Onlinebanking Zugang von der Bank gesperrt - keine Infektion gefunden

Gromsh · 05.10.2015, 19:18

Hallo zusammen,

nach mehrmaligen Versuchen mich heute Morgen beim Onlinebanking einzuloggen wurde mir kurz darauf per Telefon von einer netten Dame von der Sicherheitsabteilung meiner Bank mitgeteilt das sich auf meinem Rechner ein Trojaner befinde und nur ein komplettes formatieren noch helfen würde/könnte.

Nachdem ich heute von der Arbeit heimgekommen bin habe ich also wie jeden Tag mein Kaspersky aktualisiert und eine vollständige Systemuntersuchung gemacht -> ohne Befund, Log unten

Danach habe ich Windows Defender komplett durchlaufen lassen -> ohne Befund, leider kein ausführlicher Log zu finden

Danach bin ich auf dieses Forum aufmerksam geworden und hoffe das mir eventuell hier geholfen werden kann.

defogger ist durchgelaufen

Code:

ATTFilter

defogger_disable by jpshortstuff (23.02.10.1)
Log created at 19:44 on 05/10/2015 (Rene)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-

FRST ist durchgelaufen

Code:

ATTFilter

LastRegBack: 2015-10-04 22:35

==================== Ende von FRST.txt ============================

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:04-10-2015
durchgeführt von Rene (2015-10-05 19:47:16)
Gestartet von C:\Users\Rene\Downloads
Windows 10 Home (X64) (2015-09-24 19:16:02)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3483221009-4124455393-22982181-500 - Administrator - Disabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-3483221009-4124455393-22982181-503 - Limited - Disabled)
Gast (S-1-5-21-3483221009-4124455393-22982181-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3483221009-4124455393-22982181-1003 - Limited - Enabled)
Rene (S-1-5-21-3483221009-4124455393-22982181-1001 - Administrator - Enabled) => C:\Users\Rene

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Internet Security (Enabled - Up to date) {B41C7598-35F6-4D89-7D0E-7ADE69B4047B}
AS: Kaspersky Internet Security (Enabled - Up to date) {0F7D947C-13CC-4207-47BE-41AC12334EC6}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {8C27F4BD-7F99-4CD1-5651-D3EB97674300}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.08.2003 - Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.02.2000 - Acer Incorporated)
abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.00.3002 - Acer Incorporated)
abMedia (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.09.2002.1 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.04.2004.0 - Acer Incorporated)
Acer Care Center (HKLM\...\{A424844F-CDB3-45E2-BB77-1DDE4A091E76}) (Version: 1.00.3013 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.07.2004 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3016.0 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8107 - Acer Incorporated)
Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.02.3005 - Acer Incorporated)
Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.02.3005 - Acer Incorporated)
Acer Video Player (HKLM-x32\...\{B6846F20-4821-11E3-8F96-0800200C9A66}) (Version: 1.00.2005.0 - Acer Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated)
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.09.2004.0 - Acer Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{3540ADD5-822B-47FB-B1C2-CD7B2C8E9FEC}) (Version: 4.0.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{C9C0FE2C-602E-49D7-8C42-5B9E8FF04798}) (Version: 4.0.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FD244E19-6EFE-4A2D-948A-0D45D4C168BE}) (Version: 9.0.0.26 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.5320 - CyberLink Corp.)
CyberLink Power Media Player 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3.4218 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.4220 - CyberLink Corp.)
eBay Worldwide (HKLM-x32\...\{91589413-6675-4C27-8AFC-EFB9103B90A5}) (Version: 2.4.0105 - OEM)
Foxit PhantomPDF (HKLM-x32\...\{D4DF5498-C95C-4A02-9951-725FB2D7BC0D}) (Version: 6.0.121.624 - Foxit Corporation)
Host App Service (HKU\S-1-5-21-3483221009-4124455393-22982181-1001\...\Pokki) (Version: 0.269.7.768 - Pokki)
Hotkey Utility (HKLM-x32\...\{A6DC88AD-501A-44BC-884D-57435F972E2C}) (Version: 3.00.8104 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Network Connections 18.5.54.0 (HKLM\...\PROSetDX) (Version: 18.5.54.0 - Intel)
Intel(R) Technology Access (HKLM-x32\...\{fb74531f-28c3-4dca-9849-e6b8faa85afe}) (Version: 1.5.0.1021 - Intel Corporation)
Intel(R) Technology Access Software Asset Manager (x32 Version: 1.0.1562 - Intel Corporation) Hidden
Intel(R) Update Manager (HKLM-x32\...\{43FA4AC8-46F8-423F-96FD-9A7D67048F1C}) (Version: 2.5.1634 - Intel Corporation)
iTunes (HKLM\...\{88509E20-3936-4D88-A1C0-B274C7BB5151}) (Version: 12.3.0.44 - Apple Inc.)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d491dd9d-2eda-4d75-b504-1a201436e7fd}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{650c9b4a-60ec-4e4e-8d8e-32d85ce3b7c5}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 36.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 36.0.1 (x86 de)) (Version: 36.0.1 - Mozilla)
Mozilla Firefox 40.0.3 (x86 de) (HKU\S-1-5-21-3483221009-4124455393-22982181-1001\...\Mozilla Firefox 40.0.3 (x86 de)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0.1 - Mozilla)
NVIDIA 3D Vision Controller-Treiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.52 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.3.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.3.22 - NVIDIA Corporation)
NVIDIA Grafiktreiber 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.52 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Pokki Start Menu (HKU\S-1-5-21-3483221009-4124455393-22982181-1001\...\Pokki_Start_Menu) (Version: 0.269.7.768 - Pokki)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.314 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.25 - Qualcomm Atheros)
Ravensburger tiptoi (HKLM-x32\...\Ravensburger tiptoi) (Version:  - )
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.30166 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.3.22 - NVIDIA Corporation) Hidden
Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.103 - Skype Technologies S.A.)
SmartShare (HKLM-x32\...\{BAB337AE-DD9E-45C3-BED6-0EE4732AEC60}) (Version: 2.3.1502.401 - LG Electronics Inc.)
Sound Blaster Cinema (HKLM-x32\...\{AF2E323C-1E8A-4CE6-BE9E-B29296BF7FAE}) (Version: 1.00.03 - Creative Technology Limited)
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.6.81.gd359a796 - Spotify AB)
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {247F6031-5F04-444B-97AC-E24100B3CE85} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {29EC117A-3921-4D02-8753-5FC4335344A1} - System32\Tasks\IntelTA-Upgrade-56460984-97c2-4bc7-a632-d776cf817f5d => C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2015-04-18] ()
Task: {309A19DC-EA8B-47B0-A68C-DC621193E98E} - System32\Tasks\IntelTA-Upgrade-56460984-97c2-4bc7-a632-d776cf817f5d-Logon => C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2015-04-18] ()
Task: {320B7238-A78D-4BB8-A3D1-D6A4CD822057} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2014-06-08] (Acer Incorporated)
Task: {3A971B8B-3582-4E52-B5C8-B9AA88D07176} - System32\Tasks\Pokki => %LOCALAPPDATA%\Pokki\Engine\ServiceHostAppUpdater.exe
Task: {458639B5-0F1A-4D0C-AA9F-383669F55843} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {4C7C35C8-CECF-4E24-BFE1-430E09528B21} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {5F31AC98-81F1-41EE-8F85-FAAF08FD72CF} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {64BA251A-1CBD-4398-BD36-890810401CED} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {6CD7487C-CD0E-4864-9465-3036BF137C6A} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2015-08-13] (Acer)
Task: {73A78DA8-3264-4554-904F-D37C605ADC4B} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-06-09] ()
Task: {8E4A9BD0-FB28-4B75-8860-8C0601B07B8F} - System32\Tasks\Hotkey Utility => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [2014-03-03] (Acer Incorporated)
Task: {9382CFEE-471D-4903-9908-4010D720FBD9} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {9418731B-C6B6-41E4-92DF-A3BF0D5B91D9} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {98AEE1F6-9056-4231-8B3F-AFBF60B8CC7E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {98D19C7D-C95E-474D-9A49-F7E5523376DE} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2014-08-29] ()
Task: {A27C1172-140E-44C9-8BD9-F098A5ACE696} - System32\Tasks\SmartShare => E:\Programme\LG Smart Share\SmartShareStart.exe [2014-12-05] (LG Electronics Inc.)
Task: {A3B6D1A9-AF16-4401-AF99-41AC48AC7731} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2014-08-29] ()
Task: {A8B4BE7B-63A5-482A-A966-29375BBB3432} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {AE71DA51-A7F0-4B62-BE7E-9487005C2D69} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {B2DEB423-E25E-46D2-AD58-403D818EE1F7} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {B8F440A5-0B7B-4B73-8681-91024C17CADD} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {B90E8A9E-FB75-4849-9F7D-7A3DC0BB57BC} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {BF887431-0F08-43FA-B041-B0C36B7FB9B2} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2015-07-23] (Acer Incorporated)
Task: {C50D80D8-DF6A-4EF2-A141-02E844A2586E} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-13] (TODO: <Company name>)
Task: {C632F99A-13C6-40DB-BC0D-65ECA5CA518A} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-26] (Microsoft Corporation)
Task: {CFB311B6-542F-4867-9A98-B4A89E3F47A0} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {EF0EA01E-E9C1-44B8-A0F5-0608750E5D47} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-06-09] ()

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-09-24 22:03 - 2015-09-24 22:03 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-09-15 14:25 - 2015-09-15 14:25 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-07-29 13:48 - 2015-07-29 13:48 - 00088064 _____ () C:\Program Files\Intel Corporation\Intel(R) Technology Access\libglog.dll
2015-07-31 09:55 - 2015-07-31 09:55 - 01793280 _____ () C:\Program Files\Intel Corporation\Intel(R) Technology Access\cpprest120_1_4.dll
2015-07-31 09:55 - 2015-07-31 09:55 - 00354560 _____ () C:\Program Files\Intel Corporation\Intel(R) Technology Access\JsonCpp.dll
2014-09-23 13:01 - 2012-04-24 12:43 - 00254512 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2015-09-24 21:06 - 2015-07-23 03:10 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-10-03 01:22 - 2015-09-17 08:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-03 01:22 - 2015-09-17 08:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-10-03 01:22 - 2015-09-17 07:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-07-10 12:59 - 2015-07-10 12:59 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
2015-10-03 01:22 - 2015-09-17 07:44 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-10-03 01:22 - 2015-09-17 07:42 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-10-03 01:22 - 2015-09-17 07:42 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-03 01:22 - 2015-09-17 07:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 13:00 - 2015-07-10 18:45 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2014-09-23 12:52 - 2012-11-01 11:21 - 00325120 _____ () C:\Windows\SYSTEM32\APOMgr64.DLL
2015-07-08 23:18 - 2015-07-08 23:18 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\kpcengine.2.3.dll
2015-03-16 20:30 - 2013-09-16 06:19 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-07-27 19:41 - 2015-07-23 10:18 - 00062304 _____ () C:\Program Files (x86)\Acer\AOP Framework\acer\inteldll.dll
2015-05-05 00:25 - 2015-05-01 18:52 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-04-28 22:15 - 2015-04-28 22:15 - 00569856 _____ () C:\Users\Rene\AppData\Local\Pokki\Engine\ppGoogleNaClPluginChrome.dll
2015-04-28 22:15 - 2015-04-28 22:15 - 01400846 _____ () C:\Users\Rene\AppData\Local\Pokki\Engine\avcodec-54.dll
2015-04-28 22:15 - 2015-04-28 22:15 - 00151054 _____ () C:\Users\Rene\AppData\Local\Pokki\Engine\avutil-51.dll
2015-04-28 22:15 - 2015-04-28 22:15 - 00222734 _____ () C:\Users\Rene\AppData\Local\Pokki\Engine\avformat-54.dll
2015-08-05 19:48 - 2015-08-05 19:48 - 00201568 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll
2015-08-05 19:48 - 2015-08-05 19:48 - 00653112 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll
2015-08-05 19:48 - 2015-08-05 19:48 - 00640352 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll
2015-08-05 19:48 - 2015-08-05 19:48 - 00118112 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll
2015-09-24 21:07 - 2015-09-24 21:07 - 00014176 _____ () C:\WINDOWS\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2015-07-23 16:08 - 2015-07-23 16:08 - 00012128 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
2015-07-23 15:56 - 2015-07-23 15:56 - 00277856 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\Rene\OneDrive:ms-properties

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3483221009-4124455393-22982181-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\Run32: => "abDocsDllLoader"
HKU\S-1-5-21-3483221009-4124455393-22982181-1001\...\StartupApproved\Run: => "Skype"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{F90368BE-CB02-4323-AD2F-F4418D419DE9}] => (Allow) E:\Programme\iTunes\iTunes.exe
FirewallRules: [{736DB098-BE70-4380-B1FA-B572A204C5A5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8F802FF4-3C10-4F30-B220-D93051D2E963}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{10F0C17A-C5A4-422A-B4C9-86B9E5F8B578}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{4F799089-6BDC-4300-98CE-4CCD6771DC9F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D2703BF9-EA5D-4B35-8903-B4800B7054E5}] => (Allow) E:\Programme\LG Smart Share\DMR\SmartShareDMR.exe
FirewallRules: [{2CB71738-000F-4B0D-BEF1-F4EBB88E112F}] => (Allow) E:\Programme\LG Smart Share\DMR\SmartShareDMR.exe
FirewallRules: [{9867C4B3-797D-41C7-9863-D2D5D95282C5}] => (Allow) E:\Programme\LG Smart Share\DMS\SmartShareDMS.exe
FirewallRules: [{886DFA8F-7B15-4F4E-AF1C-327905CBF1DA}] => (Allow) E:\Programme\LG Smart Share\DMS\SmartShareDMS.exe
FirewallRules: [{ECF304C3-8E71-41E2-B85F-EC33B8ADE0ED}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{2227580A-91EE-405A-9B45-1C8458083EB2}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{D0CD84C6-AA72-4BF4-ADB9-BA29CA2516ED}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{2D1FEE54-98B2-4654-8EC1-F22AA0D50506}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{8338904E-5C46-4FDB-856C-074227C184E6}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{DC724F7D-EABF-4A27-B7D3-55505FC36444}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{197CC5AB-D221-44E6-9885-6EBFC49B3454}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{F3DAA5BA-6E93-4994-9DB2-EAEB2D983EB9}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{12455FDF-70F7-4B08-8DB8-D75C5F7560C1}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{E9237538-89E1-4B72-A047-96E947A51188}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{4BEF7AE8-B707-4788-90B7-71143BD15A41}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{325C9A71-DEC9-41FF-A8FE-5BA24163BC7A}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{5984A0C8-ABCB-41EA-92F1-7BC67489D1B2}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{B520F986-2880-4064-B466-D46D8CB13F58}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{2C629BBF-1EC3-4EC8-BD67-DC2315ED38EC}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{7EEA1EC8-76EA-494E-B73B-5758FACD4592}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{910DCD33-F513-4008-9E10-226FDCC4F69D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{BE6E954D-9CDD-49ED-9070-D3CC666FC051}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{83D3326D-C838-43E4-A84D-A04632107680}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{D54B3D0D-904E-40C4-AD89-4B9B222DA5AF}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{6FB991EB-7C5A-4102-B5CB-6DDF0AE3C15C}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{CE690039-17F3-4489-A7F4-AB0C457FABBC}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{9BC3603F-6390-4A95-B8D8-8AB31FEA160B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{A7BB288C-2E6F-41C4-BBA8-63FAEC3DDE2F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{54511322-751D-4E78-B26C-30D8B2515641}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{C0942DDB-59E7-45BB-BFF2-48B8EFD237D0}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{D1FFF30E-91D9-43BA-AF57-70187EFCDEBD}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{2E49E7BD-04DB-4825-888F-6EC344FE3E65}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{CF003CF6-0C04-43F0-AE6E-B264006D463F}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{5D625CDF-8858-4BA5-B79C-2E255624105A}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{750EE541-E13E-43D0-8C85-7DC38BF1D595}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{241C6AC1-2403-4D17-874A-9FA8F9E3643E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{9E5C5F18-3451-4BCB-A6A4-09AAD9F20916}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{A3C70069-4618-44C2-A5C0-64506CC0BE99}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{4AB4738F-766D-4294-972D-0E5A55F58060}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{DB881D8A-0FE3-43FC-9A9E-EFDBC9DB17F7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C6C2374D-4D0B-41AA-A9E0-414DA6E82859}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{132FC01D-3650-4AAE-86E3-22E512085E19}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{16920FA0-7FB5-4B80-8C26-B25DAE90A22F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{D6FC574F-4EA2-4C75-95FD-250A6E07B105}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{D127A2DB-D3CB-4447-AF2E-DBF39A7D02A9}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{F0498691-2BEE-4833-82C5-4EB0B85292AA}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{C3661DB2-8801-45D6-9325-49273DC1E633}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{2EAC67B0-687D-43CB-99A3-FDD369FBC6BD}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{CCFD79DE-47F5-4682-8D0E-FB3CF63100F6}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{656C35D2-CFB2-48B6-924F-A235CF96B019}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{1E884C74-EA44-4885-BCEF-0DE7F4DC4CA9}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{ECF4B352-DCA3-41C6-8423-0E30D9F998E5}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{C4308859-018D-42D7-8000-F387C08770AB}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{2E208D87-FB41-4897-8A48-1A6E9B438679}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{39966988-7001-45AF-8E33-2ED807F8AC3B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{B4E2D9CA-E8B1-4AAA-BA4F-25A48CFBA166}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{63DD3336-B374-40F9-9682-2A7C7895393B}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{4B8B4A5F-1B97-4332-B5AB-807A01F3C5FA}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{20A6961A-5721-47CF-AFA8-1098F2477EAD}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{947BEB61-C6C2-4B95-A4D1-AE72C208EEB9}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{0D8EA478-3AF4-4856-97C3-CDCBAA179CC3}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{E60C76A9-E36E-4F9A-AB28-925BE488CF32}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{E267A121-0145-467A-BFD8-C35164FD46BE}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{E513B9A4-BC7C-45EB-8791-FFE1A7E15A81}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{70FD7754-EC2C-4F54-A465-033CAE377707}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{ED9530D5-5835-49AC-9A0C-3AACC22F61C5}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{94C74F15-06AA-4A1E-89C0-7CF32A3F4102}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{599AB71F-9CF6-4CAA-ADAA-22543853FA1A}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{DBE195D7-0997-4E53-AFF7-EC75A704E89A}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{7B287E5C-E662-4B6C-A1C5-D07B72ABA6F1}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [UDP Query User{7869E808-030A-44EF-B212-82F581C90ED6}E:\programme\firefox.exe] => (Allow) E:\programme\firefox.exe
FirewallRules: [TCP Query User{4A3D9BFB-33EE-4FB9-AC65-FA12183356C7}E:\programme\firefox.exe] => (Allow) E:\programme\firefox.exe
FirewallRules: [{6301D8CA-AD97-40D8-86A0-E82D0859C880}] => (Allow) E:\Programme\firefox.exe
FirewallRules: [{90D32F76-8E7D-47B2-BBB4-FF1EECFE0443}] => (Allow) E:\Programme\firefox.exe
FirewallRules: [{54F4536F-0A91-4EF8-AFE3-750585F56673}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{B7E67EF1-16A7-4DAC-BD72-6EE2B472D02A}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{054A3A06-BEC0-4661-9091-48C60152858C}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{7592975C-1443-4FFC-BE45-D32106980FCE}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{0B7F6598-87BA-4CB6-96B4-F023933D56E9}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{BA926D38-C11E-4596-977A-7BC6137C540B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{CE5C1586-765B-4197-86D0-3B39BC4DAC71}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{74528625-DB9A-4A4E-8D53-C8DD9431C608}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{B064D944-5061-4D19-8AE4-AD8C43449331}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{74597F0F-ED10-4050-97BD-8E5B25755FC6}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{874B5011-C969-4A1E-B58D-5A0DFADE7B24}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{0100A85E-0403-4374-9D9B-8E3C41C9EC7E}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{51605AED-1368-4B1E-9F1C-48429A18373E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{F3C49741-8875-4BBF-A873-930E26C3DF77}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{285AFC0E-C616-4016-AA85-C362A25C34E0}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{F3ECE192-B8C1-4E37-9470-EB234004F459}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{3631755A-87D2-427A-B38D-83FA9A50A1E8}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{90DC1E39-2C8C-4C93-877E-D340E7EDADEF}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Play.exe
FirewallRules: [{DA146EA5-DE3C-4F29-8132-65E022DCCC90}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{85180A67-43C8-4623-8932-663E803F6E47}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{634718CD-5749-4AF1-B7DE-804B460D8FC2}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{71E077C4-2F69-4226-B751-73498924556E}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{93BDD5FA-8B22-4251-8A93-88DA77DD2FD8}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{AE7828DF-AED0-4090-AB44-F53B1A64CBB4}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{A0FDDF5F-03A0-486C-B88C-A04B1F0061B7}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{282EBB5E-9013-4BEE-9F66-6340AEE6C741}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{4B44B810-CF2D-4A0F-9C51-116F487C6CEC}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{E7720ED8-BDC7-4CDA-9AE7-1D33982CD337}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (10/05/2015 06:46:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: jucheck.exe, Version: 2.8.60.27, Zeitstempel: 0x55c116b1
Name des fehlerhaften Moduls: jucheck.exe, Version: 2.8.60.27, Zeitstempel: 0x55c116b1
Ausnahmecode: 0x40000015
Fehleroffset: 0x00052d24
ID des fehlerhaften Prozesses: 0xdf8
Startzeit der fehlerhaften Anwendung: 0xjucheck.exe0
Pfad der fehlerhaften Anwendung: jucheck.exe1
Pfad des fehlerhaften Moduls: jucheck.exe2
Berichtskennung: jucheck.exe3
Vollständiger Name des fehlerhaften Pakets: jucheck.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: jucheck.exe5

Error: (10/05/2015 03:10:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1141

Error: (10/05/2015 03:10:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1141

Error: (10/05/2015 03:10:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/05/2015 03:10:00 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Rene-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (10/05/2015 01:27:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 25139468

Error: (10/05/2015 01:27:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 25139468

Error: (10/05/2015 01:27:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/03/2015 06:34:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1172

Error: (10/03/2015 06:34:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1172


Systemfehler:
=============
Error: (10/05/2015 06:43:59 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}

Error: (10/05/2015 03:10:00 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session2" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (10/05/2015 03:10:00 PM) (Source: DCOM) (EventID: 10010) (User: Rene-PC)
Description: CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca

Error: (10/05/2015 01:30:33 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}

Error: (10/05/2015 06:28:29 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (10/05/2015 06:23:39 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}

Error: (10/05/2015 06:22:16 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (10/05/2015 06:22:15 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (10/05/2015 06:22:15 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (10/05/2015 06:22:14 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz
Prozentuale Nutzung des RAM: 46%
Installierter physikalischer RAM: 8111.59 MB
Verfügbarer physikalischer RAM: 4357.28 MB
Summe virtueller Speicher: 9391.59 MB
Verfügbarer virtueller Speicher: 5714.58 MB

==================== Laufwerke ================================

Drive c: (Acer) (Fixed) (Total:54.65 GB) (Free:10.3 GB) NTFS
Drive e: (DATA) (Fixed) (Total:2778.52 GB) (Free:2632.92 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 55.9 GB) (Disk ID: BB60ECE9)

Partition: GPT.

