| |
| |||||||
Log-Analyse und Auswertung: Win7 extrem langsamWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
06.01.2016, 02:20
| #1 |
 |  Win7 extrem langsam Hallo zusammen, nachdem ich dank burningice über Weihnachten bereits einen Rechner wieder hinbekommen habe, folgt hier nun leider der nächste Fall (anderer Rechner). Es würde mich freuen, wenn auch das klappen würde! Vielen Dank! FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:31-12-2015
durchgeführt von ObiMobil (Administrator) auf OBIMOBIL-PC (06-01-2016 02:03:19)
Gestartet von C:\Users\ObiMobil\Desktop
Geladene Profile: ObiMobil (Verfügbare Profile: ObiMobil)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
() C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe
() C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
(Arainia Solutions) C:\Program Files (x86)\Gizmo\gservice.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Crawler.com) C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Telefónica) C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe
(Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Google Inc.) C:\Users\ObiMobil\AppData\Local\Google\Update\GoogleUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Spotify Ltd) C:\Users\ObiMobil\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Spotify Ltd) C:\Users\ObiMobil\AppData\Roaming\Spotify\Spotify.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Dropbox, Inc.) C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\BrownyInd\Brother\BrIndicator.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google) C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\SwReporter\5.39.1\software_reporter_tool.exe
(Spotify Ltd) C:\Users\ObiMobil\AppData\Roaming\Spotify\Spotify.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Spotify Ltd) C:\Users\ObiMobil\AppData\Roaming\Spotify\Spotify.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\nacl64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Synology Inc.) C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\bin\cloud-ui.exe
(Synology Inc.) C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\bin\cloud-connect.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Synology Inc.) C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\bin\cloud-daemon.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Browser Safety\AviraBrowserSafetyUpdater.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10920552 2010-06-22] (Realtek Semiconductor)
HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [649608 2010-04-13] (ELAN Microelectronic Corp.)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [861216 2010-06-11] (Acer Incorporated)
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1012000 2013-05-16] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-04-13] (Intel Corporation)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4509184 2012-12-27] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsInd00] => C:\Program Files (x86)\BrownyInd\Brother\BrIndicator.exe [1885184 2012-12-18] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [803200 2015-12-01] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66936 2015-08-13] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-3542069035-4146575090-2512792040-1000\...\Run: [Google Update] => C:\Users\ObiMobil\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc.)
HKU\S-1-5-21-3542069035-4146575090-2512792040-1000\...\Run: [GoogleChromeAutoLaunch_37C141540D42E9440C7C9BFC5A699C9B] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [741704 2015-12-11] (Google Inc.)
HKU\S-1-5-21-3542069035-4146575090-2512792040-1000\...\Run: [NetDrive] => "C:\Program Files\NetDrive\netdrive.exe" -tray
HKU\S-1-5-21-3542069035-4146575090-2512792040-1000\...\Run: [Dropbox Update] => C:\Users\ObiMobil\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-13] (Dropbox, Inc.)
HKU\S-1-5-21-3542069035-4146575090-2512792040-1000\...\Run: [Spotify Web Helper] => C:\Users\ObiMobil\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2541160 2015-12-15] (Spotify Ltd)
HKU\S-1-5-21-3542069035-4146575090-2512792040-1000\...\Run: [Spotify] => C:\Users\ObiMobil\AppData\Roaming\Spotify\Spotify.exe [7660648 2015-12-15] (Spotify Ltd)
HKU\S-1-5-21-3542069035-4146575090-2512792040-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50378880 2015-12-17] (Skype Technologies S.A.)
HKU\S-1-5-21-3542069035-4146575090-2512792040-1000\...\Run: [GizmoDriveDelegate] => RUNDLL32.EXE C:\PROGRA~2\GIZMO\GDRIVE.DLL,Remount_Startup_Images
HKU\S-1-5-21-3542069035-4146575090-2512792040-1000\...\MountPoints2: {1847c4b3-df37-11e2-8065-88ae1d993631} - E:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-3542069035-4146575090-2512792040-1000\...\MountPoints2: {943ef55c-f443-11e2-aadd-88ae1d993631} - E:\LGAutoRun.exe
HKU\S-1-5-18\...\Run: [Bitdefender-Geldb�rse-Agent] => "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"
HKU\S-1-5-18\...\Run: [Bitdefender-Geldb�rse] => "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard
HKU\S-1-5-18\...\Run: [Bitdefender-Geldb�rse-Anwendungs-Agent] => "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe"
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-05-01] (Microsoft Corporation)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [01UnsuppModule] -> {AEB16659-2125-4ADA-A4AB-45EE21E86469} => C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2015-12-15] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [02SyncingModule] -> {48AB5ADA-36B1-4137-99C9-2BD97F8788AB} => C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2015-12-15] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [03SyncedModule] -> {472CE1AD-5D53-4BCF-A1FB-3982A5F55138} => C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2015-12-15] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [04ReadOnlyModule] -> {A433C3E0-8B24-40EB-93C3-4B10D9959F58} => C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2015-12-15] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [05NoPermModule] -> {C701AD67-3DF0-47C9-89CB-DFA6207BE229} => C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2015-12-15] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec MyWinLocker\x64\psdprotect.dll [2010-05-27] (Egis Technology Inc.)
ShellIconOverlayIdentifiers-x32: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec MyWinLocker\x86\psdprotect.dll [2010-05-27] (Egis Technology Inc.)
Startup: C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk [2014-06-24]
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\ObiMobil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-12-10]
ShortcutTarget: Dropbox.lnk -> C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\ObiMobil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Synology Cloud Station.lnk [2016-01-05]
ShortcutTarget: Synology Cloud Station.lnk -> C:\Program Files (x86)\Synology\CloudStation\bin\launcher.exe (Synology Inc.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8236A716-D9CA-4035-BE12-FFBB4D10582A}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{FBE8EDFF-40B4-4F01-B66D-8CE039DB5E4E}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-3542069035-4146575090-2512792040-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM-x32 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKU\.DEFAULT -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\.DEFAULT -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000 -> DefaultScope {EE770228-9073-418C-A205-A8240727B4F1} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=1f1602d9-83d5-4527-92b9-88debd4bcadf&apn_sauid=6B5877E9-EC45-468A-9D82-CBBDE565AD18
SearchScopes: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE411
SearchScopes: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000 -> {EE770228-9073-418C-A205-A8240727B4F1} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=1f1602d9-83d5-4527-92b9-88debd4bcadf&apn_sauid=6B5877E9-EC45-468A-9D82-CBBDE565AD18
BHO: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-04-22] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-20] (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-04-22] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-04-01] (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10] (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-20] (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-21] (Microsoft Corporation)
BHO-x32: AviraBrowserSafety.BrowserSafety -> {c3c77255-42c0-499f-b664-6e981a0b1647} -> C:\Windows\SysWOW64\mscoree.dll [2010-11-05] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-04-01] (Oracle Corporation)
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-20] (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-20] (Google Inc.)
Toolbar: HKU\.DEFAULT -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-20] (Google Inc.)
Toolbar: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-20] (Google Inc.)
Toolbar: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000 -> Kein Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - Keine Datei
Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\Windows\SysWOW64\mscoree.dll [2010-11-05] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\ObiMobil\AppData\Roaming\Mozilla\Firefox\Profiles\vairnhic.default
FF SearchEngineOrder.1: Ask.com
FF SelectedSearchEngine: Ask.com
FF Homepage: hxxp://search.avira.com/?l=dis&o=APN10261&gct=hp&dc=EU&locale=de_DE
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll [2016-01-06] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll [2016-01-06] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-04-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-04-01] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2013-10-17] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-06-21] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-06-21] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2012-10-03] (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3542069035-4146575090-2512792040-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\ObiMobil\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-3542069035-4146575090-2512792040-1000: @talk.google.com/O1DPlugin -> C:\Users\ObiMobil\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-3542069035-4146575090-2512792040-1000: @tools.google.com/Google Update;version=3 -> C:\Users\ObiMobil\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin HKU\S-1-5-21-3542069035-4146575090-2512792040-1000: @tools.google.com/Google Update;version=9 -> C:\Users\ObiMobil\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin HKU\S-1-5-21-3542069035-4146575090-2512792040-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\ObiMobil\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-11-25] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3542069035-4146575090-2512792040-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2012-10-03] (Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2013-10-17] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\ObiMobil\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\ObiMobil\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Extension: Avira Browser Safety - C:\Users\ObiMobil\AppData\Roaming\Mozilla\Firefox\Profiles\vairnhic.default\Extensions\abs@avira.com [2016-01-05]
FF Extension: Firebug - C:\Users\ObiMobil\AppData\Roaming\Mozilla\Firefox\Profiles\vairnhic.default\Extensions\firebug@software.joehewitt.com.xpi [2015-10-30]
Chrome:
=======
CHR HomePage: Default -> hxxp://google.de/
CHR StartupUrls: Default -> "file:///C:/Users/ObiMobil/Downloads/akkordeon-johannschill/index.html"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.79\PepperFlash\pepflashplayer.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_278.dll => Keine Datei
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\ppGoogleNaClPluginChrome.dll => Keine Datei
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\pdf.dll => Keine Datei
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll => Keine Datei
CHR Plugin: (Google Talk Plugin) - C:\Users\ObiMobil\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\ObiMobil\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll => Keine Datei
CHR Plugin: (AmazonMP3DownloaderPlugin) - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll => Keine Datei
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll => Keine Datei
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll => Keine Datei
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll => Keine Datei
CHR Profile: C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Awesome Screenshot: Screen capture, Annotate) - C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Extensions\alelhddbbhepgpmgidjdcjakblofbmce [2015-05-04]
CHR Extension: (Web Developer) - C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbameneiokkgbdmiekhjnmfkcnldhhm [2015-07-21]
CHR Extension: (YouTube) - C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-28]
CHR Extension: (FTP Editor) - C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljonifjecojdgoejokjfdffgpgliic [2013-01-07]
CHR Extension: (OneTab) - C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Extensions\chphlpgkkbolifaimnlloiipkdnihall [2014-07-21]
CHR Extension: (Google-Suche) - C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-04]
CHR Extension: (SEO SERP Workbench) - C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehbgolklgacemnfnmkkpgekngaaggjjl [2014-01-10]
CHR Extension: (ZenMate Security, Privacy & Unblock VPN) - C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2015-11-18]
CHR Extension: (Springpad) - C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkmopoamfjnmppabeaphohombnjcjgla [2013-11-01]
CHR Extension: (feedly) - C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob [2014-09-02]
CHR Extension: (Screenleap) - C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Extensions\hpcipbhehomfgjbgnajdhiahhdeeffbg [2015-11-18]
CHR Extension: (ModHeader) - C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Extensions\idgpnmonknjnojddfkpgkljpfnnfcklj [2015-09-10]
CHR Extension: (WhatFont) - C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Extensions\jabopobgcpjmedljpbcaablpmlmfcogm [2015-08-19]
CHR Extension: (Codey) - C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbalghnpcjmlpmmocijdfoghihgocakd [2013-01-07]
CHR Extension: (Erfassen Webseite Screenshot - FireShot) - C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2015-12-15]
CHR Extension: (Save to Pocket) - C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2015-11-04]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-29]
CHR Extension: (Mixmax: Free Unlimited Email Tracking & more) - C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocpljaamllnldhepankaeljmeeeghnid [2015-11-04]
CHR Extension: (ColorPick Eyedropper) - C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohcpnigalekghcmgcdcenkpelffpdolg [2015-03-21]
CHR Extension: (Google Mail) - C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-31]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [948392 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1418560 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [228104 2015-08-13] (Avira Operations GmbH & Co. KG)
R2 Belkin Local Backup Service; C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe [181760 2010-02-17] () [Datei ist nicht signiert]
R2 Belkin Network USB Helper; C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe [55296 2010-02-09] () [Datei ist nicht signiert]
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 EPSON_EB_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE [163840 2007-12-17] (SEIKO EPSON CORPORATION) [Datei ist nicht signiert]
R2 EPSON_PM_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE [126464 2007-01-11] (SEIKO EPSON CORPORATION) [Datei ist nicht signiert]
R2 Gizmo Central; C:\Program Files (x86)\Gizmo\gservice.exe [31856 2010-12-28] (Arainia Solutions) [Datei ist nicht signiert]
S3 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-05-27] (Egis Technology Inc.)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-10] (NVIDIA Corporation)
R2 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [1149104 2013-04-03] (Crawler.com)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5491984 2015-05-13] (TeamViewer GmbH)
R2 TGCM_ImportWiFiSvc; C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe [201344 2012-01-10] (Telefónica)
R2 VMCService; C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [14336 2008-07-04] (Vodafone) [Datei ist nicht signiert]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 UPDATESRV; "C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe" /service [X]
S4 VSSERV; "C:\Program Files\Bitdefender\Bitdefender\vsserv.exe" /service [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 AVerAF35; C:\Windows\System32\Drivers\AVerAF35.sys [677632 2010-03-16] (AVerMedia TECHNOLOGIES, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162072 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [140448 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-03-17] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [75472 2015-12-01] (Avira Operations GmbH & Co. KG)
S3 cpuz137; C:\Program Files (x86)\CPUID\PC Wizard 2015\pcwiz_x64.sys [26856 2014-02-17] (CPUID)
S3 cxbu0x64; C:\Windows\System32\DRIVERS\cxbu0x64.sys [173952 2010-01-25] (HID Global Corporation)
R2 DRHARD64; C:\Windows\system32\drivers\DRHARD64.sys [21984 2011-11-03] (Licensed for Gebhard Software)
R2 DRHARD64; C:\Windows\SysWOW64\drivers\DRHARD64.sys [21984 2011-11-03] (Licensed for Gebhard Software)
R2 DRHMSR64; C:\Windows\system32\drivers\DRHMSR64.sys [14760 2011-12-06] ()
R2 DRHMSR64; C:\Windows\SysWOW64\drivers\DRHMSR64.sys [14760 2011-12-06] ()
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 GizmoDrv; C:\Windows\System32\Drivers\GizmoDrv.sys [32840 2010-12-28] (Arainia Solutions LLC)
S3 massfilter_hs; C:\Windows\System32\drivers\massfilter_hs.sys [12800 2010-10-15] (ZTE Incorporated)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)
R2 sp_rsdrv2; C:\Windows\System32\DRIVERS\stflt.sys [51496 2015-04-09] (Windows (R) Win 7 DDK provider)
R2 sxuptp; C:\Windows\System32\DRIVERS\sxuptp.sys [291352 2009-06-22] (silex technology, Inc.)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] ()
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 NLNdisMP; system32\DRIVERS\nlndis.sys [X]
S3 NLNdisPT; system32\DRIVERS\nlndis.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-01-06 02:03 - 2016-01-06 02:05 - 00043260 _____ C:\Users\ObiMobil\Desktop\FRST.txt
2016-01-06 02:02 - 2016-01-06 02:03 - 00000000 ____D C:\FRST
2016-01-06 02:00 - 2016-01-06 02:00 - 02370560 _____ (Farbar) C:\Users\ObiMobil\Desktop\FRST64.exe
2016-01-06 01:49 - 2016-01-06 01:49 - 09479872 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2016-01-03 20:10 - 2016-01-03 20:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-01-03 20:10 - 2016-01-03 20:10 - 00002699 _____ C:\Users\Public\Desktop\Skype.lnk
2016-01-03 20:10 - 2016-01-03 20:10 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-12-17 20:09 - 2015-12-17 20:09 - 03012606 _____ C:\Users\ObiMobil\Downloads\marketing_master_list_15-12-15.xlsx
2015-12-17 20:05 - 2015-12-17 20:05 - 20737480 _____ C:\Users\ObiMobil\Downloads\Präsentation1.pptx
2015-12-10 00:42 - 2015-12-10 00:42 - 00000000 ____D C:\Users\ObiMobil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-01-06 02:05 - 2009-07-14 05:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-06 02:05 - 2009-07-14 05:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-06 02:03 - 2007-07-12 02:48 - 00000000 ____D C:\Windows
2016-01-06 02:00 - 2010-12-22 18:48 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-06 01:55 - 2013-10-10 16:12 - 00000000 ____D C:\Users\ObiMobil\AppData\Roaming\Spotify
2016-01-06 01:53 - 2012-04-15 22:16 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-01-06 01:52 - 2015-06-13 09:09 - 00001236 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3542069035-4146575090-2512792040-1000UA.job
2016-01-06 01:52 - 2012-04-15 22:16 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-01-06 01:51 - 2012-04-15 22:16 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-01-06 01:51 - 2012-04-15 22:16 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-06 01:47 - 2015-06-13 09:09 - 00001184 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3542069035-4146575090-2512792040-1000Core.job
2016-01-06 01:47 - 2010-12-27 19:49 - 00000000 ____D C:\Users\ObiMobil\AppData\Roaming\Skype
2016-01-06 01:45 - 2013-10-10 16:13 - 00000000 ____D C:\Users\ObiMobil\AppData\Local\Spotify
2016-01-05 19:06 - 2015-08-01 12:07 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-01-05 18:57 - 2015-04-07 12:00 - 00000000 ___RD C:\Users\ObiMobil\Dropbox
2016-01-05 18:56 - 2012-10-15 19:56 - 00000000 ____D C:\Users\ObiMobil\AppData\Roaming\Dropbox
2016-01-05 18:56 - 2010-09-18 20:37 - 02653544 _____ C:\Windows\system32\perfh007.dat
2016-01-05 18:56 - 2010-09-18 20:37 - 00780556 _____ C:\Windows\system32\perfc007.dat
2016-01-05 18:56 - 2009-07-14 06:13 - 00006540 _____ C:\Windows\system32\PerfStringBackup.INI
2016-01-05 18:51 - 2010-12-22 18:48 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-05 18:49 - 2010-09-18 10:53 - 00000000 ____D C:\ProgramData\NVIDIA
2016-01-05 18:49 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-03 20:10 - 2014-03-24 20:14 - 00000000 ____D C:\Users\ObiMobil\AppData\Local\Skype
2016-01-03 20:10 - 2010-12-27 19:49 - 00000000 ____D C:\ProgramData\Skype
2015-12-20 11:55 - 2011-09-09 19:11 - 00001080 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3542069035-4146575090-2512792040-1000Core.job
2015-12-17 00:07 - 2013-05-02 03:47 - 00000000 ____D C:\Users\ObiMobil\AppData\Roaming\Mozilla
2015-12-15 20:29 - 2014-12-30 12:07 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-12-15 20:21 - 2015-05-28 13:54 - 00000000 ____D C:\Users\ObiMobil\AppData\Local\CloudStation
2015-12-15 20:12 - 2013-05-08 10:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2010-12-28 20:06 - 2014-07-20 18:57 - 0001164 _____ () C:\Users\ObiMobil\AppData\Local\crc32list11.txt
2010-12-22 22:00 - 2010-12-22 22:15 - 0003584 _____ () C:\Users\ObiMobil\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-06-25 19:58 - 2013-06-25 20:08 - 0000600 _____ () C:\Users\ObiMobil\AppData\Local\PUTTY.RND
2010-12-22 15:46 - 2015-08-27 18:04 - 0007650 _____ () C:\Users\ObiMobil\AppData\Local\Resmon.ResmonCfg
2013-02-19 12:11 - 2013-02-19 12:11 - 21748128 _____ () C:\Users\ObiMobil\AppData\Local\TempFullTiltPokerEuSetup.exe
2011-06-26 17:25 - 2011-06-26 17:25 - 0000000 _____ () C:\Users\ObiMobil\AppData\Local\{76B0BBCC-D61A-4313-A85F-56880C5B8021}
2014-01-03 16:23 - 2014-01-03 16:23 - 0607257 _____ () C:\ProgramData\1388761744.bdinstall.bin
2015-03-31 15:12 - 2015-03-31 15:12 - 0254947 _____ () C:\ProgramData\1427800764.bdinstall.bin
2008-05-23 16:48 - 2008-05-23 16:48 - 0020270 _____ () C:\ProgramData\DeviceInstaller.xml
2008-06-23 12:02 - 2008-06-23 12:02 - 0097410 ____R () C:\ProgramData\DeviceManager.xml.rc4
2010-07-13 12:45 - 2010-03-02 23:59 - 0131984 _____ () C:\ProgramData\FullRemove.exe
2015-06-30 17:38 - 2015-06-30 17:38 - 0000098 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
Einige Dateien in TEMP:
====================
C:\Users\ObiMobil\AppData\Local\Temp\avgnt.exe
C:\Users\ObiMobil\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp9c6_hh.dll
C:\Users\ObiMobil\AppData\Local\Temp\GURD823.exe
C:\Users\ObiMobil\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\ObiMobil\AppData\Local\Temp\jre-7u60-windows-i586-iftw.exe
C:\Users\ObiMobil\AppData\Local\Temp\jre-8u40-windows-au.exe
C:\Users\ObiMobil\AppData\Local\Temp\ose00000.exe
C:\Users\ObiMobil\AppData\Local\Temp\ose00001.exe
C:\Users\ObiMobil\AppData\Local\Temp\paint.net.4.0.5.install.exe
C:\Users\ObiMobil\AppData\Local\Temp\sfamcc00001.dll
C:\Users\ObiMobil\AppData\Local\Temp\sfamcc00002.dll
C:\Users\ObiMobil\AppData\Local\Temp\sfareca00001.dll
C:\Users\ObiMobil\AppData\Local\Temp\sfareca00002.dll
C:\Users\ObiMobil\AppData\Local\Temp\sfextra.dll
C:\Users\ObiMobil\AppData\Local\Temp\SHSetup.exe
C:\Users\ObiMobil\AppData\Local\Temp\SkypeSetup.exe
C:\Users\ObiMobil\AppData\Local\Temp\Synology Cloud Station-3.2-3475.exe
C:\Users\ObiMobil\AppData\Local\Temp\Synology Cloud Station-3.2-3479.exe
C:\Users\ObiMobil\AppData\Local\Temp\Synology-Cloud-Station-Drive-Upgrader.exe
C:\Users\ObiMobil\AppData\Local\Temp\Synology-Cloud-Station-Upgrader.exe
C:\Users\ObiMobil\AppData\Local\Temp\_isA04D.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-12-20 00:10
==================== Ende von FRST.txt ============================
Soll ich die Additions im nächsten Post machen? |
|
06.01.2016, 17:59
| #2 |
| /// TB-Ausbilder   | Win7 extrem langsam Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Ja, Addition.txt im nächsten Post, zudem noch bitte folgendes: Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Bitte poste mit deiner nächsten Antwort
|
|
06.01.2016, 18:24
| #3 |
| | Win7 extrem langsam Hallo Matthias,
__________________vielen Dank für deine Hilfe. Hier die beiden Logs: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:31-12-2015
durchgeführt von ObiMobil (2016-01-06 02:06:35)
Gestartet von C:\Users\ObiMobil\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2010-12-22 13:52:14)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3542069035-4146575090-2512792040-500 - Administrator - Disabled)
Gast (S-1-5-21-3542069035-4146575090-2512792040-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3542069035-4146575090-2512792040-1002 - Limited - Enabled)
ObiMobil (S-1-5-21-3542069035-4146575090-2512792040-1000 - Administrator - Enabled) => C:\Users\ObiMobil
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Acer Backup Manager (HKLM-x32\...\InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.68 - NewTech Infosystems)
Acer Crystal Eye webcam (HKLM-x32\...\{51F026FA-5146-4232-A8BA-1364740BD053}) (Version: 1.0.4.0 - Liteon)
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 5.00.3005 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3013 - Acer Incorporated)
Acer GameZone Console (HKLM-x32\...\{58F4D244-314F-4D26-B5EF-C28AB32E22CB}_is1) (Version: 6.1.0.9 - Oberon Media, Inc.)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.03.3003 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0707.2010 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3001 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.180 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.270 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.267 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Airport Mania First Flight (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11505173}) (Version: - Oberon Media)
Amazonia (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}) (Version: - Oberon Media)
AVerMedia A835 USB TV Tuner 8.0.64.57 (HKLM-x32\...\AVerMedia A835 USB TV Tuner) (Version: 8.0.64.57 - AVerMedia TECHNOLOGIES, Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.15.129 - Avira Operations GmbH & Co. KG)
Avira Browser Safety (HKLM-x32\...\{9E10EA90-5E97-43B7-A246-FC7B4F5E9493}) (Version: 1.4.5.509 - Avira Operations GmbH & Co KG)
Avira Launcher (HKLM-x32\...\{315dd168-0794-4cf1-8355-f195cde642fc}) (Version: 1.1.45.11819 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.45.11819 - Avira Operations GmbH & Co. KG) Hidden
Backup Manager Basic (x32 Version: 2.0.0.68 - NewTech Infosystems) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Belkin USB Print and Storage Center (HKLM\...\Belkin USB Print and Storage Center) (Version: 1.0.0 - Belkin International, Inc.)
Betfair Poker (HKLM-x32\...\Betfair Poker_is1) (Version: - Betfair)
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom Gigabit NetLink Controller (HKLM\...\{A84DB02B-9C2B-4272-9D2D-A80E00A56513}) (Version: 14.0.2.3 - Broadcom Corporation)
Cake Mania (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}) (Version: - Oberon Media)
calibre 64bit (HKLM\...\{2D534835-A873-4402-BEED-813FE50BF118}) (Version: 2.30.0 - Kovid Goyal)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.1.3868 - CDBurnerXP)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - )
CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.2829.50 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DDBAC (HKLM-x32\...\{9FC83F04-9C3F-429B-92DE-1252235765E4}) (Version: 4.3.42 - DataDesign)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Dream Day First Home (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}) (Version: - Oberon Media)
Dropbox (HKU\S-1-5-21-3542069035-4146575090-2512792040-1000\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.)
Druckerdeinstallation für EPSON SX210 Series (HKLM\...\EPSON SX210 Series) (Version: - SEIKO EPSON Corporation)
eBay Worldwide (HKLM-x32\...\{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}) (Version: 2.1.0901 - OEM)
eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)
eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) Hidden
ETDWare PS/2-x64 7.0.6.5_WHQL (HKLM\...\Elantech) (Version: 7.0.6.5 - ELAN Microelectronics Corp.)
Farm Frenzy 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}) (Version: - Oberon Media)
FileZilla Client 3.6.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.6.0.2 - FileZilla Project)
FreeMind (HKLM-x32\...\B991B020-2968-11D8-AF23-444553540000_is1) (Version: 0.9.0 - )
Full Tilt Poker (HKLM-x32\...\{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}) (Version: 4.48.1.WIN.FullTilt.COM - )
Full Tilt Poker.Eu (HKLM-x32\...\{127BEFB3-24B2-4B44-8E99-AD22C2A5A8ED}) (Version: 4.55.4.WIN.FullTilt.EU - )
Galapago (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}) (Version: - Oberon Media)
Gameforge Live 2.0.6 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.6 - Gameforge)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Git version 1.8.3-preview20130601 (HKLM-x32\...\Git_is1) (Version: 1.8.3-preview20130601 - The Git Development Community)
Gizmo Central (HKLM-x32\...\Gizmo Central) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7210.1528 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
HearthstoneTracker (HKLM-x32\...\HearthstoneTracker) (Version: 1.9.23.39449 - HearthstoneTracker.com)
Heroes of Hellas (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}) (Version: - Oberon Media)
HEX (HKLM-x32\...\{6EDED3CB-CAC5-4200-A534-CCA1732EAF23}_is1) (Version: - Gameforge)
HL-1110 series (HKLM-x32\...\{4F2442B7-A89E-42A4-8F0E-6937499855CA}) (Version: 1.0.0.0 - Brother Industries, Ltd.)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated)
import.io (HKU\S-1-5-21-3542069035-4146575090-2512792040-1000\...\{95981586-8D7F-49E9-9C7F-3AA704641471}_is1) (Version: 0.1 - import.io)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.2.1001 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.02.00.1002 - Intel Corporation)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
KeePass Password Safe 2.28 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.28 - Dominik Reichl)
Kodi (HKU\S-1-5-21-3542069035-4146575090-2512792040-1000\...\Kodi) (Version: - XBMC-Foundation)
Launch Manager (HKLM-x32\...\LManager) (Version: 4.0.12 - Acer Inc.)
League of Legends (HKLM-x32\...\{918A9082-6287-4D25-9002-5E5D5E4971CB}) (Version: 1.02.0000 - Riot Games)
ManiaPlanet (HKLM-x32\...\ManiaPlanet_is1) (Version: - Nadeo)
Market Samurai (HKLM-x32\...\MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1) (Version: 0.93.64 - Alliance Software Pty Ltd)
Market Samurai (x32 Version: 0.93.64 - Alliance Software Pty Ltd) Hidden
Merriam Websters Spell Jam (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}) (Version: - Oberon Media)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mimo (HKLM-x32\...\Mimo) (Version: 0.2.5 - Mimo, Inc.)
Mobile Connection Manager (HKLM-x32\...\o2DE) (Version: 8.8.7.892 - Mobile Connection Manager)
Mozilla Firefox 39.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.5.0 - Mozilla)
Mozilla Thunderbird 38.3.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.3.0 (x86 de)) (Version: 38.3.0 - Mozilla)
MyWinLocker (x32 Version: 3.1.212.0 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}) (Version: 3.1.212.0 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 3.1.212.0 - Egis Technology Inc.) Hidden
Newshosting (HKLM\...\{63E2392B-D8C3-4458-BEB4-057AD58EF032}) (Version: 1.5.3 - Newshosting)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
NVIDIA 3D Vision Treiber 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 320.49 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 320.49 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.24.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.24.2 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0604 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.19 - NVIDIA Corporation)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
paint.net (HKLM\...\{DF3A46D9-67B3-44B2-9D01-25C8BA772C8A}) (Version: 4.0.6 - dotPDN LLC)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.8 - Pando Networks Inc.)
