Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Werbungen, Popups, Weiterleitungen

Werbungen, Popups, Weiterleitungen


Plagegeister aller Art und deren Bekämpfung: Werbungen, Popups, Weiterleitungen

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 06.05.2016, 15:37   #1
19luigi96
 
Werbungen, Popups, Weiterleitungen - Ausrufezeichen

Werbungen, Popups, Weiterleitungen


Hallo liebe Leute!

Ich habe ein großes Problem mit meinem Laptop. Leider werde ich beim Surfen im Internet ständig auf nervige Werbeseiten weitergeleitet. Das ganze geschieht meistens dann, wenn ich normale Suchbegriffe wie beispielsweise "GMail" oder "youtube" eingebe. Klicke ich dann auf das erste Suchergebnis, werde ich automatisch auf eine Werbeseite weitergeleitet. Ich kann dann auch nicht mehr zurück, muss immer den tab komplett schließen.

Die Werbeseiten bestehen aus verschiedenen, gefälschten Amazon- Anzeigen oder Gewinnspielen. Oft erscheinen Meldungen mit einem Signalton, die mich dazu auffordern, einen kostenlosen PC- Scan durchzuführen. "Warten Sie, der Scan startet in 15 Sekunden".
Mach ich natürlich nicht.

Kaspersky ist installiert, findet aber überhaupt nichts. Kurze Zeit habe ich Kaspersky deaktiviert und Avast ausprobiert, auch ohne Erfolg. Freeware Scanprogramme gegen Maleware und Popups habe ich ebenfalls schon installiert, das nützt alles nichts.

Meine Browser habe ich auch schon zurückgesetzt und auch schon neu installiert, das hilft auch nicht.

Das Junkware- Removal Tool schreibt folgendes:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.6 (04.25.2016)
Operating System: Windows 10 Home x64
Ran by 19luigi96 (Administrator) on 06.05.2016 at 15:41:02,63
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 3

Successfully deleted: C:\Users\(******)\AppData\Local\crashrpt (Folder)
Successfully deleted: C:\WINDOWS\prefetch\AVAST_FREE_ANTIVIRUS_SETUP_ON-3280B93E.pf (File)
Successfully deleted: C:\WINDOWS\prefetch\DRIVERREVIVER.EXE-D0049E95.pf (File)



Registry: 1

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C81B2D82-DE6E-4C0F-A975-C894891304E3} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 06.05.2016 at 15:43:10,17
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Ich hoffe, mir kann jemand helfen, ich habe keine Ahnung was ich noch alles machen soll.

LG.

Alt 06.05.2016, 19:49   #2
M-K-D-B
/// TB-Ausbilder
 
Werbungen, Popups, Weiterleitungen - Standard

Werbungen, Popups, Weiterleitungen





Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.


Bitte beachte folgende Hinweise:
  • Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
  • Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
  • Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
  • Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
  • Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
  • Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort als Administrator zu starten!



Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:
So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!




Zur ersten Analyse bitte FRST und TDSS-Killer ausführen:


Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)






Schritt 2
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.







Bitte poste mit deiner nächsten Antwort
  • die Logdatei von TDSS-Killer,
  • die beiden neuen Logdateien von FRST.
__________________
Alt 06.05.2016, 20:39   #3
19luigi96
 
Werbungen, Popups, Weiterleitungen - Standard

Werbungen, Popups, Weiterleitungen


Hallo. Ich danke dir vielmals, dass du mir hilfst.

Habe alles Schritt für Schritt abgearbeitet, hier die Ergebnisse:

Schritt 1: FRST 64 bit
FRST.txt:

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:06-05-2016 03
durchgeführt von 19luigi96 (Administrator) auf LUKAS (06-05-2016 21:13:53)
Gestartet von D:\Downloads
Geladene Profile: 19luigi96 (Verfügbare Profile: 19luigi96 & Administrator)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Dassault Systèmes) C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Intel(R) Corporation) C:\Program Files\Intel Corporation\Intel(R) Technology Access\LegacyCsLoaderService.exe
(Intel(R) Corporation) C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(A1 Telekom Austria AG) C:\Program Files (x86)\A1 Servicecenter\A1 Servicecenter\A1Servicecenter_Notification.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Spotify Ltd) C:\Users\19luigi96\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\19luigi96\AppData\Roaming\Spotify\SpotifyCrashService.exe
(Spotify Ltd) C:\Users\19luigi96\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\19luigi96\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Spotify Ltd) C:\Users\19luigi96\AppData\Roaming\Spotify\Spotify.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.325.12390.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.19761.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1601.49020.0_x64__8wekyb3d8bbwe\Calculator.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-05-26] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387376 2014-05-13] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397752 2016-04-27] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [BacKGround Agent] => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [62208 2014-12-19] ()
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2016-04-05] (LogMeIn Inc.)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
HKU\S-1-5-21-1020560147-1002730045-4244577835-1001\...\Run: [AcerCloud] => "C:\Program Files (x86)\Acer\Acer Portal\acpanel_win.exe" startup
HKU\S-1-5-21-1020560147-1002730045-4244577835-1001\...\Run: [HP Officejet Pro 8620 (NET)] => C:\Program Files\HP\HP Officejet Pro 8620\Bin\ScanToPCActivationApp.exe [3487240 2014-07-21] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-1020560147-1002730045-4244577835-1001\...\Run: [HP Officejet Pro 8620 (NET) #2] => C:\Program Files\HP\HP Officejet Pro 8620\Bin\ScanToPCActivationApp.exe [3487240 2014-07-21] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-1020560147-1002730045-4244577835-1001\...\Run: [Spotify Web Helper] => C:\Users\19luigi96\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1525360 2016-04-28] (Spotify Ltd)
HKU\S-1-5-21-1020560147-1002730045-4244577835-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8641240 2016-02-12] (Piriform Ltd)
HKU\S-1-5-21-1020560147-1002730045-4244577835-1001\...\RunOnce: [Uninstall C:\Users\19luigi96\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\19luigi96\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  Keine Datei
Startup: C:\Users\19luigi96\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - .lnk [2015-08-10]
ShortcutTarget: Tintenwarnungen überwachen - .lnk -> C:\Program Files\HP\HP Officejet Pro 8620\Bin\HPStatusBL.dll (Hewlett-Packard Development Company, LP)
Startup: C:\Users\19luigi96\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet Pro 8620 (Netzwerk).lnk [2015-11-05]
ShortcutTarget: Tintenwarnungen überwachen - HP Officejet Pro 8620 (Netzwerk).lnk -> C:\Program Files\HP\HP Officejet Pro 8620\Bin\HPStatusBL.dll (Hewlett-Packard Development Company, LP)
Startup: C:\Users\19luigi96\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet Pro 8620.lnk [2016-05-06]
ShortcutTarget: Tintenwarnungen überwachen - HP Officejet Pro 8620.lnk -> C:\Program Files\HP\HP Officejet Pro 8620\Bin\HPStatusBL.dll (Hewlett-Packard Development Company, LP)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SOLIDWORKS 2015 Schnellstart.lnk [2015-10-05]
ShortcutTarget: SOLIDWORKS 2015 Schnellstart.lnk -> C:\Windows\Installer\{F8093877-4F2C-40ED-9BA7-2F9F48F5176F}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe (Flexera Software LLC)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\..\Interfaces\{3801378c-19fb-4249-bd3f-ee84311b4a5a}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{9c55ce6f-8b82-4961-afc2-89734233e46f}: [DhcpNameServer] 8.8.8.8

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1020560147-1002730045-4244577835-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1020560147-1002730045-4244577835-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKU\S-1-5-21-1020560147-1002730045-4244577835-1001 -> DefaultScope {18864BE2-BC64-46D6-8324-56B28B0AAAB6} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1020560147-1002730045-4244577835-1001 -> {18864BE2-BC64-46D6-8324-56B28B0AAAB6} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1020560147-1002730045-4244577835-1001 -> {9CDA2F28-FE39-4047-91D4-EABECC4C82C6} URL = hxxps://at.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\PROGRA~2\mcafee\siteadvisor\x64\mcieplg.dll => Keine Datei
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-11-15] (AO Kaspersky Lab)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-03-19] (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\PROGRA~2\mcafee\siteadvisor\mcieplg.dll => Keine Datei
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-11-15] (AO Kaspersky Lab)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-03-19] (Oracle Corporation)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\siteadvisor\x64\mcieplg.dll Keine Datei
Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-11-15] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\siteadvisor\mcieplg.dll Keine Datei
Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-11-15] (AO Kaspersky Lab)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\siteadvisor\mcieplg.dll Keine Datei
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\siteadvisor\mcieplg.dll Keine Datei
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)

FireFox:
========
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-02-19] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-02-19] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-03-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-03-19] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-03-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-03-27] (Google Inc.)
FF Plugin HKU\S-1-5-21-1020560147-1002730045-4244577835-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\19luigi96\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-12-05] (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox
FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox [2016-03-01]

