Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Win7 extrem langsam

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 06.01.2016, 01:20   #1
Obster79
 
Win7 extrem langsam - Standard

Win7 extrem langsam



Hallo zusammen,

nachdem ich dank burningice über Weihnachten bereits einen Rechner wieder hinbekommen habe, folgt hier nun leider der nächste Fall (anderer Rechner).

Es würde mich freuen, wenn auch das klappen würde!

Vielen Dank!


FRST Logfile:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:31-12-2015
durchgeführt von ObiMobil (Administrator) auf OBIMOBIL-PC (06-01-2016 02:03:19)
Gestartet von C:\Users\ObiMobil\Desktop
Geladene Profile: ObiMobil (Verfügbare Profile: ObiMobil)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
() C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe
() C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
(Arainia Solutions) C:\Program Files (x86)\Gizmo\gservice.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Crawler.com) C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Telefónica) C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe
(Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Google Inc.) C:\Users\ObiMobil\AppData\Local\Google\Update\GoogleUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Spotify Ltd) C:\Users\ObiMobil\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Spotify Ltd) C:\Users\ObiMobil\AppData\Roaming\Spotify\Spotify.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Dropbox, Inc.) C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\BrownyInd\Brother\BrIndicator.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google) C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\SwReporter\5.39.1\software_reporter_tool.exe
(Spotify Ltd) C:\Users\ObiMobil\AppData\Roaming\Spotify\Spotify.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Spotify Ltd) C:\Users\ObiMobil\AppData\Roaming\Spotify\Spotify.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\nacl64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Synology Inc.) C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\bin\cloud-ui.exe
(Synology Inc.) C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\bin\cloud-connect.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Synology Inc.) C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\bin\cloud-daemon.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Browser Safety\AviraBrowserSafetyUpdater.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10920552 2010-06-22] (Realtek Semiconductor)
HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [649608 2010-04-13] (ELAN Microelectronic Corp.)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [861216 2010-06-11] (Acer Incorporated)
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1012000 2013-05-16] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-04-13] (Intel Corporation)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4509184 2012-12-27] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsInd00] => C:\Program Files (x86)\BrownyInd\Brother\BrIndicator.exe [1885184 2012-12-18] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [803200 2015-12-01] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66936 2015-08-13] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-3542069035-4146575090-2512792040-1000\...\Run: [Google Update] => C:\Users\ObiMobil\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc.)
HKU\S-1-5-21-3542069035-4146575090-2512792040-1000\...\Run: [GoogleChromeAutoLaunch_37C141540D42E9440C7C9BFC5A699C9B] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [741704 2015-12-11] (Google Inc.)
HKU\S-1-5-21-3542069035-4146575090-2512792040-1000\...\Run: [NetDrive] => "C:\Program Files\NetDrive\netdrive.exe" -tray
HKU\S-1-5-21-3542069035-4146575090-2512792040-1000\...\Run: [Dropbox Update] => C:\Users\ObiMobil\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-13] (Dropbox, Inc.)
HKU\S-1-5-21-3542069035-4146575090-2512792040-1000\...\Run: [Spotify Web Helper] => C:\Users\ObiMobil\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2541160 2015-12-15] (Spotify Ltd)
HKU\S-1-5-21-3542069035-4146575090-2512792040-1000\...\Run: [Spotify] => C:\Users\ObiMobil\AppData\Roaming\Spotify\Spotify.exe [7660648 2015-12-15] (Spotify Ltd)
HKU\S-1-5-21-3542069035-4146575090-2512792040-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50378880 2015-12-17] (Skype Technologies S.A.)
HKU\S-1-5-21-3542069035-4146575090-2512792040-1000\...\Run: [GizmoDriveDelegate] => RUNDLL32.EXE C:\PROGRA~2\GIZMO\GDRIVE.DLL,Remount_Startup_Images
HKU\S-1-5-21-3542069035-4146575090-2512792040-1000\...\MountPoints2: {1847c4b3-df37-11e2-8065-88ae1d993631} - E:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-3542069035-4146575090-2512792040-1000\...\MountPoints2: {943ef55c-f443-11e2-aadd-88ae1d993631} - E:\LGAutoRun.exe
HKU\S-1-5-18\...\Run: [Bitdefender-Geldb�rse-Agent] => "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"
HKU\S-1-5-18\...\Run: [Bitdefender-Geldb�rse] => "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard
HKU\S-1-5-18\...\Run: [Bitdefender-Geldb�rse-Anwendungs-Agent] => "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe"
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-05-01] (Microsoft Corporation)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [01UnsuppModule] -> {AEB16659-2125-4ADA-A4AB-45EE21E86469} => C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2015-12-15] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [02SyncingModule] -> {48AB5ADA-36B1-4137-99C9-2BD97F8788AB} => C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2015-12-15] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [03SyncedModule] -> {472CE1AD-5D53-4BCF-A1FB-3982A5F55138} => C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2015-12-15] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [04ReadOnlyModule] -> {A433C3E0-8B24-40EB-93C3-4B10D9959F58} => C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2015-12-15] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [05NoPermModule] -> {C701AD67-3DF0-47C9-89CB-DFA6207BE229} => C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2015-12-15] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec MyWinLocker\x64\psdprotect.dll [2010-05-27] (Egis Technology Inc.)
ShellIconOverlayIdentifiers-x32: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec MyWinLocker\x86\psdprotect.dll [2010-05-27] (Egis Technology Inc.)
Startup: C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk [2014-06-24]
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\ObiMobil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-12-10]
ShortcutTarget: Dropbox.lnk -> C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\ObiMobil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Synology Cloud Station.lnk [2016-01-05]
ShortcutTarget: Synology Cloud Station.lnk -> C:\Program Files (x86)\Synology\CloudStation\bin\launcher.exe (Synology Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8236A716-D9CA-4035-BE12-FFBB4D10582A}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{FBE8EDFF-40B4-4F01-B66D-8CE039DB5E4E}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-3542069035-4146575090-2512792040-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM-x32 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKU\.DEFAULT -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKU\.DEFAULT -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000 -> DefaultScope {EE770228-9073-418C-A205-A8240727B4F1} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=1f1602d9-83d5-4527-92b9-88debd4bcadf&apn_sauid=6B5877E9-EC45-468A-9D82-CBBDE565AD18
SearchScopes: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE411
SearchScopes: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000 -> {EE770228-9073-418C-A205-A8240727B4F1} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=1f1602d9-83d5-4527-92b9-88debd4bcadf&apn_sauid=6B5877E9-EC45-468A-9D82-CBBDE565AD18
BHO: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-04-22] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-20] (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-04-22] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-04-01] (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10] (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-20] (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-21] (Microsoft Corporation)
BHO-x32: AviraBrowserSafety.BrowserSafety -> {c3c77255-42c0-499f-b664-6e981a0b1647} -> C:\Windows\SysWOW64\mscoree.dll [2010-11-05] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-04-01] (Oracle Corporation)
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-20] (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-20] (Google Inc.)
Toolbar: HKU\.DEFAULT -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-20] (Google Inc.)
Toolbar: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-20] (Google Inc.)
Toolbar: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000 -> Kein Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  Keine Datei
Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\Windows\SysWOW64\mscoree.dll [2010-11-05] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\ObiMobil\AppData\Roaming\Mozilla\Firefox\Profiles\vairnhic.default
FF SearchEngineOrder.1: Ask.com
FF SelectedSearchEngine: Ask.com
FF Homepage: hxxp://search.avira.com/?l=dis&o=APN10261&gct=hp&dc=EU&locale=de_DE
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll [2016-01-06] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll [2016-01-06] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-04-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-04-01] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2013-10-17] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-06-21] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-06-21] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2012-10-03] (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3542069035-4146575090-2512792040-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\ObiMobil\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-3542069035-4146575090-2512792040-1000: @talk.google.com/O1DPlugin -> C:\Users\ObiMobil\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-3542069035-4146575090-2512792040-1000: @tools.google.com/Google Update;version=3 -> C:\Users\ObiMobil\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin HKU\S-1-5-21-3542069035-4146575090-2512792040-1000: @tools.google.com/Google Update;version=9 -> C:\Users\ObiMobil\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin HKU\S-1-5-21-3542069035-4146575090-2512792040-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\ObiMobil\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-11-25] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3542069035-4146575090-2512792040-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2012-10-03] (Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2013-10-17] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\ObiMobil\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\ObiMobil\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Extension: Avira Browser Safety - C:\Users\ObiMobil\AppData\Roaming\Mozilla\Firefox\Profiles\vairnhic.default\Extensions\abs@avira.com [2016-01-05]
FF Extension: Firebug - C:\Users\ObiMobil\AppData\Roaming\Mozilla\Firefox\Profiles\vairnhic.default\Extensions\firebug@software.joehewitt.com.xpi [2015-10-30]

Chrome: 
=======
CHR HomePage: Default -> hxxp://google.de/
CHR StartupUrls: Default -> "file:///C:/Users/ObiMobil/Downloads/akkordeon-johannschill/index.html"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.79\PepperFlash\pepflashplayer.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_278.dll => Keine Datei
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\ppGoogleNaClPluginChrome.dll => Keine Datei
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\pdf.dll => Keine Datei
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll => Keine Datei
CHR Plugin: (Google Talk Plugin) - C:\Users\ObiMobil\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\ObiMobil\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll => Keine Datei
CHR Plugin: (AmazonMP3DownloaderPlugin) - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll => Keine Datei
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll => Keine Datei
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll => Keine Datei
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll => Keine Datei
CHR Profile: C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Awesome Screenshot: Screen capture, Annotate) - C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Extensions\alelhddbbhepgpmgidjdcjakblofbmce [2015-05-04]
CHR Extension: (Web Developer) - C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbameneiokkgbdmiekhjnmfkcnldhhm [2015-07-21]
CHR Extension: (YouTube) - C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-28]
CHR Extension: (FTP Editor) - C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljonifjecojdgoejokjfdffgpgliic [2013-01-07]
CHR Extension: (OneTab) - C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Extensions\chphlpgkkbolifaimnlloiipkdnihall [2014-07-21]
CHR Extension: (Google-Suche) - C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-04]
CHR Extension: (SEO SERP Workbench) - C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehbgolklgacemnfnmkkpgekngaaggjjl [2014-01-10]
CHR Extension: (ZenMate Security, Privacy & Unblock VPN) - C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2015-11-18]
CHR Extension: (Springpad) - C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkmopoamfjnmppabeaphohombnjcjgla [2013-11-01]
CHR Extension: (feedly) - C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob [2014-09-02]
CHR Extension: (Screenleap) - C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Extensions\hpcipbhehomfgjbgnajdhiahhdeeffbg [2015-11-18]
CHR Extension: (ModHeader) - C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Extensions\idgpnmonknjnojddfkpgkljpfnnfcklj [2015-09-10]
CHR Extension: (WhatFont) - C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Extensions\jabopobgcpjmedljpbcaablpmlmfcogm [2015-08-19]
CHR Extension: (Codey) - C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbalghnpcjmlpmmocijdfoghihgocakd [2013-01-07]
CHR Extension: (Erfassen Webseite Screenshot - FireShot) - C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2015-12-15]
CHR Extension: (Save to Pocket) - C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2015-11-04]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-29]
CHR Extension: (Mixmax: Free Unlimited Email Tracking & more) - C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocpljaamllnldhepankaeljmeeeghnid [2015-11-04]
CHR Extension: (ColorPick Eyedropper) - C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohcpnigalekghcmgcdcenkpelffpdolg [2015-03-21]
CHR Extension: (Google Mail) - C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-31]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [948392 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1418560 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [228104 2015-08-13] (Avira Operations GmbH & Co. KG)
R2 Belkin Local Backup Service; C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe [181760 2010-02-17] () [Datei ist nicht signiert]
R2 Belkin Network USB Helper; C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe [55296 2010-02-09] () [Datei ist nicht signiert]
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 EPSON_EB_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE [163840 2007-12-17] (SEIKO EPSON CORPORATION) [Datei ist nicht signiert]
R2 EPSON_PM_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE [126464 2007-01-11] (SEIKO EPSON CORPORATION) [Datei ist nicht signiert]
R2 Gizmo Central; C:\Program Files (x86)\Gizmo\gservice.exe [31856 2010-12-28] (Arainia Solutions) [Datei ist nicht signiert]
S3 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-05-27] (Egis Technology Inc.)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-10] (NVIDIA Corporation)
R2 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [1149104 2013-04-03] (Crawler.com)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5491984 2015-05-13] (TeamViewer GmbH)
R2 TGCM_ImportWiFiSvc; C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe [201344 2012-01-10] (Telefónica)
R2 VMCService; C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [14336 2008-07-04] (Vodafone) [Datei ist nicht signiert]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 UPDATESRV; "C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe" /service [X]
S4 VSSERV; "C:\Program Files\Bitdefender\Bitdefender\vsserv.exe" /service [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 AVerAF35; C:\Windows\System32\Drivers\AVerAF35.sys [677632 2010-03-16] (AVerMedia TECHNOLOGIES, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162072 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [140448 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-03-17] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [75472 2015-12-01] (Avira Operations GmbH & Co. KG)
S3 cpuz137; C:\Program Files (x86)\CPUID\PC Wizard 2015\pcwiz_x64.sys [26856 2014-02-17] (CPUID)
S3 cxbu0x64; C:\Windows\System32\DRIVERS\cxbu0x64.sys [173952 2010-01-25] (HID Global Corporation)
R2 DRHARD64; C:\Windows\system32\drivers\DRHARD64.sys [21984 2011-11-03] (Licensed for Gebhard Software)
R2 DRHARD64; C:\Windows\SysWOW64\drivers\DRHARD64.sys [21984 2011-11-03] (Licensed for Gebhard Software)
R2 DRHMSR64; C:\Windows\system32\drivers\DRHMSR64.sys [14760 2011-12-06] ()
R2 DRHMSR64; C:\Windows\SysWOW64\drivers\DRHMSR64.sys [14760 2011-12-06] ()
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 GizmoDrv; C:\Windows\System32\Drivers\GizmoDrv.sys [32840 2010-12-28] (Arainia Solutions LLC)
S3 massfilter_hs; C:\Windows\System32\drivers\massfilter_hs.sys [12800 2010-10-15] (ZTE Incorporated)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)
R2 sp_rsdrv2; C:\Windows\System32\DRIVERS\stflt.sys [51496 2015-04-09] (Windows (R) Win 7 DDK provider)
R2 sxuptp; C:\Windows\System32\DRIVERS\sxuptp.sys [291352 2009-06-22] (silex technology, Inc.)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] ()
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 NLNdisMP; system32\DRIVERS\nlndis.sys [X]
S3 NLNdisPT; system32\DRIVERS\nlndis.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-01-06 02:03 - 2016-01-06 02:05 - 00043260 _____ C:\Users\ObiMobil\Desktop\FRST.txt
2016-01-06 02:02 - 2016-01-06 02:03 - 00000000 ____D C:\FRST
2016-01-06 02:00 - 2016-01-06 02:00 - 02370560 _____ (Farbar) C:\Users\ObiMobil\Desktop\FRST64.exe
2016-01-06 01:49 - 2016-01-06 01:49 - 09479872 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2016-01-03 20:10 - 2016-01-03 20:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-01-03 20:10 - 2016-01-03 20:10 - 00002699 _____ C:\Users\Public\Desktop\Skype.lnk
2016-01-03 20:10 - 2016-01-03 20:10 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-12-17 20:09 - 2015-12-17 20:09 - 03012606 _____ C:\Users\ObiMobil\Downloads\marketing_master_list_15-12-15.xlsx
2015-12-17 20:05 - 2015-12-17 20:05 - 20737480 _____ C:\Users\ObiMobil\Downloads\Präsentation1.pptx
2015-12-10 00:42 - 2015-12-10 00:42 - 00000000 ____D C:\Users\ObiMobil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-01-06 02:05 - 2009-07-14 05:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-06 02:05 - 2009-07-14 05:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-06 02:03 - 2007-07-12 02:48 - 00000000 ____D C:\Windows
2016-01-06 02:00 - 2010-12-22 18:48 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-06 01:55 - 2013-10-10 16:12 - 00000000 ____D C:\Users\ObiMobil\AppData\Roaming\Spotify
2016-01-06 01:53 - 2012-04-15 22:16 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-01-06 01:52 - 2015-06-13 09:09 - 00001236 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3542069035-4146575090-2512792040-1000UA.job
2016-01-06 01:52 - 2012-04-15 22:16 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-01-06 01:51 - 2012-04-15 22:16 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-01-06 01:51 - 2012-04-15 22:16 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-06 01:47 - 2015-06-13 09:09 - 00001184 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3542069035-4146575090-2512792040-1000Core.job
2016-01-06 01:47 - 2010-12-27 19:49 - 00000000 ____D C:\Users\ObiMobil\AppData\Roaming\Skype
2016-01-06 01:45 - 2013-10-10 16:13 - 00000000 ____D C:\Users\ObiMobil\AppData\Local\Spotify
2016-01-05 19:06 - 2015-08-01 12:07 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-01-05 18:57 - 2015-04-07 12:00 - 00000000 ___RD C:\Users\ObiMobil\Dropbox
2016-01-05 18:56 - 2012-10-15 19:56 - 00000000 ____D C:\Users\ObiMobil\AppData\Roaming\Dropbox
2016-01-05 18:56 - 2010-09-18 20:37 - 02653544 _____ C:\Windows\system32\perfh007.dat
2016-01-05 18:56 - 2010-09-18 20:37 - 00780556 _____ C:\Windows\system32\perfc007.dat
2016-01-05 18:56 - 2009-07-14 06:13 - 00006540 _____ C:\Windows\system32\PerfStringBackup.INI
2016-01-05 18:51 - 2010-12-22 18:48 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-05 18:49 - 2010-09-18 10:53 - 00000000 ____D C:\ProgramData\NVIDIA
2016-01-05 18:49 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-03 20:10 - 2014-03-24 20:14 - 00000000 ____D C:\Users\ObiMobil\AppData\Local\Skype
2016-01-03 20:10 - 2010-12-27 19:49 - 00000000 ____D C:\ProgramData\Skype
2015-12-20 11:55 - 2011-09-09 19:11 - 00001080 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3542069035-4146575090-2512792040-1000Core.job
2015-12-17 00:07 - 2013-05-02 03:47 - 00000000 ____D C:\Users\ObiMobil\AppData\Roaming\Mozilla
2015-12-15 20:29 - 2014-12-30 12:07 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-12-15 20:21 - 2015-05-28 13:54 - 00000000 ____D C:\Users\ObiMobil\AppData\Local\CloudStation
2015-12-15 20:12 - 2013-05-08 10:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2010-12-28 20:06 - 2014-07-20 18:57 - 0001164 _____ () C:\Users\ObiMobil\AppData\Local\crc32list11.txt
2010-12-22 22:00 - 2010-12-22 22:15 - 0003584 _____ () C:\Users\ObiMobil\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-06-25 19:58 - 2013-06-25 20:08 - 0000600 _____ () C:\Users\ObiMobil\AppData\Local\PUTTY.RND
2010-12-22 15:46 - 2015-08-27 18:04 - 0007650 _____ () C:\Users\ObiMobil\AppData\Local\Resmon.ResmonCfg
2013-02-19 12:11 - 2013-02-19 12:11 - 21748128 _____ () C:\Users\ObiMobil\AppData\Local\TempFullTiltPokerEuSetup.exe
2011-06-26 17:25 - 2011-06-26 17:25 - 0000000 _____ () C:\Users\ObiMobil\AppData\Local\{76B0BBCC-D61A-4313-A85F-56880C5B8021}
2014-01-03 16:23 - 2014-01-03 16:23 - 0607257 _____ () C:\ProgramData\1388761744.bdinstall.bin
2015-03-31 15:12 - 2015-03-31 15:12 - 0254947 _____ () C:\ProgramData\1427800764.bdinstall.bin
2008-05-23 16:48 - 2008-05-23 16:48 - 0020270 _____ () C:\ProgramData\DeviceInstaller.xml
2008-06-23 12:02 - 2008-06-23 12:02 - 0097410 ____R () C:\ProgramData\DeviceManager.xml.rc4
2010-07-13 12:45 - 2010-03-02 23:59 - 0131984 _____ () C:\ProgramData\FullRemove.exe
2015-06-30 17:38 - 2015-06-30 17:38 - 0000098 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc

Einige Dateien in TEMP:
====================
C:\Users\ObiMobil\AppData\Local\Temp\avgnt.exe
C:\Users\ObiMobil\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp9c6_hh.dll
C:\Users\ObiMobil\AppData\Local\Temp\GURD823.exe
C:\Users\ObiMobil\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\ObiMobil\AppData\Local\Temp\jre-7u60-windows-i586-iftw.exe
C:\Users\ObiMobil\AppData\Local\Temp\jre-8u40-windows-au.exe
C:\Users\ObiMobil\AppData\Local\Temp\ose00000.exe
C:\Users\ObiMobil\AppData\Local\Temp\ose00001.exe
C:\Users\ObiMobil\AppData\Local\Temp\paint.net.4.0.5.install.exe
C:\Users\ObiMobil\AppData\Local\Temp\sfamcc00001.dll
C:\Users\ObiMobil\AppData\Local\Temp\sfamcc00002.dll
C:\Users\ObiMobil\AppData\Local\Temp\sfareca00001.dll
C:\Users\ObiMobil\AppData\Local\Temp\sfareca00002.dll
C:\Users\ObiMobil\AppData\Local\Temp\sfextra.dll
C:\Users\ObiMobil\AppData\Local\Temp\SHSetup.exe
C:\Users\ObiMobil\AppData\Local\Temp\SkypeSetup.exe
C:\Users\ObiMobil\AppData\Local\Temp\Synology Cloud Station-3.2-3475.exe
C:\Users\ObiMobil\AppData\Local\Temp\Synology Cloud Station-3.2-3479.exe
C:\Users\ObiMobil\AppData\Local\Temp\Synology-Cloud-Station-Drive-Upgrader.exe
C:\Users\ObiMobil\AppData\Local\Temp\Synology-Cloud-Station-Upgrader.exe
C:\Users\ObiMobil\AppData\Local\Temp\_isA04D.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-12-20 00:10

==================== Ende von FRST.txt ============================
         
--- --- ---


Soll ich die Additions im nächsten Post machen?

Alt 06.01.2016, 16:59   #2
M-K-D-B
/// TB-Ausbilder
 
Win7 extrem langsam - Standard

Win7 extrem langsam






Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.


Bitte beachte folgende Hinweise:
  • Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
  • Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
  • Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
  • Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
  • Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
  • Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort als Administrator zu starten!



Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:
So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!




Ja, Addition.txt im nächsten Post, zudem noch bitte folgendes:







Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.







Bitte poste mit deiner nächsten Antwort
  • die Logdatei von TDSS-Killer,
  • die Logdatei von FRST (Addition.txt).
__________________

__________________

Alt 06.01.2016, 17:24   #3
Obster79
 
Win7 extrem langsam - Standard

Win7 extrem langsam



Hallo Matthias,

vielen Dank für deine Hilfe.

Hier die beiden Logs:

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:31-12-2015
durchgeführt von ObiMobil (2016-01-06 02:06:35)
Gestartet von C:\Users\ObiMobil\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2010-12-22 13:52:14)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3542069035-4146575090-2512792040-500 - Administrator - Disabled)
Gast (S-1-5-21-3542069035-4146575090-2512792040-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3542069035-4146575090-2512792040-1002 - Limited - Enabled)
ObiMobil (S-1-5-21-3542069035-4146575090-2512792040-1000 - Administrator - Enabled) => C:\Users\ObiMobil

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Acer Backup Manager (HKLM-x32\...\InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.68 - NewTech Infosystems)
Acer Crystal Eye webcam (HKLM-x32\...\{51F026FA-5146-4232-A8BA-1364740BD053}) (Version: 1.0.4.0 - Liteon)
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 5.00.3005 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3013 - Acer Incorporated)
Acer GameZone Console (HKLM-x32\...\{58F4D244-314F-4D26-B5EF-C28AB32E22CB}_is1) (Version: 6.1.0.9 - Oberon Media, Inc.)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.03.3003 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0707.2010 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3001 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.180 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.270 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.267 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Airport Mania First Flight (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11505173}) (Version:  - Oberon Media)
Amazonia (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}) (Version:  - Oberon Media)
AVerMedia A835 USB TV Tuner 8.0.64.57 (HKLM-x32\...\AVerMedia A835 USB TV Tuner) (Version: 8.0.64.57 - AVerMedia TECHNOLOGIES, Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.15.129 - Avira Operations GmbH & Co. KG)
Avira Browser Safety (HKLM-x32\...\{9E10EA90-5E97-43B7-A246-FC7B4F5E9493}) (Version: 1.4.5.509 - Avira Operations GmbH & Co KG)
Avira Launcher (HKLM-x32\...\{315dd168-0794-4cf1-8355-f195cde642fc}) (Version: 1.1.45.11819 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.45.11819 - Avira Operations GmbH & Co. KG) Hidden
Backup Manager Basic (x32 Version: 2.0.0.68 - NewTech Infosystems) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Belkin USB Print and Storage Center (HKLM\...\Belkin USB Print and Storage Center) (Version: 1.0.0 - Belkin International, Inc.)
Betfair Poker (HKLM-x32\...\Betfair Poker_is1) (Version:  - Betfair)
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom Gigabit NetLink Controller (HKLM\...\{A84DB02B-9C2B-4272-9D2D-A80E00A56513}) (Version: 14.0.2.3 - Broadcom Corporation)
Cake Mania (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}) (Version:  - Oberon Media)
calibre 64bit (HKLM\...\{2D534835-A873-4402-BEED-813FE50BF118}) (Version: 2.30.0 - Kovid Goyal)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.1.3868 - CDBurnerXP)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - )
CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.2829.50 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DDBAC (HKLM-x32\...\{9FC83F04-9C3F-429B-92DE-1252235765E4}) (Version: 4.3.42 - DataDesign)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Dream Day First Home (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}) (Version:  - Oberon Media)
Dropbox (HKU\S-1-5-21-3542069035-4146575090-2512792040-1000\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.)
Druckerdeinstallation für EPSON SX210 Series (HKLM\...\EPSON SX210 Series) (Version:  - SEIKO EPSON Corporation)
eBay Worldwide (HKLM-x32\...\{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}) (Version: 2.1.0901 - OEM)
eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)
eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) Hidden
ETDWare PS/2-x64 7.0.6.5_WHQL (HKLM\...\Elantech) (Version: 7.0.6.5 - ELAN Microelectronics Corp.)
Farm Frenzy 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}) (Version:  - Oberon Media)
FileZilla Client 3.6.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.6.0.2 - FileZilla Project)
FreeMind (HKLM-x32\...\B991B020-2968-11D8-AF23-444553540000_is1) (Version: 0.9.0 - )
Full Tilt Poker (HKLM-x32\...\{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}) (Version: 4.48.1.WIN.FullTilt.COM - )
Full Tilt Poker.Eu (HKLM-x32\...\{127BEFB3-24B2-4B44-8E99-AD22C2A5A8ED}) (Version: 4.55.4.WIN.FullTilt.EU - )
Galapago (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}) (Version:  - Oberon Media)
Gameforge Live 2.0.6 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.6 - Gameforge)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Git version 1.8.3-preview20130601 (HKLM-x32\...\Git_is1) (Version: 1.8.3-preview20130601 - The Git Development Community)
Gizmo Central (HKLM-x32\...\Gizmo Central) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7210.1528 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
HearthstoneTracker (HKLM-x32\...\HearthstoneTracker) (Version: 1.9.23.39449 - HearthstoneTracker.com)
Heroes of Hellas (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}) (Version:  - Oberon Media)
HEX (HKLM-x32\...\{6EDED3CB-CAC5-4200-A534-CCA1732EAF23}_is1) (Version:  - Gameforge)
HL-1110 series (HKLM-x32\...\{4F2442B7-A89E-42A4-8F0E-6937499855CA}) (Version: 1.0.0.0 - Brother Industries, Ltd.)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated)
import.io (HKU\S-1-5-21-3542069035-4146575090-2512792040-1000\...\{95981586-8D7F-49E9-9C7F-3AA704641471}_is1) (Version: 0.1 - import.io)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.2.1001 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.02.00.1002 - Intel Corporation)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
KeePass Password Safe 2.28 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.28 - Dominik Reichl)
Kodi (HKU\S-1-5-21-3542069035-4146575090-2512792040-1000\...\Kodi) (Version:  - XBMC-Foundation)
Launch Manager (HKLM-x32\...\LManager) (Version: 4.0.12 - Acer Inc.)
League of Legends (HKLM-x32\...\{918A9082-6287-4D25-9002-5E5D5E4971CB}) (Version: 1.02.0000 - Riot Games)
ManiaPlanet (HKLM-x32\...\ManiaPlanet_is1) (Version:  - Nadeo)
Market Samurai (HKLM-x32\...\MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1) (Version: 0.93.64 - Alliance Software Pty Ltd)
Market Samurai (x32 Version: 0.93.64 - Alliance Software Pty Ltd) Hidden
Merriam Websters Spell Jam (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}) (Version:  - Oberon Media)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mimo (HKLM-x32\...\Mimo) (Version: 0.2.5 - Mimo, Inc.)
Mobile Connection Manager (HKLM-x32\...\o2DE) (Version: 8.8.7.892 - Mobile Connection Manager)
Mozilla Firefox 39.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.5.0 - Mozilla)
Mozilla Thunderbird 38.3.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.3.0 (x86 de)) (Version: 38.3.0 - Mozilla)
MyWinLocker (x32 Version: 3.1.212.0 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}) (Version: 3.1.212.0 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 3.1.212.0 - Egis Technology Inc.) Hidden
Newshosting (HKLM\...\{63E2392B-D8C3-4458-BEB4-057AD58EF032}) (Version: 1.5.3 - Newshosting)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
NVIDIA 3D Vision Treiber 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 320.49 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 320.49 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.24.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.24.2 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0604 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.19 - NVIDIA Corporation)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
paint.net (HKLM\...\{DF3A46D9-67B3-44B2-9D01-25C8BA772C8A}) (Version: 4.0.6 - dotPDN LLC)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.8 - Pando Networks Inc.)
PC Wizard 2015.2.14 (HKLM-x32\...\PC Wizard 2015_is1) (Version:  - CPUID)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Poker Pop (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111355427}) (Version:  - Oberon Media)
PokerStars (HKLM-x32\...\PokerStars) (Version:  - PokerStars)
ProgDVB (HKLM\...\ProgDVB) (Version:  - )
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version:  - Jan Fiala)
QuickPar 0.9 (HKLM-x32\...\QuickPar) (Version: 0.9 - Peter B. Clements)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6141 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30122 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 1.6.85 - NVIDIA Corporation) Hidden
Shredder (Version: 2.0.8.3 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.3 - Egis Technology Inc.) Hidden
Skype™ 7.17 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.105 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spin & Win (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110300453}) (Version:  - Oberon Media)
Spotify (HKU\S-1-5-21-3542069035-4146575090-2512792040-1000\...\Spotify) (Version: 1.0.15.133.gf21970bd - Spotify AB)
Spyware Terminator 2012 (HKLM-x32\...\{56736259-613E-4A3B-B428-6235F2E76F44}_is1) (Version: 3.0.0.82 - Crawler.com)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Synology Cloud Station (HKLM-x32\...\{17B316FB-7048-49FE-86E7-92A5905F842A}) (Version: 3.2.3479 - Synology)
TeamDrive 3 (HKLM-x32\...\TeamDrive 3) (Version: 3.1.2.454 - TeamDrive Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.42650 - TeamViewer)
TortoiseGit 1.8.3.0 (64 bit) (HKLM\...\{C39D5E7E-0CA3-4090-AAE3-9F7F4D5D567A}) (Version: 1.8.3.0 - TortoiseGit)
Überwachungstool für die Intel® Turbo-Boost-Technik (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.186.6 - Intel)
Unity Web Player (HKU\S-1-5-21-3542069035-4146575090-2512792040-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{CBCC2FD8-7DFE-4752-95B5-2E447C226F45}) (Version:  - Microsoft)
UseNeXT by Tangysoft (HKLM-x32\...\UseNeXT by Tangysoft_is1) (Version:  - Tangysoft Ltd.)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Vodafone Mobile Connect Lite (HKLM-x32\...\{C656142F-EFE1-44CD-BFAD-6CBC6DCB9860}) (Version: 9.3.3.10523 - Vodafone)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3002 - Acer Incorporated)
WiMP 2.4.2 (HKLM-x32\...\com.aspiro.wimp.de.25F5C0086CDE1F22CA0B92A487729991CA6CD013.1) (Version: 2.4.2 - Aspiro AS)
WiMP 2.4.2 (x32 Version: 2.4.2 - Aspiro AS) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
WISO Steuer-Sparbuch 2011 (HKLM-x32\...\{02F0B8AE-7501-4333-AFBE-6BAABFEC7637}) (Version: 18.00.6928 - Buhl Data Service GmbH)
ZTE USB Driver (HKLM\...\ZTE USB Driver) (Version: 1.0.1.31_TME - ZTE Corporation)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\ObiMobil\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\ObiMobil\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{2C4A5D61-009C-4561-9A33-6AFD542FD237}\InprocServer32 -> C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\ContextMenu.dll ()
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\ObiMobil\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{472CE1AD-5D53-4BCF-A1FB-3982A5F55138}\InprocServer32 -> C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{48AB5ADA-36B1-4137-99C9-2BD97F8788AB}\InprocServer32 -> C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\ObiMobil\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\ObiMobil\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\ObiMobil\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{A433C3E0-8B24-40EB-93C3-4B10D9959F58}\InprocServer32 -> C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{AEB16659-2125-4ADA-A4AB-45EE21E86469}\InprocServer32 -> C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\ObiMobil\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{C701AD67-3DF0-47C9-89CB-DFA6207BE229}\InprocServer32 -> C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{ca586c80-7c84-4b88-8537-726724df6929}\InprocServer32 -> C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll ()
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\ObiMobil\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\ObiMobil\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\ObiMobil\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\ObiMobil\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\ObiMobil\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => Keine Datei

