledEvent 4290.
Error - 07.08.2013 14:14:12 | Computer Name = ux31-PC | Source = Bonjour Service | > Description = Task Scheduling Error: m->NextScheduledSPRetry 4290.
Error - 07.08.2013 14:14:15 | Computer Name = ux31-PC | Source = Bonjour Service | > Description = Task Scheduling Error: Continuously busy for more than a second.
Error - 07.08.2013 14:14:15 | Computer Name = ux31-PC | Source = Bonjour Service | > Description = Task Scheduling Error: m->NextScheduledEvent 8018.
Error - 07.08.2013 14:14:15 | Computer Name = ux31-PC | Source = Bonjour Service | > Description = Task Scheduling Error: m->NextScheduledSPRetry 8018.
Error - 11.08.2013 13:54:44 | Computer Name = ux31-PC | Source = Bonjour Service | > Description = Task Scheduling Error: Continuously busy for more than a second.
Error - 11.08.2013 13:54:44 | Computer Name = ux31-PC | Source = Bonjour Service | > Description = Task Scheduling Error: m->NextScheduledEvent 18203102.
Error - 11.08.2013 13:54:44 | Computer Name = ux31-PC | Source = Bonjour Service | > Description = Task Scheduling Error: m->NextScheduledSPRetry 18203102.
Error - 13.08.2013 16:23:24 | Computer Name = ux31-PC | Source = Application Hang | > Description = Programm iTunes.exe, Version 10.7.0.21 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: e04 Startzeit: 01ce984e86f803d5 Endzeit: 20 Anwendungspfad: C:\Program Files (x86)\iTunes\iTunes.exe.
Error - 14.08.2013 13:10:30 | Computer Name = ux31-PC | Source = Application Error | > Description = Name der fehlerhaften Anwendung: iTunes.exe, Version: 10.7.0.21, Zeitstempel: 0x504d85d9 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00000000 ID des fehlerhaften Prozesses: 0x9bc Startzeit der fehlerhaften Anwendung: 0x01ce98f3b5fce8b4 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\iTunes\iTunes.exe Pfad des fehlerhaften Moduls: unknown Berichtskennung: 6b6dfe34-0504-11e3-a9e3-e0b9a5d24d0c.
[ System Events ] Error - 02.07.2013 18:28:49 | Computer Name = ux31-PC | Source = Microsoft-Windows-LanguagePackSetup | > Description = Das Sprachpaket für fr-FR kann von CBS nicht entfernt werden. Zurückgegebener CBS-Fehlercode: 0x8000ffff.
Error - 02.07.2013 18:28:55 | Computer Name = ux31-PC | Source = Microsoft-Windows-LanguagePackSetup | > Description = CBS-Fehler 0x8000ffff bei Verwendung des Benutzeroberflächen-Sprachpakets für it-IT.
Error - 02.07.2013 18:28:55 | Computer Name = ux31-PC | Source = Microsoft-Windows-LanguagePackSetup | > Description = Das Sprachpaket für it-IT kann von CBS nicht entfernt werden. Zurückgegebener CBS-Fehlercode: 0x8000ffff.
Error - 02.07.2013 18:29:02 | Computer Name = ux31-PC | Source = Microsoft-Windows-LanguagePackSetup | > Description = CBS-Fehler 0x8000ffff bei Verwendung des Benutzeroberflächen-Sprachpakets für nl-NL.
Error - 02.07.2013 18:29:02 | Computer Name = ux31-PC | Source = Microsoft-Windows-LanguagePackSetup | > Description = Das Sprachpaket für nl-NL kann von CBS nicht entfernt werden. Zurückgegebener CBS-Fehlercode: 0x8000ffff.
Error - 03.07.2013 14:54:48 | Computer Name = ux31-PC | Source = DCOM | > Description =
Error - 04.07.2013 13:36:02 | Computer Name = ux31-PC | Source = DCOM | > Description =
Error - 04.07.2013 13:36:02 | Computer Name = ux31-PC | Source = Microsoft-Windows-LanguagePackSetup | > Description = Fehler bei der CBS-Clientinitialisierung. Letzter Fehler: 0x80080005.
Error - 07.07.2013 14:36:03 | Computer Name = ux31-PC | Source = DCOM | > Description =
Error - 08.07.2013 03:43:20 | Computer Name = ux31-PC | Source = DCOM | > Description =
OTL logfile created on: 02.09.2013 21:23:18 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\ux31\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16660) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy.
3.90 Gb Total Physical Memory | 2.10 Gb Available Physical Memory | 53.80% Memory free 7.81 Gb Paging File | 5.74 Gb Available in Paging File | 73.53% Paging File free Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 222.47 Gb Total Space | 136.83 Gb Free Space | 61.50% Space Free | Partition Type: NTFS.
