Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Rechner lahmt kann wer was finden?

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 20.04.2015, 21:21   #1
Rick84
 
Rechner lahmt kann wer was finden? - Standard

Rechner lahmt kann wer was finden?



Hey seit ein paar Tagen ist er gefühlt sehr langsam stellenweise im Task Manager 100% Datenträgerauslastung.

Danke für die Hilfe

Extras:

OTL Extras logfile created on: 20.04.2015 21:48:51 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Rick\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17239)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

7,94 Gb Total Physical Memory | 2,41 Gb Available Physical Memory | 30,39% Memory free
9,19 Gb Paging File | 3,22 Gb Available in Paging File | 35,04% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 150,00 Gb Total Space | 84,23 Gb Free Space | 56,15% Space Free | Partition Type: NTFS
Drive D: | 764,71 Gb Total Space | 651,54 Gb Free Space | 85,20% Space Free | Partition Type: NTFS

Computer Name: RICKS | User Name: Rick | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3412733107-315020943-3521016687-1002\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = AC 1C AE C5 46 9F CE 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0A90B18D-039A-4C6C-9E80-64596C626D89}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{11ADF815-5956-4713-84E6-798D67A184B1}" = lport=137 | protocol=17 | dir=in | app=system |
"{1265C881-639B-443B-A658-6C97A720947B}" = rport=10243 | protocol=6 | dir=out | app=system |
"{15D1F4D3-E4B6-401C-A1E0-5E87EAF5C4F6}" = lport=138 | protocol=17 | dir=in | app=system |
"{17CF216D-5CF6-4E1D-A015-C82C8A325DA0}" = rport=139 | protocol=6 | dir=out | app=system |
"{2197EC88-B153-4E97-B73D-1E6556A75E63}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{26141E1D-D4E6-4251-94EB-C0D41B94DB53}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{3512AA38-E322-474B-8A5E-1F4945B3D26F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{379E2E5F-F321-41E6-95C1-1755C2B96214}" = lport=445 | protocol=6 | dir=in | app=system |
"{37E597CF-0757-43FF-A470-225DB2C183BB}" = lport=139 | protocol=6 | dir=in | app=system |
"{4AC1304F-01AE-4132-8DD6-3F6216B3BE32}" = lport=10243 | protocol=6 | dir=in | app=system |
"{4B3AEC47-109F-430A-BC12-1BB891D7AAEE}" = rport=138 | protocol=17 | dir=out | app=system |
"{4F2A7788-B080-4F83-92E6-FDAB1BA107D5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{63575BFC-8665-4D03-9453-145AE88F489A}" = rport=445 | protocol=6 | dir=out | app=system |
"{67C89036-0096-491D-A16F-707A1A445D53}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office 15\root\office15\outlook.exe |
"{69142D8E-15DE-4622-AC92-E488FF51748B}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{69D284D6-1487-45AD-8CE9-2FBE89306392}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7184F69E-E46F-4664-9869-AF2FCEB523B2}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7FFFD92C-E18D-4385-BA4C-4A824FAFC2C8}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8739F5F8-E006-41EE-8ED7-E61928B33F51}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8746658B-7C39-4F93-822A-8DC695521034}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8E61CD52-C6CA-48B1-8B14-58543D5B43FA}" = lport=47984 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamnetworkservice.exe |
"{8F74C595-A28F-4DE9-BFCA-08EAC604042F}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{A6620C53-34D5-4DA6-9EC4-85ED7D2C293F}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{BA9F08E9-7F15-42B3-AA5D-35ECF11AA6E7}" = rport=137 | protocol=17 | dir=out | app=system |
"{C0BCAC7D-67FE-4F91-B015-2AD7BF073FDA}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{CBC1B201-CC19-4950-A3D9-2B9833703599}" = lport=2869 | protocol=6 | dir=in | app=system |
"{E2CABE8C-8572-4647-A078-38107CE25768}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamnetworkservice.exe |
"{E3A5E8B6-787D-4FD1-956C-C047771267FA}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{F2DF220C-3667-422A-8697-0D996825297A}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{F44175CE-2084-4C2A-8CDF-2FB742406529}" = lport=47995 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{009CF898-66D5-43E4-9049-1BC6680608DF}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3478\agent.exe |
"{01930628-897C-45FF-82ED-C5F4C74C24F2}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3689\agent.exe |
"{0200DA03-FFBA-43A4-993D-E87CBCBC43C9}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3334\agent.exe |
"{0962EAC3-1903-40B3-B99C-F2851448F8CB}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{0A307558-5B58-4684-85B9-D5DA3E3BD4FD}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"{0BF76237-4036-4FF0-8F90-026C4D445E86}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3109\agent.exe |
"{0C8FEC9F-BE6C-4EFB-BF9A-EFF46BCDE09C}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3286\agent.exe |
"{0D128DDD-51D7-4BAE-A2C9-3F0D6E2BD09B}" = dir=in | name=@{magix.musicmakerjam_2.1.1032.2_x64__a2t3txkz9j1jw?ms-resource://magix.musicmakerjam/resources/app_name} |
"{106B45D5-5AC7-455E-8ACB-9717A51973BB}" = protocol=6 | dir=in | app=d:\wow\diablo iii\diablo iii.exe |
"{108B1E39-2A6C-46BF-8378-7D8AD4EE3E2D}" = protocol=6 | dir=in | app=c:\programdata\pennybee\pennybee.exe |
"{13665D91-6073-4C2B-B389-2E6125765A0F}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{13F1B5D8-488D-4F4B-98A9-47D6DB02B173}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{14F25FEA-396D-4C0B-99AB-9D0226AD1B6C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{1838B03D-1B3A-4787-8F28-6BD8AE38D833}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1A173CAA-8CBE-438F-9D75-5527367687EF}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.2880\agent.exe |
"{1BAD347B-BA5E-49E5-98F3-7EB29A9B41A9}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3323\agent.exe |
"{1EFCA9CB-D7F0-4968-8F1F-A3ADA10D2714}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{20BAFBD0-02F9-4959-81CB-FA7B99241AA0}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\call of duty black ops\blackopsmp.exe |
"{22B1E0E5-F571-422E-A0F5-8121A5A5AA52}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeexp.exe |
"{23C3CA1F-E198-4210-A276-80D809A3D956}" = protocol=6 | dir=in | app=d:\steam\bin\steamwebhelper.exe |
"{2504520A-F804-4676-9BDC-AE154F36BDC1}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3372\agent.exe |
"{27282CEE-B544-4567-BFF4-8DB88F9F6304}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3023\agent.exe |
"{2970E836-94D7-4EE8-9021-EC0B1CF44A06}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3507\agent.exe |
"{2C3EA296-2901-4186-BC03-D4E46BA20C4E}" = protocol=6 | dir=in | app=c:\programdata\pennybee\pennybee.exe |
"{2CCEA927-F053-4536-B0A2-5B8ECFEFAFA2}" = dir=out | name=@{microsoft.zunemusic_2.6.672.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{2E56319E-9A64-4F79-8EA6-3DB4B23D22EE}" = protocol=6 | dir=in | app=d:\wow\battle.net\battle.net.exe |
"{2F0D6A57-2BB1-4D49-BD1A-A616161789B7}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{2F271EF2-DD1C-4E63-9FD4-97925198B421}" = dir=out | name=asus webstorage |
"{2FD76D0A-647A-4158-A323-93E7CA198A2A}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3182\agent.exe |
"{33955E69-D7FD-4848-B12E-104B9AD3BBBA}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.4.309_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{394AAF3C-CFD2-4C17-B100-625E49A2641C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3AD99FB6-303E-43AC-9F76-266C0D7BED55}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{3AF152F0-92CD-4C61-B7ED-C3E6FFF32C28}" = dir=out | name=fingertapps instruments recommended by asus |
"{3D5908F5-6E5A-48CC-A3D9-839D52738E6B}" = dir=out | name=dropbox |
"{3FA2B474-92E5-4165-B136-A4E66AFADD26}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3507\agent.exe |
"{3FD2D95E-6683-4C6B-88D7-47930E046497}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn |
"{445EBCBD-9149-4167-B4CE-4398D9457E81}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeexp.exe |
"{45FFD0BC-3722-4082-A782-0DB91A85B07F}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3507\agent.exe |
"{4A60C89D-B97E-416D-8B7F-A83E2C7437ED}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3478\agent.exe |
"{4BB66E9F-8A9C-4E3F-B91E-4E14C2C54F97}" = protocol=17 | dir=in | app=d:\wow\diablo iii\diablo iii.exe |
"{4D2CF1A2-FE60-47E0-8FFC-9A96022C1128}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.2880\agent.exe |
"{4FA8A8BC-115A-4833-85B8-70234285459F}" = dir=in | name=asus webstorage |
"{50BDE0CF-E37A-4593-A1D7-8BAC9A913096}" = dir=in | app=c:\programdata\pennybee\pennybee.exe |
"{51F8BC3C-F5CF-4218-BF1A-63B60E1EE471}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3427\agent.exe |
"{528259CE-4C3E-4BBA-AEB8-F5728DF5096A}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3332\agent.exe |
"{528397E7-A0F2-43E8-841B-7CA9CC6B217C}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3147\agent.exe |
"{54016AF2-739A-46C7-982A-3A6FD814CB71}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3526\agent.exe |
"{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{54C17FD8-6818-4712-AFAE-025A3103C89B}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect |
"{5621C1D8-1979-418D-B4BB-156B84FCA6CF}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3235\agent.exe |
"{56B1A878-15CB-4912-927E-D3F5F217EDA9}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20540_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{581DD765-B218-4D92-B606-B70A766C4AF1}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.4.313_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{5A12722E-1539-4DAE-A720-2F37CF878ABF}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\call of duty black ops\blackopsmp.exe |
"{5A3052CD-2CEF-46EE-979D-FA5792952C1C}" = dir=out | name=onenote |
"{5D0D63A4-258B-48D9-8D6B-01F54BBE2A3F}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3235\agent.exe |
"{5F2BD161-85E9-4C60-A6EA-29D6C998E09E}" = dir=in | name=vlc for windows 8 |
"{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect |
"{64032C9C-C6ED-4C3B-8718-CF325E1B8BC0}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{69EF80DB-F223-4BB0-8DEA-13BEFA43F68D}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20540_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{69F32272-2648-49D3-BE80-CEFCFA287DCC}" = dir=in | name=mcafee® central for asus |
"{6C2345B3-E376-48E0-A62B-38084D07487A}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3427\agent.exe |
"{7420FB00-07B6-421B-992A-E93C827B69A1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{74F60A17-A22D-442F-A0DE-CB69E3844BC6}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3286\agent.exe |
"{768A4DC3-DE37-4869-A925-DD7E79DEF373}" = dir=out | name=@{microsoft.bingfinance_3.0.4.298_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/brandedapptitle} |
"{78BB6A46-9601-429D-8416-3A0F9703967D}" = dir=out | name=@{microsoft.zunevideo_2.6.434.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{7BAA946A-9C07-4312-83F1-8439C4597B1D}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"{7C2C87EE-D8C4-49EF-8702-59B55D4D0731}" = protocol=6 | dir=in | app=d:\steam\steam.exe |
"{7C8187B9-7A5C-4F3F-96EF-DF5206890923}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3235\agent.exe |
"{7D5E1A44-2816-48C2-A379-E8F4CB982916}" = dir=out | name=mcafee® central for asus |
"{7EA8DD0E-3700-4320-BAD9-88BB21DF648A}" = protocol=17 | dir=in | app=c:\programdata\pennybee\pennybee.exe |
"{7ED1DAC9-E5FB-4215-8385-AA3BDCA0E4B1}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeenc2.exe |
"{7F4D4026-95BC-408E-B84F-873D9579B486}" = dir=out | name=@{microsoft.bingnews_3.0.4.268_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/brandedapptitle} |
"{85D20337-CDA7-4BFD-9497-2514AC2FBFDC}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3147\agent.exe |
"{88E17684-CE26-4007-A801-A20A4F8661D4}" = dir=out | name=windows_ie_ac_001 |
"{8B13F579-0F20-40EB-9AC7-C0F29CE9D851}" = protocol=6 | dir=out | app=system |
"{8E7C6776-1058-413D-A482-C80F33027EA9}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3182\agent.exe |
"{8EB97301-99C8-4325-8A10-2B098A775A2B}" = dir=out | name=@{microsoft.bingtravel_3.0.4.309_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} |
"{917538B6-C405-4566-B76A-9318D388153C}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3147\agent.exe |
"{91EB76A2-0D1F-4F60-A1D1-0A430B04872B}" = protocol=17 | dir=in | app=d:\steam\bin\steamwebhelper.exe |
"{92949301-43D4-462A-BF8A-A35E233684B7}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3478\agent.exe |
"{95259089-ECCD-49FB-BC1F-20F856B7F3F6}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3322\agent.exe |
"{9878AD98-2FB4-4D60-A9FF-42CFA3857945}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3454\agent.exe |
"{98F32510-BB50-4FCA-8A2B-7ACF16BFA743}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{99C91B91-F617-40BB-B2CF-B9E5569EA661}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3286\agent.exe |
"{9BCF1A94-7A68-4655-AA36-E6E0D8E3E3AE}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{9C717C3C-B5AB-469E-A488-D30AB602A496}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3323\agent.exe |
"{9D20A201-1718-4CD9-BB76-E11BAB697C6D}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3526\agent.exe |
"{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{A14B2AA1-9214-468E-8B97-19033023CBD8}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3109\agent.exe |
"{A2000CE8-8E70-4955-92F2-2834DE10141C}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3023\agent.exe |
"{A29BB609-3CEB-44F3-BBDD-C108638DA09B}" = protocol=17 | dir=in | app=d:\steam\steam.exe |
"{A29D347A-E533-495D-8431-73EA6A340D54}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3346\agent.exe |
"{A4EE625E-DAFA-464E-B298-0E9870311BCB}" = dir=out | name=radyo |
"{A8A3FA2E-DCAD-495C-A8E8-7521D800E0B0}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3507\agent.exe |
"{A8A4134B-E7F5-4E75-9E9D-9C6289B7C832}" = protocol=6 | dir=in | app=c:\program files (x86)\battle.net\battle.net.exe |
"{A8BA1BE2-38B8-41E7-8867-BF6790C3E33E}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3322\agent.exe |
"{A8CE658F-B3EA-4781-B0CD-DFECB2DA9837}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3109\agent.exe |
"{AFC0E147-642F-4DBB-99FC-780306C65768}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"{B035C544-21BE-40B4-A0FE-93C683554B3E}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifetray.exe |
"{B4E635D4-EE70-4FF1-8911-97BB8CF6A21E}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd cinema\powerdvdcinema10.exe |
"{B9DD296B-3302-4940-914F-4B49A59C9DFD}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{BB78EF69-BA40-495E-A8F8-F7606585F999}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BF177A9D-8D82-4416-8093-5A8FDEA0C78B}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3526\agent.exe |
"{C0E43413-F252-4CAB-879D-AD6E11265759}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifecam.exe |
"{C2D620A1-D218-4117-B24E-BE5441759330}" = dir=in | name=onenote |
"{C36C18BD-B449-4D37-8FDE-47F8661CF28B}" = dir=in | name=skype |
"{C6B8696F-5276-450B-9358-3DD8DCEA8FC0}" = dir=out | name=@{magix.musicmakerjam_2.1.1032.2_x64__a2t3txkz9j1jw?ms-resource://magix.musicmakerjam/resources/app_name} |
"{CA17AE9E-C71E-49EE-9F46-AAE535805E86}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3023\agent.exe |
"{CCB7DB4E-67CB-4E3A-BA77-E7DD9DBC802B}" = dir=out | name=fresh paint |
"{CF0B8EBF-6604-469D-B8A8-B24629BE14AC}" = dir=in | name=radyo |
"{CF7D105C-A3EA-445C-ABAF-793180500857}" = dir=in | app=c:\program files\cyberlink\powerdirector10\pdr10.exe |
"{D07CDAD8-1F3E-47DC-9584-7CB37F4C39A4}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd10.exe |
"{D0F9C290-9A64-43D5-A6C9-1041CA1728C6}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3109\agent.exe |
"{D177BB74-BE5A-4C7A-8B5A-2A4230D212A3}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3334\agent.exe |
"{D2C049BE-E296-405B-A7B3-0DE8EAA90411}" = dir=out | name=vlc for windows 8 |
"{D391110F-9115-476F-A33D-EBDB61E5D047}" = protocol=17 | dir=in | app=c:\programdata\pennybee\pennybee.exe |
"{D5E0D8F2-DBBE-4E10-AF31-E3827286E4D5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D5E2C736-2F93-4937-A965-6EE18B77DC0A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D62DA40C-B2FB-40B3-9749-04DD79531350}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn |
"{D8432A5D-AE23-4763-8B11-B0C624A1F2B8}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3182\agent.exe |
"{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn |
"{DB93E3F1-8D32-47B8-A71A-E8FF15B22FD9}" = dir=out | name=fingertapps organizer recommended by asus |
"{DE797F69-F48C-4F9C-AB71-44D3C9AA5606}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3023\agent.exe |
"{DF3FD37F-663C-45FF-A313-E0BA10B39A8E}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3182\agent.exe |
"{DF46E7D6-7EEC-4A44-9BEF-7211EF04BE98}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifecam.exe |
"{DF9F36ED-4A8F-4678-B857-9F1C42C5A702}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3372\agent.exe |
"{DFDD0C5A-9BB8-4607-BF19-BE5D648704A3}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3286\agent.exe |
"{DFE4CAA0-063E-40E8-B5F1-25CDE3694FFE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E41CE21E-4B79-4C22-A463-2E3142E8D733}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E7BDD28B-C13F-4549-BF89-11721B39E192}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeenc2.exe |
"{E8812107-62B4-4494-BC56-01F62164C0AA}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{E94338A6-207D-428D-A218-D6CB2F63EA39}" = dir=in | name=fingertapps organizer recommended by asus |
"{EA456881-AE9B-4029-A23C-ED2775CFE5ED}" = dir=out | name=@{microsoft.bingmaps_2.1.3230.2048_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{EA9DA5B7-B195-446B-9122-EF3ED28A0DAB}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3372\agent.exe |
"{EAA1D897-B37A-4AB6-A547-AC31F8A3F396}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3332\agent.exe |
"{EB80CC32-F224-4804-84A8-B97801DBC301}" = protocol=17 | dir=in | app=c:\program files (x86)\battle.net\battle.net.exe |
"{EC47CB54-D27D-4BCD-BAF8-3CB41DB819D2}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3372\agent.exe |
"{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn |
"{EED04578-72AF-4A93-AC4C-B2049B4AAD03}" = dir=out | name=skype |
"{F1DDE31F-9E32-4AAA-833F-D202BE80D736}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3346\agent.exe |
"{F24A6CC7-6D4A-42F3-B39C-7D30C85B4198}" = dir=out | name=@{microsoft.bingsports_3.0.4.298_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/brandedapptitle} |
"{F337F7D6-63BB-4D8B-8B4C-D434F58E6460}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.3346\agent.exe |
"{F3409D87-0313-4464-8F58-77A65E0E80E7}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3454\agent.exe |
"{F3727E2D-06F8-4498-9BFB-A552E41BB0A2}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3147\agent.exe |
"{F4253AEC-E74F-4433-A342-3D5CE46063C1}" = protocol=17 | dir=in | app=d:\wow\battle.net\battle.net.exe |
"{F58471B9-16DE-427C-848F-039477B85059}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3689\agent.exe |
"{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client |
"{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client |
"{FA5A6BC4-CC14-48FA-9D44-72579B1999F6}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3346\agent.exe |
"{FBD39155-15A1-4EAE-B09E-C05325064850}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{FC23D6CF-2FCD-4319-82F4-DC7E0C14A630}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{FC4CA7CB-577B-475B-A527-6D1243412DA8}" = dir=out | name=jigswar recommended by asus |
"{FCD67135-4DBD-4FFA-A457-79430F18648E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{FD3FB14E-E2B3-423F-8AF1-093270B2B4E2}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"{FDFC9CAD-8286-4116-AFFE-272C9F36D142}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3526\agent.exe |
"{FE5ACF22-F5C0-4870-9297-340499D0B6F1}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3478\agent.exe |
"{FEE47D91-AF28-4DC2-906D-2BA73C89FC1D}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.3235\agent.exe |
"{FFA42B66-6C35-4933-81F8-D2D57E5E6188}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifetray.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{409CB30E-E457-4008-9B1A-ED1B9EA21140}" = Intel(R) Rapid Storage Technology
"{4B5B6BB3-DA04-4B56-AE17-DDBF3F446888}" = Intel(R) Network Connections 18.5.54.0
"{54F2237F-018C-483B-8884-9FC0D88840C3}" = VC_CRT_x64
"{6965A8D2-465D-4F98-9FAA-0E9E2348F329}" = Microsoft LifeCam
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89AFB053-A343-46EF-97E4-D593AD7184E6}" = Intel® Trusted Connect Service Client
"{90150000-008F-0000-1000-0000000FF1CE}" = Office 15 Click-to-Run Licensing Component
"{93F692D4-0C4D-4EED-9BFE-657C1D5959FE}" = Intel(R) Rapid Storage Technology
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9C5A08BF-BB99-4998-81BD-F6CC32483B34}" = Microsoft Corporation
"{AB515018-7F9D-4047-B0C0-F26BAC30F3E1}" = ASUS Music Maker
"{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}" = CyberLink PowerDirector 10
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 350.12
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 350.12
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 350.12
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 2.4.1.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 349.95
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.15.0324
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 2.4.1.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GfExperienceService" = NVIDIA GeForce Experience Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.33.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio" = NVIDIA Miracast Virtueller Ton 350.12
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 2.4.1.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController" = SHIELD Wireless Controller Driver
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.27
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"O365HomePremRetail - de-de" = Microsoft Office 365 - de-de
"PROSetDX" = Intel(R) Network Connections 18.5.54.0
"Reimage Repair" = Reimage Repair
"TeamSpeak 3 Client" = TeamSpeak 3 Client