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {12000D8D-DA3E-46E8-B7A0-C644B180F08F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {170B4AFC-8CF0-464B-B4DD-614BB3A62FD7} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3542069035-4146575090-2512792040-1000Core => C:\Users\ObiMobil\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {1E76B4F1-2DCD-4F27-9366-7D1B50600C5A} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
Task: {418F17BD-04C3-4A5B-81A7-A136187FA939} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3542069035-4146575090-2512792040-1000Core => C:\Users\ObiMobil\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-13] (Dropbox, Inc.)
Task: {45FCE8E7-27C1-42DE-A28C-6817130DDCB6} - System32\Tasks\{EB5A17F7-59B1-4914-80F9-8981CBF7FF0B} => C:\Program Files (x86)\Gizmo\gizmo.exe [2010-12-28] (Arainia Solutions)
Task: {49B53F6B-58B5-4494-AA3E-A9B86F524493} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {5A40E926-9E86-4B89-9CFD-B12311724371} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {733D650D-7434-4D36-A837-44A40309EEEC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-06] (Adobe Systems Incorporated)
Task: {7A532F03-994C-4519-A175-E21C8E9C95ED} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {862865A0-5DF5-4EE9-B973-7E48693A5EB7} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3542069035-4146575090-2512792040-1000UA => C:\Users\ObiMobil\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {A34B3048-6A02-4C85-99C2-22DC96B05E06} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {AEC5BE87-9C6A-4459-9A7B-E245DFD0ECF2} - System32\Tasks\AutoKMSDaily => C:\Windows\AutoKMS\AutoKMS.exe
Task: {BEC65FF4-BA85-47B4-A046-5C604D31BD72} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3542069035-4146575090-2512792040-1000UA => C:\Users\ObiMobil\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-13] (Dropbox, Inc.)
Task: {C123F14E-51D1-4189-8F88-60EAF830F3F3} - System32\Tasks\BrowserProtect => Sc.exe start BrowserProtect <==== ACHTUNG
Task: {C5004184-66DB-44A1-9FB0-F1C099EF0412} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {C5FBFB11-265B-4257-BB6C-49153ACABAB1} - System32\Tasks\{CBEC163D-63CE-4F46-95B0-6470B36DFE3E} => pcalua.exe -a C:\Users\ObiMobil\Downloads\HiJackThis204.exe -d C:\Users\ObiMobil\Downloads
Task: {CCDAC0B1-D721-4AC0-A7A9-5F2C39719A25} - System32\Tasks\Avira Browser Safety Updater Task => C:\Program Files (x86)\Avira\Browser Safety\AviraBrowserSafetyUpdater.exe [2015-03-11] (Avira Operations GmbH & Co. KG)
Task: {DD9F510C-95F4-499A-90C8-BAC5BC372FF4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => start sppsvc
Task: {E7C97CD1-334A-4FCC-8E9F-1C5FFAF49143} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3542069035-4146575090-2512792040-1000Core.job => C:\Users\ObiMobil\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3542069035-4146575090-2512792040-1000UA.job => C:\Users\ObiMobil\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3542069035-4146575090-2512792040-1000Core.job => C:\Users\ObiMobil\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3542069035-4146575090-2512792040-1000UA.job => C:\Users\ObiMobil\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2013-12-04 19:55 - 2011-06-22 17:14 - 00034304 _____ () C:\Windows\System32\sst2cl6.dll
2013-12-04 19:55 - 2011-06-22 17:13 - 00826880 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\sst2cdu.dll
2013-07-10 17:33 - 2013-06-21 11:23 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-09-24 18:43 - 2010-02-17 17:25 - 00181760 ____N () C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe
2012-09-24 18:43 - 2010-02-09 14:55 - 00055296 ____N () C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe
2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2013-05-05 15:26 - 2013-05-05 15:26 - 00597144 _____ () C:\Program Files\TortoiseGit\bin\libgit2.dll
2013-05-05 15:26 - 2013-05-05 15:26 - 00087704 _____ () C:\Program Files\TortoiseGit\bin\zlib1.dll
2010-12-28 18:39 - 2010-12-28 18:39 - 00367728 _____ () C:\Program Files (x86)\Gizmo\gshell-x64.dll
2013-06-25 19:49 - 2013-06-02 10:30 - 00717230 _____ () C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll
2015-12-15 20:20 - 2015-12-15 20:20 - 01047552 _____ () C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\ContextMenu.dll
2012-09-24 18:43 - 2010-02-17 17:25 - 00149504 ____N () C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkLocalBackup.dll
2010-06-28 14:20 - 2010-06-28 14:20 - 00465576 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
2010-06-28 14:12 - 2010-06-28 14:12 - 01081600 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll
2012-11-29 22:59 - 2012-11-29 22:59 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2013-05-05 15:18 - 2013-05-05 15:18 - 00451736 _____ () C:\Program Files\TortoiseGit\bin\libgit232.dll
2013-05-05 15:18 - 2013-05-05 15:18 - 00077464 _____ () C:\Program Files\TortoiseGit\bin\zlib132.dll
2015-06-03 15:22 - 2015-12-15 20:16 - 50680424 _____ () C:\Users\ObiMobil\AppData\Roaming\Spotify\libcef.dll
2015-12-10 00:42 - 2015-10-31 01:59 - 00034768 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2015-12-10 00:42 - 2015-10-31 02:00 - 00019408 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2015-12-10 00:42 - 2015-12-08 22:36 - 00022848 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\Crypto.Random.OSRNG.winrandom.pyd
2015-12-10 00:42 - 2015-12-08 22:36 - 00023352 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\Crypto.Util._counter.pyd
2015-12-10 00:42 - 2015-12-08 22:36 - 00042296 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\Crypto.Cipher._AES.pyd
2015-12-10 00:42 - 2015-10-31 01:59 - 00116688 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2015-12-10 00:42 - 2015-10-31 01:59 - 00093640 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2015-12-10 00:42 - 2015-10-31 01:59 - 00018376 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\select.pyd
2015-12-10 00:42 - 2015-12-08 22:36 - 00019760 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2015-12-10 00:42 - 2015-10-31 02:00 - 00105928 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\win32api.pyd
2015-12-10 00:42 - 2015-10-31 01:59 - 00392144 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2015-12-10 00:42 - 2015-12-08 22:36 - 00381752 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2015-12-10 00:42 - 2015-10-31 01:59 - 00692688 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2015-12-10 00:42 - 2015-12-08 22:36 - 00020816 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2015-12-10 00:42 - 2015-10-31 02:00 - 00109520 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2015-12-10 00:42 - 2015-12-08 22:36 - 01737032 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2015-12-10 00:42 - 2015-12-08 22:36 - 00020808 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2015-12-10 00:42 - 2015-12-08 22:36 - 00020800 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\_cffi_python_x66cf7a7cx17a72769.pyd
2015-12-10 00:42 - 2015-12-08 22:36 - 00021840 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2015-12-10 00:42 - 2015-12-08 22:36 - 00038696 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\fastpath.pyd
2015-12-10 00:42 - 2015-10-31 02:00 - 00024528 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\win32event.pyd
2015-12-10 00:42 - 2015-10-31 02:00 - 00020936 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2015-12-10 00:42 - 2015-10-31 02:00 - 00114640 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\win32security.pyd
2015-12-10 00:42 - 2015-12-08 22:36 - 00021320 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_xde9e4433x360333f0.pyd
2015-12-10 00:42 - 2015-10-31 02:00 - 00124880 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\win32file.pyd
2015-12-10 00:42 - 2015-10-31 02:00 - 00030160 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2015-12-10 00:42 - 2015-10-31 02:00 - 00043472 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\win32process.pyd
2015-12-10 00:42 - 2015-10-31 02:00 - 00175560 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\win32gui.pyd
2015-12-10 00:42 - 2015-10-31 02:00 - 00028616 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\win32ts.pyd
2015-12-10 00:42 - 2015-10-31 02:00 - 00024016 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2015-12-10 00:42 - 2015-10-31 02:00 - 00048592 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\win32service.pyd
2015-12-10 00:42 - 2015-12-08 22:36 - 00024392 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2015-12-10 00:42 - 2015-10-31 02:00 - 00036296 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\librsync.dll
2015-12-10 00:42 - 2015-10-31 02:00 - 00024016 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\win32profile.pyd
2015-12-10 00:42 - 2015-12-08 22:36 - 00117056 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2015-12-10 00:42 - 2015-12-08 22:36 - 00023376 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2015-12-10 00:42 - 2015-10-31 01:59 - 00134608 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2015-12-10 00:42 - 2015-10-31 01:59 - 00134088 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2015-12-10 00:42 - 2015-10-31 02:00 - 00240584 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\jpegtran.pyd
2015-12-10 00:42 - 2015-12-08 22:36 - 00020280 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2015-12-10 00:42 - 2015-12-08 22:36 - 00052024 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2015-12-10 00:42 - 2015-12-08 22:36 - 00021304 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\Crypto.Util.strxor.pyd
2015-12-10 00:42 - 2015-10-31 02:00 - 00350152 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2015-12-10 00:42 - 2015-12-08 22:36 - 00084792 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2015-12-10 00:42 - 2015-12-08 22:36 - 01826608 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2015-12-10 00:42 - 2015-10-31 02:00 - 00083912 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\sip.pyd
2015-12-10 00:42 - 2015-12-08 22:36 - 03891504 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2015-12-10 00:42 - 2015-12-08 22:36 - 01950000 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2015-12-10 00:42 - 2015-12-08 22:36 - 00519984 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2015-12-10 00:42 - 2015-12-08 22:36 - 00133936 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2015-12-10 00:42 - 2015-12-08 22:36 - 00225080 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2015-12-10 00:42 - 2015-12-08 22:36 - 00207672 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2015-12-10 00:42 - 2015-12-08 22:36 - 00024904 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2015-12-10 00:42 - 2015-12-08 22:36 - 00486704 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2015-12-10 00:42 - 2015-12-08 22:36 - 00357680 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2015-11-11 23:29 - 2015-10-31 02:01 - 00019920 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-07-31 00:17 - 2015-10-31 02:00 - 00786904 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-11-11 23:29 - 2015-10-31 02:00 - 00063448 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-11-11 23:29 - 2015-10-31 02:00 - 00019408 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2014-06-20 10:22 - 2009-02-27 15:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2015-06-03 15:22 - 2015-12-15 20:15 - 01882728 _____ () C:\Users\ObiMobil\AppData\Roaming\Spotify\libglesv2.dll
2015-06-03 15:22 - 2015-12-15 20:15 - 00083048 _____ () C:\Users\ObiMobil\AppData\Roaming\Spotify\libegl.dll
2014-04-12 04:30 - 2014-02-10 12:44 - 04592128 _____ () C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
2014-04-12 04:30 - 2014-02-10 12:44 - 00112128 _____ () C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll
2015-12-15 20:20 - 2015-12-15 20:20 - 00123918 _____ () C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\bin\libgcc_s_dw2-1.dll
2015-12-15 20:20 - 2015-12-15 20:20 - 00524460 _____ () C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\bin\libcurl-4.dll
2015-12-15 20:20 - 2015-12-15 20:20 - 00115214 _____ () C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\bin\zlib1.dll
2015-12-15 20:20 - 2015-12-15 20:20 - 01026062 _____ () C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\bin\libstdc++-6.dll
2015-12-15 20:20 - 2015-12-15 20:20 - 03095505 _____ () C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\bin\icuin53.dll
2015-12-15 20:20 - 2015-12-15 20:20 - 01798570 _____ () C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\bin\icuuc53.dll
2015-12-15 20:20 - 2015-12-15 20:20 - 21565192 _____ () C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\bin\icudt53.dll
2015-12-15 20:20 - 2015-12-15 20:20 - 02874155 _____ () C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\bin\libsqlite3-0.dll
2015-12-15 20:20 - 2015-12-15 20:20 - 00712704 _____ () C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\bin\platforms\qwindows.dll
2015-12-15 20:20 - 2015-12-15 20:20 - 00031744 _____ () C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qgif.dll
2015-12-15 20:20 - 2015-12-15 20:20 - 00046080 _____ () C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qicns.dll
2015-12-15 20:20 - 2015-12-15 20:20 - 00032768 _____ () C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qico.dll
2015-12-15 20:20 - 2015-12-15 20:20 - 00516608 _____ () C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qjp2.dll
2015-12-15 20:20 - 2015-12-15 20:20 - 00243200 _____ () C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qjpeg.dll
2015-12-15 20:20 - 2015-12-15 20:20 - 00431616 _____ () C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qtiff.dll
2015-03-03 16:01 - 2015-03-03 16:01 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\89753abff3827095ec7f3d3fb79f744a\IsdiInterop.ni.dll
2010-07-13 12:32 - 2010-04-13 17:52 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2015-12-15 20:20 - 2015-12-15 20:20 - 00115214 _____ () C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\bin\ZLIB1.dll
2015-10-09 00:55 - 2015-10-09 00:55 - 00153768 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2015-10-09 00:55 - 2015-10-09 00:55 - 00023208 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\Temp:05B51235
AlternateDataStreams: C:\ProgramData\Temp:0B9176C0
AlternateDataStreams: C:\Users\ObiMobil\Downloads\avira_de_av_5968378268__ws.exe:BDU
AlternateDataStreams: C:\Users\ObiMobil\Downloads\BlueStacks-SplitInstaller_native.exe:BDU
AlternateDataStreams: C:\Users\ObiMobil\Downloads\Hearthstone-Beta-Setup-deDE.exe:BDU
AlternateDataStreams: C:\Users\ObiMobil\Downloads\HiJackThis204.exe:BDU
AlternateDataStreams: C:\Users\ObiMobil\Downloads\KeePass-2.28-Setup.exe:BDU
AlternateDataStreams: C:\Users\ObiMobil\Downloads\MediaPlayerClassic_RocketFuelInstaller (1).exe:BDU
AlternateDataStreams: C:\Users\ObiMobil\Downloads\MediaPlayerClassic_RocketFuelInstaller (2).exe:BDU
AlternateDataStreams: C:\Users\ObiMobil\Downloads\MediaPlayerClassic_RocketFuelInstaller.exe:BDU
AlternateDataStreams: C:\Users\ObiMobil\Downloads\UnityWebPlayer.exe:BDU

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)

HKU\S-1-5-21-3542069035-4146575090-2512792040-1000\Software\Classes\.exe:  =>  <===== ACHTUNG

==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3542069035-4146575090-2512792040-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\ObiMobil\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WISO Mein Steuer-Sparbuch heute.lnk => C:\Windows\pss\WISO Mein Steuer-Sparbuch heute.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^ObiMobil^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^An OneNote senden.lnk => C:\Windows\pss\An OneNote senden.lnk.Startup
MSCONFIG\startupfolder: C:^Users^ObiMobil^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk => C:\Windows\pss\OpenOffice.org 3.2.lnk.Startup
MSCONFIG\startupfolder: C:^Users^ObiMobil^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk => C:\Windows\pss\OpenOffice.org 3.4.1.lnk.Startup
MSCONFIG\startupfolder: C:^Users^ObiMobil^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^TeamDrive starten.lnk => C:\Windows\pss\TeamDrive starten.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: BackupManagerTray => "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
MSCONFIG\startupreg: EgisTecPMMUpdate => "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
MSCONFIG\startupreg: EgisUpdate => "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
MSCONFIG\startupreg: EPSON SX210 Series => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFDE.EXE /FU "C:\Windows\TEMP\E_S3821.tmp" /EF "HKCU"
MSCONFIG\startupreg: GizmoDriveDelegate => RUNDLL32.EXE C:\PROGRA~2\GIZMO\GDRIVE.DLL,Remount_Startup_Images
MSCONFIG\startupreg: InstallerLauncher => "C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\Installer.exe"
MSCONFIG\startupreg: KeePass 2 PreLoad => "C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" --preload
MSCONFIG\startupreg: LManager => C:\Program Files (x86)\Launch Manager\LManager.exe
MSCONFIG\startupreg: MarbleStation => C:\NetmarbleGlobal\MarbleStation\GlbMSLauncher.exe
MSCONFIG\startupreg: mwlDaemon => C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
MSCONFIG\startupreg: Norton Online Backup => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
MSCONFIG\startupreg: Spotify => "C:\Users\ObiMobil\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\ObiMobil\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SpywareTerminatorShield => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
MSCONFIG\startupreg: SpywareTerminatorUpdater => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
MSCONFIG\startupreg: SuiteTray => "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: VirtualCloneDrive => "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{644A509A-457D-4C04-A293-18216D016B92}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9.EXE
FirewallRules: [{4FB3C17C-AFA2-4BEE-A7E5-8D1A934CDEBA}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{DF06B872-4390-4F3E-A9A5-F676794FFB36}] => (Allow) svchost.exe
FirewallRules: [{5CC7C186-58CF-42C4-BCF7-0252AC5EDA15}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{EADD3136-38EC-4276-B8DE-B445FEF10116}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{5941FBA2-5C7E-4017-893E-BF5464672003}] => (Allow) LPort=8396
FirewallRules: [{F80A5A05-AE6E-4626-8379-CF99A1FF6603}] => (Allow) LPort=8396
FirewallRules: [{DC691B14-20E3-4C09-9522-51A8047906B2}] => (Allow) C:\Riot Games\League of Legends\air\LolClient.exe
FirewallRules: [{AE1E21B4-AC39-471E-A866-19C7112321F0}] => (Allow) C:\Riot Games\League of Legends\air\LolClient.exe
FirewallRules: [{E464845F-F9B1-4FF5-A808-FE15AF4E166D}] => (Allow) C:\Riot Games\League of Legends\game\League of Legends.exe
FirewallRules: [{0BA59535-22A9-4255-8FCA-968A39ED2FCA}] => (Allow) C:\Riot Games\League of Legends\game\League of Legends.exe
FirewallRules: [{D061CD36-7D7E-4A60-A8C4-F05CACB57074}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{83E37541-C840-48C9-8591-FDCA41A68B8E}] => (Allow) LPort=2869
FirewallRules: [{E85B69D9-BDB7-4179-BD31-6257BEE2411B}] => (Allow) LPort=1900
FirewallRules: [{BE0BAD6F-A68C-45B8-8DF5-A1B705C6E4A8}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{303B66B6-128E-438B-B27C-660BE5785F35}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{717F01DA-700F-44B0-87D1-DF42ABF069D0}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{9D61C302-DDAA-4873-928D-DE7B0E6D4C37}] => (Allow) LPort=26675
FirewallRules: [{2A54FA3D-4BDC-4973-BD62-99F6C7E6A56C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{719EBF74-D777-46F7-8F91-274BAEB174CF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{5CECA94B-FE03-43FF-9FFA-F890C0F2BF89}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5EB4556F-DCCA-4202-B39A-6FFAE6552696}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{81BF6A9C-47D9-4D4C-89F4-BBE75C955FE7}] => (Allow) C:\Program Files\Belkin\Belkin USB Print and Storage Center\Connect.exe
FirewallRules: [{3F280DE1-1E27-494C-B834-53766BEED907}] => (Allow) LPort=19540
FirewallRules: [{D7B4B7DC-016A-442E-9EF1-5595A0A86C54}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{8B838E13-25BD-494A-8AD0-ED6A07644CB4}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{B8666841-261E-4F8D-8987-CB018796183F}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{FA13DB77-43CA-4201-8A41-D99B0FA4C08A}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{E73EC40F-AE04-48DE-A31F-A9A4E7190731}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{00E4A79D-AD6D-46AD-BD41-68D412892459}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{EB23ECE7-5DE6-44A8-98DE-E7D120FE3593}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{8473E708-FEC3-4F42-80DB-BDB76BE44F6F}] => (Allow) C:\Users\Tina\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{67FAEB53-7E20-4560-8AAE-006D14673290}] => (Allow) C:\Users\Tina\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{0DB30832-EBAF-45EE-A038-E4D18E3AA138}C:\users\tina\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\tina\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{864CE943-EA29-4CB4-9CAE-F3E282D1F1FA}C:\users\tina\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\tina\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{C928EAA9-E01C-4319-B916-41487A3D3294}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{324618CF-24C9-4D32-A243-931E0F5F2EDF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{503CE394-961E-45C4-BF8E-1861C13F81DA}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
FirewallRules: [UDP Query User{65E93227-1224-48A3-A710-B90139D8BB8D}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
FirewallRules: [{F2F4A06B-4A97-43EA-B34B-684F9FCE486A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{D3FECFD4-80FC-4CA5-B431-797A9DBE29B5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{517A8981-3539-4C8B-B682-502C526135E4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{95A6D083-5453-436E-9B1D-F18D016D4BB5}C:\games\world_of_warplanes\wowplauncher.exe] => (Allow) C:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [UDP Query User{121E808E-3864-4307-A0C1-5C229E795CFF}C:\games\world_of_warplanes\wowplauncher.exe] => (Allow) C:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [{CEB91F73-CC6A-4278-A017-AE3D695FF1D8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.954\Agent.exe
FirewallRules: [{7946E88C-0937-468A-B492-E54718C73A42}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.954\Agent.exe
FirewallRules: [{7927492C-B4AD-4AE9-A2A2-1F799F2B924D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [{6AAA0759-22BC-4B20-B159-8EC58AF41E2E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [{E106A59C-5A9C-4D93-9A3A-7520A871ECAD}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{EFCCC650-E1C1-4580-968E-805463B388B3}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{1ABA1577-87F4-436B-ACAB-C4B8CB661934}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [{B79D15D2-09EA-429B-8E95-50D695D9FAA6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [TCP Query User{186D3854-4E87-43C7-A862-EFE1B9295CFE}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{3DD553F3-809F-4486-B2E2-806387F81456}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [TCP Query User{CD9248C5-EF90-4BE4-B05A-8A32C111F0A4}C:\users\obimobil\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\obimobil\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{D52BA98D-4A70-492D-BEFF-922042682BC7}C:\users\obimobil\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\obimobil\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{B2F89E7C-3C36-45D4-93E6-E7D4752C374B}C:\users\obimobil\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\obimobil\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{2B593A5F-6CBE-46C0-978E-B7D3E370AF11}C:\users\obimobil\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\obimobil\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{A5A6D78A-D0D4-4C0F-B84B-BCF844C6D385}C:\users\obimobil\appdata\local\temp\10e1.tmp\kmservice.exe] => (Block) C:\users\obimobil\appdata\local\temp\10e1.tmp\kmservice.exe
FirewallRules: [UDP Query User{5CC172D9-5DE7-4177-B704-BE7D4B979206}C:\users\obimobil\appdata\local\temp\10e1.tmp\kmservice.exe] => (Block) C:\users\obimobil\appdata\local\temp\10e1.tmp\kmservice.exe
FirewallRules: [{31E64288-1C04-48BB-8378-CD2F6F5253F8}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{7BA6BA51-8870-42D0-8217-E2C191BF66BE}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{BA82F319-D8A7-465B-A7CC-831194A9AFF2}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{AE887943-465B-45F3-AE35-2162E3E5F2A3}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [TCP Query User{7D012476-062D-4F87-8327-20EA4AF0BF94}C:\program files (x86)\litecoin\litecoin-qt.exe] => (Allow) C:\program files (x86)\litecoin\litecoin-qt.exe
FirewallRules: [UDP Query User{273B7A88-16A1-4156-96B5-D21B6B69DDC5}C:\program files (x86)\litecoin\litecoin-qt.exe] => (Allow) C:\program files (x86)\litecoin\litecoin-qt.exe
FirewallRules: [{98740A53-138A-4F2B-83BA-EE36DF215C08}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{389CD855-E081-4EF7-A7DF-40480852DCE0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{9ECC3A29-1962-4A51-8A9C-17881A7ACD4F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{C36AA280-6F60-4EDD-AC3D-92BDA020C63C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{ACCBD3E9-40C7-45F3-8BE3-1CA77BB1F459}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{313839F5-34FF-46F1-ACBA-9652F7955722}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{5E359099-63CB-4BD1-892F-3DC169853987}C:\users\obimobil\downloads\eclipse-php-helios-sr2-win32\eclipse\eclipse.exe] => (Allow) C:\users\obimobil\downloads\eclipse-php-helios-sr2-win32\eclipse\eclipse.exe
FirewallRules: [UDP Query User{8D0DDA2E-60F6-4BE4-93C2-3155BEB88D4B}C:\users\obimobil\downloads\eclipse-php-helios-sr2-win32\eclipse\eclipse.exe] => (Allow) C:\users\obimobil\downloads\eclipse-php-helios-sr2-win32\eclipse\eclipse.exe
FirewallRules: [{DF1292F3-9DCE-4C4D-AE59-C7611BEF7A40}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminator.exe
FirewallRules: [{350BCC2B-05F5-4533-ABF7-0DF776AAA7E6}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminator.exe
FirewallRules: [{12B039E1-B8D3-4A8E-8315-9AD46F9A250C}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
FirewallRules: [{4316ACFD-D8ED-42A8-BC51-F0790A63D08C}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
FirewallRules: [TCP Query User{2FDB0447-1E9C-4D57-81B0-E7000263C88F}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe] => (Block) C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe
FirewallRules: [UDP Query User{B85F3155-4F36-4C78-812F-E736DC8FB74A}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe] => (Block) C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe
FirewallRules: [TCP Query User{9C2440BD-5F2C-461D-929A-3B2446871F48}C:\users\obimobil\downloads\eclipse-php-helios-sr2-win32\eclipse\eclipse.exe] => (Allow) C:\users\obimobil\downloads\eclipse-php-helios-sr2-win32\eclipse\eclipse.exe
FirewallRules: [UDP Query User{1D418261-AE50-4F3E-950A-ED8AE2D4D14D}C:\users\obimobil\downloads\eclipse-php-helios-sr2-win32\eclipse\eclipse.exe] => (Allow) C:\users\obimobil\downloads\eclipse-php-helios-sr2-win32\eclipse\eclipse.exe
FirewallRules: [TCP Query User{9A67B07D-1EA9-4D3F-B8EE-5D8F18C5BAEB}C:\program files (x86)\java\jre7\launch4j-tmp\mimo.exe] => (Allow) C:\program files (x86)\java\jre7\launch4j-tmp\mimo.exe
FirewallRules: [UDP Query User{B1C21952-83AA-464D-93A7-129DB7099251}C:\program files (x86)\java\jre7\launch4j-tmp\mimo.exe] => (Allow) C:\program files (x86)\java\jre7\launch4j-tmp\mimo.exe
FirewallRules: [{24A15925-EE40-4F26-9DA8-97EAF6DE592C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{93F4746F-E9D5-43A1-9552-9C8D37ED85FC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{080D5608-1464-4882-8FC6-3FCBE813F686}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2680\Agent.exe
FirewallRules: [{4FF78B3C-6B69-46EF-BA33-56E99E21E961}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2680\Agent.exe
FirewallRules: [{4220F71E-E474-4A3E-A8AD-8CDC90BDC23B}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{187EA9A6-AC25-4EB0-8D1C-CFB9A1576489}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{21269A9F-0B3B-4DEE-AAB0-C4FAE19F4F3C}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{2D8F5D9F-3B95-4CE8-A861-8771A1622B03}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{D51BF2AD-2A82-4067-8FBF-7FD9B835F200}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2689\Agent.exe
FirewallRules: [{F4463B5A-CBA8-498B-B4BF-9A63C460795F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2689\Agent.exe
FirewallRules: [{3CA9DADA-CE81-4ADC-8326-9EF966C3211E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{A7154BE3-5E7B-4F4E-8E1E-FBE5C68490A8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{59123C40-E91C-4126-B637-10B66A1F90FD}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{BB3D3494-446A-422E-9357-755BF71A55F9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{263A5036-BC53-4F62-B69D-28B607E81795}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{042A7EA0-32CD-4EB8-8D83-DC5AA39EEFF5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [TCP Query User{572C469D-501C-46D1-9540-AB10847582D1}C:\programdata\battle.net\agent\agent.3109\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3109\agent.exe
FirewallRules: [UDP Query User{AD9E8E11-4524-45EE-B081-8B5FEA734A72}C:\programdata\battle.net\agent\agent.3109\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3109\agent.exe
FirewallRules: [{CA47BA01-2AE7-4D22-850D-6B18410D4A76}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{A354E9EE-A9F5-41A0-B61B-1439E3B01199}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [TCP Query User{E0142BEF-B8E9-4A00-A003-5B2B1F03873F}C:\programdata\battle.net\agent\agent.3182\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3182\agent.exe
FirewallRules: [UDP Query User{3D76D9B1-4AC0-4DCF-A6E4-2420E3D9C160}C:\programdata\battle.net\agent\agent.3182\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3182\agent.exe
FirewallRules: [{9F6774E4-7094-4437-BA29-47088B1E14B9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{E27F7686-5A8D-4490-8C42-B29EF2C75BA8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{3456BD2B-496A-4ECE-A2D2-47F309C81102}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{8F9E6692-F2F8-42DC-880C-16A53DC8BA82}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [TCP Query User{9A00F4BA-33D6-45CF-8EB2-7E04DD45727C}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{F30DA08D-F746-486A-8F0C-9C37D902B212}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{6E2959C6-BFF8-49AC-854F-3E95A39B43CF}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{2F1B9C7E-5411-4AB1-8EFD-15AA3EF82D2C}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{C85E36FC-87D6-47C9-8420-1BC0682974E9}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{CB96C99E-EE01-4B40-88F0-C4E191666099}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{49A7C27F-D992-4088-B0EA-DFBF60BD1DF4}] => (Allow) C:\Program Files\NetDrive\ndsvc.exe
FirewallRules: [{E7310655-551E-4196-BDBD-E8ECAAC0F3E1}] => (Allow) C:\Program Files\NetDrive\ndsvc.exe
FirewallRules: [{A844FBBE-0BC2-47DC-A624-C30FC72DFE4A}] => (Allow) C:\Program Files\NetDrive\ndsvc.exe
FirewallRules: [{792657DC-EFDB-4AE5-864C-DC8290287AF7}] => (Allow) C:\Program Files\NetDrive\ndsvc.exe
FirewallRules: [{5CDFDD58-DC32-4B6B-B90F-F80B98DAB985}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{B2EA5F35-F9B8-4EF8-A862-0DBF033C2607}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{A70CDA0A-6E25-41AD-87B9-59FFE7FF99AF}] => (Allow) C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{5C4C2C25-0F7B-43AC-8C2F-D4AAA2DDA1DF}] => (Allow) C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{057F0FB9-F75A-4589-BF37-B9E12EAAF596}C:\users\obimobil\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\obimobil\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{1D307634-0481-46E4-9A22-92DF7AB54CD2}C:\users\obimobil\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\obimobil\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{F9F404A6-475A-4F45-8FC2-32BC1CA3A296}] => (Allow) C:\Program Files (x86)\GameforgeLive\gfl_client.exe
FirewallRules: [TCP Query User{F54C6306-CEC2-411D-B41E-A36F198EC770}C:\users\obimobil\appdata\local\cloudstation\app\bin\cloud-connect.exe] => (Allow) C:\users\obimobil\appdata\local\cloudstation\app\bin\cloud-connect.exe
FirewallRules: [UDP Query User{17F92A95-0E74-4B3D-90B2-A8C3ADFF2EDB}C:\users\obimobil\appdata\local\cloudstation\app\bin\cloud-connect.exe] => (Allow) C:\users\obimobil\appdata\local\cloudstation\app\bin\cloud-connect.exe
FirewallRules: [{0351B635-73A4-4CDF-9BA6-B80338A534B1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{0C7EB2E7-4483-4A1D-9A13-478EE44D1132}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{80EDA6CA-2CC8-4FD3-93CB-0DF73C416512}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{0A52085A-C4C4-40B6-ABE1-B961389F670C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{4C583014-3524-4F66-89AE-53B99B0C5F91}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B8467789-76E8-4A3A-BFAC-3065486A39BD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{FA0168AE-07FC-4197-AF5A-C87ED7BEA756}C:\users\obimobil\appdata\local\cloudstation\cloudstation.app\bin\cloud-connect.exe] => (Allow) C:\users\obimobil\appdata\local\cloudstation\cloudstation.app\bin\cloud-connect.exe
FirewallRules: [UDP Query User{611B597D-07FD-4B18-B510-F2ABB2F8EE76}C:\users\obimobil\appdata\local\cloudstation\cloudstation.app\bin\cloud-connect.exe] => (Allow) C:\users\obimobil\appdata\local\cloudstation\cloudstation.app\bin\cloud-connect.exe
FirewallRules: [TCP Query User{7AF82318-1B97-40E8-B16B-995AA51AAFFB}C:\users\obimobil\appdata\local\cloudstation\cloudstation.app\bin\cloud-connect.exe] => (Allow) C:\users\obimobil\appdata\local\cloudstation\cloudstation.app\bin\cloud-connect.exe
FirewallRules: [UDP Query User{7806AE29-CEC7-4BB6-A7BA-79CB7A05C40F}C:\users\obimobil\appdata\local\cloudstation\cloudstation.app\bin\cloud-connect.exe] => (Allow) C:\users\obimobil\appdata\local\cloudstation\cloudstation.app\bin\cloud-connect.exe
FirewallRules: [TCP Query User{6685F41D-95A6-4AFC-B985-EE83BF43FF1B}C:\program files (x86)\maniaplanet\maniaplanet.exe] => (Allow) C:\program files (x86)\maniaplanet\maniaplanet.exe
FirewallRules: [UDP Query User{315A0DD0-D029-4C4D-BF42-A72DF4CF5BDB}C:\program files (x86)\maniaplanet\maniaplanet.exe] => (Allow) C:\program files (x86)\maniaplanet\maniaplanet.exe
FirewallRules: [TCP Query User{820DDDDA-3CB0-40EF-988B-02E8BD8A24C2}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{181993C7-594F-498F-9F1D-D7FC5F6F0B28}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{BA4A3BBE-FB43-42BB-B813-CD10F3BACE09}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{2C373DFB-DB53-49EC-9178-784CC7C67BA6}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{56A96ABD-1B73-44A1-9D17-0345F5B5BDFE}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{F0A0F69E-12D9-4E47-BAE1-6E1845F1D0FE}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [TCP Query User{4C6B3D81-B678-4DF9-BB07-040441957F7A}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{A19551DE-53BC-490E-ADC1-412C7B190472}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [{6C3AD8DD-36C5-4AE1-BB42-8C6B035BC53D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