Chrome: 
=======
CHR Profile: C:\Users\19luigi96\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\19luigi96\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-03-27]
CHR Extension: (Google Docs) - C:\Users\19luigi96\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-03-27]
CHR Extension: (Google Drive) - C:\Users\19luigi96\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-27]
CHR Extension: (YouTube) - C:\Users\19luigi96\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-27]
CHR Extension: (Adblock Plus) - C:\Users\19luigi96\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-03-28]
CHR Extension: (Kaspersky Protection) - C:\Users\19luigi96\AppData\Local\Google\Chrome\User Data\Default\Extensions\eahebamiopdhefndnmappcihfajigkka [2016-03-27]
CHR Extension: (Google Tabellen) - C:\Users\19luigi96\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-03-27]
CHR Extension: (SiteAdvisor) - C:\Users\19luigi96\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2016-03-27]
CHR Extension: (Google Docs Offline) - C:\Users\19luigi96\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-27]
CHR Extension: (Skype) - C:\Users\19luigi96\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-05-06]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\19luigi96\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Google Mail) - C:\Users\19luigi96\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-27]
CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [194000 2015-11-15] (Kaspersky Lab ZAO)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
R2 DraftSight API Service; C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [125440 2016-02-04] (Dassault Systèmes) [Datei ist nicht signiert]
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-06-12] (Acer Incorporated)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1164856 2016-04-27] (NVIDIA Corporation)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [26680 2016-02-18] (Hewlett-Packard Company)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [370064 2015-10-14] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-02-19] (Intel Corporation)
S3 Intel(R) TA SAM; C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-08-12] (Intel Corporation)
R2 Intel(R) TechnologyAccessLegacyCSLoader; C:\Program Files\Intel Corporation\Intel(R) Technology Access\LegacyCsLoaderService.exe [154272 2016-03-15] (Intel(R) Corporation)
R2 Intel(R) TechnologyAccessService; C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe [479392 2016-03-15] (Intel(R) Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-26] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-02-19] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2016-04-05] (LogMeIn, Inc.)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [466664 2014-06-10] (Acer Incorporate)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-04-27] (NVIDIA Corporation)
S3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-04-27] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-04-27] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910128 2015-02-15] (Electronic Arts)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-06-26] (Acer Incorporate)
S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2015-06-26] (SolidWorks) [Datei ist nicht signiert]
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [233216 2014-06-23] (acer)
S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe [144640 2015-07-09] (AO Kaspersky Lab)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 AndnetBus; C:\Windows\System32\drivers\lgandnetbus64.sys [20992 2014-10-10] (LG Electronics Inc.)
S3 AndNetDiag; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [30720 2014-10-10] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [37376 2014-10-10] (LG Electronics Inc.)
S3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [165376 2015-10-30] (Microsoft Corporation)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-11-12] (LogMeIn Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70512 2015-06-27] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [77728 2016-03-01] (AO Kaspersky Lab)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [30328 2015-06-24] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [181640 2015-11-15] (AO Kaspersky Lab)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [227512 2015-11-15] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [927640 2016-03-01] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [39608 2015-06-11] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [41656 2015-06-06] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41352 2015-11-15] (AO Kaspersky Lab)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [87944 2015-11-15] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [102584 2015-06-16] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-05-06] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [116736 2014-02-19] (Intel Corporation)
R1 ndisrd; C:\Windows\system32\DRIVERS\ndisrfl.sys [50448 2015-07-28] (Intel Corporation)
S3 NetTap630; C:\Windows\system32\DRIVERS\nettap630.sys [76560 2015-07-29] (Intel Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-04-27] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-27] (NVIDIA Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [402960 2015-12-20] (Realsil Semiconductor Corporation)
S3 USBTINSP; C:\Windows\System32\drivers\tinspusb.sys [142848 2014-04-21] (Texas Instruments)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S1 epp; \??\C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\epp.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-05-06 21:13 - 2016-05-06 21:13 - 00000000 ____D C:\FRST
2016-05-06 10:27 - 2016-05-06 21:12 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-05-06 10:27 - 2016-05-06 10:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-05-06 10:27 - 2016-05-06 10:27 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-05-06 10:27 - 2016-05-06 10:27 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-05-06 10:27 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-05-06 10:27 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-05-06 10:27 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-05-03 13:25 - 2016-05-03 13:25 - 00000000 ____D C:\Users\19luigi96\AppData\Roaming\NVIDIA
2016-05-02 16:37 - 2016-05-02 16:37 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2016-05-02 16:36 - 2016-05-02 16:36 - 00000000 ____D C:\ProgramData\NVIDIA
2016-05-02 16:36 - 2016-05-02 16:36 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-05-02 16:36 - 2016-04-27 14:18 - 06369728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-05-02 16:36 - 2016-04-27 14:18 - 02994744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-05-02 16:36 - 2016-04-27 14:18 - 02563128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-05-02 16:36 - 2016-04-27 14:18 - 01265720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-05-02 16:36 - 2016-04-27 14:18 - 00530880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-05-02 16:36 - 2016-04-27 14:18 - 00393784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-05-02 16:36 - 2016-04-27 14:18 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-05-02 16:36 - 2016-04-27 14:18 - 00071224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-05-02 16:36 - 2016-04-25 07:33 - 06381278 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-05-02 16:36 - 2016-04-16 00:53 - 00130328 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2016-05-02 16:36 - 2016-04-16 00:53 - 00040216 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2016-05-02 16:36 - 2016-04-16 00:52 - 00130840 _____ C:\WINDOWS\system32\vulkan-1.dll
2016-05-02 16:36 - 2016-04-16 00:52 - 00045336 _____ C:\WINDOWS\system32\vulkaninfo.exe
2016-05-02 16:35 - 2016-05-02 16:35 - 00000000 ____D C:\NVIDIA
2016-05-02 16:35 - 2016-04-28 18:18 - 12631616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2016-05-02 16:35 - 2016-04-27 16:33 - 42921920 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-05-02 16:35 - 2016-04-27 16:33 - 37567424 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-05-02 16:35 - 2016-04-27 16:33 - 31598136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-05-02 16:35 - 2016-04-27 16:33 - 25350712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-05-02 16:35 - 2016-04-27 16:33 - 21365048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-05-02 16:35 - 2016-04-27 16:33 - 20906872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-05-02 16:35 - 2016-04-27 16:33 - 20079168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2016-05-02 16:35 - 2016-04-27 16:33 - 17756440 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-05-02 16:35 - 2016-04-27 16:33 - 17369768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2016-05-02 16:35 - 2016-04-27 16:33 - 17350288 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-05-02 16:35 - 2016-04-27 16:33 - 17333344 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2016-05-02 16:35 - 2016-04-27 16:33 - 14227888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2016-05-02 16:35 - 2016-04-27 16:33 - 10550736 _____ C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-05-02 16:35 - 2016-04-27 16:33 - 08659472 _____ C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-05-02 16:35 - 2016-04-27 16:33 - 03685280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-05-02 16:35 - 2016-04-27 16:33 - 03262784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-05-02 16:35 - 2016-04-27 16:33 - 02614208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-05-02 16:35 - 2016-04-27 16:33 - 02258368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-05-02 16:35 - 2016-04-27 16:33 - 01922496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436510.dll
2016-05-02 16:35 - 2016-04-27 16:33 - 01573432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436510.dll
2016-05-02 16:35 - 2016-04-27 16:33 - 00960056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-05-02 16:35 - 2016-04-27 16:33 - 00887744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-05-02 16:35 - 2016-04-27 16:33 - 00786872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2016-05-02 16:35 - 2016-04-27 16:33 - 00753208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-05-02 16:35 - 2016-04-27 16:33 - 00694208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-05-02 16:35 - 2016-04-27 16:33 - 00678704 _____ C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-05-02 16:35 - 2016-04-27 16:33 - 00632152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-05-02 16:35 - 2016-04-27 16:33 - 00571912 _____ C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-05-02 16:35 - 2016-04-27 16:33 - 00425016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-05-02 16:35 - 2016-04-27 16:33 - 00379480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-05-02 16:35 - 2016-04-27 16:33 - 00379448 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-05-02 16:35 - 2016-04-27 16:33 - 00317472 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-05-02 16:35 - 2016-04-27 16:33 - 00175880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2016-05-02 16:35 - 2016-04-27 16:33 - 00153392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2016-05-02 16:35 - 2016-04-27 16:33 - 00109632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2016-05-02 16:35 - 2016-04-27 16:33 - 00100416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2016-05-02 16:35 - 2016-04-27 16:33 - 00038050 _____ C:\WINDOWS\system32\nvinfo.pb
2016-05-02 16:35 - 2016-04-27 16:33 - 00000139 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2016-05-02 16:35 - 2016-04-27 16:33 - 00000139 _____ C:\WINDOWS\system32\nv-vk64.json
2016-04-29 07:23 - 2016-04-29 07:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinFACT 7
2016-04-28 18:32 - 2016-04-28 18:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2016-04-28 18:32 - 2016-04-28 18:32 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2016-04-16 00:53 - 2016-04-16 00:53 - 00130328 _____ C:\WINDOWS\SysWOW64\vulkan-1-1-0-8-1.dll
2016-04-16 00:53 - 2016-04-16 00:53 - 00040216 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-1-0-8-1.exe
2016-04-16 00:52 - 2016-04-16 00:52 - 00130840 _____ C:\WINDOWS\system32\vulkan-1-1-0-8-1.dll
2016-04-16 00:52 - 2016-04-16 00:52 - 00045336 _____ C:\WINDOWS\system32\vulkaninfo-1-1-0-8-1.exe
2016-04-13 17:45 - 2016-03-29 12:20 - 07474016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-04-13 17:45 - 2016-03-29 12:20 - 02656952 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-13 17:45 - 2016-03-29 12:18 - 02152280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-04-13 17:45 - 2016-03-29 11:37 - 01862008 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-04-13 17:45 - 2016-03-29 10:41 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-04-13 17:45 - 2016-03-29 10:06 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-04-13 17:45 - 2016-03-29 10:01 - 00541304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-04-13 17:45 - 2016-03-29 09:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-04-13 17:45 - 2016-03-29 09:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-04-13 17:45 - 2016-03-29 09:46 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-04-13 17:45 - 2016-03-29 09:36 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-04-13 17:45 - 2016-03-29 09:19 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-04-13 17:45 - 2016-03-29 09:15 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-04-13 17:45 - 2016-03-29 09:12 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-04-13 17:45 - 2016-03-29 09:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-04-13 17:45 - 2016-03-29 09:07 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-04-13 17:45 - 2016-03-29 09:02 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-04-13 17:45 - 2016-03-29 08:42 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-04-13 17:45 - 2016-03-29 08:37 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-04-13 17:45 - 2016-03-29 08:32 - 01731584 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-04-13 17:45 - 2016-03-29 08:31 - 02275328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-04-13 17:45 - 2016-03-29 08:26 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-04-13 17:45 - 2016-03-29 08:05 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-04-13 17:45 - 2016-03-29 08:05 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-04-13 17:45 - 2016-03-29 08:02 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-04-13 17:45 - 2016-03-29 07:51 - 22378496 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-04-13 17:45 - 2016-03-29 07:41 - 24602112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-04-13 17:45 - 2016-03-29 07:41 - 12125184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-04-13 17:45 - 2016-03-29 07:39 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-04-13 17:45 - 2016-03-29 07:38 - 18673664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-04-13 17:45 - 2016-03-29 07:37 - 19340800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-04-13 17:44 - 2016-04-02 06:13 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-04-13 17:44 - 2016-04-02 06:10 - 00770640 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2016-04-13 17:44 - 2016-04-02 06:10 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-04-13 17:44 - 2016-04-02 06:10 - 00374008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-04-13 17:44 - 2016-04-02 05:30 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-04-13 17:44 - 2016-04-02 05:29 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-04-13 17:44 - 2016-04-02 05:29 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2016-04-13 17:44 - 2016-04-02 05:26 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-04-13 17:44 - 2016-04-02 05:25 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2016-04-13 17:44 - 2016-04-02 05:25 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
2016-04-13 17:44 - 2016-04-02 05:23 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-04-13 17:44 - 2016-04-02 05:23 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-04-13 17:44 - 2016-04-02 05:21 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-04-13 17:44 - 2016-04-02 05:19 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-04-13 17:44 - 2016-04-02 05:18 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-04-13 17:44 - 2016-04-02 05:15 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-04-13 17:44 - 2016-04-02 05:14 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-04-13 17:44 - 2016-04-02 05:09 - 01832448 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-04-13 17:44 - 2016-04-02 05:08 - 02193408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-04-13 17:44 - 2016-04-02 05:07 - 03575296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-04-13 17:44 - 2016-04-02 05:07 - 02158592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-04-13 17:44 - 2016-04-02 05:03 - 04774912 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-04-13 17:44 - 2016-04-02 05:00 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-04-13 17:44 - 2016-03-29 12:23 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-04-13 17:44 - 2016-03-29 12:22 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-04-13 17:44 - 2016-03-29 12:22 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-04-13 17:44 - 2016-03-29 12:20 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-04-13 17:44 - 2016-03-29 12:20 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-04-13 17:44 - 2016-03-29 12:15 - 00100232 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2016-04-13 17:44 - 2016-03-29 12:11 - 00686976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-04-13 17:44 - 2016-03-29 12:05 - 01152864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-04-13 17:44 - 2016-03-29 12:02 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-04-13 17:44 - 2016-03-29 12:02 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-04-13 17:44 - 2016-03-29 11:56 - 01297752 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-04-13 17:44 - 2016-03-29 11:28 - 00696664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-04-13 17:44 - 2016-03-29 11:28 - 00535080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2016-04-13 17:44 - 2016-03-29 11:28 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-04-13 17:44 - 2016-03-29 11:25 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
2016-04-13 17:44 - 2016-03-29 11:25 - 00058400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-04-13 17:44 - 2016-03-29 11:19 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-04-13 17:44 - 2016-03-29 11:18 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-04-13 17:44 - 2016-03-29 11:17 - 00300104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-04-13 17:44 - 2016-03-29 11:13 - 00986976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-04-13 17:44 - 2016-03-29 11:11 - 00605440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-04-13 17:44 - 2016-03-29 11:11 - 00074424 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2016-04-13 17:44 - 2016-03-29 11:10 - 00110584 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvcli.dll
2016-04-13 17:44 - 2016-03-29 11:09 - 00078040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkscli.dll
2016-04-13 17:44 - 2016-03-29 11:08 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-04-13 17:44 - 2016-03-29 11:08 - 00261376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2016-04-13 17:44 - 2016-03-29 11:07 - 00081144 _____ (Microsoft Corporation) C:\WINDOWS\system32\netapi32.dll
2016-04-13 17:44 - 2016-03-29 10:44 - 00502104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-04-13 17:44 - 2016-03-29 10:44 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-04-13 17:44 - 2016-03-29 10:41 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2016-04-13 17:44 - 2016-03-29 10:32 - 00253088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-04-13 17:44 - 2016-03-29 10:26 - 02403680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-04-13 17:44 - 2016-03-29 10:26 - 01089888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-04-13 17:44 - 2016-03-29 10:26 - 00073872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srvcli.dll
2016-04-13 17:44 - 2016-03-29 10:25 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkscli.dll