========================================================
Disk: 1 (Size: 2794.5 GB) (Disk ID: BB60ECFC)

Partition: GPT.

==================== Ende von Addition.txt ============================

Gmer geladen und ausgeführt, bekomme aber folgende Fehlermeldung

Code:

ATTFilter

C:\WINDOWS\system32\config\sytem: Der Prozesskann nicht auf die Datei zugreifen, da sie von einem anderen Prozessverwendet wird.

das ganze kann ich mit OK bestätigen, wenn ich dann den Scan beginne dauert es ca 5-8 Sekunden bis der Scan stehenbleibt und der Rechner neu bootet.

Ich bin durch die Aussage das mein Rechner infiziert sein soll relativ geschockt. Der Rechner wird eigentlich nur von mir, meiner Frau und meinem Sohn genutzt. Vielen Dank im Vorraus für die eventuelle Hilfe.

deeprybka · 05.10.2015, 19:27

Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...

Bitte arbeite alle Schritte der Reihe nach ab.
Lese die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
Führe bitte nur Scans durch, zu denen Du von mir aufgefordert wurdest.
Bitte kein Crossposting (posten in mehreren Foren).
Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
Speichere alle unsere Tools auf dem Desktop ab. Link: So ladet Ihr unsere Tools richtig
Poste die Logfiles direkt in Deinen Thread in Code-Tags.
Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 24 Stunden nichts von mir liest, dann schreibe mir bitte eine PM.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden.
Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert.
Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean bekommst.

Los geht's:

Bitte FRST-Scan wiederholen.

Schritt 1

Bitte starte FRST erneut, markiere auch die checkbox

und drücke auf Untersuchen.
Bitte poste mir den Inhalt der beiden Logs die erstellt werden.

Gromsh · 05.10.2015, 19:38

beide Logs leider zu groß für einen Beitrag daher 2

FRST Log

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:04-10-2015
durchgeführt von Rene (Administrator) auf RENE-PC (05-10-2015 20:32:36)
Gestartet von C:\Users\Rene\Downloads
Geladene Profile: Rene (Verfügbare Profile: Rene & Administrator)
Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel(R) Corporation) C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe
(Intel(R) Corporation) C:\Program Files\Intel Corporation\Intel(R) Technology Access\LegacyCsLoaderService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Pokki) C:\Users\Rene\AppData\Local\Pokki\Engine\ServiceHostAppUpdater.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Pokki) C:\Users\Rene\AppData\Local\Pokki\Engine\ServiceHostApp.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Apple Inc.) E:\Programme\iTunes\iTunesHelper.exe
(Pokki) C:\Users\Rene\AppData\Local\Pokki\Engine\ServiceHostApp.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Mozilla Corporation) E:\Programme\firefox.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Pokki) C:\Users\Rene\AppData\Local\Pokki\Engine\ServiceStartMenuIndexer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(LG Electronics Inc.) E:\Programme\LG Smart Share\Update\SmartShareTray.exe
(LG Electronics Inc.) E:\Programme\LG Smart Share\DMS\SmartShareDMS.exe
(LG Electronics Inc.) E:\Programme\LG Smart Share\DMC\Aggregation.exe
() E:\Programme\LG Smart Share\DMR\SmartShareDMR.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [MBCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2685072 2015-05-01] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iTunesHelper] => E:\Programme\iTunes\iTunesHelper.exe [170256 2015-09-15] (Apple Inc.)
HKLM-x32\...\Run: [Sound Blaster Cinema] => C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe [711680 2012-11-29] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-09-16] (Intel Corporation)
HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [91488 2015-07-27] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
HKU\S-1-5-21-3483221009-4124455393-22982181-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53288576 2015-06-16] (Skype Technologies S.A.)
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-08-13] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-08-13] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-08-13] (Acer Incorporated)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{36fd046a-0ee2-4cc2-b9f0-212aec200a3f}: [DhcpNameServer] 172.19.0.1
Tcpip\..\Interfaces\{8d573282-66f8-48a6-8b47-7c775ca2bba9}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKU\S-1-5-21-3483221009-4124455393-22982181-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage-web.com/?s=acer&m=start
HKU\S-1-5-21-3483221009-4124455393-22982181-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3483221009-4124455393-22982181-1001 -> DefaultScope {3E118B1E-CB9A-11E4-825E-3010B342DFA8} URL = hxxp://search.homepage-web.com/?src=omnibox&partner=acer&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3483221009-4124455393-22982181-1001 -> {3E118B1E-CB9A-11E4-825E-3010B342DFA8} URL = hxxp://search.homepage-web.com/?src=omnibox&partner=acer&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3483221009-4124455393-22982181-1001 -> {45860880-CFF5-483C-92E8-7E3D5B12C295} URL = 
SearchScopes: HKU\S-1-5-21-3483221009-4124455393-22982181-1001 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-07-08] (AO Kaspersky Lab)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-08-29] (Oracle Corporation)
BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-07-08] (AO Kaspersky Lab)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-29] (Oracle Corporation)
Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-07-08] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-07-08] (AO Kaspersky Lab)

FireFox:
========
FF ProfilePath: C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\mer8p3sr.default
FF NewTab: hxxp://homepage-web.com/?s=acer&m=tab
FF DefaultSearchEngine: Web Search
FF SelectedSearchEngine: Web Search
FF Homepage: hxxps://www.google.de/?gws_rd=ssl
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-29] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-29] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-29] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-05] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-05] (NVIDIA Corporation)
FF user.js: detected! => C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\mer8p3sr.default\user.js [2015-03-16]
FF SearchPlugin: C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\mer8p3sr.default\searchplugins\Web Search.xml [2015-03-16]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox
FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox [2015-09-24]
StartMenuInternet: FIREFOX.EXE - E:\Programme\firefox.exe