11-12-2015 04:13:00 Windows Update
17-12-2015 01:03:02 Windows Update
22-12-2015 18:23:41 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (01/06/2016 01:46:15 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 23311620

Error: (01/06/2016 01:46:15 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 23311620

Error: (01/06/2016 01:46:15 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/06/2016 01:46:14 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 23310606

Error: (01/06/2016 01:46:14 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 23310606

Error: (01/06/2016 01:46:14 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/06/2016 01:46:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 23309576

Error: (01/06/2016 01:46:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 23309576

Error: (01/06/2016 01:46:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/06/2016 01:46:12 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 23308577


Systemfehler:
=============
Error: (01/05/2016 07:03:08 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.

Error: (01/05/2016 06:50:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Bitdefender Desktop Update Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (01/05/2016 06:49:35 PM) (Source: SCardSvr) (EventID: 602) (User: )
Description: Das System kann den angegebenen Pfad nicht finden.

Error: (01/05/2016 06:49:34 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎03.‎01.‎2016 um 20:16:50 unerwartet heruntergefahren.

Error: (01/03/2016 08:12:24 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.

Error: (01/03/2016 08:10:10 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Defender" wurde nicht richtig gestartet.

Error: (01/03/2016 08:08:10 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Intel(R) Management & Security Application User Notification Service" wurde nicht richtig gestartet.

Error: (01/03/2016 08:00:27 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Vodafone Mobile Connect Service erreicht.

Error: (01/03/2016 07:59:57 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Service Host erreicht.

Error: (01/03/2016 07:59:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Bitdefender Desktop Update Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5 CPU M 460 @ 2.53GHz
Prozentuale Nutzung des RAM: 54%
Installierter physikalischer RAM: 3958.71 MB
Verfügbarer physikalischer RAM: 1787.5 MB
Summe virtueller Speicher: 7915.61 MB
Verfügbarer virtueller Speicher: 4200.87 MB

==================== Laufwerke ================================

Drive c: (Acer) (Fixed) (Total:284.99 GB) (Free:49.41 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: F16C7E11)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=285 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         
__________________