2016-04-13 17:44 - 2016-03-29 10:24 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-04-13 17:44 - 2016-03-29 10:23 - 00069744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netapi32.dll
2016-04-13 17:44 - 2016-03-29 10:21 - 00378208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2016-04-13 17:44 - 2016-03-29 10:17 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-04-13 17:44 - 2016-03-29 10:16 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-04-13 17:44 - 2016-03-29 10:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2016-04-13 17:44 - 2016-03-29 10:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2016-04-13 17:44 - 2016-03-29 10:07 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-04-13 17:44 - 2016-03-29 10:07 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2016-04-13 17:44 - 2016-03-29 10:07 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsdchngr.dll
2016-04-13 17:44 - 2016-03-29 10:06 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacchooks.dll
2016-04-13 17:44 - 2016-03-29 10:02 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-04-13 17:44 - 2016-03-29 10:00 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-04-13 17:44 - 2016-03-29 10:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2016-04-13 17:44 - 2016-03-29 10:00 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-04-13 17:44 - 2016-03-29 09:59 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2016-04-13 17:44 - 2016-03-29 09:57 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-04-13 17:44 - 2016-03-29 09:57 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-04-13 17:44 - 2016-03-29 09:57 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-04-13 17:44 - 2016-03-29 09:57 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\browcli.dll
2016-04-13 17:44 - 2016-03-29 09:55 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-04-13 17:44 - 2016-03-29 09:55 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serial.sys
2016-04-13 17:44 - 2016-03-29 09:55 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2016-04-13 17:44 - 2016-03-29 09:54 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-04-13 17:44 - 2016-03-29 09:54 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2016-04-13 17:44 - 2016-03-29 09:53 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2016-04-13 17:44 - 2016-03-29 09:52 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2016-04-13 17:44 - 2016-03-29 09:51 - 00181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2016-04-13 17:44 - 2016-03-29 09:51 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-04-13 17:44 - 2016-03-29 09:51 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-04-13 17:44 - 2016-03-29 09:50 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-04-13 17:44 - 2016-03-29 09:50 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-04-13 17:44 - 2016-03-29 09:50 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-04-13 17:44 - 2016-03-29 09:50 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-04-13 17:44 - 2016-03-29 09:50 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2016-04-13 17:44 - 2016-03-29 09:49 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthLEEnum.sys
2016-04-13 17:44 - 2016-03-29 09:49 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-04-13 17:44 - 2016-03-29 09:48 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2016-04-13 17:44 - 2016-03-29 09:48 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-04-13 17:44 - 2016-03-29 09:46 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2016-04-13 17:44 - 2016-03-29 09:44 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2016-04-13 17:44 - 2016-03-29 09:42 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-04-13 17:44 - 2016-03-29 09:39 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-04-13 17:44 - 2016-03-29 09:38 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-04-13 17:44 - 2016-03-29 09:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-04-13 17:44 - 2016-03-29 09:36 - 00530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2016-04-13 17:44 - 2016-03-29 09:35 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2016-04-13 17:44 - 2016-03-29 09:35 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2016-04-13 17:44 - 2016-03-29 09:34 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-04-13 17:44 - 2016-03-29 09:34 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-04-13 17:44 - 2016-03-29 09:34 - 00333824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2016-04-13 17:44 - 2016-03-29 09:34 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2016-04-13 17:44 - 2016-03-29 09:33 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-04-13 17:44 - 2016-03-29 09:32 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-04-13 17:44 - 2016-03-29 09:32 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-04-13 17:44 - 2016-03-29 09:30 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2016-04-13 17:44 - 2016-03-29 09:30 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-04-13 17:44 - 2016-03-29 09:28 - 00460288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-04-13 17:44 - 2016-03-29 09:27 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-04-13 17:44 - 2016-03-29 09:26 - 00169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-04-13 17:44 - 2016-03-29 09:23 - 00694784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2016-04-13 17:44 - 2016-03-29 09:23 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-04-13 17:44 - 2016-03-29 09:23 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-04-13 17:44 - 2016-03-29 09:22 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2016-04-13 17:44 - 2016-03-29 09:21 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-13 17:44 - 2016-03-29 09:20 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-04-13 17:44 - 2016-03-29 09:20 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2016-04-13 17:44 - 2016-03-29 09:20 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll
2016-04-13 17:44 - 2016-03-29 09:20 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsdchngr.dll
2016-04-13 17:44 - 2016-03-29 09:19 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-04-13 17:44 - 2016-03-29 09:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacchooks.dll
2016-04-13 17:44 - 2016-03-29 09:18 - 00676352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2016-04-13 17:44 - 2016-03-29 09:17 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-04-13 17:44 - 2016-03-29 09:17 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-04-13 17:44 - 2016-03-29 09:17 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-04-13 17:44 - 2016-03-29 09:16 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-04-13 17:44 - 2016-03-29 09:16 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-04-13 17:44 - 2016-03-29 09:15 - 01714688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-04-13 17:44 - 2016-03-29 09:14 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-04-13 17:44 - 2016-03-29 09:14 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-04-13 17:44 - 2016-03-29 09:14 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-04-13 17:44 - 2016-03-29 09:14 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-04-13 17:44 - 2016-03-29 09:13 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-04-13 17:44 - 2016-03-29 09:12 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-04-13 17:44 - 2016-03-29 09:11 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-04-13 17:44 - 2016-03-29 09:11 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-04-13 17:44 - 2016-03-29 09:11 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-04-13 17:44 - 2016-03-29 09:11 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-04-13 17:44 - 2016-03-29 09:11 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-04-13 17:44 - 2016-03-29 09:11 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\browcli.dll
2016-04-13 17:44 - 2016-03-29 09:10 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-04-13 17:44 - 2016-03-29 09:10 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-04-13 17:44 - 2016-03-29 09:09 - 01239552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-04-13 17:44 - 2016-03-29 09:09 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-04-13 17:44 - 2016-03-29 09:09 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2016-04-13 17:44 - 2016-03-29 09:08 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-04-13 17:44 - 2016-03-29 09:08 - 00841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-04-13 17:44 - 2016-03-29 09:08 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-04-13 17:44 - 2016-03-29 09:07 - 01902592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-04-13 17:44 - 2016-03-29 09:06 - 01575936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-04-13 17:44 - 2016-03-29 09:06 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-04-13 17:44 - 2016-03-29 09:06 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2016-04-13 17:44 - 2016-03-29 09:05 - 01395712 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-04-13 17:44 - 2016-03-29 09:05 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll
2016-04-13 17:44 - 2016-03-29 09:04 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2016-04-13 17:44 - 2016-03-29 09:03 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-04-13 17:44 - 2016-03-29 09:02 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-04-13 17:44 - 2016-03-29 09:02 - 01211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-04-13 17:44 - 2016-03-29 09:00 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-04-13 17:44 - 2016-03-29 09:00 - 00235008 _____ C:\WINDOWS\system32\MTF.dll
2016-04-13 17:44 - 2016-03-29 09:00 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-04-13 17:44 - 2016-03-29 09:00 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-04-13 17:44 - 2016-03-29 08:59 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-04-13 17:44 - 2016-03-29 08:59 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-04-13 17:44 - 2016-03-29 08:59 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-04-13 17:44 - 2016-03-29 08:56 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-04-13 17:44 - 2016-03-29 08:56 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-04-13 17:44 - 2016-03-29 08:55 - 01052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-04-13 17:44 - 2016-03-29 08:53 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2016-04-13 17:44 - 2016-03-29 08:53 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2016-04-13 17:44 - 2016-03-29 08:52 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-04-13 17:44 - 2016-03-29 08:52 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2016-04-13 17:44 - 2016-03-29 08:49 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2016-04-13 17:44 - 2016-03-29 08:48 - 00346624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-04-13 17:44 - 2016-03-29 08:44 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-04-13 17:44 - 2016-03-29 08:43 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AccountsRt.dll
2016-04-13 17:44 - 2016-03-29 08:42 - 01410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-04-13 17:44 - 2016-03-29 08:42 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-13 17:44 - 2016-03-29 08:41 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2016-04-13 17:44 - 2016-03-29 08:40 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2016-04-13 17:44 - 2016-03-29 08:39 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2016-04-13 17:44 - 2016-03-29 08:39 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2016-04-13 17:44 - 2016-03-29 08:39 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-04-13 17:44 - 2016-03-29 08:38 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-04-13 17:44 - 2016-03-29 08:37 - 01444352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-04-13 17:44 - 2016-03-29 08:37 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-04-13 17:44 - 2016-03-29 08:36 - 03351040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-04-13 17:44 - 2016-03-29 08:36 - 00649728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-04-13 17:44 - 2016-03-29 08:35 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-04-13 17:44 - 2016-03-29 08:34 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-04-13 17:44 - 2016-03-29 08:34 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-04-13 17:44 - 2016-03-29 08:34 - 00682496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2016-04-13 17:44 - 2016-03-29 08:34 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-04-13 17:44 - 2016-03-29 08:32 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2016-04-13 17:44 - 2016-03-29 08:32 - 01098240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-04-13 17:44 - 2016-03-29 08:32 - 00854528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2016-04-13 17:44 - 2016-03-29 08:32 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-04-13 17:44 - 2016-03-29 08:32 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-04-13 17:44 - 2016-03-29 08:32 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-04-13 17:44 - 2016-03-29 08:32 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2016-04-13 17:44 - 2016-03-29 08:31 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-04-13 17:44 - 2016-03-29 08:31 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-04-13 17:44 - 2016-03-29 08:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-04-13 17:44 - 2016-03-29 08:30 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-04-13 17:44 - 2016-03-29 08:29 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-04-13 17:44 - 2016-03-29 08:29 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-04-13 17:44 - 2016-03-29 08:28 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-04-13 17:44 - 2016-03-29 08:28 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-04-13 17:44 - 2016-03-29 08:27 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-04-13 17:44 - 2016-03-29 08:27 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-04-13 17:44 - 2016-03-29 08:27 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll
2016-04-13 17:44 - 2016-03-29 08:27 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-04-13 17:44 - 2016-03-29 08:27 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-04-13 17:44 - 2016-03-29 08:23 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2016-04-13 17:44 - 2016-03-29 08:22 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-04-13 17:44 - 2016-03-29 08:19 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-04-13 17:44 - 2016-03-29 08:17 - 00765952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-04-13 17:44 - 2016-03-29 08:14 - 01072128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-04-13 17:44 - 2016-03-29 08:13 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2016-04-13 17:44 - 2016-03-29 08:10 - 03671040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-04-13 17:44 - 2016-03-29 08:06 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-04-13 17:44 - 2016-03-29 08:05 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-04-13 17:44 - 2016-03-29 08:05 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-04-13 17:44 - 2016-03-29 08:05 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-04-13 17:44 - 2016-03-29 08:05 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-04-13 17:44 - 2016-03-29 08:04 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-04-13 17:44 - 2016-03-29 08:04 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-04-13 17:44 - 2016-03-29 08:01 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-04-13 17:44 - 2016-03-29 08:01 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-04-13 17:44 - 2016-03-29 08:00 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-04-13 17:44 - 2016-03-29 07:58 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-04-13 17:44 - 2016-03-29 07:56 - 16985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-04-13 17:44 - 2016-03-29 07:52 - 11545600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-04-13 17:44 - 2016-03-29 07:51 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-04-13 17:44 - 2016-03-29 07:49 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-04-13 17:44 - 2016-03-29 07:45 - 03078144 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2016-04-13 17:44 - 2016-03-29 07:45 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2016-04-13 17:44 - 2016-03-29 07:43 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-04-13 17:44 - 2016-03-29 07:43 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2016-04-13 17:44 - 2016-03-29 07:38 - 02798080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-04-13 17:44 - 2016-03-29 07:36 - 02722816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2016-04-13 17:44 - 2016-03-29 07:35 - 00821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2016-04-13 17:44 - 2016-03-29 07:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2016-04-13 17:44 - 2016-03-29 07:27 - 07836160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-04-13 17:44 - 2016-03-29 07:27 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-04-13 17:44 - 2016-03-29 07:27 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2016-04-13 17:44 - 2016-03-29 07:26 - 00958976 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-04-13 17:44 - 2016-03-29 07:26 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2016-04-13 17:44 - 2016-03-29 07:25 - 00712704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2016-04-13 17:44 - 2016-03-29 07:25 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2016-04-13 17:44 - 2016-03-29 07:21 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2016-04-10 16:18 - 2016-04-10 16:20 - 00394406 _____ C:\WINDOWS\ntbtlog.txt
2016-04-10 16:18 - 2016-04-10 16:18 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2016-04-10 16:15 - 2016-04-10 16:15 - 00383020 _____ C:\WINDOWS\Minidump\041016-6421-01.dmp
2016-04-10 16:15 - 2016-04-10 16:15 - 00382972 _____ C:\WINDOWS\Minidump\041016-5875-01.dmp
2016-04-10 16:14 - 2016-04-10 16:14 - 00382940 _____ C:\WINDOWS\Minidump\041016-8468-02.dmp
2016-04-10 16:04 - 2016-04-10 16:04 - 00003268 _____ C:\WINDOWS\System32\Tasks\{30045596-C1AF-483E-8B40-D361E19F2416}
2016-04-10 15:54 - 2016-04-10 15:54 - 00385052 _____ C:\WINDOWS\Minidump\041016-5812-01.dmp
2016-04-10 15:52 - 2016-04-10 15:52 - 00383084 _____ C:\WINDOWS\Minidump\041016-8437-01.dmp
2016-04-10 15:51 - 2016-04-10 15:51 - 00384076 _____ C:\WINDOWS\Minidump\041016-8046-01.dmp
2016-04-10 15:50 - 2016-04-10 15:50 - 00383020 _____ C:\WINDOWS\Minidump\041016-8468-01.dmp
2016-04-10 15:47 - 2016-04-10 15:47 - 00007605 _____ C:\Users\19luigi96\AppData\Local\Resmon.ResmonCfg
2016-04-10 15:34 - 2016-04-10 15:34 - 00000000 ____D C:\ProgramData\Emsisoft
2016-04-10 15:16 - 2016-04-10 15:16 - 00000000 ____D C:\Users\19luigi96\AppData\Local\Acer
2016-04-10 14:42 - 2016-04-10 14:43 - 00360716 _____ C:\WINDOWS\Minidump\041016-16203-01.dmp
2016-04-10 14:42 - 2016-04-10 14:42 - 00360732 _____ C:\WINDOWS\Minidump\041016-12828-01.dmp
2016-04-10 14:40 - 2016-04-10 14:40 - 00360628 _____ C:\WINDOWS\Minidump\041016-16234-01.dmp
2016-04-10 14:39 - 2016-04-10 14:39 - 00321156 _____ C:\WINDOWS\Minidump\041016-12562-01.dmp
2016-04-10 14:37 - 2016-04-10 14:37 - 00262012 _____ C:\WINDOWS\Minidump\041016-7421-01.dmp
2016-04-10 13:59 - 2016-04-10 13:59 - 00360820 _____ C:\WINDOWS\Minidump\041016-7546-01.dmp
2016-04-10 13:47 - 2016-04-10 13:47 - 00360700 _____ C:\WINDOWS\Minidump\041016-7218-01.dmp
2016-04-10 13:46 - 2016-04-10 13:46 - 00360684 _____ C:\WINDOWS\Minidump\041016-6984-01.dmp
2016-04-10 13:45 - 2016-04-10 13:45 - 00360580 _____ C:\WINDOWS\Minidump\041016-7562-01.dmp
2016-04-08 18:05 - 2016-04-08 18:05 - 00360564 _____ C:\WINDOWS\Minidump\040816-7109-01.dmp
2016-04-08 18:04 - 2016-04-08 18:04 - 00383692 _____ C:\WINDOWS\Minidump\040816-7187-01.dmp
2016-04-08 18:02 - 2016-04-08 18:02 - 00383204 _____ C:\WINDOWS\Minidump\040816-5875-01.dmp
2016-04-08 18:02 - 2016-04-08 18:02 - 00374204 _____ C:\WINDOWS\Minidump\040816-8406-01.dmp
2016-04-08 18:01 - 2016-04-08 18:01 - 00382684 _____ C:\WINDOWS\Minidump\040816-6406-01.dmp
2016-04-08 18:00 - 2016-04-08 18:00 - 00364260 _____ C:\WINDOWS\Minidump\040816-5843-01.dmp
2016-04-08 17:59 - 2016-04-08 17:59 - 00382668 _____ C:\WINDOWS\Minidump\040816-6062-01.dmp
2016-04-06 12:14 - 2016-04-06 12:18 - 00000000 ____D C:\WINDOWS\SysWOW64\vbox
2016-04-06 12:14 - 2016-04-06 12:18 - 00000000 ____D C:\WINDOWS\system32\vbox