PC Wizard 2015.2.14 (HKLM-x32\...\PC Wizard 2015_is1) (Version: - CPUID)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Poker Pop (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111355427}) (Version: - Oberon Media)
PokerStars (HKLM-x32\...\PokerStars) (Version: - PokerStars)
ProgDVB (HKLM\...\ProgDVB) (Version: - )
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: - Jan Fiala)
QuickPar 0.9 (HKLM-x32\...\QuickPar) (Version: 0.9 - Peter B. Clements)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6141 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30122 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 1.6.85 - NVIDIA Corporation) Hidden
Shredder (Version: 2.0.8.3 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.3 - Egis Technology Inc.) Hidden
Skype™ 7.17 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.105 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Spin & Win (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110300453}) (Version: - Oberon Media)
Spotify (HKU\S-1-5-21-3542069035-4146575090-2512792040-1000\...\Spotify) (Version: 1.0.15.133.gf21970bd - Spotify AB)
Spyware Terminator 2012 (HKLM-x32\...\{56736259-613E-4A3B-B428-6235F2E76F44}_is1) (Version: 3.0.0.82 - Crawler.com)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Synology Cloud Station (HKLM-x32\...\{17B316FB-7048-49FE-86E7-92A5905F842A}) (Version: 3.2.3479 - Synology)
TeamDrive 3 (HKLM-x32\...\TeamDrive 3) (Version: 3.1.2.454 - TeamDrive Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.42650 - TeamViewer)
TortoiseGit 1.8.3.0 (64 bit) (HKLM\...\{C39D5E7E-0CA3-4090-AAE3-9F7F4D5D567A}) (Version: 1.8.3.0 - TortoiseGit)
Überwachungstool für die Intel® Turbo-Boost-Technik (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.186.6 - Intel)
Unity Web Player (HKU\S-1-5-21-3542069035-4146575090-2512792040-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{CBCC2FD8-7DFE-4752-95B5-2E447C226F45}) (Version: - Microsoft)
UseNeXT by Tangysoft (HKLM-x32\...\UseNeXT by Tangysoft_is1) (Version: - Tangysoft Ltd.)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Vodafone Mobile Connect Lite (HKLM-x32\...\{C656142F-EFE1-44CD-BFAD-6CBC6DCB9860}) (Version: 9.3.3.10523 - Vodafone)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3002 - Acer Incorporated)
WiMP 2.4.2 (HKLM-x32\...\com.aspiro.wimp.de.25F5C0086CDE1F22CA0B92A487729991CA6CD013.1) (Version: 2.4.2 - Aspiro AS)
WiMP 2.4.2 (x32 Version: 2.4.2 - Aspiro AS) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
WISO Steuer-Sparbuch 2011 (HKLM-x32\...\{02F0B8AE-7501-4333-AFBE-6BAABFEC7637}) (Version: 18.00.6928 - Buhl Data Service GmbH)
ZTE USB Driver (HKLM\...\ZTE USB Driver) (Version: 1.0.1.31_TME - ZTE Corporation)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\ObiMobil\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\ObiMobil\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{2C4A5D61-009C-4561-9A33-6AFD542FD237}\InprocServer32 -> C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\ContextMenu.dll ()
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\ObiMobil\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{472CE1AD-5D53-4BCF-A1FB-3982A5F55138}\InprocServer32 -> C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{48AB5ADA-36B1-4137-99C9-2BD97F8788AB}\InprocServer32 -> C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\ObiMobil\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\ObiMobil\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\ObiMobil\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{A433C3E0-8B24-40EB-93C3-4B10D9959F58}\InprocServer32 -> C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{AEB16659-2125-4ADA-A4AB-45EE21E86469}\InprocServer32 -> C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\ObiMobil\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{C701AD67-3DF0-47C9-89CB-DFA6207BE229}\InprocServer32 -> C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{ca586c80-7c84-4b88-8537-726724df6929}\InprocServer32 -> C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll ()
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\ObiMobil\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\ObiMobil\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\ObiMobil\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\ObiMobil\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\ObiMobil\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => Keine Datei
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {12000D8D-DA3E-46E8-B7A0-C644B180F08F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {170B4AFC-8CF0-464B-B4DD-614BB3A62FD7} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3542069035-4146575090-2512792040-1000Core => C:\Users\ObiMobil\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {1E76B4F1-2DCD-4F27-9366-7D1B50600C5A} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
Task: {418F17BD-04C3-4A5B-81A7-A136187FA939} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3542069035-4146575090-2512792040-1000Core => C:\Users\ObiMobil\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-13] (Dropbox, Inc.)
Task: {45FCE8E7-27C1-42DE-A28C-6817130DDCB6} - System32\Tasks\{EB5A17F7-59B1-4914-80F9-8981CBF7FF0B} => C:\Program Files (x86)\Gizmo\gizmo.exe [2010-12-28] (Arainia Solutions)
Task: {49B53F6B-58B5-4494-AA3E-A9B86F524493} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {5A40E926-9E86-4B89-9CFD-B12311724371} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {733D650D-7434-4D36-A837-44A40309EEEC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-06] (Adobe Systems Incorporated)
Task: {7A532F03-994C-4519-A175-E21C8E9C95ED} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {862865A0-5DF5-4EE9-B973-7E48693A5EB7} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3542069035-4146575090-2512792040-1000UA => C:\Users\ObiMobil\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {A34B3048-6A02-4C85-99C2-22DC96B05E06} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {AEC5BE87-9C6A-4459-9A7B-E245DFD0ECF2} - System32\Tasks\AutoKMSDaily => C:\Windows\AutoKMS\AutoKMS.exe
Task: {BEC65FF4-BA85-47B4-A046-5C604D31BD72} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3542069035-4146575090-2512792040-1000UA => C:\Users\ObiMobil\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-13] (Dropbox, Inc.)
Task: {C123F14E-51D1-4189-8F88-60EAF830F3F3} - System32\Tasks\BrowserProtect => Sc.exe start BrowserProtect <==== ACHTUNG
Task: {C5004184-66DB-44A1-9FB0-F1C099EF0412} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {C5FBFB11-265B-4257-BB6C-49153ACABAB1} - System32\Tasks\{CBEC163D-63CE-4F46-95B0-6470B36DFE3E} => pcalua.exe -a C:\Users\ObiMobil\Downloads\HiJackThis204.exe -d C:\Users\ObiMobil\Downloads
Task: {CCDAC0B1-D721-4AC0-A7A9-5F2C39719A25} - System32\Tasks\Avira Browser Safety Updater Task => C:\Program Files (x86)\Avira\Browser Safety\AviraBrowserSafetyUpdater.exe [2015-03-11] (Avira Operations GmbH & Co. KG)
Task: {DD9F510C-95F4-499A-90C8-BAC5BC372FF4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => start sppsvc
Task: {E7C97CD1-334A-4FCC-8E9F-1C5FFAF49143} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3542069035-4146575090-2512792040-1000Core.job => C:\Users\ObiMobil\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3542069035-4146575090-2512792040-1000UA.job => C:\Users\ObiMobil\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3542069035-4146575090-2512792040-1000Core.job => C:\Users\ObiMobil\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3542069035-4146575090-2512792040-1000UA.job => C:\Users\ObiMobil\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2013-12-04 19:55 - 2011-06-22 17:14 - 00034304 _____ () C:\Windows\System32\sst2cl6.dll
2013-12-04 19:55 - 2011-06-22 17:13 - 00826880 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\sst2cdu.dll
2013-07-10 17:33 - 2013-06-21 11:23 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-09-24 18:43 - 2010-02-17 17:25 - 00181760 ____N () C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe
2012-09-24 18:43 - 2010-02-09 14:55 - 00055296 ____N () C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe
2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2013-05-05 15:26 - 2013-05-05 15:26 - 00597144 _____ () C:\Program Files\TortoiseGit\bin\libgit2.dll
2013-05-05 15:26 - 2013-05-05 15:26 - 00087704 _____ () C:\Program Files\TortoiseGit\bin\zlib1.dll
2010-12-28 18:39 - 2010-12-28 18:39 - 00367728 _____ () C:\Program Files (x86)\Gizmo\gshell-x64.dll
2013-06-25 19:49 - 2013-06-02 10:30 - 00717230 _____ () C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll
2015-12-15 20:20 - 2015-12-15 20:20 - 01047552 _____ () C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\ContextMenu.dll
2012-09-24 18:43 - 2010-02-17 17:25 - 00149504 ____N () C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkLocalBackup.dll
2010-06-28 14:20 - 2010-06-28 14:20 - 00465576 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
2010-06-28 14:12 - 2010-06-28 14:12 - 01081600 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll
2012-11-29 22:59 - 2012-11-29 22:59 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2013-05-05 15:18 - 2013-05-05 15:18 - 00451736 _____ () C:\Program Files\TortoiseGit\bin\libgit232.dll
2013-05-05 15:18 - 2013-05-05 15:18 - 00077464 _____ () C:\Program Files\TortoiseGit\bin\zlib132.dll
2015-06-03 15:22 - 2015-12-15 20:16 - 50680424 _____ () C:\Users\ObiMobil\AppData\Roaming\Spotify\libcef.dll
2015-12-10 00:42 - 2015-10-31 01:59 - 00034768 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2015-12-10 00:42 - 2015-10-31 02:00 - 00019408 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2015-12-10 00:42 - 2015-12-08 22:36 - 00022848 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\Crypto.Random.OSRNG.winrandom.pyd
2015-12-10 00:42 - 2015-12-08 22:36 - 00023352 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\Crypto.Util._counter.pyd
2015-12-10 00:42 - 2015-12-08 22:36 - 00042296 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\Crypto.Cipher._AES.pyd
2015-12-10 00:42 - 2015-10-31 01:59 - 00116688 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2015-12-10 00:42 - 2015-10-31 01:59 - 00093640 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2015-12-10 00:42 - 2015-10-31 01:59 - 00018376 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\select.pyd
2015-12-10 00:42 - 2015-12-08 22:36 - 00019760 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2015-12-10 00:42 - 2015-10-31 02:00 - 00105928 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\win32api.pyd
2015-12-10 00:42 - 2015-10-31 01:59 - 00392144 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2015-12-10 00:42 - 2015-12-08 22:36 - 00381752 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2015-12-10 00:42 - 2015-10-31 01:59 - 00692688 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2015-12-10 00:42 - 2015-12-08 22:36 - 00020816 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2015-12-10 00:42 - 2015-10-31 02:00 - 00109520 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2015-12-10 00:42 - 2015-12-08 22:36 - 01737032 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2015-12-10 00:42 - 2015-12-08 22:36 - 00020808 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2015-12-10 00:42 - 2015-12-08 22:36 - 00020800 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\_cffi_python_x66cf7a7cx17a72769.pyd
2015-12-10 00:42 - 2015-12-08 22:36 - 00021840 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2015-12-10 00:42 - 2015-12-08 22:36 - 00038696 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\fastpath.pyd
2015-12-10 00:42 - 2015-10-31 02:00 - 00024528 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\win32event.pyd
2015-12-10 00:42 - 2015-10-31 02:00 - 00020936 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2015-12-10 00:42 - 2015-10-31 02:00 - 00114640 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\win32security.pyd
2015-12-10 00:42 - 2015-12-08 22:36 - 00021320 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_xde9e4433x360333f0.pyd
2015-12-10 00:42 - 2015-10-31 02:00 - 00124880 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\win32file.pyd
2015-12-10 00:42 - 2015-10-31 02:00 - 00030160 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2015-12-10 00:42 - 2015-10-31 02:00 - 00043472 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\win32process.pyd
2015-12-10 00:42 - 2015-10-31 02:00 - 00175560 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\win32gui.pyd
2015-12-10 00:42 - 2015-10-31 02:00 - 00028616 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\win32ts.pyd
2015-12-10 00:42 - 2015-10-31 02:00 - 00024016 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2015-12-10 00:42 - 2015-10-31 02:00 - 00048592 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\win32service.pyd
2015-12-10 00:42 - 2015-12-08 22:36 - 00024392 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2015-12-10 00:42 - 2015-10-31 02:00 - 00036296 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\librsync.dll
2015-12-10 00:42 - 2015-10-31 02:00 - 00024016 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\win32profile.pyd
2015-12-10 00:42 - 2015-12-08 22:36 - 00117056 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2015-12-10 00:42 - 2015-12-08 22:36 - 00023376 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2015-12-10 00:42 - 2015-10-31 01:59 - 00134608 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2015-12-10 00:42 - 2015-10-31 01:59 - 00134088 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2015-12-10 00:42 - 2015-10-31 02:00 - 00240584 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\jpegtran.pyd
2015-12-10 00:42 - 2015-12-08 22:36 - 00020280 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2015-12-10 00:42 - 2015-12-08 22:36 - 00052024 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2015-12-10 00:42 - 2015-12-08 22:36 - 00021304 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\Crypto.Util.strxor.pyd
2015-12-10 00:42 - 2015-10-31 02:00 - 00350152 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2015-12-10 00:42 - 2015-12-08 22:36 - 00084792 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2015-12-10 00:42 - 2015-12-08 22:36 - 01826608 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2015-12-10 00:42 - 2015-10-31 02:00 - 00083912 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\sip.pyd
2015-12-10 00:42 - 2015-12-08 22:36 - 03891504 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2015-12-10 00:42 - 2015-12-08 22:36 - 01950000 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2015-12-10 00:42 - 2015-12-08 22:36 - 00519984 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2015-12-10 00:42 - 2015-12-08 22:36 - 00133936 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2015-12-10 00:42 - 2015-12-08 22:36 - 00225080 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2015-12-10 00:42 - 2015-12-08 22:36 - 00207672 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2015-12-10 00:42 - 2015-12-08 22:36 - 00024904 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2015-12-10 00:42 - 2015-12-08 22:36 - 00486704 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2015-12-10 00:42 - 2015-12-08 22:36 - 00357680 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2015-11-11 23:29 - 2015-10-31 02:01 - 00019920 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-07-31 00:17 - 2015-10-31 02:00 - 00786904 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-11-11 23:29 - 2015-10-31 02:00 - 00063448 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-11-11 23:29 - 2015-10-31 02:00 - 00019408 _____ () C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2014-06-20 10:22 - 2009-02-27 15:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2015-06-03 15:22 - 2015-12-15 20:15 - 01882728 _____ () C:\Users\ObiMobil\AppData\Roaming\Spotify\libglesv2.dll
2015-06-03 15:22 - 2015-12-15 20:15 - 00083048 _____ () C:\Users\ObiMobil\AppData\Roaming\Spotify\libegl.dll
2014-04-12 04:30 - 2014-02-10 12:44 - 04592128 _____ () C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
2014-04-12 04:30 - 2014-02-10 12:44 - 00112128 _____ () C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll
2015-12-15 20:20 - 2015-12-15 20:20 - 00123918 _____ () C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\bin\libgcc_s_dw2-1.dll
2015-12-15 20:20 - 2015-12-15 20:20 - 00524460 _____ () C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\bin\libcurl-4.dll
2015-12-15 20:20 - 2015-12-15 20:20 - 00115214 _____ () C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\bin\zlib1.dll
2015-12-15 20:20 - 2015-12-15 20:20 - 01026062 _____ () C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\bin\libstdc++-6.dll
2015-12-15 20:20 - 2015-12-15 20:20 - 03095505 _____ () C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\bin\icuin53.dll
2015-12-15 20:20 - 2015-12-15 20:20 - 01798570 _____ () C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\bin\icuuc53.dll
2015-12-15 20:20 - 2015-12-15 20:20 - 21565192 _____ () C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\bin\icudt53.dll
2015-12-15 20:20 - 2015-12-15 20:20 - 02874155 _____ () C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\bin\libsqlite3-0.dll
2015-12-15 20:20 - 2015-12-15 20:20 - 00712704 _____ () C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\bin\platforms\qwindows.dll
2015-12-15 20:20 - 2015-12-15 20:20 - 00031744 _____ () C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qgif.dll
2015-12-15 20:20 - 2015-12-15 20:20 - 00046080 _____ () C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qicns.dll
2015-12-15 20:20 - 2015-12-15 20:20 - 00032768 _____ () C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qico.dll
2015-12-15 20:20 - 2015-12-15 20:20 - 00516608 _____ () C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qjp2.dll
2015-12-15 20:20 - 2015-12-15 20:20 - 00243200 _____ () C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qjpeg.dll
2015-12-15 20:20 - 2015-12-15 20:20 - 00431616 _____ () C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qtiff.dll
2015-03-03 16:01 - 2015-03-03 16:01 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\89753abff3827095ec7f3d3fb79f744a\IsdiInterop.ni.dll
2010-07-13 12:32 - 2010-04-13 17:52 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2015-12-15 20:20 - 2015-12-15 20:20 - 00115214 _____ () C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\bin\ZLIB1.dll
2015-10-09 00:55 - 2015-10-09 00:55 - 00153768 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2015-10-09 00:55 - 2015-10-09 00:55 - 00023208 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\Temp:05B51235
AlternateDataStreams: C:\ProgramData\Temp:0B9176C0
AlternateDataStreams: C:\Users\ObiMobil\Downloads\avira_de_av_5968378268__ws.exe:BDU
AlternateDataStreams: C:\Users\ObiMobil\Downloads\BlueStacks-SplitInstaller_native.exe:BDU
AlternateDataStreams: C:\Users\ObiMobil\Downloads\Hearthstone-Beta-Setup-deDE.exe:BDU
AlternateDataStreams: C:\Users\ObiMobil\Downloads\HiJackThis204.exe:BDU
AlternateDataStreams: C:\Users\ObiMobil\Downloads\KeePass-2.28-Setup.exe:BDU
AlternateDataStreams: C:\Users\ObiMobil\Downloads\MediaPlayerClassic_RocketFuelInstaller (1).exe:BDU
AlternateDataStreams: C:\Users\ObiMobil\Downloads\MediaPlayerClassic_RocketFuelInstaller (2).exe:BDU
AlternateDataStreams: C:\Users\ObiMobil\Downloads\MediaPlayerClassic_RocketFuelInstaller.exe:BDU
AlternateDataStreams: C:\Users\ObiMobil\Downloads\UnityWebPlayer.exe:BDU
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
HKU\S-1-5-21-3542069035-4146575090-2512792040-1000\Software\Classes\.exe: => <===== ACHTUNG
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3542069035-4146575090-2512792040-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\ObiMobil\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WISO Mein Steuer-Sparbuch heute.lnk => C:\Windows\pss\WISO Mein Steuer-Sparbuch heute.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^ObiMobil^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^An OneNote senden.lnk => C:\Windows\pss\An OneNote senden.lnk.Startup
MSCONFIG\startupfolder: C:^Users^ObiMobil^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk => C:\Windows\pss\OpenOffice.org 3.2.lnk.Startup
MSCONFIG\startupfolder: C:^Users^ObiMobil^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk => C:\Windows\pss\OpenOffice.org 3.4.1.lnk.Startup
MSCONFIG\startupfolder: C:^Users^ObiMobil^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^TeamDrive starten.lnk => C:\Windows\pss\TeamDrive starten.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: BackupManagerTray => "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
MSCONFIG\startupreg: EgisTecPMMUpdate => "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
MSCONFIG\startupreg: EgisUpdate => "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
MSCONFIG\startupreg: EPSON SX210 Series => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFDE.EXE /FU "C:\Windows\TEMP\E_S3821.tmp" /EF "HKCU"
MSCONFIG\startupreg: GizmoDriveDelegate => RUNDLL32.EXE C:\PROGRA~2\GIZMO\GDRIVE.DLL,Remount_Startup_Images
MSCONFIG\startupreg: InstallerLauncher => "C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\Installer.exe"
MSCONFIG\startupreg: KeePass 2 PreLoad => "C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" --preload
MSCONFIG\startupreg: LManager => C:\Program Files (x86)\Launch Manager\LManager.exe
MSCONFIG\startupreg: MarbleStation => C:\NetmarbleGlobal\MarbleStation\GlbMSLauncher.exe
MSCONFIG\startupreg: mwlDaemon => C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
MSCONFIG\startupreg: Norton Online Backup => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
MSCONFIG\startupreg: Spotify => "C:\Users\ObiMobil\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\ObiMobil\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SpywareTerminatorShield => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
MSCONFIG\startupreg: SpywareTerminatorUpdater => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
MSCONFIG\startupreg: SuiteTray => "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: VirtualCloneDrive => "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{644A509A-457D-4C04-A293-18216D016B92}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9.EXE
FirewallRules: [{4FB3C17C-AFA2-4BEE-A7E5-8D1A934CDEBA}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{DF06B872-4390-4F3E-A9A5-F676794FFB36}] => (Allow) svchost.exe
FirewallRules: [{5CC7C186-58CF-42C4-BCF7-0252AC5EDA15}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{EADD3136-38EC-4276-B8DE-B445FEF10116}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{5941FBA2-5C7E-4017-893E-BF5464672003}] => (Allow) LPort=8396
FirewallRules: [{F80A5A05-AE6E-4626-8379-CF99A1FF6603}] => (Allow) LPort=8396
FirewallRules: [{DC691B14-20E3-4C09-9522-51A8047906B2}] => (Allow) C:\Riot Games\League of Legends\air\LolClient.exe
FirewallRules: [{AE1E21B4-AC39-471E-A866-19C7112321F0}] => (Allow) C:\Riot Games\League of Legends\air\LolClient.exe
FirewallRules: [{E464845F-F9B1-4FF5-A808-FE15AF4E166D}] => (Allow) C:\Riot Games\League of Legends\game\League of Legends.exe
FirewallRules: [{0BA59535-22A9-4255-8FCA-968A39ED2FCA}] => (Allow) C:\Riot Games\League of Legends\game\League of Legends.exe
FirewallRules: [{D061CD36-7D7E-4A60-A8C4-F05CACB57074}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{83E37541-C840-48C9-8591-FDCA41A68B8E}] => (Allow) LPort=2869
FirewallRules: [{E85B69D9-BDB7-4179-BD31-6257BEE2411B}] => (Allow) LPort=1900
FirewallRules: [{BE0BAD6F-A68C-45B8-8DF5-A1B705C6E4A8}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{303B66B6-128E-438B-B27C-660BE5785F35}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{717F01DA-700F-44B0-87D1-DF42ABF069D0}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{9D61C302-DDAA-4873-928D-DE7B0E6D4C37}] => (Allow) LPort=26675
FirewallRules: [{2A54FA3D-4BDC-4973-BD62-99F6C7E6A56C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{719EBF74-D777-46F7-8F91-274BAEB174CF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{5CECA94B-FE03-43FF-9FFA-F890C0F2BF89}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5EB4556F-DCCA-4202-B39A-6FFAE6552696}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{81BF6A9C-47D9-4D4C-89F4-BBE75C955FE7}] => (Allow) C:\Program Files\Belkin\Belkin USB Print and Storage Center\Connect.exe
FirewallRules: [{3F280DE1-1E27-494C-B834-53766BEED907}] => (Allow) LPort=19540
FirewallRules: [{D7B4B7DC-016A-442E-9EF1-5595A0A86C54}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{8B838E13-25BD-494A-8AD0-ED6A07644CB4}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{B8666841-261E-4F8D-8987-CB018796183F}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{FA13DB77-43CA-4201-8A41-D99B0FA4C08A}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{E73EC40F-AE04-48DE-A31F-A9A4E7190731}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{00E4A79D-AD6D-46AD-BD41-68D412892459}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{EB23ECE7-5DE6-44A8-98DE-E7D120FE3593}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{8473E708-FEC3-4F42-80DB-BDB76BE44F6F}] => (Allow) C:\Users\Tina\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{67FAEB53-7E20-4560-8AAE-006D14673290}] => (Allow) C:\Users\Tina\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{0DB30832-EBAF-45EE-A038-E4D18E3AA138}C:\users\tina\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\tina\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{864CE943-EA29-4CB4-9CAE-F3E282D1F1FA}C:\users\tina\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\tina\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{C928EAA9-E01C-4319-B916-41487A3D3294}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{324618CF-24C9-4D32-A243-931E0F5F2EDF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{503CE394-961E-45C4-BF8E-1861C13F81DA}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
FirewallRules: [UDP Query User{65E93227-1224-48A3-A710-B90139D8BB8D}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
FirewallRules: [{F2F4A06B-4A97-43EA-B34B-684F9FCE486A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{D3FECFD4-80FC-4CA5-B431-797A9DBE29B5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{517A8981-3539-4C8B-B682-502C526135E4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{95A6D083-5453-436E-9B1D-F18D016D4BB5}C:\games\world_of_warplanes\wowplauncher.exe] => (Allow) C:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [UDP Query User{121E808E-3864-4307-A0C1-5C229E795CFF}C:\games\world_of_warplanes\wowplauncher.exe] => (Allow) C:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [{CEB91F73-CC6A-4278-A017-AE3D695FF1D8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.954\Agent.exe
FirewallRules: [{7946E88C-0937-468A-B492-E54718C73A42}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.954\Agent.exe
FirewallRules: [{7927492C-B4AD-4AE9-A2A2-1F799F2B924D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [{6AAA0759-22BC-4B20-B159-8EC58AF41E2E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [{E106A59C-5A9C-4D93-9A3A-7520A871ECAD}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{EFCCC650-E1C1-4580-968E-805463B388B3}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{1ABA1577-87F4-436B-ACAB-C4B8CB661934}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [{B79D15D2-09EA-429B-8E95-50D695D9FAA6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [TCP Query User{186D3854-4E87-43C7-A862-EFE1B9295CFE}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{3DD553F3-809F-4486-B2E2-806387F81456}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [TCP Query User{CD9248C5-EF90-4BE4-B05A-8A32C111F0A4}C:\users\obimobil\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\obimobil\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{D52BA98D-4A70-492D-BEFF-922042682BC7}C:\users\obimobil\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\obimobil\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{B2F89E7C-3C36-45D4-93E6-E7D4752C374B}C:\users\obimobil\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\obimobil\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{2B593A5F-6CBE-46C0-978E-B7D3E370AF11}C:\users\obimobil\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\obimobil\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{A5A6D78A-D0D4-4C0F-B84B-BCF844C6D385}C:\users\obimobil\appdata\local\temp\10e1.tmp\kmservice.exe] => (Block) C:\users\obimobil\appdata\local\temp\10e1.tmp\kmservice.exe
FirewallRules: [UDP Query User{5CC172D9-5DE7-4177-B704-BE7D4B979206}C:\users\obimobil\appdata\local\temp\10e1.tmp\kmservice.exe] => (Block) C:\users\obimobil\appdata\local\temp\10e1.tmp\kmservice.exe
FirewallRules: [{31E64288-1C04-48BB-8378-CD2F6F5253F8}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{7BA6BA51-8870-42D0-8217-E2C191BF66BE}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{BA82F319-D8A7-465B-A7CC-831194A9AFF2}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{AE887943-465B-45F3-AE35-2162E3E5F2A3}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [TCP Query User{7D012476-062D-4F87-8327-20EA4AF0BF94}C:\program files (x86)\litecoin\litecoin-qt.exe] => (Allow) C:\program files (x86)\litecoin\litecoin-qt.exe
FirewallRules: [UDP Query User{273B7A88-16A1-4156-96B5-D21B6B69DDC5}C:\program files (x86)\litecoin\litecoin-qt.exe] => (Allow) C:\program files (x86)\litecoin\litecoin-qt.exe
FirewallRules: [{98740A53-138A-4F2B-83BA-EE36DF215C08}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{389CD855-E081-4EF7-A7DF-40480852DCE0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{9ECC3A29-1962-4A51-8A9C-17881A7ACD4F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{C36AA280-6F60-4EDD-AC3D-92BDA020C63C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{ACCBD3E9-40C7-45F3-8BE3-1CA77BB1F459}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{313839F5-34FF-46F1-ACBA-9652F7955722}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{5E359099-63CB-4BD1-892F-3DC169853987}C:\users\obimobil\downloads\eclipse-php-helios-sr2-win32\eclipse\eclipse.exe] => (Allow) C:\users\obimobil\downloads\eclipse-php-helios-sr2-win32\eclipse\eclipse.exe
FirewallRules: [UDP Query User{8D0DDA2E-60F6-4BE4-93C2-3155BEB88D4B}C:\users\obimobil\downloads\eclipse-php-helios-sr2-win32\eclipse\eclipse.exe] => (Allow) C:\users\obimobil\downloads\eclipse-php-helios-sr2-win32\eclipse\eclipse.exe
FirewallRules: [{DF1292F3-9DCE-4C4D-AE59-C7611BEF7A40}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminator.exe
FirewallRules: [{350BCC2B-05F5-4533-ABF7-0DF776AAA7E6}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminator.exe
FirewallRules: [{12B039E1-B8D3-4A8E-8315-9AD46F9A250C}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
FirewallRules: [{4316ACFD-D8ED-42A8-BC51-F0790A63D08C}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
FirewallRules: [TCP Query User{2FDB0447-1E9C-4D57-81B0-E7000263C88F}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe] => (Block) C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe
FirewallRules: [UDP Query User{B85F3155-4F36-4C78-812F-E736DC8FB74A}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe] => (Block) C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe
FirewallRules: [TCP Query User{9C2440BD-5F2C-461D-929A-3B2446871F48}C:\users\obimobil\downloads\eclipse-php-helios-sr2-win32\eclipse\eclipse.exe] => (Allow) C:\users\obimobil\downloads\eclipse-php-helios-sr2-win32\eclipse\eclipse.exe
FirewallRules: [UDP Query User{1D418261-AE50-4F3E-950A-ED8AE2D4D14D}C:\users\obimobil\downloads\eclipse-php-helios-sr2-win32\eclipse\eclipse.exe] => (Allow) C:\users\obimobil\downloads\eclipse-php-helios-sr2-win32\eclipse\eclipse.exe
FirewallRules: [TCP Query User{9A67B07D-1EA9-4D3F-B8EE-5D8F18C5BAEB}C:\program files (x86)\java\jre7\launch4j-tmp\mimo.exe] => (Allow) C:\program files (x86)\java\jre7\launch4j-tmp\mimo.exe
FirewallRules: [UDP Query User{B1C21952-83AA-464D-93A7-129DB7099251}C:\program files (x86)\java\jre7\launch4j-tmp\mimo.exe] => (Allow) C:\program files (x86)\java\jre7\launch4j-tmp\mimo.exe
FirewallRules: [{24A15925-EE40-4F26-9DA8-97EAF6DE592C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{93F4746F-E9D5-43A1-9552-9C8D37ED85FC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{080D5608-1464-4882-8FC6-3FCBE813F686}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2680\Agent.exe
FirewallRules: [{4FF78B3C-6B69-46EF-BA33-56E99E21E961}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2680\Agent.exe
FirewallRules: [{4220F71E-E474-4A3E-A8AD-8CDC90BDC23B}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{187EA9A6-AC25-4EB0-8D1C-CFB9A1576489}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{21269A9F-0B3B-4DEE-AAB0-C4FAE19F4F3C}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{2D8F5D9F-3B95-4CE8-A861-8771A1622B03}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{D51BF2AD-2A82-4067-8FBF-7FD9B835F200}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2689\Agent.exe
FirewallRules: [{F4463B5A-CBA8-498B-B4BF-9A63C460795F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2689\Agent.exe
FirewallRules: [{3CA9DADA-CE81-4ADC-8326-9EF966C3211E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{A7154BE3-5E7B-4F4E-8E1E-FBE5C68490A8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{59123C40-E91C-4126-B637-10B66A1F90FD}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{BB3D3494-446A-422E-9357-755BF71A55F9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{263A5036-BC53-4F62-B69D-28B607E81795}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{042A7EA0-32CD-4EB8-8D83-DC5AA39EEFF5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [TCP Query User{572C469D-501C-46D1-9540-AB10847582D1}C:\programdata\battle.net\agent\agent.3109\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3109\agent.exe
FirewallRules: [UDP Query User{AD9E8E11-4524-45EE-B081-8B5FEA734A72}C:\programdata\battle.net\agent\agent.3109\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3109\agent.exe
FirewallRules: [{CA47BA01-2AE7-4D22-850D-6B18410D4A76}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{A354E9EE-A9F5-41A0-B61B-1439E3B01199}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [TCP Query User{E0142BEF-B8E9-4A00-A003-5B2B1F03873F}C:\programdata\battle.net\agent\agent.3182\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3182\agent.exe
FirewallRules: [UDP Query User{3D76D9B1-4AC0-4DCF-A6E4-2420E3D9C160}C:\programdata\battle.net\agent\agent.3182\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3182\agent.exe
FirewallRules: [{9F6774E4-7094-4437-BA29-47088B1E14B9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{E27F7686-5A8D-4490-8C42-B29EF2C75BA8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{3456BD2B-496A-4ECE-A2D2-47F309C81102}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{8F9E6692-F2F8-42DC-880C-16A53DC8BA82}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [TCP Query User{9A00F4BA-33D6-45CF-8EB2-7E04DD45727C}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{F30DA08D-F746-486A-8F0C-9C37D902B212}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{6E2959C6-BFF8-49AC-854F-3E95A39B43CF}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{2F1B9C7E-5411-4AB1-8EFD-15AA3EF82D2C}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{C85E36FC-87D6-47C9-8420-1BC0682974E9}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{CB96C99E-EE01-4B40-88F0-C4E191666099}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{49A7C27F-D992-4088-B0EA-DFBF60BD1DF4}] => (Allow) C:\Program Files\NetDrive\ndsvc.exe
FirewallRules: [{E7310655-551E-4196-BDBD-E8ECAAC0F3E1}] => (Allow) C:\Program Files\NetDrive\ndsvc.exe
FirewallRules: [{A844FBBE-0BC2-47DC-A624-C30FC72DFE4A}] => (Allow) C:\Program Files\NetDrive\ndsvc.exe
FirewallRules: [{792657DC-EFDB-4AE5-864C-DC8290287AF7}] => (Allow) C:\Program Files\NetDrive\ndsvc.exe
FirewallRules: [{5CDFDD58-DC32-4B6B-B90F-F80B98DAB985}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{B2EA5F35-F9B8-4EF8-A862-0DBF033C2607}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{A70CDA0A-6E25-41AD-87B9-59FFE7FF99AF}] => (Allow) C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{5C4C2C25-0F7B-43AC-8C2F-D4AAA2DDA1DF}] => (Allow) C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{057F0FB9-F75A-4589-BF37-B9E12EAAF596}C:\users\obimobil\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\obimobil\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{1D307634-0481-46E4-9A22-92DF7AB54CD2}C:\users\obimobil\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\obimobil\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{F9F404A6-475A-4F45-8FC2-32BC1CA3A296}] => (Allow) C:\Program Files (x86)\GameforgeLive\gfl_client.exe
FirewallRules: [TCP Query User{F54C6306-CEC2-411D-B41E-A36F198EC770}C:\users\obimobil\appdata\local\cloudstation\app\bin\cloud-connect.exe] => (Allow) C:\users\obimobil\appdata\local\cloudstation\app\bin\cloud-connect.exe
FirewallRules: [UDP Query User{17F92A95-0E74-4B3D-90B2-A8C3ADFF2EDB}C:\users\obimobil\appdata\local\cloudstation\app\bin\cloud-connect.exe] => (Allow) C:\users\obimobil\appdata\local\cloudstation\app\bin\cloud-connect.exe
FirewallRules: [{0351B635-73A4-4CDF-9BA6-B80338A534B1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{0C7EB2E7-4483-4A1D-9A13-478EE44D1132}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{80EDA6CA-2CC8-4FD3-93CB-0DF73C416512}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{0A52085A-C4C4-40B6-ABE1-B961389F670C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{4C583014-3524-4F66-89AE-53B99B0C5F91}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B8467789-76E8-4A3A-BFAC-3065486A39BD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{FA0168AE-07FC-4197-AF5A-C87ED7BEA756}C:\users\obimobil\appdata\local\cloudstation\cloudstation.app\bin\cloud-connect.exe] => (Allow) C:\users\obimobil\appdata\local\cloudstation\cloudstation.app\bin\cloud-connect.exe
FirewallRules: [UDP Query User{611B597D-07FD-4B18-B510-F2ABB2F8EE76}C:\users\obimobil\appdata\local\cloudstation\cloudstation.app\bin\cloud-connect.exe] => (Allow) C:\users\obimobil\appdata\local\cloudstation\cloudstation.app\bin\cloud-connect.exe
FirewallRules: [TCP Query User{7AF82318-1B97-40E8-B16B-995AA51AAFFB}C:\users\obimobil\appdata\local\cloudstation\cloudstation.app\bin\cloud-connect.exe] => (Allow) C:\users\obimobil\appdata\local\cloudstation\cloudstation.app\bin\cloud-connect.exe
FirewallRules: [UDP Query User{7806AE29-CEC7-4BB6-A7BA-79CB7A05C40F}C:\users\obimobil\appdata\local\cloudstation\cloudstation.app\bin\cloud-connect.exe] => (Allow) C:\users\obimobil\appdata\local\cloudstation\cloudstation.app\bin\cloud-connect.exe
FirewallRules: [TCP Query User{6685F41D-95A6-4AFC-B985-EE83BF43FF1B}C:\program files (x86)\maniaplanet\maniaplanet.exe] => (Allow) C:\program files (x86)\maniaplanet\maniaplanet.exe
FirewallRules: [UDP Query User{315A0DD0-D029-4C4D-BF42-A72DF4CF5BDB}C:\program files (x86)\maniaplanet\maniaplanet.exe] => (Allow) C:\program files (x86)\maniaplanet\maniaplanet.exe
FirewallRules: [TCP Query User{820DDDDA-3CB0-40EF-988B-02E8BD8A24C2}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{181993C7-594F-498F-9F1D-D7FC5F6F0B28}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{BA4A3BBE-FB43-42BB-B813-CD10F3BACE09}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{2C373DFB-DB53-49EC-9178-784CC7C67BA6}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{56A96ABD-1B73-44A1-9D17-0345F5B5BDFE}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{F0A0F69E-12D9-4E47-BAE1-6E1845F1D0FE}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [TCP Query User{4C6B3D81-B678-4DF9-BB07-040441957F7A}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{A19551DE-53BC-490E-ADC1-412C7B190472}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [{6C3AD8DD-36C5-4AE1-BB42-8C6B035BC53D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Wiederherstellungspunkte =========================
11-12-2015 04:13:00 Windows Update
17-12-2015 01:03:02 Windows Update
22-12-2015 18:23:41 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (01/06/2016 01:46:15 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 23311620
Error: (01/06/2016 01:46:15 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 23311620
Error: (01/06/2016 01:46:15 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (01/06/2016 01:46:14 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 23310606
Error: (01/06/2016 01:46:14 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 23310606
Error: (01/06/2016 01:46:14 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (01/06/2016 01:46:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 23309576
Error: (01/06/2016 01:46:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 23309576
Error: (01/06/2016 01:46:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (01/06/2016 01:46:12 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 23308577
Systemfehler:
=============
Error: (01/05/2016 07:03:08 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.