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - https://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - https://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-09-02] (Apple Inc.)
R2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [194000 2015-09-24] (Kaspersky Lab ZAO)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2858336 2015-07-23] (Acer Incorporated)
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2014-09-23] (Creative Labs) [Datei ist nicht signiert]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2014-09-23] (Creative Labs) [Datei ist nicht signiert]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-01] (NVIDIA Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
S3 Intel(R) TA SAM; C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [18064 2015-04-18] ()
R2 Intel(R) Technology Access Legacy CS Loader; C:\Program Files\Intel Corporation\Intel(R) Technology Access\LegacyCsLoaderService.exe [144128 2015-07-31] (Intel(R) Corporation)
R2 Intel(R) TechnologyAccessService; C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe [481536 2015-07-31] (Intel(R) Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-06-09] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1884304 2015-05-01] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22997648 2015-05-01] (NVIDIA Corporation)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [234240 2014-07-15] (acer)
S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe [144640 2015-07-09] (AO Kaspersky Lab)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 athr; C:\Windows\System32\drivers\athwbx.sys [3881472 2013-12-12] (Qualcomm Atheros Communications, Inc.)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [237568 2015-07-10] (Microsoft Corporation)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d64x64.sys [469264 2013-06-26] (Intel Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70512 2015-06-27] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [68280 2015-06-06] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [30328 2015-06-24] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [171192 2015-06-30] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [227000 2015-07-04] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [937656 2015-06-30] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [39608 2015-06-11] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [41656 2015-06-06] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41352 2015-09-26] (AO Kaspersky Lab)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [78008 2015-06-26] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [102584 2015-06-16] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-03-18] (McAfee, Inc.)
R1 ndisrd; C:\Windows\system32\DRIVERS\ndisrfl.sys [50448 2015-07-28] (Intel Corporation)
S3 NetTap630; C:\Windows\system32\DRIVERS\nettap630.sys [76560 2015-07-29] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-01] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2015-02-05] (NVIDIA Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
U3 kwldrpow; C:\Users\Rene\AppData\Local\Temp\kwldrpow.sys [56496 2015-10-05] (GMER) [Datei ist nicht signiert]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-10-05 20:32 - 2015-10-05 20:32 - 00019715 _____ C:\Users\Rene\Downloads\FRST.txt
2015-10-05 20:01 - 2015-10-05 20:01 - 00348368 _____ C:\WINDOWS\Minidump\100515-13000-01.dmp
2015-10-05 20:01 - 2015-10-05 20:01 - 00016148 _____ C:\WINDOWS\system32\RENE-PC_Rene_HistoryPrediction.bin
2015-10-05 19:58 - 2015-10-05 19:58 - 00347120 _____ C:\WINDOWS\Minidump\100515-12750-01.dmp
2015-10-05 19:56 - 2015-10-05 20:01 - 00000000 ____D C:\WINDOWS\Minidump
2015-10-05 19:47 - 2015-10-05 19:47 - 00040912 _____ C:\Users\Rene\Desktop\Addition.txt
2015-10-05 19:47 - 2015-10-05 19:47 - 00000104 _____ C:\Users\Rene\Desktop\FRST.txt
2015-10-05 19:46 - 2015-10-05 20:32 - 00000000 ____D C:\FRST
2015-10-05 19:44 - 2015-10-05 19:44 - 00000470 _____ C:\Users\Rene\Desktop\defogger_disable.log
2015-10-05 19:44 - 2015-10-05 19:44 - 00000000 _____ C:\Users\Rene\defogger_reenable
2015-10-05 19:41 - 2015-10-05 19:54 - 00380416 _____ C:\Users\Rene\Downloads\jfz3qjly.exe
2015-10-05 19:41 - 2015-10-05 19:46 - 02193920 _____ (Farbar) C:\Users\Rene\Downloads\FRST64.exe
2015-10-05 19:39 - 2015-10-05 19:44 - 00050477 _____ C:\Users\Rene\Downloads\Defogger.exe
2015-10-05 19:37 - 2015-10-05 19:37 - 00002404 _____ C:\Users\Rene\Desktop\kaspersky.txt
2015-10-03 15:57 - 2015-10-03 15:57 - 00000400 _____ C:\WINDOWS\ODBC.INI
2015-10-03 15:57 - 2015-10-03 15:57 - 00000000 ____D C:\WINDOWS\PCHEALTH
2015-10-03 15:57 - 2015-10-03 15:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-10-03 01:22 - 2015-09-25 02:35 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2015-10-03 01:22 - 2015-09-25 02:34 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-10-03 01:22 - 2015-09-25 02:13 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-10-03 01:22 - 2015-09-25 01:34 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2015-10-03 01:22 - 2015-09-25 01:34 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2015-10-03 01:22 - 2015-09-25 01:24 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2015-10-03 01:22 - 2015-09-25 01:24 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-10-03 01:22 - 2015-09-25 01:23 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-10-03 01:22 - 2015-09-25 01:17 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-10-03 01:22 - 2015-09-25 01:08 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-10-03 01:22 - 2015-09-25 01:07 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-10-03 01:22 - 2015-09-25 01:06 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-10-03 01:22 - 2015-09-25 01:05 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-10-03 01:22 - 2015-09-25 01:01 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-10-03 01:22 - 2015-09-25 01:01 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2015-10-03 01:22 - 2015-09-25 01:00 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-10-03 01:22 - 2015-09-25 01:00 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2015-10-03 01:22 - 2015-09-25 01:00 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2015-10-03 01:22 - 2015-09-25 01:00 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2015-10-03 01:22 - 2015-09-25 00:53 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-10-03 01:22 - 2015-09-25 00:43 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2015-10-03 01:22 - 2015-09-25 00:43 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2015-10-03 01:22 - 2015-09-25 00:42 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-10-03 01:22 - 2015-09-25 00:25 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-10-03 01:22 - 2015-09-25 00:25 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-10-03 01:22 - 2015-09-25 00:25 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2015-10-03 01:22 - 2015-09-25 00:25 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2015-10-03 01:22 - 2015-09-25 00:25 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2015-10-03 01:22 - 2015-09-25 00:24 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2015-10-03 01:22 - 2015-09-25 00:19 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-10-03 01:22 - 2015-09-19 07:14 - 00102304 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2015-10-03 01:22 - 2015-09-17 08:50 - 02464216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-10-03 01:22 - 2015-09-17 08:50 - 01563392 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2015-10-03 01:22 - 2015-09-17 08:50 - 00099664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2015-10-03 01:22 - 2015-09-17 08:50 - 00088384 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2015-10-03 01:22 - 2015-09-17 08:49 - 08020816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-10-03 01:22 - 2015-09-17 08:49 - 06487248 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2015-10-03 01:22 - 2015-09-17 08:49 - 01563472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2015-10-03 01:22 - 2015-09-17 08:49 - 00894256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys
2015-10-03 01:22 - 2015-09-17 08:49 - 00553808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2015-10-03 01:22 - 2015-09-17 08:49 - 00501008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-10-03 01:22 - 2015-09-17 08:48 - 02824248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2015-10-03 01:22 - 2015-09-17 08:48 - 02494712 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-03 01:22 - 2015-09-17 08:48 - 02432336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-10-03 01:22 - 2015-09-17 08:48 - 02156400 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2015-10-03 01:22 - 2015-09-17 08:48 - 01983824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-10-03 01:22 - 2015-09-17 08:48 - 00809352 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2015-10-03 01:22 - 2015-09-17 08:48 - 00784136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2015-10-03 01:22 - 2015-09-17 08:48 - 00584656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-10-03 01:22 - 2015-09-17 08:48 - 00555768 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2015-10-03 01:22 - 2015-09-17 08:48 - 00537080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2015-10-03 01:22 - 2015-09-17 08:48 - 00516448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-10-03 01:22 - 2015-09-17 08:48 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2015-10-03 01:22 - 2015-09-17 08:48 - 00476760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2015-10-03 01:22 - 2015-09-17 08:48 - 00406864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-10-03 01:22 - 2015-09-17 08:48 - 00395088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2015-10-03 01:22 - 2015-09-17 08:48 - 00332624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2015-10-03 01:22 - 2015-09-17 08:48 - 00278352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-10-03 01:22 - 2015-09-17 08:48 - 00243760 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-10-03 01:22 - 2015-09-17 08:47 - 01397088 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-10-03 01:22 - 2015-09-17 08:44 - 00781976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2015-10-03 01:22 - 2015-09-17 08:43 - 00966416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-10-03 01:22 - 2015-09-17 08:39 - 00081488 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-10-03 01:22 - 2015-09-17 08:37 - 01295712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2015-10-03 01:22 - 2015-09-17 08:37 - 01168736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-10-03 01:22 - 2015-09-17 08:28 - 05120056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2015-10-03 01:22 - 2015-09-17 08:28 - 02154808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-10-03 01:22 - 2015-09-17 08:28 - 01357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2015-10-03 01:22 - 2015-09-17 08:28 - 00441168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2015-10-03 01:22 - 2015-09-17 08:28 - 00407608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-10-03 01:22 - 2015-09-17 08:28 - 00074880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2015-10-03 01:22 - 2015-09-17 08:27 - 01766952 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-10-03 01:22 - 2015-09-17 08:27 - 00454512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2015-10-03 01:22 - 2015-09-17 08:26 - 02446648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2015-10-03 01:22 - 2015-09-17 08:26 - 01895568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2015-10-03 01:22 - 2015-09-17 08:26 - 00646672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2015-10-03 01:22 - 2015-09-17 08:26 - 00508248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2015-10-03 01:22 - 2015-09-17 08:26 - 00434376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2015-10-03 01:22 - 2015-09-17 08:26 - 00428128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2015-10-03 01:22 - 2015-09-17 08:25 - 00962400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-10-03 01:22 - 2015-09-17 08:21 - 00658528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2015-10-03 01:22 - 2015-09-17 08:20 - 00764416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-10-03 01:22 - 2015-09-17 08:12 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-10-03 01:22 - 2015-09-17 08:11 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2015-10-03 01:22 - 2015-09-17 08:10 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2015-10-03 01:22 - 2015-09-17 08:09 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-10-03 01:22 - 2015-09-17 08:09 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2015-10-03 01:22 - 2015-09-17 08:08 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-10-03 01:22 - 2015-09-17 08:08 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Speech.Pal.dll
2015-10-03 01:22 - 2015-09-17 08:08 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2015-10-03 01:22 - 2015-09-17 08:07 - 21875712 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-10-03 01:22 - 2015-09-17 08:06 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2015-10-03 01:22 - 2015-09-17 08:06 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-10-03 01:22 - 2015-09-17 08:06 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-10-03 01:22 - 2015-09-17 08:05 - 02226688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-10-03 01:22 - 2015-09-17 08:05 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2015-10-03 01:22 - 2015-09-17 08:04 - 07569408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-10-03 01:22 - 2015-09-17 08:04 - 00910848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2015-10-03 01:22 - 2015-09-17 08:04 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2015-10-03 01:22 - 2015-09-17 08:03 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2015-10-03 01:22 - 2015-09-17 08:03 - 00154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2015-10-03 01:22 - 2015-09-17 08:03 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2015-10-03 01:22 - 2015-09-17 08:03 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2015-10-03 01:22 - 2015-09-17 08:02 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2015-10-03 01:22 - 2015-09-17 08:02 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2015-10-03 01:22 - 2015-09-17 08:00 - 24595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-10-03 01:22 - 2015-09-17 08:00 - 03248640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-10-03 01:22 - 2015-09-17 08:00 - 02417664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-10-03 01:22 - 2015-09-17 08:00 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-10-03 01:22 - 2015-09-17 08:00 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KeywordDetectorMsftSidAdapter.dll
2015-10-03 01:22 - 2015-09-17 07:58 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2015-10-03 01:22 - 2015-09-17 07:57 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2015-10-03 01:22 - 2015-09-17 07:57 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2015-10-03 01:22 - 2015-09-17 07:57 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2015-10-03 01:22 - 2015-09-17 07:57 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2015-10-03 01:22 - 2015-09-17 07:56 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-10-03 01:22 - 2015-09-17 07:56 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2015-10-03 01:22 - 2015-09-17 07:55 - 02236416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-10-03 01:22 - 2015-09-17 07:55 - 01601536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-10-03 01:22 - 2015-09-17 07:55 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFx02000.dll
2015-10-03 01:22 - 2015-09-17 07:55 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2015-10-03 01:22 - 2015-09-17 07:55 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2015-10-03 01:22 - 2015-09-17 07:55 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2015-10-03 01:22 - 2015-09-17 07:55 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2015-10-03 01:22 - 2015-09-17 07:55 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2015-10-03 01:22 - 2015-09-17 07:55 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
2015-10-03 01:22 - 2015-09-17 07:54 - 03781120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-10-03 01:22 - 2015-09-17 07:54 - 00780288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-10-03 01:22 - 2015-09-17 07:53 - 07055872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-10-03 01:22 - 2015-09-17 07:52 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2015-10-03 01:22 - 2015-09-17 07:52 - 01216512 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcenter.dll
2015-10-03 01:22 - 2015-09-17 07:52 - 01181696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-10-03 01:22 - 2015-09-17 07:52 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2015-10-03 01:22 - 2015-09-17 07:52 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-10-03 01:22 - 2015-09-17 07:52 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-10-03 01:22 - 2015-09-17 07:52 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2015-10-03 01:22 - 2015-09-17 07:52 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-10-03 01:22 - 2015-09-17 07:52 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-10-03 01:22 - 2015-09-17 07:52 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2015-10-03 01:22 - 2015-09-17 07:51 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-10-03 01:22 - 2015-09-17 07:51 - 02660864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-10-03 01:22 - 2015-09-17 07:51 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2015-10-03 01:22 - 2015-09-17 07:51 - 01203712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2015-10-03 01:22 - 2015-09-17 07:51 - 01067520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-10-03 01:22 - 2015-09-17 07:51 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-10-03 01:22 - 2015-09-17 07:51 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2015-10-03 01:22 - 2015-09-17 07:50 - 00929280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2015-10-03 01:22 - 2015-09-17 07:50 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-10-03 01:22 - 2015-09-17 07:50 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2015-10-03 01:22 - 2015-09-17 07:50 - 00312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2015-10-03 01:22 - 2015-09-17 07:50 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeWiFi.dll
2015-10-03 01:22 - 2015-09-17 07:50 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\buttonconverter.sys
2015-10-03 01:22 - 2015-09-17 07:49 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-10-03 01:22 - 2015-09-17 07:49 - 01290240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-10-03 01:22 - 2015-09-17 07:49 - 01010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-10-03 01:22 - 2015-09-17 07:49 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-10-03 01:22 - 2015-09-17 07:49 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWebproxy.dll
2015-10-03 01:22 - 2015-09-17 07:49 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationGeofences.dll
2015-10-03 01:22 - 2015-09-17 07:49 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2015-10-03 01:22 - 2015-09-17 07:49 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationCrowdsource.dll
2015-10-03 01:22 - 2015-09-17 07:49 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeIP.dll
2015-10-03 01:22 - 2015-09-17 07:49 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWiFiAdapter.dll
2015-10-03 01:22 - 2015-09-17 07:49 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Speech.Pal.dll
2015-10-03 01:22 - 2015-09-17 07:48 - 02093056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2015-10-03 01:22 - 2015-09-17 07:48 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2015-10-03 01:22 - 2015-09-17 07:48 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2015-10-03 01:22 - 2015-09-17 07:48 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2015-10-03 01:22 - 2015-09-17 07:48 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2015-10-03 01:22 - 2015-09-17 07:48 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2015-10-03 01:22 - 2015-09-17 07:47 - 07523328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-10-03 01:22 - 2015-09-17 07:47 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2015-10-03 01:22 - 2015-09-17 07:47 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2015-10-03 01:22 - 2015-09-17 07:47 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2015-10-03 01:22 - 2015-09-17 07:46 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2015-10-03 01:22 - 2015-09-17 07:46 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2015-10-03 01:22 - 2015-09-17 07:46 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2015-10-03 01:22 - 2015-09-17 07:46 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2015-10-03 01:22 - 2015-09-17 07:46 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2015-10-03 01:22 - 2015-09-17 07:46 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2015-10-03 01:22 - 2015-09-17 07:46 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2015-10-03 01:22 - 2015-09-17 07:45 - 19325440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-10-03 01:22 - 2015-09-17 07:45 - 04791296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-10-03 01:22 - 2015-09-17 07:45 - 01331200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-10-03 01:22 - 2015-09-17 07:45 - 00869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-10-03 01:22 - 2015-09-17 07:45 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-10-03 01:22 - 2015-09-17 07:45 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-10-03 01:22 - 2015-09-17 07:45 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2015-10-03 01:22 - 2015-09-17 07:44 - 01844736 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2015-10-03 01:22 - 2015-09-17 07:44 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2015-10-03 01:22 - 2015-09-17 07:44 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2015-10-03 01:22 - 2015-09-17 07:44 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll
2015-10-03 01:22 - 2015-09-17 07:43 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2015-10-03 01:22 - 2015-09-17 07:43 - 00378368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2015-10-03 01:22 - 2015-09-17 07:43 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-10-03 01:22 - 2015-09-17 07:43 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-10-03 01:22 - 2015-09-17 07:42 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-10-03 01:22 - 2015-09-17 07:41 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2015-10-03 01:22 - 2015-09-17 07:40 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-10-03 01:22 - 2015-09-17 07:40 - 01918464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-10-03 01:22 - 2015-09-17 07:40 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2015-10-03 01:22 - 2015-09-17 07:39 - 00587264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-10-03 01:22 - 2015-09-17 07:38 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2015-10-03 01:22 - 2015-09-17 07:37 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-10-03 01:22 - 2015-09-17 07:37 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-10-03 01:22 - 2015-09-17 07:36 - 01171456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcenter.dll
2015-10-03 01:22 - 2015-09-17 07:35 - 05079552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-10-03 01:22 - 2015-09-17 07:35 - 02207232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-10-03 01:22 - 2015-09-17 07:35 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2015-10-03 01:22 - 2015-09-17 07:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2015-10-03 01:22 - 2015-09-17 07:34 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2015-10-03 01:22 - 2015-09-17 07:33 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2015-10-03 01:22 - 2015-09-17 07:32 - 03579904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-10-03 01:22 - 2015-09-17 07:32 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2015-10-03 01:22 - 2015-09-17 07:32 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2015-10-03 01:22 - 2015-09-17 07:32 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2015-10-03 01:22 - 2015-09-17 07:31 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-10-03 01:22 - 2015-09-17 07:31 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2015-10-03 01:22 - 2015-09-17 07:30 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2015-10-03 01:22 - 2015-09-17 07:29 - 01104384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-10-03 01:22 - 2015-09-17 07:29 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2015-10-03 01:22 - 2015-09-17 07:29 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2015-10-03 01:22 - 2015-09-17 07:29 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-10-03 01:22 - 2015-09-17 07:28 - 00473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2015-10-03 01:22 - 2015-09-17 07:26 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2015-10-03 01:22 - 2015-09-17 07:16 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2015-10-03 01:22 - 2015-09-13 04:05 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-10-03 01:22 - 2015-09-13 03:41 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-10-03 01:21 - 2015-09-17 08:03 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-10-03 01:21 - 2015-09-17 07:56 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2015-10-03 01:21 - 2015-09-17 07:54 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-10-03 01:21 - 2015-09-17 07:50 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeCell.dll
2015-10-03 01:21 - 2015-09-17 07:46 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncmlhook.dll
2015-10-03 01:21 - 2015-09-17 07:39 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-09-26 18:56 - 2015-09-26 18:56 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2015-09-26 11:18 - 2015-09-26 11:18 - 00003886 _____ C:\WINDOWS\System32\Tasks\IntelTA-Upgrade-56460984-97c2-4bc7-a632-d776cf817f5d
2015-09-26 11:18 - 2015-09-26 11:18 - 00003652 _____ C:\WINDOWS\System32\Tasks\IntelTA-Upgrade-56460984-97c2-4bc7-a632-d776cf817f5d-Logon
2015-09-26 11:18 - 2015-09-26 11:18 - 00000000 ____D C:\Program Files (x86)\Intel Corporation
2015-09-25 05:47 - 2015-08-27 08:36 - 03620736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-09-25 05:47 - 2015-08-27 08:32 - 00608936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-09-25 05:47 - 2015-08-27 07:59 - 02880032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-09-25 05:47 - 2015-08-27 07:54 - 00541248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-09-25 05:47 - 2015-08-27 07:54 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-09-25 05:47 - 2015-08-27 07:51 - 02350592 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-09-25 05:47 - 2015-08-27 07:51 - 01774592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-09-25 05:47 - 2015-08-27 07:49 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-09-25 05:47 - 2015-08-27 07:47 - 12503552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-09-25 05:47 - 2015-08-27 07:43 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-09-25 05:47 - 2015-08-27 07:43 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-09-25 05:47 - 2015-08-27 07:42 - 00596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2015-09-25 05:47 - 2015-08-27 07:42 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.PicturePassword.dll
2015-09-25 05:47 - 2015-08-27 07:42 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2015-09-25 05:47 - 2015-08-27 07:39 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-09-25 05:47 - 2015-08-27 07:23 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-09-25 05:47 - 2015-08-27 07:16 - 02153472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-09-25 05:47 - 2015-08-27 07:16 - 01612288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-09-25 05:47 - 2015-08-27 07:12 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-09-25 05:47 - 2015-08-27 07:12 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-09-25 05:47 - 2015-08-27 07:11 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2015-09-25 05:47 - 2015-08-27 07:11 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2015-09-25 05:47 - 2015-08-27 07:09 - 11262464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-09-25 05:47 - 2015-08-27 07:08 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-09-25 05:47 - 2015-08-20 08:06 - 00609592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-09-25 05:47 - 2015-08-20 08:02 - 22324656 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-09-25 05:47 - 2015-08-20 07:26 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2015-09-25 05:47 - 2015-08-20 07:21 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2015-09-25 05:47 - 2015-08-20 07:16 - 20857848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-09-25 05:47 - 2015-08-18 09:55 - 00373072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2015-09-25 05:47 - 2015-08-18 09:13 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2015-09-25 05:47 - 2015-08-18 09:13 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2015-09-25 05:47 - 2015-08-18 09:04 - 01234944 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2015-09-25 05:47 - 2015-08-18 08:59 - 01294336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll
2015-09-25 05:47 - 2015-08-18 08:59 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll
2015-09-25 05:47 - 2015-08-18 08:58 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2015-09-25 05:47 - 2015-08-18 08:58 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWCN.dll
2015-09-25 05:47 - 2015-08-18 08:58 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWCN.dll
2015-09-25 05:47 - 2015-08-18 08:58 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnNetsh.dll
2015-09-25 05:47 - 2015-08-18 08:57 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2015-09-25 05:47 - 2015-08-18 08:56 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2015-09-25 05:47 - 2015-08-18 08:54 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2015-09-25 05:47 - 2015-08-18 08:54 - 00247296 _____ C:\WINDOWS\system32\facecredentialprovider.dll
2015-09-25 05:47 - 2015-08-18 08:52 - 01888768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-09-25 05:47 - 2015-08-18 08:49 - 01061888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2015-09-25 05:47 - 2015-08-18 08:49 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2015-09-25 05:47 - 2015-08-18 08:49 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2015-09-25 05:47 - 2015-08-18 08:36 - 01226752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcnwiz.dll
2015-09-25 05:47 - 2015-08-18 08:35 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WcnApi.dll
2015-09-25 05:47 - 2015-08-18 08:35 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWCN.dll
2015-09-25 05:47 - 2015-08-18 08:34 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2015-09-25 05:47 - 2015-08-18 08:29 - 01593344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-09-25 05:47 - 2015-08-18 08:26 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2015-09-25 05:47 - 2015-08-18 06:44 - 00008847 _____ C:\WINDOWS\system32\ResPriHMImageList
2015-09-25 05:37 - 2015-07-05 12:08 - 00300704 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2015-09-24 22:25 - 2015-09-24 22:25 - 00002523 _____ C:\Users\Rene\Desktop\Sicherer Zahlungsverkehr.lnk
2015-09-24 22:24 - 2015-09-24 22:24 - 00002217 _____ C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2015-09-24 22:24 - 2015-09-24 22:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2015-09-24 22:05 - 2015-09-24 21:16 - 00000000 ___DC C:\WINDOWS\Panther
2015-09-24 22:05 - 2015-09-24 21:07 - 00000000 __SHD C:\Recovery
2015-09-24 22:03 - 2015-09-24 22:03 - 14241792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 12589056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 11557888 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 09889792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 08613200 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 06878256 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 06305792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 04760576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 04611584 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 04532304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-09-24 22:03 - 2015-09-24 22:03 - 04398080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 04350464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 04169728 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 04048808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-09-24 22:03 - 2015-09-24 22:03 - 03687936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 03527168 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 03443200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 03362816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 02748416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 02606080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 02558976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 02446336 _____ C:\WINDOWS\system32\InputService.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 02415104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 02147080 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 02116448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2015-09-24 22:03 - 2015-09-24 22:03 - 02112512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 01985024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 01867160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 01823232 _____ C:\WINDOWS\SysWOW64\InputService.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 01822280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 01679360 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 01643872 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 01591856 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 01533496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 01521664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 01418240 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2015-09-24 22:03 - 2015-09-24 22:03 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 01411072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 01365072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-09-24 22:03 - 2015-09-24 22:03 - 01201664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 01200400 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 01169408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 01135312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2015-09-24 22:03 - 2015-09-24 22:03 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-09-24 22:03 - 2015-09-24 22:03 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 01101792 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 01087296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 01043968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 01043872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 01031680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
2015-09-24 22:03 - 2015-09-24 22:03 - 01025840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-09-24 22:03 - 2015-09-24 22:03 - 00993104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2015-09-24 22:03 - 2015-09-24 22:03 - 00934752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2015-09-24 22:03 - 2015-09-24 22:03 - 00918320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00902656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2015-09-24 22:03 - 2015-09-24 22:03 - 00896144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00893440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00877016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-09-24 22:03 - 2015-09-24 22:03 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00845664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00823336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00801632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2015-09-24 22:03 - 2015-09-24 22:03 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00783872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00754688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfuimanager.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00750592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00713312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2015-09-24 22:03 - 2015-09-24 22:03 - 00705520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00700256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2015-09-24 22:03 - 2015-09-24 22:03 - 00695136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2015-09-24 22:03 - 2015-09-24 22:03 - 00680448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00658568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00654848 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00642560 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00632168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00630160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00601344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-09-24 22:03 - 2015-09-24 22:03 - 00595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00594472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efscore.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00569344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00565088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2015-09-24 22:03 - 2015-09-24 22:03 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2015-09-24 22:03 - 2015-09-24 22:03 - 00542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00527952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00521568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2015-09-24 22:03 - 2015-09-24 22:03 - 00507696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00505344 _____ C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-09-24 22:03 - 2015-09-24 22:03 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00487424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00445240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00442208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2015-09-24 22:03 - 2015-09-24 22:03 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcomapi.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00425824 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00420352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2015-09-24 22:03 - 2015-09-24 22:03 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2015-09-24 22:03 - 2015-09-24 22:03 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00413184 _____ C:\WINDOWS\system32\diagtrack_win.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00404480 _____ C:\WINDOWS\system32\diagtrack_wininternal.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00373248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2015-09-24 22:03 - 2015-09-24 22:03 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2015-09-24 22:03 - 2015-09-24 22:03 - 00335248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00333168 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00325984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2015-09-24 22:03 - 2015-09-24 22:03 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00293376 _____ C:\WINDOWS\system32\TextInputFramework.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00292856 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2015-09-24 22:03 - 2015-09-24 22:03 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemcpl.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00290312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2015-09-24 22:03 - 2015-09-24 22:03 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00285632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2015-09-24 22:03 - 2015-09-24 22:03 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\systemcpl.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2015-09-24 22:03 - 2015-09-24 22:03 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00265480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenter.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_UserAccount.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00252768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00243800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2015-09-24 22:03 - 2015-09-24 22:03 - 00242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00237392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys
2015-09-24 22:03 - 2015-09-24 22:03 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2015-09-24 22:03 - 2015-09-24 22:03 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2015-09-24 22:03 - 2015-09-24 22:03 - 00208736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumsvc.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2015-09-24 22:03 - 2015-09-24 22:03 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\OmaDmAgent.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00200704 _____ C:\WINDOWS\SysWOW64\TextInputFramework.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00200528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2015-09-24 22:03 - 2015-09-24 22:03 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModelShim.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00181088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SignInOptions.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\coredpus.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00179200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumsvc.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2015-09-24 22:03 - 2015-09-24 22:03 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tunnel.sys
2015-09-24 22:03 - 2015-09-24 22:03 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabSvc.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2015-09-24 22:03 - 2015-09-24 22:03 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPermissions.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkStatus.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeParserTask.exe
2015-09-24 22:03 - 2015-09-24 22:03 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00102752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2015-09-24 22:03 - 2015-09-24 22:03 - 00097128 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00082616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcd.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00080720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2015-09-24 22:03 - 2015-09-24 22:03 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spbcd.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.ProxyStub.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2015-09-24 22:03 - 2015-09-24 22:03 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
2015-09-24 22:03 - 2015-09-24 22:03 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2015-09-24 22:03 - 2015-09-24 22:03 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\unenrollhook.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00061280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2015-09-24 22:03 - 2015-09-24 22:03 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe
2015-09-24 22:03 - 2015-09-24 22:03 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.PAL.Desktop.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2015-09-24 22:03 - 2015-09-24 22:03 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmprc.exe
2015-09-24 22:03 - 2015-09-24 22:03 - 00052264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2015-09-24 22:03 - 2015-09-24 22:03 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00046432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpiowin32.sys
2015-09-24 22:03 - 2015-09-24 22:03 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2015-09-24 22:03 - 2015-09-24 22:03 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hmkd.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tetheringclient.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\VoiceActivationManager.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VoiceActivationManager.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00032768 _____ C:\WINDOWS\system32\LicenseManagerApi.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe
2015-09-24 22:03 - 2015-09-24 22:03 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe
2015-09-24 22:03 - 2015-09-24 22:03 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00000000 ____D C:\Windows.old
2015-09-24 22:01 - 2015-09-24 22:01 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2015-09-24 22:01 - 2015-09-24 22:01 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2015-09-24 22:01 - 2015-09-24 22:01 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-09-24 22:01 - 2015-09-24 22:01 - 00000000 ____D C:\Program Files\MSBuild
2015-09-24 22:01 - 2015-09-24 22:01 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-09-24 22:01 - 2015-09-24 22:01 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-09-24 22:00 - 2015-06-17 19:10 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-09-24 22:00 - 2015-06-17 19:10 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-09-24 22:00 - 2015-06-17 19:10 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-09-24 22:00 - 2015-05-29 22:07 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-09-24 22:00 - 2015-05-29 22:07 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-09-24 22:00 - 2015-05-29 22:07 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-09-24 21:17 - 2015-09-24 21:18 - 00002355 _____ C:\Users\Rene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-09-24 21:17 - 2015-09-24 21:17 - 00000000 ____D C:\Users\Rene\AppData\Local\MicrosoftEdge
2015-09-24 21:17 - 2015-09-24 21:17 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2015-09-24 21:16 - 2015-09-24 21:18 - 00000000 ____D C:\Users\Rene\AppData\Local\Comms
2015-09-24 21:16 - 2015-09-24 21:16 - 00000020 ___SH C:\Users\Rene\ntuser.ini
2015-09-24 21:16 - 2015-09-24 21:16 - 00000000 ____D C:\Users\Rene\AppData\Local\TileDataLayer
2015-09-24 21:16 - 2015-09-24 21:16 - 00000000 ____D C:\Users\Rene\AppData\Local\Publishers
2015-09-24 21:13 - 2015-10-05 20:07 - 01790124 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-09-24 21:12 - 2015-09-24 21:12 - 00000000 _SHDL C:\Users\Default\Vorlagen
2015-09-24 21:12 - 2015-09-24 21:12 - 00000000 _SHDL C:\Users\Default\Startmenü
2015-09-24 21:12 - 2015-09-24 21:12 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2015-09-24 21:12 - 2015-09-24 21:12 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2015-09-24 21:12 - 2015-09-24 21:12 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2015-09-24 21:12 - 2015-09-24 21:12 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2015-09-24 21:12 - 2015-09-24 21:12 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2015-09-24 21:12 - 2015-09-24 21:12 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2015-09-24 21:12 - 2015-09-24 21:12 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-09-24 21:12 - 2015-09-24 21:12 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2015-09-24 21:12 - 2015-09-24 21:12 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2015-09-24 21:12 - 2015-09-24 21:12 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2015-09-24 21:12 - 2015-09-24 21:12 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2015-09-24 21:12 - 2015-09-24 21:12 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2015-09-24 21:12 - 2015-09-24 21:12 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-09-24 21:12 - 2015-09-24 21:12 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2015-09-24 21:12 - 2015-09-24 21:12 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-09-24 21:11 - 2015-09-24 21:11 - 00022960 _____ C:\WINDOWS\system32\emptyregdb.dat
2015-09-24 21:08 - 2015-09-24 21:08 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-09-24 21:08 - 2015-09-24 21:08 - 00000000 ____D C:\Users\Default\AppData\Local\Pokki
2015-09-24 21:08 - 2015-09-24 21:08 - 00000000 ____D C:\Users\Default User\AppData\Local\Pokki
2015-09-24 21:08 - 2015-07-10 12:59 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2015-09-24 21:07 - 2015-10-05 19:56 - 00000000 ____D C:\Users\Rene
2015-09-24 21:07 - 2015-09-24 22:03 - 00000000 ___RD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-24 21:07 - 2015-09-24 21:16 - 00000000 ___RD C:\Users\Rene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-24 21:07 - 2015-09-24 21:09 - 00000000 ____D C:\Users\Administrator
2015-09-24 21:07 - 2015-09-24 21:07 - 00000000 _SHDL C:\Users\Rene\Vorlagen
2015-09-24 21:07 - 2015-09-24 21:07 - 00000000 _SHDL C:\Users\Rene\Startmenü
2015-09-24 21:07 - 2015-09-24 21:07 - 00000000 _SHDL C:\Users\Rene\Netzwerkumgebung
2015-09-24 21:07 - 2015-09-24 21:07 - 00000000 _SHDL C:\Users\Rene\Lokale Einstellungen
2015-09-24 21:07 - 2015-09-24 21:07 - 00000000 _SHDL C:\Users\Rene\Eigene Dateien
2015-09-24 21:07 - 2015-09-24 21:07 - 00000000 _SHDL C:\Users\Rene\Druckumgebung
2015-09-24 21:07 - 2015-09-24 21:07 - 00000000 _SHDL C:\Users\Rene\Documents\Eigene Musik
2015-09-24 21:07 - 2015-09-24 21:07 - 00000000 _SHDL C:\Users\Rene\Documents\Eigene Bilder
2015-09-24 21:07 - 2015-09-24 21:07 - 00000000 _SHDL C:\Users\Rene\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-09-24 21:07 - 2015-09-24 21:07 - 00000000 _SHDL C:\Users\Rene\AppData\Local\Verlauf
2015-09-24 21:07 - 2015-09-24 21:07 - 00000000 _SHDL C:\Users\Rene\AppData\Local\Anwendungsdaten
2015-09-24 21:07 - 2015-09-24 21:07 - 00000000 _SHDL C:\Users\Rene\Anwendungsdaten
2015-09-24 21:07 - 2015-09-24 21:07 - 00000000 _SHDL C:\Users\Administrator\Vorlagen
2015-09-24 21:07 - 2015-09-24 21:07 - 00000000 _SHDL C:\Users\Administrator\Startmenü
2015-09-24 21:07 - 2015-09-24 21:07 - 00000000 _SHDL C:\Users\Administrator\Netzwerkumgebung
2015-09-24 21:07 - 2015-09-24 21:07 - 00000000 _SHDL C:\Users\Administrator\Lokale Einstellungen
2015-09-24 21:07 - 2015-09-24 21:07 - 00000000 _SHDL C:\Users\Administrator\Eigene Dateien
2015-09-24 21:07 - 2015-09-24 21:07 - 00000000 _SHDL C:\Users\Administrator\Druckumgebung
2015-09-24 21:07 - 2015-09-24 21:07 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Musik
2015-09-24 21:07 - 2015-09-24 21:07 - 00000000 _SHDL C:\Users\Administrator\Documents\Eigene Bilder
2015-09-24 21:07 - 2015-09-24 21:07 - 00000000 _SHDL C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-09-24 21:07 - 2015-09-24 21:07 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Verlauf
2015-09-24 21:07 - 2015-09-24 21:07 - 00000000 _SHDL C:\Users\Administrator\AppData\Local\Anwendungsdaten
2015-09-24 21:07 - 2015-09-24 21:07 - 00000000 _SHDL C:\Users\Administrator\Anwendungsdaten
2015-09-24 21:07 - 2015-09-24 21:07 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2015-09-24 21:07 - 2015-07-10 13:04 - 00000000 __RSD C:\Users\Rene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-09-24 21:07 - 2015-07-10 13:04 - 00000000 __RSD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
2015-09-24 21:07 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\Rene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-09-24 21:07 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\Rene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-09-24 21:07 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-09-24 21:07 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-09-24 21:07 - 2015-07-10 13:04 - 00000000 ____D C:\Users\Rene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-09-24 21:07 - 2015-07-10 13:04 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-09-24 21:06 - 2015-10-05 20:01 - 00000000 ____D C:\ProgramData\NVIDIA
2015-09-24 21:06 - 2015-09-24 21:08 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-09-24 21:06 - 2015-09-24 21:08 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-09-24 21:06 - 2015-09-24 21:08 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-09-24 21:06 - 2015-09-24 21:06 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2015-09-24 21:06 - 2015-09-24 21:06 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2015-09-24 21:06 - 2015-09-24 21:06 - 00000000 ____D C:\Program Files\Realtek
2015-09-24 21:06 - 2015-09-24 21:06 - 00000000 ____D C:\Program Files\Common Files\Atheros
2015-09-24 21:06 - 2015-07-23 03:10 - 06873928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-09-24 21:06 - 2015-07-23 03:10 - 03493008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-09-24 21:06 - 2015-07-23 03:10 - 02558608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-09-24 21:06 - 2015-07-23 03:10 - 00937800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-09-24 21:06 - 2015-07-23 03:10 - 00385168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-09-24 21:06 - 2015-07-23 03:10 - 00062608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-09-24 21:06 - 2015-07-22 06:29 - 05121613 _____ C:\WINDOWS\system32\nvcoproc.bin
2015-09-24 21:05 - 2015-10-05 19:56 - 00297059 ____N C:\WINDOWS\Minidump\100515-5140-01.dmp
2015-09-24 21:05 - 2015-09-24 21:09 - 00009122 _____ C:\WINDOWS\PFRO.log
2015-09-24 21:05 - 2015-09-24 21:06 - 00038496 _____ C:\WINDOWS\system32\NetSetupMig.log
2015-09-24 20:53 - 2015-09-24 21:11 - 00006602 _____ C:\WINDOWS\comsetup.log
2015-09-19 19:04 - 2015-09-19 19:04 - 00000000 ____D C:\Users\Rene\AppData\Roaming\WildTangent
2015-09-19 18:27 - 2015-09-24 21:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-09-19 18:27 - 2015-09-19 18:27 - 00001554 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-09-19 18:27 - 2015-09-19 18:27 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2015-09-19 18:27 - 2015-09-19 18:27 - 00000000 ____D C:\Program Files\iPod
2015-09-19 18:27 - 2015-09-19 18:27 - 00000000 ____D C:\Program Files\Bonjour
2015-09-19 18:27 - 2015-09-19 18:27 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-09-19 18:27 - 2015-09-19 18:27 - 00000000 ____D C:\Program Files (x86)\Bonjour
2015-09-19 18:27 - 2015-09-19 18:27 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2015-09-19 18:20 - 2015-09-19 18:32 - 00000000 ____D C:\Users\Rene\AppData\Roaming\Apple Computer
2015-09-19 18:20 - 2015-09-19 18:20 - 00000000 ____D C:\Users\Rene\AppData\Local\Apple Computer
2015-09-19 18:19 - 2015-09-19 18:19 - 00000000 ____D C:\ProgramData\Apple Computer
2015-09-19 18:18 - 2015-09-19 18:27 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-09-19 18:18 - 2015-09-19 18:27 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-09-19 18:18 - 2015-09-19 18:18 - 00000000 ____D C:\Users\Rene\AppData\Local\Apple
2015-09-19 18:18 - 2015-09-19 18:18 - 00000000 ____D C:\ProgramData\Apple
2015-09-06 21:21 - 2015-09-06 21:21 - 00000917 _____ C:\Users\Public\Desktop\SmartShare.lnk
2015-09-06 21:20 - 2015-09-24 21:11 - 00003538 _____ C:\WINDOWS\System32\Tasks\SmartShare
2015-09-06 21:20 - 2015-09-24 21:09 - 00000000 ____D C:\WINDOWS\SysWOW64\SSFilter
2015-09-06 21:20 - 2015-09-24 21:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LG Software
2015-09-06 21:20 - 2015-09-06 21:20 - 00000000 ____D C:\ProgramData\LG Software
2015-09-06 21:20 - 2011-08-10 14:00 - 00378880 _____ C:\WINDOWS\SysWOW64\av_dll.dll
2015-09-06 21:20 - 2011-08-10 14:00 - 00020992 _____ C:\WINDOWS\SysWOW64\av_proxy.dll
2015-09-06 20:28 - 2015-09-06 20:28 - 00000000 ____D C:\Users\Rene\AppData\Local\CyberLink