Alt 06.01.2016, 17:54   #4
Obster79
 
Win7 extrem langsam - Standard

Win7 extrem langsam



Code:
ATTFilter
18:17:09.0238 0x2a38  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
18:17:14.0727 0x2a38  ============================================================
18:17:14.0727 0x2a38  Current date / time: 2016/01/06 18:17:14.0727
18:17:14.0727 0x2a38  SystemInfo:
18:17:14.0727 0x2a38  
18:17:14.0727 0x2a38  OS Version: 6.1.7601 ServicePack: 1.0
18:17:14.0727 0x2a38  Product type: Workstation
18:17:14.0727 0x2a38  ComputerName: OBIMOBIL-PC
18:17:14.0727 0x2a38  UserName: ObiMobil
18:17:14.0727 0x2a38  Windows directory: C:\Windows
18:17:14.0727 0x2a38  System windows directory: C:\Windows
18:17:14.0728 0x2a38  Running under WOW64
18:17:14.0728 0x2a38  Processor architecture: Intel x64
18:17:14.0728 0x2a38  Number of processors: 4
18:17:14.0728 0x2a38  Page size: 0x1000
18:17:14.0728 0x2a38  Boot type: Normal boot
18:17:14.0728 0x2a38  ============================================================
18:17:15.0572 0x2a38  KLMD registered as C:\Windows\system32\drivers\26632133.sys
18:17:16.0411 0x2a38  System UUID: {23E6ACAE-0217-40EF-1D67-4AC9E49FB86E}
18:17:17.0453 0x2a38  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:17:17.0458 0x2a38  ============================================================
18:17:17.0458 0x2a38  \Device\Harddisk0\DR0:
18:17:17.0458 0x2a38  MBR partitions:
18:17:17.0458 0x2a38  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1A00800, BlocksNum 0x32000
18:17:17.0458 0x2a38  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1A32800, BlocksNum 0x239FB800
18:17:17.0458 0x2a38  ============================================================
18:17:17.0483 0x2a38  C: <-> \Device\Harddisk0\DR0\Partition2
18:17:17.0507 0x2a38  ============================================================
18:17:17.0507 0x2a38  Initialize success
18:17:17.0507 0x2a38  ============================================================
18:18:07.0271 0x2bb0  ============================================================
18:18:07.0271 0x2bb0  Scan started
18:18:07.0271 0x2bb0  Mode: Manual; SigCheck; TDLFS; 
18:18:07.0271 0x2bb0  ============================================================
18:18:07.0271 0x2bb0  KSN ping started
18:18:09.0760 0x2bb0  KSN ping finished: true
18:18:11.0244 0x2bb0  ================ Scan system memory ========================
18:18:11.0244 0x2bb0  System memory - ok
18:18:11.0245 0x2bb0  ================ Scan services =============================
18:18:11.0457 0x2bb0  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
18:18:11.0784 0x2bb0  1394ohci - ok
18:18:11.0875 0x2bb0  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
18:18:11.0913 0x2bb0  ACPI - ok
18:18:11.0973 0x2bb0  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
18:18:12.0098 0x2bb0  AcpiPmi - ok
18:18:12.0231 0x2bb0  [ 5DB2C6B908C50767E2EDAA294A7566B5, 13AE4879D679BB0C6B2A5A5B13910359815A9D2E569BC1DE740B5A387A78CF33 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:18:12.0247 0x2bb0  AdobeARMservice - ok
18:18:12.0379 0x2bb0  [ C3E7E1F3C85A6788F3BA078BA214341E, A3D72ACE045730DC1C8A6F4E3937C5C765AB447BF7C573BEC53DE8148EB4A1C8 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:18:12.0417 0x2bb0  AdobeFlashPlayerUpdateSvc - ok
18:18:12.0489 0x2bb0  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
18:18:12.0512 0x2bb0  adp94xx - ok
18:18:12.0550 0x2bb0  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
18:18:12.0569 0x2bb0  adpahci - ok
18:18:12.0614 0x2bb0  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
18:18:12.0629 0x2bb0  adpu320 - ok
18:18:12.0686 0x2bb0  [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
18:18:12.0725 0x2bb0  AeLookupSvc - ok
18:18:12.0788 0x2bb0  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
18:18:12.0881 0x2bb0  AFD - ok
18:18:12.0944 0x2bb0  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
18:18:12.0959 0x2bb0  agp440 - ok
18:18:12.0998 0x2bb0  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
18:18:13.0066 0x2bb0  ALG - ok
18:18:13.0125 0x2bb0  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
18:18:13.0139 0x2bb0  aliide - ok
18:18:13.0177 0x2bb0  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
18:18:13.0192 0x2bb0  amdide - ok
18:18:13.0209 0x2bb0  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
18:18:13.0248 0x2bb0  AmdK8 - ok
18:18:13.0279 0x2bb0  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
18:18:13.0308 0x2bb0  AmdPPM - ok
18:18:13.0362 0x2bb0  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
18:18:13.0386 0x2bb0  amdsata - ok
18:18:13.0406 0x2bb0  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
18:18:13.0422 0x2bb0  amdsbs - ok
18:18:13.0442 0x2bb0  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
18:18:13.0456 0x2bb0  amdxata - ok
18:18:13.0627 0x2bb0  [ 81E02299B534F61E104C1235519C37B3, B389458C13A0E0717365B7CE371A6B768EB2F98C4CDBAA6DCBBBDE3A2B1D8B14 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
18:18:13.0670 0x2bb0  AntiVirMailService - ok
18:18:13.0738 0x2bb0  [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
18:18:13.0763 0x2bb0  AntiVirSchedulerService - ok
18:18:13.0821 0x2bb0  [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
18:18:13.0848 0x2bb0  AntiVirService - ok
18:18:13.0959 0x2bb0  [ CAA9D66CA6D21AF0AE7DA01D5AC6CC2F, 827400CFB53026757B3D75B6C5AC7BBECE7E62B335160C18CBF6A41047F4A400 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
18:18:14.0009 0x2bb0  AntiVirWebService - ok
18:18:14.0068 0x2bb0  [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID           C:\Windows\system32\drivers\appid.sys
18:18:14.0114 0x2bb0  AppID - ok
18:18:14.0136 0x2bb0  [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
18:18:14.0175 0x2bb0  AppIDSvc - ok
18:18:14.0260 0x2bb0  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
18:18:14.0341 0x2bb0  Appinfo - ok
18:18:14.0387 0x2bb0  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
18:18:14.0409 0x2bb0  arc - ok
18:18:14.0440 0x2bb0  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
18:18:14.0453 0x2bb0  arcsas - ok
18:18:14.0612 0x2bb0  [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:18:14.0727 0x2bb0  aspnet_state - ok
18:18:14.0747 0x2bb0  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
18:18:14.0907 0x2bb0  AsyncMac - ok
18:18:14.0980 0x2bb0  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
18:18:14.0991 0x2bb0  atapi - ok
18:18:15.0086 0x2bb0  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:18:15.0166 0x2bb0  AudioEndpointBuilder - ok
18:18:15.0189 0x2bb0  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
18:18:15.0214 0x2bb0  AudioSrv - ok
18:18:15.0296 0x2bb0  [ D37F00A992A9E099B7A4136FD55B9180, 2298F39894AD72B72DCD871580ADE2FCA9000D8E8EDB7A6B588142BA12619A2C ] AVerAF35        C:\Windows\system32\Drivers\AVerAF35.sys
18:18:15.0347 0x2bb0  AVerAF35 - ok
18:18:15.0405 0x2bb0  [ 29E019B4607E410BFE4DB778C3300BC5, 32D1A5A5836152BAAA168B4A06AC6F52DBC19150D339B5F87E8E3A1E1EE580C3 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
18:18:15.0428 0x2bb0  avgntflt - ok
18:18:15.0452 0x2bb0  [ 1AD2C8F543F261F0AB90AD80767AB21D, 364DA0D0B8A91688CE39FEDF68EB93260819849097444F6A10A3F95CC32F9EA5 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
18:18:15.0468 0x2bb0  avipbb - ok
18:18:15.0597 0x2bb0  [ 24680B56D862F1DE30C13FC64B80F568, 4B30EB73369691B915F5615E1BF6C95B070E184BC42BCC505C94410014A04EB3 ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
18:18:15.0627 0x2bb0  Avira.ServiceHost - ok
18:18:15.0679 0x2bb0  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
18:18:15.0692 0x2bb0  avkmgr - ok
18:18:15.0735 0x2bb0  [ 99672CCD11058D6E2F627473B773F971, 4EF2BCDA4678F9ECE499F216AC0F8105F37D2AB0320064741A8DFB5C39E5048C ] avnetflt        C:\Windows\system32\DRIVERS\avnetflt.sys
18:18:15.0748 0x2bb0  avnetflt - ok
18:18:15.0811 0x2bb0  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
18:18:15.0928 0x2bb0  AxInstSV - ok
18:18:15.0984 0x2bb0  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
18:18:16.0060 0x2bb0  b06bdrv - ok
18:18:16.0112 0x2bb0  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
18:18:16.0154 0x2bb0  b57nd60a - ok
18:18:16.0295 0x2bb0  [ 5F685973740F289BE3C809952DB8408B, 4C0A0C06BB2B6B1879A860B0D68289A55F80CF74947FCCE7815F1D8121232F62 ] BBSvc           C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe
18:18:16.0323 0x2bb0  BBSvc - ok
18:18:16.0349 0x2bb0  [ 76F78018F45E7F92164CEA5020176933, 76E1CA6E198417F3749864721C43913189A7EA07B5ED320DE543B2037CEA3D65 ] BBUpdate        C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe
18:18:16.0366 0x2bb0  BBUpdate - ok
18:18:16.0526 0x2bb0  [ 2D659B569A76CDB83B815675A80D7096, 8246BD350017B6CBADA4BBDBAB8B708B0A8F1AD5ADD4B2DE1BA610B4A188C262 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl664.sys
18:18:16.0736 0x2bb0  BCM43XX - ok
18:18:16.0762 0x2bb0  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
18:18:16.0844 0x2bb0  BDESVC - ok
18:18:16.0866 0x2bb0  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
18:18:16.0925 0x2bb0  Beep - ok
18:18:17.0029 0x2bb0  [ 299E54DB3638A18E47BD3A2D2EF499F7, 7812C8F8EDA14CC74F43979B1C7E790EE15CFE10672C5F3E077AE6C87A69C27C ] Belkin Local Backup Service C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe
18:18:17.0050 0x2bb0  Belkin Local Backup Service - detected UnsignedFile.Multi.Generic ( 1 )
18:18:17.0229 0x22a4  Object required for P2P: [ C3E7E1F3C85A6788F3BA078BA214341E ] AdobeFlashPlayerUpdateSvc
18:18:19.0554 0x2bb0  Detect skipped due to KSN trusted
18:18:19.0554 0x2bb0  Belkin Local Backup Service - ok
18:18:19.0614 0x2bb0  [ E62A04D615A8CAC83601E1F07C010D3C, BA9E08EE979C3898DF573B61514B3EAA6E5DAAA182DA3618BFA1BD94ABDA0266 ] Belkin Network USB Helper C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe
18:18:19.0652 0x2bb0  Belkin Network USB Helper - detected UnsignedFile.Multi.Generic ( 1 )
18:18:19.0783 0x22a4  Object send P2P result: true
18:18:19.0785 0x22a4  Object required for P2P: [ 81E02299B534F61E104C1235519C37B3 ] AntiVirMailService
18:18:22.0160 0x2bb0  Detect skipped due to KSN trusted
18:18:22.0160 0x2bb0  Belkin Network USB Helper - ok
18:18:22.0268 0x2bb0  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
18:18:22.0363 0x22a4  Object send P2P result: true
18:18:22.0364 0x22a4  Object required for P2P: [ 3CBE5047BB08BD363420D68364F9E829 ] AntiVirSchedulerService
18:18:22.0374 0x2bb0  BFE - ok
18:18:22.0447 0x2bb0  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
18:18:22.0619 0x2bb0  BITS - ok
18:18:22.0656 0x2bb0  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
18:18:22.0682 0x2bb0  blbdrive - ok
18:18:22.0747 0x2bb0  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:18:22.0785 0x2bb0  Bonjour Service - ok
18:18:22.0837 0x2bb0  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
18:18:22.0907 0x2bb0  bowser - ok
18:18:22.0930 0x2bb0  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:18:23.0018 0x2bb0  BrFiltLo - ok
18:18:23.0034 0x2bb0  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:18:23.0063 0x2bb0  BrFiltUp - ok
18:18:23.0115 0x2bb0  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
18:18:23.0189 0x2bb0  Browser - ok
18:18:23.0227 0x2bb0  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
18:18:23.0297 0x2bb0  Brserid - ok
18:18:23.0311 0x2bb0  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
18:18:23.0343 0x2bb0  BrSerWdm - ok
18:18:23.0354 0x2bb0  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
18:18:23.0394 0x2bb0  BrUsbMdm - ok
18:18:23.0433 0x2bb0  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
18:18:23.0450 0x2bb0  BrUsbSer - ok
18:18:23.0517 0x2bb0  [ 0E03E300CB28F30843F40069563CE2AD, 8D1E78A847B548F32E15573A39E403E6A65838C77628B9F9BFBDED527BAE9054 ] BrYNSvc         C:\Program Files (x86)\Browny02\BrYNSvc.exe
18:18:23.0552 0x2bb0  BrYNSvc - detected UnsignedFile.Multi.Generic ( 1 )
18:18:24.0893 0x22a4  Object send P2P result: true
18:18:24.0893 0x22a4  Object required for P2P: [ 3CBE5047BB08BD363420D68364F9E829 ] AntiVirService
18:18:26.0042 0x2bb0  Detect skipped due to KSN trusted
18:18:26.0042 0x2bb0  BrYNSvc - ok
18:18:26.0079 0x2bb0  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
18:18:26.0110 0x2bb0  BTHMODEM - ok
18:18:26.0143 0x2bb0  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
18:18:26.0203 0x2bb0  bthserv - ok
18:18:26.0235 0x2bb0  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
18:18:26.0285 0x2bb0  cdfs - ok
18:18:26.0353 0x2bb0  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
18:18:26.0386 0x2bb0  cdrom - ok
18:18:26.0447 0x2bb0  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
18:18:26.0493 0x2bb0  CertPropSvc - ok
18:18:26.0536 0x2bb0  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
18:18:26.0573 0x2bb0  circlass - ok
18:18:26.0640 0x2bb0  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
18:18:26.0660 0x2bb0  CLFS - ok
18:18:26.0742 0x2bb0  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:18:26.0757 0x2bb0  clr_optimization_v2.0.50727_32 - ok
18:18:26.0825 0x2bb0  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:18:26.0843 0x2bb0  clr_optimization_v2.0.50727_64 - ok
18:18:26.0936 0x2bb0  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:18:27.0127 0x2bb0  clr_optimization_v4.0.30319_32 - ok
18:18:27.0146 0x2bb0  [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:18:27.0234 0x2bb0  clr_optimization_v4.0.30319_64 - ok
18:18:27.0273 0x2bb0  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
18:18:27.0293 0x2bb0  CmBatt - ok
18:18:27.0344 0x2bb0  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
18:18:27.0355 0x2bb0  cmdide - ok
18:18:27.0410 0x2bb0  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG             C:\Windows\system32\Drivers\cng.sys
18:18:27.0422 0x22a4  Object send P2P result: true
18:18:27.0422 0x22a4  Object required for P2P: [ CAA9D66CA6D21AF0AE7DA01D5AC6CC2F ] AntiVirWebService
18:18:27.0445 0x2bb0  CNG - ok
18:18:27.0486 0x2bb0  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
18:18:27.0498 0x2bb0  Compbatt - ok
18:18:27.0555 0x2bb0  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
18:18:27.0578 0x2bb0  CompositeBus - ok
18:18:27.0585 0x2bb0  COMSysApp - ok
18:18:27.0704 0x2bb0  [ 5212E0957468D3F94D90FA7A0F06B58F, 955DAC77A0148E9F9ED744F5D341CB9C9118261E52FE622AC6213965F2BC4CAD ] cpuz137         C:\Program Files (x86)\CPUID\PC Wizard 2015\pcwiz_x64.sys
18:18:27.0726 0x2bb0  cpuz137 - ok
18:18:27.0762 0x2bb0  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
18:18:27.0781 0x2bb0  crcdisk - ok
18:18:27.0854 0x2bb0  [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc        C:\Windows\system32\cryptsvc.dll
18:18:27.0902 0x2bb0  CryptSvc - ok
18:18:27.0947 0x2bb0  [ B72CF8A0162D285BDA589ECECB8F10EE, C55C48F12D0018F55CF0DCFFBB5CB6ABA3516DD9369B07838C125755171761D6 ] cxbu0x64        C:\Windows\system32\DRIVERS\cxbu0x64.sys
18:18:27.0994 0x2bb0  cxbu0x64 - ok
18:18:28.0076 0x2bb0  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
18:18:28.0137 0x2bb0  DcomLaunch - ok
18:18:28.0183 0x2bb0  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
18:18:28.0227 0x2bb0  defragsvc - ok
18:18:28.0277 0x2bb0  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
18:18:28.0329 0x2bb0  DfsC - ok
18:18:28.0405 0x2bb0  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
18:18:28.0461 0x2bb0  Dhcp - ok
18:18:28.0491 0x2bb0  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
18:18:28.0559 0x2bb0  discache - ok
18:18:28.0590 0x2bb0  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
18:18:28.0602 0x2bb0  Disk - ok
18:18:28.0657 0x2bb0  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
18:18:28.0707 0x2bb0  Dnscache - ok
18:18:28.0766 0x2bb0  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
18:18:28.0828 0x2bb0  dot3svc - ok
18:18:28.0876 0x2bb0  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
18:18:28.0939 0x2bb0  DPS - ok
18:18:29.0036 0x2bb0  [ 8D204535D6E0727DF89AF6D962A36359, 8EB84D4AAB280D46EDDD2FF0306FA6F341BF812F913A4964155514EF330D63B5 ] DRHARD64        C:\Windows\system32\drivers\DRHARD64.sys
18:18:29.0053 0x2bb0  DRHARD64 - ok
18:18:29.0068 0x2bb0  [ 127332B4B278F0ABDDB9B74BA8F82D5E, 954CEF90BEAE44F50276F59114B54164462A38420D4B8623CA8F09601DCB255F ] DRHMSR64        C:\Windows\system32\drivers\DRHMSR64.sys
18:18:29.0079 0x2bb0  DRHMSR64 - ok
18:18:29.0135 0x2bb0  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
18:18:29.0201 0x2bb0  drmkaud - ok
18:18:29.0276 0x2bb0  [ 1FCA854CEDFC2CCD0C22E46EA4EA18F1, 3508547FCE3B6ACA34511BB2C50A375E3894EBFAC656B9D1C82EA8439EFD8846 ] DsiWMIService   C:\Program Files (x86)\Launch Manager\dsiwmis.exe
18:18:29.0302 0x2bb0  DsiWMIService - ok
18:18:29.0402 0x2bb0  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
18:18:29.0444 0x2bb0  DXGKrnl - ok
18:18:29.0520 0x2bb0  EagleX64 - ok
18:18:29.0560 0x2bb0  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
18:18:29.0612 0x2bb0  EapHost - ok
18:18:29.0765 0x2bb0  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
18:18:29.0962 0x22a4  Object send P2P result: true
18:18:29.0964 0x2bb0  ebdrv - ok
18:18:30.0020 0x2bb0  [ 4C3FAC816925F73A34AD52F1F7C0A7EA, 7E9B4F68E2ADABA3A9324DA16CF680D77CF2812D4BD0BFCFF0173CA61260A3FE ] EFS             C:\Windows\System32\lsass.exe
18:18:30.0104 0x2bb0  EFS - ok
18:18:30.0207 0x2bb0  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
18:18:30.0292 0x2bb0  ehRecvr - ok
18:18:30.0328 0x2bb0  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
18:18:30.0366 0x2bb0  ehSched - ok
18:18:30.0462 0x2bb0  [ BE2902E13CA69383F449B6BF927844FB, F092785E305D8E1FE795AF98A7A7B7B4548A0D6687060568C9E078FFA8D65C1C ] ElbyCDIO        C:\Windows\system32\Drivers\ElbyCDIO.sys
18:18:30.0474 0x2bb0  ElbyCDIO - ok
18:18:30.0524 0x2bb0  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
18:18:30.0551 0x2bb0  elxstor - ok
18:18:30.0640 0x2bb0  [ 3EA2C4F68A782839D97B3C83595575B6, D4C3BFD0B6817B73BE9F2378FA946BD1C213A4FB9EB3F7D2C79E9B6D9F895106 ] ePowerSvc       C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
18:18:30.0671 0x2bb0  ePowerSvc - ok
18:18:30.0803 0x2bb0  [ B5581646636759D0DAFA8B008881C079, 0CADE029ABDCDE3A89C0786F1698C93D9A7CC981EFB3761CF243E19E178FF611 ] EPSON_EB_RPCV4_01 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
18:18:30.0828 0x2bb0  EPSON_EB_RPCV4_01 - detected UnsignedFile.Multi.Generic ( 1 )
18:18:33.0403 0x2bb0  Detect skipped due to KSN trusted
18:18:33.0403 0x2bb0  EPSON_EB_RPCV4_01 - ok
18:18:33.0434 0x2bb0  [ 1E345F2A2D95DA3190596E691CDE9342, 9D1D48F3B749ADA598D155E11E63CD52A4EEABF9BE92A1D997D25D07CF350084 ] EPSON_PM_RPCV4_01 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
18:18:33.0486 0x2bb0  EPSON_PM_RPCV4_01 - detected UnsignedFile.Multi.Generic ( 1 )
18:18:36.0022 0x2bb0  Detect skipped due to KSN trusted
18:18:36.0022 0x2bb0  EPSON_PM_RPCV4_01 - ok
18:18:36.0062 0x2bb0  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
18:18:36.0109 0x2bb0  ErrDev - ok
18:18:36.0175 0x2bb0  [ 0975BF32399A24117E317B5BF1D5D0AA, 850217D920BB6E524C08C11A9806B8B148E9CF6CEBED9481BF7C9F07BCA918D5 ] ETD             C:\Windows\system32\DRIVERS\ETD.sys
18:18:36.0205 0x2bb0  ETD - ok
18:18:36.0247 0x2bb0  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
18:18:36.0331 0x2bb0  EventSystem - ok
18:18:36.0347 0x2bb0  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
18:18:36.0402 0x2bb0  exfat - ok
18:18:36.0427 0x2bb0  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
18:18:36.0485 0x2bb0  fastfat - ok
18:18:36.0570 0x2bb0  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
18:18:36.0653 0x2bb0  Fax - ok
18:18:36.0673 0x2bb0  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
18:18:36.0711 0x2bb0  fdc - ok
18:18:36.0739 0x2bb0  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
18:18:36.0800 0x2bb0  fdPHost - ok
18:18:36.0809 0x2bb0  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
18:18:36.0854 0x2bb0  FDResPub - ok
18:18:36.0877 0x2bb0  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
18:18:36.0908 0x2bb0  FileInfo - ok
18:18:36.0923 0x2bb0  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
18:18:36.0971 0x2bb0  Filetrace - ok
18:18:37.0048 0x2bb0  [ BB0667B0171B632B97EA759515476F07, 07A123B2182D5813D2898928C231638353CF086606E9D5A5AF4A2A73E17CEC27 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
18:18:37.0086 0x2bb0  FLEXnet Licensing Service - ok
18:18:37.0109 0x2bb0  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
18:18:37.0153 0x2bb0  flpydisk - ok
18:18:37.0222 0x2bb0  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
18:18:37.0252 0x2bb0  FltMgr - ok
18:18:37.0333 0x2bb0  [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache       C:\Windows\system32\FntCache.dll
18:18:37.0464 0x2bb0  FontCache - ok
18:18:37.0540 0x2bb0  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:18:37.0564 0x2bb0  FontCache3.0.0.0 - ok
18:18:37.0595 0x2bb0  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
18:18:37.0607 0x2bb0  FsDepends - ok
18:18:37.0628 0x2bb0  [ 6C06701BF1DB05405804D7EB610991CE, 75DEB2204D9AC338ED7C4742BEFAFA0AFC7E42B2C1B54A57DF8A1AD097D9EC3E ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
18:18:37.0639 0x2bb0  fssfltr - ok
18:18:37.0746 0x2bb0  [ 4CE9DAC1518FF7E77BD213E6394B9D77, D7D0D29DF93AC7DC5F85E385EEB45306C7BD87ACA7AAC5A8D47893D120C32C03 ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
18:18:37.0793 0x2bb0  fsssvc - ok
18:18:37.0831 0x2bb0  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
18:18:37.0844 0x2bb0  Fs_Rec - ok
18:18:37.0912 0x2bb0  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
18:18:37.0935 0x2bb0  fvevol - ok
18:18:37.0960 0x2bb0  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
18:18:37.0977 0x2bb0  gagp30kx - ok
18:18:38.0043 0x2bb0  [ 79C65AC6B3274C0712B3CEDB99B9BE0B, 71ADB12C03F7C4B0E79E94357982349BAE848CDB2FF6D7DEAB5E569E008166FD ] Gizmo Central   C:\Program Files (x86)\Gizmo\gservice.exe
18:18:38.0068 0x2bb0  Gizmo Central - detected UnsignedFile.Multi.Generic ( 1 )
18:18:40.0572 0x2bb0  Detect skipped due to KSN trusted
18:18:40.0572 0x2bb0  Gizmo Central - ok
18:18:40.0622 0x2bb0  [ EE8829B623542D8ADC4DBA65A1133741, 2B57AAB127991B56EE40149169D19270FFBD10DD9EB5E74231843A73C561C910 ] GizmoDrv        C:\Windows\system32\drivers\GizmoDrv.sys
18:18:40.0653 0x2bb0  GizmoDrv - ok
18:18:40.0720 0x2bb0  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
18:18:40.0792 0x2bb0  gpsvc - ok
18:18:40.0853 0x2bb0  [ 0191DEE9B9EB7902AF2CF4F67301095D, 9E2E263E84167E1AD3FFCEA84066AF07CD6A653F5D8266A619E4973BC4B25460 ] GREGService     C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
18:18:40.0863 0x2bb0  GREGService - ok
18:18:40.0953 0x2bb0  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:18:40.0978 0x2bb0  gupdate - ok
18:18:40.0995 0x2bb0  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:18:41.0009 0x2bb0  gupdatem - ok
18:18:41.0051 0x2bb0  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
18:18:41.0066 0x2bb0  gusvc - ok
18:18:41.0087 0x2bb0  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
18:18:41.0146 0x2bb0  hcw85cir - ok
18:18:41.0220 0x2bb0  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:18:41.0267 0x2bb0  HdAudAddService - ok
18:18:41.0300 0x2bb0  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
18:18:41.0341 0x2bb0  HDAudBus - ok
18:18:41.0394 0x2bb0  [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys
18:18:41.0414 0x2bb0  HECIx64 - ok
18:18:41.0435 0x2bb0  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
18:18:41.0459 0x2bb0  HidBatt - ok
18:18:41.0480 0x2bb0  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
18:18:41.0523 0x2bb0  HidBth - ok
18:18:41.0552 0x2bb0  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
18:18:41.0580 0x2bb0  HidIr - ok
18:18:41.0617 0x2bb0  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
18:18:41.0710 0x2bb0  hidserv - ok
18:18:41.0769 0x2bb0  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
18:18:41.0851 0x2bb0  HidUsb - ok
18:18:41.0905 0x2bb0  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
18:18:41.0953 0x2bb0  hkmsvc - ok
18:18:42.0015 0x2bb0  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:18:42.0088 0x2bb0  HomeGroupListener - ok
18:18:42.0139 0x2bb0  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:18:42.0180 0x2bb0  HomeGroupProvider - ok
18:18:42.0234 0x2bb0  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
18:18:42.0252 0x2bb0  HpSAMD - ok
18:18:42.0451 0x2bb0  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
18:18:42.0542 0x2bb0  HTTP - ok
18:18:42.0623 0x2bb0  [ C8F3119AD72A507D12EF389DF4C266EF, 3AFFFECCC63ED848FD5DF64C71AD543EC56314F35B54691CA419BCBB3CEEBCA0 ] hwdatacard      C:\Windows\system32\DRIVERS\ewusbmdm.sys
18:18:42.0675 0x2bb0  hwdatacard - ok
18:18:42.0725 0x2bb0  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
18:18:42.0739 0x2bb0  hwpolicy - ok
18:18:42.0788 0x2bb0  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
18:18:42.0831 0x2bb0  i8042prt - ok
18:18:42.0884 0x2bb0  [ 1384872112E8E7FD5786ECEB8BDDF4C9, DC7844691740805A94F2901F8CB56F1591AF4F0F9C6D92D6B8595F89E6FA5F02 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
18:18:42.0907 0x2bb0  iaStor - ok
18:18:42.0948 0x2bb0  [ 6B24D1C3096DE796D15571079EA5E98C, 89566A7BDEDA7A663110F72B6301998651937E1E3E541EAB054169CEC8C7353F ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
18:18:42.0976 0x2bb0  IAStorDataMgrSvc - ok
18:18:43.0065 0x2bb0  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
18:18:43.0093 0x2bb0  iaStorV - ok
18:18:43.0195 0x2bb0  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:18:43.0242 0x2bb0  idsvc - ok
18:18:43.0261 0x2bb0  IEEtwCollectorService - ok
18:18:43.0294 0x2bb0  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
18:18:43.0307 0x2bb0  iirsp - ok
18:18:43.0390 0x2bb0  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
18:18:43.0475 0x2bb0  IKEEXT - ok
18:18:43.0530 0x2bb0  [ DD587A55390ED2295BCE6D36AD567DA9, AEB7DCB8EF89BEE8D9649A05FC482B1E4E3F44243D57A2577C862EB69166C48E ] Impcd           C:\Windows\system32\DRIVERS\Impcd.sys
18:18:43.0597 0x2bb0  Impcd - ok
18:18:43.0715 0x2bb0  [ 235362D403D9D677514649D88DB31914, 522F5BA88169ADEC1EEB595BFBBCD6417DF38CD93A0D2B2FD0AF4C907FF6D965 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
18:18:43.0797 0x2bb0  IntcAzAudAddService - ok
18:18:43.0850 0x2bb0  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
18:18:43.0862 0x2bb0  intelide - ok
18:18:43.0902 0x2bb0  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
18:18:43.0917 0x2bb0  intelppm - ok
18:18:43.0952 0x2bb0  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
18:18:44.0004 0x2bb0  IPBusEnum - ok
18:18:44.0054 0x2bb0  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:18:44.0109 0x2bb0  IpFilterDriver - ok
18:18:44.0168 0x2bb0  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
18:18:44.0234 0x2bb0  iphlpsvc - ok
18:18:44.0286 0x2bb0  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
18:18:44.0313 0x2bb0  IPMIDRV - ok
18:18:44.0340 0x2bb0  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
18:18:44.0387 0x2bb0  IPNAT - ok
18:18:44.0402 0x2bb0  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
18:18:44.0509 0x2bb0  IRENUM - ok
18:18:44.0558 0x2bb0  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
18:18:44.0580 0x2bb0  isapnp - ok
18:18:44.0636 0x2bb0  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
18:18:44.0654 0x2bb0  iScsiPrt - ok
18:18:44.0715 0x2bb0  [ 37E053A2CF8F0082B689ED74106E0CEC, 431D3A3212152A76878C9CA347056B62B2A5A3E0211C4D930639C426EE73A0B7 ] k57nd60a        C:\Windows\system32\DRIVERS\k57nd60a.sys
18:18:44.0737 0x2bb0  k57nd60a - ok
18:18:44.0762 0x2bb0  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
18:18:44.0775 0x2bb0  kbdclass - ok
18:18:44.0831 0x2bb0  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
18:18:44.0872 0x2bb0  kbdhid - ok
18:18:44.0878 0x2bb0  [ 4C3FAC816925F73A34AD52F1F7C0A7EA, 7E9B4F68E2ADABA3A9324DA16CF680D77CF2812D4BD0BFCFF0173CA61260A3FE ] KeyIso          C:\Windows\system32\lsass.exe
18:18:44.0893 0x2bb0  KeyIso - ok
18:18:44.0949 0x2bb0  [ C93EB3A92540830168F2057ECA7DE49A, 91DAEAD52B517E1E7CE9AAAE478493732156AA3122E6D16F7E8BD37116BB501C ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
18:18:44.0964 0x2bb0  KSecDD - ok
18:18:44.0989 0x2bb0  [ 43F45C59A472993E5063F2DB2D22C509, E21B48733619B49272F46E01432D76072AC9241F55CDF08E84AF6277E3BF972A ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
18:18:45.0008 0x2bb0  KSecPkg - ok
18:18:45.0053 0x2bb0  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
18:18:45.0123 0x2bb0  ksthunk - ok
18:18:45.0191 0x2bb0  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
18:18:45.0279 0x2bb0  KtmRm - ok
18:18:45.0357 0x2bb0  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
18:18:45.0410 0x2bb0  LanmanServer - ok
18:18:45.0452 0x2bb0  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:18:45.0505 0x2bb0  LanmanWorkstation - ok
18:18:45.0548 0x2bb0  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
18:18:45.0590 0x2bb0  lltdio - ok
18:18:45.0622 0x2bb0  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
18:18:45.0664 0x2bb0  lltdsvc - ok
18:18:45.0678 0x2bb0  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
18:18:45.0733 0x2bb0  lmhosts - ok
18:18:45.0786 0x2bb0  [ DBC1136A62BD4DECC3632DF650284C2E, 2D6344357D21A9062019C7DDF3DB440ABC724CDA925471BBFA8CCAC65E6A2C80 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
18:18:45.0804 0x2bb0  LMS - ok
18:18:45.0836 0x2bb0  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
18:18:45.0854 0x2bb0  LSI_FC - ok
18:18:45.0878 0x2bb0  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
18:18:45.0891 0x2bb0  LSI_SAS - ok
18:18:45.0909 0x2bb0  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:18:45.0921 0x2bb0  LSI_SAS2 - ok
18:18:45.0940 0x2bb0  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:18:45.0953 0x2bb0  LSI_SCSI - ok
18:18:45.0985 0x2bb0  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
18:18:46.0047 0x2bb0  luafv - ok
18:18:46.0088 0x2bb0  [ 035C83CD72E06C47000793D32B1A642D, 38B498D912EB3D0E3EE1266BD559234A5CF463AF81E92D6CBEE83ABECBF5DB74 ] massfilter      C:\Windows\system32\drivers\massfilter.sys
18:18:46.0121 0x2bb0  massfilter - ok
18:18:46.0149 0x2bb0  [ 7AD627CDB12F5F451F24C8A97CA6E175, ECBE9293B62D45D874D01B37FC97E861643C40D7085F5CC3A1375E47C1B39F39 ] massfilter_hs   C:\Windows\system32\drivers\massfilter_hs.sys
18:18:46.0171 0x2bb0  massfilter_hs - ok
18:18:46.0186 0x2bb0  MBAMSwissArmy - ok
18:18:46.0231 0x2bb0  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
18:18:46.0262 0x2bb0  Mcx2Svc - ok
18:18:46.0287 0x2bb0  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
18:18:46.0302 0x2bb0  megasas - ok
18:18:46.0327 0x2bb0  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
18:18:46.0348 0x2bb0  MegaSR - ok
18:18:46.0386 0x2bb0  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
18:18:46.0434 0x2bb0  MMCSS - ok
18:18:46.0447 0x2bb0  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
18:18:46.0482 0x2bb0  Modem - ok
18:18:46.0501 0x2bb0  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
18:18:46.0516 0x2bb0  monitor - ok
18:18:46.0553 0x2bb0  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
18:18:46.0567 0x2bb0  mouclass - ok
18:18:46.0604 0x2bb0  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
18:18:46.0645 0x2bb0  mouhid - ok
18:18:46.0693 0x2bb0  [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
18:18:46.0709 0x2bb0  mountmgr - ok
18:18:46.0791 0x2bb0  [ 22A7042C70F90F8261840740DDBB5176, AD0075C97D2D7C568D5CFB1C3A02DCE3BC01941844A759B29CD4DE4AF2F5FC45 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:18:46.0821 0x2bb0  MozillaMaintenance - ok
18:18:46.0867 0x2bb0  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
18:18:46.0881 0x2bb0  mpio - ok
18:18:46.0911 0x2bb0  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
18:18:46.0955 0x2bb0  mpsdrv - ok
18:18:47.0021 0x2bb0  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
18:18:47.0109 0x2bb0  MpsSvc - ok
18:18:47.0143 0x2bb0  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
18:18:47.0212 0x2bb0  MRxDAV - ok
18:18:47.0258 0x2bb0  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
18:18:47.0345 0x2bb0  mrxsmb - ok
18:18:47.0402 0x2bb0  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:18:47.0427 0x2bb0  mrxsmb10 - ok
18:18:47.0444 0x2bb0  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:18:47.0472 0x2bb0  mrxsmb20 - ok
18:18:47.0530 0x2bb0  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
18:18:47.0544 0x2bb0  msahci - ok
18:18:47.0557 0x2bb0  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
18:18:47.0571 0x2bb0  msdsm - ok
18:18:47.0597 0x2bb0  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
18:18:47.0624 0x2bb0  MSDTC - ok
18:18:47.0651 0x2bb0  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
18:18:47.0695 0x2bb0  Msfs - ok
18:18:47.0711 0x2bb0  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
18:18:47.0758 0x2bb0  mshidkmdf - ok
18:18:47.0802 0x2bb0  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
18:18:47.0830 0x2bb0  msisadrv - ok
18:18:47.0866 0x2bb0  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
18:18:47.0916 0x2bb0  MSiSCSI - ok
18:18:47.0921 0x2bb0  msiserver - ok
18:18:47.0950 0x2bb0  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
18:18:47.0985 0x2bb0  MSKSSRV - ok
18:18:47.0999 0x2bb0  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
18:18:48.0043 0x2bb0  MSPCLOCK - ok
18:18:48.0052 0x2bb0  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
18:18:48.0102 0x2bb0  MSPQM - ok
18:18:48.0157 0x2bb0  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
18:18:48.0192 0x2bb0  MsRPC - ok
18:18:48.0247 0x2bb0  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
18:18:48.0271 0x2bb0  mssmbios - ok
18:18:48.0301 0x2bb0  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
18:18:48.0355 0x2bb0  MSTEE - ok
18:18:48.0380 0x2bb0  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
18:18:48.0431 0x2bb0  MTConfig - ok
18:18:48.0453 0x2bb0  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
18:18:48.0465 0x2bb0  Mup - ok
18:18:48.0489 0x2bb0  [ 6FFECC25B39DC7652A0CEC0ADA9DB589, 927EF066CBBA8353149F8C3B7C4299AC06FED439DA874D25CFB583E5912611A2 ] mwlPSDFilter    C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
18:18:48.0499 0x2bb0  mwlPSDFilter - ok
18:18:48.0514 0x2bb0  [ 0BEFE32CA56D6EE89D58175725596A85, E36B9E6159AF7F67D549F7178896CCCB8FC3964531B1DA20CBDD465E632D8FCF ] mwlPSDNServ     C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
18:18:48.0525 0x2bb0  mwlPSDNServ - ok
18:18:48.0544 0x2bb0  [ D43BC633B8660463E446E28E14A51262, C55F235B5E08FAC6D70B0FAC737D714E318A93F8E43FF8095B86A76559AF211D ] mwlPSDVDisk     C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
18:18:48.0554 0x2bb0  mwlPSDVDisk - ok
18:18:48.0619 0x2bb0  [ 3E5E20817259F7328C8F3BE5421F35B9, 9BF20E1CE75647BF5654AD603BD7D17E36CC0AD15EEAFF4FACE637D235C34190 ] MWLService      C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
18:18:48.0664 0x2bb0  MWLService - ok
18:18:48.0727 0x2bb0  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
18:18:48.0808 0x2bb0  napagent - ok
18:18:48.0858 0x2bb0  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
18:18:48.0885 0x2bb0  NativeWifiP - ok
18:18:48.0971 0x2bb0  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
18:18:49.0020 0x2bb0  NDIS - ok
18:18:49.0060 0x2bb0  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
18:18:49.0124 0x2bb0  NdisCap - ok
18:18:49.0155 0x2bb0  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
18:18:49.0212 0x2bb0  NdisTapi - ok
18:18:49.0265 0x2bb0  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
18:18:49.0331 0x2bb0  Ndisuio - ok
18:18:49.0392 0x2bb0  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
18:18:49.0450 0x2bb0  NdisWan - ok
18:18:49.0492 0x2bb0  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
18:18:49.0541 0x2bb0  NDProxy - ok
18:18:49.0575 0x2bb0  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
18:18:49.0631 0x2bb0  NetBIOS - ok
18:18:49.0683 0x2bb0  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
18:18:49.0751 0x2bb0  NetBT - ok
18:18:49.0765 0x2bb0  [ 4C3FAC816925F73A34AD52F1F7C0A7EA, 7E9B4F68E2ADABA3A9324DA16CF680D77CF2812D4BD0BFCFF0173CA61260A3FE ] Netlogon        C:\Windows\system32\lsass.exe