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{032CB0D7-FDBF-4CA9-901B-A4C1B01B1777}" = Συλλογή φωτογραφιών
"{03D562B5-C4E2-4846-A920-33178788BE00}" = Windows Live Communications Platform
"{03EC56DE-6424-43D7-A020-1EEE3E8159DE}" = PDF Architect 2 Create Module
"{06BBCA29-E177-44BB-901E-BA318CF064FD}" = Alcor Micro USB Card Reader Driver
"{0BC399ED-8482-413D-B77F-DE105FF6FB8D}" = PDF Architect 2 Forms Module
"{0C84E634-EB68-4A54-B21E-A05EC87A4CC5}" = eManual
"{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}" = Razer Synapse
"{0EB158FA-41B3-49CF-8AE5-6C6F470AD29D}" = Photo Common
"{0F929651-F516-4956-90F2-FFBD2CD5D30E}" = Photo Gallery
"{0FD2B9C6-DB91-48EA-9518-AB5B68CA1E28}" = Movie Maker
"{0FD66C6F-4023-4C74-AF8E-9B8B2053868E}" = Fotogalerie
"{0FF9CC94-EF23-401E-BDBD-37403D1A2B38}" = Windows Live SOXE Definitions
"{10640F6D-6AB0-401E-9FC6-A94D19C580BC}" = Windows Live UX Platform Language Pack
"{119A44B5-6237-4D56-8424-5DAE70ED3F4E}" = Windows Live UX Platform Language Pack
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{147FBA18-A6BB-4AD5-8F0A-37380AAABD76}" = Photo Common
"{18C928E6-31F0-4DD5-BD4D-55FBCF599712}" = Windows Live UX Platform Language Pack
"{1931C916-6CB8-4E4D-8561-EA20C426AE19}" = ASUS Manager - USB Lock
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1" = World of Tanks
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2020C08E-74F5-4E9F-BD2A-41F8CB6EBA10}" = Photo Gallery
"{23B93929-FAD4-40E5-96C6-0E977BB87204}" = Windows Live Essentials
"{25716F85-7DB7-4CB4-8BD3-1992DBA3F59C}" = 照片库
"{26886AFE-394D-4875-827B-04379487921D}" = Photo Common
"{268F956D-2FE7-4D10-8070-A4AC3BEF54EF}" = Movie Maker
"{28B1238E-1C18-4637-A2B7-95315E94EB29}_is1" = diclovit's mod pack 1.12.1
"{2AC01935-3774-4981-98C8-14E93C14372C}" = Windows Live UX Platform Language Pack
"{2DCE446C-D090-4458-8782-8F16DF94351E}" = ASUS Manager - Ai Booting
"{3206854C-84DC-4BB0-9CDF-25BC3826810B}" = Windows Live UX Platform Language Pack
"{39337565-330E-4ab6-A9AE-AC81E0720B10}" = CyberLink PhotoDirector 3
"{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}" = Firebird SQL Server - MAGIX Edition
"{3C5F91EF-5C0B-4D13-BCBE-0FC6FC3ED7F9}" = Movie Maker
"{3C60C40A-934A-4008-B68B-E70F58420AA1}" = Windows Live Essentials
"{3C98F340-D42C-4D75-8C96-5CC1E24F5599}" = PDF Architect 2 OCR Module
"{40376CD0-67E0-4190-86CA-8BD8CBAC331C}" = ASUS Launcher
"{4224D19D-2E7D-4E90-97A4-20C654B28AB8}" = Windows Live Essentials
"{45898170-E68C-4F02-AA35-C2186BF347A3}" = Movie Maker
"{49DC9658-D26A-4AAB-A83A-2655B8033056}" = Photo Common
"{4FB56489-F34B-42AA-9437-FB9E0B0543F7}" = Movie Maker
"{4fcf070a-daac-45e9-a8b0-6850941f7ed8}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
"{5A0EE0F0-E909-4F3B-B437-AAD9252427CB}" = Windows Live Installer
"{5A5B6AA4-8849-4038-9A8D-D7F9947EE8FE}" = Photo Common
"{5C601EA8-D519-4010-8CD0-BD3B94A6DD58}" = Photo Common
"{5E094C92-6288-4F43-AA9A-D452D0218F3F}" = Windows Live Essentials
"{6066D3FE-3692-4449-A3C8-D1EAA2C0E9E7}" = Movie Maker
"{6141DFFC-17B5-4B20-B9F2-B7675F29E057}" = PDF Architect 2 Secure Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{66500393-97E6-417B-93A7-43A6B7506E7F}" = Windows Live 软件包
"{675BBE8A-0ED3-4048-8723-BA51EAB8E1A8}" = ASUS Manager - Update
"{6B6923B9-8719-425B-916C-CD2908F31AAF}" = Windows Live SOXE
"{6BA68C11-0B63-4192-B880-0B5E3F7949F9}" = Windows Live UX Platform Language Pack
"{6DFF6F1B-F876-4007-AC82-42D5DDF0E090}" = Galeria de Fotografias
"{722CD95C-98C7-4E73-925A-68D2D4F651A6}" = Photo Common
"{74A43682-C44A-42F2-B161-2C7C359745A0}" = PDF Architect 2 Convert Module
"{7693587D-5D66-4208-ABEA-C370217D1D9B}" = Movie Maker
"{780291FE-0D39-441E-BE3D-7A820951C3D4}" = Photo Common
"{7DB15F28-5E38-476A-A773-EA07EAEAB1B3}" = 影像中心
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8528EEBC-9EBE-44A7-9DFB-EE401BA916C7}" = PDF Architect 2 Edit Module
"{877454F9-FD7F-49A4-A8BB-4519F6899ABA}" = PDF Architect 2 Insert Module
"{89C7E0A7-4D9D-4DCC-8834-A9A2B92D7EBB}" = Photo Gallery
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8DD7ECD5-FE54-4E15-B5AA-DA3F89CA439A}" = Windows Live UX Platform Language Pack
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{90150000-008C-0000-0000-0000000FF1CE}" = Office 15 Click-to-Run Extensibility Component
"{90150000-008C-0407-0000-0000000FF1CE}" = Office 15 Click-to-Run Localization Component
"{936D4074-6A57-45ED-AF5A-F7CF5A56DE6F}" = Windows Live Essentials
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9AF45D7C-34F1-4BA0-B799-825C8C04494C}" = ASUS Manager - Ai Charger II
"{A52DB080-D445-49EB-90D2-03B9CD794511}" = Photo Common
"{AA806DB1-E882-4834-8102-B5F256BE9A2F}" = Windows Live Essentials
"{AC76BA86-0804-1033-1959-001802114130}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.10) - Deutsch
"{ADEB1E6F-1C01-4EEB-A551-8E3F8CD2F35F}" = Windows Live UX Platform Language Pack
"{B1865FCC-BE34-4800-AF2F-FB0120821B6A}" = Movie Maker
"{B39A6825-EA20-43EA-AB2D-A6BC0298D9A1}" = Movie Maker
"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
"{B524274D-5B48-4DCC-8C1D-3D66A35B3685}" = Windows Live 程式集
"{BA69CEF3-309F-43ED-80C8-512A16620897}" = PDF Architect 2 Review Module
"{BDD0222F-D1C2-47DB-ABBE-62EB4F887A56}" = Windows Live UX Platform Language Pack
"{BDDC2D1F-092F-476F-A7D7-819AA5F434DF}" = Windows Live UX Platform Language Pack
"{C0018D63-C33C-4515-9CE8-3BC8830F79A1}" = Photo Gallery
"{C6B0EE9E-2128-4448-B7AE-5E2B46E0F0E7}" = Windows Live Photo Common
"{C960FF38-431D-429D-AD1F-FBD12A45B7C5}" = PDF Architect 2 View Module
"{CCC7C18E-1BEA-409F-B7A9-6C9740B99119}" = Windows Live UX Platform Language Pack
"{CF4A14CB-C4CB-4241-B659-7C58517515CF}" = ASUS Manager - Recovery
"{DD248BEE-E925-4720-A775-9A42276BB6EA}" = ASUS Manager - Power Manager
"{DD7C5FC1-DCA5-487A-AF23-658B1C00243F}" = Photo Common
"{DE7D8CF9-9C52-4BE0-B3E0-D4F116C524A8}" = Windows Live
"{DE9C585C-8578-4A8A-B92A-BA8DF2540E21}" = Movie Maker
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = ASUSDVD
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E169436E-49D8-419B-A5C0-D245EAF99611}" = Movie Maker
"{E22A19AE-7DDB-4959-B1DB-A0996294352A}" = ASUS Manager - PC Cleanup
"{E3445598-4424-4EE2-B71C-C23325F7FB71}" = Windows Live PIMT Platform
"{EC5E0CAF-BC28-401C-B8BE-89C496D6D66F}" = Windows Live Essentials
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E58739-2B4C-498F-9B0D-FF0F2FD52B61}" = Windows Live UX Platform
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F25C8769-16B6-4B19-BB0B-76F213829AC6}" = Movie Maker
"{F4D99A13-F63A-4FC1-8799-CFFDB78DDFB3}" = Galerie de photos
"{F5E5AD85-4A90-4604-A887-464D3818D8FD}" = ASUS Manager
"{F7314CA2-F900-46D7-9EA1-FBDD9D73F765}" = Galería de fotos
"{F875E135-31C5-4C4D-929F-D49E6332E7F1}" = Photo Common
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"{FA6BC7A5-85B3-4DC2-825C-D508E386151A}" = Raccolta foto
"{FF2DE2F0-A25E-4AE6-A2E0-056665520F1C}" = Windows Live Essentials
"Adobe Flash Player NPAPI" = Adobe Flash Player 17 NPAPI
"AmUStor" = Alcor Micro USB Card Reader Driver
"Asus Vibe2.0" = AsusVibe2.0
"Battle.net" = Battle.net
"Diablo III" = Diablo III
"ElsterFormular" = ElsterFormular
"InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}" = CyberLink PhotoDirector 3
"InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}" = CyberLink PowerDirector 10
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = ASUSDVD
"MAGIX_{AB515018-7F9D-4047-B0C0-F26BAC30F3E1}" = ASUS Music Maker
"Mozilla Firefox 37.0.1 (x86 de)" = Mozilla Firefox 37.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSC" = McAfee Internet Security
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Overwolf" = Overwolf
"PDF Architect 2" = PDF Architect 2
"Steam" = Steam
"Steam App 42690" = Call of Duty: Modern Warfare 3 - Multiplayer
"Steam App 42710" = Call of Duty: Black Ops - Multiplayer
"WindowsProtectManger" = WindowsProtectManger20.0.0.401
"WinLiveSuite" = Windows Live Essentials
"World of Warcraft" = World of Warcraft
"World of Warcraft Public Test" = World of Warcraft Public Test
"ZRwTINhSZfduKONYrSCTiCiGPggQZdcLRvoAVxyCOXXpkHeC~1DC3968F_is1" = Aslain's XVM Mod Version 4.2.2