Error: (01/05/2016 06:50:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Bitdefender Desktop Update Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (01/05/2016 06:49:35 PM) (Source: SCardSvr) (EventID: 602) (User: )
Description: Das System kann den angegebenen Pfad nicht finden.
Error: (01/05/2016 06:49:34 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 03.01.2016 um 20:16:50 unerwartet heruntergefahren.
Error: (01/03/2016 08:12:24 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.
Error: (01/03/2016 08:10:10 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Defender" wurde nicht richtig gestartet.
Error: (01/03/2016 08:08:10 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Intel(R) Management & Security Application User Notification Service" wurde nicht richtig gestartet.
Error: (01/03/2016 08:00:27 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Vodafone Mobile Connect Service erreicht.
Error: (01/03/2016 07:59:57 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Service Host erreicht.
Error: (01/03/2016 07:59:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Bitdefender Desktop Update Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5 CPU M 460 @ 2.53GHz
Prozentuale Nutzung des RAM: 54%
Installierter physikalischer RAM: 3958.71 MB
Verfügbarer physikalischer RAM: 1787.5 MB
Summe virtueller Speicher: 7915.61 MB
Verfügbarer virtueller Speicher: 4200.87 MB
==================== Laufwerke ================================
Drive c: (Acer) (Fixed) (Total:284.99 GB) (Free:49.41 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: F16C7E11)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=285 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
06.01.2016, 18:54
| #4 |
| | Win7 extrem langsamCode:
ATTFilter 18:17:09.0238 0x2a38 TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
18:17:14.0727 0x2a38 ============================================================
18:17:14.0727 0x2a38 Current date / time: 2016/01/06 18:17:14.0727
18:17:14.0727 0x2a38 SystemInfo:
18:17:14.0727 0x2a38
18:17:14.0727 0x2a38 OS Version: 6.1.7601 ServicePack: 1.0
18:17:14.0727 0x2a38 Product type: Workstation
18:17:14.0727 0x2a38 ComputerName: OBIMOBIL-PC
18:17:14.0727 0x2a38 UserName: ObiMobil
18:17:14.0727 0x2a38 Windows directory: C:\Windows
18:17:14.0727 0x2a38 System windows directory: C:\Windows
18:17:14.0728 0x2a38 Running under WOW64
18:17:14.0728 0x2a38 Processor architecture: Intel x64
18:17:14.0728 0x2a38 Number of processors: 4
18:17:14.0728 0x2a38 Page size: 0x1000
18:17:14.0728 0x2a38 Boot type: Normal boot
18:17:14.0728 0x2a38 ============================================================
18:17:15.0572 0x2a38 KLMD registered as C:\Windows\system32\drivers\26632133.sys
18:17:16.0411 0x2a38 System UUID: {23E6ACAE-0217-40EF-1D67-4AC9E49FB86E}
18:17:17.0453 0x2a38 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:17:17.0458 0x2a38 ============================================================
18:17:17.0458 0x2a38 \Device\Harddisk0\DR0:
18:17:17.0458 0x2a38 MBR partitions:
18:17:17.0458 0x2a38 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1A00800, BlocksNum 0x32000
18:17:17.0458 0x2a38 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1A32800, BlocksNum 0x239FB800
18:17:17.0458 0x2a38 ============================================================
18:17:17.0483 0x2a38 C: <-> \Device\Harddisk0\DR0\Partition2
18:17:17.0507 0x2a38 ============================================================
18:17:17.0507 0x2a38 Initialize success
18:17:17.0507 0x2a38 ============================================================
18:18:07.0271 0x2bb0 ============================================================
18:18:07.0271 0x2bb0 Scan started
18:18:07.0271 0x2bb0 Mode: Manual; SigCheck; TDLFS;
18:18:07.0271 0x2bb0 ============================================================
18:18:07.0271 0x2bb0 KSN ping started
18:18:09.0760 0x2bb0 KSN ping finished: true
18:18:11.0244 0x2bb0 ================ Scan system memory ========================
18:18:11.0244 0x2bb0 System memory - ok
18:18:11.0245 0x2bb0 ================ Scan services =============================
18:18:11.0457 0x2bb0 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
18:18:11.0784 0x2bb0 1394ohci - ok
18:18:11.0875 0x2bb0 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
18:18:11.0913 0x2bb0 ACPI - ok
18:18:11.0973 0x2bb0 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
18:18:12.0098 0x2bb0 AcpiPmi - ok
18:18:12.0231 0x2bb0 [ 5DB2C6B908C50767E2EDAA294A7566B5, 13AE4879D679BB0C6B2A5A5B13910359815A9D2E569BC1DE740B5A387A78CF33 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:18:12.0247 0x2bb0 AdobeARMservice - ok
18:18:12.0379 0x2bb0 [ C3E7E1F3C85A6788F3BA078BA214341E, A3D72ACE045730DC1C8A6F4E3937C5C765AB447BF7C573BEC53DE8148EB4A1C8 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:18:12.0417 0x2bb0 AdobeFlashPlayerUpdateSvc - ok
18:18:12.0489 0x2bb0 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
18:18:12.0512 0x2bb0 adp94xx - ok
18:18:12.0550 0x2bb0 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
18:18:12.0569 0x2bb0 adpahci - ok
18:18:12.0614 0x2bb0 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
18:18:12.0629 0x2bb0 adpu320 - ok
18:18:12.0686 0x2bb0 [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:18:12.0725 0x2bb0 AeLookupSvc - ok
18:18:12.0788 0x2bb0 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
18:18:12.0881 0x2bb0 AFD - ok
18:18:12.0944 0x2bb0 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
18:18:12.0959 0x2bb0 agp440 - ok
18:18:12.0998 0x2bb0 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
18:18:13.0066 0x2bb0 ALG - ok
18:18:13.0125 0x2bb0 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
18:18:13.0139 0x2bb0 aliide - ok
18:18:13.0177 0x2bb0 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
18:18:13.0192 0x2bb0 amdide - ok
18:18:13.0209 0x2bb0 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
18:18:13.0248 0x2bb0 AmdK8 - ok
18:18:13.0279 0x2bb0 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
18:18:13.0308 0x2bb0 AmdPPM - ok
18:18:13.0362 0x2bb0 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
18:18:13.0386 0x2bb0 amdsata - ok
18:18:13.0406 0x2bb0 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
18:18:13.0422 0x2bb0 amdsbs - ok
18:18:13.0442 0x2bb0 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
18:18:13.0456 0x2bb0 amdxata - ok
18:18:13.0627 0x2bb0 [ 81E02299B534F61E104C1235519C37B3, B389458C13A0E0717365B7CE371A6B768EB2F98C4CDBAA6DCBBBDE3A2B1D8B14 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
18:18:13.0670 0x2bb0 AntiVirMailService - ok
18:18:13.0738 0x2bb0 [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
18:18:13.0763 0x2bb0 AntiVirSchedulerService - ok
18:18:13.0821 0x2bb0 [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
18:18:13.0848 0x2bb0 AntiVirService - ok
18:18:13.0959 0x2bb0 [ CAA9D66CA6D21AF0AE7DA01D5AC6CC2F, 827400CFB53026757B3D75B6C5AC7BBECE7E62B335160C18CBF6A41047F4A400 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
18:18:14.0009 0x2bb0 AntiVirWebService - ok
18:18:14.0068 0x2bb0 [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID C:\Windows\system32\drivers\appid.sys
18:18:14.0114 0x2bb0 AppID - ok
18:18:14.0136 0x2bb0 [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc C:\Windows\System32\appidsvc.dll
18:18:14.0175 0x2bb0 AppIDSvc - ok
18:18:14.0260 0x2bb0 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
18:18:14.0341 0x2bb0 Appinfo - ok
18:18:14.0387 0x2bb0 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
18:18:14.0409 0x2bb0 arc - ok
18:18:14.0440 0x2bb0 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
18:18:14.0453 0x2bb0 arcsas - ok
18:18:14.0612 0x2bb0 [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:18:14.0727 0x2bb0 aspnet_state - ok
18:18:14.0747 0x2bb0 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:18:14.0907 0x2bb0 AsyncMac - ok
18:18:14.0980 0x2bb0 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
18:18:14.0991 0x2bb0 atapi - ok
18:18:15.0086 0x2bb0 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:18:15.0166 0x2bb0 AudioEndpointBuilder - ok
18:18:15.0189 0x2bb0 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
18:18:15.0214 0x2bb0 AudioSrv - ok
18:18:15.0296 0x2bb0 [ D37F00A992A9E099B7A4136FD55B9180, 2298F39894AD72B72DCD871580ADE2FCA9000D8E8EDB7A6B588142BA12619A2C ] AVerAF35 C:\Windows\system32\Drivers\AVerAF35.sys
18:18:15.0347 0x2bb0 AVerAF35 - ok
18:18:15.0405 0x2bb0 [ 29E019B4607E410BFE4DB778C3300BC5, 32D1A5A5836152BAAA168B4A06AC6F52DBC19150D339B5F87E8E3A1E1EE580C3 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
18:18:15.0428 0x2bb0 avgntflt - ok
18:18:15.0452 0x2bb0 [ 1AD2C8F543F261F0AB90AD80767AB21D, 364DA0D0B8A91688CE39FEDF68EB93260819849097444F6A10A3F95CC32F9EA5 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
18:18:15.0468 0x2bb0 avipbb - ok
18:18:15.0597 0x2bb0 [ 24680B56D862F1DE30C13FC64B80F568, 4B30EB73369691B915F5615E1BF6C95B070E184BC42BCC505C94410014A04EB3 ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
18:18:15.0627 0x2bb0 Avira.ServiceHost - ok
18:18:15.0679 0x2bb0 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
18:18:15.0692 0x2bb0 avkmgr - ok
18:18:15.0735 0x2bb0 [ 99672CCD11058D6E2F627473B773F971, 4EF2BCDA4678F9ECE499F216AC0F8105F37D2AB0320064741A8DFB5C39E5048C ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys
18:18:15.0748 0x2bb0 avnetflt - ok
18:18:15.0811 0x2bb0 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
18:18:15.0928 0x2bb0 AxInstSV - ok
18:18:15.0984 0x2bb0 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
18:18:16.0060 0x2bb0 b06bdrv - ok
18:18:16.0112 0x2bb0 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
18:18:16.0154 0x2bb0 b57nd60a - ok
18:18:16.0295 0x2bb0 [ 5F685973740F289BE3C809952DB8408B, 4C0A0C06BB2B6B1879A860B0D68289A55F80CF74947FCCE7815F1D8121232F62 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe
18:18:16.0323 0x2bb0 BBSvc - ok
18:18:16.0349 0x2bb0 [ 76F78018F45E7F92164CEA5020176933, 76E1CA6E198417F3749864721C43913189A7EA07B5ED320DE543B2037CEA3D65 ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe
18:18:16.0366 0x2bb0 BBUpdate - ok
18:18:16.0526 0x2bb0 [ 2D659B569A76CDB83B815675A80D7096, 8246BD350017B6CBADA4BBDBAB8B708B0A8F1AD5ADD4B2DE1BA610B4A188C262 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
18:18:16.0736 0x2bb0 BCM43XX - ok
18:18:16.0762 0x2bb0 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
18:18:16.0844 0x2bb0 BDESVC - ok
18:18:16.0866 0x2bb0 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
18:18:16.0925 0x2bb0 Beep - ok
18:18:17.0029 0x2bb0 [ 299E54DB3638A18E47BD3A2D2EF499F7, 7812C8F8EDA14CC74F43979B1C7E790EE15CFE10672C5F3E077AE6C87A69C27C ] Belkin Local Backup Service C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe
18:18:17.0050 0x2bb0 Belkin Local Backup Service - detected UnsignedFile.Multi.Generic ( 1 )
18:18:17.0229 0x22a4 Object required for P2P: [ C3E7E1F3C85A6788F3BA078BA214341E ] AdobeFlashPlayerUpdateSvc
18:18:19.0554 0x2bb0 Detect skipped due to KSN trusted
18:18:19.0554 0x2bb0 Belkin Local Backup Service - ok
18:18:19.0614 0x2bb0 [ E62A04D615A8CAC83601E1F07C010D3C, BA9E08EE979C3898DF573B61514B3EAA6E5DAAA182DA3618BFA1BD94ABDA0266 ] Belkin Network USB Helper C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe
18:18:19.0652 0x2bb0 Belkin Network USB Helper - detected UnsignedFile.Multi.Generic ( 1 )
18:18:19.0783 0x22a4 Object send P2P result: true
18:18:19.0785 0x22a4 Object required for P2P: [ 81E02299B534F61E104C1235519C37B3 ] AntiVirMailService
18:18:22.0160 0x2bb0 Detect skipped due to KSN trusted
18:18:22.0160 0x2bb0 Belkin Network USB Helper - ok
18:18:22.0268 0x2bb0 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
18:18:22.0363 0x22a4 Object send P2P result: true
18:18:22.0364 0x22a4 Object required for P2P: [ 3CBE5047BB08BD363420D68364F9E829 ] AntiVirSchedulerService
18:18:22.0374 0x2bb0 BFE - ok
18:18:22.0447 0x2bb0 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
18:18:22.0619 0x2bb0 BITS - ok
18:18:22.0656 0x2bb0 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
18:18:22.0682 0x2bb0 blbdrive - ok
18:18:22.0747 0x2bb0 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:18:22.0785 0x2bb0 Bonjour Service - ok
18:18:22.0837 0x2bb0 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:18:22.0907 0x2bb0 bowser - ok
18:18:22.0930 0x2bb0 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:18:23.0018 0x2bb0 BrFiltLo - ok
18:18:23.0034 0x2bb0 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:18:23.0063 0x2bb0 BrFiltUp - ok
18:18:23.0115 0x2bb0 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
18:18:23.0189 0x2bb0 Browser - ok
18:18:23.0227 0x2bb0 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
18:18:23.0297 0x2bb0 Brserid - ok
18:18:23.0311 0x2bb0 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
18:18:23.0343 0x2bb0 BrSerWdm - ok
18:18:23.0354 0x2bb0 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
18:18:23.0394 0x2bb0 BrUsbMdm - ok
18:18:23.0433 0x2bb0 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
18:18:23.0450 0x2bb0 BrUsbSer - ok
18:18:23.0517 0x2bb0 [ 0E03E300CB28F30843F40069563CE2AD, 8D1E78A847B548F32E15573A39E403E6A65838C77628B9F9BFBDED527BAE9054 ] BrYNSvc C:\Program Files (x86)\Browny02\BrYNSvc.exe
18:18:23.0552 0x2bb0 BrYNSvc - detected UnsignedFile.Multi.Generic ( 1 )
18:18:24.0893 0x22a4 Object send P2P result: true
18:18:24.0893 0x22a4 Object required for P2P: [ 3CBE5047BB08BD363420D68364F9E829 ] AntiVirService
18:18:26.0042 0x2bb0 Detect skipped due to KSN trusted
18:18:26.0042 0x2bb0 BrYNSvc - ok
18:18:26.0079 0x2bb0 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
18:18:26.0110 0x2bb0 BTHMODEM - ok
18:18:26.0143 0x2bb0 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
18:18:26.0203 0x2bb0 bthserv - ok
18:18:26.0235 0x2bb0 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:18:26.0285 0x2bb0 cdfs - ok
18:18:26.0353 0x2bb0 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
18:18:26.0386 0x2bb0 cdrom - ok
18:18:26.0447 0x2bb0 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
18:18:26.0493 0x2bb0 CertPropSvc - ok
18:18:26.0536 0x2bb0 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
18:18:26.0573 0x2bb0 circlass - ok
18:18:26.0640 0x2bb0 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
18:18:26.0660 0x2bb0 CLFS - ok
18:18:26.0742 0x2bb0 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:18:26.0757 0x2bb0 clr_optimization_v2.0.50727_32 - ok
18:18:26.0825 0x2bb0 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:18:26.0843 0x2bb0 clr_optimization_v2.0.50727_64 - ok
18:18:26.0936 0x2bb0 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:18:27.0127 0x2bb0 clr_optimization_v4.0.30319_32 - ok
18:18:27.0146 0x2bb0 [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:18:27.0234 0x2bb0 clr_optimization_v4.0.30319_64 - ok
18:18:27.0273 0x2bb0 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
18:18:27.0293 0x2bb0 CmBatt - ok
18:18:27.0344 0x2bb0 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:18:27.0355 0x2bb0 cmdide - ok
18:18:27.0410 0x2bb0 [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG C:\Windows\system32\Drivers\cng.sys
18:18:27.0422 0x22a4 Object send P2P result: true
18:18:27.0422 0x22a4 Object required for P2P: [ CAA9D66CA6D21AF0AE7DA01D5AC6CC2F ] AntiVirWebService
18:18:27.0445 0x2bb0 CNG - ok
18:18:27.0486 0x2bb0 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
18:18:27.0498 0x2bb0 Compbatt - ok
18:18:27.0555 0x2bb0 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
18:18:27.0578 0x2bb0 CompositeBus - ok
18:18:27.0585 0x2bb0 COMSysApp - ok
18:18:27.0704 0x2bb0 [ 5212E0957468D3F94D90FA7A0F06B58F, 955DAC77A0148E9F9ED744F5D341CB9C9118261E52FE622AC6213965F2BC4CAD ] cpuz137 C:\Program Files (x86)\CPUID\PC Wizard 2015\pcwiz_x64.sys
18:18:27.0726 0x2bb0 cpuz137 - ok
18:18:27.0762 0x2bb0 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
18:18:27.0781 0x2bb0 crcdisk - ok
18:18:27.0854 0x2bb0 [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:18:27.0902 0x2bb0 CryptSvc - ok
18:18:27.0947 0x2bb0 [ B72CF8A0162D285BDA589ECECB8F10EE, C55C48F12D0018F55CF0DCFFBB5CB6ABA3516DD9369B07838C125755171761D6 ] cxbu0x64 C:\Windows\system32\DRIVERS\cxbu0x64.sys
18:18:27.0994 0x2bb0 cxbu0x64 - ok
18:18:28.0076 0x2bb0 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
18:18:28.0137 0x2bb0 DcomLaunch - ok
18:18:28.0183 0x2bb0 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
18:18:28.0227 0x2bb0 defragsvc - ok
18:18:28.0277 0x2bb0 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:18:28.0329 0x2bb0 DfsC - ok
18:18:28.0405 0x2bb0 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
18:18:28.0461 0x2bb0 Dhcp - ok
18:18:28.0491 0x2bb0 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
18:18:28.0559 0x2bb0 discache - ok
18:18:28.0590 0x2bb0 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
18:18:28.0602 0x2bb0 Disk - ok
18:18:28.0657 0x2bb0 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:18:28.0707 0x2bb0 Dnscache - ok
18:18:28.0766 0x2bb0 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
18:18:28.0828 0x2bb0 dot3svc - ok
18:18:28.0876 0x2bb0 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
18:18:28.0939 0x2bb0 DPS - ok
18:18:29.0036 0x2bb0 [ 8D204535D6E0727DF89AF6D962A36359, 8EB84D4AAB280D46EDDD2FF0306FA6F341BF812F913A4964155514EF330D63B5 ] DRHARD64 C:\Windows\system32\drivers\DRHARD64.sys
18:18:29.0053 0x2bb0 DRHARD64 - ok
18:18:29.0068 0x2bb0 [ 127332B4B278F0ABDDB9B74BA8F82D5E, 954CEF90BEAE44F50276F59114B54164462A38420D4B8623CA8F09601DCB255F ] DRHMSR64 C:\Windows\system32\drivers\DRHMSR64.sys
18:18:29.0079 0x2bb0 DRHMSR64 - ok
18:18:29.0135 0x2bb0 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:18:29.0201 0x2bb0 drmkaud - ok
18:18:29.0276 0x2bb0 [ 1FCA854CEDFC2CCD0C22E46EA4EA18F1, 3508547FCE3B6ACA34511BB2C50A375E3894EBFAC656B9D1C82EA8439EFD8846 ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe
18:18:29.0302 0x2bb0 DsiWMIService - ok
18:18:29.0402 0x2bb0 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:18:29.0444 0x2bb0 DXGKrnl - ok
18:18:29.0520 0x2bb0 EagleX64 - ok
18:18:29.0560 0x2bb0 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
18:18:29.0612 0x2bb0 EapHost - ok
18:18:29.0765 0x2bb0 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
18:18:29.0962 0x22a4 Object send P2P result: true
18:18:29.0964 0x2bb0 ebdrv - ok
18:18:30.0020 0x2bb0 [ 4C3FAC816925F73A34AD52F1F7C0A7EA, 7E9B4F68E2ADABA3A9324DA16CF680D77CF2812D4BD0BFCFF0173CA61260A3FE ] EFS C:\Windows\System32\lsass.exe
18:18:30.0104 0x2bb0 EFS - ok
18:18:30.0207 0x2bb0 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:18:30.0292 0x2bb0 ehRecvr - ok
18:18:30.0328 0x2bb0 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
18:18:30.0366 0x2bb0 ehSched - ok
18:18:30.0462 0x2bb0 [ BE2902E13CA69383F449B6BF927844FB, F092785E305D8E1FE795AF98A7A7B7B4548A0D6687060568C9E078FFA8D65C1C ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
18:18:30.0474 0x2bb0 ElbyCDIO - ok
18:18:30.0524 0x2bb0 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
18:18:30.0551 0x2bb0 elxstor - ok
18:18:30.0640 0x2bb0 [ 3EA2C4F68A782839D97B3C83595575B6, D4C3BFD0B6817B73BE9F2378FA946BD1C213A4FB9EB3F7D2C79E9B6D9F895106 ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
18:18:30.0671 0x2bb0 ePowerSvc - ok
18:18:30.0803 0x2bb0 [ B5581646636759D0DAFA8B008881C079, 0CADE029ABDCDE3A89C0786F1698C93D9A7CC981EFB3761CF243E19E178FF611 ] EPSON_EB_RPCV4_01 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
18:18:30.0828 0x2bb0 EPSON_EB_RPCV4_01 - detected UnsignedFile.Multi.Generic ( 1 )
18:18:33.0403 0x2bb0 Detect skipped due to KSN trusted
18:18:33.0403 0x2bb0 EPSON_EB_RPCV4_01 - ok
18:18:33.0434 0x2bb0 [ 1E345F2A2D95DA3190596E691CDE9342, 9D1D48F3B749ADA598D155E11E63CD52A4EEABF9BE92A1D997D25D07CF350084 ] EPSON_PM_RPCV4_01 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
18:18:33.0486 0x2bb0 EPSON_PM_RPCV4_01 - detected UnsignedFile.Multi.Generic ( 1 )
18:18:36.0022 0x2bb0 Detect skipped due to KSN trusted
18:18:36.0022 0x2bb0 EPSON_PM_RPCV4_01 - ok
18:18:36.0062 0x2bb0 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:18:36.0109 0x2bb0 ErrDev - ok
18:18:36.0175 0x2bb0 [ 0975BF32399A24117E317B5BF1D5D0AA, 850217D920BB6E524C08C11A9806B8B148E9CF6CEBED9481BF7C9F07BCA918D5 ] ETD C:\Windows\system32\DRIVERS\ETD.sys
18:18:36.0205 0x2bb0 ETD - ok
18:18:36.0247 0x2bb0 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
18:18:36.0331 0x2bb0 EventSystem - ok
18:18:36.0347 0x2bb0 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
18:18:36.0402 0x2bb0 exfat - ok
18:18:36.0427 0x2bb0 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:18:36.0485 0x2bb0 fastfat - ok
18:18:36.0570 0x2bb0 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
18:18:36.0653 0x2bb0 Fax - ok
18:18:36.0673 0x2bb0 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
18:18:36.0711 0x2bb0 fdc - ok
18:18:36.0739 0x2bb0 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
18:18:36.0800 0x2bb0 fdPHost - ok
18:18:36.0809 0x2bb0 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
18:18:36.0854 0x2bb0 FDResPub - ok
18:18:36.0877 0x2bb0 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:18:36.0908 0x2bb0 FileInfo - ok
18:18:36.0923 0x2bb0 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:18:36.0971 0x2bb0 Filetrace - ok
18:18:37.0048 0x2bb0 [ BB0667B0171B632B97EA759515476F07, 07A123B2182D5813D2898928C231638353CF086606E9D5A5AF4A2A73E17CEC27 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
18:18:37.0086 0x2bb0 FLEXnet Licensing Service - ok
18:18:37.0109 0x2bb0 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
18:18:37.0153 0x2bb0 flpydisk - ok
18:18:37.0222 0x2bb0 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:18:37.0252 0x2bb0 FltMgr - ok
18:18:37.0333 0x2bb0 [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache C:\Windows\system32\FntCache.dll
18:18:37.0464 0x2bb0 FontCache - ok
18:18:37.0540 0x2bb0 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:18:37.0564 0x2bb0 FontCache3.0.0.0 - ok
18:18:37.0595 0x2bb0 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
18:18:37.0607 0x2bb0 FsDepends - ok
18:18:37.0628 0x2bb0 [ 6C06701BF1DB05405804D7EB610991CE, 75DEB2204D9AC338ED7C4742BEFAFA0AFC7E42B2C1B54A57DF8A1AD097D9EC3E ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
18:18:37.0639 0x2bb0 fssfltr - ok
18:18:37.0746 0x2bb0 [ 4CE9DAC1518FF7E77BD213E6394B9D77, D7D0D29DF93AC7DC5F85E385EEB45306C7BD87ACA7AAC5A8D47893D120C32C03 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
18:18:37.0793 0x2bb0 fsssvc - ok
18:18:37.0831 0x2bb0 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:18:37.0844 0x2bb0 Fs_Rec - ok
18:18:37.0912 0x2bb0 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
18:18:37.0935 0x2bb0 fvevol - ok
18:18:37.0960 0x2bb0 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
18:18:37.0977 0x2bb0 gagp30kx - ok
18:18:38.0043 0x2bb0 [ 79C65AC6B3274C0712B3CEDB99B9BE0B, 71ADB12C03F7C4B0E79E94357982349BAE848CDB2FF6D7DEAB5E569E008166FD ] Gizmo Central C:\Program Files (x86)\Gizmo\gservice.exe
18:18:38.0068 0x2bb0 Gizmo Central - detected UnsignedFile.Multi.Generic ( 1 )
18:18:40.0572 0x2bb0 Detect skipped due to KSN trusted
18:18:40.0572 0x2bb0 Gizmo Central - ok
18:18:40.0622 0x2bb0 [ EE8829B623542D8ADC4DBA65A1133741, 2B57AAB127991B56EE40149169D19270FFBD10DD9EB5E74231843A73C561C910 ] GizmoDrv C:\Windows\system32\drivers\GizmoDrv.sys
18:18:40.0653 0x2bb0 GizmoDrv - ok
18:18:40.0720 0x2bb0 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
18:18:40.0792 0x2bb0 gpsvc - ok
18:18:40.0853 0x2bb0 [ 0191DEE9B9EB7902AF2CF4F67301095D, 9E2E263E84167E1AD3FFCEA84066AF07CD6A653F5D8266A619E4973BC4B25460 ] GREGService C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
18:18:40.0863 0x2bb0 GREGService - ok
18:18:40.0953 0x2bb0 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:18:40.0978 0x2bb0 gupdate - ok
18:18:40.0995 0x2bb0 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:18:41.0009 0x2bb0 gupdatem - ok
18:18:41.0051 0x2bb0 [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
18:18:41.0066 0x2bb0 gusvc - ok
18:18:41.0087 0x2bb0 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
18:18:41.0146 0x2bb0 hcw85cir - ok
18:18:41.0220 0x2bb0 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:18:41.0267 0x2bb0 HdAudAddService - ok
18:18:41.0300 0x2bb0 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
18:18:41.0341 0x2bb0 HDAudBus - ok
18:18:41.0394 0x2bb0 [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