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-05-06 21:12 - 2015-01-23 16:54 - 00000000 ____D C:\Users\19luigi96\AppData\Roaming\Spotify
2016-05-06 20:47 - 2015-07-12 10:54 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-05-06 16:30 - 2016-03-27 15:25 - 00001128 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-06 15:48 - 2015-01-23 16:54 - 00000000 ____D C:\Users\19luigi96\AppData\Local\Spotify
2016-05-06 11:31 - 2015-01-26 19:30 - 135176864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-05-06 11:29 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-05-06 11:08 - 2015-10-30 20:35 - 00776766 _____ C:\WINDOWS\system32\perfh007.dat
2016-05-06 11:08 - 2015-10-30 20:35 - 00155544 _____ C:\WINDOWS\system32\perfc007.dat
2016-05-06 11:08 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-05-06 11:08 - 2015-08-13 17:59 - 01799166 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-05-06 10:24 - 2016-03-27 15:25 - 00001124 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-06 10:24 - 2016-02-17 19:13 - 00000000 ____D C:\Users\19luigi96\AppData\Local\LogMeIn Hamachi
2016-05-06 10:24 - 2015-12-22 19:31 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-05-06 10:24 - 2014-12-02 23:52 - 00000000 __SHD C:\Users\19luigi96\IntelGraphicsProfiles
2016-05-06 10:23 - 2016-03-27 15:19 - 00000000 ____D C:\AdwCleaner
2016-05-06 10:23 - 2015-12-22 19:38 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-05-06 10:23 - 2015-10-30 08:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-05-06 10:14 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-05-06 00:09 - 2015-12-22 19:32 - 00000000 ____D C:\Users\19luigi96
2016-05-05 12:01 - 2016-02-20 14:16 - 00003268 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleFor19luigi96
2016-05-05 12:01 - 2016-02-20 14:16 - 00000360 _____ C:\WINDOWS\Tasks\HPCeeScheduleFor19luigi96.job
2016-05-05 09:55 - 2015-01-26 12:57 - 00000000 ____D C:\Users\19luigi96\AppData\Local\CrashDumps
2016-05-03 17:31 - 2016-03-27 15:26 - 00002268 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-05-03 13:27 - 2015-03-03 22:11 - 00000000 ____D C:\Users\19luigi96\AppData\Roaming\.minecraft
2016-05-02 16:36 - 2015-12-22 19:31 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-05-02 16:36 - 2015-12-22 19:31 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-05-02 16:36 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\Help
2016-04-29 07:24 - 2015-01-23 15:01 - 00000000 ____D C:\Users\19luigi96\AppData\Local\VirtualStore
2016-04-29 07:23 - 2016-01-11 09:10 - 00000000 ____D C:\Program Files (x86)\Kahlert
2016-04-28 18:32 - 2016-02-14 11:25 - 00000000 ____D C:\Users\19luigi96\AppData\Roaming\RAASPRO
2016-04-28 18:32 - 2015-12-22 19:30 - 00387592 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-04-27 16:33 - 2015-12-26 13:52 - 00112032 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2016-04-27 16:33 - 2015-11-04 22:26 - 00056384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2016-04-27 16:33 - 2014-09-24 22:21 - 01767432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2016-04-27 16:33 - 2014-09-24 22:21 - 01756424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2016-04-27 16:33 - 2014-09-24 22:21 - 01373864 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2016-04-27 16:33 - 2014-09-24 22:21 - 01316000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2016-04-21 16:19 - 2015-10-27 14:37 - 00000000 ____D C:\xampp
2016-04-21 16:16 - 2014-09-24 22:12 - 00000000 ____D C:\ProgramData\Package Cache
2016-04-19 15:35 - 2015-12-22 19:32 - 00000000 ____D C:\Users\Administrator
2016-04-16 22:47 - 2015-02-23 17:23 - 00000000 ____D C:\Users\19luigi96\AppData\Roaming\Skype
2016-04-16 16:45 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-04-14 21:26 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-04-14 21:26 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-04-14 21:26 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-04-14 21:26 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-04-13 19:53 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-04-13 19:52 - 2015-01-26 19:30 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-04-13 17:47 - 2014-12-02 23:52 - 00000000 ____D C:\Users\19luigi96\AppData\Local\Packages
2016-04-13 13:52 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-04-10 16:21 - 2016-04-03 20:07 - 00000000 ____D C:\ProgramData\AVAST Software
2016-04-10 16:15 - 2015-12-22 21:24 - 00000000 ____D C:\WINDOWS\Minidump
2016-04-08 17:45 - 2016-02-13 22:41 - 00000000 ____D C:\WINDOWS\SysWOW64\directx
2016-04-08 17:37 - 2016-02-13 22:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PMDG Simulations
2016-04-08 17:36 - 2014-09-24 22:14 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-04-07 17:18 - 2016-04-03 20:08 - 00004280 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2016-04-06 20:32 - 2015-10-30 09:26 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-04-06 20:32 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-02-17 22:21 - 2016-02-17 22:21 - 0000037 ___SH () C:\Users\19luigi96\AppData\Local\20986331705021ca58edc424.96250074
2016-04-10 15:47 - 2016-04-10 15:47 - 0007605 _____ () C:\Users\19luigi96\AppData\Local\Resmon.ResmonCfg
2015-08-03 11:19 - 2016-01-28 17:09 - 0000000 _____ () C:\Users\19luigi96\AppData\Local\Temptable.xml
2015-04-27 17:17 - 2016-03-24 23:25 - 0000028 _____ () C:\Users\19luigi96\AppData\Local\X-Plane Installer.prf
2016-03-24 22:52 - 2016-03-24 22:52 - 0000027 _____ () C:\Users\19luigi96\AppData\Local\x-plane_install_10.txt
2015-02-26 13:20 - 2015-02-26 13:20 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-12-22 19:31 - 2015-12-22 19:31 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-08-13 16:32 - 2014-04-17 00:08 - 0658000 _____ (WildTangent, Inc.) C:\ProgramData\uninstall1928852.exe