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3412733107-315020943-3521016687-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"OneDriveSetup.exe" = Microsoft OneDrive

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 17.04.2015 14:05:25 | Computer Name = Ricks | Source = NvStreamSvc | ID = 133073
Description =

Error - 17.04.2015 15:02:09 | Computer Name = Ricks | Source = Application Hang | ID = 1002
Description = Programm wwahost.exe, Version 6.3.9600.17031 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: 27240 Startzeit: 01d079403e306094 Endzeit: 4294967295 Anwendungspfad:
C:\Windows\syswow64\wwahost.exe Berichts-ID: 34f4eb18-e534-11e4-829f-e03f494bdcb8

Vollständiger
Name des fehlerhaften Pakets: Microsoft.SkypeApp_3.1.0.1007_x86__kzf8qxf38zg5c Anwendungs-ID,
die relativ zum fehlerhaften Paket ist: App

Error - 17.04.2015 16:32:09 | Computer Name = Ricks | Source = Application Hang | ID = 1002
Description = Programm LiveComm.exe, Version 17.5.9600.20689 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: 2836c Startzeit: 01d0794cd93abc7b Endzeit: 4294967295 Anwendungspfad:
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID:
cd4a4c56-e540-11e4-829f-e03f494bdcb8 Vollständiger Name des fehlerhaften Pakets:
microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe Anwendungs-ID,
die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error - 17.04.2015 17:16:56 | Computer Name = Ricks | Source = Application Hang | ID = 1002
Description = Programm LiveComm.exe, Version 17.5.9600.20689 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: 29348 Startzeit: 01d079531b033a7a Endzeit: 4294967295 Anwendungspfad:
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID:
0fc5e4de-e547-11e4-829f-e03f494bdcb8 Vollständiger Name des fehlerhaften Pakets:
microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe Anwendungs-ID,
die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error - 17.04.2015 17:16:57 | Computer Name = Ricks | Source = Application Hang | ID = 1002
Description = Programm wwahost.exe, Version 6.3.9600.17031 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: 291fc Startzeit: 01d079531adc7101 Endzeit: 4294967295 Anwendungspfad:
C:\Windows\syswow64\wwahost.exe Berichts-ID: 1178ed28-e547-11e4-829f-e03f494bdcb8

Vollständiger
Name des fehlerhaften Pakets: Microsoft.SkypeApp_3.1.0.1007_x86__kzf8qxf38zg5c Anwendungs-ID,
die relativ zum fehlerhaften Paket ist: App

Error - 18.04.2015 16:57:38 | Computer Name = Ricks | Source = NvStreamSvc | ID = 133073
Description =

Error - 18.04.2015 17:04:09 | Computer Name = Ricks | Source = OverwolfUpdater | ID = 0
Description = Der Dienst kann nicht gestartet werden. Das Handle ist ungültig

Error - 18.04.2015 18:49:43 | Computer Name = Ricks | Source = Application Hang | ID = 1002
Description = Programm LiveComm.exe, Version 17.5.9600.20689 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: 2a42c Startzeit: 01d07a29365f4ae2 Endzeit: 4294967295 Anwendungspfad:
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID:
2b621f89-e61d-11e4-829f-e03f494bdcb8 Vollständiger Name des fehlerhaften Pakets:
microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe Anwendungs-ID,
die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error - 20.04.2015 12:42:55 | Computer Name = Ricks | Source = NvStreamSvc | ID = 133073
Description =

Error - 20.04.2015 12:48:35 | Computer Name = Ricks | Source = OverwolfUpdater | ID = 0
Description = Der Dienst kann nicht gestartet werden. Das Handle ist ungültig

[ System Events ]
Error - 13.04.2015 13:34:08 | Computer Name = Ricks | Source = DCOM | ID = 10010
Description =

Error - 13.04.2015 13:35:03 | Computer Name = Ricks | Source = DCOM | ID = 10010
Description =

Error - 13.04.2015 13:35:33 | Computer Name = Ricks | Source = DCOM | ID = 10010
Description =

Error - 16.04.2015 15:51:19 | Computer Name = Ricks | Source = DCOM | ID = 10010
Description =

Error - 16.04.2015 15:51:21 | Computer Name = Ricks | Source = DCOM | ID = 10010
Description =

Error - 16.04.2015 15:51:21 | Computer Name = Ricks | Source = DCOM | ID = 10010
Description =

Error - 17.04.2015 16:32:41 | Computer Name = Ricks | Source = DCOM | ID = 10010
Description =

Error - 17.04.2015 16:36:43 | Computer Name = Ricks | Source = DCOM | ID = 10010
Description =

Error - 17.04.2015 18:22:19 | Computer Name = Ricks | Source = DCOM | ID = 10010
Description =

Error - 20.04.2015 15:45:52 | Computer Name = Ricks | Source = Service Control Manager | ID = 7034
Description = Dienst "Device Handle Service" wurde unerwartet beendet. Dies ist
bereits 1 Mal passiert.