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-10-05 20:32 - 2015-07-10 14:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-10-05 20:07 - 2015-07-10 18:34 - 00771100 _____ C:\WINDOWS\system32\perfh007.dat
2015-10-05 20:07 - 2015-07-10 18:34 - 00153964 _____ C:\WINDOWS\system32\perfc007.dat
2015-10-05 20:02 - 2015-03-15 22:47 - 00000000 ____D C:\Users\Rene\AppData\Local\Pokki
2015-10-05 20:01 - 2015-07-10 14:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-10-05 20:01 - 2015-03-16 07:09 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-10-05 20:01 - 2015-03-15 22:50 - 00002203 _____ C:\Users\Rene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki Start Menu.lnk
2015-10-05 19:58 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-10-05 18:43 - 2015-07-10 14:20 - 00021038 _____ C:\WINDOWS\setupact.log
2015-10-05 06:20 - 2015-07-10 14:20 - 00231824 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-10-05 06:20 - 2015-07-10 11:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-10-04 22:28 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-10-03 18:25 - 2015-03-19 20:44 - 00000000 ____D C:\Users\Rene\AppData\Local\Battle.net
2015-10-03 16:15 - 2015-03-19 20:44 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-10-03 15:57 - 2015-07-10 18:46 - 00000000 ____D C:\WINDOWS\ShellNew
2015-10-03 15:57 - 2013-08-22 15:25 - 00000220 _____ C:\WINDOWS\win.ini
2015-10-03 15:54 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\System
2015-10-03 03:14 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\rescache
2015-10-03 02:52 - 2015-07-10 13:04 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2015-10-03 02:52 - 2015-07-10 13:04 - 00000000 ___SD C:\WINDOWS\system32\F12
2015-10-03 02:52 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-10-03 02:52 - 2015-07-10 13:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-03 02:52 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-10-03 02:52 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-10-03 02:52 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-10-03 02:52 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-10-03 02:52 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\L2Schemas
2015-10-03 01:23 - 2015-07-10 12:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-09-26 16:56 - 2015-03-16 07:07 - 00003834 _____ C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2015-09-26 11:18 - 2014-08-01 06:25 - 00000000 ____D C:\ProgramData\Package Cache
2015-09-26 11:04 - 2013-04-12 15:34 - 00041352 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klpd.sys
2015-09-25 05:57 - 2015-07-10 18:46 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-25 05:57 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-09-25 03:18 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\appcompat
2015-09-24 22:25 - 2015-03-16 20:16 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2015-09-24 22:24 - 2015-03-16 07:09 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2015-09-24 22:24 - 2013-08-22 15:36 - 00000000 ____D C:\Users\Default.migrated
2015-09-24 22:05 - 2015-07-10 13:04 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2015-09-24 22:03 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-24 22:03 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-09-24 22:03 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2015-09-24 22:03 - 2015-07-10 11:05 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2015-09-24 22:03 - 2015-07-10 11:05 - 00000000 ____D C:\WINDOWS\system32\Dism
2015-09-24 22:01 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2015-09-24 22:01 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\MUI
2015-09-24 21:58 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2015-09-24 21:50 - 2015-02-20 17:08 - 00000000 ____D C:\Users\Rene\AppData\Local\Packages
2015-09-24 21:18 - 2015-03-01 22:17 - 00000000 ___RD C:\Users\Rene\OneDrive
2015-09-24 21:16 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\PrintDialog
2015-09-24 21:16 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\MiracastView
2015-09-24 21:16 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-09-24 21:12 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Windows NT
2015-09-24 21:12 - 2015-07-10 11:05 - 00000000 __RHD C:\Users\Default
2015-09-24 21:11 - 2015-08-18 20:21 - 00003444 _____ C:\WINDOWS\System32\Tasks\AcerCloud
2015-09-24 21:11 - 2015-07-27 19:41 - 00003462 _____ C:\WINDOWS\System32\Tasks\BacKGroundAgent
2015-09-24 21:11 - 2015-07-27 19:39 - 00003338 _____ C:\WINDOWS\System32\Tasks\Pokki
2015-09-24 21:11 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Registration
2015-09-24 21:11 - 2015-03-16 07:07 - 00003586 _____ C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
2015-09-24 21:11 - 2015-03-15 22:54 - 00003706 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3483221009-4124455393-22982181-1001
2015-09-24 21:11 - 2015-03-15 22:47 - 00038103 _____ C:\WINDOWS\diagwrn.xml
2015-09-24 21:11 - 2015-03-15 22:47 - 00038103 _____ C:\WINDOWS\diagerr.xml
2015-09-24 21:11 - 2014-09-23 13:02 - 00003126 _____ C:\WINDOWS\System32\Tasks\Quick Access Quick Launcher
2015-09-24 21:11 - 2014-09-23 13:02 - 00003006 _____ C:\WINDOWS\System32\Tasks\Quick Access
2015-09-24 21:11 - 2014-09-23 12:58 - 00003022 _____ C:\WINDOWS\System32\Tasks\Hotkey Utility
2015-09-24 21:11 - 2014-09-23 12:22 - 00003702 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3483221009-4124455393-22982181-500
2015-09-24 21:11 - 2014-08-01 06:29 - 00003378 _____ C:\WINDOWS\System32\Tasks\UbtFrameworkService
2015-09-24 21:11 - 2014-08-01 06:26 - 00005424 _____ C:\WINDOWS\System32\Tasks\Software Update Application
2015-09-24 21:11 - 2014-08-01 06:26 - 00004672 _____ C:\WINDOWS\System32\Tasks\ACCAgent
2015-09-24 21:11 - 2014-08-01 06:26 - 00003922 _____ C:\WINDOWS\System32\Tasks\ACC
2015-09-24 21:10 - 2015-07-10 13:04 - 00000000 __RHD C:\Users\Public\Libraries
2015-09-24 21:09 - 2015-07-16 00:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-09-24 21:09 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Help
2015-09-24 21:09 - 2015-07-10 11:05 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-09-24 21:09 - 2015-05-14 19:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-09-24 21:09 - 2015-05-08 10:19 - 00000000 ____D C:\Users\Rene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\tiptoi® Manager
2015-09-24 21:09 - 2015-03-19 20:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2015-09-24 21:09 - 2015-03-16 20:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-09-24 21:09 - 2014-09-23 13:01 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Power Media Player 12
2015-09-24 21:09 - 2014-09-23 13:00 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector 10
2015-09-24 21:09 - 2014-09-23 12:59 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PhotoDirector 3
2015-09-24 21:09 - 2014-08-01 06:26 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2015-09-24 21:08 - 2015-07-10 13:05 - 00004362 _____ C:\WINDOWS\DtcInstall.log
2015-09-24 21:08 - 2015-07-10 13:04 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2015-09-24 21:08 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\zh-HK
2015-09-24 21:08 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\uk-UA
2015-09-24 21:08 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\tr-TR
2015-09-24 21:08 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\th-TH
2015-09-24 21:08 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\sr-Latn-RS
2015-09-24 21:08 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\sl-SI
2015-09-24 21:08 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\sk-SK
2015-09-24 21:08 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\ro-RO
2015-09-24 21:08 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2015-09-24 21:08 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2015-09-24 21:08 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\hr-HR
2015-09-24 21:08 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\he-IL
2015-09-24 21:08 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\et-EE
2015-09-24 21:08 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB
2015-09-24 21:08 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\bg-BG
2015-09-24 21:08 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\SysWOW64\ar-SA
2015-09-24 21:08 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\zh-HK
2015-09-24 21:08 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\uk-UA
2015-09-24 21:08 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\tr-TR
2015-09-24 21:08 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\th-TH
2015-09-24 21:08 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\sr-Latn-RS
2015-09-24 21:08 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\spool
2015-09-24 21:08 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\sl-SI
2015-09-24 21:08 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\sk-SK
2015-09-24 21:08 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\ro-RO
2015-09-24 21:08 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2015-09-24 21:08 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2015-09-24 21:08 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2015-09-24 21:08 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\hr-HR
2015-09-24 21:08 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\he-IL
2015-09-24 21:08 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\et-EE
2015-09-24 21:08 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\en-GB
2015-09-24 21:08 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\bg-BG
2015-09-24 21:08 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\ar-SA
2015-09-24 21:08 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\InputMethod
2015-09-24 21:08 - 2015-07-10 13:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-09-24 21:08 - 2015-03-16 07:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-09-24 21:08 - 2014-09-23 12:47 - 00000000 ____D C:\Program Files (x86)\Qualcomm Atheros
2015-09-24 21:08 - 2014-09-23 12:36 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2015-09-24 21:08 - 2014-08-01 06:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit PhantomPDF
2015-09-24 21:08 - 2014-08-01 06:26 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-09-24 21:08 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2015-09-24 21:08 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2015-09-24 21:08 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\ADFS
2015-09-24 21:07 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\Recovery
2015-09-24 21:07 - 2015-07-10 11:05 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-09-24 21:07 - 2014-08-01 06:04 - 00000000 ____D C:\Users\Administrator\AppData\Local\Packages
2015-09-24 20:55 - 2014-09-23 12:28 - 01650300 _____ C:\WINDOWS\WindowsUpdate (1).log
2015-09-24 20:53 - 2015-07-10 19:28 - 00000000 ___HD C:\$Windows.~BT
2015-09-24 20:48 - 2015-03-16 20:47 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-09-24 20:42 - 2015-03-15 22:49 - 00000000 ____D C:\Users\Rene\AppData\Local\CrashDumps
2015-09-19 19:10 - 2015-02-20 17:09 - 00000000 ____D C:\Users\Rene\Documents\Bluetooth Folder
2015-09-19 19:04 - 2014-08-01 06:26 - 00000000 ____D C:\ProgramData\WildTangent
2015-09-15 18:12 - 2015-07-10 13:06 - 00812008 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-09-15 18:12 - 2015-07-10 13:06 - 00178152 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-06 21:20 - 2014-09-23 12:36 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-09-06 20:28 - 2014-09-23 12:59 - 00000000 ____D C:\ProgramData\CyberLink

==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-10-04 22:35

==================== Ende von FRST.txt ============================

Gromsh · 05.10.2015, 19:39

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:04-10-2015
durchgeführt von Rene (2015-10-05 20:33:10)
Gestartet von C:\Users\Rene\Downloads
Windows 10 Home (X64) (2015-09-24 19:16:02)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3483221009-4124455393-22982181-500 - Administrator - Disabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-3483221009-4124455393-22982181-503 - Limited - Disabled)
Gast (S-1-5-21-3483221009-4124455393-22982181-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3483221009-4124455393-22982181-1003 - Limited - Enabled)
Rene (S-1-5-21-3483221009-4124455393-22982181-1001 - Administrator - Enabled) => C:\Users\Rene

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Internet Security (Enabled - Up to date) {B41C7598-35F6-4D89-7D0E-7ADE69B4047B}
AS: Kaspersky Internet Security (Enabled - Up to date) {0F7D947C-13CC-4207-47BE-41AC12334EC6}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {8C27F4BD-7F99-4CD1-5651-D3EB97674300}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.08.2003 - Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.02.2000 - Acer Incorporated)
abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.00.3002 - Acer Incorporated)
abMedia (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.09.2002.1 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.04.2004.0 - Acer Incorporated)
Acer Care Center (HKLM\...\{A424844F-CDB3-45E2-BB77-1DDE4A091E76}) (Version: 1.00.3013 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.07.2004 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3016.0 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8107 - Acer Incorporated)
Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.02.3005 - Acer Incorporated)
Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.02.3005 - Acer Incorporated)
Acer Video Player (HKLM-x32\...\{B6846F20-4821-11E3-8F96-0800200C9A66}) (Version: 1.00.2005.0 - Acer Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated)
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.09.2004.0 - Acer Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{3540ADD5-822B-47FB-B1C2-CD7B2C8E9FEC}) (Version: 4.0.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{C9C0FE2C-602E-49D7-8C42-5B9E8FF04798}) (Version: 4.0.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FD244E19-6EFE-4A2D-948A-0D45D4C168BE}) (Version: 9.0.0.26 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.5320 - CyberLink Corp.)
CyberLink Power Media Player 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3.4218 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.4220 - CyberLink Corp.)
eBay Worldwide (HKLM-x32\...\{91589413-6675-4C27-8AFC-EFB9103B90A5}) (Version: 2.4.0105 - OEM)
Foxit PhantomPDF (HKLM-x32\...\{D4DF5498-C95C-4A02-9951-725FB2D7BC0D}) (Version: 6.0.121.624 - Foxit Corporation)
Host App Service (HKU\S-1-5-21-3483221009-4124455393-22982181-1001\...\Pokki) (Version: 0.269.7.768 - Pokki)
Hotkey Utility (HKLM-x32\...\{A6DC88AD-501A-44BC-884D-57435F972E2C}) (Version: 3.00.8104 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Network Connections 18.5.54.0 (HKLM\...\PROSetDX) (Version: 18.5.54.0 - Intel)
Intel(R) Technology Access (HKLM-x32\...\{fb74531f-28c3-4dca-9849-e6b8faa85afe}) (Version: 1.5.0.1021 - Intel Corporation)
Intel(R) Technology Access Software Asset Manager (x32 Version: 1.0.1562 - Intel Corporation) Hidden
Intel(R) Update Manager (HKLM-x32\...\{43FA4AC8-46F8-423F-96FD-9A7D67048F1C}) (Version: 2.5.1634 - Intel Corporation)
iTunes (HKLM\...\{88509E20-3936-4D88-A1C0-B274C7BB5151}) (Version: 12.3.0.44 - Apple Inc.)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d491dd9d-2eda-4d75-b504-1a201436e7fd}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{650c9b4a-60ec-4e4e-8d8e-32d85ce3b7c5}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 36.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 36.0.1 (x86 de)) (Version: 36.0.1 - Mozilla)
Mozilla Firefox 40.0.3 (x86 de) (HKU\S-1-5-21-3483221009-4124455393-22982181-1001\...\Mozilla Firefox 40.0.3 (x86 de)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0.1 - Mozilla)
NVIDIA 3D Vision Controller-Treiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.52 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.3.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.3.22 - NVIDIA Corporation)
NVIDIA Grafiktreiber 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.52 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Pokki Start Menu (HKU\S-1-5-21-3483221009-4124455393-22982181-1001\...\Pokki_Start_Menu) (Version: 0.269.7.768 - Pokki)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.314 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.25 - Qualcomm Atheros)
Ravensburger tiptoi (HKLM-x32\...\Ravensburger tiptoi) (Version:  - )
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.30166 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.3.22 - NVIDIA Corporation) Hidden
Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.103 - Skype Technologies S.A.)
SmartShare (HKLM-x32\...\{BAB337AE-DD9E-45C3-BED6-0EE4732AEC60}) (Version: 2.3.1502.401 - LG Electronics Inc.)
Sound Blaster Cinema (HKLM-x32\...\{AF2E323C-1E8A-4CE6-BE9E-B29296BF7FAE}) (Version: 1.00.03 - Creative Technology Limited)
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.6.81.gd359a796 - Spotify AB)
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {247F6031-5F04-444B-97AC-E24100B3CE85} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {29EC117A-3921-4D02-8753-5FC4335344A1} - System32\Tasks\IntelTA-Upgrade-56460984-97c2-4bc7-a632-d776cf817f5d => C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2015-04-18] ()
Task: {309A19DC-EA8B-47B0-A68C-DC621193E98E} - System32\Tasks\IntelTA-Upgrade-56460984-97c2-4bc7-a632-d776cf817f5d-Logon => C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2015-04-18] ()
Task: {320B7238-A78D-4BB8-A3D1-D6A4CD822057} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2014-06-08] (Acer Incorporated)
Task: {3A971B8B-3582-4E52-B5C8-B9AA88D07176} - System32\Tasks\Pokki => %LOCALAPPDATA%\Pokki\Engine\ServiceHostAppUpdater.exe
Task: {458639B5-0F1A-4D0C-AA9F-383669F55843} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {4C7C35C8-CECF-4E24-BFE1-430E09528B21} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {5F31AC98-81F1-41EE-8F85-FAAF08FD72CF} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {64BA251A-1CBD-4398-BD36-890810401CED} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {6CD7487C-CD0E-4864-9465-3036BF137C6A} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2015-08-13] (Acer)
Task: {73A78DA8-3264-4554-904F-D37C605ADC4B} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-06-09] ()
Task: {8E4A9BD0-FB28-4B75-8860-8C0601B07B8F} - System32\Tasks\Hotkey Utility => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [2014-03-03] (Acer Incorporated)
Task: {9382CFEE-471D-4903-9908-4010D720FBD9} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {9418731B-C6B6-41E4-92DF-A3BF0D5B91D9} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {98AEE1F6-9056-4231-8B3F-AFBF60B8CC7E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {98D19C7D-C95E-474D-9A49-F7E5523376DE} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2014-08-29] ()
Task: {A27C1172-140E-44C9-8BD9-F098A5ACE696} - System32\Tasks\SmartShare => E:\Programme\LG Smart Share\SmartShareStart.exe [2014-12-05] (LG Electronics Inc.)
Task: {A3B6D1A9-AF16-4401-AF99-41AC48AC7731} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2014-08-29] ()
Task: {A8B4BE7B-63A5-482A-A966-29375BBB3432} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {AE71DA51-A7F0-4B62-BE7E-9487005C2D69} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {B2DEB423-E25E-46D2-AD58-403D818EE1F7} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {B8F440A5-0B7B-4B73-8681-91024C17CADD} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {B90E8A9E-FB75-4849-9F7D-7A3DC0BB57BC} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {BF887431-0F08-43FA-B041-B0C36B7FB9B2} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2015-07-23] (Acer Incorporated)
Task: {C50D80D8-DF6A-4EF2-A141-02E844A2586E} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-13] (TODO: <Company name>)
Task: {C632F99A-13C6-40DB-BC0D-65ECA5CA518A} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-26] (Microsoft Corporation)
Task: {CFB311B6-542F-4867-9A98-B4A89E3F47A0} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {EF0EA01E-E9C1-44B8-A0F5-0608750E5D47} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-06-09] ()