18:18:41.0414 0x2bb0 HECIx64 - ok
18:18:41.0435 0x2bb0 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
18:18:41.0459 0x2bb0 HidBatt - ok
18:18:41.0480 0x2bb0 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
18:18:41.0523 0x2bb0 HidBth - ok
18:18:41.0552 0x2bb0 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
18:18:41.0580 0x2bb0 HidIr - ok
18:18:41.0617 0x2bb0 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
18:18:41.0710 0x2bb0 hidserv - ok
18:18:41.0769 0x2bb0 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
18:18:41.0851 0x2bb0 HidUsb - ok
18:18:41.0905 0x2bb0 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:18:41.0953 0x2bb0 hkmsvc - ok
18:18:42.0015 0x2bb0 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:18:42.0088 0x2bb0 HomeGroupListener - ok
18:18:42.0139 0x2bb0 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:18:42.0180 0x2bb0 HomeGroupProvider - ok
18:18:42.0234 0x2bb0 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
18:18:42.0252 0x2bb0 HpSAMD - ok
18:18:42.0451 0x2bb0 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:18:42.0542 0x2bb0 HTTP - ok
18:18:42.0623 0x2bb0 [ C8F3119AD72A507D12EF389DF4C266EF, 3AFFFECCC63ED848FD5DF64C71AD543EC56314F35B54691CA419BCBB3CEEBCA0 ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys
18:18:42.0675 0x2bb0 hwdatacard - ok
18:18:42.0725 0x2bb0 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
18:18:42.0739 0x2bb0 hwpolicy - ok
18:18:42.0788 0x2bb0 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
18:18:42.0831 0x2bb0 i8042prt - ok
18:18:42.0884 0x2bb0 [ 1384872112E8E7FD5786ECEB8BDDF4C9, DC7844691740805A94F2901F8CB56F1591AF4F0F9C6D92D6B8595F89E6FA5F02 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
18:18:42.0907 0x2bb0 iaStor - ok
18:18:42.0948 0x2bb0 [ 6B24D1C3096DE796D15571079EA5E98C, 89566A7BDEDA7A663110F72B6301998651937E1E3E541EAB054169CEC8C7353F ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
18:18:42.0976 0x2bb0 IAStorDataMgrSvc - ok
18:18:43.0065 0x2bb0 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
18:18:43.0093 0x2bb0 iaStorV - ok
18:18:43.0195 0x2bb0 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:18:43.0242 0x2bb0 idsvc - ok
18:18:43.0261 0x2bb0 IEEtwCollectorService - ok
18:18:43.0294 0x2bb0 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
18:18:43.0307 0x2bb0 iirsp - ok
18:18:43.0390 0x2bb0 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
18:18:43.0475 0x2bb0 IKEEXT - ok
18:18:43.0530 0x2bb0 [ DD587A55390ED2295BCE6D36AD567DA9, AEB7DCB8EF89BEE8D9649A05FC482B1E4E3F44243D57A2577C862EB69166C48E ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
18:18:43.0597 0x2bb0 Impcd - ok
18:18:43.0715 0x2bb0 [ 235362D403D9D677514649D88DB31914, 522F5BA88169ADEC1EEB595BFBBCD6417DF38CD93A0D2B2FD0AF4C907FF6D965 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
18:18:43.0797 0x2bb0 IntcAzAudAddService - ok
18:18:43.0850 0x2bb0 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
18:18:43.0862 0x2bb0 intelide - ok
18:18:43.0902 0x2bb0 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:18:43.0917 0x2bb0 intelppm - ok
18:18:43.0952 0x2bb0 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:18:44.0004 0x2bb0 IPBusEnum - ok
18:18:44.0054 0x2bb0 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:18:44.0109 0x2bb0 IpFilterDriver - ok
18:18:44.0168 0x2bb0 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
18:18:44.0234 0x2bb0 iphlpsvc - ok
18:18:44.0286 0x2bb0 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
18:18:44.0313 0x2bb0 IPMIDRV - ok
18:18:44.0340 0x2bb0 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
18:18:44.0387 0x2bb0 IPNAT - ok
18:18:44.0402 0x2bb0 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:18:44.0509 0x2bb0 IRENUM - ok
18:18:44.0558 0x2bb0 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:18:44.0580 0x2bb0 isapnp - ok
18:18:44.0636 0x2bb0 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
18:18:44.0654 0x2bb0 iScsiPrt - ok
18:18:44.0715 0x2bb0 [ 37E053A2CF8F0082B689ED74106E0CEC, 431D3A3212152A76878C9CA347056B62B2A5A3E0211C4D930639C426EE73A0B7 ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
18:18:44.0737 0x2bb0 k57nd60a - ok
18:18:44.0762 0x2bb0 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
18:18:44.0775 0x2bb0 kbdclass - ok
18:18:44.0831 0x2bb0 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
18:18:44.0872 0x2bb0 kbdhid - ok
18:18:44.0878 0x2bb0 [ 4C3FAC816925F73A34AD52F1F7C0A7EA, 7E9B4F68E2ADABA3A9324DA16CF680D77CF2812D4BD0BFCFF0173CA61260A3FE ] KeyIso C:\Windows\system32\lsass.exe
18:18:44.0893 0x2bb0 KeyIso - ok
18:18:44.0949 0x2bb0 [ C93EB3A92540830168F2057ECA7DE49A, 91DAEAD52B517E1E7CE9AAAE478493732156AA3122E6D16F7E8BD37116BB501C ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:18:44.0964 0x2bb0 KSecDD - ok
18:18:44.0989 0x2bb0 [ 43F45C59A472993E5063F2DB2D22C509, E21B48733619B49272F46E01432D76072AC9241F55CDF08E84AF6277E3BF972A ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
18:18:45.0008 0x2bb0 KSecPkg - ok
18:18:45.0053 0x2bb0 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
18:18:45.0123 0x2bb0 ksthunk - ok
18:18:45.0191 0x2bb0 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
18:18:45.0279 0x2bb0 KtmRm - ok
18:18:45.0357 0x2bb0 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
18:18:45.0410 0x2bb0 LanmanServer - ok
18:18:45.0452 0x2bb0 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:18:45.0505 0x2bb0 LanmanWorkstation - ok
18:18:45.0548 0x2bb0 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:18:45.0590 0x2bb0 lltdio - ok
18:18:45.0622 0x2bb0 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:18:45.0664 0x2bb0 lltdsvc - ok
18:18:45.0678 0x2bb0 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
18:18:45.0733 0x2bb0 lmhosts - ok
18:18:45.0786 0x2bb0 [ DBC1136A62BD4DECC3632DF650284C2E, 2D6344357D21A9062019C7DDF3DB440ABC724CDA925471BBFA8CCAC65E6A2C80 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
18:18:45.0804 0x2bb0 LMS - ok
18:18:45.0836 0x2bb0 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
18:18:45.0854 0x2bb0 LSI_FC - ok
18:18:45.0878 0x2bb0 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
18:18:45.0891 0x2bb0 LSI_SAS - ok
18:18:45.0909 0x2bb0 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:18:45.0921 0x2bb0 LSI_SAS2 - ok
18:18:45.0940 0x2bb0 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:18:45.0953 0x2bb0 LSI_SCSI - ok
18:18:45.0985 0x2bb0 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
18:18:46.0047 0x2bb0 luafv - ok
18:18:46.0088 0x2bb0 [ 035C83CD72E06C47000793D32B1A642D, 38B498D912EB3D0E3EE1266BD559234A5CF463AF81E92D6CBEE83ABECBF5DB74 ] massfilter C:\Windows\system32\drivers\massfilter.sys
18:18:46.0121 0x2bb0 massfilter - ok
18:18:46.0149 0x2bb0 [ 7AD627CDB12F5F451F24C8A97CA6E175, ECBE9293B62D45D874D01B37FC97E861643C40D7085F5CC3A1375E47C1B39F39 ] massfilter_hs C:\Windows\system32\drivers\massfilter_hs.sys
18:18:46.0171 0x2bb0 massfilter_hs - ok
18:18:46.0186 0x2bb0 MBAMSwissArmy - ok
18:18:46.0231 0x2bb0 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:18:46.0262 0x2bb0 Mcx2Svc - ok
18:18:46.0287 0x2bb0 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
18:18:46.0302 0x2bb0 megasas - ok
18:18:46.0327 0x2bb0 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
18:18:46.0348 0x2bb0 MegaSR - ok
18:18:46.0386 0x2bb0 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
18:18:46.0434 0x2bb0 MMCSS - ok
18:18:46.0447 0x2bb0 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
18:18:46.0482 0x2bb0 Modem - ok
18:18:46.0501 0x2bb0 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:18:46.0516 0x2bb0 monitor - ok
18:18:46.0553 0x2bb0 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:18:46.0567 0x2bb0 mouclass - ok
18:18:46.0604 0x2bb0 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:18:46.0645 0x2bb0 mouhid - ok
18:18:46.0693 0x2bb0 [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
18:18:46.0709 0x2bb0 mountmgr - ok
18:18:46.0791 0x2bb0 [ 22A7042C70F90F8261840740DDBB5176, AD0075C97D2D7C568D5CFB1C3A02DCE3BC01941844A759B29CD4DE4AF2F5FC45 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:18:46.0821 0x2bb0 MozillaMaintenance - ok
18:18:46.0867 0x2bb0 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
18:18:46.0881 0x2bb0 mpio - ok
18:18:46.0911 0x2bb0 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:18:46.0955 0x2bb0 mpsdrv - ok
18:18:47.0021 0x2bb0 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
18:18:47.0109 0x2bb0 MpsSvc - ok
18:18:47.0143 0x2bb0 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:18:47.0212 0x2bb0 MRxDAV - ok
18:18:47.0258 0x2bb0 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:18:47.0345 0x2bb0 mrxsmb - ok
18:18:47.0402 0x2bb0 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:18:47.0427 0x2bb0 mrxsmb10 - ok
18:18:47.0444 0x2bb0 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:18:47.0472 0x2bb0 mrxsmb20 - ok
18:18:47.0530 0x2bb0 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
18:18:47.0544 0x2bb0 msahci - ok
18:18:47.0557 0x2bb0 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:18:47.0571 0x2bb0 msdsm - ok
18:18:47.0597 0x2bb0 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
18:18:47.0624 0x2bb0 MSDTC - ok
18:18:47.0651 0x2bb0 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:18:47.0695 0x2bb0 Msfs - ok
18:18:47.0711 0x2bb0 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
18:18:47.0758 0x2bb0 mshidkmdf - ok
18:18:47.0802 0x2bb0 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:18:47.0830 0x2bb0 msisadrv - ok
18:18:47.0866 0x2bb0 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:18:47.0916 0x2bb0 MSiSCSI - ok
18:18:47.0921 0x2bb0 msiserver - ok
18:18:47.0950 0x2bb0 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:18:47.0985 0x2bb0 MSKSSRV - ok
18:18:47.0999 0x2bb0 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:18:48.0043 0x2bb0 MSPCLOCK - ok
18:18:48.0052 0x2bb0 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:18:48.0102 0x2bb0 MSPQM - ok
18:18:48.0157 0x2bb0 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:18:48.0192 0x2bb0 MsRPC - ok
18:18:48.0247 0x2bb0 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
18:18:48.0271 0x2bb0 mssmbios - ok
18:18:48.0301 0x2bb0 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:18:48.0355 0x2bb0 MSTEE - ok
18:18:48.0380 0x2bb0 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
18:18:48.0431 0x2bb0 MTConfig - ok
18:18:48.0453 0x2bb0 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
18:18:48.0465 0x2bb0 Mup - ok
18:18:48.0489 0x2bb0 [ 6FFECC25B39DC7652A0CEC0ADA9DB589, 927EF066CBBA8353149F8C3B7C4299AC06FED439DA874D25CFB583E5912611A2 ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
18:18:48.0499 0x2bb0 mwlPSDFilter - ok
18:18:48.0514 0x2bb0 [ 0BEFE32CA56D6EE89D58175725596A85, E36B9E6159AF7F67D549F7178896CCCB8FC3964531B1DA20CBDD465E632D8FCF ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
18:18:48.0525 0x2bb0 mwlPSDNServ - ok
18:18:48.0544 0x2bb0 [ D43BC633B8660463E446E28E14A51262, C55F235B5E08FAC6D70B0FAC737D714E318A93F8E43FF8095B86A76559AF211D ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
18:18:48.0554 0x2bb0 mwlPSDVDisk - ok
18:18:48.0619 0x2bb0 [ 3E5E20817259F7328C8F3BE5421F35B9, 9BF20E1CE75647BF5654AD603BD7D17E36CC0AD15EEAFF4FACE637D235C34190 ] MWLService C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
18:18:48.0664 0x2bb0 MWLService - ok
18:18:48.0727 0x2bb0 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
18:18:48.0808 0x2bb0 napagent - ok
18:18:48.0858 0x2bb0 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:18:48.0885 0x2bb0 NativeWifiP - ok
18:18:48.0971 0x2bb0 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
18:18:49.0020 0x2bb0 NDIS - ok
18:18:49.0060 0x2bb0 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
18:18:49.0124 0x2bb0 NdisCap - ok
18:18:49.0155 0x2bb0 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:18:49.0212 0x2bb0 NdisTapi - ok
18:18:49.0265 0x2bb0 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:18:49.0331 0x2bb0 Ndisuio - ok
18:18:49.0392 0x2bb0 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:18:49.0450 0x2bb0 NdisWan - ok
18:18:49.0492 0x2bb0 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:18:49.0541 0x2bb0 NDProxy - ok
18:18:49.0575 0x2bb0 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:18:49.0631 0x2bb0 NetBIOS - ok
18:18:49.0683 0x2bb0 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
18:18:49.0751 0x2bb0 NetBT - ok
18:18:49.0765 0x2bb0 [ 4C3FAC816925F73A34AD52F1F7C0A7EA, 7E9B4F68E2ADABA3A9324DA16CF680D77CF2812D4BD0BFCFF0173CA61260A3FE ] Netlogon C:\Windows\system32\lsass.exe
18:18:49.0789 0x2bb0 Netlogon - ok
18:18:49.0827 0x2bb0 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
18:18:49.0909 0x2bb0 Netman - ok
18:18:49.0989 0x2bb0 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:18:50.0123 0x2bb0 NetMsmqActivator - ok
18:18:50.0162 0x2bb0 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:18:50.0209 0x2bb0 NetPipeActivator - ok
18:18:50.0260 0x2bb0 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
18:18:50.0342 0x2bb0 netprofm - ok
18:18:50.0377 0x2bb0 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:18:50.0396 0x2bb0 NetTcpActivator - ok
18:18:50.0403 0x2bb0 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:18:50.0421 0x2bb0 NetTcpPortSharing - ok
18:18:50.0454 0x2bb0 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
18:18:50.0466 0x2bb0 nfrd960 - ok
18:18:50.0514 0x2bb0 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
18:18:50.0590 0x2bb0 NlaSvc - ok
18:18:50.0631 0x2bb0 NLNdisMP - ok
18:18:50.0638 0x2bb0 NLNdisPT - ok
18:18:50.0830 0x2bb0 [ 5839A8027D6D324A7CD494051A96628C, 474F2D0BB463ABE68D7C4D2C630860AED4B722EC62C616C91EE00AA965378382 ] NOBU C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
18:18:50.0913 0x2bb0 NOBU - ok
18:18:50.0930 0x2bb0 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:18:50.0966 0x2bb0 Npfs - ok
18:18:50.0989 0x2bb0 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
18:18:51.0039 0x2bb0 nsi - ok
18:18:51.0059 0x2bb0 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:18:51.0111 0x2bb0 nsiproxy - ok
18:18:51.0218 0x2bb0 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:18:51.0276 0x2bb0 Ntfs - ok
18:18:51.0338 0x2bb0 [ 9A308FCDCCA98A15B6F62D36A272160E, 3991F70D42C1949067ED48CF4EB815E06360B077F6A2369AC76BF0892C3C33EE ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
18:18:51.0362 0x2bb0 NTI IScheduleSvc - ok
18:18:51.0397 0x2bb0 [ EE3BA1024594D5D09E314F206B94069E, 34C8EC3DF1C3088D8A0442CAA4F5506665AFB2DF016709457ED2AB7DA45F53A6 ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
18:18:51.0406 0x2bb0 NTIDrvr - ok
18:18:51.0430 0x2bb0 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
18:18:51.0474 0x2bb0 Null - ok
18:18:51.0555 0x2bb0 [ 805F0C2B9C07E4C0F74D0EF70E9E827A, 32D3DA095788F7F7BA52AC56C8C0DD6D9D388ED3ECEAFEF23EDB8F5812FF953E ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
18:18:51.0582 0x2bb0 NVHDA - ok
18:18:52.0003 0x2bb0 [ EE6B7B6A54BCAFF516E30B1C15467495, 85D5E22593549C7980AA3523F0C9C4391E0D147B29F07500A8DA68F49D80A84F ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:18:52.0495 0x2bb0 nvlddmkm - ok
18:18:52.0622 0x2bb0 [ 1C7C6D7481CABD4EF38A81F5B68F02E8, C4FBE81B8A3F280EEAC282D76626E849197EDEEC8C755B7B12E3594776390DE7 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
18:18:52.0677 0x2bb0 NvNetworkService - ok
18:18:52.0737 0x2bb0 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:18:52.0752 0x2bb0 nvraid - ok
18:18:52.0765 0x2bb0 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:18:52.0780 0x2bb0 nvstor - ok
18:18:53.0352 0x2bb0 [ 7A03646D5330A790A9D47D9F9C38758D, D22F100BBB94C45468ADD301CC96C15365FEAEC9FE820AA4E7AB1A7AF486E3B0 ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
18:18:53.0935 0x2bb0 NvStreamSvc - ok
18:18:54.0063 0x2bb0 [ 25626309AD2F81D47C829CCB5E46E478, D23F9F72C064B5D2A7979674703585345A78F7BE88887794FC9CA2971818B3DC ] nvsvc C:\Windows\system32\nvvsvc.exe
18:18:54.0097 0x2bb0 nvsvc - ok
18:18:54.0173 0x2bb0 [ 09216A70CC364D0974F606F6F2109210, 60877154D4DF5287D1989CDAA9863CD6DACA528D06233238498854A10C868C20 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
18:18:54.0195 0x2bb0 nvvad_WaveExtensible - ok
18:18:54.0266 0x2bb0 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:18:54.0295 0x2bb0 nv_agp - ok
18:18:54.0342 0x2bb0 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
18:18:54.0375 0x2bb0 ohci1394 - ok
18:18:54.0466 0x2bb0 [ 11E0B35479C895888BA3D7F619DCFFF3, 6ED82C19898101EC00BD64A9F90595C3D20AD2D2902AA8765B740FB3B9312DDF ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:18:54.0481 0x2bb0 ose64 - ok
18:18:54.0777 0x2bb0 [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:18:55.0024 0x2bb0 osppsvc - ok
18:18:55.0084 0x2bb0 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
18:18:55.0151 0x2bb0 p2pimsvc - ok
18:18:55.0176 0x2bb0 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
18:18:55.0201 0x2bb0 p2psvc - ok
18:18:55.0229 0x2bb0 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
18:18:55.0247 0x2bb0 Parport - ok
18:18:55.0297 0x2bb0 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:18:55.0316 0x2bb0 partmgr - ok
18:18:55.0363 0x2bb0 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
18:18:55.0413 0x2bb0 PcaSvc - ok
18:18:55.0457 0x2bb0 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
18:18:55.0472 0x2bb0 pci - ok
18:18:55.0525 0x2bb0 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
18:18:55.0535 0x2bb0 pciide - ok
18:18:55.0572 0x2bb0 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
18:18:55.0589 0x2bb0 pcmcia - ok
18:18:55.0615 0x2bb0 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
18:18:55.0628 0x2bb0 pcw - ok
18:18:55.0702 0x2bb0 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:18:55.0759 0x2bb0 PEAUTH - ok
18:18:55.0833 0x2bb0 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
18:18:55.0871 0x2bb0 PerfHost - ok
18:18:55.0976 0x2bb0 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
18:18:56.0047 0x2bb0 pla - ok
18:18:56.0118 0x2bb0 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:18:56.0228 0x2bb0 PlugPlay - ok
18:18:56.0316 0x2bb0 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
18:18:56.0350 0x2bb0 PNRPAutoReg - ok
18:18:56.0379 0x2bb0 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
18:18:56.0420 0x2bb0 PNRPsvc - ok
18:18:56.0478 0x2bb0 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:18:56.0576 0x2bb0 PolicyAgent - ok
18:18:56.0617 0x2bb0 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
18:18:56.0661 0x2bb0 Power - ok
18:18:56.0728 0x2bb0 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:18:56.0780 0x2bb0 PptpMiniport - ok
18:18:56.0809 0x2bb0 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
18:18:56.0843 0x2bb0 Processor - ok
18:18:56.0914 0x2bb0 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
18:18:56.0995 0x2bb0 ProfSvc - ok
18:18:57.0011 0x2bb0 [ 4C3FAC816925F73A34AD52F1F7C0A7EA, 7E9B4F68E2ADABA3A9324DA16CF680D77CF2812D4BD0BFCFF0173CA61260A3FE ] ProtectedStorage C:\Windows\system32\lsass.exe
18:18:57.0024 0x2bb0 ProtectedStorage - ok
18:18:57.0090 0x2bb0 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
18:18:57.0152 0x2bb0 Psched - ok
18:18:57.0266 0x2bb0 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
18:18:57.0332 0x2bb0 ql2300 - ok
18:18:57.0363 0x2bb0 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
18:18:57.0378 0x2bb0 ql40xx - ok
18:18:57.0418 0x2bb0 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
18:18:57.0440 0x2bb0 QWAVE - ok
18:18:57.0458 0x2bb0 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:18:57.0494 0x2bb0 QWAVEdrv - ok
18:18:57.0574 0x2bb0 [ A55E7D0D873B2C97585B3B5926AC6ADE, 3BE3895DA7F0888E85B1941525878BA0846A8F215AD39ED8138BB39615468E32 ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
18:18:57.0621 0x2bb0 RapiMgr - ok
18:18:57.0639 0x2bb0 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:18:57.0695 0x2bb0 RasAcd - ok
18:18:57.0734 0x2bb0 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
18:18:57.0784 0x2bb0 RasAgileVpn - ok
18:18:57.0817 0x2bb0 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
18:18:57.0876 0x2bb0 RasAuto - ok
18:18:57.0922 0x2bb0 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:18:57.0975 0x2bb0 Rasl2tp - ok
18:18:58.0041 0x2bb0 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
18:18:58.0102 0x2bb0 RasMan - ok
18:18:58.0135 0x2bb0 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:18:58.0187 0x2bb0 RasPppoe - ok
18:18:58.0214 0x2bb0 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:18:58.0250 0x2bb0 RasSstp - ok
18:18:58.0313 0x2bb0 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:18:58.0388 0x2bb0 rdbss - ok
18:18:58.0444 0x2bb0 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
18:18:58.0486 0x2bb0 rdpbus - ok
18:18:58.0501 0x2bb0 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:18:58.0551 0x2bb0 RDPCDD - ok
18:18:58.0573 0x2bb0 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:18:58.0629 0x2bb0 RDPENCDD - ok
18:18:58.0667 0x2bb0 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
18:18:58.0704 0x2bb0 RDPREFMP - ok
18:18:58.0813 0x2bb0 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
18:18:58.0879 0x2bb0 RdpVideoMiniport - ok
18:18:58.0931 0x2bb0 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:18:59.0004 0x2bb0 RDPWD - ok
18:18:59.0075 0x2bb0 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
18:18:59.0103 0x2bb0 rdyboost - ok
18:18:59.0136 0x2bb0 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
18:18:59.0190 0x2bb0 RemoteAccess - ok
18:18:59.0226 0x2bb0 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:18:59.0265 0x2bb0 RemoteRegistry - ok
18:18:59.0289 0x2bb0 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
18:18:59.0331 0x2bb0 RpcEptMapper - ok
18:18:59.0347 0x2bb0 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
18:18:59.0360 0x2bb0 RpcLocator - ok
18:18:59.0423 0x2bb0 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
18:18:59.0468 0x2bb0 RpcSs - ok
18:18:59.0491 0x2bb0 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:18:59.0543 0x2bb0 rspndr - ok
18:18:59.0603 0x2bb0 [ 763AE0C6D9DF4C24B7E2C26036A8188A, 1728D9BDF910324988B3D28459AB0A15C57CBBA79D2DFE377342DF3486BA9D48 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
18:18:59.0621 0x2bb0 RSUSBSTOR - ok
18:18:59.0633 0x2bb0 [ 4C3FAC816925F73A34AD52F1F7C0A7EA, 7E9B4F68E2ADABA3A9324DA16CF680D77CF2812D4BD0BFCFF0173CA61260A3FE ] SamSs C:\Windows\system32\lsass.exe
18:18:59.0657 0x2bb0 SamSs - ok
18:18:59.0699 0x2bb0 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:18:59.0729 0x2bb0 sbp2port - ok
18:18:59.0760 0x2bb0 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:18:59.0821 0x2bb0 SCardSvr - ok
18:18:59.0867 0x2bb0 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
18:18:59.0927 0x2bb0 scfilter - ok
18:19:00.0004 0x2bb0 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
18:19:00.0095 0x2bb0 Schedule - ok
18:19:00.0138 0x2bb0 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
18:19:00.0176 0x2bb0 SCPolicySvc - ok
18:19:00.0227 0x2bb0 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:19:00.0312 0x2bb0 SDRSVC - ok
18:19:00.0347 0x2bb0 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:19:00.0388 0x2bb0 secdrv - ok
18:19:00.0430 0x2bb0 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
18:19:00.0480 0x2bb0 seclogon - ok
18:19:00.0522 0x2bb0 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
18:19:00.0586 0x2bb0 SENS - ok
18:19:00.0624 0x2bb0 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
18:19:00.0672 0x2bb0 SensrSvc - ok
18:19:00.0684 0x2bb0 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
18:19:00.0699 0x2bb0 Serenum - ok
18:19:00.0734 0x2bb0 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
18:19:00.0774 0x2bb0 Serial - ok
18:19:00.0836 0x2bb0 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
18:19:00.0872 0x2bb0 sermouse - ok
18:19:00.0925 0x2bb0 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
18:19:00.0981 0x2bb0 SessionEnv - ok
18:19:01.0034 0x2bb0 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:19:01.0080 0x2bb0 sffdisk - ok
18:19:01.0093 0x2bb0 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:19:01.0125 0x2bb0 sffp_mmc - ok
18:19:01.0146 0x2bb0 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:19:01.0178 0x2bb0 sffp_sd - ok
18:19:01.0222 0x2bb0 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