18:18:49.0789 0x2bb0  Netlogon - ok
18:18:49.0827 0x2bb0  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
18:18:49.0909 0x2bb0  Netman - ok
18:18:49.0989 0x2bb0  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:18:50.0123 0x2bb0  NetMsmqActivator - ok
18:18:50.0162 0x2bb0  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:18:50.0209 0x2bb0  NetPipeActivator - ok
18:18:50.0260 0x2bb0  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
18:18:50.0342 0x2bb0  netprofm - ok
18:18:50.0377 0x2bb0  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:18:50.0396 0x2bb0  NetTcpActivator - ok
18:18:50.0403 0x2bb0  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:18:50.0421 0x2bb0  NetTcpPortSharing - ok
18:18:50.0454 0x2bb0  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
18:18:50.0466 0x2bb0  nfrd960 - ok
18:18:50.0514 0x2bb0  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
18:18:50.0590 0x2bb0  NlaSvc - ok
18:18:50.0631 0x2bb0  NLNdisMP - ok
18:18:50.0638 0x2bb0  NLNdisPT - ok
18:18:50.0830 0x2bb0  [ 5839A8027D6D324A7CD494051A96628C, 474F2D0BB463ABE68D7C4D2C630860AED4B722EC62C616C91EE00AA965378382 ] NOBU            C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
18:18:50.0913 0x2bb0  NOBU - ok
18:18:50.0930 0x2bb0  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
18:18:50.0966 0x2bb0  Npfs - ok
18:18:50.0989 0x2bb0  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
18:18:51.0039 0x2bb0  nsi - ok
18:18:51.0059 0x2bb0  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
18:18:51.0111 0x2bb0  nsiproxy - ok
18:18:51.0218 0x2bb0  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
18:18:51.0276 0x2bb0  Ntfs - ok
18:18:51.0338 0x2bb0  [ 9A308FCDCCA98A15B6F62D36A272160E, 3991F70D42C1949067ED48CF4EB815E06360B077F6A2369AC76BF0892C3C33EE ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
18:18:51.0362 0x2bb0  NTI IScheduleSvc - ok
18:18:51.0397 0x2bb0  [ EE3BA1024594D5D09E314F206B94069E, 34C8EC3DF1C3088D8A0442CAA4F5506665AFB2DF016709457ED2AB7DA45F53A6 ] NTIDrvr         C:\Windows\system32\drivers\NTIDrvr.sys
18:18:51.0406 0x2bb0  NTIDrvr - ok
18:18:51.0430 0x2bb0  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
18:18:51.0474 0x2bb0  Null - ok
18:18:51.0555 0x2bb0  [ 805F0C2B9C07E4C0F74D0EF70E9E827A, 32D3DA095788F7F7BA52AC56C8C0DD6D9D388ED3ECEAFEF23EDB8F5812FF953E ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
18:18:51.0582 0x2bb0  NVHDA - ok
18:18:52.0003 0x2bb0  [ EE6B7B6A54BCAFF516E30B1C15467495, 85D5E22593549C7980AA3523F0C9C4391E0D147B29F07500A8DA68F49D80A84F ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:18:52.0495 0x2bb0  nvlddmkm - ok
18:18:52.0622 0x2bb0  [ 1C7C6D7481CABD4EF38A81F5B68F02E8, C4FBE81B8A3F280EEAC282D76626E849197EDEEC8C755B7B12E3594776390DE7 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
18:18:52.0677 0x2bb0  NvNetworkService - ok
18:18:52.0737 0x2bb0  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
18:18:52.0752 0x2bb0  nvraid - ok
18:18:52.0765 0x2bb0  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
18:18:52.0780 0x2bb0  nvstor - ok
18:18:53.0352 0x2bb0  [ 7A03646D5330A790A9D47D9F9C38758D, D22F100BBB94C45468ADD301CC96C15365FEAEC9FE820AA4E7AB1A7AF486E3B0 ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
18:18:53.0935 0x2bb0  NvStreamSvc - ok
18:18:54.0063 0x2bb0  [ 25626309AD2F81D47C829CCB5E46E478, D23F9F72C064B5D2A7979674703585345A78F7BE88887794FC9CA2971818B3DC ] nvsvc           C:\Windows\system32\nvvsvc.exe
18:18:54.0097 0x2bb0  nvsvc - ok
18:18:54.0173 0x2bb0  [ 09216A70CC364D0974F606F6F2109210, 60877154D4DF5287D1989CDAA9863CD6DACA528D06233238498854A10C868C20 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
18:18:54.0195 0x2bb0  nvvad_WaveExtensible - ok
18:18:54.0266 0x2bb0  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
18:18:54.0295 0x2bb0  nv_agp - ok
18:18:54.0342 0x2bb0  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
18:18:54.0375 0x2bb0  ohci1394 - ok
18:18:54.0466 0x2bb0  [ 11E0B35479C895888BA3D7F619DCFFF3, 6ED82C19898101EC00BD64A9F90595C3D20AD2D2902AA8765B740FB3B9312DDF ] ose64           C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:18:54.0481 0x2bb0  ose64 - ok
18:18:54.0777 0x2bb0  [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:18:55.0024 0x2bb0  osppsvc - ok
18:18:55.0084 0x2bb0  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
18:18:55.0151 0x2bb0  p2pimsvc - ok
18:18:55.0176 0x2bb0  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
18:18:55.0201 0x2bb0  p2psvc - ok
18:18:55.0229 0x2bb0  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
18:18:55.0247 0x2bb0  Parport - ok
18:18:55.0297 0x2bb0  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
18:18:55.0316 0x2bb0  partmgr - ok
18:18:55.0363 0x2bb0  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
18:18:55.0413 0x2bb0  PcaSvc - ok
18:18:55.0457 0x2bb0  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
18:18:55.0472 0x2bb0  pci - ok
18:18:55.0525 0x2bb0  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
18:18:55.0535 0x2bb0  pciide - ok
18:18:55.0572 0x2bb0  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
18:18:55.0589 0x2bb0  pcmcia - ok
18:18:55.0615 0x2bb0  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
18:18:55.0628 0x2bb0  pcw - ok
18:18:55.0702 0x2bb0  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
18:18:55.0759 0x2bb0  PEAUTH - ok
18:18:55.0833 0x2bb0  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
18:18:55.0871 0x2bb0  PerfHost - ok
18:18:55.0976 0x2bb0  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
18:18:56.0047 0x2bb0  pla - ok
18:18:56.0118 0x2bb0  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
18:18:56.0228 0x2bb0  PlugPlay - ok
18:18:56.0316 0x2bb0  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
18:18:56.0350 0x2bb0  PNRPAutoReg - ok
18:18:56.0379 0x2bb0  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
18:18:56.0420 0x2bb0  PNRPsvc - ok
18:18:56.0478 0x2bb0  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
18:18:56.0576 0x2bb0  PolicyAgent - ok
18:18:56.0617 0x2bb0  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
18:18:56.0661 0x2bb0  Power - ok
18:18:56.0728 0x2bb0  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
18:18:56.0780 0x2bb0  PptpMiniport - ok
18:18:56.0809 0x2bb0  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
18:18:56.0843 0x2bb0  Processor - ok
18:18:56.0914 0x2bb0  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
18:18:56.0995 0x2bb0  ProfSvc - ok
18:18:57.0011 0x2bb0  [ 4C3FAC816925F73A34AD52F1F7C0A7EA, 7E9B4F68E2ADABA3A9324DA16CF680D77CF2812D4BD0BFCFF0173CA61260A3FE ] ProtectedStorage C:\Windows\system32\lsass.exe
18:18:57.0024 0x2bb0  ProtectedStorage - ok
18:18:57.0090 0x2bb0  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
18:18:57.0152 0x2bb0  Psched - ok
18:18:57.0266 0x2bb0  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
18:18:57.0332 0x2bb0  ql2300 - ok
18:18:57.0363 0x2bb0  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
18:18:57.0378 0x2bb0  ql40xx - ok
18:18:57.0418 0x2bb0  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
18:18:57.0440 0x2bb0  QWAVE - ok
18:18:57.0458 0x2bb0  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
18:18:57.0494 0x2bb0  QWAVEdrv - ok
18:18:57.0574 0x2bb0  [ A55E7D0D873B2C97585B3B5926AC6ADE, 3BE3895DA7F0888E85B1941525878BA0846A8F215AD39ED8138BB39615468E32 ] RapiMgr         C:\Windows\WindowsMobile\rapimgr.dll
18:18:57.0621 0x2bb0  RapiMgr - ok
18:18:57.0639 0x2bb0  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
18:18:57.0695 0x2bb0  RasAcd - ok
18:18:57.0734 0x2bb0  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
18:18:57.0784 0x2bb0  RasAgileVpn - ok
18:18:57.0817 0x2bb0  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
18:18:57.0876 0x2bb0  RasAuto - ok
18:18:57.0922 0x2bb0  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
18:18:57.0975 0x2bb0  Rasl2tp - ok
18:18:58.0041 0x2bb0  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
18:18:58.0102 0x2bb0  RasMan - ok
18:18:58.0135 0x2bb0  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
18:18:58.0187 0x2bb0  RasPppoe - ok
18:18:58.0214 0x2bb0  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
18:18:58.0250 0x2bb0  RasSstp - ok
18:18:58.0313 0x2bb0  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
18:18:58.0388 0x2bb0  rdbss - ok
18:18:58.0444 0x2bb0  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
18:18:58.0486 0x2bb0  rdpbus - ok
18:18:58.0501 0x2bb0  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
18:18:58.0551 0x2bb0  RDPCDD - ok
18:18:58.0573 0x2bb0  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
18:18:58.0629 0x2bb0  RDPENCDD - ok
18:18:58.0667 0x2bb0  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
18:18:58.0704 0x2bb0  RDPREFMP - ok
18:18:58.0813 0x2bb0  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
18:18:58.0879 0x2bb0  RdpVideoMiniport - ok
18:18:58.0931 0x2bb0  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
18:18:59.0004 0x2bb0  RDPWD - ok
18:18:59.0075 0x2bb0  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
18:18:59.0103 0x2bb0  rdyboost - ok
18:18:59.0136 0x2bb0  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
18:18:59.0190 0x2bb0  RemoteAccess - ok
18:18:59.0226 0x2bb0  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
18:18:59.0265 0x2bb0  RemoteRegistry - ok
18:18:59.0289 0x2bb0  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
18:18:59.0331 0x2bb0  RpcEptMapper - ok
18:18:59.0347 0x2bb0  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
18:18:59.0360 0x2bb0  RpcLocator - ok
18:18:59.0423 0x2bb0  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
18:18:59.0468 0x2bb0  RpcSs - ok
18:18:59.0491 0x2bb0  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
18:18:59.0543 0x2bb0  rspndr - ok
18:18:59.0603 0x2bb0  [ 763AE0C6D9DF4C24B7E2C26036A8188A, 1728D9BDF910324988B3D28459AB0A15C57CBBA79D2DFE377342DF3486BA9D48 ] RSUSBSTOR       C:\Windows\system32\Drivers\RtsUStor.sys
18:18:59.0621 0x2bb0  RSUSBSTOR - ok
18:18:59.0633 0x2bb0  [ 4C3FAC816925F73A34AD52F1F7C0A7EA, 7E9B4F68E2ADABA3A9324DA16CF680D77CF2812D4BD0BFCFF0173CA61260A3FE ] SamSs           C:\Windows\system32\lsass.exe
18:18:59.0657 0x2bb0  SamSs - ok
18:18:59.0699 0x2bb0  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
18:18:59.0729 0x2bb0  sbp2port - ok
18:18:59.0760 0x2bb0  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
18:18:59.0821 0x2bb0  SCardSvr - ok
18:18:59.0867 0x2bb0  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
18:18:59.0927 0x2bb0  scfilter - ok
18:19:00.0004 0x2bb0  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
18:19:00.0095 0x2bb0  Schedule - ok
18:19:00.0138 0x2bb0  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
18:19:00.0176 0x2bb0  SCPolicySvc - ok
18:19:00.0227 0x2bb0  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
18:19:00.0312 0x2bb0  SDRSVC - ok
18:19:00.0347 0x2bb0  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
18:19:00.0388 0x2bb0  secdrv - ok
18:19:00.0430 0x2bb0  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
18:19:00.0480 0x2bb0  seclogon - ok
18:19:00.0522 0x2bb0  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
18:19:00.0586 0x2bb0  SENS - ok
18:19:00.0624 0x2bb0  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
18:19:00.0672 0x2bb0  SensrSvc - ok
18:19:00.0684 0x2bb0  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
18:19:00.0699 0x2bb0  Serenum - ok
18:19:00.0734 0x2bb0  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
18:19:00.0774 0x2bb0  Serial - ok
18:19:00.0836 0x2bb0  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
18:19:00.0872 0x2bb0  sermouse - ok
18:19:00.0925 0x2bb0  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
18:19:00.0981 0x2bb0  SessionEnv - ok
18:19:01.0034 0x2bb0  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
18:19:01.0080 0x2bb0  sffdisk - ok
18:19:01.0093 0x2bb0  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
18:19:01.0125 0x2bb0  sffp_mmc - ok
18:19:01.0146 0x2bb0  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
18:19:01.0178 0x2bb0  sffp_sd - ok
18:19:01.0222 0x2bb0  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
18:19:01.0259 0x2bb0  sfloppy - ok
18:19:01.0306 0x2bb0  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
18:19:01.0377 0x2bb0  SharedAccess - ok
18:19:01.0432 0x2bb0  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:19:01.0491 0x2bb0  ShellHWDetection - ok
18:19:01.0517 0x2bb0  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:19:01.0529 0x2bb0  SiSRaid2 - ok
18:19:01.0549 0x2bb0  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
18:19:01.0562 0x2bb0  SiSRaid4 - ok
18:19:01.0642 0x2bb0  [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
18:19:01.0678 0x2bb0  SkypeUpdate - ok
18:19:01.0712 0x2bb0  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
18:19:01.0763 0x2bb0  Smb - ok
18:19:01.0813 0x2bb0  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
18:19:01.0843 0x2bb0  SNMPTRAP - ok
18:19:01.0900 0x2bb0  [ 0FFE35F0B0CD5A324BBE22F02569AE3B, F4EE803EEFDB4EAEEDB3024C3516F1F9A202C77F4870D6B74356BBDE32B3B560 ] speedfan        C:\Windows\syswow64\speedfan.sys
18:19:01.0916 0x2bb0  speedfan - ok
18:19:01.0930 0x2bb0  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
18:19:01.0943 0x2bb0  spldr - ok
18:19:02.0008 0x2bb0  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
18:19:02.0061 0x2bb0  Spooler - ok
18:19:02.0215 0x2bb0  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
18:19:02.0410 0x2bb0  sppsvc - ok
18:19:02.0437 0x2bb0  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
18:19:02.0493 0x2bb0  sppuinotify - ok
18:19:02.0559 0x2bb0  [ B9657A0AFF28C1CB114ACC0CB93EE4BB, 619DE6438827A648566CB6F6407DF30E3BBCE345775B0154D883A48E244A62EE ] sp_rsdrv2       C:\Windows\system32\DRIVERS\stflt.sys
18:19:02.0578 0x2bb0  sp_rsdrv2 - ok
18:19:02.0623 0x2bb0  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
18:19:02.0689 0x2bb0  srv - ok
18:19:02.0738 0x2bb0  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
18:19:02.0771 0x2bb0  srv2 - ok
18:19:02.0791 0x2bb0  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
18:19:02.0809 0x2bb0  srvnet - ok
18:19:02.0844 0x2bb0  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
18:19:02.0894 0x2bb0  SSDPSRV - ok
18:19:02.0952 0x2bb0  [ 0211AB46B73A2623B86C1CFCB30579AB, 7CC9BA2DF7B9EA6BB17EE342898EDD7F54703B93B6DED6A819E83A7EE9F938B4 ] SSPORT          C:\Windows\system32\Drivers\SSPORT.sys
18:19:02.0964 0x2bb0  SSPORT - ok
18:19:02.0973 0x2bb0  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
18:19:03.0033 0x2bb0  SstpSvc - ok
18:19:03.0176 0x2bb0  [ 24543AAF056D3AFCED3F4FF487F53C90, A6755E4180FEA51BA6E310CCC84C9232C8D655ACA6720EA92903353CE5224422 ] ST2012_Svc      C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
18:19:03.0217 0x2bb0  ST2012_Svc - ok
18:19:03.0291 0x2bb0  Steam Client Service - ok
18:19:03.0411 0x2bb0  [ 2222073BE0232E70A397B8302293AA9D, C4C5D7D11F88CBB674667371F4A2AF17C530E2E2C855BC5C417EF623C1CF8F65 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
18:19:03.0438 0x2bb0  Stereo Service - ok
18:19:03.0464 0x2bb0  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
18:19:03.0476 0x2bb0  stexstor - ok
18:19:03.0540 0x2bb0  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
18:19:03.0576 0x2bb0  stisvc - ok
18:19:03.0629 0x2bb0  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
18:19:03.0653 0x2bb0  swenum - ok
18:19:03.0708 0x2bb0  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
18:19:03.0761 0x2bb0  swprv - ok
18:19:03.0825 0x2bb0  [ 52EB25BD8AB4E331028C48B178441B36, 72A907F447ADB4EF307A06D2BC1052BB2F3ED0F10DC13391DB8B43665F81FD74 ] sxuptp          C:\Windows\system32\DRIVERS\sxuptp.sys
18:19:03.0842 0x2bb0  sxuptp - ok
18:19:03.0966 0x2bb0  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
18:19:04.0039 0x2bb0  SysMain - ok
18:19:04.0091 0x2bb0  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:19:04.0145 0x2bb0  TabletInputService - ok
18:19:04.0172 0x2bb0  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
18:19:04.0228 0x2bb0  TapiSrv - ok
18:19:04.0259 0x2bb0  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
18:19:04.0307 0x2bb0  TBS - ok
18:19:04.0426 0x2bb0  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
18:19:04.0534 0x2bb0  Tcpip - ok
18:19:04.0935 0x2bb0  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
18:19:04.0995 0x2bb0  TCPIP6 - ok
18:19:05.0057 0x2bb0  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
18:19:05.0081 0x2bb0  tcpipreg - ok
18:19:05.0164 0x2bb0  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
18:19:05.0245 0x2bb0  TDPIPE - ok
18:19:05.0295 0x2bb0  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
18:19:05.0319 0x2bb0  TDTCP - ok
18:19:05.0391 0x2bb0  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
18:19:05.0463 0x2bb0  tdx - ok
18:19:05.0820 0x2bb0  [ CEB90659C8C8DE208D6841176EEE3FA3, 80568CE5A951E4264D0F74C043D392A89769E4C0885E0C310B34FCEAA6E049EB ] TeamViewer      C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
18:19:06.0145 0x2bb0  TeamViewer - ok
18:19:06.0262 0x2bb0  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
18:19:06.0278 0x2bb0  TermDD - ok
18:19:06.0367 0x2bb0  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
18:19:06.0443 0x2bb0  TermService - ok
18:19:06.0527 0x2bb0  [ 42A267904416DBEB1DA0295D9042BF0D, 103AC432247CF9691B48D847D18A72EEE56E8AF058EB11216B238F59E3FA78B1 ] TGCM_ImportWiFiSvc C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe
18:19:06.0552 0x2bb0  TGCM_ImportWiFiSvc - ok
18:19:06.0575 0x2bb0  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
18:19:06.0592 0x2bb0  Themes - ok
18:19:06.0620 0x2bb0  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
18:19:06.0676 0x2bb0  THREADORDER - ok
18:19:06.0701 0x2bb0  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
18:19:06.0741 0x2bb0  TrkWks - ok
18:19:06.0805 0x2bb0  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:19:06.0853 0x2bb0  TrustedInstaller - ok
18:19:06.0901 0x2bb0  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
18:19:06.0929 0x2bb0  tssecsrv - ok
18:19:06.0997 0x2bb0  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
18:19:07.0076 0x2bb0  TsUsbFlt - ok
18:19:07.0155 0x2bb0  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
18:19:07.0201 0x2bb0  tunnel - ok
18:19:07.0227 0x2bb0  [ 825E7A1F48FB8BCFBA27C178AAB4E275, 94F039917B52BEFFFE383E14A6169AE81B6E79C30BA7DD017A9CFE15708A1605 ] TurboB          C:\Windows\system32\DRIVERS\TurboB.sys
18:19:07.0237 0x2bb0  TurboB - ok
18:19:07.0309 0x2bb0  [ B206BE1174D5964D49A56BB6C4E0524A, 9D7DA11220B69E2EDEA9E55EC0E4CB554DD7F638ABF49B76353CE5A5C75965B8 ] TurboBoost      C:\Program Files\Intel\TurboBoost\TurboBoost.exe
18:19:07.0332 0x2bb0  TurboBoost - ok
18:19:07.0361 0x2bb0  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
18:19:07.0374 0x2bb0  uagp35 - ok
18:19:07.0398 0x2bb0  [ A17D5E1A6DF4EAB0A480F2C490DE4C9D, 1EA835F172B6BF3D7F496E079DF1CDF00122B2110C08D61427582BC9405D2B7B ] UBHelper        C:\Windows\system32\drivers\UBHelper.sys
18:19:07.0411 0x2bb0  UBHelper - ok
18:19:07.0457 0x2bb0  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
18:19:07.0521 0x2bb0  udfs - ok
18:19:07.0541 0x2bb0  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
18:19:07.0576 0x2bb0  UI0Detect - ok
18:19:07.0600 0x2bb0  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
18:19:07.0613 0x2bb0  uliagpkx - ok
18:19:07.0665 0x2bb0  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\drivers\umbus.sys
18:19:07.0693 0x2bb0  umbus - ok
18:19:07.0717 0x2bb0  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
18:19:07.0732 0x2bb0  UmPass - ok
18:19:07.0878 0x2bb0  [ 7466809E6DA561D60C2F1CE8EDE3C73F, A3185049282A51B17C3DA839AF7E90F1CD395B2FB5587514EB2D65CB22854E2C ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
18:19:07.0965 0x2bb0  UNS - ok
18:19:08.0035 0x2bb0  [ F9EC9ACD504D823D9B9CA98A4F8D3CA2, 58DAD5111C598F14CB199FE6A61FA5918F29513B778A8664FD05EFAB3C665D4F ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
18:19:08.0061 0x2bb0  Updater Service - ok
18:19:08.0082 0x2bb0  UPDATESRV - ok
18:19:08.0113 0x2bb0  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
18:19:08.0189 0x2bb0  upnphost - ok
18:19:08.0232 0x2bb0  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
18:19:08.0258 0x2bb0  usbccgp - ok
18:19:08.0314 0x2bb0  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
18:19:08.0366 0x2bb0  usbcir - ok
18:19:08.0417 0x2bb0  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
18:19:08.0455 0x2bb0  usbehci - ok
18:19:08.0622 0x2bb0  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
18:19:08.0724 0x2bb0  usbhub - ok
18:19:08.0776 0x2bb0  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
18:19:08.0799 0x2bb0  usbohci - ok
18:19:08.0837 0x2bb0  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
18:19:08.0869 0x2bb0  usbprint - ok
18:19:08.0933 0x2bb0  [ AAA2513C8AED8B54B189FD0C6B1634C0, 02FEE0B756AA559C29477A19861AC16D5A3152DC3C897C7D466423438B6A5E42 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
18:19:08.0961 0x2bb0  usbscan - ok
18:19:09.0018 0x2bb0  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:19:09.0133 0x2bb0  USBSTOR - ok
18:19:09.0182 0x2bb0  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
18:19:09.0234 0x2bb0  usbuhci - ok
18:19:09.0304 0x2bb0  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
18:19:09.0351 0x2bb0  usbvideo - ok
18:19:09.0389 0x2bb0  [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx      C:\Windows\system32\drivers\usb8023x.sys
18:19:09.0431 0x2bb0  usb_rndisx - ok
18:19:09.0454 0x2bb0  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
18:19:09.0502 0x2bb0  UxSms - ok
18:19:09.0511 0x2bb0  [ 4C3FAC816925F73A34AD52F1F7C0A7EA, 7E9B4F68E2ADABA3A9324DA16CF680D77CF2812D4BD0BFCFF0173CA61260A3FE ] VaultSvc        C:\Windows\system32\lsass.exe
18:19:09.0523 0x2bb0  VaultSvc - ok
18:19:09.0577 0x2bb0  [ 3C8E2C591345F38149C69FE8E5DF8C90, 9F4BB9BDA09CB2E99A6A888B288F322AE5C460B5D124CD714C6F00FF5029144B ] VClone          C:\Windows\system32\DRIVERS\VClone.sys
18:19:09.0609 0x2bb0  VClone - ok
18:19:09.0675 0x2bb0  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
18:19:09.0699 0x2bb0  vdrvroot - ok
18:19:09.0769 0x2bb0  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
18:19:09.0831 0x2bb0  vds - ok
18:19:09.0877 0x2bb0  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
18:19:09.0894 0x2bb0  vga - ok
18:19:09.0914 0x2bb0  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
18:19:09.0971 0x2bb0  VgaSave - ok
18:19:10.0027 0x2bb0  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
18:19:10.0056 0x2bb0  vhdmp - ok
18:19:10.0120 0x2bb0  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
18:19:10.0137 0x2bb0  viaide - ok
18:19:10.0242 0x2bb0  [ 6E021D6DA429AD7288FE8322E2BBA96B, 76168FAADE2803D2215ED5959C5C8FC1885222BAEBDF2950C6CC51798136EE51 ] VMCService      C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
18:19:10.0280 0x2bb0  VMCService - detected UnsignedFile.Multi.Generic ( 1 )
18:19:12.0804 0x2bb0  Detect skipped due to KSN trusted
18:19:12.0804 0x2bb0  VMCService - ok
18:19:12.0845 0x2bb0  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
18:19:12.0861 0x2bb0  volmgr - ok
18:19:12.0921 0x2bb0  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
18:19:12.0946 0x2bb0  volmgrx - ok
18:19:12.0966 0x2bb0  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
18:19:12.0985 0x2bb0  volsnap - ok
18:19:13.0011 0x2bb0  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
18:19:13.0026 0x2bb0  vsmraid - ok
18:19:13.0121 0x2bb0  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
18:19:13.0208 0x2bb0  VSS - ok
18:19:13.0227 0x2bb0  VSSERV - ok
18:19:13.0245 0x2bb0  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
18:19:13.0277 0x2bb0  vwifibus - ok
18:19:13.0307 0x2bb0  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
18:19:13.0342 0x2bb0  vwififlt - ok
18:19:13.0375 0x2bb0  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
18:19:13.0410 0x2bb0  vwifimp - ok
18:19:13.0449 0x2bb0  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
18:19:13.0496 0x2bb0  W32Time - ok
18:19:13.0516 0x2bb0  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
18:19:13.0549 0x2bb0  WacomPen - ok
18:19:13.0608 0x2bb0  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
18:19:13.0655 0x2bb0  WANARP - ok
18:19:13.0660 0x2bb0  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
18:19:13.0695 0x2bb0  Wanarpv6 - ok
18:19:13.0767 0x2bb0  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
18:19:13.0821 0x2bb0  WatAdminSvc - ok
18:19:13.0942 0x2bb0  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
18:19:14.0066 0x2bb0  wbengine - ok
18:19:14.0111 0x2bb0  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
18:19:14.0150 0x2bb0  WbioSrvc - ok
18:19:14.0243 0x2bb0  [ 8BDA6DB43AA54E8BB5E0794541DDC209, 8753C507BE77B019A3403AF5252434A01DB9F9332E58AC3783ABCE3D21AD9DD4 ] WcesComm        C:\Windows\WindowsMobile\wcescomm.dll
18:19:14.0299 0x2bb0  WcesComm - ok
18:19:14.0357 0x2bb0  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
18:19:14.0395 0x2bb0  wcncsvc - ok
18:19:14.0426 0x2bb0  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:19:14.0481 0x2bb0  WcsPlugInService - ok
18:19:14.0510 0x2bb0  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
18:19:14.0525 0x2bb0  Wd - ok
18:19:14.0611 0x2bb0  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
18:19:14.0666 0x2bb0  Wdf01000 - ok
18:19:14.0714 0x2bb0  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
18:19:14.0787 0x2bb0  WdiServiceHost - ok
18:19:14.0793 0x2bb0  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
18:19:14.0811 0x2bb0  WdiSystemHost - ok
18:19:14.0914 0x2bb0  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
18:19:15.0000 0x2bb0  WebClient - ok
18:19:15.0052 0x2bb0  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
18:19:15.0137 0x2bb0  Wecsvc - ok
18:19:15.0174 0x2bb0  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
18:19:15.0249 0x2bb0  wercplsupport - ok
18:19:15.0278 0x2bb0  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
18:19:15.0374 0x2bb0  WerSvc - ok
18:19:15.0465 0x2bb0  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
18:19:15.0532 0x2bb0  WfpLwf - ok
18:19:15.0575 0x2bb0  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
18:19:15.0597 0x2bb0  WIMMount - ok
18:19:15.0630 0x2bb0  WinDefend - ok
18:19:15.0654 0x2bb0  WinHttpAutoProxySvc - ok
18:19:15.0733 0x2bb0  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
18:19:15.0810 0x2bb0  Winmgmt - ok
18:19:15.0934 0x2bb0  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
18:19:16.0035 0x2bb0  WinRM - ok
18:19:16.0116 0x2bb0  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
18:19:16.0151 0x2bb0  WinUsb - ok
18:19:16.0205 0x2bb0  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
18:19:16.0267 0x2bb0  Wlansvc - ok
18:19:16.0306 0x2bb0  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
18:19:16.0317 0x2bb0  wlcrasvc - ok
18:19:16.0456 0x2bb0  [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:19:16.0523 0x2bb0  wlidsvc - ok
18:19:16.0577 0x2bb0  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
18:19:16.0616 0x2bb0  WmiAcpi - ok
18:19:16.0650 0x2bb0  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
18:19:16.0699 0x2bb0  wmiApSrv - ok
18:19:16.0742 0x2bb0  WMPNetworkSvc - ok
18:19:16.0765 0x2bb0  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
18:19:16.0807 0x2bb0  WPCSvc - ok
18:19:16.0855 0x2bb0  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
18:19:16.0904 0x2bb0  WPDBusEnum - ok
18:19:16.0926 0x2bb0  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
18:19:16.0962 0x2bb0  ws2ifsl - ok
18:19:16.0987 0x2bb0  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
18:19:17.0005 0x2bb0  wscsvc - ok
18:19:17.0008 0x2bb0  WSearch - ok
18:19:17.0166 0x2bb0  [ 0814A74C853F50B354F08F83DDA9F7FB, 0A63BAA8DE451B8C2C71FEF961718E769B9BAC305C76D24048C664CB27D0DF28 ] wuauserv        C:\Windows\system32\wuaueng.dll
18:19:17.0264 0x2bb0  wuauserv - ok
18:19:17.0289 0x2bb0  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
18:19:17.0358 0x2bb0  WudfPf - ok
18:19:17.0395 0x2bb0  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
18:19:17.0434 0x2bb0  WUDFRd - ok
18:19:17.0475 0x2bb0  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
18:19:17.0497 0x2bb0  wudfsvc - ok
18:19:17.0539 0x2bb0  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
18:19:17.0570 0x2bb0  WwanSvc - ok
18:19:17.0625 0x2bb0  [ B71F6297627ABF1C9CDA451FF3ABE103, 9C049473A94F3C7024D7E1C0080B3C37731FAF2330FC9B6F808358A6A3EF25E9 ] ZTEusbmdm6k     C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
18:19:17.0670 0x2bb0  ZTEusbmdm6k - ok
18:19:17.0709 0x2bb0  [ B71F6297627ABF1C9CDA451FF3ABE103, 9C049473A94F3C7024D7E1C0080B3C37731FAF2330FC9B6F808358A6A3EF25E9 ] ZTEusbnmea      C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
18:19:17.0723 0x2bb0  ZTEusbnmea - ok
18:19:17.0765 0x2bb0  [ B71F6297627ABF1C9CDA451FF3ABE103, 9C049473A94F3C7024D7E1C0080B3C37731FAF2330FC9B6F808358A6A3EF25E9 ] ZTEusbser6k     C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
18:19:17.0789 0x2bb0  ZTEusbser6k - ok
18:19:17.0809 0x2bb0  ================ Scan global ===============================
18:19:17.0837 0x2bb0  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
18:19:17.0895 0x2bb0  [ EA32F4EA3AE06EDD122FBCD5A489E457, C6E464170121D1714A367CFC80C5EA15D42AD34909039FDB114EAD3B878A47F6 ] C:\Windows\system32\winsrv.dll
18:19:17.0917 0x2bb0  [ EA32F4EA3AE06EDD122FBCD5A489E457, C6E464170121D1714A367CFC80C5EA15D42AD34909039FDB114EAD3B878A47F6 ] C:\Windows\system32\winsrv.dll
18:19:17.0946 0x2bb0  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
18:19:18.0014 0x2bb0  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
18:19:18.0029 0x2bb0  [ Global ] - ok
18:19:18.0030 0x2bb0  ================ Scan MBR ==================================
18:19:18.0049 0x2bb0  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:19:18.0336 0x2bb0  \Device\Harddisk0\DR0 - ok
18:19:18.0337 0x2bb0  ================ Scan VBR ==================================
18:19:18.0344 0x2bb0  [ 75BC719B7E69F5C0A3D1569B1E23FA24 ] \Device\Harddisk0\DR0\Partition1
18:19:18.0382 0x2bb0  \Device\Harddisk0\DR0\Partition1 - ok
18:19:18.0387 0x2bb0  [ 02A3B13F1B891BB2FAF4F1664FA355B3 ] \Device\Harddisk0\DR0\Partition2
18:19:18.0423 0x2bb0  \Device\Harddisk0\DR0\Partition2 - ok
18:19:18.0423 0x2bb0  ================ Scan generic autorun ======================
18:19:18.0803 0x2bb0  [ 8CB8E0C93C5459B45BE1FA628FB0D761, F06830359F11515BA1CA5EC061F5B254E5A4676FBEC8AFAC23B56BB413B7E63F ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
18:19:19.0240 0x2bb0  RtHDVCpl - ok
18:19:19.0252 0x2bb0  ETDWare - ok
18:19:19.0357 0x2bb0  [ 147B96A5AEA8CEF3A34D8E378EAAA9B2, AC60E8184AC0DF277C26617AAD06F13A315B459AE47D9093161FB3DD652195B1 ] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
18:19:19.0410 0x2bb0  Acer ePower Management - ok
18:19:19.0492 0x2bb0  [ 233A10D4B3F6897899112E4EC60F1906, 1F7E768E57064938114DF2EFC5B219EB0D30A7D9E574924E9CED054462505AF0 ] C:\Windows\WindowsMobile\wmdc.exe
18:19:19.0521 0x2bb0  Windows Mobile Device Center - ok
18:19:19.0641 0x2bb0  [ 6B08632F7634F344372B25A507DA7C47, C955BFB0F4601A4D1077119B204785FE4CB975E961D2AEE9C2BFA6EDC27E3CE2 ] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe
18:19:19.0682 0x2bb0  Nvtmru - ok
18:19:19.0788 0x2bb0  [ 05C5CBE5C0C26EFF48AF60639F30F4F5, 29B20E80D0251B488CFAC1576FF9350BB79BDB33667BC5F38DF8B0FB4C7FB17C ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
18:19:19.0865 0x2bb0  NvBackend - ok
18:19:19.0884 0x2bb0  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
18:19:19.0904 0x2bb0  ShadowPlay - ok
18:19:19.0948 0x2bb0  [ 9ECF375A6E4E74D056F4B54E76D58721, 29C89504C369CC40BC6BEDE965F52736CB01FA70644059392C912FFB35C4ED0A ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
18:19:19.0969 0x2bb0  IAStorIcon - ok
18:19:20.0220 0x2bb0  [ F5281FA7188154C928ED27911B0BA6FD, 6CBF1F4E0D04986EF60A42A8A826FDB9681370EB30DB37958716FBB717757DEA ] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
18:19:20.0345 0x2bb0  BrStsMon00 - detected UnsignedFile.Multi.Generic ( 1 )
18:19:22.0863 0x2bb0  Detect skipped due to KSN trusted
18:19:22.0863 0x2bb0  BrStsMon00 - ok
18:19:22.0971 0x2bb0  [ 9DEF1B844FF294FE5900711764F82B72, 155BC2F63E395D4A20073329044A9D6AB13CCC6CA14DF63B43DE34C5F5ED035F ] C:\Program Files (x86)\BrownyInd\Brother\BrIndicator.exe
18:19:23.0035 0x2bb0  BrStsInd00 - detected UnsignedFile.Multi.Generic ( 1 )
18:19:25.0524 0x2bb0  Detect skipped due to KSN trusted
18:19:25.0524 0x2bb0  BrStsInd00 - ok
18:19:25.0666 0x2bb0  [ 5668994A6AE925189C7D7F03BFE19C66, 269146783422D06BE2BA5D358D22B03339C102D0D5970894625C9C03BFCCB773 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
18:19:25.0712 0x2bb0  avgnt - ok
18:19:25.0782 0x2bb0  [ F5060B034D37EA26D325A4319806E202, D43ACE85421DB29A6B6E8080D838152AB3858F83C2B373731945460E217C7D9F ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
18:19:25.0794 0x2bb0  Avira SystrayStartTrigger - ok
18:19:25.0900 0x2bb0  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
18:19:25.0955 0x2bb0  Sidebar - ok
18:19:25.0982 0x2bb0  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
18:19:26.0007 0x2bb0  mctadmin - ok
18:19:26.0054 0x2bb0  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
18:19:26.0094 0x2bb0  Sidebar - ok
18:19:26.0100 0x2bb0  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
18:19:26.0119 0x2bb0  mctadmin - ok
18:19:26.0276 0x2bb0  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] C:\Users\ObiMobil\AppData\Local\Google\Update\GoogleUpdate.exe
18:19:26.0298 0x2bb0  Google Update - ok
18:19:26.0411 0x2bb0  [ 1E827B1C08007E18424315DDA4756279, ED151A4C669E2F240D2E15DC70F49BCE2A244A4E8060B9E0869E15C15CFC04C6 ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
18:19:26.0439 0x2bb0  GoogleChromeAutoLaunch_37C141540D42E9440C7C9BFC5A699C9B - ok
18:19:26.0440 0x2bb0  NetDrive - ok
18:19:26.0478 0x2bb0  [ 7C6D524C78A1722AD987B9E47AC1FEE2, FFDC6C92ABB547D0DCD2621EC423C755A78079B061A41FA1751A56799D1A79A5 ] C:\Users\ObiMobil\AppData\Local\Dropbox\Update\DropboxUpdate.exe
18:19:26.0489 0x2bb0  Dropbox Update - ok
18:19:26.0669 0x2bb0  [ 781DCED079ABD884DF8CA22B6FA30F05, 392C39D4E26AAE801786EE9A2671FDFFF18991A27046853B13ACA90E4B2D3998 ] C:\Users\ObiMobil\AppData\Roaming\Spotify\SpotifyWebHelper.exe
18:19:26.0754 0x2bb0  Spotify Web Helper - ok
18:19:27.0048 0x2bb0  [ 831EE34C9AE23FE421E642DBA8E46C2A, 18710FB7B41AB3E89582451542527EEFC326AF615EB909EFEBE353AD478B0FF6 ] C:\Users\ObiMobil\AppData\Roaming\Spotify\Spotify.exe
18:19:27.0349 0x2bb0  Spotify - ok
18:19:27.0396 0x2bb0  Skype - ok
18:19:27.0402 0x2bb0  GizmoDriveDelegate - ok
18:19:27.0403 0x2bb0  Waiting for KSN requests completion. In queue: 10
18:19:28.0404 0x2bb0  Waiting for KSN requests completion. In queue: 10
18:19:29.0404 0x2bb0  Waiting for KSN requests completion. In queue: 10
18:19:29.0916 0x1924  Object required for P2P: [ 781DCED079ABD884DF8CA22B6FA30F05 ] C:\Users\ObiMobil\AppData\Roaming\Spotify\SpotifyWebHelper.exe
18:19:30.0404 0x2bb0  Waiting for KSN requests completion. In queue: 2
18:19:31.0404 0x2bb0  Waiting for KSN requests completion. In queue: 2
18:19:32.0404 0x2bb0  Waiting for KSN requests completion. In queue: 2
18:19:32.0456 0x1924  Object send P2P result: true
18:19:32.0456 0x1924  Object required for P2P: [ 831EE34C9AE23FE421E642DBA8E46C2A ] C:\Users\ObiMobil\AppData\Roaming\Spotify\Spotify.exe
18:19:33.0404 0x2bb0  Waiting for KSN requests completion. In queue: 1
18:19:34.0404 0x2bb0  Waiting for KSN requests completion. In queue: 1
18:19:35.0001 0x1924  Object send P2P result: true
18:19:35.0438 0x2bb0  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.15.106 ), 0x41000 ( enabled : updated )
18:19:35.0524 0x2bb0  Win FW state via NFP2: enabled ( trusted )
18:19:37.0963 0x2bb0  ============================================================
18:19:37.0963 0x2bb0  Scan finished
18:19:37.0963 0x2bb0  ============================================================
18:19:37.0975 0x1244  Detected object count: 0
18:19:37.0976 0x1244  Actual detected object count: 0
         