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-09-24 22:03 - 2015-09-24 22:03 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-09-24 21:06 - 2015-07-23 03:10 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-09-24 22:03 - 2015-09-24 22:03 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-09-15 14:25 - 2015-09-15 14:25 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-07-29 13:48 - 2015-07-29 13:48 - 00088064 _____ () C:\Program Files\Intel Corporation\Intel(R) Technology Access\libglog.dll
2015-07-31 09:55 - 2015-07-31 09:55 - 01793280 _____ () C:\Program Files\Intel Corporation\Intel(R) Technology Access\cpprest120_1_4.dll
2015-07-31 09:55 - 2015-07-31 09:55 - 00354560 _____ () C:\Program Files\Intel Corporation\Intel(R) Technology Access\JsonCpp.dll
2014-09-23 13:01 - 2012-04-24 12:43 - 00254512 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2015-10-03 01:22 - 2015-09-17 08:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-03 01:22 - 2015-09-17 08:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-10-03 01:22 - 2015-09-17 07:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-10-03 01:22 - 2015-09-17 07:44 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-10-03 01:22 - 2015-09-17 07:42 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-10-03 01:22 - 2015-09-17 07:42 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-03 01:22 - 2015-09-17 07:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2014-09-23 12:52 - 2012-11-01 11:21 - 00325120 _____ () C:\Windows\SYSTEM32\APOMgr64.DLL
2015-09-06 21:20 - 2014-12-09 13:36 - 01265688 _____ () E:\Programme\LG Smart Share\DMR\SmartShareDMR.exe
2015-07-08 23:18 - 2015-07-08 23:18 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\kpcengine.2.3.dll
2015-05-05 00:25 - 2015-05-01 18:52 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-04-28 22:15 - 2015-04-28 22:15 - 00569856 _____ () C:\Users\Rene\AppData\Local\Pokki\Engine\ppGoogleNaClPluginChrome.dll
2015-04-28 22:15 - 2015-04-28 22:15 - 01400846 _____ () C:\Users\Rene\AppData\Local\Pokki\Engine\avcodec-54.dll
2015-04-28 22:15 - 2015-04-28 22:15 - 00151054 _____ () C:\Users\Rene\AppData\Local\Pokki\Engine\avutil-51.dll
2015-04-28 22:15 - 2015-04-28 22:15 - 00222734 _____ () C:\Users\Rene\AppData\Local\Pokki\Engine\avformat-54.dll
2015-03-16 20:30 - 2013-09-16 06:19 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-08-05 19:48 - 2015-08-05 19:48 - 00201568 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll
2015-08-05 19:48 - 2015-08-05 19:48 - 00653112 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll
2015-08-05 19:48 - 2015-08-05 19:48 - 00640352 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll
2015-08-05 19:48 - 2015-08-05 19:48 - 00118112 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll
2015-09-24 21:07 - 2015-09-24 21:07 - 00014176 _____ () C:\WINDOWS\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2015-07-23 16:08 - 2015-07-23 16:08 - 00012128 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
2015-07-23 15:56 - 2015-07-23 15:56 - 00277856 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll
2015-09-06 21:20 - 2013-12-06 22:06 - 00642016 _____ () E:\Programme\LG Smart Share\DMS\sqlite3.dll
2015-09-06 21:20 - 2014-12-09 11:55 - 00903168 _____ () E:\Programme\LG Smart Share\DMR\LibMediaRenderer.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\Rene\OneDrive:ms-properties

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3483221009-4124455393-22982181-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\Run32: => "abDocsDllLoader"
HKU\S-1-5-21-3483221009-4124455393-22982181-1001\...\StartupApproved\Run: => "Skype"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{F90368BE-CB02-4323-AD2F-F4418D419DE9}] => (Allow) E:\Programme\iTunes\iTunes.exe
FirewallRules: [{736DB098-BE70-4380-B1FA-B572A204C5A5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8F802FF4-3C10-4F30-B220-D93051D2E963}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{10F0C17A-C5A4-422A-B4C9-86B9E5F8B578}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{4F799089-6BDC-4300-98CE-4CCD6771DC9F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D2703BF9-EA5D-4B35-8903-B4800B7054E5}] => (Allow) E:\Programme\LG Smart Share\DMR\SmartShareDMR.exe
FirewallRules: [{2CB71738-000F-4B0D-BEF1-F4EBB88E112F}] => (Allow) E:\Programme\LG Smart Share\DMR\SmartShareDMR.exe
FirewallRules: [{9867C4B3-797D-41C7-9863-D2D5D95282C5}] => (Allow) E:\Programme\LG Smart Share\DMS\SmartShareDMS.exe
FirewallRules: [{886DFA8F-7B15-4F4E-AF1C-327905CBF1DA}] => (Allow) E:\Programme\LG Smart Share\DMS\SmartShareDMS.exe
FirewallRules: [{ECF304C3-8E71-41E2-B85F-EC33B8ADE0ED}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{2227580A-91EE-405A-9B45-1C8458083EB2}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{D0CD84C6-AA72-4BF4-ADB9-BA29CA2516ED}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{2D1FEE54-98B2-4654-8EC1-F22AA0D50506}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{8338904E-5C46-4FDB-856C-074227C184E6}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{DC724F7D-EABF-4A27-B7D3-55505FC36444}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{197CC5AB-D221-44E6-9885-6EBFC49B3454}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{F3DAA5BA-6E93-4994-9DB2-EAEB2D983EB9}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{12455FDF-70F7-4B08-8DB8-D75C5F7560C1}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{E9237538-89E1-4B72-A047-96E947A51188}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{4BEF7AE8-B707-4788-90B7-71143BD15A41}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{325C9A71-DEC9-41FF-A8FE-5BA24163BC7A}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{5984A0C8-ABCB-41EA-92F1-7BC67489D1B2}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{B520F986-2880-4064-B466-D46D8CB13F58}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{2C629BBF-1EC3-4EC8-BD67-DC2315ED38EC}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{7EEA1EC8-76EA-494E-B73B-5758FACD4592}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{910DCD33-F513-4008-9E10-226FDCC4F69D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{BE6E954D-9CDD-49ED-9070-D3CC666FC051}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{83D3326D-C838-43E4-A84D-A04632107680}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{D54B3D0D-904E-40C4-AD89-4B9B222DA5AF}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{6FB991EB-7C5A-4102-B5CB-6DDF0AE3C15C}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{CE690039-17F3-4489-A7F4-AB0C457FABBC}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{9BC3603F-6390-4A95-B8D8-8AB31FEA160B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{A7BB288C-2E6F-41C4-BBA8-63FAEC3DDE2F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{54511322-751D-4E78-B26C-30D8B2515641}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{C0942DDB-59E7-45BB-BFF2-48B8EFD237D0}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{D1FFF30E-91D9-43BA-AF57-70187EFCDEBD}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{2E49E7BD-04DB-4825-888F-6EC344FE3E65}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{CF003CF6-0C04-43F0-AE6E-B264006D463F}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{5D625CDF-8858-4BA5-B79C-2E255624105A}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{750EE541-E13E-43D0-8C85-7DC38BF1D595}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{241C6AC1-2403-4D17-874A-9FA8F9E3643E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{9E5C5F18-3451-4BCB-A6A4-09AAD9F20916}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{A3C70069-4618-44C2-A5C0-64506CC0BE99}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{4AB4738F-766D-4294-972D-0E5A55F58060}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{DB881D8A-0FE3-43FC-9A9E-EFDBC9DB17F7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C6C2374D-4D0B-41AA-A9E0-414DA6E82859}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{132FC01D-3650-4AAE-86E3-22E512085E19}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{16920FA0-7FB5-4B80-8C26-B25DAE90A22F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{D6FC574F-4EA2-4C75-95FD-250A6E07B105}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{D127A2DB-D3CB-4447-AF2E-DBF39A7D02A9}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{F0498691-2BEE-4833-82C5-4EB0B85292AA}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{C3661DB2-8801-45D6-9325-49273DC1E633}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{2EAC67B0-687D-43CB-99A3-FDD369FBC6BD}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{CCFD79DE-47F5-4682-8D0E-FB3CF63100F6}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{656C35D2-CFB2-48B6-924F-A235CF96B019}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{1E884C74-EA44-4885-BCEF-0DE7F4DC4CA9}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{ECF4B352-DCA3-41C6-8423-0E30D9F998E5}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{C4308859-018D-42D7-8000-F387C08770AB}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{2E208D87-FB41-4897-8A48-1A6E9B438679}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{39966988-7001-45AF-8E33-2ED807F8AC3B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{B4E2D9CA-E8B1-4AAA-BA4F-25A48CFBA166}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{63DD3336-B374-40F9-9682-2A7C7895393B}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{4B8B4A5F-1B97-4332-B5AB-807A01F3C5FA}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{20A6961A-5721-47CF-AFA8-1098F2477EAD}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{947BEB61-C6C2-4B95-A4D1-AE72C208EEB9}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{0D8EA478-3AF4-4856-97C3-CDCBAA179CC3}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{E60C76A9-E36E-4F9A-AB28-925BE488CF32}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{E267A121-0145-467A-BFD8-C35164FD46BE}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{E513B9A4-BC7C-45EB-8791-FFE1A7E15A81}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{70FD7754-EC2C-4F54-A465-033CAE377707}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{ED9530D5-5835-49AC-9A0C-3AACC22F61C5}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{94C74F15-06AA-4A1E-89C0-7CF32A3F4102}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{599AB71F-9CF6-4CAA-ADAA-22543853FA1A}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{DBE195D7-0997-4E53-AFF7-EC75A704E89A}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{7B287E5C-E662-4B6C-A1C5-D07B72ABA6F1}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [UDP Query User{7869E808-030A-44EF-B212-82F581C90ED6}E:\programme\firefox.exe] => (Allow) E:\programme\firefox.exe
FirewallRules: [TCP Query User{4A3D9BFB-33EE-4FB9-AC65-FA12183356C7}E:\programme\firefox.exe] => (Allow) E:\programme\firefox.exe
FirewallRules: [{6301D8CA-AD97-40D8-86A0-E82D0859C880}] => (Allow) E:\Programme\firefox.exe
FirewallRules: [{90D32F76-8E7D-47B2-BBB4-FF1EECFE0443}] => (Allow) E:\Programme\firefox.exe
FirewallRules: [{54F4536F-0A91-4EF8-AFE3-750585F56673}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{B7E67EF1-16A7-4DAC-BD72-6EE2B472D02A}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{054A3A06-BEC0-4661-9091-48C60152858C}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{7592975C-1443-4FFC-BE45-D32106980FCE}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{0B7F6598-87BA-4CB6-96B4-F023933D56E9}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{BA926D38-C11E-4596-977A-7BC6137C540B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{CE5C1586-765B-4197-86D0-3B39BC4DAC71}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{74528625-DB9A-4A4E-8D53-C8DD9431C608}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{B064D944-5061-4D19-8AE4-AD8C43449331}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{74597F0F-ED10-4050-97BD-8E5B25755FC6}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{874B5011-C969-4A1E-B58D-5A0DFADE7B24}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{0100A85E-0403-4374-9D9B-8E3C41C9EC7E}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{51605AED-1368-4B1E-9F1C-48429A18373E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{F3C49741-8875-4BBF-A873-930E26C3DF77}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{285AFC0E-C616-4016-AA85-C362A25C34E0}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{F3ECE192-B8C1-4E37-9470-EB234004F459}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{3631755A-87D2-427A-B38D-83FA9A50A1E8}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{90DC1E39-2C8C-4C93-877E-D340E7EDADEF}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Play.exe
FirewallRules: [{DA146EA5-DE3C-4F29-8132-65E022DCCC90}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{85180A67-43C8-4623-8932-663E803F6E47}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{634718CD-5749-4AF1-B7DE-804B460D8FC2}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{71E077C4-2F69-4226-B751-73498924556E}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{93BDD5FA-8B22-4251-8A93-88DA77DD2FD8}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{AE7828DF-AED0-4090-AB44-F53B1A64CBB4}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{A0FDDF5F-03A0-486C-B88C-A04B1F0061B7}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{282EBB5E-9013-4BEE-9F66-6340AEE6C741}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{4B44B810-CF2D-4A0F-9C51-116F487C6CEC}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{E7720ED8-BDC7-4CDA-9AE7-1D33982CD337}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (10/05/2015 06:46:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: jucheck.exe, Version: 2.8.60.27, Zeitstempel: 0x55c116b1
Name des fehlerhaften Moduls: jucheck.exe, Version: 2.8.60.27, Zeitstempel: 0x55c116b1
Ausnahmecode: 0x40000015
Fehleroffset: 0x00052d24
ID des fehlerhaften Prozesses: 0xdf8
Startzeit der fehlerhaften Anwendung: 0xjucheck.exe0
Pfad der fehlerhaften Anwendung: jucheck.exe1
Pfad des fehlerhaften Moduls: jucheck.exe2
Berichtskennung: jucheck.exe3
Vollständiger Name des fehlerhaften Pakets: jucheck.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: jucheck.exe5

Error: (10/05/2015 03:10:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1141

Error: (10/05/2015 03:10:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1141

Error: (10/05/2015 03:10:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/05/2015 03:10:00 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Rene-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (10/05/2015 01:27:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 25139468

Error: (10/05/2015 01:27:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 25139468

Error: (10/05/2015 01:27:31 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/03/2015 06:34:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1172

Error: (10/03/2015 06:34:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1172


Systemfehler:
=============
Error: (10/05/2015 08:04:15 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}

Error: (10/05/2015 08:01:19 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x000000be (0xfffff961d3b40000, 0x803000010f0e1001, 0xffffd00022df2131, 0x000000000000000b)C:\WINDOWS\MEMORY.DMP100515-13000-01

Error: (10/05/2015 08:01:12 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎05.‎10.‎2015 um 19:58:32 unerwartet heruntergefahren.

Error: (10/05/2015 07:58:39 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x000000be (0xfffff96142ef0000, 0x803000010f34b001, 0xffffd000ab63e131, 0x000000000000000b)C:\WINDOWS\MEMORY.DMP100515-12750-01

Error: (10/05/2015 07:58:32 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎05.‎10.‎2015 um 19:56:32 unerwartet heruntergefahren.

Error: (10/05/2015 07:56:32 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x000000be (0xfffff96158280000, 0x803000010cbe9001, 0xffffd00023886131, 0x000000000000000b)C:\WINDOWS\Minidump\100515-5140-01.dmp100515-5140-01

Error: (10/05/2015 07:56:32 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎05.‎10.‎2015 um 19:30:26 unerwartet heruntergefahren.

Error: (10/05/2015 06:43:59 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}

Error: (10/05/2015 03:10:00 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session2" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (10/05/2015 03:10:00 PM) (Source: DCOM) (EventID: 10010) (User: Rene-PC)
Description: CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz
Prozentuale Nutzung des RAM: 27%
Installierter physikalischer RAM: 8111.59 MB
Verfügbarer physikalischer RAM: 5920.14 MB
Summe virtueller Speicher: 16303.59 MB
Verfügbarer virtueller Speicher: 13600.58 MB

==================== Laufwerke ================================

Drive c: (Acer) (Fixed) (Total:54.65 GB) (Free:11.31 GB) NTFS
Drive e: (DATA) (Fixed) (Total:2778.52 GB) (Free:2632.92 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 55.9 GB) (Disk ID: BB60ECE9)

Partition: GPT.

========================================================
Disk: 1 (Size: 2794.5 GB) (Disk ID: BB60ECFC)

Partition: GPT.

==================== Ende von Addition.txt ============================

deeprybka · 05.10.2015, 19:50

Zitat:

Zitat von Gromsh

...wurde mir kurz darauf per Telefon von einer netten Dame von der Sicherheitsabteilung meiner Bank mitgeteilt das sich auf meinem Rechner ein Trojaner befinde und nur ein komplettes formatieren noch helfen würde/könnte.

Interessant. Welcher Trojaner hat sie nicht gesagt?

Das OB verwendest Du nur von diesem Rechner oder z.B. auch vom Handy?

Schritt 1
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Gromsh · 05.10.2015, 20:01

Hallo Jürgen,

nein welcher Trojaner das sein soll konnte/wollte Sie mir nicht sagen und ich müsste auf jeden Fall meinen Rechner formatieren auch wenn mein Virenscanner nichts findet, weil Trojaner ja genau dafür und so programmiert werden.