18:19:01.0259 0x2bb0 sfloppy - ok
18:19:01.0306 0x2bb0 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:19:01.0377 0x2bb0 SharedAccess - ok
18:19:01.0432 0x2bb0 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:19:01.0491 0x2bb0 ShellHWDetection - ok
18:19:01.0517 0x2bb0 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:19:01.0529 0x2bb0 SiSRaid2 - ok
18:19:01.0549 0x2bb0 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
18:19:01.0562 0x2bb0 SiSRaid4 - ok
18:19:01.0642 0x2bb0 [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
18:19:01.0678 0x2bb0 SkypeUpdate - ok
18:19:01.0712 0x2bb0 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:19:01.0763 0x2bb0 Smb - ok
18:19:01.0813 0x2bb0 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:19:01.0843 0x2bb0 SNMPTRAP - ok
18:19:01.0900 0x2bb0 [ 0FFE35F0B0CD5A324BBE22F02569AE3B, F4EE803EEFDB4EAEEDB3024C3516F1F9A202C77F4870D6B74356BBDE32B3B560 ] speedfan C:\Windows\syswow64\speedfan.sys
18:19:01.0916 0x2bb0 speedfan - ok
18:19:01.0930 0x2bb0 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
18:19:01.0943 0x2bb0 spldr - ok
18:19:02.0008 0x2bb0 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
18:19:02.0061 0x2bb0 Spooler - ok
18:19:02.0215 0x2bb0 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
18:19:02.0410 0x2bb0 sppsvc - ok
18:19:02.0437 0x2bb0 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
18:19:02.0493 0x2bb0 sppuinotify - ok
18:19:02.0559 0x2bb0 [ B9657A0AFF28C1CB114ACC0CB93EE4BB, 619DE6438827A648566CB6F6407DF30E3BBCE345775B0154D883A48E244A62EE ] sp_rsdrv2 C:\Windows\system32\DRIVERS\stflt.sys
18:19:02.0578 0x2bb0 sp_rsdrv2 - ok
18:19:02.0623 0x2bb0 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
18:19:02.0689 0x2bb0 srv - ok
18:19:02.0738 0x2bb0 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:19:02.0771 0x2bb0 srv2 - ok
18:19:02.0791 0x2bb0 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:19:02.0809 0x2bb0 srvnet - ok
18:19:02.0844 0x2bb0 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:19:02.0894 0x2bb0 SSDPSRV - ok
18:19:02.0952 0x2bb0 [ 0211AB46B73A2623B86C1CFCB30579AB, 7CC9BA2DF7B9EA6BB17EE342898EDD7F54703B93B6DED6A819E83A7EE9F938B4 ] SSPORT C:\Windows\system32\Drivers\SSPORT.sys
18:19:02.0964 0x2bb0 SSPORT - ok
18:19:02.0973 0x2bb0 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:19:03.0033 0x2bb0 SstpSvc - ok
18:19:03.0176 0x2bb0 [ 24543AAF056D3AFCED3F4FF487F53C90, A6755E4180FEA51BA6E310CCC84C9232C8D655ACA6720EA92903353CE5224422 ] ST2012_Svc C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
18:19:03.0217 0x2bb0 ST2012_Svc - ok
18:19:03.0291 0x2bb0 Steam Client Service - ok
18:19:03.0411 0x2bb0 [ 2222073BE0232E70A397B8302293AA9D, C4C5D7D11F88CBB674667371F4A2AF17C530E2E2C855BC5C417EF623C1CF8F65 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
18:19:03.0438 0x2bb0 Stereo Service - ok
18:19:03.0464 0x2bb0 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
18:19:03.0476 0x2bb0 stexstor - ok
18:19:03.0540 0x2bb0 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
18:19:03.0576 0x2bb0 stisvc - ok
18:19:03.0629 0x2bb0 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
18:19:03.0653 0x2bb0 swenum - ok
18:19:03.0708 0x2bb0 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
18:19:03.0761 0x2bb0 swprv - ok
18:19:03.0825 0x2bb0 [ 52EB25BD8AB4E331028C48B178441B36, 72A907F447ADB4EF307A06D2BC1052BB2F3ED0F10DC13391DB8B43665F81FD74 ] sxuptp C:\Windows\system32\DRIVERS\sxuptp.sys
18:19:03.0842 0x2bb0 sxuptp - ok
18:19:03.0966 0x2bb0 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
18:19:04.0039 0x2bb0 SysMain - ok
18:19:04.0091 0x2bb0 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:19:04.0145 0x2bb0 TabletInputService - ok
18:19:04.0172 0x2bb0 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
18:19:04.0228 0x2bb0 TapiSrv - ok
18:19:04.0259 0x2bb0 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
18:19:04.0307 0x2bb0 TBS - ok
18:19:04.0426 0x2bb0 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:19:04.0534 0x2bb0 Tcpip - ok
18:19:04.0935 0x2bb0 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
18:19:04.0995 0x2bb0 TCPIP6 - ok
18:19:05.0057 0x2bb0 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:19:05.0081 0x2bb0 tcpipreg - ok
18:19:05.0164 0x2bb0 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:19:05.0245 0x2bb0 TDPIPE - ok
18:19:05.0295 0x2bb0 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:19:05.0319 0x2bb0 TDTCP - ok
18:19:05.0391 0x2bb0 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:19:05.0463 0x2bb0 tdx - ok
18:19:05.0820 0x2bb0 [ CEB90659C8C8DE208D6841176EEE3FA3, 80568CE5A951E4264D0F74C043D392A89769E4C0885E0C310B34FCEAA6E049EB ] TeamViewer C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
18:19:06.0145 0x2bb0 TeamViewer - ok
18:19:06.0262 0x2bb0 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
18:19:06.0278 0x2bb0 TermDD - ok
18:19:06.0367 0x2bb0 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
18:19:06.0443 0x2bb0 TermService - ok
18:19:06.0527 0x2bb0 [ 42A267904416DBEB1DA0295D9042BF0D, 103AC432247CF9691B48D847D18A72EEE56E8AF058EB11216B238F59E3FA78B1 ] TGCM_ImportWiFiSvc C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe
18:19:06.0552 0x2bb0 TGCM_ImportWiFiSvc - ok
18:19:06.0575 0x2bb0 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
18:19:06.0592 0x2bb0 Themes - ok
18:19:06.0620 0x2bb0 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
18:19:06.0676 0x2bb0 THREADORDER - ok
18:19:06.0701 0x2bb0 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
18:19:06.0741 0x2bb0 TrkWks - ok
18:19:06.0805 0x2bb0 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:19:06.0853 0x2bb0 TrustedInstaller - ok
18:19:06.0901 0x2bb0 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:19:06.0929 0x2bb0 tssecsrv - ok
18:19:06.0997 0x2bb0 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
18:19:07.0076 0x2bb0 TsUsbFlt - ok
18:19:07.0155 0x2bb0 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:19:07.0201 0x2bb0 tunnel - ok
18:19:07.0227 0x2bb0 [ 825E7A1F48FB8BCFBA27C178AAB4E275, 94F039917B52BEFFFE383E14A6169AE81B6E79C30BA7DD017A9CFE15708A1605 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
18:19:07.0237 0x2bb0 TurboB - ok
18:19:07.0309 0x2bb0 [ B206BE1174D5964D49A56BB6C4E0524A, 9D7DA11220B69E2EDEA9E55EC0E4CB554DD7F638ABF49B76353CE5A5C75965B8 ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
18:19:07.0332 0x2bb0 TurboBoost - ok
18:19:07.0361 0x2bb0 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
18:19:07.0374 0x2bb0 uagp35 - ok
18:19:07.0398 0x2bb0 [ A17D5E1A6DF4EAB0A480F2C490DE4C9D, 1EA835F172B6BF3D7F496E079DF1CDF00122B2110C08D61427582BC9405D2B7B ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
18:19:07.0411 0x2bb0 UBHelper - ok
18:19:07.0457 0x2bb0 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:19:07.0521 0x2bb0 udfs - ok
18:19:07.0541 0x2bb0 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:19:07.0576 0x2bb0 UI0Detect - ok
18:19:07.0600 0x2bb0 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:19:07.0613 0x2bb0 uliagpkx - ok
18:19:07.0665 0x2bb0 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
18:19:07.0693 0x2bb0 umbus - ok
18:19:07.0717 0x2bb0 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
18:19:07.0732 0x2bb0 UmPass - ok
18:19:07.0878 0x2bb0 [ 7466809E6DA561D60C2F1CE8EDE3C73F, A3185049282A51B17C3DA839AF7E90F1CD395B2FB5587514EB2D65CB22854E2C ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
18:19:07.0965 0x2bb0 UNS - ok
18:19:08.0035 0x2bb0 [ F9EC9ACD504D823D9B9CA98A4F8D3CA2, 58DAD5111C598F14CB199FE6A61FA5918F29513B778A8664FD05EFAB3C665D4F ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
18:19:08.0061 0x2bb0 Updater Service - ok
18:19:08.0082 0x2bb0 UPDATESRV - ok
18:19:08.0113 0x2bb0 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
18:19:08.0189 0x2bb0 upnphost - ok
18:19:08.0232 0x2bb0 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:19:08.0258 0x2bb0 usbccgp - ok
18:19:08.0314 0x2bb0 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:19:08.0366 0x2bb0 usbcir - ok
18:19:08.0417 0x2bb0 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
18:19:08.0455 0x2bb0 usbehci - ok
18:19:08.0622 0x2bb0 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:19:08.0724 0x2bb0 usbhub - ok
18:19:08.0776 0x2bb0 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
18:19:08.0799 0x2bb0 usbohci - ok
18:19:08.0837 0x2bb0 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
18:19:08.0869 0x2bb0 usbprint - ok
18:19:08.0933 0x2bb0 [ AAA2513C8AED8B54B189FD0C6B1634C0, 02FEE0B756AA559C29477A19861AC16D5A3152DC3C897C7D466423438B6A5E42 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
18:19:08.0961 0x2bb0 usbscan - ok
18:19:09.0018 0x2bb0 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:19:09.0133 0x2bb0 USBSTOR - ok
18:19:09.0182 0x2bb0 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
18:19:09.0234 0x2bb0 usbuhci - ok
18:19:09.0304 0x2bb0 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
18:19:09.0351 0x2bb0 usbvideo - ok
18:19:09.0389 0x2bb0 [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx C:\Windows\system32\drivers\usb8023x.sys
18:19:09.0431 0x2bb0 usb_rndisx - ok
18:19:09.0454 0x2bb0 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
18:19:09.0502 0x2bb0 UxSms - ok
18:19:09.0511 0x2bb0 [ 4C3FAC816925F73A34AD52F1F7C0A7EA, 7E9B4F68E2ADABA3A9324DA16CF680D77CF2812D4BD0BFCFF0173CA61260A3FE ] VaultSvc C:\Windows\system32\lsass.exe
18:19:09.0523 0x2bb0 VaultSvc - ok
18:19:09.0577 0x2bb0 [ 3C8E2C591345F38149C69FE8E5DF8C90, 9F4BB9BDA09CB2E99A6A888B288F322AE5C460B5D124CD714C6F00FF5029144B ] VClone C:\Windows\system32\DRIVERS\VClone.sys
18:19:09.0609 0x2bb0 VClone - ok
18:19:09.0675 0x2bb0 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
18:19:09.0699 0x2bb0 vdrvroot - ok
18:19:09.0769 0x2bb0 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
18:19:09.0831 0x2bb0 vds - ok
18:19:09.0877 0x2bb0 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:19:09.0894 0x2bb0 vga - ok
18:19:09.0914 0x2bb0 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
18:19:09.0971 0x2bb0 VgaSave - ok
18:19:10.0027 0x2bb0 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
18:19:10.0056 0x2bb0 vhdmp - ok
18:19:10.0120 0x2bb0 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
18:19:10.0137 0x2bb0 viaide - ok
18:19:10.0242 0x2bb0 [ 6E021D6DA429AD7288FE8322E2BBA96B, 76168FAADE2803D2215ED5959C5C8FC1885222BAEBDF2950C6CC51798136EE51 ] VMCService C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
18:19:10.0280 0x2bb0 VMCService - detected UnsignedFile.Multi.Generic ( 1 )
18:19:12.0804 0x2bb0 Detect skipped due to KSN trusted
18:19:12.0804 0x2bb0 VMCService - ok
18:19:12.0845 0x2bb0 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:19:12.0861 0x2bb0 volmgr - ok
18:19:12.0921 0x2bb0 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:19:12.0946 0x2bb0 volmgrx - ok
18:19:12.0966 0x2bb0 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:19:12.0985 0x2bb0 volsnap - ok
18:19:13.0011 0x2bb0 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
18:19:13.0026 0x2bb0 vsmraid - ok
18:19:13.0121 0x2bb0 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
18:19:13.0208 0x2bb0 VSS - ok
18:19:13.0227 0x2bb0 VSSERV - ok
18:19:13.0245 0x2bb0 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
18:19:13.0277 0x2bb0 vwifibus - ok
18:19:13.0307 0x2bb0 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
18:19:13.0342 0x2bb0 vwififlt - ok
18:19:13.0375 0x2bb0 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
18:19:13.0410 0x2bb0 vwifimp - ok
18:19:13.0449 0x2bb0 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
18:19:13.0496 0x2bb0 W32Time - ok
18:19:13.0516 0x2bb0 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
18:19:13.0549 0x2bb0 WacomPen - ok
18:19:13.0608 0x2bb0 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
18:19:13.0655 0x2bb0 WANARP - ok
18:19:13.0660 0x2bb0 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:19:13.0695 0x2bb0 Wanarpv6 - ok
18:19:13.0767 0x2bb0 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
18:19:13.0821 0x2bb0 WatAdminSvc - ok
18:19:13.0942 0x2bb0 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
18:19:14.0066 0x2bb0 wbengine - ok
18:19:14.0111 0x2bb0 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
18:19:14.0150 0x2bb0 WbioSrvc - ok
18:19:14.0243 0x2bb0 [ 8BDA6DB43AA54E8BB5E0794541DDC209, 8753C507BE77B019A3403AF5252434A01DB9F9332E58AC3783ABCE3D21AD9DD4 ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
18:19:14.0299 0x2bb0 WcesComm - ok
18:19:14.0357 0x2bb0 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:19:14.0395 0x2bb0 wcncsvc - ok
18:19:14.0426 0x2bb0 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:19:14.0481 0x2bb0 WcsPlugInService - ok
18:19:14.0510 0x2bb0 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
18:19:14.0525 0x2bb0 Wd - ok
18:19:14.0611 0x2bb0 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:19:14.0666 0x2bb0 Wdf01000 - ok
18:19:14.0714 0x2bb0 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:19:14.0787 0x2bb0 WdiServiceHost - ok
18:19:14.0793 0x2bb0 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:19:14.0811 0x2bb0 WdiSystemHost - ok
18:19:14.0914 0x2bb0 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
18:19:15.0000 0x2bb0 WebClient - ok
18:19:15.0052 0x2bb0 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:19:15.0137 0x2bb0 Wecsvc - ok
18:19:15.0174 0x2bb0 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:19:15.0249 0x2bb0 wercplsupport - ok
18:19:15.0278 0x2bb0 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
18:19:15.0374 0x2bb0 WerSvc - ok
18:19:15.0465 0x2bb0 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
18:19:15.0532 0x2bb0 WfpLwf - ok
18:19:15.0575 0x2bb0 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
18:19:15.0597 0x2bb0 WIMMount - ok
18:19:15.0630 0x2bb0 WinDefend - ok
18:19:15.0654 0x2bb0 WinHttpAutoProxySvc - ok
18:19:15.0733 0x2bb0 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:19:15.0810 0x2bb0 Winmgmt - ok
18:19:15.0934 0x2bb0 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
18:19:16.0035 0x2bb0 WinRM - ok
18:19:16.0116 0x2bb0 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
18:19:16.0151 0x2bb0 WinUsb - ok
18:19:16.0205 0x2bb0 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
18:19:16.0267 0x2bb0 Wlansvc - ok
18:19:16.0306 0x2bb0 [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
18:19:16.0317 0x2bb0 wlcrasvc - ok
18:19:16.0456 0x2bb0 [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:19:16.0523 0x2bb0 wlidsvc - ok
18:19:16.0577 0x2bb0 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
18:19:16.0616 0x2bb0 WmiAcpi - ok
18:19:16.0650 0x2bb0 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:19:16.0699 0x2bb0 wmiApSrv - ok
18:19:16.0742 0x2bb0 WMPNetworkSvc - ok
18:19:16.0765 0x2bb0 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:19:16.0807 0x2bb0 WPCSvc - ok
18:19:16.0855 0x2bb0 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:19:16.0904 0x2bb0 WPDBusEnum - ok
18:19:16.0926 0x2bb0 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:19:16.0962 0x2bb0 ws2ifsl - ok
18:19:16.0987 0x2bb0 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
18:19:17.0005 0x2bb0 wscsvc - ok
18:19:17.0008 0x2bb0 WSearch - ok
18:19:17.0166 0x2bb0 [ 0814A74C853F50B354F08F83DDA9F7FB, 0A63BAA8DE451B8C2C71FEF961718E769B9BAC305C76D24048C664CB27D0DF28 ] wuauserv C:\Windows\system32\wuaueng.dll
18:19:17.0264 0x2bb0 wuauserv - ok
18:19:17.0289 0x2bb0 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:19:17.0358 0x2bb0 WudfPf - ok
18:19:17.0395 0x2bb0 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:19:17.0434 0x2bb0 WUDFRd - ok
18:19:17.0475 0x2bb0 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:19:17.0497 0x2bb0 wudfsvc - ok
18:19:17.0539 0x2bb0 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
18:19:17.0570 0x2bb0 WwanSvc - ok
18:19:17.0625 0x2bb0 [ B71F6297627ABF1C9CDA451FF3ABE103, 9C049473A94F3C7024D7E1C0080B3C37731FAF2330FC9B6F808358A6A3EF25E9 ] ZTEusbmdm6k C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
18:19:17.0670 0x2bb0 ZTEusbmdm6k - ok
18:19:17.0709 0x2bb0 [ B71F6297627ABF1C9CDA451FF3ABE103, 9C049473A94F3C7024D7E1C0080B3C37731FAF2330FC9B6F808358A6A3EF25E9 ] ZTEusbnmea C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
18:19:17.0723 0x2bb0 ZTEusbnmea - ok
18:19:17.0765 0x2bb0 [ B71F6297627ABF1C9CDA451FF3ABE103, 9C049473A94F3C7024D7E1C0080B3C37731FAF2330FC9B6F808358A6A3EF25E9 ] ZTEusbser6k C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
18:19:17.0789 0x2bb0 ZTEusbser6k - ok
18:19:17.0809 0x2bb0 ================ Scan global ===============================
18:19:17.0837 0x2bb0 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
18:19:17.0895 0x2bb0 [ EA32F4EA3AE06EDD122FBCD5A489E457, C6E464170121D1714A367CFC80C5EA15D42AD34909039FDB114EAD3B878A47F6 ] C:\Windows\system32\winsrv.dll
18:19:17.0917 0x2bb0 [ EA32F4EA3AE06EDD122FBCD5A489E457, C6E464170121D1714A367CFC80C5EA15D42AD34909039FDB114EAD3B878A47F6 ] C:\Windows\system32\winsrv.dll
18:19:17.0946 0x2bb0 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
18:19:18.0014 0x2bb0 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
18:19:18.0029 0x2bb0 [ Global ] - ok
18:19:18.0030 0x2bb0 ================ Scan MBR ==================================
18:19:18.0049 0x2bb0 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:19:18.0336 0x2bb0 \Device\Harddisk0\DR0 - ok
18:19:18.0337 0x2bb0 ================ Scan VBR ==================================
18:19:18.0344 0x2bb0 [ 75BC719B7E69F5C0A3D1569B1E23FA24 ] \Device\Harddisk0\DR0\Partition1
18:19:18.0382 0x2bb0 \Device\Harddisk0\DR0\Partition1 - ok
18:19:18.0387 0x2bb0 [ 02A3B13F1B891BB2FAF4F1664FA355B3 ] \Device\Harddisk0\DR0\Partition2
18:19:18.0423 0x2bb0 \Device\Harddisk0\DR0\Partition2 - ok
18:19:18.0423 0x2bb0 ================ Scan generic autorun ======================
18:19:18.0803 0x2bb0 [ 8CB8E0C93C5459B45BE1FA628FB0D761, F06830359F11515BA1CA5EC061F5B254E5A4676FBEC8AFAC23B56BB413B7E63F ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
18:19:19.0240 0x2bb0 RtHDVCpl - ok
18:19:19.0252 0x2bb0 ETDWare - ok
18:19:19.0357 0x2bb0 [ 147B96A5AEA8CEF3A34D8E378EAAA9B2, AC60E8184AC0DF277C26617AAD06F13A315B459AE47D9093161FB3DD652195B1 ] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
18:19:19.0410 0x2bb0 Acer ePower Management - ok
18:19:19.0492 0x2bb0 [ 233A10D4B3F6897899112E4EC60F1906, 1F7E768E57064938114DF2EFC5B219EB0D30A7D9E574924E9CED054462505AF0 ] C:\Windows\WindowsMobile\wmdc.exe
18:19:19.0521 0x2bb0 Windows Mobile Device Center - ok
18:19:19.0641 0x2bb0 [ 6B08632F7634F344372B25A507DA7C47, C955BFB0F4601A4D1077119B204785FE4CB975E961D2AEE9C2BFA6EDC27E3CE2 ] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe
18:19:19.0682 0x2bb0 Nvtmru - ok
18:19:19.0788 0x2bb0 [ 05C5CBE5C0C26EFF48AF60639F30F4F5, 29B20E80D0251B488CFAC1576FF9350BB79BDB33667BC5F38DF8B0FB4C7FB17C ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
18:19:19.0865 0x2bb0 NvBackend - ok
18:19:19.0884 0x2bb0 [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
18:19:19.0904 0x2bb0 ShadowPlay - ok
18:19:19.0948 0x2bb0 [ 9ECF375A6E4E74D056F4B54E76D58721, 29C89504C369CC40BC6BEDE965F52736CB01FA70644059392C912FFB35C4ED0A ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
18:19:19.0969 0x2bb0 IAStorIcon - ok
18:19:20.0220 0x2bb0 [ F5281FA7188154C928ED27911B0BA6FD, 6CBF1F4E0D04986EF60A42A8A826FDB9681370EB30DB37958716FBB717757DEA ] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
18:19:20.0345 0x2bb0 BrStsMon00 - detected UnsignedFile.Multi.Generic ( 1 )
18:19:22.0863 0x2bb0 Detect skipped due to KSN trusted
18:19:22.0863 0x2bb0 BrStsMon00 - ok
18:19:22.0971 0x2bb0 [ 9DEF1B844FF294FE5900711764F82B72, 155BC2F63E395D4A20073329044A9D6AB13CCC6CA14DF63B43DE34C5F5ED035F ] C:\Program Files (x86)\BrownyInd\Brother\BrIndicator.exe
18:19:23.0035 0x2bb0 BrStsInd00 - detected UnsignedFile.Multi.Generic ( 1 )
18:19:25.0524 0x2bb0 Detect skipped due to KSN trusted
18:19:25.0524 0x2bb0 BrStsInd00 - ok
18:19:25.0666 0x2bb0 [ 5668994A6AE925189C7D7F03BFE19C66, 269146783422D06BE2BA5D358D22B03339C102D0D5970894625C9C03BFCCB773 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
18:19:25.0712 0x2bb0 avgnt - ok
18:19:25.0782 0x2bb0 [ F5060B034D37EA26D325A4319806E202, D43ACE85421DB29A6B6E8080D838152AB3858F83C2B373731945460E217C7D9F ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
18:19:25.0794 0x2bb0 Avira SystrayStartTrigger - ok
18:19:25.0900 0x2bb0 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
18:19:25.0955 0x2bb0 Sidebar - ok
18:19:25.0982 0x2bb0 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
18:19:26.0007 0x2bb0 mctadmin - ok
18:19:26.0054 0x2bb0 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
18:19:26.0094 0x2bb0 Sidebar - ok
18:19:26.0100 0x2bb0 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
18:19:26.0119 0x2bb0 mctadmin - ok
18:19:26.0276 0x2bb0 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] C:\Users\ObiMobil\AppData\Local\Google\Update\GoogleUpdate.exe
18:19:26.0298 0x2bb0 Google Update - ok
18:19:26.0411 0x2bb0 [ 1E827B1C08007E18424315DDA4756279, ED151A4C669E2F240D2E15DC70F49BCE2A244A4E8060B9E0869E15C15CFC04C6 ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
18:19:26.0439 0x2bb0 GoogleChromeAutoLaunch_37C141540D42E9440C7C9BFC5A699C9B - ok
18:19:26.0440 0x2bb0 NetDrive - ok
18:19:26.0478 0x2bb0 [ 7C6D524C78A1722AD987B9E47AC1FEE2, FFDC6C92ABB547D0DCD2621EC423C755A78079B061A41FA1751A56799D1A79A5 ] C:\Users\ObiMobil\AppData\Local\Dropbox\Update\DropboxUpdate.exe
18:19:26.0489 0x2bb0 Dropbox Update - ok
18:19:26.0669 0x2bb0 [ 781DCED079ABD884DF8CA22B6FA30F05, 392C39D4E26AAE801786EE9A2671FDFFF18991A27046853B13ACA90E4B2D3998 ] C:\Users\ObiMobil\AppData\Roaming\Spotify\SpotifyWebHelper.exe
18:19:26.0754 0x2bb0 Spotify Web Helper - ok
18:19:27.0048 0x2bb0 [ 831EE34C9AE23FE421E642DBA8E46C2A, 18710FB7B41AB3E89582451542527EEFC326AF615EB909EFEBE353AD478B0FF6 ] C:\Users\ObiMobil\AppData\Roaming\Spotify\Spotify.exe
18:19:27.0349 0x2bb0 Spotify - ok
18:19:27.0396 0x2bb0 Skype - ok
18:19:27.0402 0x2bb0 GizmoDriveDelegate - ok
18:19:27.0403 0x2bb0 Waiting for KSN requests completion. In queue: 10
18:19:28.0404 0x2bb0 Waiting for KSN requests completion. In queue: 10
18:19:29.0404 0x2bb0 Waiting for KSN requests completion. In queue: 10
18:19:29.0916 0x1924 Object required for P2P: [ 781DCED079ABD884DF8CA22B6FA30F05 ] C:\Users\ObiMobil\AppData\Roaming\Spotify\SpotifyWebHelper.exe
18:19:30.0404 0x2bb0 Waiting for KSN requests completion. In queue: 2
18:19:31.0404 0x2bb0 Waiting for KSN requests completion. In queue: 2
18:19:32.0404 0x2bb0 Waiting for KSN requests completion. In queue: 2
18:19:32.0456 0x1924 Object send P2P result: true
18:19:32.0456 0x1924 Object required for P2P: [ 831EE34C9AE23FE421E642DBA8E46C2A ] C:\Users\ObiMobil\AppData\Roaming\Spotify\Spotify.exe
18:19:33.0404 0x2bb0 Waiting for KSN requests completion. In queue: 1
18:19:34.0404 0x2bb0 Waiting for KSN requests completion. In queue: 1
18:19:35.0001 0x1924 Object send P2P result: true
18:19:35.0438 0x2bb0 AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.15.106 ), 0x41000 ( enabled : updated )
18:19:35.0524 0x2bb0 Win FW state via NFP2: enabled ( trusted )
18:19:37.0963 0x2bb0 ============================================================
18:19:37.0963 0x2bb0 Scan finished
18:19:37.0963 0x2bb0 ============================================================
18:19:37.0975 0x1244 Detected object count: 0
18:19:37.0976 0x1244 Actual detected object count: 0
Der Prozess svchost.exe verursacht manchmal eine extrem hohe Speicherauslastung (ingesamt quasi 100%), sodass der PC dann quasi nicht mehr zu bedienen ist. Die einzige Lösung ist dann den Dienst wuauserv zu beenden. |
|
06.01.2016, 19:11
| #5 |
| /// TB-Ausbilder | Win7 extrem langsam Servus, Scan mit Combofix
|
|
06.01.2016, 21:53
| #6 |
| | Win7 extrem langsam Here we go... Combofix Logfile: Code:
ATTFilter ComboFix 16-01-07.01 - ObiMobil 06.01.2016 21:13:46.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.3959.1717 [GMT 1:00]
ausgeführt von:: c:\users\ObiMobil\Desktop\ComboFix.exe
AV: Avira Antivirus *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Antivirus *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\programdata\1388761744.bdinstall.bin
c:\programdata\1427800764.bdinstall.bin
c:\users\ObiMobil\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
c:\users\ObiMobil\AppData\Local\TempFullTiltPokerEuSetup.exe
c:\windows\msdownld.tmp
.