Computer Name: UX31-PC | User Name: ux31 | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days.
PRC - [2013.09.02 21:22:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\ux31\Downloads\OTL.exe PRC - [2013.08.17 23:50:33 | 000,276,376 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2013.07.19 20:42:52 | 000,084,024 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe PRC - [2013.07.19 20:42:35 | 000,345,144 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe PRC - [2013.07.19 20:42:35 | 000,108,088 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe PRC - [2013.07.19 16:26:21 | 000,217,992 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe PRC - [2013.05.22 20:50:40 | 000,400,704 | ---- | M] () -- C:\Users\ux31\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe PRC - [2013.03.25 22:33:42 | 000,151,552 | ---- | M] () -- C:\Windows\KMService.exe PRC - [2013.03.25 22:33:42 | 000,008,192 | ---- | M] () -- C:\Windows\SysWOW64\srvany.exe PRC - [2011.10.04 21:14:10 | 000,082,944 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\Splendid\ACMON.exe PRC - [2011.10.04 21:14:06 | 000,155,648 | ---- | M] (ASUSTeK) -- C:\Windows\SysWOW64\ACEngSvr.exe PRC - [2011.10.04 03:09:38 | 000,100,992 | ---- | M] (ASUS) -- C:\Program Files (x86)\Common Files\InstantOn\InsOnWMI.exe PRC - [2011.10.04 00:17:40 | 000,166,528 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe PRC - [2011.10.03 20:45:58 | 000,375,424 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe PRC - [2011.09.29 19:41:06 | 000,092,800 | ---- | M] (ASUS) -- C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe PRC - [2011.09.09 07:10:06 | 002,317,312 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe PRC - [2011.08.02 23:31:22 | 000,146,592 | ---- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe PRC - [2011.07.22 00:49:10 | 005,716,608 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe PRC - [2011.06.30 01:16:10 | 000,503,728 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe PRC - [2010.12.21 03:24:38 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2010.12.21 03:24:36 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2010.10.07 23:05:14 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe PRC - [2009.12.15 19:39:38 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe PRC - [2009.06.19 19:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe PRC - [2009.06.19 19:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe PRC - [2009.06.16 02:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe PRC - [2008.12.23 02:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe PRC - [2008.08.14 06:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe.
MOD - [2013.08.17 23:50:32 | 003,551,640 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll MOD - [2013.05.22 20:50:40 | 000,400,704 | ---- | M] () -- C:\Users\ux31\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe MOD - [2011.10.04 21:14:06 | 000,009,216 | ---- | M] () -- C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll MOD - [2011.09.09 07:10:06 | 001,163,264 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll MOD - [2011.03.17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf MOD - [2011.03.17 00:11:16 | 004,297,568 | ---- | M] () -- C:\PROGRA.
1\OFFICE14\Cultures\office.odf MOD - [2010.10.20 15:45:26 | 008,801,120 | ---- | M] () -- C:\PROGRA.
SRV: 64bit: - [2013.05.27 07:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend) SRV: 64bit: - [2010.11.30 00:00:56 | 000,149,504 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost) SRV: 64bit: - [2010.09.23 03:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV - [2013.08.17 23:50:32 | 000,117,656 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013.07.30 19:22:16 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013.07.19 20:42:52 | 000,084,024 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) SRV - [2013.07.19 20:42:35 | 000,108,088 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) SRV - [2013.03.25 22:33:42 | 000,008,192 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\srvany.exe -- (KMService) SRV - [2011.09.29 19:41:06 | 000,092,800 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe -- (ASUS InstantOn) SRV - [2011.08.02 23:31:22 | 000,146,592 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (Atheros Bt&Wlan Coex Agent) SRV - [2011.08.02 23:13:24 | 000,103,584 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe -- (AtherosSvc) SRV - [2010.12.21 03:24:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2010.12.21 03:24:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009.12.15 19:39:38 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv) SRV - [2009.06.16 02:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