Onlinebanking wird nur und ausschliesslich von diesem einen Rechner genutzt

hier der gewünschte Log - ohne Befund

Code:

ATTFilter

20:55:33.0148 0x1764  TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
20:55:33.0148 0x1764  UEFI system
20:55:39.0680 0x1764  ============================================================
20:55:39.0680 0x1764  Current date / time: 2015/10/05 20:55:39.0680
20:55:39.0680 0x1764  SystemInfo:
20:55:39.0680 0x1764  
20:55:39.0680 0x1764  OS Version: 10.0.10240 ServicePack: 0.0
20:55:39.0680 0x1764  Product type: Workstation
20:55:39.0680 0x1764  ComputerName: RENE-PC
20:55:39.0680 0x1764  UserName: Rene
20:55:39.0681 0x1764  Windows directory: C:\WINDOWS
20:55:39.0681 0x1764  System windows directory: C:\WINDOWS
20:55:39.0681 0x1764  Running under WOW64
20:55:39.0681 0x1764  Processor architecture: Intel x64
20:55:39.0681 0x1764  Number of processors: 8
20:55:39.0681 0x1764  Page size: 0x1000
20:55:39.0681 0x1764  Boot type: Normal boot
20:55:39.0681 0x1764  ============================================================
20:55:39.0759 0x1764  KLMD registered as C:\WINDOWS\system32\drivers\07529748.sys
20:55:40.0185 0x1764  System UUID: {DA5E94F5-ACCA-D040-C741-D2D7603C4953}
20:55:40.0593 0x1764  Drive \Device\Harddisk0\DR0 - Size: 0xDF99E6000 ( 55.90 Gb ), SectorSize: 0x200, Cylinders: 0x1C81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:55:40.0813 0x1764  Drive \Device\Harddisk1\DR1 - Size: 0x2BAA1476000 ( 2794.52 Gb ), SectorSize: 0x200, Cylinders: 0x59101, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:55:40.0824 0x1764  ============================================================
20:55:40.0824 0x1764  \Device\Harddisk0\DR0:
20:55:40.0824 0x1764  GPT partitions:
20:55:40.0825 0x1764  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {618B5353-7D71-4CB3-8628-52CF31DC876B}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x12C000
20:55:40.0825 0x1764  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {7EFDB495-F973-49EE-A2E9-172F75806D5E}, Name: EFI system partition, StartLBA 0x12C800, BlocksNum 0x32000
20:55:40.0826 0x1764  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {3B90EFAF-9BCB-4E43-A1A8-FAD16F65FB2F}, Name: Microsoft reserved partition, StartLBA 0x15E800, BlocksNum 0x40000
20:55:40.0826 0x1764  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {1CD39F29-41B6-48B5-AFD9-C6871249565C}, Name: Basic data partition, StartLBA 0x19E800, BlocksNum 0x6D4D70F
20:55:40.0826 0x1764  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {96947276-3A52-4217-93A5-285F23F4ADE8}, Name: , StartLBA 0x6EEC000, BlocksNum 0xE0800
20:55:40.0826 0x1764  MBR partitions:
20:55:40.0826 0x1764  \Device\Harddisk1\DR1:
20:55:40.0826 0x1764  GPT partitions:
20:55:40.0826 0x1764  \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {BC6C0691-0694-46E2-AB87-DAC17AFF7B3E}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x5B509800
20:55:40.0826 0x1764  \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {FEE15F90-D82D-4D5B-A8F4-973AC3B9FC3D}, Name: Basic data partition, StartLBA 0x15B50A000, BlocksNum 0x2000000
20:55:40.0826 0x1764  MBR partitions:
20:55:40.0826 0x1764  ============================================================
20:55:40.0828 0x1764  C: <-> \Device\Harddisk0\DR0\Partition4
20:55:40.0834 0x1764  E: <-> \Device\Harddisk1\DR1\Partition1
20:55:40.0834 0x1764  ============================================================
20:55:40.0834 0x1764  Initialize success
20:55:40.0834 0x1764  ============================================================
20:56:59.0681 0x0258  ============================================================
20:56:59.0681 0x0258  Scan started
20:56:59.0681 0x0258  Mode: Manual; SigCheck; TDLFS; 
20:56:59.0681 0x0258  ============================================================
20:56:59.0681 0x0258  KSN ping started
20:57:02.0082 0x0258  KSN ping finished: true
20:57:02.0666 0x0258  ================ Scan system memory ========================
20:57:02.0666 0x0258  System memory - ok
20:57:02.0666 0x0258  ================ Scan services =============================
20:57:02.0715 0x0258  1394ohci - ok
20:57:02.0722 0x0258  3ware - ok
20:57:02.0731 0x0258  ACPI - ok
20:57:02.0738 0x0258  acpiex - ok
20:57:02.0746 0x0258  acpipagr - ok
20:57:02.0753 0x0258  AcpiPmi - ok
20:57:02.0757 0x0258  acpitime - ok
20:57:02.0763 0x0258  ADP80XX - ok
20:57:02.0768 0x0258  AFD - ok
20:57:02.0772 0x0258  agp440 - ok
20:57:02.0776 0x0258  ahcache - ok
20:57:02.0782 0x0258  AJRouter - ok
20:57:02.0784 0x0258  ALG - ok
20:57:02.0786 0x0258  AmdK8 - ok
20:57:02.0788 0x0258  AmdPPM - ok
20:57:02.0790 0x0258  amdsata - ok
20:57:02.0792 0x0258  amdsbs - ok
20:57:02.0794 0x0258  amdxata - ok
20:57:02.0796 0x0258  AppID - ok
20:57:02.0798 0x0258  AppIDSvc - ok
20:57:02.0800 0x0258  Appinfo - ok
20:57:02.0805 0x0258  [ 3E7C6639E424FD28952C29D66B7E5277, B10AD3FA5CB36328C5DF33AF58F76770E2B54CFBCB70BD84934F925B8E19FA1F ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:57:02.0822 0x0258  Apple Mobile Device Service - ok
20:57:02.0827 0x0258  AppReadiness - ok
20:57:02.0829 0x0258  AppXSvc - ok
20:57:02.0830 0x0258  arcsas - ok
20:57:02.0832 0x0258  AsyncMac - ok
20:57:02.0834 0x0258  atapi - ok
20:57:02.0886 0x0258  [ FF3A0F772EB85E20E3F9865716B7AAA2, 5F13DE17A621326088D3DD964C1F9A6653B9E5F39C38CA8BADB6137AAD03B7A5 ] athr            C:\WINDOWS\System32\drivers\athwbx.sys
20:57:02.0979 0x0258  athr - ok
20:57:02.0983 0x0258  AudioEndpointBuilder - ok
20:57:02.0985 0x0258  Audiosrv - ok
20:57:02.0994 0x0258  [ 50C3C62FFE6337E6E4F2F01CB07DF63C, CC9C7D2827E872F22A2A79D42195530F61DF6EA6A1C8F520E25DB35537574FAB ] AVP16.0.0       C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
20:57:03.0005 0x0258  AVP16.0.0 - ok
20:57:03.0007 0x0258  AxInstSV - ok
20:57:03.0009 0x0258  b06bdrv - ok
20:57:03.0011 0x0258  BasicDisplay - ok
20:57:03.0013 0x0258  BasicRender - ok
20:57:03.0015 0x0258  bcmfn2 - ok
20:57:03.0017 0x0258  BDESVC - ok
20:57:03.0018 0x0258  Beep - ok
20:57:03.0020 0x0258  BFE - ok
20:57:03.0022 0x0258  BITS - ok
20:57:03.0030 0x0258  [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:57:03.0040 0x0258  Bonjour Service - ok
20:57:03.0043 0x0258  bowser - ok
20:57:03.0045 0x0258  BrokerInfrastructure - ok
20:57:03.0047 0x0258  Browser - ok
20:57:03.0049 0x0258  [ C6978F7EBA6F37D626482AC6B9390630, B4BF939AB9962A61DE9518604C20347DC2A6FCDCEB3D8AEF295AF12E6F2CDCF3 ] BTATH_BUS       C:\WINDOWS\System32\drivers\btath_bus.sys
20:57:03.0053 0x0258  BTATH_BUS - ok
20:57:03.0064 0x0258  [ 239A81CC18170F3369D389DA65E74342, 5E26976176A6651B149784B1ED86ECCA133B7755EBB8B04361A8DDB705767AA3 ] BtFilter        C:\WINDOWS\system32\DRIVERS\btfilter.sys
20:57:03.0077 0x0258  BtFilter - ok
20:57:03.0079 0x0258  BthAvrcpTg - ok
20:57:03.0082 0x0258  BthEnum - ok
20:57:03.0083 0x0258  BthHFEnum - ok
20:57:03.0085 0x0258  bthhfhid - ok
20:57:03.0087 0x0258  BthHFSrv - ok
20:57:03.0089 0x0258  BthLEEnum - ok
20:57:03.0091 0x0258  BTHMODEM - ok
20:57:03.0093 0x0258  BthPan - ok
20:57:03.0095 0x0258  BTHPORT - ok
20:57:03.0097 0x0258  bthserv - ok
20:57:03.0099 0x0258  BTHUSB - ok
20:57:03.0100 0x0258  buttonconverter - ok
20:57:03.0102 0x0258  CapImg - ok
20:57:03.0143 0x0258  [ 89AD09F3DD8F77F98F44BC2DD4B00E3C, D35E960B73212E34058BB98E70E10935683C0C67D301EF3070E3729DBBF7A94C ] CCDMonitorService C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
20:57:03.0192 0x0258  CCDMonitorService - ok
20:57:03.0196 0x0258  cdfs - ok
20:57:03.0198 0x0258  CDPSvc - ok
20:57:03.0200 0x0258  cdrom - ok
20:57:03.0202 0x0258  CertPropSvc - ok
20:57:03.0204 0x0258  circlass - ok
20:57:03.0205 0x0258  CLFS - ok
20:57:03.0207 0x0258  ClipSVC - ok
20:57:03.0212 0x0258  CmBatt - ok
20:57:03.0220 0x0258  [ B2A6D2A30E93B6F215F74AC7E1733C9C, 960299F7BF2501B46296EDEA050BF30313C17A9B785574B56B79C070BD1B6E1A ] cm_km           C:\WINDOWS\system32\DRIVERS\cm_km.sys
20:57:03.0235 0x0258  cm_km - ok
20:57:03.0238 0x0258  CNG - ok
20:57:03.0239 0x0258  cnghwassist - ok
20:57:03.0255 0x0258  CompositeBus - ok
20:57:03.0257 0x0258  COMSysApp - ok
20:57:03.0259 0x0258  condrv - ok
20:57:03.0261 0x0258  CoreMessagingRegistrar - ok
20:57:03.0265 0x0258  [ C8BD651E13895B93ED9EC5B4F1DF42BC, D86D6BF0BA3C09B49B3A52C86A7F3B3856A27F79EDD86A8FFA469D9A5F196E8D ] Creative ALchemy AL6 Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
20:57:03.0280 0x0258  Creative ALchemy AL6 Licensing Service - detected UnsignedFile.Multi.Generic ( 1 )
20:57:05.0682 0x0258  Detect skipped due to KSN trusted
20:57:05.0682 0x0258  Creative ALchemy AL6 Licensing Service - ok
20:57:05.0691 0x0258  [ C0EAD9F8AB83D41FF07303C75589C2B8, C89CAC39BCD2FA2DCC56D7EE84FF66127BCECCAE400E119FE41BF4C4D769504B ] Creative Audio Engine Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
20:57:05.0729 0x0258  Creative Audio Engine Licensing Service - detected UnsignedFile.Multi.Generic ( 1 )
20:57:08.0107 0x0258  Detect skipped due to KSN trusted
20:57:08.0107 0x0258  Creative Audio Engine Licensing Service - ok
20:57:08.0119 0x0258  CryptSvc - ok
20:57:08.0126 0x0258  dam - ok
20:57:08.0139 0x0258  DcomLaunch - ok
20:57:08.0146 0x0258  DcpSvc - ok
20:57:08.0153 0x0258  defragsvc - ok
20:57:08.0158 0x0258  DeviceAssociationService - ok
20:57:08.0164 0x0258  DeviceInstall - ok
20:57:08.0168 0x0258  DevQueryBroker - ok
20:57:08.0172 0x0258  Dfsc - ok
20:57:08.0176 0x0258  Dhcp - ok
20:57:08.0183 0x0258  diagnosticshub.standardcollector.service - ok
20:57:08.0185 0x0258  DiagTrack - ok
20:57:08.0187 0x0258  disk - ok
20:57:08.0189 0x0258  DmEnrollmentSvc - ok
20:57:08.0192 0x0258  dmvsc - ok
20:57:08.0194 0x0258  dmwappushservice - ok
20:57:08.0196 0x0258  Dnscache - ok
20:57:08.0200 0x0258  dot3svc - ok
20:57:08.0202 0x0258  DPS - ok
20:57:08.0204 0x0258  drmkaud - ok
20:57:08.0206 0x0258  DsmSvc - ok
20:57:08.0208 0x0258  DsSvc - ok
20:57:08.0211 0x0258  DXGKrnl - ok
20:57:08.0220 0x0258  [ 8FF068180D7BA6F7F9FA228864310F9D, DD385B405E9FB1CEAEDDFF86A6FBDDADDB54E6ABEC305FE9CFFD93859B21A407 ] e1dexpress      C:\WINDOWS\system32\DRIVERS\e1d64x64.sys
20:57:08.0231 0x0258  e1dexpress - ok
20:57:08.0235 0x0258  Eaphost - ok
20:57:08.0236 0x0258  ebdrv - ok
20:57:08.0238 0x0258  EFS - ok
20:57:08.0240 0x0258  EhStorClass - ok
20:57:08.0241 0x0258  EhStorTcgDrv - ok
20:57:08.0243 0x0258  embeddedmode - ok
20:57:08.0245 0x0258  EntAppSvc - ok
20:57:08.0247 0x0258  ErrDev - ok
20:57:08.0250 0x0258  EventSystem - ok
20:57:08.0252 0x0258  exfat - ok
20:57:08.0253 0x0258  fastfat - ok
20:57:08.0255 0x0258  Fax - ok
20:57:08.0256 0x0258  fcvsc - ok
20:57:08.0258 0x0258  fdc - ok
20:57:08.0260 0x0258  fdPHost - ok
20:57:08.0261 0x0258  FDResPub - ok
20:57:08.0263 0x0258  fhsvc - ok
20:57:08.0264 0x0258  FileCrypt - ok
20:57:08.0266 0x0258  FileInfo - ok
20:57:08.0268 0x0258  Filetrace - ok
20:57:08.0269 0x0258  flpydisk - ok
20:57:08.0271 0x0258  FltMgr - ok
20:57:08.0273 0x0258  FontCache - ok
20:57:08.0275 0x0258  FontCache3.0.0.0 - ok
20:57:08.0276 0x0258  FsDepends - ok
20:57:08.0278 0x0258  Fs_Rec - ok
20:57:08.0280 0x0258  fvevol - ok
20:57:08.0282 0x0258  gagp30kx - ok
20:57:08.0284 0x0258  gencounter - ok
20:57:08.0286 0x0258  genericusbfn - ok
20:57:08.0305 0x0258  [ C2730FE9713C1C474257A7085386B11E, 7D35D00D2B455841C8C9A87CE92885CD22F4B8B6690CB21443ED1B515117EF95 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
20:57:08.0324 0x0258  GfExperienceService - ok
20:57:08.0328 0x0258  GPIOClx0101 - ok
20:57:08.0329 0x0258  gpsvc - ok
20:57:08.0331 0x0258  GpuEnergyDrv - ok
20:57:08.0333 0x0258  HDAudBus - ok
20:57:08.0335 0x0258  HidBatt - ok
20:57:08.0337 0x0258  HidBth - ok
20:57:08.0338 0x0258  hidi2c - ok
20:57:08.0340 0x0258  hidinterrupt - ok
20:57:08.0342 0x0258  HidIr - ok
20:57:08.0345 0x0258  hidserv - ok
20:57:08.0347 0x0258  HidUsb - ok
20:57:08.0349 0x0258  HomeGroupListener - ok
20:57:08.0350 0x0258  HomeGroupProvider - ok
20:57:08.0352 0x0258  HpSAMD - ok
20:57:08.0354 0x0258  HTTP - ok
20:57:08.0355 0x0258  hwpolicy - ok
20:57:08.0357 0x0258  hyperkbd - ok
20:57:08.0359 0x0258  HyperVideo - ok
20:57:08.0361 0x0258  i8042prt - ok
20:57:08.0363 0x0258  iaLPSSi_GPIO - ok
20:57:08.0364 0x0258  iaLPSSi_I2C - ok
20:57:08.0366 0x0258  iaStorAV - ok
20:57:08.0367 0x0258  iaStorV - ok
20:57:08.0369 0x0258  ibbus - ok
20:57:08.0371 0x0258  icssvc - ok
20:57:08.0373 0x0258  IEEtwCollectorService - ok
20:57:08.0374 0x0258  IKEEXT - ok
20:57:08.0437 0x0258  [ 622868E4BAE8FBCD22CB1A5901A2C824, C1A2264C0984DD16C83B663C9CE43E049E1356E32C5771C3ACE225F285699138 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
20:57:08.0504 0x0258  IntcAzAudAddService - ok
20:57:08.0521 0x0258  [ DAE6C3099D291EED8922A65C29ABCF52, AD0A932345382824122F84AF97A8609BAE1B916A3B9FD608779A1411E37D3643 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
20:57:08.0540 0x0258  Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
20:57:10.0977 0x0258  Detect skipped due to KSN trusted
20:57:10.0977 0x0258  Intel(R) Capability Licensing Service Interface - ok
20:57:11.0029 0x0258  [ D45226E3E7A25F1E7CE8DF8FD0A2A098, 7BD74E9E3CB0A83D26BA3FD8177C6B9BA46A8695B6569CF7887FDC87947DA2D6 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
20:57:11.0070 0x0258  Intel(R) Capability Licensing Service TCP IP Interface - ok
20:57:11.0076 0x0258  [ CBF7341E55A8348C7AB01A9870C7D948, A5084DF3C6321788C88A9E6B5F43FE5BCFDBB579BDE3A4D5F55558C6D13035A5 ] Intel(R) PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
20:57:11.0087 0x0258  Intel(R) PROSet Monitoring Service - ok
20:57:11.0091 0x0258  [ 0F2B113E615DE1139597DE92EB1932A0, 9FDD6A74A538B8DF6DE7DB95AE1BA0654BF0E4C15FBBC9C83998FB1F1E93793D ] Intel(R) TA SAM C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe
20:57:11.0097 0x0258  Intel(R) TA SAM - ok
20:57:11.0102 0x0258  [ 5F158EFE9E72A5D6EDB9A59B3966A972, 8052CE286B9CC94ABBE9DC36A0D66A4DC45FE381D41C6CEBDAD8ABD78113C2EB ] Intel(R) Technology Access Legacy CS Loader C:\Program Files\Intel Corporation\Intel(R) Technology Access\LegacyCsLoaderService.exe
20:57:11.0108 0x0258  Intel(R) Technology Access Legacy CS Loader - ok
20:57:11.0116 0x0258  [ BA2EF85C5B79DE726B0C87587EEE6D90, 51A60B377E9A1F7C1EE88357CB5B63F8036D4CB977B37C4669BED88029A68721 ] Intel(R) TechnologyAccessService C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe
20:57:11.0127 0x0258  Intel(R) TechnologyAccessService - ok
20:57:11.0129 0x0258  intelide - ok
20:57:11.0131 0x0258  intelpep - ok
20:57:11.0132 0x0258  intelppm - ok
20:57:11.0134 0x0258  IoQos - ok
20:57:11.0136 0x0258  IpFilterDriver - ok
20:57:11.0138 0x0258  iphlpsvc - ok
20:57:11.0139 0x0258  IPMIDRV - ok
20:57:11.0141 0x0258  IPNAT - ok
20:57:11.0152 0x0258  [ 7C109F2155E962A5700165D9AD6868FD, 85F595EFADBA4604C70FB9DBD24D872EB91F7D384D26EA82CFC8754559453026 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
20:57:11.0165 0x0258  iPod Service - ok
20:57:11.0167 0x0258  IRENUM - ok
20:57:11.0168 0x0258  isapnp - ok
20:57:11.0170 0x0258  iScsiPrt - ok
20:57:11.0176 0x0258  [ 64700303BF6592C1D139F68C63EE597A, 1094057F109B322832F72E1C727F9717292750B0826AEDA7B940B78FCF3E0F17 ] iumsvc          C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
20:57:11.0193 0x0258  iumsvc - ok
20:57:11.0198 0x0258  [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
20:57:11.0205 0x0258  jhi_service - ok
20:57:11.0207 0x0258  kbdclass - ok
20:57:11.0209 0x0258  kbdhid - ok
20:57:11.0211 0x0258  kdnic - ok
20:57:11.0212 0x0258  KeyIso - ok
20:57:11.0221 0x0258  [ BEE1682DA217A4AD46C36896769AA580, 4D853D78E459F7BFE4F4217FCAD47CDACFAC19C2F6CF8261FBAA46BDB387FFDC ] kl1             C:\WINDOWS\system32\DRIVERS\kl1.sys
20:57:11.0236 0x0258  kl1 - ok
20:57:11.0240 0x0258  [ 86F40D79CE80ACBE6BEBAC8CE89D75A0, 8B800425160D1AF3C32EF7B5CA794658EE09CD3EE782473D8D38E1C7706076B3 ] klbackupdisk    C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys
20:57:11.0250 0x0258  klbackupdisk - ok
20:57:11.0254 0x0258  [ 2B4BC41223326FF440E2DB32B9239138, E95D5BB3388D6B219A4C175D5DA77CEB620A27A13F5AA4E7E2C05694B6E26947 ] klbackupflt     C:\WINDOWS\system32\DRIVERS\klbackupflt.sys
20:57:11.0260 0x0258  klbackupflt - ok
20:57:11.0263 0x0258  [ 1557DF622127972EDB3DD3A61E7763CC, F6E8F31760B549B882180EB6FB45B40CA6CEDC5E61B11E02609C26E053F7C902 ] kldisk          C:\WINDOWS\system32\DRIVERS\kldisk.sys
20:57:11.0269 0x0258  kldisk - ok
20:57:11.0272 0x0258  [ E2097C8F18F1E8E3B7D09F12B51843A3, 0506A99BD0962AAE64692BD7F080DB080F8B678DC59685CF22830A47B486430C ] klelam          C:\WINDOWS\system32\DRIVERS\klelam.sys
20:57:11.0280 0x0258  klelam - ok
20:57:11.0285 0x0258  [ D103BF27B16C31B0496B0CBB38EE21FB, FF1D9AAEED9E8F0992B8E432D7B79C5D3254BD773205F28151B07372B8B1BB92 ] klflt           C:\WINDOWS\system32\DRIVERS\klflt.sys
20:57:11.0292 0x0258  klflt - ok
20:57:11.0298 0x0258  [ 59C41AB76A88C3AB7AADA1FD2ECB12F5, 943122266762E3C94593C6E7DDE9A177D79073DC7B32AD4AADE952D0DE1EBB60 ] klhk            C:\WINDOWS\system32\DRIVERS\klhk.sys
20:57:11.0305 0x0258  klhk - ok
20:57:11.0321 0x0258  [ 935514F3BC992223B6C3ADAE4064383B, 6A5FF6A6FF880C9A5F8E33EF1067CAEFE4550F8A56C891D0CB064A4404AEF884 ] KLIF            C:\WINDOWS\system32\DRIVERS\klif.sys
20:57:11.0337 0x0258  KLIF - ok
20:57:11.0341 0x0258  [ E62321376344231F5F488758ACC6D553, 1155C1FDD5C95B05EABBD4268A7D3FFF050D0C0921B61226179C312605AB46C3 ] KLIM6           C:\WINDOWS\system32\DRIVERS\klim6.sys
20:57:11.0346 0x0258  KLIM6 - ok
20:57:11.0349 0x0258  [ DAE5768E6FD34A36E3B9D1AF1FCA682B, 24DA0B71E3B4AC0FABEE0BF687DF8D35283DBF808CA3AB6F86E72B37471F6B33 ] klkbdflt        C:\WINDOWS\system32\DRIVERS\klkbdflt.sys
20:57:11.0353 0x0258  klkbdflt - ok
20:57:11.0356 0x0258  [ FD47C92A63B6EADEA830BFA96C06EAEE, C15C39B6FA53CBD01A2F95243845C4B706B4229F8FFB75C7128819B9CEE5B2CB ] klmouflt        C:\WINDOWS\system32\DRIVERS\klmouflt.sys
20:57:11.0361 0x0258  klmouflt - ok
20:57:11.0364 0x0258  [ F610F5F17BC87D61EF8954CCD793BAE4, A77FE26B4A474FE799C3D569BDD7858319C57FC14C1BB43ECFAB1FDB19AF5DC6 ] klpd            C:\WINDOWS\system32\DRIVERS\klpd.sys
20:57:11.0369 0x0258  klpd - ok
20:57:11.0373 0x0258  [ CAEB8838AE66B906B116951EB3A25299, F8E036B44DD41E3C76AC6BB7285071224C2B12DEE53A5F0AF5F33013A3873E60 ] klwfp           C:\WINDOWS\system32\DRIVERS\klwfp.sys
20:57:11.0378 0x0258  klwfp - ok
20:57:11.0382 0x0258  [ 91234D71CEED29F2DBA16942CABDCA4F, 5D71BAC86C33BC77EEBF1ECB8F372DFE631991E4C5F36EAF0C8C957150BD6D52 ] Klwtp           C:\WINDOWS\system32\DRIVERS\klwtp.sys
20:57:11.0387 0x0258  Klwtp - ok
20:57:11.0392 0x0258  [ 1686DE8288052316EFDD49EEA8929065, AD43D6ACCD8693BD76F218E1A4EE088BA061C1309A3E7DAA7EC94D875985D895 ] kneps           C:\WINDOWS\system32\DRIVERS\kneps.sys
20:57:11.0399 0x0258  kneps - ok
20:57:11.0401 0x0258  KSecDD - ok
20:57:11.0403 0x0258  KSecPkg - ok
20:57:11.0405 0x0258  ksthunk - ok
20:57:11.0406 0x0258  KtmRm - ok
20:57:11.0408 0x0258  LanmanServer - ok
20:57:11.0410 0x0258  LanmanWorkstation - ok
20:57:11.0413 0x0258  lfsvc - ok
20:57:11.0415 0x0258  LicenseManager - ok
20:57:11.0416 0x0258  lltdio - ok
20:57:11.0419 0x0258  lltdsvc - ok
20:57:11.0420 0x0258  lmhosts - ok
20:57:11.0429 0x0258  [ 08E2B577DB95156F9A658C988EE71F5D, D229FFD97EE9478169D2418A722FD2AD6AD10108FF1B0156BE9A1ADF38B5633A ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
20:57:11.0438 0x0258  LMS - ok
20:57:11.0442 0x0258  LSI_SAS - ok
20:57:11.0443 0x0258  LSI_SAS2i - ok
20:57:11.0445 0x0258  LSI_SAS3i - ok
20:57:11.0447 0x0258  LSI_SSS - ok
20:57:11.0449 0x0258  LSM - ok
20:57:11.0450 0x0258  luafv - ok
20:57:11.0452 0x0258  MapsBroker - ok
20:57:11.0455 0x0258  [ 81E515726AA8FC3DCED6517F30DD70CD, F667211FC6DACB883CAA7D13F0192A6F1323F441485657376F70FDB89891284C ] MBfilt          C:\WINDOWS\system32\drivers\MBfilt64.sys
20:57:11.0459 0x0258  MBfilt - ok
20:57:11.0462 0x0258  megasas - ok
20:57:11.0463 0x0258  megasr - ok
20:57:11.0467 0x0258  [ E0EF6C1399A9B1AAA0B28590411BED04, 10C193D1ED434A6DC2AD8C450012B9AF1C848A0A0B3B775F13495648FB77E009 ] MEIx64          C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys
20:57:11.0472 0x0258  MEIx64 - ok
20:57:11.0476 0x0258  [ FCEEE953517CA72E4238954467CD63E8, B83FCF5CD882D9325729A1B347BAF741E51BC10B3ED0A47AF977D47BB68B19B5 ] mfencrk         C:\WINDOWS\system32\DRIVERS\mfencrk.sys