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\uninstall1928852.exe


Einige Dateien in TEMP:
====================
C:\Users\19luigi96\AppData\Local\Temp\libeay32.dll
C:\Users\19luigi96\AppData\Local\Temp\msvcr120.dll
C:\Users\19luigi96\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-04-19 21:26

==================== Ende von FRST.txt ============================[/
Alle anderen Codes folgen!
__________________
Alt 06.05.2016, 20:44   #4
19luigi96
 
Werbungen, Popups, Weiterleitungen - Standard

Werbungen, Popups, Weiterleitungen


ADDITION.txt:

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:06-05-2016 03
durchgeführt von 19luigi96 (2016-05-06 21:14:23)
Gestartet von D:\Downloads
Windows 10 Home Version 1511 (X64) (2015-12-22 17:41:17)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

19luigi96 (S-1-5-21-1020560147-1002730045-4244577835-1001 - Administrator - Enabled) => C:\Users\19luigi96
Administrator (S-1-5-21-1020560147-1002730045-4244577835-500 - Administrator - Disabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-1020560147-1002730045-4244577835-503 - Limited - Disabled)
Gast (S-1-5-21-1020560147-1002730045-4244577835-501 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.38 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0938-000001000000}) (Version: 9.38.00.0 - Igor Pavlov)
A1 Servicecenter (HKLM-x32\...\A1 Servicecenter) (Version: 9.15.2.1548 - A1 Telekom Austria AG)
abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.00.3002 - Acer Incorporated)
abMedia (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.05.2004.3 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.00.2005.6 - Acer Incorporated)
Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3016 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8107 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8105 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3016.0 - Acer Incorporated)
Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.02.3004 - Acer Incorporated)
Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.02.3004 - Acer Incorporated)
Acer Video Player (HKLM-x32\...\{B6846F20-4821-11E3-8F96-0800200C9A66}) (Version: 1.00.2005.0 - Acer Incorporated)
Aerosoft's - Airbus A318-A319 - FSX (HKLM-x32\...\Airbus A318-A319 - FSX) (Version: 1.10 - Aerosoft)
Aerosoft's - Airbus A320-A321 - FSX (HKLM-x32\...\Airbus A320-A321 - FSX) (Version: 1.10 - Aerosoft)
aerosoft's - German Airports 3 X - FSX (HKLM-x32\...\{6360C5E9-2842-4213-88B9-47D814FAAD54}) (Version: 1.01 - aerosoft)
Airbus A340 Mega Package Vol 1 FSX & P3D (HKLM\...\{F9690B9F-BF8C-4369-B054-E35EB1399EBC}) (Version: 1 - Luis Quintero, Thomas Ruth (and his team))
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.01.2008.3 - Acer Incorporated)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom NetLink Controller (HKLM\...\{7FBA83D7-D58E-4B70-9B9B-12E95B183B22}) (Version: 16.6.1.3 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.15 - Piriform)
Cities In Motion (HKLM-x32\...\{15FA5ED6-2F98-4B5E-AF0B-18E5F4723FAD}_is1) (Version:  - )
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4917 - CyberLink Corp.)
CyberLink Power Media Player 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3.4218 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.4220 - CyberLink Corp.)
Desk Pilot 1.4.3(Free) (HKLM-x32\...\Desk Pilot 1.4.3(Free)) (Version:  - )
Digitale Schulbücher (HKLM-x32\...\{DE24A5DA-8CE2-4BF8-AE5E-125FBC70BE9B}) (Version: 1.1.0.65 - VBM Service GmbH)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.6.3.1 - Dolby Laboratories Inc)
DraftSight 2016 SP0 x64 (HKLM\...\{78F7D38E-85AE-42B8-B3A2-F935AF8B64D1}) (Version: 16.0.4061 - Dassault Systemes)
Foxit PhantomPDF (HKLM-x32\...\{2DF18CA8-86F2-4F3A-A1BF-A2A7D39B9161}) (Version: 7.0.49.127 - Foxit Software Inc.)
FsPassengersX for Microsoft Flight Simulator X (HKLM-x32\...\FsPassengersX) (Version: 20160123 - SecondReality Software)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.94 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
HappyFoto-Designer 5.4 (HKLM-x32\...\HappyFoto-Designer_is1) (Version:  - )
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet Pro 8620 - Grundlegende Software für das Gerät (HKLM\...\{F6CE08BC-6929-412E-BB42-A9A7CD9721D7}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
HP Officejet Pro 8620 Hilfe (HKLM-x32\...\{F8E43C63-DFF2-4134-A46C-2A6F00517A35}) (Version: 32.0.0 - Hewlett Packard)
HP Support Assistant (HKLM-x32\...\{61EB474B-67A6-47F4-B1B7-386851BAB3D0}) (Version: 8.2.8.25 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{8F1A441E-AD6D-4732-BD6A-F38D5F1D1E47}) (Version: 12.2.8.17 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.0.1168 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4248 - Intel Corporation)
Intel(R) Technology Access (HKLM-x32\...\{1709a432-4aab-4ad0-870d-ff74abc41bdd}) (Version: 1.9.0.1021 - Intel Corporation)
Intel(R) Technology Access Software Asset Manager (x32 Version: 3.1.814 - Intel Corporation) Hidden
Intel(R) Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.20 - Intel(R) Corporation) Hidden
Intel® PROSet/Wireless Software (HKLM-x32\...\{7991b5ae-96d7-4df2-97fb-a605b7cb638b}) (Version: 17.12.0 - Intel Corporation)
Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden
KlausTrial (HKLM-x32\...\{DB2AC811-5937-43CE-B538-46EBD6F0CAC4}) (Version: 1.00.0000 - Naturalsoft)
Letasoft Sound Booster Version 1.2 (HKLM-x32\...\{6C6CF38B-11DD-45C6-A15E-A3A0C4CE60F8}_is1) (Version: 1.2 - Letasoft LLC)
LG PC Suite (HKLM-x32\...\LG PC Suite) (Version: 5.3.24.20150327 - LG Electronics)
LG United Mobile Drivers (HKLM-x32\...\{2D5218EB-6992-46E3-8ECE-76C79AB955CE}) (Version: 3.13.2.0 - LG Electronics)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.422 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.422 - LogMeIn, Inc.) Hidden
Majestic Dash8 Q400 (HKLM-x32\...\Majestic Dash8 Q400v1.013) (Version: v1.013 - Majestic Software)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Flight Simulator SimConnect Client v10.0.60905.0 (HKLM-x32\...\{D1AC9B0B-2727-4811-91DC-1FC3C4E47A9B}) (Version: 10.0.60905.0 - Microsoft Corporation)
Microsoft Flight Simulator SimConnect Client v10.0.61242.0 (HKLM-x32\...\{85DF6786-66AA-42EE-8616-AE456B07BD99}) (Version: 10.0.61242.0 - Microsoft Corporation)
Microsoft Flight Simulator SimConnect Client v10.0.61259.0 (HKLM-x32\...\{D61CA184-3F6D-4A50-B2CC-7A18447D6A8D}) (Version: 10.0.61259.0 - Microsoft Corporation)
Microsoft Flight Simulator X Service Pack 2 (HKLM-x32\...\{E7CC4B85-DC2F-463F-8FEB-E7398E25C19A}) (Version: 10.0.61472.0 - Microsoft Game Studios)
Microsoft Office 2003 Web Components (HKLM-x32\...\{90120000-00A4-0409-0000-0000000FF1CE}) (Version: 12.0.6213.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office PowerPoint 2003 Template Pack 3 (HKLM-x32\...\{90AD0407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d491dd9d-2eda-4d75-b504-1a201436e7fd}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.8.2 - Notepad++ Team)
NVIDIA GeForce Experience 2.11.2.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.2.66 - NVIDIA Corporation)
NVIDIA Grafiktreiber 365.10 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 365.10 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.0.14.2148 - Electronic Arts, Inc.)
PMDG 737 6700 NGX Expansion FSX (HKLM-x32\...\{C7EE862A-D83D-4A9F-B746-CBDE39BD7001}) (Version: 1.10.6436 - PMDG Simulations, LLC.)
PMDG 737 8900 NGX Base Package FSX (HKLM-x32\...\{20708FD5-E94D-4097-A21E-E28564CDBC06}) (Version: 1.10.6436 - PMDG Simulations, LLC.)
PMDG 777-200LR/F Base Package FSX (HKLM-x32\...\{0F16340B-5B5B-4531-8D87-4952E3BCA6E6}) (Version: 1.00.5376 - PMDG Simulations, LLC.)
POSKY Boeing 757-300 Thomas Cook FSX  (HKLM\...\{2C00E146-C9E9-4EC7-9193-72CD7F8BE1C9}) (Version:  - Project OpenSky)
Qualcomm Atheros 61x4 Wireless LAN&Bluetooth Installer (HKLM-x32\...\{3241744A-BA36-41F0-B4AA-EF3946D00632}) (Version: 11.0.0.619A - Qualcomm Atheros)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.322 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.33 - Qualcomm Atheros)
RAAS Professional by FS2Crew (LOCKED) (HKLM-x32\...\RAAS Professional by FS2Crew (LOCKED)) (Version:  - )
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.39059 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7260 - Realtek Semiconductor Corp.)
SarahTrial (HKLM-x32\...\{A4FC4084-580D-4548-9803-A9B2EE3C1E26}) (Version: 1.00.0000 - Naturalsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.2.66 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Skype™ 7.21 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.21.100 - Skype Technologies S.A.)
SOLIDWORKS 2015 x64 Edition SP02.1 (HKLM-x32\...\SolidWorks Installation Manager 20150-40201-1100-100) (Version: 23.2.1.1 - SolidWorks Corporation)
SOLIDWORKS 2015 x64 Edition SP02.1 (Version: 23.121.1 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS 2015 x64 German Resources (Version: 23.121.1 - Dassault Systèmes SolidWorks Corp) Hidden
SOLIDWORKS Composer Player 2015 SP02.1 x64 Edition (Version: 23.21.1 - Dassault Systèmes SolidWorks Corp) Hidden
SOLIDWORKS eDrawings 2015 x64 Edition SP02.1 (Version: 15.2.0033 - Dassault Systèmes SolidWorks Corp) Hidden
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.6.81.gd359a796 - Spotify AB)
Studie zur Verbesserung von HP Officejet Pro 8620 (HKLM\...\{825BC9A9-A005-4FDB-BDE9-A4F2DF69C3B7}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
TDS Boeing 737-700 AA FSX & P3D (HKLM\...\{E07401D2-F2F3-43A9-A2D4-69CBC4E646EA}) (Version: 1 - TDS, Alejandro Rojas Lucena, repaint by G Catena, repack by Chris Evans)
TI-Nspire™ Computer Link (HKLM-x32\...\{6C5AC088-3136-4043-8985-8B0772A9580E}) (Version: 3.9.0.455 - Texas Instruments Inc.)
Unity Web Player (HKU\S-1-5-21-1020560147-1002730045-4244577835-1001\...\UnityWebPlayer) (Version: 4.6.1f1 - Unity Technologies ApS)
Vulkan Run Time Libraries 1.0.8.1 (HKLM\...\VulkanRT1.0.8.1) (Version: 1.0.8.1 - LunarG, Inc.)
WestJet_L1011_Vistaliners (HKLM-x32\...\WestJet_L1011_Vistaliners) (Version:  - )
WinFACT 7 (HKLM-x32\...\{FE2A7490-32EA-47D1-BCB4-0705F73F4C24}) (Version: 7.1.1 - Ingenieurbüro Dr. Kahlert)
WinFACT 8 (HKLM-x32\...\{0F00C986-561C-4536-B62B-0EDE3475312A}) (Version: 8.1.1 - Ingenieurbüro Dr. Kahlert)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1020560147-1002730045-4244577835-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\19luigi96\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {095345C4-688F-4079-A7E9-646E5501CFE8} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe [2014-04-07] (Dolby Laboratories Inc.)
Task: {151CA8B2-F4E3-48EC-8ED0-FEBF25B57843} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {16C5EE26-5B59-493E-B0FC-9F194414028E} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {16E5994F-1799-4C07-98DD-DAF318E0B352} - System32\Tasks\CareCenter\Spotify_Reg_HKCURun_S-1-5-21-1020560147-1002730045-4244577835-1001 => C:\Users\19luigi96\AppData\Roaming\Spotify\Spotify.exe [2016-04-28] (Spotify Ltd)
Task: {1C306739-C6BB-43AB-A67F-9075A054CECB} - System32\Tasks\CareCenter\A1Servicecenter_Reg_HKLMWow6432Run => C:\Program Files (x86)\A1 Servicecenter\A1 Servicecenter\A1Servicecenter_Launcher.exe [2015-08-17] (A1)
Task: {24A3F703-3D8C-49D4-94E2-D922BAAA4E95} - System32\Tasks\CareCenter\MyPublicWiFi_Reg_HKLMWow6432Run => C:\Program Files (x86)\MyPublicWiFi\MyPublicWiFi.exe [2014-02-11] ()
Task: {287A9918-1FFF-439A-931E-4F33C1BBFAB5} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {2EB10DD2-0129-466D-BFEB-B0D7A8C3490C} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {2F5EC484-D32F-44A3-8C3F-D2DCDE515D1C} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-12] (TODO: <Company name>)
Task: {2FAFBE25-EB8D-4D43-B997-F7EABBA763AC} - System32\Tasks\HP AR Program Upload - bbd4014448154beab69eabd2dff484ea9a1134f83db9445a8f5962bbb9094fa3 => C:\Program Files\HP\HP Officejet Pro 8620\bin\HPRewards.exe [2014-07-21] (TODO: <Company name>)
Task: {316E8F1F-2948-4116-A3B2-655044092DB9} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-05-06] (Microsoft Corporation)
Task: {368B1527-D6FC-4723-844D-2F5404E73F4B} - System32\Tasks\CareCenter\OneDrive_Reg_HKCURun_S-1-5-21-1020560147-1002730045-4244577835-1001 => C:\Users\19luigi96\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2015-12-22] (Microsoft Corporation)
Task: {389A03CF-740C-479B-9933-81266E069492} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: {3A609F3E-CC0E-4CD9-AF8E-22DB3453DE39} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {3E40CF7C-3BE9-4623-AFDE-A85EC02FA468} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {506F16F9-80FE-4D47-8022-6380160D56A6} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2014-06-10] (Acer Incorporate)
Task: {53A964EB-6ABE-47AE-AF72-AE9C8AD2AA58} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-03-07] (Hewlett-Packard)
Task: {628468E4-5006-40AA-B827-467B13400D01} - System32\Tasks\HP AR Program Upload - 57425e4fc46a45bd8971d31003384695588c5414a9784f5b97518b858b6e39b0 => C:\Program Files\HP\HP Officejet Pro 8620\bin\HPRewards.exe [2014-07-21] (TODO: <Company name>)
Task: {65D5FAD8-1911-4C71-863B-4745ACB04993} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2014-06-12] (Acer Incorporated)
Task: {67C74684-5495-48F5-B4A6-207D99849A3B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {6A3E5B7E-A6AB-4D94-A3D6-0E9E1D5C8262} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-03-02] (Hewlett-Packard)
Task: {6FCD230B-43E5-4722-8EBA-832CB94353AD} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-26] (Intel Corporation)
Task: {7232FFD8-2419-4D5A-905B-9265E41A2566} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {7A84F213-DD52-43C1-B1DB-A75516F6325D} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-26] (Intel Corporation)
Task: {7B274E68-8A0B-4CA1-8D69-389A55F55445} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-03-02] (Hewlett-Packard)
Task: {815B574D-9BFB-4C65-A5B7-2E875CD5D802} - System32\Tasks\{30045596-C1AF-483E-8B40-D361E19F2416} => pcalua.exe -a "C:\Program Files (x86)\Desk Pilot 1.4.3(Free)\Uninstal.exe"
Task: {85FC9005-22FC-4DF7-9ED2-9DFA1E622E9C} - System32\Tasks\HPCustParticipation HP Officejet Pro 8620 => C:\Program Files\HP\HP Officejet Pro 8620\Bin\HPCustPartic.exe [2014-07-21] (Hewlett-Packard Development Company, LP)
Task: {864E6530-D79D-47ED-9691-3A4CE093F203} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2015-09-04] (Intel Corporation)
Task: {8A3DF52A-EBB6-4DE0-8055-1F1986FD2389} - System32\Tasks\IntelTA-Upgrade-56460984-97c2-4bc7-a632-d776cf817f5d => C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2015-08-12] (Intel Corporation)
Task: {8C0F8D7E-4A32-4E32-930B-4A68D42976E3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company)
Task: {8FA43D7D-8305-4BF6-B3AB-A10864774E72} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {9829AB20-A0B2-4778-8B83-6E78DCB294D9} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2015-07-17] ()