DRV: 64bit: - [2013.03.31 20:55:28 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb) DRV: 64bit: - [2013.03.31 20:55:28 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt) DRV: 64bit: - [2013.03.31 20:55:28 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr) DRV: 64bit: - [2013.03.15 16:00:06 | 000,633,680 | ---- | M] (Paragon) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\Uim_IMx64.sys -- (Uim_IM) DRV: 64bit: - [2013.03.15 16:00:06 | 000,390,352 | ---- | M] (Paragon) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\uim_vimx64.sys -- (Uim_VIM) DRV: 64bit: Binary Options - [2013.03.15 16:00:06 | 000,090,960 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\uimx64.sys -- (UimBus) DRV: 64bit: - [2012.08.21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV: 64bit: - [2012.07.09 14:42:54 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV: 64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV: 64bit: - [2011.11.03 18:09:48 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) DRV: 64bit: - [2011.11.03 18:09:22 | 012,310,112 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV: 64bit: - [2011.10.18 19:47:12 | 000,198,448 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD) DRV: 64bit: - [2011.10.17 07:29:08 | 000,202,496 | ---- | M] (Fresco Logic) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FLxHCIc.sys -- (FLxHCIc) DRV: 64bit: - [2011.10.17 07:29:08 | 000,069,888 | ---- | M] (Fresco Logic) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FLxHCIh.sys -- (FLxHCIh) DRV: 64bit: - [2011.10.04 08:49:32 | 002,770,944 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV: 64bit: - [2011.08.29 07:46:00 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV: 64bit: - [2011.08.29 07:46:00 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV: 64bit: - [2011.08.02 23:22:52 | 000,511,136 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter) DRV: 64bit: - [2011.08.02 23:22:06 | 000,280,992 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP) DRV: 64bit: - [2011.08.02 23:21:50 | 000,068,256 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT) DRV: 64bit: - [2011.08.02 23:21:20 | 000,167,584 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP) DRV: https://po.cash/smart/j9ibcsayjqdbe7 64bit: - [2011.08.02 23:21:04 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort) DRV: 64bit: - [2011.08.02 23:20:50 | 000,030,368 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS) DRV: 64bit: - [2011.08.02 23:20:34 | 000,110,240 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt) DRV: 64bit: - [2011.08.02 23:20:18 | 000,330,912 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP) DRV: binary options 64bit: - [2011.05.14 00:37:54 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr) DRV: 64bit: - [2011.04.26 05:07:36 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV: 64bit: - [2011.03.15 12:09:16 | 000,311,400 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtsuvstor.sys -- (RSUSBVSTOR) DRV: 64bit: - [2011.02.26 02:42:18 | 000,016,768 | ---- | M] (ASUSTek Computer Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AiCharger.sys -- (AiCharger) DRV: 64bit: - [2010.11.30 00:00:04 | 000,016,120 | ---- | M] (Intel(R) Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB) DRV: 64bit: - [2010.11.20 15:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV: 64bit: - [2010.11.20 13:07:06 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV: 64bit: - [2010.11.20 13:07:06 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD) DRV: 64bit: - [2010.10.20 01:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) DRV: 64bit: - [2010.07.01 19:11:24 | 000,012,352 | ---- | M] () [Kernel | "Start" not found. | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5) DRV: 64bit: - [2010.04.28 18:59:16 | 000,027,264 | ---- | M] (ASUS Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\assd.sys -- (assd) DRV: 64bit: - [2009.07.20 11:29:40 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr) DRV: 64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV: 64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV: 64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV: 64bit: - [2009.06.10 22:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH) DRV: 64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV: 64bit: binary options - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV: 64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV: 64bit: - [2009.06.10 22:34:18 | 000,057,344 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C) DRV: 64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV: 64bit: - [2008.05.24 02:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr) DRV - [2011.09.07 18:55:04 | 000,017,536 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2009.07.03 02:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com/ IE - HKCU\..\SearchScopes,DefaultScope = IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local.
ist nicht gut, wenn man Support will.
kriegs wg. der vielen Zeichen nicht hin. Versuche es morgen noch einmal, der Kleine weint :-(
verstehe nur Bahnhof. Was ist nicht gut, wenn man support will?
. musss jetzt weg. -?
Mit "Support" ist die Hilfestellung hier gemeint ;-)
ups :O! Ob Ihr es glaubt oder nicht. Ich wusste nicht einmal, dass office auf dem Rechner ist. Hatte vor Kurzem Besuch aus Spanien, der mir meinen Rechner "flott" gemacht hat. Er hatte dann auch gleich "Office" installiert (habe ihn angerufen und mal nachgefragt). Ich nutze "open office" , und das nur selten, weil ich word, usw. fast ausschließlich auf der Arbeit im Büro nutze.Das Microsoft office ist offensichtlich auch nur auf englisch installiert. Also, lange Rede kurzer Sinn: Ich werde das Programm deinstallieren und dann erneut einen Scan durchführe. Wäre das in Ordnung?
OTL logfile created on: 13.09.2013 11:54:34 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\ux31\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16660) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy.
3.90 Gb Total Physical Memory | 2.11 Gb Available Physical Memory | 54.00% Memory free 7.81 Gb Paging File | 5.81 Gb Available in Paging File | 74.46% Paging File free Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 222.47 Gb Total Space | 144.15 Gb Free Space | 64.79% Space Free | Partition Type: NTFS.
Computer Name: UX31-PC | User Name: ux31 | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days.