20:57:11.0482 0x0258  mfencrk - ok
20:57:11.0484 0x0258  mlx4_bus - ok
20:57:11.0486 0x0258  MMCSS - ok
20:57:11.0488 0x0258  Modem - ok
20:57:11.0489 0x0258  monitor - ok
20:57:11.0491 0x0258  mouclass - ok
20:57:11.0493 0x0258  mouhid - ok
20:57:11.0495 0x0258  mountmgr - ok
20:57:11.0499 0x0258  [ 81E8AF6407EC3F41908FE37F054353EA, 756C7656ED68AEAE4225E952ED1CED0717264D3378DB8DF0B2D70B6EBC67C62F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:57:11.0516 0x0258  MozillaMaintenance - ok
20:57:11.0518 0x0258  mpsdrv - ok
20:57:11.0519 0x0258  MpsSvc - ok
20:57:11.0521 0x0258  MRxDAV - ok
20:57:11.0523 0x0258  mrxsmb - ok
20:57:11.0525 0x0258  mrxsmb10 - ok
20:57:11.0528 0x0258  mrxsmb20 - ok
20:57:11.0530 0x0258  MsBridge - ok
20:57:11.0531 0x0258  MSDTC - ok
20:57:11.0534 0x0258  Msfs - ok
20:57:11.0536 0x0258  msgpiowin32 - ok
20:57:11.0538 0x0258  mshidkmdf - ok
20:57:11.0540 0x0258  mshidumdf - ok
20:57:11.0541 0x0258  msisadrv - ok
20:57:11.0543 0x0258  MSiSCSI - ok
20:57:11.0546 0x0258  msiserver - ok
20:57:11.0548 0x0258  MSKSSRV - ok
20:57:11.0550 0x0258  MsLldp - ok
20:57:11.0552 0x0258  MSPCLOCK - ok
20:57:11.0553 0x0258  MSPQM - ok
20:57:11.0555 0x0258  MsRPC - ok
20:57:11.0558 0x0258  mssmbios - ok
20:57:11.0559 0x0258  MSTEE - ok
20:57:11.0561 0x0258  MTConfig - ok
20:57:11.0563 0x0258  Mup - ok
20:57:11.0565 0x0258  mvumis - ok
20:57:11.0567 0x0258  NativeWifiP - ok
20:57:11.0569 0x0258  NcaSvc - ok
20:57:11.0571 0x0258  NcbService - ok
20:57:11.0572 0x0258  NcdAutoSetup - ok
20:57:11.0575 0x0258  ndfltr - ok
20:57:11.0577 0x0258  NDIS - ok
20:57:11.0580 0x0258  NdisCap - ok
20:57:11.0582 0x0258  NdisImPlatform - ok
20:57:11.0585 0x0258  [ 93052B06C5E4F33B0A459DD3CDA0E8D4, 3A3C8D8F5D733E4E7D44DB026DDE88A1C117A9AA5275C42A5B16CE1EBE8CE908 ] ndisrd          C:\WINDOWS\system32\DRIVERS\ndisrfl.sys
20:57:11.0590 0x0258  ndisrd - ok
20:57:11.0592 0x0258  NdisTapi - ok
20:57:11.0594 0x0258  Ndisuio - ok
20:57:11.0596 0x0258  NdisVirtualBus - ok
20:57:11.0597 0x0258  NdisWan - ok
20:57:11.0599 0x0258  ndiswanlegacy - ok
20:57:11.0601 0x0258  ndproxy - ok
20:57:11.0603 0x0258  Ndu - ok
20:57:11.0604 0x0258  NetBIOS - ok
20:57:11.0606 0x0258  NetBT - ok
20:57:11.0608 0x0258  Netlogon - ok
20:57:11.0610 0x0258  Netman - ok
20:57:11.0612 0x0258  netprofm - ok
20:57:11.0614 0x0258  NetSetupSvc - ok
20:57:11.0617 0x0258  [ 3C3FEBD9D5CA88A92B8BCA720218D0BD, 394E9A4A9003F729B22C49FB4D63EFD044DF5263782500EB9DBB09BCC4884A41 ] NetTap630       C:\WINDOWS\system32\DRIVERS\nettap630.sys
20:57:11.0623 0x0258  NetTap630 - ok
20:57:11.0628 0x0258  NetTcpPortSharing - ok
20:57:11.0630 0x0258  netvsc - ok
20:57:11.0633 0x0258  NgcCtnrSvc - ok
20:57:11.0634 0x0258  NgcSvc - ok
20:57:11.0636 0x0258  NlaSvc - ok
20:57:11.0638 0x0258  Npfs - ok
20:57:11.0641 0x0258  npsvctrig - ok
20:57:11.0643 0x0258  nsi - ok
20:57:11.0644 0x0258  nsiproxy - ok
20:57:11.0647 0x0258  NTFS - ok
20:57:11.0648 0x0258  Null - ok
20:57:11.0653 0x0258  [ 624C1453F9109D98F7E2612DAD76BBB1, 4578623BF7EA1AF42038070AA3A1A9AC4A9582132ABBFAD9C3A99F46308DE8C3 ] NVHDA           C:\WINDOWS\system32\drivers\nvhda64v.sys
20:57:11.0660 0x0258  NVHDA - ok
20:57:11.0806 0x0258  [ DF0BB2C179476D312B7BC0056CEC50A6, 64CC3201FA903E0EC9C99BE167C439C14A4C9AC2A88898B64789EEB381DB97B6 ] nvlddmkm        C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
20:57:11.0956 0x0258  nvlddmkm - ok
20:57:12.0206 0x0258  [ F9CF3FB8DD81B390783532B3C98D6976, 8C94638136CFAEB3ED6DD7CE2059E98B64B15918DDB0796CC0B88474EE99F5BF ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
20:57:12.0235 0x0258  NvNetworkService - ok
20:57:12.0239 0x0258  nvraid - ok
20:57:12.0240 0x0258  nvstor - ok
20:57:12.0242 0x0258  [ 3A7B0570D896602E37EAF80EC3D1615A, 1F5A71432F96731115ADA2A50E605923666188D08F9FD748424AB6588D0E1482 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
20:57:12.0247 0x0258  NvStreamKms - ok
20:57:12.0248 0x0258  NvStreamSvc - ok
20:57:12.0264 0x0258  [ DFCCA437717EACA8418F47992A41B39A, E587A629B894EE6A16AC414747D492FFC6B6E9F051B40F7D25F0D4406E2FF919 ] nvsvc           C:\WINDOWS\system32\nvvsvc.exe
20:57:12.0285 0x0258  nvsvc - ok
20:57:12.0288 0x0258  [ DBFE7B2DF103F74AE51840B3C5F25FE9, 436CAA417FD24BA870F117FA4BABA2AB694825795508BCFCC8C927CC2D5BBC5E ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
20:57:12.0293 0x0258  nvvad_WaveExtensible - ok
20:57:12.0295 0x0258  nv_agp - ok
20:57:12.0297 0x0258  OneSyncSvc - ok
20:57:12.0303 0x0258  [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC918BF6BE94A5C2 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:57:12.0315 0x0258  ose - ok
20:57:12.0318 0x0258  p2pimsvc - ok
20:57:12.0320 0x0258  p2psvc - ok
20:57:12.0321 0x0258  Parport - ok
20:57:12.0323 0x0258  partmgr - ok
20:57:12.0324 0x0258  PcaSvc - ok
20:57:12.0326 0x0258  pci - ok
20:57:12.0329 0x0258  pciide - ok
20:57:12.0330 0x0258  pcmcia - ok
20:57:12.0333 0x0258  pcw - ok
20:57:12.0334 0x0258  pdc - ok
20:57:12.0336 0x0258  PEAUTH - ok
20:57:12.0338 0x0258  percsas2i - ok
20:57:12.0340 0x0258  percsas3i - ok
20:57:12.0366 0x0258  PerfHost - ok
20:57:12.0370 0x0258  PimIndexMaintenanceSvc - ok
20:57:12.0373 0x0258  pla - ok
20:57:12.0375 0x0258  PlugPlay - ok
20:57:12.0376 0x0258  PNRPAutoReg - ok
20:57:12.0378 0x0258  PNRPsvc - ok
20:57:12.0380 0x0258  PolicyAgent - ok
20:57:12.0382 0x0258  Power - ok
20:57:12.0384 0x0258  PptpMiniport - ok
20:57:12.0439 0x0258  [ 12E2582F69ACA40A6BAE91DA578CBF34, 648C6394763906AA4163976DA2C3308F8B706486D9D8F16258CB1D61C2929930 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
20:57:12.0528 0x0258  PrintNotify - ok
20:57:12.0533 0x0258  Processor - ok
20:57:12.0534 0x0258  ProfSvc - ok
20:57:12.0536 0x0258  Psched - ok
20:57:12.0545 0x0258  [ 2ACAB8C99FFCB2555A5979944D26EB50, BA0543FEBFCB50A7A379D695F110DB0C6CB5AA299D3C517FE270635044F00BFA ] QASvc           C:\Program Files\Acer\Acer Quick Access\QASvc.exe
20:57:12.0555 0x0258  QASvc - ok
20:57:12.0558 0x0258  QWAVE - ok
20:57:12.0559 0x0258  QWAVEdrv - ok
20:57:12.0561 0x0258  RasAcd - ok
20:57:12.0563 0x0258  RasAgileVpn - ok
20:57:12.0565 0x0258  RasAuto - ok
20:57:12.0566 0x0258  Rasl2tp - ok
20:57:12.0568 0x0258  RasMan - ok
20:57:12.0570 0x0258  RasPppoe - ok
20:57:12.0571 0x0258  RasSstp - ok
20:57:12.0573 0x0258  rdbss - ok
20:57:12.0576 0x0258  rdpbus - ok
20:57:12.0577 0x0258  RDPDR - ok
20:57:12.0581 0x0258  RdpVideoMiniport - ok
20:57:12.0583 0x0258  rdyboost - ok
20:57:12.0584 0x0258  ReFSv1 - ok
20:57:12.0586 0x0258  RemoteAccess - ok
20:57:12.0589 0x0258  RemoteRegistry - ok
20:57:12.0591 0x0258  RetailDemo - ok
20:57:12.0592 0x0258  RFCOMM - ok
20:57:12.0598 0x0258  [ 41DDCF1ADD1FB7DE23DCF671740DDBE6, 87ECB5C883CEFF76D126A5B4D92E069C9298FA5B62CC981870F9ECCA13C074F1 ] RichVideo       C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
20:57:12.0606 0x0258  RichVideo - ok
20:57:12.0608 0x0258  RpcEptMapper - ok
20:57:12.0610 0x0258  RpcLocator - ok
20:57:12.0612 0x0258  RpcSs - ok
20:57:12.0614 0x0258  rspndr - ok
20:57:12.0619 0x0258  [ 8EB9D800AA6AF3A65289DD58FF9D6DBC, 47AE3AA0EBAE757FF653D617AAAAFAD975C577C02E4D51CA6337E9CBD1FF9B0D ] RSUSBSTOR       C:\WINDOWS\System32\Drivers\RtsUStor.sys
20:57:12.0627 0x0258  RSUSBSTOR - ok
20:57:12.0630 0x0258  s3cap - ok
20:57:12.0632 0x0258  SamSs - ok
20:57:12.0634 0x0258  sbp2port - ok
20:57:12.0636 0x0258  SCardSvr - ok
20:57:12.0637 0x0258  ScDeviceEnum - ok
20:57:12.0639 0x0258  scfilter - ok
20:57:12.0641 0x0258  Schedule - ok
20:57:12.0643 0x0258  SCPolicySvc - ok
20:57:12.0647 0x0258  sdbus - ok
20:57:12.0649 0x0258  SDRSVC - ok
20:57:12.0651 0x0258  sdstor - ok
20:57:12.0653 0x0258  seclogon - ok
20:57:12.0655 0x0258  SENS - ok
20:57:12.0657 0x0258  SensorDataService - ok
20:57:12.0658 0x0258  SensorService - ok
20:57:12.0660 0x0258  SensrSvc - ok
20:57:12.0662 0x0258  SerCx - ok
20:57:12.0664 0x0258  SerCx2 - ok
20:57:12.0665 0x0258  Serenum - ok
20:57:12.0667 0x0258  Serial - ok
20:57:12.0669 0x0258  sermouse - ok
20:57:12.0674 0x0258  SessionEnv - ok
20:57:12.0675 0x0258  sfloppy - ok
20:57:12.0677 0x0258  SharedAccess - ok
20:57:12.0680 0x0258  ShellHWDetection - ok
20:57:12.0682 0x0258  SiSRaid2 - ok
20:57:12.0683 0x0258  SiSRaid4 - ok
20:57:12.0690 0x0258  [ 0B70786BD1062CD4C6B58E412B9C3E55, 60ED027642FFF97BFFA55AE3EFFCCBB6D6AD8196D35E9ED06F9AF431E3C0402A ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
20:57:12.0717 0x0258  SkypeUpdate - ok
20:57:12.0719 0x0258  smphost - ok
20:57:12.0721 0x0258  SmsRouter - ok
20:57:12.0724 0x0258  SNMPTRAP - ok
20:57:12.0726 0x0258  spaceport - ok
20:57:12.0728 0x0258  SpbCx - ok
20:57:12.0730 0x0258  Spooler - ok
20:57:12.0731 0x0258  sppsvc - ok
20:57:12.0733 0x0258  srv - ok
20:57:12.0735 0x0258  srv2 - ok
20:57:12.0737 0x0258  srvnet - ok
20:57:12.0739 0x0258  SSDPSRV - ok
20:57:12.0741 0x0258  SstpSvc - ok
20:57:12.0743 0x0258  StateRepository - ok
20:57:12.0751 0x0258  [ 49B1E5AF3AA400752A20BE169CB73DFA, D990BC79B289912EB07F3FD50F1236C593A45C5E9B7BD8162269687258E07CE2 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
20:57:12.0762 0x0258  Stereo Service - ok
20:57:12.0764 0x0258  stexstor - ok
20:57:12.0766 0x0258  stisvc - ok
20:57:12.0768 0x0258  storahci - ok
20:57:12.0769 0x0258  storflt - ok
20:57:12.0771 0x0258  stornvme - ok
20:57:12.0773 0x0258  storqosflt - ok
20:57:12.0775 0x0258  StorSvc - ok
20:57:12.0776 0x0258  storufs - ok
20:57:12.0778 0x0258  storvsc - ok
20:57:12.0780 0x0258  svsvc - ok
20:57:12.0796 0x0258  swenum - ok
20:57:12.0798 0x0258  swprv - ok
20:57:12.0800 0x0258  Synth3dVsc - ok
20:57:12.0801 0x0258  SysMain - ok
20:57:12.0803 0x0258  SystemEventsBroker - ok
20:57:12.0805 0x0258  TabletInputService - ok
20:57:12.0807 0x0258  TapiSrv - ok
20:57:12.0808 0x0258  Tcpip - ok
20:57:12.0810 0x0258  Tcpip6 - ok
20:57:12.0813 0x0258  tcpipreg - ok
20:57:12.0815 0x0258  tdx - ok
20:57:12.0817 0x0258  terminpt - ok
20:57:12.0819 0x0258  TermService - ok
20:57:12.0821 0x0258  Themes - ok
20:57:12.0823 0x0258  tiledatamodelsvc - ok
20:57:12.0824 0x0258  TimeBroker - ok
20:57:12.0826 0x0258  TPM - ok
20:57:12.0828 0x0258  TrkWks - ok
20:57:12.0830 0x0258  TrustedInstaller - ok
20:57:12.0832 0x0258  TsUsbFlt - ok
20:57:12.0834 0x0258  TsUsbGD - ok
20:57:12.0836 0x0258  tunnel - ok
20:57:12.0837 0x0258  uagp35 - ok
20:57:12.0839 0x0258  UASPStor - ok
20:57:12.0841 0x0258  UcmCx0101 - ok
20:57:12.0843 0x0258  UcmUcsi - ok
20:57:12.0845 0x0258  Ucx01000 - ok
20:57:12.0847 0x0258  UdeCx - ok
20:57:12.0848 0x0258  udfs - ok
20:57:12.0850 0x0258  UEFI - ok
20:57:12.0855 0x0258  [ EB7E8BF35D31BC9F111E282C2F263854, 8969BCC5072499A2ACFEFF583BC7849BA25629EB0CBB708D581FC8D58388E772 ] UEIPSvc         C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
20:57:12.0863 0x0258  UEIPSvc - ok
20:57:12.0865 0x0258  Ufx01000 - ok
20:57:12.0867 0x0258  UfxChipidea - ok
20:57:12.0869 0x0258  ufxsynopsys - ok
20:57:12.0872 0x0258  UI0Detect - ok
20:57:12.0874 0x0258  uliagpkx - ok
20:57:12.0876 0x0258  umbus - ok
20:57:12.0878 0x0258  UmPass - ok
20:57:12.0880 0x0258  UmRdpService - ok
20:57:12.0882 0x0258  UnistoreSvc - ok
20:57:12.0886 0x0258  upnphost - ok
20:57:12.0887 0x0258  UrsChipidea - ok
20:57:12.0889 0x0258  UrsCx01000 - ok
20:57:12.0891 0x0258  UrsSynopsys - ok
20:57:12.0892 0x0258  usbccgp - ok
20:57:12.0894 0x0258  usbcir - ok
20:57:12.0896 0x0258  usbehci - ok
20:57:12.0898 0x0258  usbhub - ok
20:57:12.0899 0x0258  USBHUB3 - ok
20:57:12.0901 0x0258  usbohci - ok
20:57:12.0903 0x0258  usbprint - ok
20:57:12.0905 0x0258  usbser - ok
20:57:12.0906 0x0258  USBSTOR - ok
20:57:12.0908 0x0258  usbuhci - ok
20:57:12.0910 0x0258  USBXHCI - ok
20:57:12.0912 0x0258  UserDataSvc - ok
20:57:12.0915 0x0258  UserManager - ok
20:57:12.0917 0x0258  UsoSvc - ok
20:57:12.0919 0x0258  VaultSvc - ok
20:57:12.0921 0x0258  vdrvroot - ok
20:57:12.0922 0x0258  vds - ok
20:57:12.0924 0x0258  VerifierExt - ok
20:57:12.0925 0x0258  vhdmp - ok
20:57:12.0927 0x0258  vhf - ok
20:57:12.0929 0x0258  vmbus - ok
20:57:12.0931 0x0258  VMBusHID - ok
20:57:12.0933 0x0258  vmicguestinterface - ok
20:57:12.0934 0x0258  vmicheartbeat - ok
20:57:12.0936 0x0258  vmickvpexchange - ok
20:57:12.0937 0x0258  vmicrdv - ok
20:57:12.0939 0x0258  vmicshutdown - ok
20:57:12.0941 0x0258  vmictimesync - ok
20:57:12.0942 0x0258  vmicvmsession - ok
20:57:12.0944 0x0258  vmicvss - ok
20:57:12.0946 0x0258  volmgr - ok
20:57:12.0948 0x0258  volmgrx - ok
20:57:12.0949 0x0258  volsnap - ok
20:57:12.0951 0x0258  vpci - ok
20:57:12.0953 0x0258  vsmraid - ok
20:57:12.0955 0x0258  VSS - ok
20:57:12.0962 0x0258  [ 79F4D90FAA0ACC1866F2F3E03E39CA89, EE08BCBF29A7E4AFFF520B8DF067281425F433EC275F8C86CE8F20F000E92E3D ] vssbrigde64     C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe
20:57:12.0973 0x0258  vssbrigde64 - ok
20:57:12.0975 0x0258  VSTXRAID - ok
20:57:12.0977 0x0258  vwifibus - ok
20:57:12.0979 0x0258  vwififlt - ok
20:57:12.0981 0x0258  vwifimp - ok
20:57:12.0983 0x0258  W32Time - ok
20:57:12.0985 0x0258  WacomPen - ok
20:57:12.0987 0x0258  WalletService - ok
20:57:12.0988 0x0258  wanarp - ok
20:57:12.0990 0x0258  wanarpv6 - ok
20:57:12.0992 0x0258  wbengine - ok
20:57:12.0994 0x0258  WbioSrvc - ok
20:57:12.0996 0x0258  Wcmsvc - ok
20:57:12.0998 0x0258  wcncsvc - ok
20:57:13.0000 0x0258  WcsPlugInService - ok
20:57:13.0001 0x0258  WdBoot - ok
20:57:13.0003 0x0258  Wdf01000 - ok
20:57:13.0005 0x0258  WdFilter - ok
20:57:13.0007 0x0258  WdiServiceHost - ok
20:57:13.0009 0x0258  WdiSystemHost - ok
20:57:13.0011 0x0258  wdiwifi - ok
20:57:13.0013 0x0258  WdNisDrv - ok
20:57:13.0014 0x0258  WdNisSvc - ok
20:57:13.0016 0x0258  WebClient - ok
20:57:13.0018 0x0258  Wecsvc - ok
20:57:13.0019 0x0258  WEPHOSTSVC - ok
20:57:13.0021 0x0258  wercplsupport - ok
20:57:13.0023 0x0258  WerSvc - ok
20:57:13.0025 0x0258  wfpcapture - ok
20:57:13.0027 0x0258  WFPLWFS - ok
20:57:13.0029 0x0258  WiaRpc - ok
20:57:13.0031 0x0258  WIMMount - ok
20:57:13.0032 0x0258  WinDefend - ok
20:57:13.0036 0x0258  WindowsTrustedRT - ok
20:57:13.0038 0x0258  WindowsTrustedRTProxy - ok
20:57:13.0040 0x0258  WinHttpAutoProxySvc - ok
20:57:13.0041 0x0258  WinMad - ok
20:57:13.0046 0x0258  Winmgmt - ok
20:57:13.0048 0x0258  WinRM - ok
20:57:13.0051 0x0258  WINUSB - ok
20:57:13.0053 0x0258  WinVerbs - ok
20:57:13.0055 0x0258  WlanSvc - ok
20:57:13.0057 0x0258  wlidsvc - ok
20:57:13.0058 0x0258  WmiAcpi - ok
20:57:13.0061 0x0258  wmiApSrv - ok
20:57:13.0063 0x0258  WMPNetworkSvc - ok
20:57:13.0065 0x0258  Wof - ok
20:57:13.0068 0x0258  workfolderssvc - ok
20:57:13.0070 0x0258  wpcfltr - ok
20:57:13.0072 0x0258  WPDBusEnum - ok
20:57:13.0074 0x0258  WpdUpFltr - ok
20:57:13.0075 0x0258  WpnService - ok
20:57:13.0077 0x0258  ws2ifsl - ok
20:57:13.0079 0x0258  wscsvc - ok
20:57:13.0081 0x0258  WSearch - ok
20:57:13.0085 0x0258  WSService - ok
20:57:13.0088 0x0258  wuauserv - ok
20:57:13.0090 0x0258  WudfPf - ok
20:57:13.0092 0x0258  WUDFRd - ok
20:57:13.0095 0x0258  wudfsvc - ok
20:57:13.0097 0x0258  WUDFWpdFs - ok
20:57:13.0099 0x0258  WwanSvc - ok
20:57:13.0101 0x0258  XblAuthManager - ok
20:57:13.0103 0x0258  XblGameSave - ok
20:57:13.0104 0x0258  xboxgip - ok
20:57:13.0106 0x0258  XboxNetApiSvc - ok
20:57:13.0108 0x0258  xinputhid - ok
20:57:13.0109 0x0258  ================ Scan global ===============================
20:57:13.0116 0x0258  [ Global ] - ok
20:57:13.0116 0x0258  ================ Scan MBR ==================================
20:57:13.0117 0x0258  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
20:57:13.0148 0x0258  \Device\Harddisk0\DR0 - ok
20:57:13.0150 0x0258  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
20:57:13.0230 0x0258  \Device\Harddisk1\DR1 - ok
20:57:13.0230 0x0258  ================ Scan VBR ==================================
20:57:13.0231 0x0258  [ 4C85F724CCCBAF24E9FDF90054E5169A ] \Device\Harddisk0\DR0\Partition1
20:57:13.0233 0x0258  \Device\Harddisk0\DR0\Partition1 - ok
20:57:13.0234 0x0258  [ FFC52679839345BE46CABEC052266BFD ] \Device\Harddisk0\DR0\Partition2
20:57:13.0235 0x0258  \Device\Harddisk0\DR0\Partition2 - ok
20:57:13.0236 0x0258  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
20:57:13.0236 0x0258  \Device\Harddisk0\DR0\Partition3 - ok
20:57:13.0238 0x0258  [ 7D004251CBBB56FBA16273F931C731B7 ] \Device\Harddisk0\DR0\Partition4
20:57:13.0239 0x0258  \Device\Harddisk0\DR0\Partition4 - ok
20:57:13.0240 0x0258  [ FA75B3E77B1348A16F42F29FF1543BC7 ] \Device\Harddisk0\DR0\Partition5
20:57:13.0242 0x0258  \Device\Harddisk0\DR0\Partition5 - ok
20:57:13.0245 0x0258  [ 097327FAAAE8B8841E6E3C807A021B2D ] \Device\Harddisk1\DR1\Partition1
20:57:13.0302 0x0258  \Device\Harddisk1\DR1\Partition1 - ok
20:57:13.0331 0x0258  [ F12ABFE7132969147997B08FF6D2CBAB ] \Device\Harddisk1\DR1\Partition2
20:57:13.0345 0x0258  \Device\Harddisk1\DR1\Partition2 - ok
20:57:13.0346 0x0258  ================ Scan generic autorun ======================
20:57:13.0579 0x0258  [ 65E8545F1297CD83534C354A7BED1848, 19B3F3C17A335837454DC1851C6436D0BB2D8B1595AEB4DC71265FB20868B48F ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
20:57:13.0831 0x0258  RTHDVCPL - ok
20:57:13.0841 0x0258  MBCfg64 - ok
20:57:13.0879 0x0258  [ 046DDF9B31BEC14D03CCC97DD728A4D1, D29F49F870B27553E13F9C1486D9B27A27C41FBEC7ACEC77EDFD5552C941E710 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
20:57:13.0975 0x0258  NvBackend - ok
20:57:13.0978 0x0258  ShadowPlay - ok
20:57:14.0060 0x0258  [ 4F249E7F6B1513C6CE6080566D12096D, 8CD68DA14FAD3EA91DB10632A0CE4A17FDEA31DE37729017A0D205FC25756719 ] E:\Programme\iTunes\iTunesHelper.exe
20:57:14.0100 0x0258  iTunesHelper - ok
20:57:14.0135 0x0258  [ CF61EC0DDF6431D727FE13C4AD95C5FD, EE9002487EF11EAA1B058B573FD584431F02A233A9A8E64E095727423CB550C3 ] C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe
20:57:14.0201 0x0258  Sound Blaster Cinema - detected UnsignedFile.Multi.Generic ( 1 )
20:57:16.0632 0x0258  Detect skipped due to KSN trusted
20:57:16.0632 0x0258  Sound Blaster Cinema - ok
20:57:16.0642 0x0258  [ C419DF63E0121D72411285780C2FC6CC, F47F854D327C589D174D3BB5B55D5C05F5ACA73DF52A6BEF47596B9010190291 ] C:\Windows\UpdReg.EXE
20:57:16.0692 0x0258  UpdReg - detected UnsignedFile.Multi.Generic ( 1 )
20:57:19.0118 0x0258  Detect skipped due to KSN trusted
20:57:19.0118 0x0258  UpdReg - ok
20:57:19.0132 0x0258  [ 3AC269FDBF84B8BE16D5EBAD1F373550, 9EEEFB96D7940816C681968ABA15F7E05DFF4D5D29B93BF5E9D5D3F8475C0DF2 ] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
20:57:19.0192 0x0258  IMSS - ok
20:57:19.0197 0x0258  [ 46AF05417D7E9D930AF3F0746D0F707D, DBA154F682AFB8BC8483207EA2DA0AC0460C4F4F8F7B01A0F31D53B6E94F3A48 ] C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
20:57:19.0228 0x0258  abDocsDllLoader - ok
20:57:19.0239 0x0258  [ F916BA0DA28A4B4F7B1ADE76EB42F088, FB3C91D44709D039E959B275F6ECE26AF9307D272FE3E25CC41EAC259AA3B596 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
20:57:19.0281 0x0258  SunJavaUpdateSched - ok
20:57:19.0309 0x0258  OneDriveSetup - ok
20:57:19.0310 0x0258  OneDriveSetup - ok
20:57:19.0311 0x0258  Skype - ok
20:57:19.0322 0x0258  [ C2D2FFD27F46815951C9562F0A2EC864, 892A5DC5C3D797E3FD36230710BA9AF43ADA5CDFD19A03268D20D5A9DA3CCB3A ] C:\Users\Rene\AppData\Local\Microsoft\OneDrive\OneDrive.exe
20:57:19.0339 0x0258  OneDrive - ok
20:57:19.0341 0x0258  OneDriveSetup - ok
20:57:19.0342 0x0258  WAB Migrate - ok
20:57:19.0342 0x0258  Waiting for KSN requests completion. In queue: 4
20:57:20.0343 0x0258  Waiting for KSN requests completion. In queue: 4
20:57:21.0344 0x0258  Waiting for KSN requests completion. In queue: 4
20:57:22.0424 0x0258  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.10240.16384 ), 0x61100 ( enabled : updated )
20:57:22.0444 0x0258  AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\wmiav.exe ( 16.0.0.614 ), 0x41000 ( enabled : updated )
20:57:22.0445 0x0258  FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\wmiav.exe ( 16.0.0.614 ), 0x41010 ( enabled )
20:57:24.0839 0x0258  ============================================================
20:57:24.0839 0x0258  Scan finished
20:57:24.0839 0x0258  ============================================================
20:57:24.0848 0x1a70  Detected object count: 0
20:57:24.0848 0x1a70  Actual detected object count: 0