.
((((((((((((((((((((((( Dateien erstellt von 2015-12-06 bis 2016-01-06 ))))))))))))))))))))))))))))))
.
.
2016-01-06 20:29 . 2016-01-06 20:29 -------- d-----w- c:\users\Katrin\AppData\Local\temp
2016-01-06 20:29 . 2016-01-06 20:29 -------- d-----w- c:\users\Florian\AppData\Local\temp
2016-01-06 20:29 . 2016-01-06 20:29 -------- d-----w- c:\users\Default\AppData\Local\temp
2016-01-06 01:02 . 2016-01-06 01:11 -------- d-----w- C:\FRST
2016-01-06 00:49 . 2016-01-06 00:49 9479872 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2016-01-03 19:10 . 2016-01-03 19:10 -------- d-----w- c:\program files (x86)\Common Files\Skype
2016-01-03 19:10 . 2016-01-03 19:10 -------- d-----r- c:\program files (x86)\Skype
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2016-01-06 00:51 . 2012-04-15 21:16 796864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2016-01-06 00:51 . 2012-04-15 21:16 142528 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-12-02 12:18 . 2011-02-18 16:18 301728 ------w- c:\windows\system32\MpSigStub.exe
2015-12-01 20:14 . 2015-03-31 11:13 75472 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2015-12-01 20:14 . 2015-03-31 11:13 162072 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2015-12-01 20:14 . 2015-03-31 11:13 140448 ----a-w- c:\windows\system32\drivers\avipbb.sys
2015-11-25 11:02 . 2016-01-06 15:06 11154520 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1044DC0F-0061-4CD9-B957-31B43177FABB}\mpengine.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2015-04-14 15:19 1729752 ----a-w- c:\progra~2\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2015-04-14 15:19 1729752 ----a-w- c:\progra~2\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2015-04-14 15:19 1729752 ----a-w- c:\progra~2\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-05-27 02:40 120176 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GoogleChromeAutoLaunch_37C141540D42E9440C7C9BFC5A699C9B"="c:\program files (x86)\Google\Chrome\Application\chrome.exe" [2015-12-11 741704]
"Dropbox Update"="c:\users\ObiMobil\AppData\Local\Dropbox\Update\DropboxUpdate.exe" [2015-06-13 134512]
"Spotify Web Helper"="c:\users\ObiMobil\AppData\Roaming\Spotify\SpotifyWebHelper.exe" [2015-12-15 2541160]
"Spotify"="c:\users\ObiMobil\AppData\Roaming\Spotify\Spotify.exe" [2015-12-15 7660648]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2015-12-17 50378880]
"GizmoDriveDelegate"="c:\progra~2\GIZMO\GDRIVE.DLL" [2010-12-28 390752]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-04-13 284696]
"BrStsMon00"="c:\program files (x86)\Browny02\Brother\BrStMonW.exe" [2012-12-27 4509184]
"BrStsInd00"="c:\program files (x86)\BrownyInd\Brother\BrIndicator.exe" [2012-12-18 1885184]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2015-12-01 803200]
"Avira SystrayStartTrigger"="c:\program files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe" [2015-11-23 66320]
.
c:\users\ObiMobil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\ObiMobil\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2015-5-5 24952456]
Synology Cloud Station.lnk - c:\program files (x86)\Synology\CloudStation\bin\launcher.exe [2015-5-25 1506736]
.
c:\users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.4.1.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2012-8-13 1199104]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 AntiVirMailService;Avira Email-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\avmailc7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avmailc7.exe [x]
R2 AntiVirWebService;Avira Browser-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 UPDATESRV;Bitdefender Desktop Update Service;c:\program files\Bitdefender\Bitdefender\updatesrv.exe;c:\program files\Bitdefender\Bitdefender\updatesrv.exe [x]
R3 AVerAF35;AVerMedia A835 USB DVB-T;c:\windows\system32\Drivers\AVerAF35.sys;c:\windows\SYSNATIVE\Drivers\AVerAF35.sys [x]
R3 BrYNSvc;BrYNSvc;c:\program files (x86)\Browny02\BrYNSvc.exe;c:\program files (x86)\Browny02\BrYNSvc.exe [x]
R3 cpuz137;cpuz137;c:\program files (x86)\CPUID\PC Wizard 2015\pcwiz_x64.sys;c:\program files (x86)\CPUID\PC Wizard 2015\pcwiz_x64.sys [x]
R3 cxbu0x64;OMNIKEY 3x21;c:\windows\system32\DRIVERS\cxbu0x64.sys;c:\windows\SYSNATIVE\DRIVERS\cxbu0x64.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 massfilter;Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys;c:\windows\SYSNATIVE\drivers\massfilter.sys [x]
R3 massfilter_hs;USB Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter_hs.sys;c:\windows\SYSNATIVE\drivers\massfilter_hs.sys [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec MyWinLocker\x86\MWLService.exe;c:\program files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [x]
R3 NLNdisMP;NLNdisMP;c:\windows\system32\DRIVERS\nlndis.sys;c:\windows\SYSNATIVE\DRIVERS\nlndis.sys [x]
R3 NLNdisPT;NetLimiter Ndis Protocol Service;c:\windows\system32\DRIVERS\nlndis.sys;c:\windows\SYSNATIVE\DRIVERS\nlndis.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 GizmoDrv;Gizmo Device Driver; [x]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDFilter.sys [x]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDNServ.sys [x]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys;c:\windows\SYSNATIVE\DRIVERS\mwlPSDVDisk.sys [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 Avira.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\Launcher\Avira.ServiceHost.exe;c:\program files (x86)\Avira\Launcher\Avira.ServiceHost.exe [x]
S2 avnetflt;avnetflt;c:\windows\system32\DRIVERS\avnetflt.sys;c:\windows\SYSNATIVE\DRIVERS\avnetflt.sys [x]
S2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe;c:\program files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe [x]
S2 Belkin Local Backup Service;Belkin Local Backup Service;c:\program files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe;c:\program files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe [x]
S2 Belkin Network USB Helper;Belkin Network USB Helper;c:\program files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe;c:\program files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe [x]
S2 DRHARD64;DRHARD64;c:\windows\system32\drivers\DRHARD64.sys;c:\windows\SYSNATIVE\drivers\DRHARD64.sys [x]
S2 DRHMSR64;DRHMSR64;c:\windows\system32\drivers\DRHMSR64.sys;c:\windows\SYSNATIVE\drivers\DRHMSR64.sys [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [x]
S2 Gizmo Central;Gizmo Central;c:\program files (x86)\Gizmo\gservice.exe;c:\program files (x86)\Gizmo\gservice.exe [x]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe;c:\program files (x86)\Acer\Registration\GREGsvc.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 sp_rsdrv2;Spyware Terminator Driver Filter;c:\windows\system32\DRIVERS\stflt.sys;c:\windows\SYSNATIVE\DRIVERS\stflt.sys [x]
S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys;c:\windows\SYSNATIVE\Drivers\SSPORT.sys [x]
S2 ST2012_Svc;Spyware Terminator 2012 Realtime Shield Service;c:\program files (x86)\Spyware Terminator\st_rsser64.exe;c:\program files (x86)\Spyware Terminator\st_rsser64.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 sxuptp;SXUPTP Driver;c:\windows\system32\DRIVERS\sxuptp.sys;c:\windows\SYSNATIVE\DRIVERS\sxuptp.sys [x]
S2 TGCM_ImportWiFiSvc;TGCM_ImportWiFiSvc;c:\program files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe;c:\program files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe;c:\program files\Acer\Acer Updater\UpdaterService.exe [x]
S2 VMCService;Vodafone Mobile Connect Service;c:\program files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe;c:\program files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [x]
S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe;c:\program files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
S3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-12-16 23:08 1000264 ----a-w- c:\program files (x86)\Google\Chrome\Application\47.0.2526.106\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2016-01-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-15 00:51]
.
2016-01-06 c:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3542069035-4146575090-2512792040-1000Core.job
- c:\users\ObiMobil\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-13 08:09]
.
2016-01-06 c:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3542069035-4146575090-2512792040-1000UA.job
- c:\users\ObiMobil\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-13 08:09]
.
2016-01-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-12-22 18:59]
.
2016-01-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-12-22 18:59]
.
2015-12-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3542069035-4146575090-2512792040-1000Core.job
- c:\users\ObiMobil\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-09 18:23]
.
2015-12-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3542069035-4146575090-2512792040-1000UA.job
- c:\users\ObiMobil\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-09 18:23]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2015-04-14 15:14 2334936 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2015-04-14 15:14 2334936 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2015-04-14 15:14 2334936 ----a-w- c:\progra~1\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-12-08 21:33 236352 ----a-w- c:\users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-12-08 21:33 236352 ----a-w- c:\users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-12-08 21:33 236352 ----a-w- c:\users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-12-08 21:33 236352 ----a-w- c:\users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-12-08 21:33 236352 ----a-w- c:\users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-12-08 21:33 236352 ----a-w- c:\users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-12-08 21:33 236352 ----a-w- c:\users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-12-08 21:33 236352 ----a-w- c:\users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\01UnsuppModule]
@="{AEB16659-2125-4ADA-A4AB-45EE21E86469}"
[HKEY_CLASSES_ROOT\CLSID\{AEB16659-2125-4ADA-A4AB-45EE21E86469}]
2015-12-15 19:20 2594304 ----a-w- c:\users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\02SyncingModule]
@="{48AB5ADA-36B1-4137-99C9-2BD97F8788AB}"
[HKEY_CLASSES_ROOT\CLSID\{48AB5ADA-36B1-4137-99C9-2BD97F8788AB}]
2015-12-15 19:20 2594304 ----a-w- c:\users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\03SyncedModule]
@="{472CE1AD-5D53-4BCF-A1FB-3982A5F55138}"
[HKEY_CLASSES_ROOT\CLSID\{472CE1AD-5D53-4BCF-A1FB-3982A5F55138}]
2015-12-15 19:20 2594304 ----a-w- c:\users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\04ReadOnlyModule]
@="{A433C3E0-8B24-40EB-93C3-4B10D9959F58}"
[HKEY_CLASSES_ROOT\CLSID\{A433C3E0-8B24-40EB-93C3-4B10D9959F58}]
2015-12-15 19:20 2594304 ----a-w- c:\users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\05NoPermModule]
@="{C701AD67-3DF0-47C9-89CB-DFA6207BE229}"
[HKEY_CLASSES_ROOT\CLSID\{C701AD67-3DF0-47C9-89CB-DFA6207BE229}]
2015-12-15 19:20 2594304 ----a-w- c:\users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-12-08 21:33 236352 ----a-w- c:\users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-12-08 21:33 236352 ----a-w- c:\users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-12-08 21:33 236352 ----a-w- c:\users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-12-08 21:33 236352 ----a-w- c:\users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-05-27 02:42 137584 ----a-w- c:\program files (x86)\EgisTec MyWinLocker\x64\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-06-22 10920552]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-06-11 861216]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-05-16 1012000]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2013-12-10 2279712]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2013-12-10 1100248]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = about:blank
uLocal Page = c:\windows\system32\blank.htm
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: An OneNote s&enden - c:\progra~2\MICROS~2\Office15\ONBttnIE.dll/105
IE: Free YouTube to MP3 Converter - c:\users\ObiMobil\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~2\Office15\EXCEL.EXE/3000
IE: {{d8f67242-b229-4065-95fa-391b077ed6ca} - {d8f67242-b229-4065-95fa-391b077ed6ca} - mscoree.dll
TCP: DhcpNameServer = 192.168.1.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
Handler: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - c:\windows\System32\mscoree.dll
FF - ProfilePath - c:\users\ObiMobil\AppData\Roaming\Mozilla\Firefox\Profiles\vairnhic.default\
FF - prefs.js: browser.search.selectedEngine - Ask.com
FF - prefs.js: browser.startup.homepage - hxxp://search.avira.com/?l=dis&o=APN10261&gct=hp&dc=EU&locale=de_DE
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-NetDrive - c:\program files\NetDrive\netdrive.exe
Wow6432Node-HKU-Default-Run-Bitdefender-Geldbörse-Agent - c:\program files\Bitdefender\Bitdefender\pmbxag.exe
Wow6432Node-HKU-Default-Run-Bitdefender-Geldbörse - c:\program files\Bitdefender\Bitdefender\pwdmanui.exe
Wow6432Node-HKU-Default-Run-Bitdefender-Geldbörse-Anwendungs-Agent - c:\program files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
HKLM-Run-ETDWare - c:\program files (x86)\Elantech\ETDCtrl.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-3542069035-4146575090-2512792040-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (S-1-5-21-3542069035-4146575090-2512792040-1000)
@Denied: (2) (LocalSystem)
"Progid"="ThunderbirdEML"
.
[HKEY_USERS\S-1-5-21-3542069035-4146575090-2512792040-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_20_0_0_270_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_20_0_0_270_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_20_0_0_270_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_20_0_0_270_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_270.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.20"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_270.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_270.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_20_0_0_270.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\TeamViewer\TeamViewer_Service.exe
c:\program files (x86)\Avira\Launcher\Avira.Systray.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2016-01-06 21:46:56 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2016-01-06 20:46
.
Vor Suchlauf: 23 Verzeichnis(se), 53.299.572.736 Bytes frei
Nach Suchlauf: 29 Verzeichnis(se), 56.354.373.632 Bytes frei
.
- - End Of File - - 837839D92B7078D2EE6A32A22D695E49
|
|
07.01.2016, 13:43
| #7 |
| /// TB-Ausbilder | Win7 extrem langsam Schritt 1 Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 2 Downloade Dir bitte  Malwarebytes Anti-Malware
Schritt 3 Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Schritt 4
Bitte poste mit deiner nächsten Antwort
|
|
07.01.2016, 19:17
| #8 |
| | Win7 extrem langsam Hier die Logs: AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v5.028 - Bericht erstellt am 07/01/2016 um 16:05:41
# Aktualisiert am 04/01/2016 von Xplode
# Datenbank : 2016-01-04.2 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : ObiMobil - OBIMOBIL-PC
# Gestartet von : C:\Users\ObiMobil\Desktop\AdwCleaner_5.028.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
[-] Dienst Gelöscht : sp_rsdrv2
***** [ Ordner ] *****
[-] Ordner Gelöscht : C:\ProgramData\Partner
[-] Ordner Gelöscht : C:\Users\ObiMobil\AppData\Local\apn
[-] Ordner Gelöscht : C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Extensions\chphlpgkkbolifaimnlloiipkdnihall
[#] Ordner Gelöscht : C:\Windows\SysNative\Tasks\BrowserProtect
[-] Ordner Gelöscht : C:\Windows\SysWOW64\BrowserProtect
***** [ Dateien ] *****
[-] Datei Gelöscht : C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_chphlpgkkbolifaimnlloiipkdnihall_0.localstorage
[-] Datei Gelöscht : C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_chphlpgkkbolifaimnlloiipkdnihall_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\local storage\hxxp_www.azlyrics.com_0.localstorage
[-] Datei Gelöscht : C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\local storage\hxxp_www.azlyrics.com_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\local storage\hxxp_www.metrolyrics.com_0.localstorage
[-] Datei Gelöscht : C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\local storage\hxxp_www.metrolyrics.com_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_de.reimageplus.com_0.localstorage
[-] Datei Gelöscht : C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_de.reimageplus.com_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_en.softonic.com_0.localstorage
[-] Datei Gelöscht : C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_en.softonic.com_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_mmotraffic.com_0.localstorage
[-] Datei Gelöscht : C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_mmotraffic.com_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_primeshare.tv_0.localstorage
[-] Datei Gelöscht : C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_primeshare.tv_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
[-] Datei Gelöscht : C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.movshare.net_0.localstorage
[-] Datei Gelöscht : C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.movshare.net_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.softonic.de_0.localstorage
[-] Datei Gelöscht : C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.softonic.de_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.tradeadexchange.com_0.localstorage
[-] Datei Gelöscht : C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.tradeadexchange.com_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.veoh.com_0.localstorage
[-] Datei Gelöscht : C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.veoh.com_0.localstorage-journal
***** [ DLLs ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
[-] Geplante Aufgabe Gelöscht : BrowserProtect
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
[-] Schlüssel Gelöscht : HKCU\Software\f6d68ab768ea40
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\f6d68ab768ea40
[-] Schlüssel Gelöscht : HKCU\Software\OCS
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Babylon
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EE770228-9073-418C-A205-A8240727B4F1}
[-] Daten Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com
***** [ Internetbrowser ] *****
[-] [C:\Users\ObiMobil\AppData\Roaming\Mozilla\Firefox\Profiles\vairnhic.default\prefs.js] [Preference] Gelöscht : user_pref("browser.search.order.1", "Ask.com");
[-] [C:\Users\ObiMobil\AppData\Roaming\Mozilla\Firefox\Profiles\vairnhic.default\prefs.js] [Preference] Gelöscht : user_pref("browser.search.selectedEngine", "Ask.com");
[-] [C:\Users\ObiMobil\AppData\Roaming\Mozilla\Firefox\Profiles\vairnhic.default\prefs.js] [Preference] Gelöscht : user_pref("browser.startup.homepage", "hxxp://search.avira.com/?l=dis&o=APN10261&gct=hp&dc=EU&locale=de_DE");
[-] [C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : chphlpgkkbolifaimnlloiipkdnihall
*************************
:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [6367 Bytes] ##########
[/CODE] Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 07.01.2016 Suchlaufzeit: 16:17 Protokolldatei: mbam.txt Administrator: Ja Version: 2.2.0.1024 Malware-Datenbank: v2016.01.07.03 Rootkit-Datenbank: v2016.01.05.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: ObiMobil Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 514214 Abgelaufene Zeit: 1 Std., 22 Min., 37 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 2 Adware.Hicosmea, HKCU\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{3050F406-98B5-11CF-BB82-00AA00BDCE0B}, In Quarantäne, [e7e83402f9a0d75f6f6600c3c73b42be], Adware.Hicosmea, HKCU\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{33C53A50-F456-4884-B049-85FD643ECFED}, In Quarantäne, [01ce35016a2fe3538650269df012916f], Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 2 PUP.Optional.AdNetworkPerformance, C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.adnetworkperformance.com_0.localstorage, In Quarantäne, [656a0f273d5c8fa73a238a9442c24cb4], PUP.Optional.AdNetworkPerformance, C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.adnetworkperformance.com_0.localstorage-journal, In Quarantäne, [309f082e6b2eac8ac49933eba361cd33], Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.1 (11.24.2015)
Operating System: Windows 7 Home Premium x64
Ran by ObiMobil (Administrator) on 07.01.2016 at 18:33:39,74
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 19
Successfully deleted: C:\Users\ObiMobil\AppData\Local\{176D2CEC-C706-4A01-9DA1-F03DB9F112C5} (Empty Folder)
Successfully deleted: C:\Users\ObiMobil\AppData\Local\{208AD1B4-3287-47A5-AB4E-5C3FCFB66302} (Empty Folder)
Successfully deleted: C:\Users\ObiMobil\AppData\Local\{279CD635-46D6-41B7-9F3A-DE2AFB312AD1} (Empty Folder)
Successfully deleted: C:\Users\ObiMobil\AppData\Local\{455E355A-DBD3-4422-AB5A-8B52FE404241} (Empty Folder)
Successfully deleted: C:\Users\ObiMobil\AppData\Local\{4FA92B9B-1AD9-4AD6-A397-C1873324D733} (Empty Folder)
Successfully deleted: C:\Users\ObiMobil\AppData\Local\{C5002CDE-E785-424B-ACA9-C0A3CE46FDD4} (Empty Folder)
Successfully deleted: C:\Users\ObiMobil\AppData\Local\{F0B1A5CB-BEFE-4766-B5A3-F25A918EBB21} (Empty Folder)
Successfully deleted: C:\Users\ObiMobil\AppData\Local\crashrpt (Folder)
Successfully deleted: C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_services.hearstmags.com_0.localstorage-journal (File)
Successfully deleted: C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_services.hearstmags.com_0.localstorage (File)
Successfully deleted: C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage-journal (File)
Successfully deleted: C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage (File)
Successfully deleted: C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.williamhill.com_0.localstorage-journal (File)
Successfully deleted: C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.williamhill.com_0.localstorage (File)
Successfully deleted: C:\Users\ObiMobil\AppData\Roaming\MarketSamurai (Folder)
Successfully deleted: C:\Users\ObiMobil\AppData\Roaming\MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1 (Folder)
Successfully deleted: C:\Windows\wininit.ini (File)
Successfully deleted: C:\Windows\SysWOW64\sho52E2.tmp (File)
Successfully deleted: C:\Windows\SysWOW64\shoA57E.tmp (File)
Registry: 3
Successfully deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_37C141540D42E9440C7C9BFC5A699C9B (Registry Value)
Successfully deleted: HKLM\SYSTEM\CurrentControlSet\services\sp_rsdrv2 (Registry Key)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4b71-B0A3-3D82E62A6909} (Registry Key)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 07.01.2016 at 18:38:57,20
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:31-12-2015
durchgeführt von ObiMobil (Administrator) auf OBIMOBIL-PC (07-01-2016 19:11:10)
Gestartet von C:\Users\ObiMobil\Desktop
Geladene Profile: ObiMobil & (Verfügbare Profile: ObiMobil)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
() C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe
() C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
(Arainia Solutions) C:\Program Files (x86)\Gizmo\gservice.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Crawler.com) C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Telefónica) C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe
(Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10920552 2010-06-22] (Realtek Semiconductor)
HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [649608 2010-04-13] (ELAN Microelectronic Corp.)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [861216 2010-06-11] (Acer Incorporated)
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1012000 2013-05-16] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-04-13] (Intel Corporation)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4509184 2012-12-27] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsInd00] => C:\Program Files (x86)\BrownyInd\Brother\BrIndicator.exe [1885184 2012-12-18] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [803200 2015-12-01] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-11-23] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-3542069035-4146575090-2512792040-1000\...\Run: [Dropbox Update] => C:\Users\ObiMobil\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-13] (Dropbox, Inc.)
HKU\S-1-5-21-3542069035-4146575090-2512792040-1000\...\Run: [Spotify Web Helper] => C:\Users\ObiMobil\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2346096 2016-01-07] (Spotify Ltd)
HKU\S-1-5-21-3542069035-4146575090-2512792040-1000\...\Run: [Spotify] => C:\Users\ObiMobil\AppData\Roaming\Spotify\Spotify.exe [8387696 2016-01-07] (Spotify Ltd)
HKU\S-1-5-21-3542069035-4146575090-2512792040-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50378880 2015-12-17] (Skype Technologies S.A.)
HKU\S-1-5-21-3542069035-4146575090-2512792040-1000\...\Run: [GizmoDriveDelegate] => RUNDLL32.EXE C:\PROGRA~2\GIZMO\GDRIVE.DLL,Remount_Startup_Images
HKU\S-1-5-21-3542069035-4146575090-2512792040-1000\...\Run: [GoogleChromeAutoLaunch_37C141540D42E9440C7C9BFC5A699C9B] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [741704 2015-12-11] (Google Inc.)
HKU\S-1-5-21-3542069035-4146575090-2512792040-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GoogleChromeAutoLaunch_37C141540D42E9440C7C9BFC5A699C9B] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [741704 2015-12-11] (Google Inc.)
HKU\S-1-5-21-3542069035-4146575090-2512792040-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Dropbox Update] => C:\Users\ObiMobil\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-13] (Dropbox, Inc.)
HKU\S-1-5-21-3542069035-4146575090-2512792040-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify Web Helper] => C:\Users\ObiMobil\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2346096 2016-01-07] (Spotify Ltd)
HKU\S-1-5-21-3542069035-4146575090-2512792040-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify] => C:\Users\ObiMobil\AppData\Roaming\Spotify\Spotify.exe [8387696 2016-01-07] (Spotify Ltd)
HKU\S-1-5-21-3542069035-4146575090-2512792040-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50378880 2015-12-17] (Skype Technologies S.A.)
HKU\S-1-5-21-3542069035-4146575090-2512792040-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GizmoDriveDelegate] => RUNDLL32.EXE C:\PROGRA~2\GIZMO\GDRIVE.DLL,Remount_Startup_Images
HKU\S-1-5-21-3542069035-4146575090-2512792040-1006\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\System32\Acer.scr [453152 2009-12-24] ()
HKU\S-1-5-21-3542069035-4146575090-2512792040-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\System32\Acer.scr [453152 2009-12-24] ()
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [01UnsuppModule] -> {AEB16659-2125-4ADA-A4AB-45EE21E86469} => C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2015-12-15] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [02SyncingModule] -> {48AB5ADA-36B1-4137-99C9-2BD97F8788AB} => C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2015-12-15] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [03SyncedModule] -> {472CE1AD-5D53-4BCF-A1FB-3982A5F55138} => C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2015-12-15] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [04ReadOnlyModule] -> {A433C3E0-8B24-40EB-93C3-4B10D9959F58} => C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2015-12-15] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [05NoPermModule] -> {C701AD67-3DF0-47C9-89CB-DFA6207BE229} => C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2015-12-15] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec MyWinLocker\x64\psdprotect.dll [2010-05-27] (Egis Technology Inc.)
ShellIconOverlayIdentifiers-x32: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll [2011-06-13] (hxxp://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec MyWinLocker\x86\psdprotect.dll [2010-05-27] (Egis Technology Inc.)
Startup: C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk [2014-06-24]
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\ObiMobil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-12-10]
ShortcutTarget: Dropbox.lnk -> C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\ObiMobil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Synology Cloud Station.lnk [2016-01-07]
ShortcutTarget: Synology Cloud Station.lnk -> C:\Program Files (x86)\Synology\CloudStation\bin\launcher.exe (Synology Inc.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8236A716-D9CA-4035-BE12-FFBB4D10582A}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{FBE8EDFF-40B4-4F01-B66D-8CE039DB5E4E}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
HKU\S-1-5-21-3542069035-4146575090-2512792040-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-3542069035-4146575090-2512792040-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3542069035-4146575090-2512792040-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3542069035-4146575090-2512792040-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3542069035-4146575090-2512792040-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3542069035-4146575090-2512792040-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM-x32 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE411
SearchScopes: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE411
BHO: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-04-22] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-20] (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-04-22] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-04-01] (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10] (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-20] (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-21] (Microsoft Corporation)
BHO-x32: AviraBrowserSafety.BrowserSafety -> {c3c77255-42c0-499f-b664-6e981a0b1647} -> C:\Windows\SysWOW64\mscoree.dll [2010-11-05] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-04-01] (Oracle Corporation)
Toolbar: HKLM - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-20] (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-20] (Google Inc.)
Toolbar: HKU\.DEFAULT -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-20] (Google Inc.)
Toolbar: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-20] (Google Inc.)
Toolbar: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-20] (Google Inc.)
Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\Windows\SysWOW64\mscoree.dll [2010-11-05] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\ObiMobil\AppData\Roaming\Mozilla\Firefox\Profiles\vairnhic.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll [2016-01-06] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll [2016-01-06] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-04-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-04-01] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2013-10-17] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-06-21] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-06-21] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2012-10-03] (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3542069035-4146575090-2512792040-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\ObiMobil\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-3542069035-4146575090-2512792040-1000: @talk.google.com/O1DPlugin -> C:\Users\ObiMobil\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-3542069035-4146575090-2512792040-1000: @tools.google.com/Google Update;version=3 -> C:\Users\ObiMobil\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin HKU\S-1-5-21-3542069035-4146575090-2512792040-1000: @tools.google.com/Google Update;version=9 -> C:\Users\ObiMobil\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin HKU\S-1-5-21-3542069035-4146575090-2512792040-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\ObiMobil\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-11-25] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3542069035-4146575090-2512792040-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2012-10-03] (Pando Networks)
FF Plugin HKU\S-1-5-21-3542069035-4146575090-2512792040-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @talk.google.com/GoogleTalkPlugin -> C:\Users\ObiMobil\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-3542069035-4146575090-2512792040-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @talk.google.com/O1DPlugin -> C:\Users\ObiMobil\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-3542069035-4146575090-2512792040-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @tools.google.com/Google Update;version=3 -> C:\Users\ObiMobil\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin HKU\S-1-5-21-3542069035-4146575090-2512792040-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @tools.google.com/Google Update;version=9 -> C:\Users\ObiMobil\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin HKU\S-1-5-21-3542069035-4146575090-2512792040-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\ObiMobil\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-11-25] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3542069035-4146575090-2512792040-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2012-10-03] (Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2013-10-17] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\ObiMobil\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\ObiMobil\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Extension: Avira Browser Safety - C:\Users\ObiMobil\AppData\Roaming\Mozilla\Firefox\Profiles\vairnhic.default\Extensions\abs@avira.com [2016-01-05]
FF Extension: Firebug - C:\Users\ObiMobil\AppData\Roaming\Mozilla\Firefox\Profiles\vairnhic.default\Extensions\firebug@software.joehewitt.com.xpi [2015-10-30]
Chrome:
=======
CHR HomePage: Default -> hxxp://google.de/
CHR StartupUrls: Default -> "file:///C:/Users/ObiMobil/Downloads/akkordeon-johannschill/index.html"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.79\PepperFlash\pepflashplayer.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_278.dll => Keine Datei
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\ppGoogleNaClPluginChrome.dll => Keine Datei
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\pdf.dll => Keine Datei
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll => Keine Datei
CHR Plugin: (Google Talk Plugin) - C:\Users\ObiMobil\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\ObiMobil\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll => Keine Datei
CHR Plugin: (AmazonMP3DownloaderPlugin) - C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll => Keine Datei
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll => Keine Datei
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll => Keine Datei
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll => Keine Datei
CHR Profile: C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Awesome Screenshot: Screen capture, Annotate) - C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Extensions\alelhddbbhepgpmgidjdcjakblofbmce [2015-05-04]
CHR Extension: (Web Developer) - C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbameneiokkgbdmiekhjnmfkcnldhhm [2015-07-21]
CHR Extension: (YouTube) - C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-28]
CHR Extension: (FTP Editor) - C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Extensions\caljonifjecojdgoejokjfdffgpgliic [2013-01-07]
CHR Extension: (Google-Suche) - C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-04]
CHR Extension: (SEO SERP Workbench) - C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehbgolklgacemnfnmkkpgekngaaggjjl [2014-01-10]
CHR Extension: (ZenMate Security, Privacy & Unblock VPN) - C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2015-11-18]
CHR Extension: (Springpad) - C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkmopoamfjnmppabeaphohombnjcjgla [2013-11-01]
CHR Extension: (feedly) - C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob [2014-09-02]
CHR Extension: (Screenleap) - C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Extensions\hpcipbhehomfgjbgnajdhiahhdeeffbg [2015-11-18]
CHR Extension: (ModHeader) - C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Extensions\idgpnmonknjnojddfkpgkljpfnnfcklj [2015-09-10]
CHR Extension: (Codey) - C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbalghnpcjmlpmmocijdfoghihgocakd [2013-01-07]
CHR Extension: (Erfassen Webseite Screenshot - FireShot) - C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2015-12-15]
CHR Extension: (Save to Pocket) - C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2015-11-04]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-29]
CHR Extension: (Mixmax: Free Unlimited Email Tracking & more) - C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocpljaamllnldhepankaeljmeeeghnid [2015-11-04]
CHR Extension: (Google Mail) - C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-31]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [948392 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1418560 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [249624 2015-11-23] (Avira Operations GmbH & Co. KG)
R2 Belkin Local Backup Service; C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe [181760 2010-02-17] () [Datei ist nicht signiert]
R2 Belkin Network USB Helper; C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe [55296 2010-02-09] () [Datei ist nicht signiert]
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 EPSON_EB_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE [163840 2007-12-17] (SEIKO EPSON CORPORATION) [Datei ist nicht signiert]
R2 EPSON_PM_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE [126464 2007-01-11] (SEIKO EPSON CORPORATION) [Datei ist nicht signiert]
R2 Gizmo Central; C:\Program Files (x86)\Gizmo\gservice.exe [31856 2010-12-28] (Arainia Solutions) [Datei ist nicht signiert]
S3 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-05-27] (Egis Technology Inc.)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-10] (NVIDIA Corporation)
R2 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [1149104 2013-04-03] (Crawler.com)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5491984 2015-05-13] (TeamViewer GmbH)
R2 TGCM_ImportWiFiSvc; C:\Program Files (x86)\o2\Mobile Connection Manager\ImpWiFiSvc.exe [201344 2012-01-10] (Telefónica)
R2 VMCService; C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [14336 2008-07-04] (Vodafone) [Datei ist nicht signiert]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 UPDATESRV; "C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe" /service [X]
S4 VSSERV; "C:\Program Files\Bitdefender\Bitdefender\vsserv.exe" /service [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 AVerAF35; C:\Windows\System32\Drivers\AVerAF35.sys [677632 2010-03-16] (AVerMedia TECHNOLOGIES, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162072 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [140448 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-03-17] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [75472 2015-12-01] (Avira Operations GmbH & Co. KG)
S3 cpuz137; C:\Program Files (x86)\CPUID\PC Wizard 2015\pcwiz_x64.sys [26856 2014-02-17] (CPUID)
S3 cxbu0x64; C:\Windows\System32\DRIVERS\cxbu0x64.sys [173952 2010-01-25] (HID Global Corporation)
R2 DRHARD64; C:\Windows\system32\drivers\DRHARD64.sys [21984 2011-11-03] (Licensed for Gebhard Software)
R2 DRHARD64; C:\Windows\SysWOW64\drivers\DRHARD64.sys [21984 2011-11-03] (Licensed for Gebhard Software)
R2 DRHMSR64; C:\Windows\system32\drivers\DRHMSR64.sys [14760 2011-12-06] ()
R2 DRHMSR64; C:\Windows\SysWOW64\drivers\DRHMSR64.sys [14760 2011-12-06] ()
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 GizmoDrv; C:\Windows\System32\Drivers\GizmoDrv.sys [32840 2010-12-28] (Arainia Solutions LLC)
S3 massfilter_hs; C:\Windows\System32\drivers\massfilter_hs.sys [12800 2010-10-15] (ZTE Incorporated)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)
R2 sxuptp; C:\Windows\System32\DRIVERS\sxuptp.sys [291352 2009-06-22] (silex technology, Inc.)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 NLNdisMP; system32\DRIVERS\nlndis.sys [X]
S3 NLNdisPT; system32\DRIVERS\nlndis.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-01-07 19:11 - 2016-01-07 19:11 - 00042309 _____ C:\Users\ObiMobil\Desktop\FRST.txt
2016-01-07 18:38 - 2016-01-07 18:38 - 00003097 _____ C:\Users\ObiMobil\Desktop\JRT.txt
2016-01-07 18:32 - 2016-01-07 18:32 - 01599336 _____ (Malwarebytes) C:\Users\ObiMobil\Desktop\JRT.exe
2016-01-07 18:31 - 2016-01-07 18:32 - 01599336 _____ (Malwarebytes) C:\Users\ObiMobil\Downloads\JRT.exe
2016-01-07 18:27 - 2016-01-07 18:27 - 00001887 _____ C:\Users\ObiMobil\Desktop\mbam.txt
2016-01-07 16:16 - 2016-01-07 16:17 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-01-07 16:16 - 2016-01-07 16:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2016-01-07 16:15 - 2016-01-07 16:16 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2016-01-07 16:15 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-01-07 16:15 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-01-07 16:15 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-01-07 16:13 - 2016-01-07 16:14 - 22908888 _____ (Malwarebytes ) C:\Users\ObiMobil\Downloads\mbam-setup-2.2.0.1024.exe
2016-01-07 15:50 - 2016-01-07 16:05 - 00000000 ____D C:\AdwCleaner
2016-01-07 15:46 - 2016-01-07 15:46 - 01749504 _____ C:\Users\ObiMobil\Desktop\AdwCleaner_5.028.exe
2016-01-06 23:34 - 2016-01-06 23:34 - 00000000 ____D C:\Users\ObiMobil\AppData\Roaming\Sublime Text 3
2016-01-06 23:34 - 2016-01-06 23:34 - 00000000 ____D C:\Users\ObiMobil\AppData\Local\Sublime Text 3
2016-01-06 23:33 - 2016-01-06 23:37 - 00000000 ____D C:\Program Files\Sublime Text 3
2016-01-06 23:33 - 2016-01-06 23:33 - 00000890 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sublime Text 3.lnk
2016-01-06 23:32 - 2016-01-06 23:32 - 08064616 _____ (Sublime HQ Pty Ltd ) C:\Users\ObiMobil\Downloads\Sublime Text Build 3083 x64 Setup.exe
2016-01-06 21:46 - 2016-01-06 21:46 - 00041010 _____ C:\ComboFix.txt
2016-01-06 21:10 - 2016-01-06 21:47 - 00000000 ____D C:\Qoobox
2016-01-06 21:10 - 2016-01-06 21:47 - 00000000 ____D C:\ComboFix
2016-01-06 21:10 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2016-01-06 21:10 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2016-01-06 21:10 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2016-01-06 21:10 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2016-01-06 21:10 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2016-01-06 21:10 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2016-01-06 21:10 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2016-01-06 21:10 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2016-01-06 21:08 - 2016-01-06 21:44 - 00000000 ____D C:\Windows\erdnt
2016-01-06 21:02 - 2016-01-06 21:06 - 05646860 ____R (Swearware) C:\Users\ObiMobil\Desktop\ComboFix.exe
2016-01-06 21:02 - 2016-01-06 21:06 - 05646860 _____ (Swearware) C:\Users\ObiMobil\Downloads\ComboFix (1).exe
2016-01-06 18:17 - 2016-01-06 21:03 - 00229046 _____ C:\TDSSKiller.3.1.0.9_06.01.2016_18.17.09_log.txt
2016-01-06 18:16 - 2016-01-06 18:16 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\ObiMobil\Desktop\tdsskiller.exe
2016-01-06 15:37 - 2016-01-07 03:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-01-06 02:02 - 2016-01-07 19:11 - 00000000 ____D C:\FRST
2016-01-06 02:00 - 2016-01-06 02:00 - 02370560 _____ (Farbar) C:\Users\ObiMobil\Desktop\FRST64.exe
2016-01-06 01:49 - 2016-01-06 01:49 - 09479872 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2016-01-03 20:10 - 2016-01-03 20:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-01-03 20:10 - 2016-01-03 20:10 - 00002699 _____ C:\Users\Public\Desktop\Skype.lnk
2016-01-03 20:10 - 2016-01-03 20:10 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-12-17 20:09 - 2015-12-17 20:09 - 03012606 _____ C:\Users\ObiMobil\Downloads\marketing_master_list_15-12-15.xlsx
2015-12-17 20:05 - 2015-12-17 20:05 - 20737480 _____ C:\Users\ObiMobil\Downloads\Präsentation1.pptx
2015-12-10 00:42 - 2015-12-10 00:42 - 00000000 ____D C:\Users\ObiMobil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-01-07 18:55 - 2010-12-22 18:48 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-07 18:53 - 2012-04-15 22:16 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-01-07 18:52 - 2015-06-13 09:09 - 00001236 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3542069035-4146575090-2512792040-1000UA.job
2016-01-07 18:35 - 2007-07-12 02:48 - 00000000 ____D C:\Windows
2016-01-07 18:24 - 2010-12-27 19:49 - 00000000 ____D C:\Users\ObiMobil\AppData\Roaming\Skype
2016-01-07 16:48 - 2013-01-07 22:21 - 00000000 ____D C:\Users\ObiMobil\AppData\Roaming\FileZilla
2016-01-07 16:25 - 2009-07-14 05:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-07 16:25 - 2009-07-14 05:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-07 16:18 - 2013-10-10 16:12 - 00000000 ____D C:\Users\ObiMobil\AppData\Roaming\Spotify
2016-01-07 16:16 - 2010-09-18 20:37 - 02683128 _____ C:\Windows\system32\perfh007.dat
2016-01-07 16:16 - 2010-09-18 20:37 - 00790028 _____ C:\Windows\system32\perfc007.dat
2016-01-07 16:16 - 2009-07-14 06:13 - 00006540 _____ C:\Windows\system32\PerfStringBackup.INI
2016-01-07 16:15 - 2015-04-07 12:00 - 00000000 ___RD C:\Users\ObiMobil\Dropbox
2016-01-07 16:14 - 2013-10-10 16:13 - 00000000 ____D C:\Users\ObiMobil\AppData\Local\Spotify
2016-01-07 16:14 - 2012-10-15 19:56 - 00000000 ____D C:\Users\ObiMobil\AppData\Roaming\Dropbox
2016-01-07 16:10 - 2010-12-22 18:48 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-07 16:08 - 2014-01-03 16:29 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\stflt.sys
2016-01-07 16:08 - 2013-05-08 10:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-07 16:08 - 2010-09-18 10:53 - 00000000 ____D C:\ProgramData\NVIDIA
2016-01-07 16:08 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-07 16:05 - 2011-09-09 19:11 - 00001080 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3542069035-4146575090-2512792040-1000Core.job
2016-01-06 23:43 - 2015-04-01 15:59 - 00000000 ____D C:\webprojects
2016-01-06 21:38 - 2015-09-02 17:03 - 00001142 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2016-01-06 21:38 - 2015-03-31 11:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-01-06 21:38 - 2015-03-31 11:56 - 00000000 ____D C:\ProgramData\Package Cache
2016-01-06 21:36 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2016-01-06 21:01 - 2015-06-13 09:09 - 00001184 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3542069035-4146575090-2512792040-1000Core.job
2016-01-06 01:52 - 2012-04-15 22:16 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-01-06 01:51 - 2012-04-15 22:16 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-01-06 01:51 - 2012-04-15 22:16 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-05 19:06 - 2015-08-01 12:07 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-01-03 20:10 - 2014-03-24 20:14 - 00000000 ____D C:\Users\ObiMobil\AppData\Local\Skype
2016-01-03 20:10 - 2010-12-27 19:49 - 00000000 ____D C:\ProgramData\Skype
2015-12-17 00:07 - 2013-05-02 03:47 - 00000000 ____D C:\Users\ObiMobil\AppData\Roaming\Mozilla
2015-12-15 20:29 - 2014-12-30 12:07 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-12-15 20:21 - 2015-05-28 13:54 - 00000000 ____D C:\Users\ObiMobil\AppData\Local\CloudStation
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2010-12-28 20:06 - 2014-07-20 18:57 - 0001164 _____ () C:\Users\ObiMobil\AppData\Local\crc32list11.txt
2010-12-22 22:00 - 2010-12-22 22:15 - 0003584 _____ () C:\Users\ObiMobil\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-06-25 19:58 - 2013-06-25 20:08 - 0000600 _____ () C:\Users\ObiMobil\AppData\Local\PUTTY.RND
2010-12-22 15:46 - 2015-08-27 18:04 - 0007650 _____ () C:\Users\ObiMobil\AppData\Local\Resmon.ResmonCfg
2011-06-26 17:25 - 2011-06-26 17:25 - 0000000 _____ () C:\Users\ObiMobil\AppData\Local\{76B0BBCC-D61A-4313-A85F-56880C5B8021}
2008-05-23 16:48 - 2008-05-23 16:48 - 0020270 _____ () C:\ProgramData\DeviceInstaller.xml
2008-06-23 12:02 - 2008-06-23 12:02 - 0097410 ____R () C:\ProgramData\DeviceManager.xml.rc4
2010-07-13 12:45 - 2010-03-02 23:59 - 0131984 _____ () C:\ProgramData\FullRemove.exe
2015-06-30 17:38 - 2015-06-30 17:38 - 0000098 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
Einige Dateien in TEMP:
====================
C:\Users\ObiMobil\AppData\Local\Temp\avgnt.exe
C:\Users\ObiMobil\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-12-20 00:10
==================== Ende von FRST.txt ============================
|
|
07.01.2016, 19:18
| #9 |
| | Win7 extrem langsam FRST Additions Logfile: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:31-12-2015
durchgeführt von ObiMobil (2016-01-07 19:11:56)
Gestartet von C:\Users\ObiMobil\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2010-12-22 13:52:14)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3542069035-4146575090-2512792040-500 - Administrator - Disabled)
Gast (S-1-5-21-3542069035-4146575090-2512792040-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3542069035-4146575090-2512792040-1002 - Limited - Enabled)
ObiMobil (S-1-5-21-3542069035-4146575090-2512792040-1000 - Administrator - Enabled) => C:\Users\ObiMobil
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Acer Backup Manager (HKLM-x32\...\InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.68 - NewTech Infosystems)
Acer Crystal Eye webcam (HKLM-x32\...\{51F026FA-5146-4232-A8BA-1364740BD053}) (Version: 1.0.4.0 - Liteon)
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 5.00.3005 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3013 - Acer Incorporated)
Acer GameZone Console (HKLM-x32\...\{58F4D244-314F-4D26-B5EF-C28AB32E22CB}_is1) (Version: 6.1.0.9 - Oberon Media, Inc.)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.03.3003 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0707.2010 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.180 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.270 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.267 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Airport Mania First Flight (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11505173}) (Version: - Oberon Media)
Amazonia (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}) (Version: - Oberon Media)
AVerMedia A835 USB TV Tuner 8.0.64.57 (HKLM-x32\...\AVerMedia A835 USB TV Tuner) (Version: 8.0.64.57 - AVerMedia TECHNOLOGIES, Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.15.129 - Avira Operations GmbH & Co. KG)
Avira Browser Safety (HKLM-x32\...\{9E10EA90-5E97-43B7-A246-FC7B4F5E9493}) (Version: 1.4.5.509 - Avira Operations GmbH & Co KG)
Avira Launcher (x32 Version: 1.1.52.15531 - Avira Operations GmbH & Co. KG) Hidden
Backup Manager Basic (x32 Version: 2.0.0.68 - NewTech Infosystems) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Belkin USB Print and Storage Center (HKLM\...\Belkin USB Print and Storage Center) (Version: 1.0.0 - Belkin International, Inc.)
Betfair Poker (HKLM-x32\...\Betfair Poker_is1) (Version: - Betfair)
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom Gigabit NetLink Controller (HKLM\...\{A84DB02B-9C2B-4272-9D2D-A80E00A56513}) (Version: 14.0.2.3 - Broadcom Corporation)
Cake Mania (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}) (Version: - Oberon Media)
calibre 64bit (HKLM\...\{2D534835-A873-4402-BEED-813FE50BF118}) (Version: 2.30.0 - Kovid Goyal)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.1.3868 - CDBurnerXP)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - )
CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.2829.50 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DDBAC (HKLM-x32\...\{9FC83F04-9C3F-429B-92DE-1252235765E4}) (Version: 4.3.42 - DataDesign)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Dream Day First Home (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}) (Version: - Oberon Media)
Dropbox (HKU\S-1-5-21-3542069035-4146575090-2512792040-1000\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.)
Dropbox (HKU\S-1-5-21-3542069035-4146575090-2512792040-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.)
Druckerdeinstallation für EPSON SX210 Series (HKLM\...\EPSON SX210 Series) (Version: - SEIKO EPSON Corporation)
eBay Worldwide (HKLM-x32\...\{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}) (Version: 2.1.0901 - OEM)
eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)
eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) Hidden
ETDWare PS/2-x64 7.0.6.5_WHQL (HKLM\...\Elantech) (Version: 7.0.6.5 - ELAN Microelectronics Corp.)
Farm Frenzy 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}) (Version: - Oberon Media)
FileZilla Client 3.6.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.6.0.2 - FileZilla Project)
FreeMind (HKLM-x32\...\B991B020-2968-11D8-AF23-444553540000_is1) (Version: 0.9.0 - )
Full Tilt Poker (HKLM-x32\...\{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}) (Version: 4.48.1.WIN.FullTilt.COM - )
Full Tilt Poker.Eu (HKLM-x32\...\{127BEFB3-24B2-4B44-8E99-AD22C2A5A8ED}) (Version: 4.55.4.WIN.FullTilt.EU - )
Galapago (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}) (Version: - Oberon Media)
Gameforge Live 2.0.6 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.6 - Gameforge)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Git version 1.8.3-preview20130601 (HKLM-x32\...\Git_is1) (Version: 1.8.3-preview20130601 - The Git Development Community)
Gizmo Central (HKLM-x32\...\Gizmo Central) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7210.1528 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
HearthstoneTracker (HKLM-x32\...\HearthstoneTracker) (Version: 1.9.23.39449 - HearthstoneTracker.com)
Heroes of Hellas (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}) (Version: - Oberon Media)
HEX (HKLM-x32\...\{6EDED3CB-CAC5-4200-A534-CCA1732EAF23}_is1) (Version: - Gameforge)
HL-1110 series (HKLM-x32\...\{4F2442B7-A89E-42A4-8F0E-6937499855CA}) (Version: 1.0.0.0 - Brother Industries, Ltd.)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated)
import.io (HKU\S-1-5-21-3542069035-4146575090-2512792040-1000\...\{95981586-8D7F-49E9-9C7F-3AA704641471}_is1) (Version: 0.1 - import.io)
import.io (HKU\S-1-5-21-3542069035-4146575090-2512792040-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\{95981586-8D7F-49E9-9C7F-3AA704641471}_is1) (Version: 0.1 - import.io)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.2.1001 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.02.00.1002 - Intel Corporation)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
KeePass Password Safe 2.28 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.28 - Dominik Reichl)
Kodi (HKU\S-1-5-21-3542069035-4146575090-2512792040-1000\...\Kodi) (Version: - XBMC-Foundation)
Kodi (HKU\S-1-5-21-3542069035-4146575090-2512792040-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Kodi) (Version: - XBMC-Foundation)
Launch Manager (HKLM-x32\...\LManager) (Version: 4.0.12 - Acer Inc.)
League of Legends (HKLM-x32\...\{918A9082-6287-4D25-9002-5E5D5E4971CB}) (Version: 1.02.0000 - Riot Games)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
ManiaPlanet (HKLM-x32\...\ManiaPlanet_is1) (Version: - Nadeo)
Market Samurai (HKLM-x32\...\MarketSamurai.6E37012E1CBD7F47B14488FCC715944F3EBDCEDC.1) (Version: 0.93.64 - Alliance Software Pty Ltd)
Market Samurai (x32 Version: 0.93.64 - Alliance Software Pty Ltd) Hidden
Merriam Websters Spell Jam (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}) (Version: - Oberon Media)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mimo (HKLM-x32\...\Mimo) (Version: 0.2.5 - Mimo, Inc.)
Mobile Connection Manager (HKLM-x32\...\o2DE) (Version: 8.8.7.892 - Mobile Connection Manager)
Mozilla Firefox 39.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.5.0 - Mozilla)
Mozilla Thunderbird 38.5.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.5.0 (x86 de)) (Version: 38.5.0 - Mozilla)
MyWinLocker (x32 Version: 3.1.212.0 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}) (Version: 3.1.212.0 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 3.1.212.0 - Egis Technology Inc.) Hidden
Newshosting (HKLM\...\{63E2392B-D8C3-4458-BEB4-057AD58EF032}) (Version: 1.5.3 - Newshosting)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
NVIDIA 3D Vision Treiber 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 320.49 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 320.49 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.24.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.24.2 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0604 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.19 - NVIDIA Corporation)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
paint.net (HKLM\...\{DF3A46D9-67B3-44B2-9D01-25C8BA772C8A}) (Version: 4.0.6 - dotPDN LLC)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.8 - Pando Networks Inc.)
PC Wizard 2015.2.14 (HKLM-x32\...\PC Wizard 2015_is1) (Version: - CPUID)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Poker Pop (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111355427}) (Version: - Oberon Media)
PokerStars (HKLM-x32\...\PokerStars) (Version: - PokerStars)
ProgDVB (HKLM\...\ProgDVB) (Version: - )
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: - Jan Fiala)
QuickPar 0.9 (HKLM-x32\...\QuickPar) (Version: 0.9 - Peter B. Clements)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6141 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30122 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 1.6.85 - NVIDIA Corporation) Hidden
Shredder (Version: 2.0.8.3 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.3 - Egis Technology Inc.) Hidden
Skype™ 7.17 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.105 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Spin & Win (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110300453}) (Version: - Oberon Media)
Spotify (HKU\S-1-5-21-3542069035-4146575090-2512792040-1000\...\Spotify) (Version: 1.0.20.94.g8f8543b3 - Spotify AB)
Spotify (HKU\S-1-5-21-3542069035-4146575090-2512792040-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Spotify) (Version: 1.0.20.94.g8f8543b3 - Spotify AB)
Spyware Terminator 2012 (HKLM-x32\...\{56736259-613E-4A3B-B428-6235F2E76F44}_is1) (Version: 3.0.0.82 - Crawler.com)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Sublime Text Build 3083 (HKLM\...\Sublime Text 3_is1) (Version: - Sublime HQ Pty Ltd)
Synology Cloud Station (HKLM-x32\...\{17B316FB-7048-49FE-86E7-92A5905F842A}) (Version: 3.2.3479 - Synology)
TeamDrive 3 (HKLM-x32\...\TeamDrive 3) (Version: 3.1.2.454 - TeamDrive Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.42650 - TeamViewer)
TortoiseGit 1.8.3.0 (64 bit) (HKLM\...\{C39D5E7E-0CA3-4090-AAE3-9F7F4D5D567A}) (Version: 1.8.3.0 - TortoiseGit)
Überwachungstool für die Intel® Turbo-Boost-Technik (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.186.6 - Intel)
Unity Web Player (HKU\S-1-5-21-3542069035-4146575090-2512792040-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-3542069035-4146575090-2512792040-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{CBCC2FD8-7DFE-4752-95B5-2E447C226F45}) (Version: - Microsoft)
UseNeXT by Tangysoft (HKLM-x32\...\UseNeXT by Tangysoft_is1) (Version: - Tangysoft Ltd.)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Vodafone Mobile Connect Lite (HKLM-x32\...\{C656142F-EFE1-44CD-BFAD-6CBC6DCB9860}) (Version: 9.3.3.10523 - Vodafone)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3002 - Acer Incorporated)
WiMP 2.4.2 (HKLM-x32\...\com.aspiro.wimp.de.25F5C0086CDE1F22CA0B92A487729991CA6CD013.1) (Version: 2.4.2 - Aspiro AS)
WiMP 2.4.2 (x32 Version: 2.4.2 - Aspiro AS) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
WISO Steuer-Sparbuch 2011 (HKLM-x32\...\{02F0B8AE-7501-4333-AFBE-6BAABFEC7637}) (Version: 18.00.6928 - Buhl Data Service GmbH)
ZTE USB Driver (HKLM\...\ZTE USB Driver) (Version: 1.0.1.31_TME - ZTE Corporation)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\ObiMobil\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\ObiMobil\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{2C4A5D61-009C-4561-9A33-6AFD542FD237}\InprocServer32 -> C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\ContextMenu.dll ()
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\ObiMobil\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{472CE1AD-5D53-4BCF-A1FB-3982A5F55138}\InprocServer32 -> C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{48AB5ADA-36B1-4137-99C9-2BD97F8788AB}\InprocServer32 -> C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\ObiMobil\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\ObiMobil\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\ObiMobil\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{A433C3E0-8B24-40EB-93C3-4B10D9959F58}\InprocServer32 -> C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{AEB16659-2125-4ADA-A4AB-45EE21E86469}\InprocServer32 -> C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\ObiMobil\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{C701AD67-3DF0-47C9-89CB-DFA6207BE229}\InprocServer32 -> C:\Users\ObiMobil\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{ca586c80-7c84-4b88-8537-726724df6929}\InprocServer32 -> C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll ()
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\ObiMobil\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\ObiMobil\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\ObiMobil\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\ObiMobil\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\ObiMobil\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => Keine Datei
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {12000D8D-DA3E-46E8-B7A0-C644B180F08F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {170B4AFC-8CF0-464B-B4DD-614BB3A62FD7} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3542069035-4146575090-2512792040-1000Core => C:\Users\ObiMobil\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {1E76B4F1-2DCD-4F27-9366-7D1B50600C5A} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
Task: {418F17BD-04C3-4A5B-81A7-A136187FA939} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3542069035-4146575090-2512792040-1000Core => C:\Users\ObiMobil\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-13] (Dropbox, Inc.)
Task: {45FCE8E7-27C1-42DE-A28C-6817130DDCB6} - System32\Tasks\{EB5A17F7-59B1-4914-80F9-8981CBF7FF0B} => C:\Program Files (x86)\Gizmo\gizmo.exe [2010-12-28] (Arainia Solutions)
Task: {49B53F6B-58B5-4494-AA3E-A9B86F524493} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {5A40E926-9E86-4B89-9CFD-B12311724371} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {733D650D-7434-4D36-A837-44A40309EEEC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-06] (Adobe Systems Incorporated)
Task: {7A532F03-994C-4519-A175-E21C8E9C95ED} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {862865A0-5DF5-4EE9-B973-7E48693A5EB7} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3542069035-4146575090-2512792040-1000UA => C:\Users\ObiMobil\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {A34B3048-6A02-4C85-99C2-22DC96B05E06} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {AEC5BE87-9C6A-4459-9A7B-E245DFD0ECF2} - System32\Tasks\AutoKMSDaily => C:\Windows\AutoKMS\AutoKMS.exe
Task: {BEC65FF4-BA85-47B4-A046-5C604D31BD72} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3542069035-4146575090-2512792040-1000UA => C:\Users\ObiMobil\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-13] (Dropbox, Inc.)