Noch als Anmerkung:
Der Prozess svchost.exe verursacht manchmal eine extrem hohe Speicherauslastung (ingesamt quasi 100%), sodass der PC dann quasi nicht mehr zu bedienen ist.
Die einzige Lösung ist dann den Dienst wuauserv zu beenden.

Alt 06.01.2016, 18:11   #5
M-K-D-B
/// TB-Ausbilder
 
Win7 extrem langsam - Standard

Win7 extrem langsam



Servus,





Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.


__________________
offline: 16.09. bis 20.09.
____________________________________

Das Trojaner-Board unterstützen

Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten?

Alt 06.01.2016, 20:53   #6
Obster79
 
Win7 extrem langsam - Standard

Win7 extrem langsam



Here we go...

Combofix Logfile:
Code:
ATTFilter
ComboFix 16-01-07.01 - ObiMobil 06.01.2016  21:13:46.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.3959.1717 [GMT 1:00]
ausgeführt von:: c:\users\ObiMobil\Desktop\ComboFix.exe
AV: Avira Antivirus *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Antivirus *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\programdata\1388761744.bdinstall.bin
c:\programdata\1427800764.bdinstall.bin
c:\users\ObiMobil\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
c:\users\ObiMobil\AppData\Local\TempFullTiltPokerEuSetup.exe
c:\windows\msdownld.tmp
.
.
(((((((((((((((((((((((   Dateien erstellt von 2015-12-06 bis 2016-01-06  ))))))))))))))))))))))))))))))
.
.
2016-01-06 20:29 . 2016-01-06 20:29	--------	d-----w-	c:\users\Katrin\AppData\Local\temp
2016-01-06 20:29 . 2016-01-06 20:29	--------	d-----w-	c:\users\Florian\AppData\Local\temp
2016-01-06 20:29 . 2016-01-06 20:29	--------	d-----w-	c:\users\Default\AppData\Local\temp
2016-01-06 01:02 . 2016-01-06 01:11	--------	d-----w-	C:\FRST
2016-01-06 00:49 . 2016-01-06 00:49	9479872	----a-w-	c:\windows\SysWow64\FlashPlayerInstaller.exe
2016-01-03 19:10 . 2016-01-03 19:10	--------	d-----w-	c:\program files (x86)\Common Files\Skype
2016-01-03 19:10 . 2016-01-03 19:10	--------	d-----r-	c:\program files (x86)\Skype
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-01-06 00:51 . 2012-04-15 21:16	796864	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2016-01-06 00:51 . 2012-04-15 21:16	142528	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-12-02 12:18 . 2011-02-18 16:18	301728	------w-	c:\windows\system32\MpSigStub.exe
2015-12-01 20:14 . 2015-03-31 11:13	75472	----a-w-	c:\windows\system32\drivers\avnetflt.sys
2015-12-01 20:14 . 2015-03-31 11:13	162072	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2015-12-01 20:14 . 2015-03-31 11:13	140448	----a-w-	c:\windows\system32\drivers\avipbb.sys
2015-11-25 11:02 . 2016-01-06 15:06	11154520	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{1044DC0F-0061-4CD9-B957-31B43177FABB}\mpengine.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2015-04-14 15:19	1729752	----a-w-	c:\progra~2\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2015-04-14 15:19	1729752	----a-w-	c:\progra~2\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2015-04-14 15:19	1729752	----a-w-	c:\progra~2\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	64792	----a-w-	c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	64792	----a-w-	c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	64792	----a-w-	c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	64792	----a-w-	c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	64792	----a-w-	c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	64792	----a-w-	c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	64792	----a-w-	c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	64792	----a-w-	c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	64792	----a-w-	c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-05-27 02:40	120176	----a-w-	c:\program files (x86)\EgisTec MyWinLocker\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GoogleChromeAutoLaunch_37C141540D42E9440C7C9BFC5A699C9B"="c:\program files (x86)\Google\Chrome\Application\chrome.exe" [2015-12-11 741704]
"Dropbox Update"="c:\users\ObiMobil\AppData\Local\Dropbox\Update\DropboxUpdate.exe" [2015-06-13 134512]
"Spotify Web Helper"="c:\users\ObiMobil\AppData\Roaming\Spotify\SpotifyWebHelper.exe" [2015-12-15 2541160]
"Spotify"="c:\users\ObiMobil\AppData\Roaming\Spotify\Spotify.exe" [2015-12-15 7660648]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2015-12-17 50378880]
"GizmoDriveDelegate"="c:\progra~2\GIZMO\GDRIVE.DLL" [2010-12-28 390752]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-04-13 284696]
"BrStsMon00"="c:\program files (x86)\Browny02\Brother\BrStMonW.exe" [2012-12-27 4509184]
"BrStsInd00"="c:\program files (x86)\BrownyInd\Brother\BrIndicator.exe" [2012-12-18 1885184]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2015-12-01 803200]
"Avira SystrayStartTrigger"="c:\program files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe" [2015-11-23 66320]
.
c:\users\ObiMobil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\ObiMobil\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2015-5-5 24952456]
Synology Cloud Station.lnk - c:\program files (x86)\Synology\CloudStation\bin\launcher.exe [2015-5-25 1506736]
.
c:\users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.4.1.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2012-8-13 1199104]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 AntiVirMailService;Avira Email-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\avmailc7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avmailc7.exe [x]
R2 AntiVirWebService;Avira Browser-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 UPDATESRV;Bitdefender Desktop Update Service;c:\program files\Bitdefender\Bitdefender\updatesrv.exe;c:\program files\Bitdefender\Bitdefender\updatesrv.exe [x]
R3 AVerAF35;AVerMedia A835 USB DVB-T;c:\windows\system32\Drivers\AVerAF35.sys;c:\windows\SYSNATIVE\Drivers\AVerAF35.sys [x]
R3 BrYNSvc;BrYNSvc;c:\program files (x86)\Browny02\BrYNSvc.exe;c:\program files (x86)\Browny02\BrYNSvc.exe [x]
R3 cpuz137;cpuz137;c:\program files (x86)\CPUID\PC Wizard 2015\pcwiz_x64.sys;c:\program files (x86)\CPUID\PC Wizard 2015\pcwiz_x64.sys [x]
R3 cxbu0x64;OMNIKEY 3x21;c:\windows\system32\DRIVERS\cxbu0x64.sys;c:\windows\SYSNATIVE\DRIVERS\cxbu0x64.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 massfilter;Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys;c:\windows\SYSNATIVE\drivers\massfilter.sys [x]
R3 massfilter_hs;USB Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter_hs.sys;c:\windows\SYSNATIVE\drivers\massfilter_hs.sys [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec MyWinLocker\x86\MWLService.exe;c:\program files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [x]
R3 NLNdisMP;NLNdisMP;c:\windows\system32\DRIVERS\nlndis.sys;c:\windows\SYSNATIVE\DRIVERS\nlndis.sys [x]
R3 NLNdisPT;NetLimiter Ndis Protocol Service;c:\windows\system32\DRIVERS\nlndis.sys;c:\windows\SYSNATIVE\DRIVERS\nlndis.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 GizmoDrv;Gizmo Device Driver; [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDVDisk.sys [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 Avira.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\Launcher\Avira.ServiceHost.exe;c:\program files (x86)\Avira\Launcher\Avira.ServiceHost.exe [x]
S2 avnetflt;avnetflt;c:\windows\system32\DRIVERS\avnetflt.sys;c:\windows\SYSNATIVE\DRIVERS\avnetflt.sys [x]
S2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe;c:\program files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe [x]
S2 Belkin Local Backup Service;Belkin Local Backup Service;c:\program files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe;c:\program files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe [x]
S2 Belkin Network USB Helper;Belkin Network USB Helper;c:\program files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe;c:\program files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe [x]
S2 DRHARD64;DRHARD64;c:\windows\system32\drivers\DRHARD64.sys;c:\windows\SYSNATIVE\drivers\DRHARD64.sys [x]
S2 DRHMSR64;DRHMSR64;c:\windows\system32\drivers\DRHMSR64.sys;c:\windows\SYSNATIVE\drivers\DRHMSR64.sys [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [x]
S2 Gizmo Central;Gizmo Central;c:\program files (x86)\Gizmo\gservice.exe;c:\program files (x86)\Gizmo\gservice.exe [x]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe;c:\program files (x86)\Acer\Registration\GREGsvc.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 sp_rsdrv2;Spyware Terminator Driver Filter;c:\windows\system32\DRIVERS\stflt.sys;c:\windows\SYSNATIVE\DRIVERS\stflt.sys [x]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys;c:\windows\SYSNATIVE\Drivers\SSPORT.sys [x]
S2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service;c:\program files (x86)\Spyware Terminator\st_rsser64.exe;c:\program files (x86)\Spyware Terminator\st_rsser64.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 sxuptp;SXUPTP Driver;c:\windows\system32\DRIVERS\sxuptp.sys;c:\windows\SYSNATIVE\DRIVERS\sxuptp.sys [x]
S2 TGCM_ImportWiFiSvc;TGCM_ImportWiFiSvc;c:\program files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe;c:\program files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
S2 VMCService;Vodafone Mobile Connect Service;c:\program files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe;c:\program files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [x]
S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe;c:\program files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-12-16 23:08	1000264	----a-w-	c:\program files (x86)\Google\Chrome\Application\47.0.2526.106\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2016-01-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-15 00:51]
.
2016-01-06 c:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3542069035-4146575090-2512792040-1000Core.job
- c:\users\ObiMobil\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-13 08:09]
.
2016-01-06 c:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3542069035-4146575090-2512792040-1000UA.job
- c:\users\ObiMobil\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-13 08:09]
.
2016-01-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-12-22 18:59]
.
2016-01-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-12-22 18:59]
.
2015-12-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3542069035-4146575090-2512792040-1000Core.job
- c:\users\ObiMobil\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-09 18:23]
.
2015-12-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3542069035-4146575090-2512792040-1000UA.job
- c:\users\ObiMobil\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-09 18:23]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2015-04-14 15:14	2334936	----a-w-	c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2015-04-14 15:14	2334936	----a-w-	c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2015-04-14 15:14	2334936	----a-w-	c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-12-08 21:33	236352	----a-w-	c:\users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-12-08 21:33	236352	----a-w-	c:\users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-12-08 21:33	236352	----a-w-	c:\users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-12-08 21:33	236352	----a-w-	c:\users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-12-08 21:33	236352	----a-w-	c:\users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-12-08 21:33	236352	----a-w-	c:\users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-12-08 21:33	236352	----a-w-	c:\users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-12-08 21:33	236352	----a-w-	c:\users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\01UnsuppModule]
@="{AEB16659-2125-4ADA-A4AB-45EE21E86469}"
[HKEY_CLASSES_ROOT\CLSID\{AEB16659-2125-4ADA-A4AB-45EE21E86469}]
2015-12-15 19:20	2594304	----a-w-	c:\users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\02SyncingModule]
@="{48AB5ADA-36B1-4137-99C9-2BD97F8788AB}"
[HKEY_CLASSES_ROOT\CLSID\{48AB5ADA-36B1-4137-99C9-2BD97F8788AB}]
2015-12-15 19:20	2594304	----a-w-	c:\users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\03SyncedModule]
@="{472CE1AD-5D53-4BCF-A1FB-3982A5F55138}"
[HKEY_CLASSES_ROOT\CLSID\{472CE1AD-5D53-4BCF-A1FB-3982A5F55138}]
2015-12-15 19:20	2594304	----a-w-	c:\users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\04ReadOnlyModule]
@="{A433C3E0-8B24-40EB-93C3-4B10D9959F58}"
[HKEY_CLASSES_ROOT\CLSID\{A433C3E0-8B24-40EB-93C3-4B10D9959F58}]
2015-12-15 19:20	2594304	----a-w-	c:\users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\05NoPermModule]
@="{C701AD67-3DF0-47C9-89CB-DFA6207BE229}"
[HKEY_CLASSES_ROOT\CLSID\{C701AD67-3DF0-47C9-89CB-DFA6207BE229}]
2015-12-15 19:20	2594304	----a-w-	c:\users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	75544	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	75544	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	75544	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	75544	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	75544	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	75544	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	75544	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	75544	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20	75544	----a-w-	c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-12-08 21:33	236352	----a-w-	c:\users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-12-08 21:33	236352	----a-w-	c:\users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-12-08 21:33	236352	----a-w-	c:\users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-12-08 21:33	236352	----a-w-	c:\users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-05-27 02:42	137584	----a-w-	c:\program files (x86)\EgisTec MyWinLocker\x64\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-06-22 10920552]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-06-11 861216]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-05-16 1012000]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2013-12-10 2279712]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2013-12-10 1100248]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = about:blank
uLocal Page = c:\windows\system32\blank.htm
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: An OneNote s&enden - c:\progra~2\MICROS~2\Office15\ONBttnIE.dll/105
IE: Free YouTube to MP3 Converter - c:\users\ObiMobil\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~2\Office15\EXCEL.EXE/3000
IE: {{d8f67242-b229-4065-95fa-391b077ed6ca} - {d8f67242-b229-4065-95fa-391b077ed6ca} - mscoree.dll
TCP: DhcpNameServer = 192.168.1.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
Handler: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - c:\windows\System32\mscoree.dll
FF - ProfilePath - c:\users\ObiMobil\AppData\Roaming\Mozilla\Firefox\Profiles\vairnhic.default\
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: browser.startup.homepage - hxxp://search.avira.com/?l=dis&o=APN10261&gct=hp&dc=EU&locale=de_DE
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-NetDrive - c:\program files\NetDrive\netdrive.exe
Wow6432Node-HKU-Default-Run-Bitdefender-Geldbörse-Agent - c:\program files\Bitdefender\Bitdefender\pmbxag.exe
Wow6432Node-HKU-Default-Run-Bitdefender-Geldbörse - c:\program files\Bitdefender\Bitdefender\pwdmanui.exe
Wow6432Node-HKU-Default-Run-Bitdefender-Geldbörse-Anwendungs-Agent - c:\program files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
HKLM-Run-ETDWare - c:\program files (x86)\Elantech\ETDCtrl.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-3542069035-4146575090-2512792040-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (S-1-5-21-3542069035-4146575090-2512792040-1000)
@Denied: (2) (LocalSystem)
"Progid"="ThunderbirdEML"
.
[HKEY_USERS\S-1-5-21-3542069035-4146575090-2512792040-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_20_0_0_270_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_20_0_0_270_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_20_0_0_270_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_20_0_0_270_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_270.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.20"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_270.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_270.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_270.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\TeamViewer\TeamViewer_Service.exe
c:\program files (x86)\Avira\Launcher\Avira.Systray.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2016-01-06  21:46:56 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2016-01-06 20:46
.
Vor Suchlauf: 23 Verzeichnis(se), 53.299.572.736 Bytes frei
Nach Suchlauf: 29 Verzeichnis(se), 56.354.373.632 Bytes frei
.
- - End Of File - - 837839D92B7078D2EE6A32A22D695E49
         
--- --- ---

Alt 07.01.2016, 12:43   #7
M-K-D-B
/// TB-Ausbilder
 
Win7 extrem langsam - Standard

Win7 extrem langsam



Schritt 1
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).






Schritt 2
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.







Schritt 3

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.







Schritt 4
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
  • FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei von AdwCleaner,
  • die Logdatei von MBAM,
  • die Logdatei von JRT,
  • die beiden neuen Logdateien von FRST.
__________________
offline: 16.09. bis 20.09.
____________________________________

Das Trojaner-Board unterstützen

Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten?

Alt 07.01.2016, 18:17   #8
Obster79
 
Win7 extrem langsam - Standard

Win7 extrem langsam



Hier die Logs:

AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v5.028 - Bericht erstellt am 07/01/2016 um 16:05:41
# Aktualisiert am 04/01/2016 von Xplode
# Datenbank : 2016-01-04.2 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : ObiMobil - OBIMOBIL-PC
# Gestartet von : C:\Users\ObiMobil\Desktop\AdwCleaner_5.028.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****

[-] Dienst Gelöscht : sp_rsdrv2

***** [ Ordner ] *****

[-] Ordner Gelöscht : C:\ProgramData\Partner
[-] Ordner Gelöscht : C:\Users\ObiMobil\AppData\Local\apn
[-] Ordner Gelöscht : C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Extensions\chphlpgkkbolifaimnlloiipkdnihall
[#] Ordner Gelöscht : C:\Windows\SysNative\Tasks\BrowserProtect
[-] Ordner Gelöscht : C:\Windows\SysWOW64\BrowserProtect

***** [ Dateien ] *****

[-] Datei Gelöscht : C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_chphlpgkkbolifaimnlloiipkdnihall_0.localstorage
[-] Datei Gelöscht : C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_chphlpgkkbolifaimnlloiipkdnihall_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\local storage\hxxp_www.azlyrics.com_0.localstorage
[-] Datei Gelöscht : C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\local storage\hxxp_www.azlyrics.com_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\local storage\hxxp_www.metrolyrics.com_0.localstorage
[-] Datei Gelöscht : C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\local storage\hxxp_www.metrolyrics.com_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_de.reimageplus.com_0.localstorage
[-] Datei Gelöscht : C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_de.reimageplus.com_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_en.softonic.com_0.localstorage
[-] Datei Gelöscht : C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_en.softonic.com_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_mmotraffic.com_0.localstorage
[-] Datei Gelöscht : C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_mmotraffic.com_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_primeshare.tv_0.localstorage
[-] Datei Gelöscht : C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_primeshare.tv_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
[-] Datei Gelöscht : C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.movshare.net_0.localstorage
[-] Datei Gelöscht : C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.movshare.net_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.softonic.de_0.localstorage
[-] Datei Gelöscht : C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.softonic.de_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.tradeadexchange.com_0.localstorage
[-] Datei Gelöscht : C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.tradeadexchange.com_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.veoh.com_0.localstorage
[-] Datei Gelöscht : C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.veoh.com_0.localstorage-journal

***** [ DLLs ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****

[-] Geplante Aufgabe Gelöscht : BrowserProtect

***** [ Registrierungsdatenbank ] *****

[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
[-] Schlüssel Gelöscht : HKCU\Software\f6d68ab768ea40
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\f6d68ab768ea40
[-] Schlüssel Gelöscht : HKCU\Software\OCS
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Babylon
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EE770228-9073-418C-A205-A8240727B4F1}
[-] Daten Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com

***** [ Internetbrowser ] *****

[-] [C:\Users\ObiMobil\AppData\Roaming\Mozilla\Firefox\Profiles\vairnhic.default\prefs.js] [Preference] Gelöscht : user_pref("browser.search.order.1", "Ask.com");
[-] [C:\Users\ObiMobil\AppData\Roaming\Mozilla\Firefox\Profiles\vairnhic.default\prefs.js] [Preference] Gelöscht : user_pref("browser.search.selectedEngine", "Ask.com");
[-] [C:\Users\ObiMobil\AppData\Roaming\Mozilla\Firefox\Profiles\vairnhic.default\prefs.js] [Preference] Gelöscht : user_pref("browser.startup.homepage", "hxxp://search.avira.com/?l=dis&o=APN10261&gct=hp&dc=EU&locale=de_DE");
[-] [C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : chphlpgkkbolifaimnlloiipkdnihall

*************************

:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [6367 Bytes] ##########
         
--- --- ---

[/CODE]

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 07.01.2016
Suchlaufzeit: 16:17
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.2.0.1024
Malware-Datenbank: v2016.01.07.03
Rootkit-Datenbank: v2016.01.05.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: ObiMobil

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 514214
Abgelaufene Zeit: 1 Std., 22 Min., 37 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 2
Adware.Hicosmea, HKCU\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{3050F406-98B5-11CF-BB82-00AA00BDCE0B}, In Quarantäne, [e7e83402f9a0d75f6f6600c3c73b42be], 
Adware.Hicosmea, HKCU\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{33C53A50-F456-4884-B049-85FD643ECFED}, In Quarantäne, [01ce35016a2fe3538650269df012916f], 

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 2
PUP.Optional.AdNetworkPerformance, C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.adnetworkperformance.com_0.localstorage, In Quarantäne, [656a0f273d5c8fa73a238a9442c24cb4], 
PUP.Optional.AdNetworkPerformance, C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.adnetworkperformance.com_0.localstorage-journal, In Quarantäne, [309f082e6b2eac8ac49933eba361cd33], 

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.1 (11.24.2015)
Operating System: Windows 7 Home Premium x64 
Ran by ObiMobil (Administrator) on 07.01.2016 at 18:33:39,74
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 19 

Successfully deleted: C:\Users\ObiMobil\AppData\Local\{176D2CEC-C706-4A01-9DA1-F03DB9F112C5} (Empty Folder)
Successfully deleted: C:\Users\ObiMobil\AppData\Local\{208AD1B4-3287-47A5-AB4E-5C3FCFB66302} (Empty Folder)
Successfully deleted: C:\Users\ObiMobil\AppData\Local\{279CD635-46D6-41B7-9F3A-DE2AFB312AD1} (Empty Folder)
Successfully deleted: C:\Users\ObiMobil\AppData\Local\{455E355A-DBD3-4422-AB5A-8B52FE404241} (Empty Folder)
Successfully deleted: C:\Users\ObiMobil\AppData\Local\{4FA92B9B-1AD9-4AD6-A397-C1873324D733} (Empty Folder)
Successfully deleted: C:\Users\ObiMobil\AppData\Local\{C5002CDE-E785-424B-ACA9-C0A3CE46FDD4} (Empty Folder)
Successfully deleted: C:\Users\ObiMobil\AppData\Local\{F0B1A5CB-BEFE-4766-B5A3-F25A918EBB21} (Empty Folder)
Successfully deleted: C:\Users\ObiMobil\AppData\Local\crashrpt (Folder) 
Successfully deleted: C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_services.hearstmags.com_0.localstorage-journal (File) 
Successfully deleted: C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_services.hearstmags.com_0.localstorage (File) 
Successfully deleted: C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage-journal (File) 
Successfully deleted: C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage (File) 
Successfully deleted: C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.williamhill.com_0.localstorage-journal (File) 
Successfully deleted: C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.williamhill.com_0.localstorage (File) 
Successfully deleted: C:\Users\ObiMobil\AppData\Roaming\MarketSamurai (Folder) 
Successfully deleted: C:\Users\ObiMobil\AppData\Roaming\MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1 (Folder) 
Successfully deleted: C:\Windows\wininit.ini (File) 
Successfully deleted: C:\Windows\SysWOW64\sho52E2.tmp (File) 
Successfully deleted: C:\Windows\SysWOW64\shoA57E.tmp (File) 



Registry: 3 

Successfully deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_37C141540D42E9440C7C9BFC5A699C9B (Registry Value) 
Successfully deleted: HKLM\SYSTEM\CurrentControlSet\services\sp_rsdrv2 (Registry Key) 
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4b71-B0A3-3D82E62A6909} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 07.01.2016 at 18:38:57,20
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

FRST Logfile:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:31-12-2015
durchgeführt von ObiMobil (Administrator) auf OBIMOBIL-PC (07-01-2016 19:11:10)
Gestartet von C:\Users\ObiMobil\Desktop
Geladene Profile: ObiMobil &  (Verfügbare Profile: ObiMobil)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
() C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe
() C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
(Arainia Solutions) C:\Program Files (x86)\Gizmo\gservice.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Crawler.com) C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Telefónica) C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe
(Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10920552 2010-06-22] (Realtek Semiconductor)
HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [649608 2010-04-13] (ELAN Microelectronic Corp.)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [861216 2010-06-11] (Acer Incorporated)
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1012000 2013-05-16] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-04-13] (Intel Corporation)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4509184 2012-12-27] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsInd00] => C:\Program Files (x86)\BrownyInd\Brother\BrIndicator.exe [1885184 2012-12-18] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [803200 2015-12-01] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-11-23] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-3542069035-4146575090-2512792040-1000\...\Run: [Dropbox Update] => C:\Users\ObiMobil\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-13] (Dropbox, Inc.)
HKU\S-1-5-21-3542069035-4146575090-2512792040-1000\...\Run: [Spotify Web Helper] => C:\Users\ObiMobil\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2346096 2016-01-07] (Spotify Ltd)
HKU\S-1-5-21-3542069035-4146575090-2512792040-1000\...\Run: [Spotify] => C:\Users\ObiMobil\AppData\Roaming\Spotify\Spotify.exe [8387696 2016-01-07] (Spotify Ltd)
HKU\S-1-5-21-3542069035-4146575090-2512792040-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50378880 2015-12-17] (Skype Technologies S.A.)
HKU\S-1-5-21-3542069035-4146575090-2512792040-1000\...\Run: [GizmoDriveDelegate] => RUNDLL32.EXE C:\PROGRA~2\GIZMO\GDRIVE.DLL,Remount_Startup_Images
HKU\S-1-5-21-3542069035-4146575090-2512792040-1000\...\Run: [GoogleChromeAutoLaunch_37C141540D42E9440C7C9BFC5A699C9B] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [741704 2015-12-11] (Google Inc.)
HKU\S-1-5-21-3542069035-4146575090-2512792040-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GoogleChromeAutoLaunch_37C141540D42E9440C7C9BFC5A699C9B] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [741704 2015-12-11] (Google Inc.)
HKU\S-1-5-21-3542069035-4146575090-2512792040-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Dropbox Update] => C:\Users\ObiMobil\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-13] (Dropbox, Inc.)
HKU\S-1-5-21-3542069035-4146575090-2512792040-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify Web Helper] => C:\Users\ObiMobil\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2346096 2016-01-07] (Spotify Ltd)
HKU\S-1-5-21-3542069035-4146575090-2512792040-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify] => C:\Users\ObiMobil\AppData\Roaming\Spotify\Spotify.exe [8387696 2016-01-07] (Spotify Ltd)
HKU\S-1-5-21-3542069035-4146575090-2512792040-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50378880 2015-12-17] (Skype Technologies S.A.)
HKU\S-1-5-21-3542069035-4146575090-2512792040-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GizmoDriveDelegate] => RUNDLL32.EXE C:\PROGRA~2\GIZMO\GDRIVE.DLL,Remount_Startup_Images
HKU\S-1-5-21-3542069035-4146575090-2512792040-1006\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\System32\Acer.scr [453152 2009-12-24] ()
HKU\S-1-5-21-3542069035-4146575090-2512792040-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\System32\Acer.scr [453152 2009-12-24] ()
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [01UnsuppModule] -> {AEB16659-2125-4ADA-A4AB-45EE21E86469} => C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2015-12-15] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [02SyncingModule] -> {48AB5ADA-36B1-4137-99C9-2BD97F8788AB} => C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2015-12-15] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [03SyncedModule] -> {472CE1AD-5D53-4BCF-A1FB-3982A5F55138} => C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2015-12-15] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [04ReadOnlyModule] -> {A433C3E0-8B24-40EB-93C3-4B10D9959F58} => C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2015-12-15] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [05NoPermModule] -> {C701AD67-3DF0-47C9-89CB-DFA6207BE229} => C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2015-12-15] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec MyWinLocker\x64\psdprotect.dll [2010-05-27] (Egis Technology Inc.)
ShellIconOverlayIdentifiers-x32: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec MyWinLocker\x86\psdprotect.dll [2010-05-27] (Egis Technology Inc.)
Startup: C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk [2014-06-24]
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\ObiMobil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-12-10]
ShortcutTarget: Dropbox.lnk -> C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\ObiMobil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Synology Cloud Station.lnk [2016-01-07]
ShortcutTarget: Synology Cloud Station.lnk -> C:\Program Files (x86)\Synology\CloudStation\bin\launcher.exe (Synology Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8236A716-D9CA-4035-BE12-FFBB4D10582A}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{FBE8EDFF-40B4-4F01-B66D-8CE039DB5E4E}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKU\S-1-5-21-3542069035-4146575090-2512792040-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-3542069035-4146575090-2512792040-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3542069035-4146575090-2512792040-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3542069035-4146575090-2512792040-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3542069035-4146575090-2512792040-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3542069035-4146575090-2512792040-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM-x32 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE411
SearchScopes: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE411
BHO: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-04-22] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-20] (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-04-22] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-04-01] (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10] (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-20] (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-21] (Microsoft Corporation)
BHO-x32: AviraBrowserSafety.BrowserSafety -> {c3c77255-42c0-499f-b664-6e981a0b1647} -> C:\Windows\SysWOW64\mscoree.dll [2010-11-05] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-04-01] (Oracle Corporation)
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-20] (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-20] (Google Inc.)
Toolbar: HKU\.DEFAULT -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-20] (Google Inc.)
Toolbar: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-20] (Google Inc.)
Toolbar: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-20] (Google Inc.)
Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\Windows\SysWOW64\mscoree.dll [2010-11-05] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\ObiMobil\AppData\Roaming\Mozilla\Firefox\Profiles\vairnhic.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll [2016-01-06] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll [2016-01-06] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-04-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-04-01] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2013-10-17] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-06-21] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-06-21] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2012-10-03] (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3542069035-4146575090-2512792040-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\ObiMobil\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-3542069035-4146575090-2512792040-1000: @talk.google.com/O1DPlugin -> C:\Users\ObiMobil\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-3542069035-4146575090-2512792040-1000: @tools.google.com/Google Update;version=3 -> C:\Users\ObiMobil\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin HKU\S-1-5-21-3542069035-4146575090-2512792040-1000: @tools.google.com/Google Update;version=9 -> C:\Users\ObiMobil\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin HKU\S-1-5-21-3542069035-4146575090-2512792040-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\ObiMobil\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-11-25] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3542069035-4146575090-2512792040-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2012-10-03] (Pando Networks)
FF Plugin HKU\S-1-5-21-3542069035-4146575090-2512792040-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @talk.google.com/GoogleTalkPlugin -> C:\Users\ObiMobil\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-3542069035-4146575090-2512792040-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @talk.google.com/O1DPlugin -> C:\Users\ObiMobil\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-3542069035-4146575090-2512792040-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @tools.google.com/Google Update;version=3 -> C:\Users\ObiMobil\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin HKU\S-1-5-21-3542069035-4146575090-2512792040-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @tools.google.com/Google Update;version=9 -> C:\Users\ObiMobil\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin HKU\S-1-5-21-3542069035-4146575090-2512792040-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\ObiMobil\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-11-25] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3542069035-4146575090-2512792040-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2012-10-03] (Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2013-10-17] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\ObiMobil\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\ObiMobil\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Extension: Avira Browser Safety - C:\Users\ObiMobil\AppData\Roaming\Mozilla\Firefox\Profiles\vairnhic.default\Extensions\abs@avira.com [2016-01-05]
FF Extension: Firebug - C:\Users\ObiMobil\AppData\Roaming\Mozilla\Firefox\Profiles\vairnhic.default\Extensions\firebug@software.joehewitt.com.xpi [2015-10-30]