< End of report >

OTL

OTL logfile created on: 20.04.2015 21:48:51 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Rick\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17239)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

7,94 Gb Total Physical Memory | 2,41 Gb Available Physical Memory | 30,39% Memory free
9,19 Gb Paging File | 3,22 Gb Available in Paging File | 35,04% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 150,00 Gb Total Space | 84,23 Gb Free Space | 56,15% Space Free | Partition Type: NTFS
Drive D: | 764,71 Gb Total Space | 651,54 Gb Free Space | 85,20% Space Free | Partition Type: NTFS

Computer Name: RICKS | User Name: Rick | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Rick\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Common Files\Overwolf\0.84.95.0\OverwolfHelper.exe (Overwolf LTD)
PRC - C:\Program Files (x86)\Overwolf\Overwolf.exe (Overwolf LTD)
PRC - C:\Program Files (x86)\Overwolf\0.84.95.0\OverwolfTSHelper.exe (Overwolf LTD)
PRC - C:\Users\Rick\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
PRC - D:\World_of_Tanks\WorldOfTanks.exe (Wargaming.net)
PRC - C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Razer Inc.)
PRC - C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE (Microsoft Corporation)
PRC - C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe ()
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\PDF Architect 2\creator-ws.exe (pdfforge GmbH)
PRC - C:\Program Files (x86)\ASUS\ASUS Launcher\Launcher.exe (Microsoft)
PRC - C:\Program Files (x86)\ASUS\ASUS Manager\AsHKService.exe (ASUSTeK Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\ASUS Manager\Power Manager\Power Manager_background.exe (ASUSTeK)
PRC - C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe ()
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\ASUS\ASUS Manager\Ai Charger II\Ai_ChargerII_TrayIcon(ASUS_Manager).exe (ASUSTeK)
PRC - C:\Program Files (x86)\InstallShield Installation Information\{9AF45D7C-34F1-4BA0-B799-825C8C04494C}\AiChargerDT.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
PRC - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
PRC - C:\Windows\vVX3000.exe (Microsoft Corporation)


========== Modules (No Company Name) ==========

MOD - c:\users\rick\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpm8ovor.dll ()
MOD - C:\Program Files (x86)\Overwolf\0.84.95.0\teamspeak_control_win32.dll ()
MOD - C:\Program Files (x86)\Overwolf\0.84.95.0\UltraID3Lib.dll ()
MOD - C:\Program Files (x86)\Overwolf\0.84.95.0\CoreAudioApi.dll ()
MOD - C:\Program Files (x86)\Overwolf\0.84.95.0\libcef.DLL ()
MOD - C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll ()
MOD - C:\Users\Rick\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll ()
MOD - C:\Users\Rick\AppData\Roaming\Dropbox\bin\libGLESv2.dll ()
MOD - C:\Users\Rick\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll ()
MOD - C:\Users\Rick\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll ()
MOD - C:\Users\Rick\AppData\Roaming\Dropbox\bin\libEGL.dll ()
MOD - C:\Users\Rick\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll ()
MOD - C:\Users\Rick\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll ()
MOD - D:\World_of_Tanks\voip.dll ()
MOD - C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll ()
MOD - D:\World_of_Tanks\librsync.dll ()
MOD - C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll ()
MOD - D:\World_of_Tanks\NxCooking.dll ()
MOD - D:\World_of_Tanks\ortp.dll ()
MOD - D:\World_of_Tanks\libcurl.dll ()
MOD - D:\World_of_Tanks\PhysXLoader.dll ()


========== Services (SafeList) ==========

SRV:64bit: - (GfExperienceService) -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (NVIDIA Corporation)
SRV:64bit: - (NvStreamSvc) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation)
SRV:64bit: - (McODS) -- C:\Program Files\mcafee\VirusScan\mcods.exe (McAfee, Inc.)
SRV:64bit: - (McAPExe) -- C:\Program Files\McAfee\MSC\McAPExe.exe (McAfee, Inc.)
SRV:64bit: - (ClickToRunSvc) -- C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe (Microsoft Corporation)
SRV:64bit: - (mccspsvc) -- C:\Program Files\Common Files\McAfee\CSP\1.3.374.0\McCSPServiceHost.exe (McAfee, Inc.)
SRV:64bit: - (ReimageRealTimeProtector) -- C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe (Reimage®)
SRV:64bit: - (mfecore) -- C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe (McAfee, Inc.)
SRV:64bit: - (MSK80Service) -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McProxy) -- C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (mcpltsvc) -- C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McOobeSv2) -- C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McNaiAnn) -- C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (McMPFSvc) -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (HomeNetSvc) -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.)
SRV:64bit: - (mfevtp) -- C:\Windows\SysNative\mfevtps.exe (McAfee, Inc.)
SRV:64bit: - (mfefire) -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe ()
SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (AppXSvc) -- C:\Windows\SysNative\AppXDeploymentServer.dll (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (workfolderssvc) -- C:\Windows\SysNative\workfolderssvc.dll (Microsoft Corporation)
SRV:64bit: - (WdNisSvc) -- C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (lfsvc) -- C:\Windows\SysNative\GeofenceMonitorService.dll (Microsoft Corporation)
SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (AppReadiness) -- C:\Windows\SysNative\AppReadiness.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (WEPHOSTSVC) -- C:\Windows\SysNative\wephostsvc.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicguestinterface) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (smphost) -- C:\Windows\SysNative\smphost.dll (Microsoft Corporation)
SRV:64bit: - (ScDeviceEnum) -- C:\Windows\SysNative\ScDeviceEnum.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (NcbService) -- C:\Windows\SysNative\ncbservice.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (IAStorDataMgrSvc) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV:64bit: - (Intel(R) -- C:\Windows\SysNative\IPROSetMonitor.exe (Intel Corporation)
SRV:64bit: - (Intel(R) -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe (Intel(R) Corporation)
SRV:64bit: - (Intel(R) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation)
SRV:64bit: - (RichVideo64) -- C:\Program Files\CyberLink\Shared files\RichVideo64.exe ()
SRV:64bit: - (MSCamSvc) -- C:\Program Files\Microsoft LifeCam\MSCamS64.exe (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (OverwolfUpdater) -- C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe (Overwolf LTD)
SRV - (NvNetworkService) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
SRV - (Razer Game Scanner Service) -- C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe ()
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (0002801429214145mcinstcleanup) -- C:\Windows\Temp\0002801429214145mcinst.exe (McAfee, Inc.)
SRV - (PDF Architect 2) -- C:\Program Files (x86)\PDF Architect 2\ws.exe (pdfforge GmbH)
SRV - (pdfforge CrashHandler) -- C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe (pdfforge GmbH)
SRV - (PDF Architect 2 Creator) -- C:\Program Files (x86)\PDF Architect 2\creator-ws.exe (pdfforge GmbH)
SRV - (lfsvc) -- C:\Windows\SysWOW64\GeofenceMonitorService.dll (Microsoft Corporation)
SRV - (asComSvc) -- C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe ()
SRV - (PrintNotify) -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation)
SRV - (smphost) -- C:\Windows\SysWOW64\smphost.dll (Microsoft Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
SRV - (Device Handle Service) -- C:\Windows\SysWOW64\AsHookDevice.exe ()
SRV - (McAWFwk) -- c:\PROGRA~1\COMMON~1\mcafee\actwiz\mcawfwk.exe (McAfee, Inc.)
SRV - (Fabs) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®)


========== Driver Services (SafeList) ==========

DRV:64bit: - (NvStreamKms) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys (NVIDIA Corporation)
DRV:64bit: - (rzpmgrk) -- C:\Windows\SysNative\drivers\rzpmgrk.sys (Razer, Inc.)
DRV:64bit: - (rzjstk) -- C:\Windows\SysNative\drivers\rzjstk.sys (Razer Inc)
DRV:64bit: - (rzudd) -- C:\Windows\SysNative\drivers\rzudd.sys (Razer Inc)
DRV:64bit: - (rzendpt) -- C:\Windows\SysNative\drivers\rzendpt.sys (Razer Inc)
DRV:64bit: - (rzpnk) -- C:\Windows\SysNative\drivers\rzpnk.sys (Razer, Inc.)
DRV:64bit: - (nvvad_WaveExtensible) -- C:\Windows\SysNative\drivers\nvvad64v.sys (NVIDIA Corporation)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (cfwids) -- C:\Windows\SysNative\drivers\cfwids.sys (McAfee, Inc.)
DRV:64bit: - (mfewfpk) -- C:\Windows\SysNative\drivers\mfewfpk.sys (McAfee, Inc.)
DRV:64bit: - (mfehidk) -- C:\Windows\SysNative\drivers\mfehidk.sys (McAfee, Inc.)
DRV:64bit: - (mfefirek) -- C:\Windows\SysNative\drivers\mfefirek.sys (McAfee, Inc.)
DRV:64bit: - (mfeavfk) -- C:\Windows\SysNative\drivers\mfeavfk.sys (McAfee, Inc.)
DRV:64bit: - (mfeapfk) -- C:\Windows\SysNative\drivers\mfeapfk.sys (McAfee, Inc.)
DRV:64bit: - (mfeelamk) -- C:\Windows\SysNative\drivers\mfeelamk.sys (McAfee, Inc.)
DRV:64bit: - (mfencrk) -- C:\Windows\SysNative\drivers\mfencrk.sys (McAfee, Inc.)
DRV:64bit: - (mfencbdc) -- C:\Windows\SysNative\drivers\mfencbdc.sys (McAfee, Inc.)
DRV:64bit: - (Wof) -- C:\Windows\SysNative\drivers\wof.sys (Microsoft Corporation)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\drivers\UCX01000.SYS (Microsoft Corporation)
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - ({9a9157bb-003e-4fef-8bd1-c09bc4586a28}Gw64) -- C:\Windows\SysNative\drivers\{9a9157bb-003e-4fef-8bd1-c09bc4586a28}Gw64.sys (StdLib)
DRV:64bit: - ({f64c1459-b911-4fd8-a74e-36a496bf26e3}Gw64) -- C:\Windows\SysNative\drivers\{f64c1459-b911-4fd8-a74e-36a496bf26e3}Gw64.sys (StdLib)
DRV:64bit: - (rzkeypadendpt) -- C:\Windows\SysNative\drivers\rzkeypadendpt.sys (Razer Inc)
DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\drivers\wpcfltr.sys (Microsoft Corporation)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (WdNisDrv) -- C:\Windows\SysNative\drivers\WdNisDrv.sys (Microsoft Corporation)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (ReFS) -- C:\Windows\SysNative\drivers\refs.sys (Microsoft Corporation)
DRV:64bit: - (ssudmdm) -- C:\Windows\SysNative\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (dg_ssudbus) -- C:\Windows\SysNative\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (BthLEEnum) -- C:\Windows\SysNative\drivers\BthLEEnum.sys (Microsoft Corporation)
DRV:64bit: - (intelpep) -- C:\Windows\SysNative\drivers\intelpep.sys (Microsoft Corporation)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (SerCx2) -- C:\Windows\SysNative\drivers\SerCx2.sys (Microsoft Corporation)
DRV:64bit: - (stornvme) -- C:\Windows\SysNative\drivers\stornvme.sys (Microsoft Corporation)
DRV:64bit: - (HipShieldK) -- C:\Windows\SysNative\drivers\HipShieldK.sys (McAfee, Inc.)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (LSI_SAS3) -- C:\Windows\SysNative\drivers\lsi_sas3.sys (LSI Corporation)
DRV:64bit: - (ADP80XX) -- C:\Windows\SysNative\drivers\adp80xx.sys (PMC-Sierra)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\drivers\3ware.sys (LSI)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (UEFI) -- C:\Windows\SysNative\drivers\uefi.sys (Microsoft Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (ahcache) -- C:\Windows\SysNative\drivers\ahcache.sys (Microsoft Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\drivers\HyperVideo.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (netvsc) -- C:\Windows\SysNative\drivers\netvsc63.sys (Microsoft Corporation)
DRV:64bit: - (NdisVirtualBus) -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\drivers\fxppm.sys (Microsoft Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\TeeDriverx64.sys (Intel Corporation)
DRV:64bit: - (AmUStor) -- C:\Windows\SysNative\drivers\AmUStor.sys (Alcor Micro, Corp.)
DRV:64bit: - (bcmfn2) -- C:\Windows\SysNative\drivers\bcmfn2.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (iaStorAV) -- C:\Windows\SysNative\drivers\iaStorAV.sys (Intel Corporation)
DRV:64bit: - (iaStorA) -- C:\Windows\SysNative\drivers\iaStorA.sys (Intel Corporation)
DRV:64bit: - (iaLPSSi_GPIO) -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys (Intel Corporation)
DRV:64bit: - (iaLPSSi_I2C) -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys (Intel Corporation)
DRV:64bit: - (e1dexpress) -- C:\Windows\SysNative\drivers\e1d64x64.sys (Intel Corporation)
DRV:64bit: - (e1iexpress) -- C:\Windows\SysNative\drivers\e1i63x64.sys (Intel Corporation)
DRV:64bit: - (VX3000) -- C:\Windows\SysNative\drivers\VX3000.sys (Microsoft Corporation)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3412733107-315020943-3521016687-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKU\S-1-5-21-3412733107-315020943-3521016687-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-3412733107-315020943-3521016687-1002\..\URLSearchHook: {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No CLSID value found
IE - HKU\S-1-5-21-3412733107-315020943-3521016687-1002\..\SearchScopes,DefaultScope = {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
IE - HKU\S-1-5-21-3412733107-315020943-3521016687-1002\..\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}: "URL" = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325582&octid=EB_ORIGINAL_CTID&ISID=M0809D83C-93A7-4FAB-A7E7-43C3823E93F4&SearchSource=58&CUI=&UM=2&UP=SP8F851441-4169-4E82-B4FB-CFAAB7789BBE&q={searchTerms}&SSPV=
IE - HKU\S-1-5-21-3412733107-315020943-3521016687-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.countryCode: "DE"
FF - prefs.js..browser.search.isUS: false
FF - prefs.js..browser.search.region: "DE"
FF - prefs.js..browser.search.selectedEngine: "Trovi search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://googel.de/"
FF - prefs.js..extensions.enabledAddons: %7Bdd3d7613-0246-469d-bc65-2a3cc1668adc%7D:1.1.8
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:37.0.1


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3508.0205: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\PDF Architect 2: C:\Program Files (x86)\PDF Architect 2\np-previewer.dll (pdfforge GmbH)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 37.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 37.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK [2015.04.16 21:57:00 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 37.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 37.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2014.06.21 03:25:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rick\AppData\Roaming\mozilla\Extensions
[2015.04.04 23:55:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rick\AppData\Roaming\mozilla\Firefox\Profiles\ctld6cim.default-1404318921268\extensions
[2014.07.05 12:29:59 | 000,000,000 | ---D | M] (Block site) -- C:\Users\Rick\AppData\Roaming\mozilla\Firefox\Profiles\ctld6cim.default-1404318921268\extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc}
[2015.04.03 18:06:15 | 000,970,672 | ---- | M] () (No name found) -- C:\Users\Rick\AppData\Roaming\mozilla\firefox\profiles\ctld6cim.default-1404318921268\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014.08.20 18:14:57 | 000,000,643 | ---- | M] () -- C:\Users\Rick\AppData\Roaming\mozilla\firefox\profiles\ctld6cim.default-1404318921268\searchplugins\trovi-search.xml
[2015.04.12 12:37:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2015.04.12 12:37:37 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