Task: {C5004184-66DB-44A1-9FB0-F1C099EF0412} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {C5FBFB11-265B-4257-BB6C-49153ACABAB1} - System32\Tasks\{CBEC163D-63CE-4F46-95B0-6470B36DFE3E} => pcalua.exe -a C:\Users\ObiMobil\Downloads\HiJackThis204.exe -d C:\Users\ObiMobil\Downloads
Task: {CCDAC0B1-D721-4AC0-A7A9-5F2C39719A25} - System32\Tasks\Avira Browser Safety Updater Task => C:\Program Files (x86)\Avira\Browser Safety\AviraBrowserSafetyUpdater.exe [2015-03-11] (Avira Operations GmbH & Co. KG)
Task: {DD9F510C-95F4-499A-90C8-BAC5BC372FF4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => start sppsvc
Task: {E7C97CD1-334A-4FCC-8E9F-1C5FFAF49143} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3542069035-4146575090-2512792040-1000Core.job => C:\Users\ObiMobil\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3542069035-4146575090-2512792040-1000UA.job => C:\Users\ObiMobil\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3542069035-4146575090-2512792040-1000Core.job => C:\Users\ObiMobil\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3542069035-4146575090-2512792040-1000UA.job => C:\Users\ObiMobil\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2013-12-04 19:55 - 2011-06-22 17:14 - 00034304 _____ () C:\Windows\System32\sst2cl6.dll
2013-12-04 19:55 - 2011-06-22 17:13 - 00826880 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\sst2cdu.dll
2012-09-24 18:43 - 2010-02-17 17:25 - 00181760 ____N () C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe
2012-09-24 18:43 - 2010-02-09 14:55 - 00055296 ____N () C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe
2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2013-05-05 15:26 - 2013-05-05 15:26 - 00597144 _____ () C:\Program Files\TortoiseGit\bin\libgit2.dll
2013-05-05 15:26 - 2013-05-05 15:26 - 00087704 _____ () C:\Program Files\TortoiseGit\bin\zlib1.dll
2010-06-28 14:20 - 2010-06-28 14:20 - 00465576 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
2010-06-28 14:12 - 2010-06-28 14:12 - 01081600 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll
2014-06-20 10:22 - 2009-02-27 15:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2015-03-03 16:01 - 2015-03-03 16:01 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\89753abff3827095ec7f3d3fb79f744a\IsdiInterop.ni.dll
2010-07-13 12:32 - 2010-04-13 17:52 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-11-29 22:59 - 2012-11-29 22:59 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2013-05-05 15:18 - 2013-05-05 15:18 - 00451736 _____ () C:\Program Files\TortoiseGit\bin\libgit232.dll
2013-05-05 15:18 - 2013-05-05 15:18 - 00077464 _____ () C:\Program Files\TortoiseGit\bin\zlib132.dll
2014-04-12 04:30 - 2014-02-10 12:44 - 04592128 _____ () C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
2014-04-12 04:30 - 2014-02-10 12:44 - 00112128 _____ () C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll
2016-01-03 20:07 - 2015-12-24 07:46 - 16792256 _____ () C:\Users\ObiMobil\AppData\Local\Google\Chrome\User Data\PepperFlash\20.0.0.267\pepflashplayer.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\Temp:05B51235
AlternateDataStreams: C:\ProgramData\Temp:0B9176C0
AlternateDataStreams: C:\Users\ObiMobil\Downloads\avira_de_av_5968378268__ws.exe:BDU
AlternateDataStreams: C:\Users\ObiMobil\Downloads\BlueStacks-SplitInstaller_native.exe:BDU
AlternateDataStreams: C:\Users\ObiMobil\Downloads\Hearthstone-Beta-Setup-deDE.exe:BDU
AlternateDataStreams: C:\Users\ObiMobil\Downloads\HiJackThis204.exe:BDU
AlternateDataStreams: C:\Users\ObiMobil\Downloads\KeePass-2.28-Setup.exe:BDU
AlternateDataStreams: C:\Users\ObiMobil\Downloads\MediaPlayerClassic_RocketFuelInstaller (1).exe:BDU
AlternateDataStreams: C:\Users\ObiMobil\Downloads\MediaPlayerClassic_RocketFuelInstaller (2).exe:BDU
AlternateDataStreams: C:\Users\ObiMobil\Downloads\MediaPlayerClassic_RocketFuelInstaller.exe:BDU
AlternateDataStreams: C:\Users\ObiMobil\Downloads\UnityWebPlayer.exe:BDU
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2016-01-06 21:31 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3542069035-4146575090-2512792040-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\ObiMobil\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-3542069035-4146575090-2512792040-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\ObiMobil\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-3542069035-4146575090-2512792040-1005-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-3542069035-4146575090-2512792040-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-3542069035-4146575090-2512792040-1006\Control Panel\Desktop\\Wallpaper -> C:\Users\Katrin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-3542069035-4146575090-2512792040-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Katrin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WISO Mein Steuer-Sparbuch heute.lnk => C:\Windows\pss\WISO Mein Steuer-Sparbuch heute.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^ObiMobil^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^An OneNote senden.lnk => C:\Windows\pss\An OneNote senden.lnk.Startup
MSCONFIG\startupfolder: C:^Users^ObiMobil^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk => C:\Windows\pss\OpenOffice.org 3.2.lnk.Startup
MSCONFIG\startupfolder: C:^Users^ObiMobil^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk => C:\Windows\pss\OpenOffice.org 3.4.1.lnk.Startup
MSCONFIG\startupfolder: C:^Users^ObiMobil^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^TeamDrive starten.lnk => C:\Windows\pss\TeamDrive starten.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: BackupManagerTray => "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
MSCONFIG\startupreg: EgisTecPMMUpdate => "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
MSCONFIG\startupreg: EgisUpdate => "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
MSCONFIG\startupreg: EPSON SX210 Series => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFDE.EXE /FU "C:\Windows\TEMP\E_S3821.tmp" /EF "HKCU"
MSCONFIG\startupreg: GizmoDriveDelegate => RUNDLL32.EXE C:\PROGRA~2\GIZMO\GDRIVE.DLL,Remount_Startup_Images
MSCONFIG\startupreg: InstallerLauncher => "C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\Installer.exe"
MSCONFIG\startupreg: KeePass 2 PreLoad => "C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" --preload
MSCONFIG\startupreg: LManager => C:\Program Files (x86)\Launch Manager\LManager.exe
MSCONFIG\startupreg: MarbleStation => C:\NetmarbleGlobal\MarbleStation\GlbMSLauncher.exe
MSCONFIG\startupreg: mwlDaemon => C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
MSCONFIG\startupreg: Norton Online Backup => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
MSCONFIG\startupreg: Spotify => "C:\Users\ObiMobil\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\ObiMobil\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SpywareTerminatorShield => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
MSCONFIG\startupreg: SpywareTerminatorUpdater => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
MSCONFIG\startupreg: SuiteTray => "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: VirtualCloneDrive => "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{644A509A-457D-4C04-A293-18216D016B92}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9.EXE
FirewallRules: [{4FB3C17C-AFA2-4BEE-A7E5-8D1A934CDEBA}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{DF06B872-4390-4F3E-A9A5-F676794FFB36}] => (Allow) svchost.exe
FirewallRules: [{5CC7C186-58CF-42C4-BCF7-0252AC5EDA15}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{EADD3136-38EC-4276-B8DE-B445FEF10116}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{5941FBA2-5C7E-4017-893E-BF5464672003}] => (Allow) LPort=8396
FirewallRules: [{F80A5A05-AE6E-4626-8379-CF99A1FF6603}] => (Allow) LPort=8396
FirewallRules: [{DC691B14-20E3-4C09-9522-51A8047906B2}] => (Allow) C:\Riot Games\League of Legends\air\LolClient.exe
FirewallRules: [{AE1E21B4-AC39-471E-A866-19C7112321F0}] => (Allow) C:\Riot Games\League of Legends\air\LolClient.exe
FirewallRules: [{E464845F-F9B1-4FF5-A808-FE15AF4E166D}] => (Allow) C:\Riot Games\League of Legends\game\League of Legends.exe
FirewallRules: [{0BA59535-22A9-4255-8FCA-968A39ED2FCA}] => (Allow) C:\Riot Games\League of Legends\game\League of Legends.exe
FirewallRules: [{D061CD36-7D7E-4A60-A8C4-F05CACB57074}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{83E37541-C840-48C9-8591-FDCA41A68B8E}] => (Allow) LPort=2869
FirewallRules: [{E85B69D9-BDB7-4179-BD31-6257BEE2411B}] => (Allow) LPort=1900
FirewallRules: [{BE0BAD6F-A68C-45B8-8DF5-A1B705C6E4A8}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{303B66B6-128E-438B-B27C-660BE5785F35}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{717F01DA-700F-44B0-87D1-DF42ABF069D0}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{9D61C302-DDAA-4873-928D-DE7B0E6D4C37}] => (Allow) LPort=26675
FirewallRules: [{2A54FA3D-4BDC-4973-BD62-99F6C7E6A56C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{719EBF74-D777-46F7-8F91-274BAEB174CF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{5CECA94B-FE03-43FF-9FFA-F890C0F2BF89}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5EB4556F-DCCA-4202-B39A-6FFAE6552696}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{81BF6A9C-47D9-4D4C-89F4-BBE75C955FE7}] => (Allow) C:\Program Files\Belkin\Belkin USB Print and Storage Center\Connect.exe
FirewallRules: [{3F280DE1-1E27-494C-B834-53766BEED907}] => (Allow) LPort=19540
FirewallRules: [{D7B4B7DC-016A-442E-9EF1-5595A0A86C54}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{8B838E13-25BD-494A-8AD0-ED6A07644CB4}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{B8666841-261E-4F8D-8987-CB018796183F}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{FA13DB77-43CA-4201-8A41-D99B0FA4C08A}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{E73EC40F-AE04-48DE-A31F-A9A4E7190731}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{00E4A79D-AD6D-46AD-BD41-68D412892459}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{EB23ECE7-5DE6-44A8-98DE-E7D120FE3593}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{8473E708-FEC3-4F42-80DB-BDB76BE44F6F}] => (Allow) C:\Users\Tina\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{67FAEB53-7E20-4560-8AAE-006D14673290}] => (Allow) C:\Users\Tina\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{0DB30832-EBAF-45EE-A038-E4D18E3AA138}C:\users\tina\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\tina\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{864CE943-EA29-4CB4-9CAE-F3E282D1F1FA}C:\users\tina\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\tina\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{C928EAA9-E01C-4319-B916-41487A3D3294}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{324618CF-24C9-4D32-A243-931E0F5F2EDF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{503CE394-961E-45C4-BF8E-1861C13F81DA}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
FirewallRules: [UDP Query User{65E93227-1224-48A3-A710-B90139D8BB8D}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
FirewallRules: [{F2F4A06B-4A97-43EA-B34B-684F9FCE486A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{D3FECFD4-80FC-4CA5-B431-797A9DBE29B5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{517A8981-3539-4C8B-B682-502C526135E4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{95A6D083-5453-436E-9B1D-F18D016D4BB5}C:\games\world_of_warplanes\wowplauncher.exe] => (Allow) C:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [UDP Query User{121E808E-3864-4307-A0C1-5C229E795CFF}C:\games\world_of_warplanes\wowplauncher.exe] => (Allow) C:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [{CEB91F73-CC6A-4278-A017-AE3D695FF1D8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.954\Agent.exe
FirewallRules: [{7946E88C-0937-468A-B492-E54718C73A42}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.954\Agent.exe
FirewallRules: [{7927492C-B4AD-4AE9-A2A2-1F799F2B924D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [{6AAA0759-22BC-4B20-B159-8EC58AF41E2E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [{E106A59C-5A9C-4D93-9A3A-7520A871ECAD}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{EFCCC650-E1C1-4580-968E-805463B388B3}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{1ABA1577-87F4-436B-ACAB-C4B8CB661934}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [{B79D15D2-09EA-429B-8E95-50D695D9FAA6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [TCP Query User{186D3854-4E87-43C7-A862-EFE1B9295CFE}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{3DD553F3-809F-4486-B2E2-806387F81456}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [TCP Query User{CD9248C5-EF90-4BE4-B05A-8A32C111F0A4}C:\users\obimobil\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\obimobil\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{D52BA98D-4A70-492D-BEFF-922042682BC7}C:\users\obimobil\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\obimobil\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{B2F89E7C-3C36-45D4-93E6-E7D4752C374B}C:\users\obimobil\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\obimobil\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{2B593A5F-6CBE-46C0-978E-B7D3E370AF11}C:\users\obimobil\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\obimobil\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{A5A6D78A-D0D4-4C0F-B84B-BCF844C6D385}C:\users\obimobil\appdata\local\temp\10e1.tmp\kmservice.exe] => (Block) C:\users\obimobil\appdata\local\temp\10e1.tmp\kmservice.exe
FirewallRules: [UDP Query User{5CC172D9-5DE7-4177-B704-BE7D4B979206}C:\users\obimobil\appdata\local\temp\10e1.tmp\kmservice.exe] => (Block) C:\users\obimobil\appdata\local\temp\10e1.tmp\kmservice.exe
FirewallRules: [{31E64288-1C04-48BB-8378-CD2F6F5253F8}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{7BA6BA51-8870-42D0-8217-E2C191BF66BE}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{BA82F319-D8A7-465B-A7CC-831194A9AFF2}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{AE887943-465B-45F3-AE35-2162E3E5F2A3}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [TCP Query User{7D012476-062D-4F87-8327-20EA4AF0BF94}C:\program files (x86)\litecoin\litecoin-qt.exe] => (Allow) C:\program files (x86)\litecoin\litecoin-qt.exe
FirewallRules: [UDP Query User{273B7A88-16A1-4156-96B5-D21B6B69DDC5}C:\program files (x86)\litecoin\litecoin-qt.exe] => (Allow) C:\program files (x86)\litecoin\litecoin-qt.exe
FirewallRules: [{98740A53-138A-4F2B-83BA-EE36DF215C08}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{389CD855-E081-4EF7-A7DF-40480852DCE0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{9ECC3A29-1962-4A51-8A9C-17881A7ACD4F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{C36AA280-6F60-4EDD-AC3D-92BDA020C63C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{ACCBD3E9-40C7-45F3-8BE3-1CA77BB1F459}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{313839F5-34FF-46F1-ACBA-9652F7955722}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{5E359099-63CB-4BD1-892F-3DC169853987}C:\users\obimobil\downloads\eclipse-php-helios-sr2-win32\eclipse\eclipse.exe] => (Allow) C:\users\obimobil\downloads\eclipse-php-helios-sr2-win32\eclipse\eclipse.exe
FirewallRules: [UDP Query User{8D0DDA2E-60F6-4BE4-93C2-3155BEB88D4B}C:\users\obimobil\downloads\eclipse-php-helios-sr2-win32\eclipse\eclipse.exe] => (Allow) C:\users\obimobil\downloads\eclipse-php-helios-sr2-win32\eclipse\eclipse.exe
FirewallRules: [{DF1292F3-9DCE-4C4D-AE59-C7611BEF7A40}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminator.exe
FirewallRules: [{350BCC2B-05F5-4533-ABF7-0DF776AAA7E6}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminator.exe
FirewallRules: [{12B039E1-B8D3-4A8E-8315-9AD46F9A250C}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
FirewallRules: [{4316ACFD-D8ED-42A8-BC51-F0790A63D08C}] => (Allow) C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
FirewallRules: [TCP Query User{2FDB0447-1E9C-4D57-81B0-E7000263C88F}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe] => (Block) C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe
FirewallRules: [UDP Query User{B85F3155-4F36-4C78-812F-E736DC8FB74A}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe] => (Block) C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe
FirewallRules: [TCP Query User{9C2440BD-5F2C-461D-929A-3B2446871F48}C:\users\obimobil\downloads\eclipse-php-helios-sr2-win32\eclipse\eclipse.exe] => (Allow) C:\users\obimobil\downloads\eclipse-php-helios-sr2-win32\eclipse\eclipse.exe
FirewallRules: [UDP Query User{1D418261-AE50-4F3E-950A-ED8AE2D4D14D}C:\users\obimobil\downloads\eclipse-php-helios-sr2-win32\eclipse\eclipse.exe] => (Allow) C:\users\obimobil\downloads\eclipse-php-helios-sr2-win32\eclipse\eclipse.exe
FirewallRules: [TCP Query User{9A67B07D-1EA9-4D3F-B8EE-5D8F18C5BAEB}C:\program files (x86)\java\jre7\launch4j-tmp\mimo.exe] => (Allow) C:\program files (x86)\java\jre7\launch4j-tmp\mimo.exe
FirewallRules: [UDP Query User{B1C21952-83AA-464D-93A7-129DB7099251}C:\program files (x86)\java\jre7\launch4j-tmp\mimo.exe] => (Allow) C:\program files (x86)\java\jre7\launch4j-tmp\mimo.exe
FirewallRules: [{24A15925-EE40-4F26-9DA8-97EAF6DE592C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{93F4746F-E9D5-43A1-9552-9C8D37ED85FC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{080D5608-1464-4882-8FC6-3FCBE813F686}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2680\Agent.exe
FirewallRules: [{4FF78B3C-6B69-46EF-BA33-56E99E21E961}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2680\Agent.exe
FirewallRules: [{4220F71E-E474-4A3E-A8AD-8CDC90BDC23B}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{187EA9A6-AC25-4EB0-8D1C-CFB9A1576489}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{21269A9F-0B3B-4DEE-AAB0-C4FAE19F4F3C}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{2D8F5D9F-3B95-4CE8-A861-8771A1622B03}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{D51BF2AD-2A82-4067-8FBF-7FD9B835F200}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2689\Agent.exe
FirewallRules: [{F4463B5A-CBA8-498B-B4BF-9A63C460795F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2689\Agent.exe
FirewallRules: [{3CA9DADA-CE81-4ADC-8326-9EF966C3211E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{A7154BE3-5E7B-4F4E-8E1E-FBE5C68490A8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{59123C40-E91C-4126-B637-10B66A1F90FD}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{BB3D3494-446A-422E-9357-755BF71A55F9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{263A5036-BC53-4F62-B69D-28B607E81795}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{042A7EA0-32CD-4EB8-8D83-DC5AA39EEFF5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [TCP Query User{572C469D-501C-46D1-9540-AB10847582D1}C:\programdata\battle.net\agent\agent.3109\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3109\agent.exe
FirewallRules: [UDP Query User{AD9E8E11-4524-45EE-B081-8B5FEA734A72}C:\programdata\battle.net\agent\agent.3109\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3109\agent.exe
FirewallRules: [{CA47BA01-2AE7-4D22-850D-6B18410D4A76}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{A354E9EE-A9F5-41A0-B61B-1439E3B01199}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [TCP Query User{E0142BEF-B8E9-4A00-A003-5B2B1F03873F}C:\programdata\battle.net\agent\agent.3182\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3182\agent.exe
FirewallRules: [UDP Query User{3D76D9B1-4AC0-4DCF-A6E4-2420E3D9C160}C:\programdata\battle.net\agent\agent.3182\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3182\agent.exe
FirewallRules: [{9F6774E4-7094-4437-BA29-47088B1E14B9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{E27F7686-5A8D-4490-8C42-B29EF2C75BA8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{3456BD2B-496A-4ECE-A2D2-47F309C81102}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{8F9E6692-F2F8-42DC-880C-16A53DC8BA82}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [TCP Query User{9A00F4BA-33D6-45CF-8EB2-7E04DD45727C}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{F30DA08D-F746-486A-8F0C-9C37D902B212}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{6E2959C6-BFF8-49AC-854F-3E95A39B43CF}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{2F1B9C7E-5411-4AB1-8EFD-15AA3EF82D2C}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{C85E36FC-87D6-47C9-8420-1BC0682974E9}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{CB96C99E-EE01-4B40-88F0-C4E191666099}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{49A7C27F-D992-4088-B0EA-DFBF60BD1DF4}] => (Allow) C:\Program Files\NetDrive\ndsvc.exe
FirewallRules: [{E7310655-551E-4196-BDBD-E8ECAAC0F3E1}] => (Allow) C:\Program Files\NetDrive\ndsvc.exe
FirewallRules: [{A844FBBE-0BC2-47DC-A624-C30FC72DFE4A}] => (Allow) C:\Program Files\NetDrive\ndsvc.exe
FirewallRules: [{792657DC-EFDB-4AE5-864C-DC8290287AF7}] => (Allow) C:\Program Files\NetDrive\ndsvc.exe
FirewallRules: [{5CDFDD58-DC32-4B6B-B90F-F80B98DAB985}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{B2EA5F35-F9B8-4EF8-A862-0DBF033C2607}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{A70CDA0A-6E25-41AD-87B9-59FFE7FF99AF}] => (Allow) C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{5C4C2C25-0F7B-43AC-8C2F-D4AAA2DDA1DF}] => (Allow) C:\Users\ObiMobil\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{057F0FB9-F75A-4589-BF37-B9E12EAAF596}C:\users\obimobil\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\obimobil\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{1D307634-0481-46E4-9A22-92DF7AB54CD2}C:\users\obimobil\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\obimobil\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{F9F404A6-475A-4F45-8FC2-32BC1CA3A296}] => (Allow) C:\Program Files (x86)\GameforgeLive\gfl_client.exe
FirewallRules: [TCP Query User{F54C6306-CEC2-411D-B41E-A36F198EC770}C:\users\obimobil\appdata\local\cloudstation\app\bin\cloud-connect.exe] => (Allow) C:\users\obimobil\appdata\local\cloudstation\app\bin\cloud-connect.exe
FirewallRules: [UDP Query User{17F92A95-0E74-4B3D-90B2-A8C3ADFF2EDB}C:\users\obimobil\appdata\local\cloudstation\app\bin\cloud-connect.exe] => (Allow) C:\users\obimobil\appdata\local\cloudstation\app\bin\cloud-connect.exe
FirewallRules: [{0351B635-73A4-4CDF-9BA6-B80338A534B1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{0C7EB2E7-4483-4A1D-9A13-478EE44D1132}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{80EDA6CA-2CC8-4FD3-93CB-0DF73C416512}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{0A52085A-C4C4-40B6-ABE1-B961389F670C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{4C583014-3524-4F66-89AE-53B99B0C5F91}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B8467789-76E8-4A3A-BFAC-3065486A39BD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{FA0168AE-07FC-4197-AF5A-C87ED7BEA756}C:\users\obimobil\appdata\local\cloudstation\cloudstation.app\bin\cloud-connect.exe] => (Allow) C:\users\obimobil\appdata\local\cloudstation\cloudstation.app\bin\cloud-connect.exe
FirewallRules: [UDP Query User{611B597D-07FD-4B18-B510-F2ABB2F8EE76}C:\users\obimobil\appdata\local\cloudstation\cloudstation.app\bin\cloud-connect.exe] => (Allow) C:\users\obimobil\appdata\local\cloudstation\cloudstation.app\bin\cloud-connect.exe
FirewallRules: [TCP Query User{7AF82318-1B97-40E8-B16B-995AA51AAFFB}C:\users\obimobil\appdata\local\cloudstation\cloudstation.app\bin\cloud-connect.exe] => (Allow) C:\users\obimobil\appdata\local\cloudstation\cloudstation.app\bin\cloud-connect.exe
FirewallRules: [UDP Query User{7806AE29-CEC7-4BB6-A7BA-79CB7A05C40F}C:\users\obimobil\appdata\local\cloudstation\cloudstation.app\bin\cloud-connect.exe] => (Allow) C:\users\obimobil\appdata\local\cloudstation\cloudstation.app\bin\cloud-connect.exe
FirewallRules: [TCP Query User{6685F41D-95A6-4AFC-B985-EE83BF43FF1B}C:\program files (x86)\maniaplanet\maniaplanet.exe] => (Allow) C:\program files (x86)\maniaplanet\maniaplanet.exe
FirewallRules: [UDP Query User{315A0DD0-D029-4C4D-BF42-A72DF4CF5BDB}C:\program files (x86)\maniaplanet\maniaplanet.exe] => (Allow) C:\program files (x86)\maniaplanet\maniaplanet.exe
FirewallRules: [TCP Query User{820DDDDA-3CB0-40EF-988B-02E8BD8A24C2}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{181993C7-594F-498F-9F1D-D7FC5F6F0B28}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{BA4A3BBE-FB43-42BB-B813-CD10F3BACE09}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{2C373DFB-DB53-49EC-9178-784CC7C67BA6}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{56A96ABD-1B73-44A1-9D17-0345F5B5BDFE}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{F0A0F69E-12D9-4E47-BAE1-6E1845F1D0FE}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [TCP Query User{4C6B3D81-B678-4DF9-BB07-040441957F7A}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{A19551DE-53BC-490E-ADC1-412C7B190472}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [{6C3AD8DD-36C5-4AE1-BB42-8C6B035BC53D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Wiederherstellungspunkte =========================
22-12-2015 18:23:41 Windows Update
06-01-2016 16:04:57 Windows Update
07-01-2016 18:33:46 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (01/07/2016 04:15:59 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
Error: (01/07/2016 04:15:59 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (01/07/2016 04:15:59 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (01/07/2016 04:10:08 PM) (Source: VMCService) (EventID: 0) (User: )
Description: conflictManagerTypeValue
Error: (01/07/2016 04:06:38 PM) (Source: VMCService) (EventID: 0) (User: )
Description: conflictManagerTypeValue
Error: (01/07/2016 11:13:40 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 26121852
Error: (01/07/2016 11:13:40 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 26121852
Error: (01/07/2016 11:13:40 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (01/07/2016 11:13:38 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 26120807
Error: (01/07/2016 11:13:38 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 26120807
Systemfehler:
=============
Error: (01/07/2016 06:34:55 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Streamer Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (01/07/2016 06:34:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (01/07/2016 04:19:24 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.
Error: (01/07/2016 04:09:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Live ID Sign-in Assistant" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (01/07/2016 04:09:46 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Live ID Sign-in Assistant erreicht.
Error: (01/07/2016 04:09:42 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ShellHWDetection erreicht.
Error: (01/07/2016 04:09:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Bitdefender Desktop Update Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (01/07/2016 04:08:50 PM) (Source: SCardSvr) (EventID: 602) (User: )
Description: Das System kann den angegebenen Pfad nicht finden.
Error: (01/07/2016 04:07:56 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\Windows\System32\bcmihvsrv64.dll
Error: (01/07/2016 04:07:56 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\Windows\System32\bcmihvsrv64.dll
CodeIntegrity:
===================================
Date: 2016-01-06 21:28:48.465
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2016-01-06 21:28:48.423
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5 CPU M 460 @ 2.53GHz
Prozentuale Nutzung des RAM: 47%
Installierter physikalischer RAM: 3958.71 MB
Verfügbarer physikalischer RAM: 2059.68 MB
Summe virtueller Speicher: 7915.61 MB
Verfügbarer virtueller Speicher: 4974.3 MB
==================== Laufwerke ================================
Drive c: (Acer) (Fixed) (Total:284.99 GB) (Free:52.55 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: F16C7E11)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=285 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
08.01.2016, 15:53
| #10 |
| /// TB-Ausbilder | Win7 extrem langsam Servus, wir entfernen die letzten Reste und kontrollieren nochmal alles.  Hinweis: Der Suchlauf mit ESET kann länger dauern. Schritt 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter start
CloseProcesses:
HKU\S-1-5-21-3542069035-4146575090-2512792040-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-3542069035-4146575090-2512792040-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-3542069035-4146575090-2512792040-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3542069035-4146575090-2512792040-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM-x32 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE411
SearchScopes: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-21-3542069035-4146575090-2512792040-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE411
S2 UPDATESRV; "C:\Program Files\Bitdefender\Bitdefender\updatesrv.exe" /service [X]
S4 VSSERV; "C:\Program Files\Bitdefender\Bitdefender\vsserv.exe" /service [X]
Task: {1E76B4F1-2DCD-4F27-9366-7D1B50600C5A} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
C:\Windows\AutoKMS
Task: {AEC5BE87-9C6A-4459-9A7B-E245DFD0ECF2} - System32\Tasks\AutoKMSDaily => C:\Windows\AutoKMS\AutoKMS.exe
Task: {C5FBFB11-265B-4257-BB6C-49153ACABAB1} - System32\Tasks\{CBEC163D-63CE-4F46-95B0-6470B36DFE3E} => pcalua.exe -a C:\Users\ObiMobil\Downloads\HiJackThis204.exe -d C:\Users\ObiMobil\Downloads
AlternateDataStreams: C:\ProgramData\Temp:05B51235
AlternateDataStreams: C:\ProgramData\Temp:0B9176C0
AlternateDataStreams: C:\Users\ObiMobil\Downloads\avira_de_av_5968378268__ws.exe:BDU
AlternateDataStreams: C:\Users\ObiMobil\Downloads\BlueStacks-SplitInstaller_native.exe:BDU
AlternateDataStreams: C:\Users\ObiMobil\Downloads\Hearthstone-Beta-Setup-deDE.exe:BDU
AlternateDataStreams: C:\Users\ObiMobil\Downloads\HiJackThis204.exe:BDU
AlternateDataStreams: C:\Users\ObiMobil\Downloads\KeePass-2.28-Setup.exe:BDU
AlternateDataStreams: C:\Users\ObiMobil\Downloads\MediaPlayerClassic_RocketFuelInstaller (1).exe:BDU
AlternateDataStreams: C:\Users\ObiMobil\Downloads\MediaPlayerClassic_RocketFuelInstaller (2).exe:BDU
AlternateDataStreams: C:\Users\ObiMobil\Downloads\MediaPlayerClassic_RocketFuelInstaller.exe:BDU
AlternateDataStreams: C:\Users\ObiMobil\Downloads\UnityWebPlayer.exe:BDU
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 2 Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.
Schritt 3 ESET Online Scanner
Schritt 4
Gibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?Bitte poste mit deiner nächsten Antwort
|
|
12.01.2016, 14:11
| #11 |
| /// TB-Ausbilder | Win7 extrem langsam Fehlende Rückmeldung Dieses Thema wurde aus den Abos gelöscht. Somit bekomme ich keine Benachrichtigung über neue Antworten. PM an mich falls Du denoch weiter machen willst. Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist. Jeder andere bitte hier klicken und einen eigenen Thread erstellen! |
|
| Themen zu Win7 extrem langsam |
| antivir, avira, bonjour, dnsapi.dll, email, flash player, ftp, google, home, homepage, langsam, launch, mozilla, prozesse, realtek, registry, rundll, scan, security, services.exe, software, spyware, svchost.exe, symantec, synology, system, usb, windows |
und 
und speichere die Logdatei auf Deinem Desktop.
Linear-Darstellung