Chrome: 
=======
CHR HomePage: Default -> hxxp://google.de/
CHR StartupUrls: Default -> "file:///C:/Users/ObiMobil/Downloads/akkordeon-johannschill/index.html"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.79\PepperFlash\pepflashplayer.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_278.dll => Keine Datei
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\ppGoogleNaClPluginChrome.dll => Keine Datei
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\pdf.dll => Keine Datei
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll => Keine Datei
CHR Plugin: (Google Talk Plugin) - C:\Users\ObiMobil\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\ObiMobil\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll => Keine Datei
CHR Plugin: (AmazonMP3DownloaderPlugin) - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll => Keine Datei
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll => Keine Datei
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll => Keine Datei
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll => Keine Datei
CHR Profile: C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Awesome Screenshot: Screen capture, Annotate) - C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Extensions\alelhddbbhepgpmgidjdcjakblofbmce [2015-05-04]
CHR Extension: (Web Developer) - C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbameneiokkgbdmiekhjnmfkcnldhhm [2015-07-21]
CHR Extension: (YouTube) - C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-28]
CHR Extension: (FTP Editor) - C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljonifjecojdgoejokjfdffgpgliic [2013-01-07]
CHR Extension: (Google-Suche) - C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-04]
CHR Extension: (SEO SERP Workbench) - C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehbgolklgacemnfnmkkpgekngaaggjjl [2014-01-10]
CHR Extension: (ZenMate Security, Privacy & Unblock VPN) - C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2015-11-18]
CHR Extension: (Springpad) - C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkmopoamfjnmppabeaphohombnjcjgla [2013-11-01]
CHR Extension: (feedly) - C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob [2014-09-02]
CHR Extension: (Screenleap) - C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Extensions\hpcipbhehomfgjbgnajdhiahhdeeffbg [2015-11-18]
CHR Extension: (ModHeader) - C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Extensions\idgpnmonknjnojddfkpgkljpfnnfcklj [2015-09-10]
CHR Extension: (Codey) - C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbalghnpcjmlpmmocijdfoghihgocakd [2013-01-07]
CHR Extension: (Erfassen Webseite Screenshot - FireShot) - C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2015-12-15]
CHR Extension: (Save to Pocket) - C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2015-11-04]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-29]
CHR Extension: (Mixmax: Free Unlimited Email Tracking & more) - C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocpljaamllnldhepankaeljmeeeghnid [2015-11-04]
CHR Extension: (Google Mail) - C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-31]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [948392 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1418560 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [249624 2015-11-23] (Avira Operations GmbH & Co. KG)
R2 Belkin Local Backup Service; C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe [181760 2010-02-17] () [Datei ist nicht signiert]
R2 Belkin Network USB Helper; C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe [55296 2010-02-09] () [Datei ist nicht signiert]
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 EPSON_EB_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE [163840 2007-12-17] (SEIKO EPSON CORPORATION) [Datei ist nicht signiert]
R2 EPSON_PM_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE [126464 2007-01-11] (SEIKO EPSON CORPORATION) [Datei ist nicht signiert]
R2 Gizmo Central; C:\Program Files (x86)\Gizmo\gservice.exe [31856 2010-12-28] (Arainia Solutions) [Datei ist nicht signiert]
S3 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-05-27] (Egis Technology Inc.)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-10] (NVIDIA Corporation)
R2 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [1149104 2013-04-03] (Crawler.com)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5491984 2015-05-13] (TeamViewer GmbH)
R2 TGCM_ImportWiFiSvc; C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe [201344 2012-01-10] (Telefónica)
R2 VMCService; C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [14336 2008-07-04] (Vodafone) [Datei ist nicht signiert]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 UPDATESRV; "C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe" /service [X]
S4 VSSERV; "C:\Program Files\Bitdefender\Bitdefender\vsserv.exe" /service [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 AVerAF35; C:\Windows\System32\Drivers\AVerAF35.sys [677632 2010-03-16] (AVerMedia TECHNOLOGIES, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162072 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [140448 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-03-17] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [75472 2015-12-01] (Avira Operations GmbH & Co. KG)
S3 cpuz137; C:\Program Files (x86)\CPUID\PC Wizard 2015\pcwiz_x64.sys [26856 2014-02-17] (CPUID)
S3 cxbu0x64; C:\Windows\System32\DRIVERS\cxbu0x64.sys [173952 2010-01-25] (HID Global Corporation)
R2 DRHARD64; C:\Windows\system32\drivers\DRHARD64.sys [21984 2011-11-03] (Licensed for Gebhard Software)
R2 DRHARD64; C:\Windows\SysWOW64\drivers\DRHARD64.sys [21984 2011-11-03] (Licensed for Gebhard Software)
R2 DRHMSR64; C:\Windows\system32\drivers\DRHMSR64.sys [14760 2011-12-06] ()
R2 DRHMSR64; C:\Windows\SysWOW64\drivers\DRHMSR64.sys [14760 2011-12-06] ()
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 GizmoDrv; C:\Windows\System32\Drivers\GizmoDrv.sys [32840 2010-12-28] (Arainia Solutions LLC)
S3 massfilter_hs; C:\Windows\System32\drivers\massfilter_hs.sys [12800 2010-10-15] (ZTE Incorporated)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)
R2 sxuptp; C:\Windows\System32\DRIVERS\sxuptp.sys [291352 2009-06-22] (silex technology, Inc.)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 NLNdisMP; system32\DRIVERS\nlndis.sys [X]
S3 NLNdisPT; system32\DRIVERS\nlndis.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-01-07 19:11 - 2016-01-07 19:11 - 00042309 _____ C:\Users\ObiMobil\Desktop\FRST.txt
2016-01-07 18:38 - 2016-01-07 18:38 - 00003097 _____ C:\Users\ObiMobil\Desktop\JRT.txt
2016-01-07 18:32 - 2016-01-07 18:32 - 01599336 _____ (Malwarebytes) C:\Users\ObiMobil\Desktop\JRT.exe
2016-01-07 18:31 - 2016-01-07 18:32 - 01599336 _____ (Malwarebytes) C:\Users\ObiMobil\Downloads\JRT.exe
2016-01-07 18:27 - 2016-01-07 18:27 - 00001887 _____ C:\Users\ObiMobil\Desktop\mbam.txt
2016-01-07 16:16 - 2016-01-07 16:17 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-01-07 16:16 - 2016-01-07 16:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-01-07 16:15 - 2016-01-07 16:16 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-01-07 16:15 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-01-07 16:15 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-01-07 16:15 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-01-07 16:13 - 2016-01-07 16:14 - 22908888 _____ (Malwarebytes ) C:\Users\ObiMobil\Downloads\mbam-setup-2.2.0.1024.exe
2016-01-07 15:50 - 2016-01-07 16:05 - 00000000 ____D C:\AdwCleaner
2016-01-07 15:46 - 2016-01-07 15:46 - 01749504 _____ C:\Users\ObiMobil\Desktop\AdwCleaner_5.028.exe
2016-01-06 23:34 - 2016-01-06 23:34 - 00000000 ____D C:\Users\ObiMobil\AppData\Roaming\Sublime Text 3
2016-01-06 23:34 - 2016-01-06 23:34 - 00000000 ____D C:\Users\ObiMobil\AppData\Local\Sublime Text 3
2016-01-06 23:33 - 2016-01-06 23:37 - 00000000 ____D C:\Program Files\Sublime Text 3
2016-01-06 23:33 - 2016-01-06 23:33 - 00000890 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sublime Text 3.lnk
2016-01-06 23:32 - 2016-01-06 23:32 - 08064616 _____ (Sublime HQ Pty Ltd ) C:\Users\ObiMobil\Downloads\Sublime Text Build 3083 x64 Setup.exe
2016-01-06 21:46 - 2016-01-06 21:46 - 00041010 _____ C:\ComboFix.txt
2016-01-06 21:10 - 2016-01-06 21:47 - 00000000 ____D C:\Qoobox
2016-01-06 21:10 - 2016-01-06 21:47 - 00000000 ____D C:\ComboFix
2016-01-06 21:10 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2016-01-06 21:10 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2016-01-06 21:10 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2016-01-06 21:10 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2016-01-06 21:10 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2016-01-06 21:10 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2016-01-06 21:10 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2016-01-06 21:10 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2016-01-06 21:08 - 2016-01-06 21:44 - 00000000 ____D C:\Windows\erdnt
2016-01-06 21:02 - 2016-01-06 21:06 - 05646860 ____R (Swearware) C:\Users\ObiMobil\Desktop\ComboFix.exe
2016-01-06 21:02 - 2016-01-06 21:06 - 05646860 _____ (Swearware) C:\Users\ObiMobil\Downloads\ComboFix (1).exe
2016-01-06 18:17 - 2016-01-06 21:03 - 00229046 _____ C:\TDSSKiller.3.1.0.9_06.01.2016_18.17.09_log.txt
2016-01-06 18:16 - 2016-01-06 18:16 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\ObiMobil\Desktop\tdsskiller.exe
2016-01-06 15:37 - 2016-01-07 03:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-01-06 02:02 - 2016-01-07 19:11 - 00000000 ____D C:\FRST
2016-01-06 02:00 - 2016-01-06 02:00 - 02370560 _____ (Farbar) C:\Users\ObiMobil\Desktop\FRST64.exe
2016-01-06 01:49 - 2016-01-06 01:49 - 09479872 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2016-01-03 20:10 - 2016-01-03 20:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-01-03 20:10 - 2016-01-03 20:10 - 00002699 _____ C:\Users\Public\Desktop\Skype.lnk
2016-01-03 20:10 - 2016-01-03 20:10 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-12-17 20:09 - 2015-12-17 20:09 - 03012606 _____ C:\Users\ObiMobil\Downloads\marketing_master_list_15-12-15.xlsx
2015-12-17 20:05 - 2015-12-17 20:05 - 20737480 _____ C:\Users\ObiMobil\Downloads\Präsentation1.pptx
2015-12-10 00:42 - 2015-12-10 00:42 - 00000000 ____D C:\Users\ObiMobil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-01-07 18:55 - 2010-12-22 18:48 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-07 18:53 - 2012-04-15 22:16 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-01-07 18:52 - 2015-06-13 09:09 - 00001236 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3542069035-4146575090-2512792040-1000UA.job
2016-01-07 18:35 - 2007-07-12 02:48 - 00000000 ____D C:\Windows
2016-01-07 18:24 - 2010-12-27 19:49 - 00000000 ____D C:\Users\ObiMobil\AppData\Roaming\Skype
2016-01-07 16:48 - 2013-01-07 22:21 - 00000000 ____D C:\Users\ObiMobil\AppData\Roaming\FileZilla
2016-01-07 16:25 - 2009-07-14 05:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-07 16:25 - 2009-07-14 05:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-07 16:18 - 2013-10-10 16:12 - 00000000 ____D C:\Users\ObiMobil\AppData\Roaming\Spotify
2016-01-07 16:16 - 2010-09-18 20:37 - 02683128 _____ C:\Windows\system32\perfh007.dat
2016-01-07 16:16 - 2010-09-18 20:37 - 00790028 _____ C:\Windows\system32\perfc007.dat
2016-01-07 16:16 - 2009-07-14 06:13 - 00006540 _____ C:\Windows\system32\PerfStringBackup.INI
2016-01-07 16:15 - 2015-04-07 12:00 - 00000000 ___RD C:\Users\ObiMobil\Dropbox
2016-01-07 16:14 - 2013-10-10 16:13 - 00000000 ____D C:\Users\ObiMobil\AppData\Local\Spotify
2016-01-07 16:14 - 2012-10-15 19:56 - 00000000 ____D C:\Users\ObiMobil\AppData\Roaming\Dropbox
2016-01-07 16:10 - 2010-12-22 18:48 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-07 16:08 - 2014-01-03 16:29 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2016-01-07 16:08 - 2013-05-08 10:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-07 16:08 - 2010-09-18 10:53 - 00000000 ____D C:\ProgramData\NVIDIA
2016-01-07 16:08 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-07 16:05 - 2011-09-09 19:11 - 00001080 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3542069035-4146575090-2512792040-1000Core.job
2016-01-06 23:43 - 2015-04-01 15:59 - 00000000 ____D C:\webprojects
2016-01-06 21:38 - 2015-09-02 17:03 - 00001142 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2016-01-06 21:38 - 2015-03-31 11:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-01-06 21:38 - 2015-03-31 11:56 - 00000000 ____D C:\ProgramData\Package Cache
2016-01-06 21:36 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2016-01-06 21:01 - 2015-06-13 09:09 - 00001184 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3542069035-4146575090-2512792040-1000Core.job
2016-01-06 01:52 - 2012-04-15 22:16 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-01-06 01:51 - 2012-04-15 22:16 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-01-06 01:51 - 2012-04-15 22:16 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-05 19:06 - 2015-08-01 12:07 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-01-03 20:10 - 2014-03-24 20:14 - 00000000 ____D C:\Users\ObiMobil\AppData\Local\Skype
2016-01-03 20:10 - 2010-12-27 19:49 - 00000000 ____D C:\ProgramData\Skype
2015-12-17 00:07 - 2013-05-02 03:47 - 00000000 ____D C:\Users\ObiMobil\AppData\Roaming\Mozilla
2015-12-15 20:29 - 2014-12-30 12:07 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-12-15 20:21 - 2015-05-28 13:54 - 00000000 ____D C:\Users\ObiMobil\AppData\Local\CloudStation

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2010-12-28 20:06 - 2014-07-20 18:57 - 0001164 _____ () C:\Users\ObiMobil\AppData\Local\crc32list11.txt
2010-12-22 22:00 - 2010-12-22 22:15 - 0003584 _____ () C:\Users\ObiMobil\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-06-25 19:58 - 2013-06-25 20:08 - 0000600 _____ () C:\Users\ObiMobil\AppData\Local\PUTTY.RND
2010-12-22 15:46 - 2015-08-27 18:04 - 0007650 _____ () C:\Users\ObiMobil\AppData\Local\Resmon.ResmonCfg
2011-06-26 17:25 - 2011-06-26 17:25 - 0000000 _____ () C:\Users\ObiMobil\AppData\Local\{76B0BBCC-D61A-4313-A85F-56880C5B8021}
2008-05-23 16:48 - 2008-05-23 16:48 - 0020270 _____ () C:\ProgramData\DeviceInstaller.xml
2008-06-23 12:02 - 2008-06-23 12:02 - 0097410 ____R () C:\ProgramData\DeviceManager.xml.rc4
2010-07-13 12:45 - 2010-03-02 23:59 - 0131984 _____ () C:\ProgramData\FullRemove.exe
2015-06-30 17:38 - 2015-06-30 17:38 - 0000098 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc

Einige Dateien in TEMP:
====================
C:\Users\ObiMobil\AppData\Local\Temp\avgnt.exe
C:\Users\ObiMobil\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-12-20 00:10

==================== Ende von FRST.txt ============================
         
--- --- ---

Alt 07.01.2016, 18:18   #9
Obster79
 
Win7 extrem langsam - Standard

Win7 extrem langsam



FRST Additions Logfile:
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:31-12-2015
durchgeführt von ObiMobil (2016-01-07 19:11:56)
Gestartet von C:\Users\ObiMobil\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2010-12-22 13:52:14)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3542069035-4146575090-2512792040-500 - Administrator - Disabled)
Gast (S-1-5-21-3542069035-4146575090-2512792040-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3542069035-4146575090-2512792040-1002 - Limited - Enabled)
ObiMobil (S-1-5-21-3542069035-4146575090-2512792040-1000 - Administrator - Enabled) => C:\Users\ObiMobil

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Acer Backup Manager (HKLM-x32\...\InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.68 - NewTech Infosystems)
Acer Crystal Eye webcam (HKLM-x32\...\{51F026FA-5146-4232-A8BA-1364740BD053}) (Version: 1.0.4.0 - Liteon)
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 5.00.3005 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3013 - Acer Incorporated)
Acer GameZone Console (HKLM-x32\...\{58F4D244-314F-4D26-B5EF-C28AB32E22CB}_is1) (Version: 6.1.0.9 - Oberon Media, Inc.)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.03.3003 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0707.2010 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.180 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.270 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.267 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Airport Mania First Flight (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11505173}) (Version:  - Oberon Media)
Amazonia (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}) (Version:  - Oberon Media)
AVerMedia A835 USB TV Tuner 8.0.64.57 (HKLM-x32\...\AVerMedia A835 USB TV Tuner) (Version: 8.0.64.57 - AVerMedia TECHNOLOGIES, Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.15.129 - Avira Operations GmbH & Co. KG)
Avira Browser Safety (HKLM-x32\...\{9E10EA90-5E97-43B7-A246-FC7B4F5E9493}) (Version: 1.4.5.509 - Avira Operations GmbH & Co KG)
Avira Launcher (x32 Version: 1.1.52.15531 - Avira Operations GmbH & Co. KG) Hidden
Backup Manager Basic (x32 Version: 2.0.0.68 - NewTech Infosystems) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Belkin USB Print and Storage Center (HKLM\...\Belkin USB Print and Storage Center) (Version: 1.0.0 - Belkin International, Inc.)
Betfair Poker (HKLM-x32\...\Betfair Poker_is1) (Version:  - Betfair)
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom Gigabit NetLink Controller (HKLM\...\{A84DB02B-9C2B-4272-9D2D-A80E00A56513}) (Version: 14.0.2.3 - Broadcom Corporation)
Cake Mania (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}) (Version:  - Oberon Media)
calibre 64bit (HKLM\...\{2D534835-A873-4402-BEED-813FE50BF118}) (Version: 2.30.0 - Kovid Goyal)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.1.3868 - CDBurnerXP)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - )
CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.2829.50 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DDBAC (HKLM-x32\...\{9FC83F04-9C3F-429B-92DE-1252235765E4}) (Version: 4.3.42 - DataDesign)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Dream Day First Home (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}) (Version:  - Oberon Media)
Dropbox (HKU\S-1-5-21-3542069035-4146575090-2512792040-1000\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.)
Dropbox (HKU\S-1-5-21-3542069035-4146575090-2512792040-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.)
Druckerdeinstallation für EPSON SX210 Series (HKLM\...\EPSON SX210 Series) (Version:  - SEIKO EPSON Corporation)
eBay Worldwide (HKLM-x32\...\{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}) (Version: 2.1.0901 - OEM)
eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)
eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) Hidden
ETDWare PS/2-x64 7.0.6.5_WHQL (HKLM\...\Elantech) (Version: 7.0.6.5 - ELAN Microelectronics Corp.)
Farm Frenzy 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}) (Version:  - Oberon Media)
FileZilla Client 3.6.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.6.0.2 - FileZilla Project)
FreeMind (HKLM-x32\...\B991B020-2968-11D8-AF23-444553540000_is1) (Version: 0.9.0 - )
Full Tilt Poker (HKLM-x32\...\{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}) (Version: 4.48.1.WIN.FullTilt.COM - )
Full Tilt Poker.Eu (HKLM-x32\...\{127BEFB3-24B2-4B44-8E99-AD22C2A5A8ED}) (Version: 4.55.4.WIN.FullTilt.EU - )
Galapago (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}) (Version:  - Oberon Media)
Gameforge Live 2.0.6 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.6 - Gameforge)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Git version 1.8.3-preview20130601 (HKLM-x32\...\Git_is1) (Version: 1.8.3-preview20130601 - The Git Development Community)
Gizmo Central (HKLM-x32\...\Gizmo Central) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7210.1528 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
HearthstoneTracker (HKLM-x32\...\HearthstoneTracker) (Version: 1.9.23.39449 - HearthstoneTracker.com)
Heroes of Hellas (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}) (Version:  - Oberon Media)
HEX (HKLM-x32\...\{6EDED3CB-CAC5-4200-A534-CCA1732EAF23}_is1) (Version:  - Gameforge)
HL-1110 series (HKLM-x32\...\{4F2442B7-A89E-42A4-8F0E-6937499855CA}) (Version: 1.0.0.0 - Brother Industries, Ltd.)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated)
import.io (HKU\S-1-5-21-3542069035-4146575090-2512792040-1000\...\{95981586-8D7F-49E9-9C7F-3AA704641471}_is1) (Version: 0.1 - import.io)
import.io (HKU\S-1-5-21-3542069035-4146575090-2512792040-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\{95981586-8D7F-49E9-9C7F-3AA704641471}_is1) (Version: 0.1 - import.io)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.2.1001 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.02.00.1002 - Intel Corporation)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
KeePass Password Safe 2.28 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.28 - Dominik Reichl)
Kodi (HKU\S-1-5-21-3542069035-4146575090-2512792040-1000\...\Kodi) (Version:  - XBMC-Foundation)
Kodi (HKU\S-1-5-21-3542069035-4146575090-2512792040-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Kodi) (Version:  - XBMC-Foundation)
Launch Manager (HKLM-x32\...\LManager) (Version: 4.0.12 - Acer Inc.)
League of Legends (HKLM-x32\...\{918A9082-6287-4D25-9002-5E5D5E4971CB}) (Version: 1.02.0000 - Riot Games)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
ManiaPlanet (HKLM-x32\...\ManiaPlanet_is1) (Version:  - Nadeo)
Market Samurai (HKLM-x32\...\MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1) (Version: 0.93.64 - Alliance Software Pty Ltd)
Market Samurai (x32 Version: 0.93.64 - Alliance Software Pty Ltd) Hidden
Merriam Websters Spell Jam (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}) (Version:  - Oberon Media)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mimo (HKLM-x32\...\Mimo) (Version: 0.2.5 - Mimo, Inc.)
Mobile Connection Manager (HKLM-x32\...\o2DE) (Version: 8.8.7.892 - Mobile Connection Manager)
Mozilla Firefox 39.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.5.0 - Mozilla)
Mozilla Thunderbird 38.5.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.5.0 (x86 de)) (Version: 38.5.0 - Mozilla)
MyWinLocker (x32 Version: 3.1.212.0 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}) (Version: 3.1.212.0 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 3.1.212.0 - Egis Technology Inc.) Hidden
Newshosting (HKLM\...\{63E2392B-D8C3-4458-BEB4-057AD58EF032}) (Version: 1.5.3 - Newshosting)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
NVIDIA 3D Vision Treiber 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 320.49 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 320.49 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.24.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.24.2 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0604 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.19 - NVIDIA Corporation)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
paint.net (HKLM\...\{DF3A46D9-67B3-44B2-9D01-25C8BA772C8A}) (Version: 4.0.6 - dotPDN LLC)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.8 - Pando Networks Inc.)
PC Wizard 2015.2.14 (HKLM-x32\...\PC Wizard 2015_is1) (Version:  - CPUID)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Poker Pop (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111355427}) (Version:  - Oberon Media)
PokerStars (HKLM-x32\...\PokerStars) (Version:  - PokerStars)
ProgDVB (HKLM\...\ProgDVB) (Version:  - )
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version:  - Jan Fiala)
QuickPar 0.9 (HKLM-x32\...\QuickPar) (Version: 0.9 - Peter B. Clements)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6141 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30122 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 1.6.85 - NVIDIA Corporation) Hidden
Shredder (Version: 2.0.8.3 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.3 - Egis Technology Inc.) Hidden
Skype™ 7.17 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.105 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spin & Win (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110300453}) (Version:  - Oberon Media)
Spotify (HKU\S-1-5-21-3542069035-4146575090-2512792040-1000\...\Spotify) (Version: 1.0.20.94.g8f8543b3 - Spotify AB)
Spotify (HKU\S-1-5-21-3542069035-4146575090-2512792040-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Spotify) (Version: 1.0.20.94.g8f8543b3 - Spotify AB)
Spyware Terminator 2012 (HKLM-x32\...\{56736259-613E-4A3B-B428-6235F2E76F44}_is1) (Version: 3.0.0.82 - Crawler.com)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Sublime Text Build 3083 (HKLM\...\Sublime Text 3_is1) (Version:  - Sublime HQ Pty Ltd)
Synology Cloud Station (HKLM-x32\...\{17B316FB-7048-49FE-86E7-92A5905F842A}) (Version: 3.2.3479 - Synology)
TeamDrive 3 (HKLM-x32\...\TeamDrive 3) (Version: 3.1.2.454 - TeamDrive Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.42650 - TeamViewer)
TortoiseGit 1.8.3.0 (64 bit) (HKLM\...\{C39D5E7E-0CA3-4090-AAE3-9F7F4D5D567A}) (Version: 1.8.3.0 - TortoiseGit)
Überwachungstool für die Intel® Turbo-Boost-Technik (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.186.6 - Intel)
Unity Web Player (HKU\S-1-5-21-3542069035-4146575090-2512792040-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-3542069035-4146575090-2512792040-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{CBCC2FD8-7DFE-4752-95B5-2E447C226F45}) (Version:  - Microsoft)
UseNeXT by Tangysoft (HKLM-x32\...\UseNeXT by Tangysoft_is1) (Version:  - Tangysoft Ltd.)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Vodafone Mobile Connect Lite (HKLM-x32\...\{C656142F-EFE1-44CD-BFAD-6CBC6DCB9860}) (Version: 9.3.3.10523 - Vodafone)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3002 - Acer Incorporated)
WiMP 2.4.2 (HKLM-x32\...\com.aspiro.wimp.de.25F5C0086CDE1F22CA0B92A487729991CA6CD013.1) (Version: 2.4.2 - Aspiro AS)
WiMP 2.4.2 (x32 Version: 2.4.2 - Aspiro AS) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
WISO Steuer-Sparbuch 2011 (HKLM-x32\...\{02F0B8AE-7501-4333-AFBE-6BAABFEC7637}) (Version: 18.00.6928 - Buhl Data Service GmbH)
ZTE USB Driver (HKLM\...\ZTE USB Driver) (Version: 1.0.1.31_TME - ZTE Corporation)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\ObiMobil\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\ObiMobil\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{2C4A5D61-009C-4561-9A33-6AFD542FD237}\InprocServer32 -> C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\ContextMenu.dll ()
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\ObiMobil\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{472CE1AD-5D53-4BCF-A1FB-3982A5F55138}\InprocServer32 -> C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{48AB5ADA-36B1-4137-99C9-2BD97F8788AB}\InprocServer32 -> C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\ObiMobil\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\ObiMobil\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\ObiMobil\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{A433C3E0-8B24-40EB-93C3-4B10D9959F58}\InprocServer32 -> C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{AEB16659-2125-4ADA-A4AB-45EE21E86469}\InprocServer32 -> C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\ObiMobil\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{C701AD67-3DF0-47C9-89CB-DFA6207BE229}\InprocServer32 -> C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{ca586c80-7c84-4b88-8537-726724df6929}\InprocServer32 -> C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll ()
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\ObiMobil\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\ObiMobil\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\ObiMobil\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\ObiMobil\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\ObiMobil\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => Keine Datei

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {12000D8D-DA3E-46E8-B7A0-C644B180F08F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {170B4AFC-8CF0-464B-B4DD-614BB3A62FD7} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3542069035-4146575090-2512792040-1000Core => C:\Users\ObiMobil\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {1E76B4F1-2DCD-4F27-9366-7D1B50600C5A} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
Task: {418F17BD-04C3-4A5B-81A7-A136187FA939} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3542069035-4146575090-2512792040-1000Core => C:\Users\ObiMobil\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-13] (Dropbox, Inc.)
Task: {45FCE8E7-27C1-42DE-A28C-6817130DDCB6} - System32\Tasks\{EB5A17F7-59B1-4914-80F9-8981CBF7FF0B} => C:\Program Files (x86)\Gizmo\gizmo.exe [2010-12-28] (Arainia Solutions)
Task: {49B53F6B-58B5-4494-AA3E-A9B86F524493} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {5A40E926-9E86-4B89-9CFD-B12311724371} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {733D650D-7434-4D36-A837-44A40309EEEC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-06] (Adobe Systems Incorporated)
Task: {7A532F03-994C-4519-A175-E21C8E9C95ED} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {862865A0-5DF5-4EE9-B973-7E48693A5EB7} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3542069035-4146575090-2512792040-1000UA => C:\Users\ObiMobil\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {A34B3048-6A02-4C85-99C2-22DC96B05E06} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {AEC5BE87-9C6A-4459-9A7B-E245DFD0ECF2} - System32\Tasks\AutoKMSDaily => C:\Windows\AutoKMS\AutoKMS.exe
Task: {BEC65FF4-BA85-47B4-A046-5C604D31BD72} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3542069035-4146575090-2512792040-1000UA => C:\Users\ObiMobil\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-13] (Dropbox, Inc.)
Task: {C5004184-66DB-44A1-9FB0-F1C099EF0412} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {C5FBFB11-265B-4257-BB6C-49153ACABAB1} - System32\Tasks\{CBEC163D-63CE-4F46-95B0-6470B36DFE3E} => pcalua.exe -a C:\Users\ObiMobil\Downloads\HiJackThis204.exe -d C:\Users\ObiMobil\Downloads
Task: {CCDAC0B1-D721-4AC0-A7A9-5F2C39719A25} - System32\Tasks\Avira Browser Safety Updater Task => C:\Program Files (x86)\Avira\Browser Safety\AviraBrowserSafetyUpdater.exe [2015-03-11] (Avira Operations GmbH & Co. KG)
Task: {DD9F510C-95F4-499A-90C8-BAC5BC372FF4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => start sppsvc
Task: {E7C97CD1-334A-4FCC-8E9F-1C5FFAF49143} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3542069035-4146575090-2512792040-1000Core.job => C:\Users\ObiMobil\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3542069035-4146575090-2512792040-1000UA.job => C:\Users\ObiMobil\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3542069035-4146575090-2512792040-1000Core.job => C:\Users\ObiMobil\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3542069035-4146575090-2512792040-1000UA.job => C:\Users\ObiMobil\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2013-12-04 19:55 - 2011-06-22 17:14 - 00034304 _____ () C:\Windows\System32\sst2cl6.dll
2013-12-04 19:55 - 2011-06-22 17:13 - 00826880 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\sst2cdu.dll
2012-09-24 18:43 - 2010-02-17 17:25 - 00181760 ____N () C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe
2012-09-24 18:43 - 2010-02-09 14:55 - 00055296 ____N () C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe
2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2013-05-05 15:26 - 2013-05-05 15:26 - 00597144 _____ () C:\Program Files\TortoiseGit\bin\libgit2.dll
2013-05-05 15:26 - 2013-05-05 15:26 - 00087704 _____ () C:\Program Files\TortoiseGit\bin\zlib1.dll
2010-06-28 14:20 - 2010-06-28 14:20 - 00465576 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
2010-06-28 14:12 - 2010-06-28 14:12 - 01081600 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll
2014-06-20 10:22 - 2009-02-27 15:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2015-03-03 16:01 - 2015-03-03 16:01 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\89753abff3827095ec7f3d3fb79f744a\IsdiInterop.ni.dll
2010-07-13 12:32 - 2010-04-13 17:52 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-11-29 22:59 - 2012-11-29 22:59 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2013-05-05 15:18 - 2013-05-05 15:18 - 00451736 _____ () C:\Program Files\TortoiseGit\bin\libgit232.dll
2013-05-05 15:18 - 2013-05-05 15:18 - 00077464 _____ () C:\Program Files\TortoiseGit\bin\zlib132.dll
2014-04-12 04:30 - 2014-02-10 12:44 - 04592128 _____ () C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
2014-04-12 04:30 - 2014-02-10 12:44 - 00112128 _____ () C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll
2016-01-03 20:07 - 2015-12-24 07:46 - 16792256 _____ () C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\PepperFlash\20.0.0.267\pepflashplayer.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\Temp:05B51235
AlternateDataStreams: C:\ProgramData\Temp:0B9176C0
AlternateDataStreams: C:\Users\ObiMobil\Downloads\avira_de_av_5968378268__ws.exe:BDU
AlternateDataStreams: C:\Users\ObiMobil\Downloads\BlueStacks-SplitInstaller_native.exe:BDU
AlternateDataStreams: C:\Users\ObiMobil\Downloads\Hearthstone-Beta-Setup-deDE.exe:BDU
AlternateDataStreams: C:\Users\ObiMobil\Downloads\HiJackThis204.exe:BDU
AlternateDataStreams: C:\Users\ObiMobil\Downloads\KeePass-2.28-Setup.exe:BDU
AlternateDataStreams: C:\Users\ObiMobil\Downloads\MediaPlayerClassic_RocketFuelInstaller (1).exe:BDU
AlternateDataStreams: C:\Users\ObiMobil\Downloads\MediaPlayerClassic_RocketFuelInstaller (2).exe:BDU
AlternateDataStreams: C:\Users\ObiMobil\Downloads\MediaPlayerClassic_RocketFuelInstaller.exe:BDU
AlternateDataStreams: C:\Users\ObiMobil\Downloads\UnityWebPlayer.exe:BDU