O1 HOSTS File: ([2013.08.22 15:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (no name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [VX3000] C:\Windows\vVX3000.exe (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ASUSPRP] C:\Program Files (x86)\ASUS\APRP\APRP.EXE (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [fst_de_59] File not found
O4 - HKLM..\Run: [fst_de_60] File not found
O4 - HKLM..\Run: [LifeCam] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [mcpltui_exe] C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe (McAfee, Inc.)
O4 - HKLM..\Run: [Razer Synapse] C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Razer Inc.)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKU\S-1-5-21-3412733107-315020943-3521016687-1002..\Run: [Overwolf] C:\Program Files (x86)\Overwolf\Overwolf.exe (Overwolf LTD)
O4 - Startup: C:\Users\Rick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk = C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Rick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
O4 - Startup: C:\Users\Rick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Rick\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C1362B59-9637-439A-9FF1-BFF68156BE93}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\osf - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~1\mcafee\msc\MCSNIE~1.DLL (McAfee, Inc.)
O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll (McAfee, Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2015.04.20 20:02:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
[2015.04.16 21:56:48 | 000,197,704 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\HipShieldK.sys
[2015.04.14 21:52:13 | 018,178,736 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2015.04.13 18:28:16 | 000,560,968 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2015.04.13 18:21:32 | 001,895,568 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6435012.dll
[2015.04.13 18:21:32 | 001,557,648 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6435012.dll
[2015.04.13 18:21:29 | 031,570,064 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2015.04.13 18:21:29 | 030,397,072 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2015.04.13 18:21:29 | 025,375,048 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2015.04.13 18:21:29 | 024,053,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2015.04.13 18:21:29 | 015,818,528 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2015.04.13 18:21:29 | 015,716,232 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2015.04.13 18:21:29 | 014,006,752 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2015.04.13 18:21:29 | 012,852,784 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2015.04.13 18:21:29 | 011,380,728 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2015.04.13 18:21:29 | 002,896,528 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2015.04.13 18:21:29 | 002,573,456 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2015.04.13 18:21:29 | 001,086,424 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2015.04.13 18:21:29 | 001,047,368 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2015.04.13 18:21:29 | 001,037,640 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2015.04.13 18:21:29 | 000,970,568 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2015.04.13 18:21:29 | 000,962,192 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2015.04.13 18:21:29 | 000,927,440 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2015.04.13 18:21:29 | 000,499,344 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvEncodeAPI64.dll
[2015.04.13 18:21:29 | 000,402,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvEncodeAPI.dll
[2015.04.13 18:21:29 | 000,390,472 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFROpenGL.dll
[2015.04.13 18:21:29 | 000,346,256 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFROpenGL.dll
[2015.04.13 18:21:29 | 000,175,880 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2015.04.13 18:21:29 | 000,154,256 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2015.04.13 18:21:29 | 000,150,648 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2015.04.13 18:21:29 | 000,128,512 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2015.04.12 12:37:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[3 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2015.04.20 21:55:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\pennybee Runner.job
[2015.04.20 21:50:10 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015.04.20 19:04:03 | 000,007,812 | ---- | M] () -- C:\Windows\SysNative\ScanResults.xml
[2015.04.20 18:58:21 | 000,000,464 | ---- | M] () -- C:\Windows\SysNative\ScannerSettings
[2015.04.20 18:42:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015.04.17 21:08:52 | 000,007,608 | ---- | M] () -- C:\Users\Rick\AppData\Local\Resmon.ResmonCfg
[2015.04.14 21:52:13 | 018,178,736 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2015.04.13 18:30:17 | 001,768,510 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2015.04.13 18:30:17 | 000,741,062 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2015.04.13 18:30:17 | 000,731,484 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2015.04.13 18:30:17 | 000,155,730 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2015.04.13 18:30:17 | 000,143,714 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2015.04.11 11:58:11 | 000,001,187 | ---- | M] () -- C:\Users\Rick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2015.04.11 11:58:00 | 000,001,069 | ---- | M] () -- C:\Users\Rick\Desktop\Dropbox.lnk
[2015.04.09 02:58:18 | 031,570,064 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2015.04.09 02:58:18 | 030,397,072 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2015.04.09 02:58:18 | 025,375,048 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2015.04.09 02:58:18 | 024,053,576 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2015.04.09 02:58:18 | 017,176,128 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2015.04.09 02:58:18 | 015,818,528 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2015.04.09 02:58:18 | 015,716,232 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2015.04.09 02:58:18 | 014,617,288 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2015.04.09 02:58:18 | 014,006,752 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2015.04.09 02:58:18 | 012,852,784 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2015.04.09 02:58:18 | 012,689,592 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2015.04.09 02:58:18 | 011,380,728 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2015.04.09 02:58:18 | 003,317,344 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2015.04.09 02:58:18 | 002,935,416 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2015.04.09 02:58:18 | 002,896,528 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2015.04.09 02:58:18 | 002,573,456 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2015.04.09 02:58:18 | 001,895,568 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6435012.dll
[2015.04.09 02:58:18 | 001,557,648 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6435012.dll
[2015.04.09 02:58:18 | 001,086,424 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2015.04.09 02:58:18 | 001,047,368 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2015.04.09 02:58:18 | 001,037,640 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2015.04.09 02:58:18 | 000,970,568 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2015.04.09 02:58:18 | 000,962,192 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2015.04.09 02:58:18 | 000,927,440 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2015.04.09 02:58:18 | 000,849,552 | ---- | M] () -- C:\Windows\SysNative\nvmcumd.dll
[2015.04.09 02:58:18 | 000,499,344 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvEncodeAPI64.dll
[2015.04.09 02:58:18 | 000,402,576 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvEncodeAPI.dll
[2015.04.09 02:58:18 | 000,390,472 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFROpenGL.dll
[2015.04.09 02:58:18 | 000,346,256 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFROpenGL.dll
[2015.04.09 02:58:18 | 000,175,880 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2015.04.09 02:58:18 | 000,154,256 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2015.04.09 02:58:18 | 000,150,648 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglshim64.dll
[2015.04.09 02:58:18 | 000,128,512 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglshim32.dll
[2015.04.09 02:58:18 | 000,078,480 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2015.04.09 02:58:18 | 000,066,704 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2015.04.09 02:58:18 | 000,029,329 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2015.04.08 23:30:18 | 006,841,488 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2015.04.08 23:30:18 | 003,478,344 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2015.04.08 23:30:14 | 002,558,608 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2015.04.08 23:30:14 | 000,062,608 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2015.04.08 23:30:13 | 000,385,168 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2015.04.08 22:32:32 | 000,560,968 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2015.04.08 19:52:00 | 004,336,074 | ---- | M] () -- C:\Windows\SysNative\nvcoproc.bin
[2015.04.05 14:59:51 | 000,000,025 | -HS- | M] () -- C:\Windows\SysWow64\ReadTag.ini
[2015.04.05 14:59:41 | 000,577,560 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2015.04.05 14:59:32 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2015.04.05 14:59:26 | 2526,052,351 | -HS- | M] () -- C:\hiberfil.sys
[2015.03.31 21:47:13 | 000,001,400 | ---- | M] () -- C:\Users\Public\Desktop\GeForce Experience.lnk
[2015.03.28 05:44:01 | 001,316,000 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspcap.dll
[2015.03.28 05:44:01 | 001,316,000 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspbridge.dll
[2015.03.28 05:43:39 | 001,756,424 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspbridge64.dll
[2015.03.28 05:43:39 | 001,570,672 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspcap64.dll
[3 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

========== Files Created - No Company Name ==========

[2015.04.13 18:21:29 | 000,849,552 | ---- | C] () -- C:\Windows\SysNative\nvmcumd.dll
[2015.03.17 23:28:00 | 000,007,608 | ---- | C] () -- C:\Users\Rick\AppData\Local\Resmon.ResmonCfg
[2014.12.03 09:29:30 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2014.12.03 09:29:30 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2014.11.26 11:46:51 | 000,155,136 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2014.11.26 11:46:51 | 000,034,308 | ---- | C] () -- C:\Windows\SysWow64\bassmod.dll
[2014.08.20 15:58:36 | 000,000,182 | ---- | C] () -- C:\Windows\Reimage.ini
[2014.06.24 08:27:45 | 000,002,255 | ---- | C] () -- C:\Windows\SysWow64\WimBootCompress.ini
[2014.06.21 04:12:48 | 000,449,848 | ---- | C] () -- C:\Windows\ASUSUpdater.exe
[2014.06.20 21:09:08 | 000,103,936 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2014.01.26 22:59:53 | 000,000,025 | -HS- | C] () -- C:\Windows\SysWow64\ReadTag.ini
[2014.01.26 22:55:38 | 000,207,160 | ---- | C] () -- C:\Windows\SysWow64\AsHookDevice.exe
[2014.01.26 22:55:29 | 000,014,464 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsUpIO.sys
[2014.01.26 22:54:41 | 000,015,232 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2014.01.26 22:54:41 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2014.01.26 22:54:41 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2014.01.26 22:49:22 | 008,515,180 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014.01.09 11:28:16 | 000,879,104 | ---- | C] () -- C:\Windows\AsusLauncherContextMenu64.dll
[2014.01.09 11:28:16 | 000,246,784 | ---- | C] () -- C:\Windows\AsusLauncherContextMenu32.dll
[2014.01.09 11:28:16 | 000,005,350 | ---- | C] () -- C:\Windows\alglist.ini
[2014.01.09 11:28:16 | 000,002,434 | ---- | C] () -- C:\Windows\alglist_Commercial.ini
[2014.01.09 11:14:19 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2014.01.09 11:01:08 | 000,006,749 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2014.01.09 11:01:08 | 000,002,761 | ---- | C] () -- C:\Windows\Ascd_HDI_log.ini
[2014.01.09 11:01:08 | 000,002,476 | ---- | C] () -- C:\Windows\scd.ini
[2014.01.09 11:01:08 | 000,000,000 | ---- | C] () -- C:\Windows\Ascd_err.ini
[2014.01.09 11:00:33 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2014.01.09 11:00:32 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
[2014.01.09 11:00:32 | 000,003,728 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2013.08.22 17:36:43 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2013.08.22 17:36:42 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2013.08.22 16:46:23 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2013.08.22 09:01:23 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2013.08.22 05:32:36 | 000,046,080 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2013.08.22 01:55:20 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2013.08.22 01:52:39 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2013.05.12 03:17:52 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll

========== ZeroAccess Check ==========

[2014.06.20 22:27:51 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014.04.06 18:31:39 | 021,268,952 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014.04.06 17:22:20 | 018,755,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013.08.22 11:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013.08.22 04:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013.08.22 11:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2014.06.21 04:12:05 | 000,000,000 | ---D | M] -- C:\Users\Rick\AppData\Roaming\Battle.net
[2014.06.21 04:44:04 | 000,000,000 | ---D | M] -- C:\Users\Rick\AppData\Roaming\Curse Advertising
[2015.04.20 18:43:39 | 000,000,000 | ---D | M] -- C:\Users\Rick\AppData\Roaming\Dropbox
[2014.12.28 18:47:17 | 000,000,000 | ---D | M] -- C:\Users\Rick\AppData\Roaming\elsterformular
[2014.08.07 16:12:15 | 000,000,000 | ---D | M] -- C:\Users\Rick\AppData\Roaming\PDF Architect 2
[2014.08.07 16:05:19 | 000,000,000 | ---D | M] -- C:\Users\Rick\AppData\Roaming\pdfforge
[2015.04.20 21:54:00 | 000,000,000 | ---D | M] -- C:\Users\Rick\AppData\Roaming\TS3Client
[2014.12.23 00:40:35 | 000,000,000 | ---D | M] -- C:\Users\Rick\AppData\Roaming\Wargaming.net
[2015.03.11 21:22:45 | 000,000,000 | ---D | M] -- C:\Users\Rick\AppData\Roaming\WebStorage

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 237 bytes -> C:\Users\Rick\SkyDrive:ms-properties

< End of report >

Alt 20.04.2015, 21:23   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Rechner lahmt kann wer was finden? - Standard

Rechner lahmt kann wer was finden?



Hallo und

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!




Zudem bitte auch ein Log mit Farbars Tool machen:

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)



Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 20.04.2015, 21:34   #3
Rick84
 
Rechner lahmt kann wer was finden? - Standard

Rechner lahmt kann wer was finden?




FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-04-2015
Ran by Rick (administrator) on RICKS on 20-04-2015 22:27:03
Running from C:\Users\Rick\Downloads
Loaded Profiles: Rick (Available profiles: Rick)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect 2\creator-ws.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Reimage®) C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
() C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAD2AF.tmp
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\CSP\1.3.374.0\McCSPServiceHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\mcafee\vul\McVulCtr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft) C:\Program Files (x86)\ASUS\ASUS Launcher\Launcher.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\InstallShield Installation Information\{9AF45D7C-34F1-4BA0-B799-825C8C04494C}\AiChargerDT.exe
(ASUSTeK) C:\Program Files (x86)\ASUS\ASUS Manager\Power Manager\Power Manager_background.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Manager\AsHKService.exe
(ASUSTeK) C:\Program Files (x86)\ASUS\ASUS Manager\Ai Charger II\Ai_ChargerII_TrayIcon(ASUS_Manager).exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\vVX3000.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe
(Dropbox, Inc.) C:\Users\Rick\AppData\Roaming\Dropbox\bin\Dropbox.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.84.95.0\OverwolfHelper.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.84.95.0\OverwolfHelper64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(OldTimer Tools) C:\Users\Rick\Downloads\OTL.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17477_none_fa2b7d3b9b36c7b4\TiWorker.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\outlook.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
(Microsoft Corporation) C:\Windows\System32\wermgr.exe
(Microsoft Corporation) C:\Windows\System32\msfeedssync.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7199448 2013-09-05] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-30] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2673296 2015-03-28] (NVIDIA Corporation)
HKLM\...\Run: [VX3000] => C:\Windows\vVX3000.exe [762736 2010-05-20] (Microsoft Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3216032 2014-01-09] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe [643064 2015-02-09] (McAfee, Inc.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-09] (CyberLink Corp.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [590144 2015-03-12] (Razer Inc.)
HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [119152 2010-05-20] (Microsoft Corporation)
HKLM-x32\...\Run: [fst_de_59] => [X]
HKLM-x32\...\Run: [fst_de_60] => [X]
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3412733107-315020943-3521016687-1002\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [40688 2015-04-05] (Overwolf LTD)
Startup: C:\Users\Rick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2014-07-14]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Rick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2014-06-21] ()
Startup: C:\Users\Rick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-01-05]
ShortcutTarget: Dropbox.lnk -> C:\Users\Rick\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3412733107-315020943-3521016687-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKU\S-1-5-21-3412733107-315020943-3521016687-1002 - (No Name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No File
SearchScopes: HKU\S-1-5-21-3412733107-315020943-3521016687-1002 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325582&octid=EB_ORIGINAL_CTID&ISID=M0809D83C-93A7-4FAB-A7E7-43C3823E93F4&SearchSource=58&CUI=&UM=2&UP=SP8F851441-4169-4E82-B4FB-CFAAB7789BBE&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-3412733107-315020943-3521016687-1002 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325582&octid=EB_ORIGINAL_CTID&ISID=M0809D83C-93A7-4FAB-A7E7-43C3823E93F4&SearchSource=58&CUI=&UM=2&UP=SP8F851441-4169-4E82-B4FB-CFAAB7789BBE&q={searchTerms}&SSPV=
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-02-10] (Microsoft Corporation)
BHO-x32: No Name -> {84FF7BD6-B47F-46F8-9130-01B2696B36CB} ->  No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2015-02-27] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2015-02-27] (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Rick\AppData\Roaming\Mozilla\Firefox\Profiles\ctld6cim.default-1404318921268
FF NewTab: hxxp://www.trovi.com/?gd=&ctid=CT3325582&octid=EB_ORIGINAL_CTID&ISID=M0809D83C-93A7-4FAB-A7E7-43C3823E93F4&SearchSource=69&CUI=&SSPV=&Lay=1&UM=2&UP=SP8F851441-4169-4E82-B4FB-CFAAB7789BBE
FF SelectedSearchEngine: Trovi search
FF Homepage: hxxp://googel.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-02-27] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-19] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-19] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2015-02-27] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll [2011-03-09] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-06-23] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-06] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-04-08] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-04-08] (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll [2014-06-26] (pdfforge GmbH)
FF user.js: detected! => C:\Users\Rick\AppData\Roaming\Mozilla\Firefox\Profiles\ctld6cim.default-1404318921268\user.js [2014-08-04]
FF SearchPlugin: C:\Users\Rick\AppData\Roaming\Mozilla\Firefox\Profiles\ctld6cim.default-1404318921268\searchplugins\trovi-search.xml [2014-08-20]
FF Extension: Block site - C:\Users\Rick\AppData\Roaming\Mozilla\Firefox\Profiles\ctld6cim.default-1404318921268\Extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc} [2014-07-05]
FF Extension: Adblock Plus - C:\Users\Rick\AppData\Roaming\Mozilla\Firefox\Profiles\ctld6cim.default-1404318921268\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-07-05]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2014-01-09]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 0002801429214145mcinstcleanup; C:\Windows\TEMP\000280~1.EXE [851136 2014-08-08] (McAfee, Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2013-08-28] ()
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2714800 2015-02-10] (Microsoft Corporation)
S2 Device Handle Service; C:\Windows\SysWOW64\AsHookDevice.exe [207160 2013-08-08] ()
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-24] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-03-28] (NVIDIA Corporation)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-08] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-19] (Intel Corporation)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [562200 2015-02-27] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334608 2013-07-30] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.3.374.0\McCSPServiceHost.exe [422632 2015-01-22] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [601864 2015-02-27] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1050952 2014-11-06] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [221832 2014-10-01] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189920 2014-10-01] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1878672 2015-03-28] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22995600 2015-03-28] (NVIDIA Corporation)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [998640 2015-04-05] (Overwolf LTD)
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-06-26] (pdfforge GmbH)
R2 PDF Architect 2 Creator; C:\Program Files (x86)\PDF Architect 2\creator-ws.exe [738856 2014-06-26] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-06-26] (pdfforge GmbH)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187072 2015-02-05] ()
R2 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [7410024 2015-01-14] (Reimage®)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
S4 CltMngSvc; C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe [X]
S4 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe -service [X]
S2 pennybee; "C:\PROGRA~3\pennybee\pennybee.exe" /task=4 /InstallOn=0 /closebr=0 /active=24 /update=24 /interval=2880 /pubId=1004 /affId=10040004 /appId=116 /uId=56396797-FEBF-42BF-ADAB-BDEEBED73214 /version= /Override=0 /regAppName=pennybee /curSID=S-1-5-21-3412733107-315020943-3521016687-1002 /logf=C:\Users\Rick\AppData\Local\10040004_loger_03_01_15_19_29_-1908678308.txt /mac=E03F494BDCB8 /tst=none /ts2=1
S2 Update SpadeCast; "C:\Program Files (x86)\SpadeCast\updateSpadeCast.exe" [X]
S4 WindowsProtectManger; C:\ProgramData\WindowsProtectManger\wprotectmanager.exe -service [X] <==== ATTENTION
S4 wpennybeed; "C:\PROGRA~3\pennybee\wpennybeed.exe" -scm [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AiChargerDT; C:\Windows\SysWow64\drivers\AiChargerDT.sys [14880 2012-10-18] (ASUSTek Computer Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72136 2014-10-01] (McAfee, Inc.)
R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d64x64.sys [469264 2013-06-26] (Intel Corporation)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-19] (Intel Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181584 2014-10-01] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313680 2014-10-01] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70608 2014-10-01] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [526360 2014-10-01] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786304 2014-10-01] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [447440 2014-09-19] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96600 2014-09-19] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348560 2014-10-01] (McAfee, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-28] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [39592 2014-12-30] (Razer Inc)
R3 rzjstk; C:\Windows\System32\drivers\rzjstk.sys [27816 2014-12-30] (Razer Inc)
R3 rzkeypadendpt; C:\Windows\System32\drivers\rzkeypadendpt.sys [32936 2014-05-19] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-02-05] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129600 2014-12-10] (Razer, Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
R1 {9a9157bb-003e-4fef-8bd1-c09bc4586a28}Gw64; C:\Windows\System32\drivers\{9a9157bb-003e-4fef-8bd1-c09bc4586a28}Gw64.sys [61632 2014-07-31] (StdLib)
R1 {f64c1459-b911-4fd8-a74e-36a496bf26e3}Gw64; C:\Windows\System32\drivers\{f64c1459-b911-4fd8-a74e-36a496bf26e3}Gw64.sys [61112 2014-06-21] (StdLib)
S3 athur; \SystemRoot\system32\DRIVERS\athuw8x.sys [X]
S3 SPPD; \??\C:\Windows\system32\drivers\SPPD.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-20 22:27 - 2015-04-20 22:27 - 00022089 _____ () C:\Users\Rick\Downloads\FRST.txt
2015-04-20 22:26 - 2015-04-20 22:27 - 00000000 ____D () C:\FRST
2015-04-20 22:26 - 2015-04-20 22:26 - 02099712 _____ (Farbar) C:\Users\Rick\Downloads\FRST64.exe
2015-04-20 22:12 - 2015-04-20 22:12 - 00099008 _____ () C:\Users\Rick\Downloads\Extras.Txt
2015-04-20 22:11 - 2015-04-20 22:11 - 00112646 _____ () C:\Users\Rick\Downloads\OTL.Txt
2015-04-20 21:48 - 2015-04-20 21:48 - 00602112 _____ (OldTimer Tools) C:\Users\Rick\Downloads\OTL.exe
2015-04-20 20:02 - 2015-04-20 20:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2015-04-16 21:56 - 2013-09-23 13:49 - 00197704 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys
2015-04-14 21:52 - 2015-04-14 21:52 - 18178736 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-04-13 18:28 - 2015-04-08 22:32 - 00560968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-04-13 18:21 - 2015-04-09 02:58 - 31570064 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-04-13 18:21 - 2015-04-09 02:58 - 30397072 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-04-13 18:21 - 2015-04-09 02:58 - 25375048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-04-13 18:21 - 2015-04-09 02:58 - 24053576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-04-13 18:21 - 2015-04-09 02:58 - 15818528 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-04-13 18:21 - 2015-04-09 02:58 - 15716232 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-04-13 18:21 - 2015-04-09 02:58 - 14006752 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-04-13 18:21 - 2015-04-09 02:58 - 12852784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-04-13 18:21 - 2015-04-09 02:58 - 11380728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-04-13 18:21 - 2015-04-09 02:58 - 10423952 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-04-13 18:21 - 2015-04-09 02:58 - 02896528 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-04-13 18:21 - 2015-04-09 02:58 - 02573456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-04-13 18:21 - 2015-04-09 02:58 - 01895568 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435012.dll
2015-04-13 18:21 - 2015-04-09 02:58 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435012.dll
2015-04-13 18:21 - 2015-04-09 02:58 - 01086424 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-04-13 18:21 - 2015-04-09 02:58 - 01047368 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-04-13 18:21 - 2015-04-09 02:58 - 01037640 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-04-13 18:21 - 2015-04-09 02:58 - 00970568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-04-13 18:21 - 2015-04-09 02:58 - 00962192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-04-13 18:21 - 2015-04-09 02:58 - 00927440 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-04-13 18:21 - 2015-04-09 02:58 - 00849552 _____ () C:\Windows\system32\nvmcumd.dll
2015-04-13 18:21 - 2015-04-09 02:58 - 00499344 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-04-13 18:21 - 2015-04-09 02:58 - 00402576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-04-13 18:21 - 2015-04-09 02:58 - 00390472 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-04-13 18:21 - 2015-04-09 02:58 - 00346256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-04-13 18:21 - 2015-04-09 02:58 - 00175880 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-04-13 18:21 - 2015-04-09 02:58 - 00154256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-04-13 18:21 - 2015-04-09 02:58 - 00150648 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-04-13 18:21 - 2015-04-09 02:58 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-04-12 12:37 - 2015-04-12 12:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-20 22:27 - 2013-08-22 17:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-04-20 22:25 - 2014-10-13 08:15 - 00000908 _____ () C:\Windows\Tasks\pennybee Runner.job
2015-04-20 22:11 - 2014-06-21 03:23 - 00003914 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{7C5AB8B4-B008-46F7-8B14-9A9C05C16C9A}
2015-04-20 22:00 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2015-04-20 21:54 - 2014-06-24 21:57 - 00000000 ____D () C:\Users\Rick\AppData\Roaming\TS3Client
2015-04-20 21:50 - 2014-06-23 08:26 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-20 21:33 - 2014-01-26 22:50 - 01325771 _____ () C:\Windows\WindowsUpdate.log
2015-04-20 20:07 - 2014-06-21 03:27 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3412733107-315020943-3521016687-1002
2015-04-20 19:07 - 2014-06-23 08:23 - 00005120 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for RICKS-Rick Ricks
2015-04-20 19:04 - 2014-08-23 19:44 - 00007812 _____ () C:\Windows\system32\ScanResults.xml
2015-04-20 18:58 - 2015-03-05 22:23 - 00000464 _____ () C:\Windows\system32\ScannerSettings
2015-04-20 18:44 - 2014-06-21 03:22 - 00000000 __RDO () C:\Users\Rick\SkyDrive
2015-04-20 18:43 - 2015-01-05 19:05 - 00000000 ___RD () C:\Users\Rick\Dropbox
2015-04-20 18:43 - 2015-01-05 18:57 - 00000000 ____D () C:\Users\Rick\AppData\Roaming\Dropbox
2015-04-20 18:43 - 2014-06-24 21:54 - 00000000 ____D () C:\Users\Rick\AppData\Local\Overwolf
2015-04-20 18:43 - 2014-06-21 04:40 - 00000000 ____D () C:\Users\Rick\AppData\Local\Deployment
2015-04-17 21:08 - 2015-03-17 23:28 - 00007608 _____ () C:\Users\Rick\AppData\Local\Resmon.ResmonCfg
2015-04-16 21:55 - 2014-01-09 11:29 - 00000000 ____D () C:\Program Files (x86)\McAfee
2015-04-14 21:59 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-04-14 21:52 - 2014-06-23 08:26 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-13 18:30 - 2014-01-09 11:06 - 01768510 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-13 18:30 - 2013-09-13 22:22 - 00741062 _____ () C:\Windows\system32\perfh007.dat
2015-04-13 18:30 - 2013-09-13 22:22 - 00155730 _____ () C:\Windows\system32\perfc007.dat
2015-04-13 18:28 - 2014-01-26 22:50 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-04-13 18:28 - 2013-08-22 16:46 - 00026186 _____ () C:\Windows\setupact.log
2015-04-13 18:25 - 2014-01-26 22:50 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-04-12 18:59 - 2014-08-04 15:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-12 18:59 - 2014-06-24 21:55 - 00000000 ____D () C:\Program Files (x86)\Overwolf
2015-04-11 11:58 - 2015-01-05 19:05 - 00001069 _____ () C:\Users\Rick\Desktop\Dropbox.lnk
2015-04-11 11:58 - 2015-01-05 19:03 - 00000000 ____D () C:\Users\Rick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-04-09 02:58 - 2015-03-07 12:37 - 14617288 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-04-09 02:58 - 2014-01-26 22:50 - 17176128 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-04-09 02:58 - 2014-01-26 22:50 - 12689592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-04-09 02:58 - 2014-01-26 22:50 - 03317344 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-04-09 02:58 - 2014-01-26 22:50 - 02935416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-04-09 02:58 - 2014-01-26 22:50 - 00078480 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-04-09 02:58 - 2014-01-26 22:50 - 00066704 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-04-09 02:58 - 2014-01-26 22:50 - 00029329 _____ () C:\Windows\system32\nvinfo.pb
2015-04-08 23:30 - 2014-01-26 22:50 - 06841488 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-04-08 23:30 - 2014-01-26 22:50 - 03478344 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-04-08 23:30 - 2014-01-26 22:50 - 02558608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-04-08 23:30 - 2014-01-26 22:50 - 00936264 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-04-08 23:30 - 2014-01-26 22:50 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-04-08 23:30 - 2014-01-26 22:50 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-04-08 19:52 - 2014-01-26 22:50 - 04336074 _____ () C:\Windows\system32\nvcoproc.bin
2015-04-07 20:14 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-04-07 19:52 - 2014-06-21 03:19 - 00000000 ____D () C:\Users\Rick\AppData\Local\Packages
2015-04-05 14:59 - 2014-01-26 22:59 - 00000025 ___SH () C:\Windows\SysWOW64\ReadTag.ini
2015-04-05 14:59 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-05 14:59 - 2013-08-22 16:44 - 00577560 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-04-05 14:59 - 2013-08-22 15:25 - 00524288 ___SH () C:\Windows\system32\config\BBI
2015-04-03 00:59 - 2014-06-24 21:55 - 00000000 ____D () C:\ProgramData\Overwolf
2015-03-31 21:47 - 2014-06-20 23:50 - 00001400 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk
2015-03-28 05:44 - 2014-06-20 23:52 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-03-28 05:44 - 2014-06-20 23:50 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-03-28 05:43 - 2014-06-20 23:52 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-03-28 05:43 - 2014-06-20 23:50 - 01570672 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-03-22 20:41 - 2014-01-09 10:52 - 00033184 _____ () C:\Windows\PFRO.log
2015-03-22 20:28 - 2014-07-02 18:31 - 00000000 ____D () C:\Users\Rick\AppData\Local\Adobe