Task: {9AB90F94-BD2D-43A2-BFD8-03DB7BD7A872} - System32\Tasks\HPCeeScheduleFor19luigi96 => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {9ACDEF90-0947-4924-A02B-1B3880861C7B} - System32\Tasks\IntelTA-Upgrade-56460984-97c2-4bc7-a632-d776cf817f5d-Logon => C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2015-08-12] (Intel Corporation)
Task: {A2528674-D9BB-4FAC-983C-13D8521F2F16} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-27] (Google Inc.)
Task: {A33941DC-84E3-4B81-864D-E3D274D8BA3A} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [2015-11-25] ()
Task: {AF5014DB-C34A-4240-9EA4-80A285981216} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {B19DEFDC-32C3-4B83-A8D9-A58ECF74F840} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {B2B0346E-DB61-4B1D-88F5-9217CFBDA29A} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {C5B9A436-61E4-4F20-ABE8-98167B8861B3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-03-07] (Hewlett-Packard)
Task: {D0AC25E5-892D-4EF0-80C7-E2A7D1105BEE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-27] (Google Inc.)
Task: {D1F849D5-CF00-4ADB-852D-D296C8C01425} - System32\Tasks\avast! Windows 10 Start Menu helper => c:\program files\avast software\avast\asww10mon.exe
Task: {DAE0114B-CE4E-424B-8829-D3EE66AB0B50} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company)
Task: {E8AEE66B-CABA-431F-B649-E60F2AEC2567} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {EB28C1EE-FD97-47F7-9643-EF853747EFAE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-04-06] (Hewlett-Packard)
Task: {F8A7E422-ED3B-423C-B27E-56A92BB32354} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-02-12] (Piriform Ltd)
Task: {F91A08E6-1DD9-43BA-8496-45A3D24108BD} - System32\Tasks\SafeZone scheduled Autoupdate 1459710278 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe
Task: {FD133015-2D45-4501-9DCD-EED167C2FCD1} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2015-07-17] (Acer Incorporated)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleFor19luigi96.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-10-16 15:38 - 2015-10-16 15:38 - 00088064 _____ () C:\Program Files\Intel Corporation\Intel(R) Technology Access\libglog.dll
2016-03-15 15:42 - 2016-03-15 15:42 - 00368800 _____ () C:\Program Files\Intel Corporation\Intel(R) Technology Access\JsonCpp.dll
2014-09-24 22:34 - 2012-04-24 12:43 - 00254512 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2016-04-13 17:45 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-13 17:45 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2014-09-24 22:38 - 2014-07-01 14:13 - 00111872 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2015-04-15 22:13 - 2015-04-15 22:13 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2016-04-19 15:21 - 2016-04-19 15:21 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-02-12 23:13 - 2016-02-12 23:13 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2015-12-22 19:27 - 2015-12-22 19:27 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-04-13 17:44 - 2016-04-02 05:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-04-13 17:44 - 2016-04-02 05:03 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-04-13 17:44 - 2016-04-02 04:58 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-04-13 17:44 - 2016-04-02 04:59 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-04-13 17:44 - 2016-04-02 05:02 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-03-29 10:12 - 2016-03-29 10:13 - 00016896 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.325.12390.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-03-29 10:12 - 2016-03-29 10:13 - 17535488 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.325.12390.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2016-03-03 19:28 - 2016-03-03 19:28 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.325.12390.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2016-01-21 18:12 - 2016-01-21 18:12 - 03746816 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1601.49020.0_x64__8wekyb3d8bbwe\Calculator.exe
2015-12-20 11:22 - 2015-12-20 11:22 - 00258560 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1601.49020.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2015-07-09 00:18 - 2015-07-09 00:18 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\kpcengine.2.3.dll
2016-04-19 15:21 - 2016-04-19 15:21 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-19 15:21 - 2016-04-19 15:22 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2014-02-19 18:51 - 2014-02-19 18:51 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-05-03 17:31 - 2016-04-28 01:25 - 01738904 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.94\libglesv2.dll
2016-05-03 17:31 - 2016-04-28 01:25 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.94\libegl.dll
2015-03-21 20:15 - 2016-04-28 09:45 - 47503472 _____ () C:\Users\19luigi96\AppData\Roaming\Spotify\libcef.dll
2015-03-21 20:15 - 2016-04-28 09:45 - 01584240 _____ () C:\Users\19luigi96\AppData\Roaming\Spotify\libglesv2.dll
2015-03-21 20:15 - 2016-04-28 09:45 - 00082032 _____ () C:\Users\19luigi96\AppData\Roaming\Spotify\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1020560147-1002730045-4244577835-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\19luigi96\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{4f4abf89-d5be-43f8-aa57-a07067ed19b8}.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\Run32: => "A1Servicecenter"
HKU\S-1-5-21-1020560147-1002730045-4244577835-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1020560147-1002730045-4244577835-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1020560147-1002730045-4244577835-1001\...\StartupApproved\Run: => "WinThrusterReminder"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{6A917514-C7A0-4C0A-8E5B-0B788E43F01B}] => (Allow) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe
FirewallRules: [{5324807F-35E2-4CDF-9A85-489A016D8A2C}] => (Allow) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe
FirewallRules: [{F23A5594-F8EC-4265-8F4E-EF462299E6CF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{DB1155D6-E3D8-43A3-9CA7-DA088A4D99AB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{1D41004B-29A3-45BA-8FC7-3ABAEFBC9901}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{EB3A5297-9517-4844-AF21-577E48779727}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C6F5281B-3A7D-4ACD-9C55-F930C5D74EC6}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Update\M2Updater.exe
FirewallRules: [{066B4EA7-04D3-4912-85AB-1999E0E8B94A}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Update\M2Updater.exe
FirewallRules: [{2F6A0DFF-D8C0-498D-8E6C-F11765997EF9}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Servicecenter\A1Servicecenter_Repair.exe
FirewallRules: [{3DCF6E61-F8AC-4998-9E68-8DACEA9B2CE4}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Servicecenter\A1Servicecenter_Repair.exe
FirewallRules: [{6B6D29A4-7466-497E-9EF0-7E458D916BCA}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Servicecenter\A1Servicecenter_Launcher.exe
FirewallRules: [{99CFD82D-6751-4075-880B-303527BB457E}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Servicecenter\A1Servicecenter_Launcher.exe
FirewallRules: [{91F9F927-B45E-4B81-B3CF-D424AAED42B1}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Bandbreiten-Optimierer\A1_Bandbreiten_Optimierer.exe
FirewallRules: [{A7502419-75AA-4723-84AE-C9E3BA6009E0}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Bandbreiten-Optimierer\A1_Bandbreiten_Optimierer.exe
FirewallRules: [{5B7761E3-1221-4CB8-B837-5A09A9B39557}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Bandbreiten-Optimierer\A1_Bandbreiten_Optimierer.exe
FirewallRules: [{D529F5DB-807F-4DF7-9326-7E19A7F120A4}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Bandbreiten-Optimierer\A1_Bandbreiten_Optimierer.exe
FirewallRules: [{4AF98E2D-AC5F-4CA2-A4E3-0EE71E5DBD0E}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Servicecenter\A1Modemkonfigurator.exe
FirewallRules: [{66C66DA1-6174-46F7-B6C3-40352D60E15F}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Servicecenter\A1Modemkonfigurator.exe
FirewallRules: [{FC3BD932-9C5B-453D-A707-DE32BE86CA51}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Breitband\A1Breitband.exe
FirewallRules: [{93604A01-43F4-4F94-B7BA-6BC1A22081DC}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Breitband\A1Breitband.exe
FirewallRules: [{1BB7C49A-7739-4203-AC9E-8F2B0EA7C099}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Servicecenter\A1Servicecenter.exe
FirewallRules: [{82C04994-9A06-4BD9-8A46-01E522E15720}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Servicecenter\A1Servicecenter.exe
FirewallRules: [{4D5A4913-5B6B-4EFD-8CAA-5846F7ACBA7A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{AFDC61D9-909A-49EC-8AAF-88B00F374682}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe
FirewallRules: [{70D4B500-7C12-4A89-B7A1-9F7B114891C2}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe
FirewallRules: [{46FAC1D2-7F28-4A9F-AA63-BA39C4A41F5E}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{4EF19973-E6C9-4FCF-A7FC-5482F1CF8EE4}] => (Allow) LPort=5357
FirewallRules: [{1E07586E-E20D-4292-AB30-103D0D05DF8D}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\Bin\DeviceSetup.exe
FirewallRules: [{3ADD2FBE-0620-4525-A66D-1C999396EF26}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\bin\SendAFax.exe
FirewallRules: [{E4DD66A3-B4FC-45FD-9FEB-5FB7DE352A0E}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\bin\DigitalWizards.exe
FirewallRules: [{ECB94716-A1B8-4A1D-A669-16E119E79DFB}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\bin\FaxApplications.exe
FirewallRules: [{AF5DD415-F5D4-4337-9C77-96E541EC7182}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Servicecenter\A1WLANAssistent.exe
FirewallRules: [{CCDC56C7-F4E3-4E43-824F-53D66E67EC98}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Servicecenter\A1WLANAssistent.exe
FirewallRules: [{2966FB4D-C583-476B-89B4-A4AFEAC95935}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{55D1DB7B-D233-4FE1-BC3A-F577037AA8D8}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{41643B2A-850F-4535-A901-ED771F215B3F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{1C4F8203-C00D-4B20-A0C0-F764E4E1A8D5}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{AAC1D531-F5A9-466C-8F7A-F3F23F2B95AB}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{45A84740-B18F-462D-A261-D87DF268DC08}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{E36A8FB2-5BE8-43AC-B5C8-F1D91C38865A}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{AE2312F9-55A7-42AA-9A57-75FEAF2C59D2}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{4486A622-D872-4DE0-8553-CCE57DA7C426}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{35CDA8E0-6EAB-4F48-862B-572F3DE82B20}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Play.exe
FirewallRules: [{976923A9-3E58-4FBC-B384-98DAB38050BA}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{4B9BD938-C3FB-4F39-BD28-144812BEEFB8}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{7F7D2BB6-1963-4C89-8C12-562A6605FAFD}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{D93C273B-7E70-4FED-A2E0-F0BCF68A2E6F}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{A39FD355-869C-4796-9E02-1DFE5B187E67}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{12B9C52F-6D9D-4F5C-B3A6-141FA47F8704}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{DB3EB6B5-C96F-4D1D-A6FA-F6E4D326D64F}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{72946402-5DF7-4F15-82C9-6F113C0B9420}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{FB2C9DD1-4CB2-49BF-9364-FC3981A2995D}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{B6583BE9-3E50-4C9B-A231-9B2CC2AA6753}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{EC414F04-0AED-4300-810C-89AA7BDDAB9A}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{0A2FC43E-725C-4C41-A337-F52CF5D91B39}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{206547CB-4A3C-4A54-BE3C-71372DF00963}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{7A69563A-386A-4831-8053-F6580D68A87D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{064257C0-DDD0-4409-BB99-A6EAA5AA14B7}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{298D2711-F92D-4465-ACDC-1AFDD46C1542}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{232343F4-83F4-4E88-8FA4-FCD183A66AA1}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{DEB10FC8-9847-4D99-8366-D27AB0C4AD86}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{1ED2BE91-C12E-4139-8841-77ECDB165A7E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{C13EBD20-B2AA-4F59-BDDB-B5F79D4358F6}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{94A62F29-2D72-481D-BC59-E1C23D5B99C5}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{9DD6069E-4A5D-493A-8D4A-6C5357E38249}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{A7BF866D-E6D0-4EFD-A156-3DBFD7C95302}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{88D7D15B-0AFD-4D09-9FFB-8AE00FC65AB0}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{A2773EF9-8623-4DDF-B128-B6D13DC5B2FB}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{703DA667-6592-40C7-BAB7-A9ABB575B1B4}] => (Allow) C:\Program Files (x86)\Seilbahn Simulator 2014\seilbahn.exe
FirewallRules: [{0502888B-F4A6-4489-9826-337ED9C4618E}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{5AFC3091-3B54-4E18-A364-5EBA33A89C01}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\photoview\photoview360.exe
FirewallRules: [{CA27BBCE-A25B-41F1-9773-6F9987835867}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\photoview\photoview360.exe
FirewallRules: [{BF900996-E9E7-4F4C-8AEC-34597E73572A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{1E9C2860-8EBD-4B39-BF26-38C29B82BF00}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{458B84B1-2A9F-4B5A-9E05-2AF9E5AE870F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{5934A5DF-01BD-42A8-A69C-31318F2058A6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{BF0F045F-BDC5-409A-BB48-234FC7128D9A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{344FDE4E-96B4-450C-8B0A-ED479EBC45A5}] => (Allow) C:\Program Files (x86)\Seilbahn Simulator 2014\seilbahn.exe
FirewallRules: [{2570D302-F8CD-4048-B7EB-BA4CCC38583F}] => (Allow) D:\Filme\MyPublicWiFi.exe
FirewallRules: [{1A0FE94A-F4D9-467D-87D9-7F11D4CACBD5}] => (Allow) D:\Filme\MyPublicWiFi.exe
FirewallRules: [{62AE5D87-28B9-4E74-B7CF-D9D22F1E728C}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{46492EC0-B40A-43A6-81FC-186FBEAE8C2D}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{35440F5C-3CD2-4390-B3A6-95D19C618EF5}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{EFFE1EBA-8FFA-4D80-AD81-BE772E0072D1}] => (Allow) C:\Program Files (x86)\MyPublicWiFi\MyPublicWiFi.exe
FirewallRules: [{FAA03E9D-D86C-49CE-B2F9-22F914FAC775}] => (Allow) C:\Program Files (x86)\MyPublicWiFi\MyPublicWiFi.exe
FirewallRules: [{9E4CD94E-C647-4B9E-88CE-9366B2D44F56}] => (Allow) C:\Program Files (x86)\MyPublicWiFi\MyPublicWiFi.exe
FirewallRules: [{DEFA3EFE-C4DA-4E7C-AF1D-8A564FF9B48E}] => (Allow) C:\Program Files (x86)\MyPublicWiFi\MyPublicWiFi.exe