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2016-01-06 21:31 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3542069035-4146575090-2512792040-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\ObiMobil\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-3542069035-4146575090-2512792040-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\ObiMobil\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-3542069035-4146575090-2512792040-1005-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-3542069035-4146575090-2512792040-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-3542069035-4146575090-2512792040-1006\Control Panel\Desktop\\Wallpaper -> C:\Users\Katrin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-3542069035-4146575090-2512792040-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Katrin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WISO Mein Steuer-Sparbuch heute.lnk => C:\Windows\pss\WISO Mein Steuer-Sparbuch heute.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^ObiMobil^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^An OneNote senden.lnk => C:\Windows\pss\An OneNote senden.lnk.Startup
MSCONFIG\startupfolder: C:^Users^ObiMobil^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk => C:\Windows\pss\OpenOffice.org 3.2.lnk.Startup
MSCONFIG\startupfolder: C:^Users^ObiMobil^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk => C:\Windows\pss\OpenOffice.org 3.4.1.lnk.Startup
MSCONFIG\startupfolder: C:^Users^ObiMobil^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^TeamDrive starten.lnk => C:\Windows\pss\TeamDrive starten.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: BackupManagerTray => "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
MSCONFIG\startupreg: EgisTecPMMUpdate => "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
MSCONFIG\startupreg: EgisUpdate => "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
MSCONFIG\startupreg: EPSON SX210 Series => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFDE.EXE /FU "C:\Windows\TEMP\E_S3821.tmp" /EF "HKCU"
MSCONFIG\startupreg: GizmoDriveDelegate => RUNDLL32.EXE C:\PROGRA~2\GIZMO\GDRIVE.DLL,Remount_Startup_Images
MSCONFIG\startupreg: InstallerLauncher => "C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\Installer.exe"
MSCONFIG\startupreg: KeePass 2 PreLoad => "C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" --preload
MSCONFIG\startupreg: LManager => C:\Program Files (x86)\Launch Manager\LManager.exe
MSCONFIG\startupreg: MarbleStation => C:\NetmarbleGlobal\MarbleStation\GlbMSLauncher.exe
MSCONFIG\startupreg: mwlDaemon => C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
MSCONFIG\startupreg: Norton Online Backup => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
MSCONFIG\startupreg: Spotify => "C:\Users\ObiMobil\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\ObiMobil\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SpywareTerminatorShield => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
MSCONFIG\startupreg: SpywareTerminatorUpdater => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
MSCONFIG\startupreg: SuiteTray => "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: VirtualCloneDrive => "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{644A509A-457D-4C04-A293-18216D016B92}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9.EXE
FirewallRules: [{4FB3C17C-AFA2-4BEE-A7E5-8D1A934CDEBA}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{DF06B872-4390-4F3E-A9A5-F676794FFB36}] => (Allow) svchost.exe
FirewallRules: [{5CC7C186-58CF-42C4-BCF7-0252AC5EDA15}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{EADD3136-38EC-4276-B8DE-B445FEF10116}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{5941FBA2-5C7E-4017-893E-BF5464672003}] => (Allow) LPort=8396
FirewallRules: [{F80A5A05-AE6E-4626-8379-CF99A1FF6603}] => (Allow) LPort=8396
FirewallRules: [{DC691B14-20E3-4C09-9522-51A8047906B2}] => (Allow) C:\Riot Games\League of Legends\air\LolClient.exe
FirewallRules: [{AE1E21B4-AC39-471E-A866-19C7112321F0}] => (Allow) C:\Riot Games\League of Legends\air\LolClient.exe
FirewallRules: [{E464845F-F9B1-4FF5-A808-FE15AF4E166D}] => (Allow) C:\Riot Games\League of Legends\game\League of Legends.exe
FirewallRules: [{0BA59535-22A9-4255-8FCA-968A39ED2FCA}] => (Allow) C:\Riot Games\League of Legends\game\League of Legends.exe
FirewallRules: [{D061CD36-7D7E-4A60-A8C4-F05CACB57074}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{83E37541-C840-48C9-8591-FDCA41A68B8E}] => (Allow) LPort=2869
FirewallRules: [{E85B69D9-BDB7-4179-BD31-6257BEE2411B}] => (Allow) LPort=1900
FirewallRules: [{BE0BAD6F-A68C-45B8-8DF5-A1B705C6E4A8}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{303B66B6-128E-438B-B27C-660BE5785F35}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{717F01DA-700F-44B0-87D1-DF42ABF069D0}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{9D61C302-DDAA-4873-928D-DE7B0E6D4C37}] => (Allow) LPort=26675
FirewallRules: [{2A54FA3D-4BDC-4973-BD62-99F6C7E6A56C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{719EBF74-D777-46F7-8F91-274BAEB174CF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{5CECA94B-FE03-43FF-9FFA-F890C0F2BF89}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5EB4556F-DCCA-4202-B39A-6FFAE6552696}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{81BF6A9C-47D9-4D4C-89F4-BBE75C955FE7}] => (Allow) C:\Program Files\Belkin\Belkin USB Print and Storage Center\Connect.exe
FirewallRules: [{3F280DE1-1E27-494C-B834-53766BEED907}] => (Allow) LPort=19540
FirewallRules: [{D7B4B7DC-016A-442E-9EF1-5595A0A86C54}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{8B838E13-25BD-494A-8AD0-ED6A07644CB4}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{B8666841-261E-4F8D-8987-CB018796183F}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{FA13DB77-43CA-4201-8A41-D99B0FA4C08A}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{E73EC40F-AE04-48DE-A31F-A9A4E7190731}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{00E4A79D-AD6D-46AD-BD41-68D412892459}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{EB23ECE7-5DE6-44A8-98DE-E7D120FE3593}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{8473E708-FEC3-4F42-80DB-BDB76BE44F6F}] => (Allow) C:\Users\Tina\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{67FAEB53-7E20-4560-8AAE-006D14673290}] => (Allow) C:\Users\Tina\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{0DB30832-EBAF-45EE-A038-E4D18E3AA138}C:\users\tina\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\tina\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{864CE943-EA29-4CB4-9CAE-F3E282D1F1FA}C:\users\tina\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\tina\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{C928EAA9-E01C-4319-B916-41487A3D3294}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{324618CF-24C9-4D32-A243-931E0F5F2EDF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{503CE394-961E-45C4-BF8E-1861C13F81DA}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
FirewallRules: [UDP Query User{65E93227-1224-48A3-A710-B90139D8BB8D}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
FirewallRules: [{F2F4A06B-4A97-43EA-B34B-684F9FCE486A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{D3FECFD4-80FC-4CA5-B431-797A9DBE29B5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{517A8981-3539-4C8B-B682-502C526135E4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{95A6D083-5453-436E-9B1D-F18D016D4BB5}C:\games\world_of_warplanes\wowplauncher.exe] => (Allow) C:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [UDP Query User{121E808E-3864-4307-A0C1-5C229E795CFF}C:\games\world_of_warplanes\wowplauncher.exe] => (Allow) C:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [{CEB91F73-CC6A-4278-A017-AE3D695FF1D8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.954\Agent.exe
FirewallRules: [{7946E88C-0937-468A-B492-E54718C73A42}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.954\Agent.exe
FirewallRules: [{7927492C-B4AD-4AE9-A2A2-1F799F2B924D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [{6AAA0759-22BC-4B20-B159-8EC58AF41E2E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [{E106A59C-5A9C-4D93-9A3A-7520A871ECAD}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{EFCCC650-E1C1-4580-968E-805463B388B3}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{1ABA1577-87F4-436B-ACAB-C4B8CB661934}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [{B79D15D2-09EA-429B-8E95-50D695D9FAA6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [TCP Query User{186D3854-4E87-43C7-A862-EFE1B9295CFE}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{3DD553F3-809F-4486-B2E2-806387F81456}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [TCP Query User{CD9248C5-EF90-4BE4-B05A-8A32C111F0A4}C:\users\obimobil\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\obimobil\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{D52BA98D-4A70-492D-BEFF-922042682BC7}C:\users\obimobil\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\obimobil\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{B2F89E7C-3C36-45D4-93E6-E7D4752C374B}C:\users\obimobil\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\obimobil\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{2B593A5F-6CBE-46C0-978E-B7D3E370AF11}C:\users\obimobil\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\obimobil\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{A5A6D78A-D0D4-4C0F-B84B-BCF844C6D385}C:\users\obimobil\appdata\local\temp\10e1.tmp\kmservice.exe] => (Block) C:\users\obimobil\appdata\local\temp\10e1.tmp\kmservice.exe
FirewallRules: [UDP Query User{5CC172D9-5DE7-4177-B704-BE7D4B979206}C:\users\obimobil\appdata\local\temp\10e1.tmp\kmservice.exe] => (Block) C:\users\obimobil\appdata\local\temp\10e1.tmp\kmservice.exe
FirewallRules: [{31E64288-1C04-48BB-8378-CD2F6F5253F8}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{7BA6BA51-8870-42D0-8217-E2C191BF66BE}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{BA82F319-D8A7-465B-A7CC-831194A9AFF2}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{AE887943-465B-45F3-AE35-2162E3E5F2A3}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [TCP Query User{7D012476-062D-4F87-8327-20EA4AF0BF94}C:\program files (x86)\litecoin\litecoin-qt.exe] => (Allow) C:\program files (x86)\litecoin\litecoin-qt.exe
FirewallRules: [UDP Query User{273B7A88-16A1-4156-96B5-D21B6B69DDC5}C:\program files (x86)\litecoin\litecoin-qt.exe] => (Allow) C:\program files (x86)\litecoin\litecoin-qt.exe
FirewallRules: [{98740A53-138A-4F2B-83BA-EE36DF215C08}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{389CD855-E081-4EF7-A7DF-40480852DCE0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{9ECC3A29-1962-4A51-8A9C-17881A7ACD4F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{C36AA280-6F60-4EDD-AC3D-92BDA020C63C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{ACCBD3E9-40C7-45F3-8BE3-1CA77BB1F459}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{313839F5-34FF-46F1-ACBA-9652F7955722}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{5E359099-63CB-4BD1-892F-3DC169853987}C:\users\obimobil\downloads\eclipse-php-helios-sr2-win32\eclipse\eclipse.exe] => (Allow) C:\users\obimobil\downloads\eclipse-php-helios-sr2-win32\eclipse\eclipse.exe
FirewallRules: [UDP Query User{8D0DDA2E-60F6-4BE4-93C2-3155BEB88D4B}C:\users\obimobil\downloads\eclipse-php-helios-sr2-win32\eclipse\eclipse.exe] => (Allow) C:\users\obimobil\downloads\eclipse-php-helios-sr2-win32\eclipse\eclipse.exe
FirewallRules: [{DF1292F3-9DCE-4C4D-AE59-C7611BEF7A40}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminator.exe
FirewallRules: [{350BCC2B-05F5-4533-ABF7-0DF776AAA7E6}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminator.exe
FirewallRules: [{12B039E1-B8D3-4A8E-8315-9AD46F9A250C}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
FirewallRules: [{4316ACFD-D8ED-42A8-BC51-F0790A63D08C}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
FirewallRules: [TCP Query User{2FDB0447-1E9C-4D57-81B0-E7000263C88F}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe] => (Block) C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe
FirewallRules: [UDP Query User{B85F3155-4F36-4C78-812F-E736DC8FB74A}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe] => (Block) C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe
FirewallRules: [TCP Query User{9C2440BD-5F2C-461D-929A-3B2446871F48}C:\users\obimobil\downloads\eclipse-php-helios-sr2-win32\eclipse\eclipse.exe] => (Allow) C:\users\obimobil\downloads\eclipse-php-helios-sr2-win32\eclipse\eclipse.exe
FirewallRules: [UDP Query User{1D418261-AE50-4F3E-950A-ED8AE2D4D14D}C:\users\obimobil\downloads\eclipse-php-helios-sr2-win32\eclipse\eclipse.exe] => (Allow) C:\users\obimobil\downloads\eclipse-php-helios-sr2-win32\eclipse\eclipse.exe
FirewallRules: [TCP Query User{9A67B07D-1EA9-4D3F-B8EE-5D8F18C5BAEB}C:\program files (x86)\java\jre7\launch4j-tmp\mimo.exe] => (Allow) C:\program files (x86)\java\jre7\launch4j-tmp\mimo.exe
FirewallRules: [UDP Query User{B1C21952-83AA-464D-93A7-129DB7099251}C:\program files (x86)\java\jre7\launch4j-tmp\mimo.exe] => (Allow) C:\program files (x86)\java\jre7\launch4j-tmp\mimo.exe
FirewallRules: [{24A15925-EE40-4F26-9DA8-97EAF6DE592C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{93F4746F-E9D5-43A1-9552-9C8D37ED85FC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{080D5608-1464-4882-8FC6-3FCBE813F686}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2680\Agent.exe
FirewallRules: [{4FF78B3C-6B69-46EF-BA33-56E99E21E961}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2680\Agent.exe
FirewallRules: [{4220F71E-E474-4A3E-A8AD-8CDC90BDC23B}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{187EA9A6-AC25-4EB0-8D1C-CFB9A1576489}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{21269A9F-0B3B-4DEE-AAB0-C4FAE19F4F3C}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{2D8F5D9F-3B95-4CE8-A861-8771A1622B03}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{D51BF2AD-2A82-4067-8FBF-7FD9B835F200}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2689\Agent.exe
FirewallRules: [{F4463B5A-CBA8-498B-B4BF-9A63C460795F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2689\Agent.exe
FirewallRules: [{3CA9DADA-CE81-4ADC-8326-9EF966C3211E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{A7154BE3-5E7B-4F4E-8E1E-FBE5C68490A8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{59123C40-E91C-4126-B637-10B66A1F90FD}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{BB3D3494-446A-422E-9357-755BF71A55F9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{263A5036-BC53-4F62-B69D-28B607E81795}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{042A7EA0-32CD-4EB8-8D83-DC5AA39EEFF5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [TCP Query User{572C469D-501C-46D1-9540-AB10847582D1}C:\programdata\battle.net\agent\agent.3109\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3109\agent.exe
FirewallRules: [UDP Query User{AD9E8E11-4524-45EE-B081-8B5FEA734A72}C:\programdata\battle.net\agent\agent.3109\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3109\agent.exe
FirewallRules: [{CA47BA01-2AE7-4D22-850D-6B18410D4A76}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{A354E9EE-A9F5-41A0-B61B-1439E3B01199}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [TCP Query User{E0142BEF-B8E9-4A00-A003-5B2B1F03873F}C:\programdata\battle.net\agent\agent.3182\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3182\agent.exe
FirewallRules: [UDP Query User{3D76D9B1-4AC0-4DCF-A6E4-2420E3D9C160}C:\programdata\battle.net\agent\agent.3182\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3182\agent.exe
FirewallRules: [{9F6774E4-7094-4437-BA29-47088B1E14B9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{E27F7686-5A8D-4490-8C42-B29EF2C75BA8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{3456BD2B-496A-4ECE-A2D2-47F309C81102}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{8F9E6692-F2F8-42DC-880C-16A53DC8BA82}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [TCP Query User{9A00F4BA-33D6-45CF-8EB2-7E04DD45727C}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{F30DA08D-F746-486A-8F0C-9C37D902B212}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{6E2959C6-BFF8-49AC-854F-3E95A39B43CF}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{2F1B9C7E-5411-4AB1-8EFD-15AA3EF82D2C}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{C85E36FC-87D6-47C9-8420-1BC0682974E9}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{CB96C99E-EE01-4B40-88F0-C4E191666099}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{49A7C27F-D992-4088-B0EA-DFBF60BD1DF4}] => (Allow) C:\Program Files\NetDrive\ndsvc.exe
FirewallRules: [{E7310655-551E-4196-BDBD-E8ECAAC0F3E1}] => (Allow) C:\Program Files\NetDrive\ndsvc.exe
FirewallRules: [{A844FBBE-0BC2-47DC-A624-C30FC72DFE4A}] => (Allow) C:\Program Files\NetDrive\ndsvc.exe
FirewallRules: [{792657DC-EFDB-4AE5-864C-DC8290287AF7}] => (Allow) C:\Program Files\NetDrive\ndsvc.exe
FirewallRules: [{5CDFDD58-DC32-4B6B-B90F-F80B98DAB985}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{B2EA5F35-F9B8-4EF8-A862-0DBF033C2607}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{A70CDA0A-6E25-41AD-87B9-59FFE7FF99AF}] => (Allow) C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{5C4C2C25-0F7B-43AC-8C2F-D4AAA2DDA1DF}] => (Allow) C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{057F0FB9-F75A-4589-BF37-B9E12EAAF596}C:\users\obimobil\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\obimobil\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{1D307634-0481-46E4-9A22-92DF7AB54CD2}C:\users\obimobil\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\obimobil\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{F9F404A6-475A-4F45-8FC2-32BC1CA3A296}] => (Allow) C:\Program Files (x86)\GameforgeLive\gfl_client.exe
FirewallRules: [TCP Query User{F54C6306-CEC2-411D-B41E-A36F198EC770}C:\users\obimobil\appdata\local\cloudstation\app\bin\cloud-connect.exe] => (Allow) C:\users\obimobil\appdata\local\cloudstation\app\bin\cloud-connect.exe
FirewallRules: [UDP Query User{17F92A95-0E74-4B3D-90B2-A8C3ADFF2EDB}C:\users\obimobil\appdata\local\cloudstation\app\bin\cloud-connect.exe] => (Allow) C:\users\obimobil\appdata\local\cloudstation\app\bin\cloud-connect.exe
FirewallRules: [{0351B635-73A4-4CDF-9BA6-B80338A534B1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{0C7EB2E7-4483-4A1D-9A13-478EE44D1132}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{80EDA6CA-2CC8-4FD3-93CB-0DF73C416512}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{0A52085A-C4C4-40B6-ABE1-B961389F670C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{4C583014-3524-4F66-89AE-53B99B0C5F91}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B8467789-76E8-4A3A-BFAC-3065486A39BD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{FA0168AE-07FC-4197-AF5A-C87ED7BEA756}C:\users\obimobil\appdata\local\cloudstation\cloudstation.app\bin\cloud-connect.exe] => (Allow) C:\users\obimobil\appdata\local\cloudstation\cloudstation.app\bin\cloud-connect.exe
FirewallRules: [UDP Query User{611B597D-07FD-4B18-B510-F2ABB2F8EE76}C:\users\obimobil\appdata\local\cloudstation\cloudstation.app\bin\cloud-connect.exe] => (Allow) C:\users\obimobil\appdata\local\cloudstation\cloudstation.app\bin\cloud-connect.exe
FirewallRules: [TCP Query User{7AF82318-1B97-40E8-B16B-995AA51AAFFB}C:\users\obimobil\appdata\local\cloudstation\cloudstation.app\bin\cloud-connect.exe] => (Allow) C:\users\obimobil\appdata\local\cloudstation\cloudstation.app\bin\cloud-connect.exe
FirewallRules: [UDP Query User{7806AE29-CEC7-4BB6-A7BA-79CB7A05C40F}C:\users\obimobil\appdata\local\cloudstation\cloudstation.app\bin\cloud-connect.exe] => (Allow) C:\users\obimobil\appdata\local\cloudstation\cloudstation.app\bin\cloud-connect.exe
FirewallRules: [TCP Query User{6685F41D-95A6-4AFC-B985-EE83BF43FF1B}C:\program files (x86)\maniaplanet\maniaplanet.exe] => (Allow) C:\program files (x86)\maniaplanet\maniaplanet.exe
FirewallRules: [UDP Query User{315A0DD0-D029-4C4D-BF42-A72DF4CF5BDB}C:\program files (x86)\maniaplanet\maniaplanet.exe] => (Allow) C:\program files (x86)\maniaplanet\maniaplanet.exe
FirewallRules: [TCP Query User{820DDDDA-3CB0-40EF-988B-02E8BD8A24C2}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{181993C7-594F-498F-9F1D-D7FC5F6F0B28}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{BA4A3BBE-FB43-42BB-B813-CD10F3BACE09}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{2C373DFB-DB53-49EC-9178-784CC7C67BA6}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{56A96ABD-1B73-44A1-9D17-0345F5B5BDFE}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{F0A0F69E-12D9-4E47-BAE1-6E1845F1D0FE}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [TCP Query User{4C6B3D81-B678-4DF9-BB07-040441957F7A}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{A19551DE-53BC-490E-ADC1-412C7B190472}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [{6C3AD8DD-36C5-4AE1-BB42-8C6B035BC53D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

22-12-2015 18:23:41 Windows Update
06-01-2016 16:04:57 Windows Update
07-01-2016 18:33:46 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (01/07/2016 04:15:59 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (01/07/2016 04:15:59 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (01/07/2016 04:15:59 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (01/07/2016 04:10:08 PM) (Source: VMCService) (EventID: 0) (User: )
Description: conflictManagerTypeValue

Error: (01/07/2016 04:06:38 PM) (Source: VMCService) (EventID: 0) (User: )
Description: conflictManagerTypeValue

Error: (01/07/2016 11:13:40 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 26121852

Error: (01/07/2016 11:13:40 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 26121852

Error: (01/07/2016 11:13:40 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/07/2016 11:13:38 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 26120807

Error: (01/07/2016 11:13:38 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 26120807


Systemfehler:
=============
Error: (01/07/2016 06:34:55 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Streamer Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (01/07/2016 06:34:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (01/07/2016 04:19:24 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.

Error: (01/07/2016 04:09:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Live ID Sign-in Assistant" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (01/07/2016 04:09:46 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Live ID Sign-in Assistant erreicht.

Error: (01/07/2016 04:09:42 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ShellHWDetection erreicht.

Error: (01/07/2016 04:09:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Bitdefender Desktop Update Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (01/07/2016 04:08:50 PM) (Source: SCardSvr) (EventID: 602) (User: )
Description: Das System kann den angegebenen Pfad nicht finden.

Error: (01/07/2016 04:07:56 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\Windows\System32\bcmihvsrv64.dll

Error: (01/07/2016 04:07:56 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\Windows\System32\bcmihvsrv64.dll


CodeIntegrity:
===================================
  Date: 2016-01-06 21:28:48.465
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-01-06 21:28:48.423
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5 CPU M 460 @ 2.53GHz
Prozentuale Nutzung des RAM: 47%
Installierter physikalischer RAM: 3958.71 MB
Verfügbarer physikalischer RAM: 2059.68 MB
Summe virtueller Speicher: 7915.61 MB
Verfügbarer virtueller Speicher: 4974.3 MB

==================== Laufwerke ================================

Drive c: (Acer) (Fixed) (Total:284.99 GB) (Free:52.55 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: F16C7E11)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=285 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         
--- --- ---

Alt 08.01.2016, 14:53   #10
M-K-D-B
/// TB-Ausbilder
 
Win7 extrem langsam - Standard

Win7 extrem langsam



Servus,


wir entfernen die letzten Reste und kontrollieren nochmal alles.



Hinweis: Der Suchlauf mit ESET kann länger dauern.



Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument


Code:
ATTFilter
start
CloseProcesses:
HKU\S-1-5-21-3542069035-4146575090-2512792040-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-3542069035-4146575090-2512792040-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-3542069035-4146575090-2512792040-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3542069035-4146575090-2512792040-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM-x32 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE411
SearchScopes: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE411
S2 UPDATESRV; "C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe" /service [X]
S4 VSSERV; "C:\Program Files\Bitdefender\Bitdefender\vsserv.exe" /service [X]
Task: {1E76B4F1-2DCD-4F27-9366-7D1B50600C5A} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
C:\Windows\AutoKMS
Task: {AEC5BE87-9C6A-4459-9A7B-E245DFD0ECF2} - System32\Tasks\AutoKMSDaily => C:\Windows\AutoKMS\AutoKMS.exe
Task: {C5FBFB11-265B-4257-BB6C-49153ACABAB1} - System32\Tasks\{CBEC163D-63CE-4F46-95B0-6470B36DFE3E} => pcalua.exe -a C:\Users\ObiMobil\Downloads\HiJackThis204.exe -d C:\Users\ObiMobil\Downloads
AlternateDataStreams: C:\ProgramData\Temp:05B51235
AlternateDataStreams: C:\ProgramData\Temp:0B9176C0
AlternateDataStreams: C:\Users\ObiMobil\Downloads\avira_de_av_5968378268__ws.exe:BDU
AlternateDataStreams: C:\Users\ObiMobil\Downloads\BlueStacks-SplitInstaller_native.exe:BDU
AlternateDataStreams: C:\Users\ObiMobil\Downloads\Hearthstone-Beta-Setup-deDE.exe:BDU
AlternateDataStreams: C:\Users\ObiMobil\Downloads\HiJackThis204.exe:BDU
AlternateDataStreams: C:\Users\ObiMobil\Downloads\KeePass-2.28-Setup.exe:BDU
AlternateDataStreams: C:\Users\ObiMobil\Downloads\MediaPlayerClassic_RocketFuelInstaller (1).exe:BDU
AlternateDataStreams: C:\Users\ObiMobil\Downloads\MediaPlayerClassic_RocketFuelInstaller (2).exe:BDU
AlternateDataStreams: C:\Users\ObiMobil\Downloads\MediaPlayerClassic_RocketFuelInstaller.exe:BDU
AlternateDataStreams: C:\Users\ObiMobil\Downloads\UnityWebPlayer.exe:BDU
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.







Schritt 2
Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.
  • Starte die HitmanPro.exe
  • Klicke auf
  • Entferne den Haken bei
  • Klicke auf
    und
  • Akzeptiere die Lizenzbedingungen und klicke auf
  • Klicke auf

    und auf
  • Wenn der Scan beendet wurde, nichts löschen lassen etc. sondern wähle unten links auf der Button-Leiste
    und speichere die Logdatei auf Deinem Desktop.
  • Schließe HitmanPro und poste mir das Log.

 







Schritt 3

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset







Schritt 4
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Untersuchen.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.





Gibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?







Bitte poste mit deiner nächsten Antwort
  • die Logdatei des FRST-Fix,
  • die Logdatei von HitmanPro,
  • die Logdatei von ESET,
  • die beiden neuen Logdateien von FRST,
  • die Beantwortung der gestellten Fragen.
__________________
offline: 16.09. bis 20.09.
____________________________________

Das Trojaner-Board unterstützen

Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten?

Alt 12.01.2016, 13:11   #11
M-K-D-B
/// TB-Ausbilder
 
Win7 extrem langsam - Standard

Win7 extrem langsam



Fehlende Rückmeldung
Dieses Thema wurde aus den Abos gelöscht. Somit bekomme ich keine Benachrichtigung über neue Antworten.
PM an mich falls Du denoch weiter machen willst.

Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen!
__________________
offline: 16.09. bis 20.09.
____________________________________

Das Trojaner-Board unterstützen

Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten?

Antwort

Themen zu Win7 extrem langsam
antivir, avira, bonjour, dnsapi.dll, email, flash player, ftp, google, home, homepage, langsam, launch, mozilla, prozesse, realtek, registry, rundll, scan, security, services.exe, software, spyware, svchost.exe, symantec, synology, system, usb, windows



Ähnliche Themen: Win7 extrem langsam


  1. Win7 - Rechner extrem langsam und friert teilweise ein
    Log-Analyse und Auswertung - 27.12.2015 (7)
  2. WIN7 Suchanfragen werden auf Werbesuchseiten umgeleitet, Laptop bootet extrem langsam
    Log-Analyse und Auswertung - 02.06.2015 (23)
  3. WIN7 Laptop extrem langsam; FRST#1 logfile im Post
    Plagegeister aller Art und deren Bekämpfung - 12.04.2015 (16)
  4. Win7 neu aufgesetzt - Windows reagiert verzögert, Browser laden Seiten extrem langsam, Downloads brechen ab oder dauern ewig
    Alles rund um Windows - 23.12.2014 (10)
  5. Win7-64 Rechner läuft einmal wöchentlich extrem verlangsamt und hängt sich auf
    Log-Analyse und Auswertung - 30.07.2014 (11)
  6. Netbook fährt extrem langsam hoch und auch die Programme laden langsam
    Log-Analyse und Auswertung - 29.07.2014 (19)
  7. WIN7 Extrem langsam!
    Alles rund um Windows - 31.01.2014 (23)
  8. Win7 PC Systhem extrem langsam - möglicherweise Trojaner
    Log-Analyse und Auswertung - 15.01.2014 (12)
  9. Win7: Explorer braucht 1,7GB von 4GB RAM, PC wird extrem langsam
    Log-Analyse und Auswertung - 05.01.2014 (9)
  10. Systemstart (Win7) extrem langsam
    Plagegeister aller Art und deren Bekämpfung - 31.10.2013 (18)
  11. Rechner (Internet) extrem langsam langsam und hackelig!Leerlaufprozess Task Manager ständig zw. 70-98 %
    Plagegeister aller Art und deren Bekämpfung - 11.04.2013 (17)
  12. PC (Win7) plötzlich extrem langsam
    Log-Analyse und Auswertung - 04.02.2013 (18)
  13. Win7 startet extrem lange nach wilkommens bildschirm
    Log-Analyse und Auswertung - 04.09.2012 (7)
  14. Rechner extrem langsam - Internetseitenaufbau langsam/ ladehemmungen
    Log-Analyse und Auswertung - 21.07.2010 (1)
  15. PC extrem langsam!
    Log-Analyse und Auswertung - 10.10.2008 (7)
  16. PC extrem langsam
    Log-Analyse und Auswertung - 20.07.2007 (4)
  17. Beide Computer langsam - einer nach 3 Minuten sogar extrem langsam
    Log-Analyse und Auswertung - 09.06.2006 (7)

Zum Thema Win7 extrem langsam - Hallo zusammen, nachdem ich dank burningice über Weihnachten bereits einen Rechner wieder hinbekommen habe, folgt hier nun leider der nächste Fall (anderer Rechner). Es würde mich freuen, wenn auch das - Win7 extrem langsam...
Archiv
Du betrachtest: Win7 extrem langsam auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.