==================== Files in the root of some directories =======

2015-03-17 23:28 - 2015-04-17 21:08 - 0007608 _____ () C:\Users\Rick\AppData\Local\Resmon.ResmonCfg
2014-01-09 11:14 - 2014-01-09 11:14 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some content of TEMP:
====================
C:\Users\Rick\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpm8ovor.dll
C:\Users\Rick\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Rick\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Rick\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\Rick\AppData\Local\Temp\nvStInst.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-07 19:44

==================== End Of Log ============================
         
--- --- ---

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-04-2015
Ran by Rick (administrator) on RICKS on 20-04-2015 22:27:03
Running from C:\Users\Rick\Downloads
Loaded Profiles: Rick (Available profiles: Rick)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect 2\creator-ws.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Reimage®) C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
() C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAD2AF.tmp
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\CSP\1.3.374.0\McCSPServiceHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\mcafee\vul\McVulCtr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft) C:\Program Files (x86)\ASUS\ASUS Launcher\Launcher.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\InstallShield Installation Information\{9AF45D7C-34F1-4BA0-B799-825C8C04494C}\AiChargerDT.exe
(ASUSTeK) C:\Program Files (x86)\ASUS\ASUS Manager\Power Manager\Power Manager_background.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Manager\AsHKService.exe
(ASUSTeK) C:\Program Files (x86)\ASUS\ASUS Manager\Ai Charger II\Ai_ChargerII_TrayIcon(ASUS_Manager).exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\vVX3000.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe
(Dropbox, Inc.) C:\Users\Rick\AppData\Roaming\Dropbox\bin\Dropbox.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.84.95.0\OverwolfHelper.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.84.95.0\OverwolfHelper64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(OldTimer Tools) C:\Users\Rick\Downloads\OTL.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17477_none_fa2b7d3b9b36c7b4\TiWorker.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\outlook.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
(Microsoft Corporation) C:\Windows\System32\wermgr.exe
(Microsoft Corporation) C:\Windows\System32\msfeedssync.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7199448 2013-09-05] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-30] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2673296 2015-03-28] (NVIDIA Corporation)
HKLM\...\Run: [VX3000] => C:\Windows\vVX3000.exe [762736 2010-05-20] (Microsoft Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3216032 2014-01-09] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe [643064 2015-02-09] (McAfee, Inc.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-09] (CyberLink Corp.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [590144 2015-03-12] (Razer Inc.)
HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [119152 2010-05-20] (Microsoft Corporation)
HKLM-x32\...\Run: [fst_de_59] => [X]
HKLM-x32\...\Run: [fst_de_60] => [X]
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3412733107-315020943-3521016687-1002\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [40688 2015-04-05] (Overwolf LTD)
Startup: C:\Users\Rick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2014-07-14]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Rick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2014-06-21] ()
Startup: C:\Users\Rick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-01-05]
ShortcutTarget: Dropbox.lnk -> C:\Users\Rick\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3412733107-315020943-3521016687-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKU\S-1-5-21-3412733107-315020943-3521016687-1002 - (No Name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No File
SearchScopes: HKU\S-1-5-21-3412733107-315020943-3521016687-1002 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325582&octid=EB_ORIGINAL_CTID&ISID=M0809D83C-93A7-4FAB-A7E7-43C3823E93F4&SearchSource=58&CUI=&UM=2&UP=SP8F851441-4169-4E82-B4FB-CFAAB7789BBE&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-3412733107-315020943-3521016687-1002 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3325582&octid=EB_ORIGINAL_CTID&ISID=M0809D83C-93A7-4FAB-A7E7-43C3823E93F4&SearchSource=58&CUI=&UM=2&UP=SP8F851441-4169-4E82-B4FB-CFAAB7789BBE&q={searchTerms}&SSPV=
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-02-10] (Microsoft Corporation)
BHO-x32: No Name -> {84FF7BD6-B47F-46F8-9130-01B2696B36CB} ->  No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2015-02-27] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2015-02-27] (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Rick\AppData\Roaming\Mozilla\Firefox\Profiles\ctld6cim.default-1404318921268
FF NewTab: hxxp://www.trovi.com/?gd=&ctid=CT3325582&octid=EB_ORIGINAL_CTID&ISID=M0809D83C-93A7-4FAB-A7E7-43C3823E93F4&SearchSource=69&CUI=&SSPV=&Lay=1&UM=2&UP=SP8F851441-4169-4E82-B4FB-CFAAB7789BBE
FF SelectedSearchEngine: Trovi search
FF Homepage: hxxp://googel.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-02-27] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-19] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-19] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2015-02-27] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll [2011-03-09] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-06-23] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-06] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-04-08] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-04-08] (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll [2014-06-26] (pdfforge GmbH)
FF user.js: detected! => C:\Users\Rick\AppData\Roaming\Mozilla\Firefox\Profiles\ctld6cim.default-1404318921268\user.js [2014-08-04]
FF SearchPlugin: C:\Users\Rick\AppData\Roaming\Mozilla\Firefox\Profiles\ctld6cim.default-1404318921268\searchplugins\trovi-search.xml [2014-08-20]
FF Extension: Block site - C:\Users\Rick\AppData\Roaming\Mozilla\Firefox\Profiles\ctld6cim.default-1404318921268\Extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc} [2014-07-05]
FF Extension: Adblock Plus - C:\Users\Rick\AppData\Roaming\Mozilla\Firefox\Profiles\ctld6cim.default-1404318921268\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-07-05]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2014-01-09]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 0002801429214145mcinstcleanup; C:\Windows\TEMP\000280~1.EXE [851136 2014-08-08] (McAfee, Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2013-08-28] ()
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2714800 2015-02-10] (Microsoft Corporation)
S2 Device Handle Service; C:\Windows\SysWOW64\AsHookDevice.exe [207160 2013-08-08] ()
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-24] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-03-28] (NVIDIA Corporation)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-08] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-19] (Intel Corporation)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [562200 2015-02-27] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\Common Files\mcafee\ActWiz\McAWFwk.exe [334608 2013-07-30] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.3.374.0\McCSPServiceHost.exe [422632 2015-01-22] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [601864 2015-02-27] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1050952 2014-11-06] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [221832 2014-10-01] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [189920 2014-10-01] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [335064 2014-10-31] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1878672 2015-03-28] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22995600 2015-03-28] (NVIDIA Corporation)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [998640 2015-04-05] (Overwolf LTD)
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-06-26] (pdfforge GmbH)
R2 PDF Architect 2 Creator; C:\Program Files (x86)\PDF Architect 2\creator-ws.exe [738856 2014-06-26] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-06-26] (pdfforge GmbH)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187072 2015-02-05] ()
R2 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [7410024 2015-01-14] (Reimage®)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
S4 CltMngSvc; C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe [X]
S4 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe -service [X]
S2 pennybee; "C:\PROGRA~3\pennybee\pennybee.exe" /task=4 /InstallOn=0 /closebr=0 /active=24 /update=24 /interval=2880 /pubId=1004 /affId=10040004 /appId=116 /uId=56396797-FEBF-42BF-ADAB-BDEEBED73214 /version= /Override=0 /regAppName=pennybee /curSID=S-1-5-21-3412733107-315020943-3521016687-1002 /logf=C:\Users\Rick\AppData\Local\10040004_loger_03_01_15_19_29_-1908678308.txt /mac=E03F494BDCB8 /tst=none /ts2=1
S2 Update SpadeCast; "C:\Program Files (x86)\SpadeCast\updateSpadeCast.exe" [X]
S4 WindowsProtectManger; C:\ProgramData\WindowsProtectManger\wprotectmanager.exe -service [X] <==== ATTENTION
S4 wpennybeed; "C:\PROGRA~3\pennybee\wpennybeed.exe" -scm [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AiChargerDT; C:\Windows\SysWow64\drivers\AiChargerDT.sys [14880 2012-10-18] (ASUSTek Computer Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72136 2014-10-01] (McAfee, Inc.)
R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d64x64.sys [469264 2013-06-26] (Intel Corporation)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-19] (Intel Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181584 2014-10-01] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313680 2014-10-01] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70608 2014-10-01] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [526360 2014-10-01] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786304 2014-10-01] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [447440 2014-09-19] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96600 2014-09-19] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348560 2014-10-01] (McAfee, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-28] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [39592 2014-12-30] (Razer Inc)
R3 rzjstk; C:\Windows\System32\drivers\rzjstk.sys [27816 2014-12-30] (Razer Inc)
R3 rzkeypadendpt; C:\Windows\System32\drivers\rzkeypadendpt.sys [32936 2014-05-19] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-02-05] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129600 2014-12-10] (Razer, Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
R1 {9a9157bb-003e-4fef-8bd1-c09bc4586a28}Gw64; C:\Windows\System32\drivers\{9a9157bb-003e-4fef-8bd1-c09bc4586a28}Gw64.sys [61632 2014-07-31] (StdLib)
R1 {f64c1459-b911-4fd8-a74e-36a496bf26e3}Gw64; C:\Windows\System32\drivers\{f64c1459-b911-4fd8-a74e-36a496bf26e3}Gw64.sys [61112 2014-06-21] (StdLib)
S3 athur; \SystemRoot\system32\DRIVERS\athuw8x.sys [X]
S3 SPPD; \??\C:\Windows\system32\drivers\SPPD.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-20 22:27 - 2015-04-20 22:27 - 00022089 _____ () C:\Users\Rick\Downloads\FRST.txt
2015-04-20 22:26 - 2015-04-20 22:27 - 00000000 ____D () C:\FRST
2015-04-20 22:26 - 2015-04-20 22:26 - 02099712 _____ (Farbar) C:\Users\Rick\Downloads\FRST64.exe
2015-04-20 22:12 - 2015-04-20 22:12 - 00099008 _____ () C:\Users\Rick\Downloads\Extras.Txt
2015-04-20 22:11 - 2015-04-20 22:11 - 00112646 _____ () C:\Users\Rick\Downloads\OTL.Txt
2015-04-20 21:48 - 2015-04-20 21:48 - 00602112 _____ (OldTimer Tools) C:\Users\Rick\Downloads\OTL.exe
2015-04-20 20:02 - 2015-04-20 20:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2015-04-16 21:56 - 2013-09-23 13:49 - 00197704 _____ (McAfee, Inc.) C:\Windows\system32\Drivers\HipShieldK.sys
2015-04-14 21:52 - 2015-04-14 21:52 - 18178736 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-04-13 18:28 - 2015-04-08 22:32 - 00560968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-04-13 18:21 - 2015-04-09 02:58 - 31570064 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-04-13 18:21 - 2015-04-09 02:58 - 30397072 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-04-13 18:21 - 2015-04-09 02:58 - 25375048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-04-13 18:21 - 2015-04-09 02:58 - 24053576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-04-13 18:21 - 2015-04-09 02:58 - 15818528 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-04-13 18:21 - 2015-04-09 02:58 - 15716232 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-04-13 18:21 - 2015-04-09 02:58 - 14006752 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-04-13 18:21 - 2015-04-09 02:58 - 12852784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-04-13 18:21 - 2015-04-09 02:58 - 11380728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-04-13 18:21 - 2015-04-09 02:58 - 10423952 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-04-13 18:21 - 2015-04-09 02:58 - 02896528 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-04-13 18:21 - 2015-04-09 02:58 - 02573456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-04-13 18:21 - 2015-04-09 02:58 - 01895568 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435012.dll
2015-04-13 18:21 - 2015-04-09 02:58 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435012.dll
2015-04-13 18:21 - 2015-04-09 02:58 - 01086424 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-04-13 18:21 - 2015-04-09 02:58 - 01047368 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-04-13 18:21 - 2015-04-09 02:58 - 01037640 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-04-13 18:21 - 2015-04-09 02:58 - 00970568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-04-13 18:21 - 2015-04-09 02:58 - 00962192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-04-13 18:21 - 2015-04-09 02:58 - 00927440 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-04-13 18:21 - 2015-04-09 02:58 - 00849552 _____ () C:\Windows\system32\nvmcumd.dll
2015-04-13 18:21 - 2015-04-09 02:58 - 00499344 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-04-13 18:21 - 2015-04-09 02:58 - 00402576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-04-13 18:21 - 2015-04-09 02:58 - 00390472 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-04-13 18:21 - 2015-04-09 02:58 - 00346256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-04-13 18:21 - 2015-04-09 02:58 - 00175880 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-04-13 18:21 - 2015-04-09 02:58 - 00154256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-04-13 18:21 - 2015-04-09 02:58 - 00150648 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-04-13 18:21 - 2015-04-09 02:58 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-04-12 12:37 - 2015-04-12 12:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-20 22:27 - 2013-08-22 17:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-04-20 22:25 - 2014-10-13 08:15 - 00000908 _____ () C:\Windows\Tasks\pennybee Runner.job
2015-04-20 22:11 - 2014-06-21 03:23 - 00003914 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{7C5AB8B4-B008-46F7-8B14-9A9C05C16C9A}
2015-04-20 22:00 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2015-04-20 21:54 - 2014-06-24 21:57 - 00000000 ____D () C:\Users\Rick\AppData\Roaming\TS3Client
2015-04-20 21:50 - 2014-06-23 08:26 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-20 21:33 - 2014-01-26 22:50 - 01325771 _____ () C:\Windows\WindowsUpdate.log
2015-04-20 20:07 - 2014-06-21 03:27 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3412733107-315020943-3521016687-1002
2015-04-20 19:07 - 2014-06-23 08:23 - 00005120 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for RICKS-Rick Ricks
2015-04-20 19:04 - 2014-08-23 19:44 - 00007812 _____ () C:\Windows\system32\ScanResults.xml
2015-04-20 18:58 - 2015-03-05 22:23 - 00000464 _____ () C:\Windows\system32\ScannerSettings
2015-04-20 18:44 - 2014-06-21 03:22 - 00000000 __RDO () C:\Users\Rick\SkyDrive
2015-04-20 18:43 - 2015-01-05 19:05 - 00000000 ___RD () C:\Users\Rick\Dropbox
2015-04-20 18:43 - 2015-01-05 18:57 - 00000000 ____D () C:\Users\Rick\AppData\Roaming\Dropbox
2015-04-20 18:43 - 2014-06-24 21:54 - 00000000 ____D () C:\Users\Rick\AppData\Local\Overwolf
2015-04-20 18:43 - 2014-06-21 04:40 - 00000000 ____D () C:\Users\Rick\AppData\Local\Deployment
2015-04-17 21:08 - 2015-03-17 23:28 - 00007608 _____ () C:\Users\Rick\AppData\Local\Resmon.ResmonCfg
2015-04-16 21:55 - 2014-01-09 11:29 - 00000000 ____D () C:\Program Files (x86)\McAfee
2015-04-14 21:59 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-04-14 21:52 - 2014-06-23 08:26 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-13 18:30 - 2014-01-09 11:06 - 01768510 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-13 18:30 - 2013-09-13 22:22 - 00741062 _____ () C:\Windows\system32\perfh007.dat
2015-04-13 18:30 - 2013-09-13 22:22 - 00155730 _____ () C:\Windows\system32\perfc007.dat
2015-04-13 18:28 - 2014-01-26 22:50 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-04-13 18:28 - 2013-08-22 16:46 - 00026186 _____ () C:\Windows\setupact.log
2015-04-13 18:25 - 2014-01-26 22:50 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-04-12 18:59 - 2014-08-04 15:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-12 18:59 - 2014-06-24 21:55 - 00000000 ____D () C:\Program Files (x86)\Overwolf
2015-04-11 11:58 - 2015-01-05 19:05 - 00001069 _____ () C:\Users\Rick\Desktop\Dropbox.lnk
2015-04-11 11:58 - 2015-01-05 19:03 - 00000000 ____D () C:\Users\Rick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-04-09 02:58 - 2015-03-07 12:37 - 14617288 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-04-09 02:58 - 2014-01-26 22:50 - 17176128 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-04-09 02:58 - 2014-01-26 22:50 - 12689592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-04-09 02:58 - 2014-01-26 22:50 - 03317344 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-04-09 02:58 - 2014-01-26 22:50 - 02935416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-04-09 02:58 - 2014-01-26 22:50 - 00078480 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-04-09 02:58 - 2014-01-26 22:50 - 00066704 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-04-09 02:58 - 2014-01-26 22:50 - 00029329 _____ () C:\Windows\system32\nvinfo.pb
2015-04-08 23:30 - 2014-01-26 22:50 - 06841488 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-04-08 23:30 - 2014-01-26 22:50 - 03478344 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-04-08 23:30 - 2014-01-26 22:50 - 02558608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-04-08 23:30 - 2014-01-26 22:50 - 00936264 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-04-08 23:30 - 2014-01-26 22:50 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-04-08 23:30 - 2014-01-26 22:50 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-04-08 19:52 - 2014-01-26 22:50 - 04336074 _____ () C:\Windows\system32\nvcoproc.bin
2015-04-07 20:14 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-04-07 19:52 - 2014-06-21 03:19 - 00000000 ____D () C:\Users\Rick\AppData\Local\Packages
2015-04-05 14:59 - 2014-01-26 22:59 - 00000025 ___SH () C:\Windows\SysWOW64\ReadTag.ini
2015-04-05 14:59 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-05 14:59 - 2013-08-22 16:44 - 00577560 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-04-05 14:59 - 2013-08-22 15:25 - 00524288 ___SH () C:\Windows\system32\config\BBI
2015-04-03 00:59 - 2014-06-24 21:55 - 00000000 ____D () C:\ProgramData\Overwolf
2015-03-31 21:47 - 2014-06-20 23:50 - 00001400 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk
2015-03-28 05:44 - 2014-06-20 23:52 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-03-28 05:44 - 2014-06-20 23:50 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-03-28 05:43 - 2014-06-20 23:52 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-03-28 05:43 - 2014-06-20 23:50 - 01570672 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-03-22 20:41 - 2014-01-09 10:52 - 00033184 _____ () C:\Windows\PFRO.log
2015-03-22 20:28 - 2014-07-02 18:31 - 00000000 ____D () C:\Users\Rick\AppData\Local\Adobe