deeprybka · 05.10.2015, 21:19

Also auf mich macht der Rechner einen sehr "gepflegten" Eindruck. Wir machen jetzt einfach mal die obligatorischen Kontrollscans - auch wenn ich nicht glaube, dass da was gefunden wird.

Schritt 1

Download und Anleitung
Starte Malwarebytes' Anti-Malware (MBAM).
Sollte die Benutzeroberfläche noch in Englisch sein, klicke auf Settings und wähle bei Language Deutsch aus.
Unter Einstellungen/ Erkennung und Schutz setze bitte einen Haken bei "Suche nach Rootkits".
Gehe zurück zum Armaturenbrett und klicke auf "Jetzt scannen".
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben und poste mir das Log.

Externe Festplatten etc. brauchst bei Schritt 2 nicht mitscannen, ebenso kann die Firewall bleiben wie sie ist.

Schritt 2

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Gromsh · 06.10.2015, 05:19

moin moin Jürgen, warum steht das "gepflegt" in Gänsefüßchen?

der Rechner ist auch gerade mal 3-4 Monate alt und erst am 24.09.15 von Windows 8.1 auf Windows 10 geupdatet worden. Hab gestern schon überlegt ob das eventuell der Grund sein könnte warum die Bank der Meinung ist ich hätte einen Trojanerbefall. Was mich noch mehr verwirrt ist das wir zusammen hier jetzt mit mehreren Programmen anscheinend nichts gefunden haben, die Bank aber innerhalb eines 5 minütigen Einloggvorgangs von mir einen Trojaner auf meinem System erkannt haben will.

anbei der Log von MBAM, Rest kommt heute Abend, muss jetzt leider erstmal arbeiten

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 06.10.2015
Suchlaufzeit: 06:06
Protokolldatei: MBAM.txt
Administrator: Ja

Version: 2.1.8.1057
Malware-Datenbank: v2015.10.05.07
Rootkit-Datenbank: v2015.10.02.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: Rene

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 456208
Abgelaufene Zeit: 6 Min., 8 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 1
PUP.Optional.HomePageHelper, HKU\S-1-5-21-3483221009-4124455393-22982181-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{3E118B1E-CB9A-11E4-825E-3010B342DFA8}, , [5efd80d3018a53e3b7b3baf5788c748c], 

Registrierungswerte: 4
PUP.Optional.HomePageHelper, HKU\S-1-5-21-3483221009-4124455393-22982181-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{3E118B1E-CB9A-11E4-825E-3010B342DFA8}|FaviconURL, hxxp://homepage-web.com/favicon.ico, , [5efd80d3018a53e3b7b3baf5788c748c]
PUP.Optional.HomePageHelper, HKU\S-1-5-21-3483221009-4124455393-22982181-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{3E118B1E-CB9A-11E4-825E-3010B342DFA8}|FaviconURLFallback, hxxp://homepage-web.com/favicon.ico, , [bf9c66ed1675350173f7e7c8758fce32]
PUP.Optional.HomePageHelper, HKU\S-1-5-21-3483221009-4124455393-22982181-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{3E118B1E-CB9A-11E4-825E-3010B342DFA8}|TopResultURL, hxxp://search.homepage-web.com/?src=omnibox&partner=acer&q={searchTerms}, , [53085df64d3e9f974a206946f311ea16]
PUP.Optional.HomePageHelper, HKU\S-1-5-21-3483221009-4124455393-22982181-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{3E118B1E-CB9A-11E4-825E-3010B342DFA8}|URL, hxxp://search.homepage-web.com/?src=omnibox&partner=acer&q={searchTerms}, , [f16aef64741738fe591107a8b2524fb1]

Registrierungsdaten: 1
PUP.Optional.HomePageHelper, HKU\S-1-5-21-3483221009-4124455393-22982181-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://homepage-web.com/?s=acer&m=start, Gut: (www.google.com), Schlecht: (hxxp://homepage-web.com/?s=acer&m=start),,[96c5ea69494275c1a7299cec040113ed]

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 2
PUP.Optional.WebSearch, C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\mer8p3sr.default\searchplugins\Web Search.xml, , [0556a3b01279082eb6d6eaec57ad51af], 
PUP.Optional.HomePageHelper, C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\mer8p3sr.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.newtab.url", "hxxp://homepage-web.com/?s=acer&m=tab");), ,[71ea1e3574175fd7511a4c74a3620ef2]

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

deeprybka · 06.10.2015, 07:52

Hi,
mit "gepflegt" meine ich einen guten Zustand der sicherheitskritischen Software wie Java und Flash.
Gute Frage, nur wird die Bank damit nicht rausrücken vermute ich.

Warten wir noch auf ESET.

Gromsh · 06.10.2015, 21:12

Guten Abend Jürgen,

Habe mir ESET geladen ... beim herunterladen der Signaturen Datenbank hat er eben bei 96% abgebrochen und gefragt ob ich hinter einem Proxy sitze ... da dies nicht der Fall ist habe ich eben nochmal gestartet

*UPDATE*

hat funktioniert ... Scan läuft

ESET Logfile

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=239fbc69f8f7d949beec78ea8c96dc3d
# end=init
# utc_time=2015-10-06 06:15:41
# local_time=2015-10-06 08:15:41 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT 
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=37126
Update Finalize
Updated modules version: 0
Old modules - leave modules
Update Init
Update Download
Update Init
Update Download
Update Finalize
Updated modules version: 26111
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=239fbc69f8f7d949beec78ea8c96dc3d
# end=updated
# utc_time=2015-10-06 07:17:08
# local_time=2015-10-06 09:17:08 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT 
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=239fbc69f8f7d949beec78ea8c96dc3d
# engine=26111
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-10-06 08:06:16
# local_time=2015-10-06 10:06:16 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 6785 7635988 0 0
# scanned=257200
# found=0
# cleaned=0
# scan_time=2946

deeprybka · 07.10.2015, 08:51

Naja,
die Scanner bestätigen meine Ansicht. Klassische Banker-Malware läuft auf dem PC nicht.
Wenn Du Spaß am Formatieren hast, kann ich Dich nicht daran hindern.

Ich an Deiner Stelle würde aber mal bei der Bank nachfragen wie sie zu dieser Einschätzung kommen. Ob z.B. wirkliche Transaktionsversuche durchgeführt wurden etc. wäre interessant. Oder sind nur Deine Login-Daten irgendwo aufgetaucht. So ne Pauschal-Aussage "Formatieren" würde mir persönlich nicht ausreichen.

Schreib mir doch mal ne Private Nachricht um welche Bank es sich handelt.

Gromsh · 07.10.2015, 11:37

PN ist raus ...

formatieren würde ich äußerst ungern und auch nur wenn mindestens der geringste Verdacht einer Infektion des Rechners besteht.

deeprybka · 07.10.2015, 11:51

Hab ich Dir doch gesagt. Wenn Deine Login-Daten irgendwo rumschwirren, dann reagiert die Bank so.
Und wenn man die bei ner Phishing-Seite eingegeben hat, dann kannst Formatieren wie Du willst.

Meiner Meinung nach ist der Rechner sauber. Ich würde die Login-Details ändern lassen und gut.
Wenn die rumzicken - der Kunde ist König und andere Banken belohnen einen Girokontenwechsel sogar mit cash.

Zuviel Vorsicht schadet nicht. Im Kontext mit Deinem Fall ist die Aufforderung für mich aber zu radikal und mithin abzulehnen.
Wenn Du das mobile-TAN verfahren benutzt, auf nem Billighandy für 30 Euro das nur SMS kann, was soll dann bei intakter Kanaltrennung passieren. Da bräuchte man schon nen SIM-Karten-Klon.

Gromsh · 07.10.2015, 11:58

also gehe ich Recht in der Annahme das auch Du davon ausgehst das mein Rechner clean ist?

noch ne anderen Frage, obwohl die hier wahrscheinlich nicht hingehört (einfach sagen dann frag ich in nem anderen Forenteil)

ich hab ja von Win 8.1 auf Win 10 upgedatet ... und ich finde meinen USB Stick mit meiner alten Sicherung nicht. Kann ich jetzt im Nachhinein nochmal ne Sicherung erstellen, also ne Art Recovery Stick ... man bekommt ja mittlerweile zu den Rechnern nicht mal mehr Software auf CD/DVD mit

deeprybka · 07.10.2015, 12:03

Bin nur mit Handy da. Meinst Du ne Win 10 DVD etc.?

Antworte abends aysführlicher.

Ich sehe keine Malware, 3 Scanner sehen keine Malware, ergo....

Onlinebanking Zugang von der Bank gesperrt - keine Infektion gefunden

Log-Analyse und Auswertung: Onlinebanking Zugang von der Bank gesperrt - keine Infektion gefunden