==================== Files in the root of some directories =======

2015-03-17 23:28 - 2015-04-17 21:08 - 0007608 _____ () C:\Users\Rick\AppData\Local\Resmon.ResmonCfg
2014-01-09 11:14 - 2014-01-09 11:14 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some content of TEMP:
====================
C:\Users\Rick\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpm8ovor.dll
C:\Users\Rick\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Rick\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Rick\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\Rick\AppData\Local\Temp\nvStInst.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-07 19:44

==================== End Of Log ============================
         
--- --- ---
__________________

Alt 20.04.2015, 22:07   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Rechner lahmt kann wer was finden? - Standard

Rechner lahmt kann wer was finden?



1.) Was ist mit meiner Frage nach bisherigen Funden und wenn es welche gab, den Logs dazu?

2.) Du hast 2x die FRST.txt gepostet - Addition.txt bitte nachreichen

3.)
Zitat:
Running from C:\Users\Rick\Downloads
Leider hast du unsere Anleitung nicht richtig befolgt:
Bitte alle Tools direkt auf den Desktop downloaden bzw. dorthin verschieben und vom Desktop starten, da unsere Anleitungen daraufhin ausgelegt sind.
Zudem lassen sich dann am Ende der Bereinigung alle verwendeten Tools sehr einfach entfernen. Alle Tools bis zum Ende der Bereinigung auf dem Desktop lassen, evtl. benötigen wir manche öfter.

FRST jetzt nicht nochmal starten, es war nur ein Hinweis, dass du bitte fortan alle unsere Tools auf den Desktop ablegst!
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Antwort

Themen zu Rechner lahmt kann wer was finden?
100%, autorun, bho, defender, error, excel, flash player, format, homepage, iexplore.exe, install.exe, installation, langsam, livecomm.exe, logfile, mozilla, programm, realtek, refresh, registry, reimage repair, rundll, scan, security, server, software, svchost.exe, teamspeak, windows



Ähnliche Themen: Rechner lahmt kann wer was finden?


  1. xp rechner lahmt zu sehr für einen P4 mit 3.2 ghz
    Log-Analyse und Auswertung - 12.01.2015 (7)
  2. Windows 7: Rechner hängt sich einfach auf. Kann Fehler nicht finden.
    Log-Analyse und Auswertung - 08.01.2015 (20)
  3. Windows 7: Rechner lahmt durch Systweak und Co.
    Plagegeister aller Art und deren Bekämpfung - 23.08.2014 (9)
  4. Win7/64 bit Rechner lahmt und hängt sich auf
    Log-Analyse und Auswertung - 13.03.2014 (2)
  5. Win7/64 bit Rechner lahmt
    Alles rund um Windows - 02.02.2013 (10)
  6. Bot-Netz Rechner im LAN finden
    Antiviren-, Firewall- und andere Schutzprogramme - 08.06.2012 (2)
  7. Weiterleitung zu Gomeo u.a., Rechner lahmt, I-Net Verbindung lahmt -> Panik
    Plagegeister aller Art und deren Bekämpfung - 09.02.2011 (1)
  8. Rechner lahmt
    Mülltonne - 03.01.2009 (0)
  9. Rechner lahmt aber wieso?
    Log-Analyse und Auswertung - 14.11.2008 (1)
  10. Rechner lahmt - Bitte um Logfile-Prüfung
    Log-Analyse und Auswertung - 13.03.2008 (2)
  11. Rechner lahmt - Bitte um Logfile-Prüfung
    Mülltonne - 13.02.2008 (0)
  12. Bearshare Lite und der Rechner lahmt
    Plagegeister aller Art und deren Bekämpfung - 02.08.2006 (6)
  13. Rechner lahmt
    Plagegeister aller Art und deren Bekämpfung - 31.05.2006 (1)
  14. Rechner von Schwester lahmt!
    Mülltonne - 27.05.2006 (2)
  15. Rechner lahmt
    Plagegeister aller Art und deren Bekämpfung - 26.07.2005 (2)
  16. rechner lahmt
    Log-Analyse und Auswertung - 26.01.2005 (8)
  17. Rechner finden sich nicht
    Alles rund um Windows - 29.05.2003 (9)

Zum Thema Rechner lahmt kann wer was finden? - Hey seit ein paar Tagen ist er gefühlt sehr langsam stellenweise im Task Manager 100% Datenträgerauslastung. Danke für die Hilfe Extras: OTL Extras logfile created on: 20.04.2015 21:48:51 - Run - Rechner lahmt kann wer was finden?...
Archiv
Du betrachtest: Rechner lahmt kann wer was finden? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.