==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (05/06/2016 10:34:07 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2422

Error: (05/06/2016 10:34:07 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2422

Error: (05/06/2016 10:34:07 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/06/2016 10:34:06 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1172

Error: (05/06/2016 10:34:06 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1172

Error: (05/06/2016 10:34:06 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/06/2016 10:28:44 AM) (Source: MsiInstaller) (EventID: 1002) (User: LUKAS)
Description: Nicht erwarteter oder fehlender Wert (Name: "PackageName", Wert: "") für Schlüssel "HKLM\Software\Classes\Installer\Products\D139E7FE48CDB174D86B8A3385904547\SourceList".

Error: (05/06/2016 10:28:28 AM) (Source: HP Active Health) (EventID: 2200) (User: )
Description: Agent DriverCrash threw an exception: System.NullReferenceException: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
   bei HP.ActiveHealth.Agents.DriverCrash.DriverCrashAgent.ParseMinidump(FileInfo minidumpFile)
   bei HP.ActiveHealth.Agents.DriverCrash.DriverCrashAgent.CollectNewDataClasses(FileInfo agentStateFile, IDataClassCollector dataClassColector)
   bei HP.ActiveHealth.API.DataGeneration.AgentRunner.QueryAgentDelegate(Object agentObj)

Error: (05/06/2016 10:23:59 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NvStreamNetworkService.exe, Version: 7.1.2061.1794, Zeitstempel: 0x5702d6ad
Name des fehlerhaften Moduls: MessageBus.dll, Version: 0.0.0.0, Zeitstempel: 0x5702d023
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000010f73
ID des fehlerhaften Prozesses: 0x117c
Startzeit der fehlerhaften Anwendung: 0xNvStreamNetworkService.exe0
Pfad der fehlerhaften Anwendung: NvStreamNetworkService.exe1
Pfad des fehlerhaften Moduls: NvStreamNetworkService.exe2
Berichtskennung: NvStreamNetworkService.exe3
Vollständiger Name des fehlerhaften Pakets: NvStreamNetworkService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: NvStreamNetworkService.exe5

Error: (05/06/2016 10:23:54 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0


Systemfehler:
=============
Error: (05/06/2016 08:33:51 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}

Error: (05/06/2016 04:47:14 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (05/06/2016 03:40:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/06/2016 03:35:52 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}

Error: (05/06/2016 01:16:34 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (05/06/2016 01:07:31 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}

Error: (05/06/2016 12:08:01 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (05/06/2016 11:48:35 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}

Error: (05/06/2016 11:44:44 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (05/06/2016 10:48:27 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070490 fehlgeschlagen: HP - Other hardware, Printer - Null Fax - HP Officejet Pro 8620


CodeIntegrity:
===================================
  Date: 2016-04-18 21:13:58.638
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-14 21:27:17.479
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-14 08:12:06.473
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-24 20:55:23.498
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-18 18:41:26.354
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-17 23:16:04.158
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-17 22:06:10.323
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-07 09:20:51.881
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-04 16:49:06.108
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-02-16 08:19:57.709
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4710HQ CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 43%
Installierter physikalischer RAM: 8115.27 MB
Verfügbarer physikalischer RAM: 4608.53 MB
Summe virtueller Speicher: 9395.27 MB
Verfügbarer virtueller Speicher: 5262.04 MB

==================== Laufwerke ================================

Drive c: (Acer) (Fixed) (Total:117.99 GB) (Free:12.27 GB) NTFS
Drive d: (DATA) (Fixed) (Total:915.33 GB) (Free:720.5 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 3A122DE6)

Partition: GPT.

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 3A122D91)

Partition: GPT.

==================== Ende von Addition.txt ============================
Schritt 2: TDS Killer:

Code:
ATTFilter
21:22:03.0789 0x384c  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
21:22:03.0789 0x384c  UEFI system
21:22:08.0009 0x384c  ============================================================
21:22:08.0009 0x384c  Current date / time: 2016/05/06 21:22:08.0009
21:22:08.0009 0x384c  SystemInfo:
21:22:08.0010 0x384c  
21:22:08.0010 0x384c  OS Version: 10.0.10586 ServicePack: 0.0
21:22:08.0010 0x384c  Product type: Workstation
21:22:08.0010 0x384c  ComputerName: LUKAS
21:22:08.0010 0x384c  UserName: 19luigi96
21:22:08.0010 0x384c  Windows directory: C:\WINDOWS
21:22:08.0010 0x384c  System windows directory: C:\WINDOWS
21:22:08.0010 0x384c  Running under WOW64
21:22:08.0010 0x384c  Processor architecture: Intel x64
21:22:08.0010 0x384c  Number of processors: 8
21:22:08.0010 0x384c  Page size: 0x1000
21:22:08.0010 0x384c  Boot type: Normal boot
21:22:08.0010 0x384c  ============================================================
21:22:08.0140 0x384c  KLMD registered as C:\WINDOWS\system32\drivers\83567304.sys
21:22:08.0325 0x384c  System UUID: {DFA70C23-7619-EFFD-DF4F-31ECAC17E41E}
21:22:08.0834 0x384c  Drive \Device\Harddisk0\DR0 - Size: 0x1DCF856000 ( 119.24 Gb ), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:22:08.0834 0x384c  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:22:08.0837 0x384c  ============================================================
21:22:08.0837 0x384c  \Device\Harddisk0\DR0:
21:22:08.0837 0x384c  GPT partitions:
21:22:08.0837 0x384c  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {C6B6DAAE-710B-4126-812F-C5A1A507D748}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x12C000
21:22:08.0837 0x384c  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {000C2AEB-615B-405F-8802-05F24130C9DC}, Name: EFI system partition, StartLBA 0x12C800, BlocksNum 0x32000
21:22:08.0837 0x384c  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {BF8A662A-70C9-4B68-A517-7F0DC7550E82}, Name: Microsoft reserved partition, StartLBA 0x15E800, BlocksNum 0x40000
21:22:08.0837 0x384c  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {E9471D31-8A5C-4737-BAD9-70522B114D51}, Name: Basic data partition, StartLBA 0x19E800, BlocksNum 0xEBFC800
21:22:08.0837 0x384c  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {38BF1DA5-5700-4D1D-9F51-6D6E1752B984}, Name: , StartLBA 0xED9B000, BlocksNum 0xE1000
21:22:08.0837 0x384c  MBR partitions:
21:22:08.0837 0x384c  \Device\Harddisk1\DR1:
21:22:08.0838 0x384c  GPT partitions:
21:22:08.0838 0x384c  \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {7FFE6E93-6DA5-4CA6-A7A3-2CB43F12A380}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x726A9000
21:22:08.0838 0x384c  \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {6D371802-ECD1-46D9-B8AE-6957DC024193}, Name: Basic data partition, StartLBA 0x726A9800, BlocksNum 0x205D000
21:22:08.0838 0x384c  MBR partitions:
21:22:08.0838 0x384c  ============================================================
21:22:08.0839 0x384c  C: <-> \Device\Harddisk0\DR0\Partition4
21:22:08.0899 0x384c  D: <-> \Device\Harddisk1\DR1\Partition1
21:22:08.0899 0x384c  ============================================================
21:22:08.0899 0x384c  Initialize success
21:22:08.0899 0x384c  ============================================================
21:22:34.0302 0x1178  ============================================================
21:22:34.0302 0x1178  Scan started
21:22:34.0302 0x1178  Mode: Manual; SigCheck; TDLFS; 
21:22:34.0302 0x1178  ============================================================
21:22:34.0302 0x1178  KSN ping started
21:22:42.0311 0x1178  KSN ping finished: true
21:22:45.0478 0x1178  ================ Scan system memory ========================
21:22:45.0478 0x1178  System memory - ok
21:22:45.0478 0x1178  ================ Scan services =============================
21:22:45.0528 0x1178  1394ohci - ok
21:22:45.0531 0x1178  3ware - ok
21:22:45.0533 0x1178  ACPI - ok
21:22:45.0535 0x1178  acpiex - ok
21:22:45.0537 0x1178  acpipagr - ok
21:22:45.0540 0x1178  AcpiPmi - ok
21:22:45.0542 0x1178  acpitime - ok
21:22:45.0545 0x1178  ADP80XX - ok
21:22:45.0549 0x1178  AFD - ok
21:22:45.0551 0x1178  agp440 - ok
21:22:45.0554 0x1178  ahcache - ok
21:22:45.0556 0x1178  AJRouter - ok
21:22:45.0558 0x1178  ALG - ok
21:22:45.0561 0x1178  AmdK8 - ok
21:22:45.0564 0x1178  AmdPPM - ok
21:22:45.0566 0x1178  amdsata - ok
21:22:45.0568 0x1178  amdsbs - ok
21:22:45.0570 0x1178  amdxata - ok
21:22:45.0573 0x1178  [ A74D6CCEECD8DCDE348521E6A7F3FAE3, 6CC14CFA95C98B011F017F32ED6A0CFA48A108002F605835358FFBCF21EA3C9F ] AndnetBus       C:\WINDOWS\System32\drivers\lgandnetbus64.sys
21:22:45.0617 0x1178  AndnetBus - ok
21:22:45.0627 0x1178  [ FF7DBB0CC5D0576DF07C901D8451F40A, E1AEF2856DFBBE188698EC45AD15D6D677737068D38952CD7074C9BEB4B2F023 ] AndNetDiag      C:\WINDOWS\system32\DRIVERS\lgandnetdiag64.sys
21:22:45.0637 0x1178  AndNetDiag - ok
21:22:45.0640 0x1178  [ 24B6E19D8A068992114CF4EF6BDDD63A, 1CB4EAB27D93F4352CA957548EC2FEAE91175A23F71D83E81CE324B6CCA5E118 ] ANDNetModem     C:\WINDOWS\system32\DRIVERS\lgandnetmodem64.sys
21:22:45.0649 0x1178  ANDNetModem - ok
21:22:45.0651 0x1178  AppID - ok
21:22:45.0653 0x1178  AppIDSvc - ok
21:22:45.0656 0x1178  Appinfo - ok
21:22:45.0658 0x1178  AppReadiness - ok
21:22:45.0661 0x1178  AppXSvc - ok
21:22:45.0663 0x1178  arcsas - ok
21:22:45.0665 0x1178  AsyncMac - ok
21:22:45.0668 0x1178  atapi - ok
21:22:45.0670 0x1178  athr - ok
21:22:45.0672 0x1178  AudioEndpointBuilder - ok
21:22:45.0674 0x1178  Audiosrv - ok
21:22:45.0686 0x1178  [ 50C3C62FFE6337E6E4F2F01CB07DF63C, CC9C7D2827E872F22A2A79D42195530F61DF6EA6A1C8F520E25DB35537574FAB ] AVP16.0.0       C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
21:22:45.0702 0x1178  AVP16.0.0 - ok
21:22:45.0705 0x1178  AxInstSV - ok
21:22:45.0708 0x1178  b06bdrv - ok
21:22:45.0710 0x1178  BasicDisplay - ok
21:22:45.0713 0x1178  BasicRender - ok
21:22:45.0717 0x1178  bcmfn - ok
21:22:45.0720 0x1178  bcmfn2 - ok
21:22:45.0722 0x1178  BDESVC - ok
21:22:45.0724 0x1178  Beep - ok
21:22:45.0727 0x1178  BFE - ok
21:22:45.0729 0x1178  BITS - ok
21:22:45.0740 0x1178  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
21:22:45.0751 0x1178  Bonjour Service - ok
21:22:45.0754 0x1178  bowser - ok
21:22:45.0756 0x1178  BrokerInfrastructure - ok
21:22:45.0760 0x1178  Browser - ok
21:22:45.0765 0x1178  [ 63A00CDBEB300522C49EC7CA77324060, 99CB6D37C7D898982A192AAA8DE5CE255E6FA482E19FE9032BAA7069E652F6F5 ] BrSerIb         C:\WINDOWS\system32\DRIVERS\BrSerIb.sys
21:22:45.0771 0x1178  BrSerIb - ok
21:22:45.0774 0x1178  [ BBCFD6C6EF66449F55AF1BFDB08C9B12, D6D5D408FCFFF9ED69D095948E786C08EEECD5F55905A3D8FE2BB08944C5E1F2 ] BrUsbSIb        C:\WINDOWS\system32\DRIVERS\BrUsbSIb.sys
21:22:45.0779 0x1178  BrUsbSIb - ok
21:22:45.0782 0x1178  [ AF7DEA6A0E93AF8517A310D189B656BE, 008FE5102EE6B73A8D9AFC2B0E563C6A3567167380FCEDC538278240D2AE1FD4 ] BTATH_BUS       C:\WINDOWS\system32\drivers\btath_bus.sys
21:22:45.0787 0x1178  BTATH_BUS - ok
21:22:45.0800 0x1178  [ 239A81CC18170F3369D389DA65E74342, 5E26976176A6651B149784B1ED86ECCA133B7755EBB8B04361A8DDB705767AA3 ] BtFilter        C:\WINDOWS\system32\DRIVERS\btfilter.sys
21:22:45.0814 0x1178  BtFilter - ok
21:22:45.0817 0x1178  BthA2DP - ok
21:22:45.0819 0x1178  BthAvrcpTg - ok
21:22:45.0822 0x1178  BthEnum - ok
21:22:45.0825 0x1178  BthHFEnum - ok
21:22:45.0828 0x1178  bthhfhid - ok
21:22:45.0830 0x1178  BthHFSrv - ok
21:22:45.0832 0x1178  BthLEEnum - ok
21:22:45.0835 0x1178  BTHMODEM - ok
21:22:45.0837 0x1178  BthPan - ok
21:22:45.0839 0x1178  BTHPORT - ok
21:22:45.0842 0x1178  bthserv - ok
21:22:45.0844 0x1178  BTHUSB - ok
21:22:45.0847 0x1178  buttonconverter - ok
21:22:45.0872 0x1178  [ 52AE2CDD37AB735FBDA52263EFD524AA, 844103913E6079CC1C49B05FFB1CDC9A68692A8EE5A05C9C28FD272DFE534913 ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
21:22:45.0901 0x1178  c2cautoupdatesvc - ok
21:22:45.0933 0x1178  [ C35B91B6777E7C6DB67B8583D2AA66A7, CE3A004B560EB750442150FEEFEE074A11A17E66B3F2A489E8EF1DBCF8FE8390 ] c2cpnrsvc       C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
21:22:45.0966 0x1178  c2cpnrsvc - ok
21:22:45.0971 0x1178  CapImg - ok
21:22:45.0974 0x1178  cdfs - ok
21:22:45.0977 0x1178  CDPSvc - ok
21:22:45.0979 0x1178  cdrom - ok
21:22:45.0982 0x1178  CertPropSvc - ok
21:22:45.0984 0x1178  circlass - ok
21:22:45.0986 0x1178  CLFS - ok
21:22:45.0988 0x1178  ClipSVC - ok
21:22:45.0994 0x1178  CmBatt - ok
21:22:46.0003 0x1178  [ B2A6D2A30E93B6F215F74AC7E1733C9C, 960299F7BF2501B46296EDEA050BF30313C17A9B785574B56B79C070BD1B6E1A ] cm_km           C:\WINDOWS\system32\DRIVERS\cm_km.sys
21:22:46.0015 0x1178  cm_km - ok
21:22:46.0018 0x1178  CNG - ok
21:22:46.0020 0x1178  cnghwassist - ok
21:22:46.0040 0x1178  CompositeBus - ok
21:22:46.0043 0x1178  COMSysApp - ok
21:22:46.0045 0x1178  condrv - ok
21:22:46.0074 0x1178  [ B46F13958F918C00A9D3EF3B23613D8A, A5E18BFB828BA0789E17BBBD4BEF1D491EEA5F908CD7572F4B9089025CB5634B ] CoordinatorServiceHost C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe
21:22:46.0079 0x1178  CoordinatorServiceHost - ok
21:22:46.0082 0x1178  CoreMessagingRegistrar - ok
21:22:46.0117 0x1178  [ 700A193A1555B083E3A08F5D3A844925, 974F7F0C78289EFE821407E418EB65A022D6445DED8EA112B9866784AF0221EE ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
21:22:46.0130 0x1178  cphs - ok
21:22:46.0134 0x1178  CryptSvc - ok
21:22:46.0140 0x1178  dam - ok
21:22:46.0144 0x1178  DcomLaunch - ok
21:22:46.0147 0x1178  DcpSvc - ok
21:22:46.0149 0x1178  defragsvc - ok
21:22:46.0151 0x1178  DeviceAssociationService - ok
21:22:46.0154 0x1178  DeviceInstall - ok
21:22:46.0156 0x1178  DevQueryBroker - ok
21:22:46.0158 0x1178  Dfsc - ok
21:22:46.0161 0x1178  Dhcp - ok
21:22:46.0164 0x1178  diagnosticshub.standardcollector.service - ok
21:22:46.0166 0x1178  DiagTrack - ok
21:22:46.0168 0x1178  disk - ok
21:22:46.0171 0x1178  DmEnrollmentSvc - ok
21:22:46.0173 0x1178  dmvsc - ok
21:22:46.0175 0x1178  dmwappushservice - ok
21:22:46.0177 0x1178  Dnscache - ok
21:22:46.0180 0x1178  dot3svc - ok
21:22:46.0182 0x1178  DPS - ok
21:22:46.0190 0x1178  [ F8D8AD4CEE8949878B24CFC06F09B5B9, 0EEDDE26912926A8C8D4BA43F3D50D587F6CA115CAB05D9E06AC2249A0CC3DE6 ] DraftSight API Service C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe
21:22:46.0198 0x1178  DraftSight API Service - detected UnsignedFile.Multi.Generic ( 1 )
21:22:54.0305 0x48d8  Object required for P2P: [ C35B91B6777E7C6DB67B8583D2AA66A7 ] c2cpnrsvc
21:22:54.0331 0x1178  DraftSight API Service ( UnsignedFile.Multi.Generic ) - warning
21:22:54.0331 0x1178  Force sending object to P2P due to detect: DraftSight API Service
21:23:02.0405 0x48d8  Object send P2P result: true
21:23:02.0420 0x1178  Object send P2P result: true
21:23:10.0409 0x1178  drmkaud - ok
21:23:10.0413 0x1178  DsmSvc - ok
21:23:10.0416 0x1178  DsSvc - ok
21:23:10.0418 0x1178  DXGKrnl - ok
21:23:10.0421 0x1178  Eaphost - ok
21:23:10.0423 0x1178  ebdrv - ok
21:23:10.0425 0x1178  EFS - ok
21:23:10.0429 0x1178  EhStorClass - ok
21:23:10.0431 0x1178  EhStorTcgDrv - ok
21:23:10.0434 0x1178  embeddedmode - ok
21:23:10.0437 0x1178  EntAppSvc - ok
21:23:10.0479 0x1178  [ F800FEA3F6865E506AC2B218F25F1E38, 25E8EE3D009D52EDEF9F67587EA8E9E0FFD6094F3971B9470B0A7AC018AD469D ] ePowerSvc       C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
21:23:10.0524 0x1178  ePowerSvc - ok
21:23:10.0529 0x1178  epp - ok
21:23:10.0532 0x1178  ErrDev - ok
21:23:10.0537 0x1178  EventSystem - ok
21:23:10.0539 0x1178  exfat - ok
21:23:10.0541 0x1178  fastfat - ok
21:23:10.0544 0x1178  Fax - ok
21:23:10.0546 0x1178  fdc - ok
21:23:10.0549 0x1178  fdPHost - ok
21:23:10.0551 0x1178  FDResPub - ok
21:23:10.0554 0x1178  fhsvc - ok
21:23:10.0556 0x1178  FileCrypt - ok
21:23:10.0558 0x1178  FileInfo - ok
21:23:10.0561 0x1178  Filetrace - ok
21:23:10.0581 0x1178  [ 00EDB531DFB127197D625204B138269B, 0CE6536344CE30F06C6CD04BEB202C935B10439200B9CE792B4440D2EE3CB9D9 ] FlexNet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
21:23:10.0602 0x1178  FlexNet Licensing Service - ok
21:23:10.0630 0x1178  [ 668D43EFEB7F129584100CF6320E8A6F, 093254127A63420F93001BA63CF323AA4C17A38914D5B991E31F3B8C1971E9D7 ] FlexNet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
21:23:10.0657 0x1178  FlexNet Licensing Service 64 - ok
21:23:10.0662 0x1178  flpydisk - ok
21:23:10.0664 0x1178  FltMgr - ok
21:23:10.0666 0x1178  FontCache - ok
21:23:10.0670 0x1178  FontCache3.0.0.0 - ok
21:23:10.0672 0x1178  FsDepends - ok
21:23:10.0675 0x1178  Fs_Rec - ok
21:23:10.0678 0x1178  fvevol - ok
21:23:10.0681 0x1178  gagp30kx - ok
21:23:10.0684 0x1178  gencounter - ok
21:23:10.0686 0x1178  genericusbfn - ok
21:23:10.0708 0x1178  [ 154651F84794535631970749476B53E6, 62D94A36133EB1E1E403159619362E77B34BBE55282A6EE53E503E6DF6A9839E ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
21:23:10.0730 0x1178  GfExperienceService - ok
21:23:10.0734 0x1178  GPIOClx0101 - ok
21:23:10.0736 0x1178  gpsvc - ok
21:23:10.0738 0x1178  GpuEnergyDrv - ok
21:23:10.0743 0x1178  [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:23:10.0750 0x1178  gupdate - ok
21:23:10.0754 0x1178  [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:23:10.0760 0x1178  gupdatem - ok
21:23:10.0764 0x1178  [ 7F79205B4EFA98F0767309479C8C01C6, 4B576903A83F33A8CF31D3887144A3D51C56D1187115C83AC99C0E9F6B4BF128 ] Hamachi         C:\WINDOWS\system32\DRIVERS\Hamdrv.sys
21:23:10.0775 0x1178  Hamachi - ok
21:23:10.0816 0x1178  [ BDC536D4D5280451E12842DEAF7717E5, 7103AC074E2DD1B90FD88DF24E6503E7A6643768A5E43933AA995BE58EE5541E ] Hamachi2Svc     C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
21:23:10.0859 0x1178  Hamachi2Svc - ok
21:23:10.0864 0x1178  HDAudBus - ok
21:23:10.0866 0x1178  HidBatt - ok
21:23:10.0869 0x1178  HidBth - ok
21:23:10.0871 0x1178  hidi2c - ok
21:23:10.0873 0x1178  hidinterrupt - ok
21:23:10.0875 0x1178  HidIr - ok
21:23:10.0878 0x1178  hidserv - ok
21:23:10.0880 0x1178  HidUsb - ok
21:23:10.0882 0x1178  HomeGroupListener - ok
21:23:10.0884 0x1178  HomeGroupProvider - ok
21:23:10.0887 0x1178  HpSAMD - ok
21:23:10.0890 0x1178  [ 2C884CBC1CC8804B771C845CD683BA84, 4BDCD012AB9D2ED0A2831BB01F77DB47B83565527C4964CA7BE6FC66917AC265 ] HPSupportSolutionsFrameworkService C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
21:23:10.0897 0x1178  HPSupportSolutionsFrameworkService - ok
21:23:10.0900 0x1178  HTTP - ok
21:23:10.0902 0x1178  hwpolicy - ok
21:23:10.0904 0x1178  hyperkbd - ok
21:23:10.0906 0x1178  i8042prt - ok
21:23:10.0909 0x1178  iai2c - ok
21:23:10.0911 0x1178  iaLPSS2i_I2C - ok
21:23:10.0915 0x1178  iaLPSSi_GPIO - ok
21:23:10.0917 0x1178  iaLPSSi_I2C - ok
21:23:10.0919 0x1178  iaStorAV - ok
21:23:10.0922 0x1178  iaStorV - ok
21:23:10.0924 0x1178  ibbus - ok
21:23:10.0926 0x1178  icssvc - ok
21:23:10.0930 0x1178  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
21:23:10.0934 0x1178  IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
21:23:19.0056 0x1178  Detect skipped due to KSN trusted
21:23:19.0056 0x1178  IDriverT - ok
21:23:19.0059 0x1178  IEEtwCollectorService - ok
21:23:19.0153 0x1178  [ 548712979B0BA12ECE2D8549797593D4, 6809412A76DE30C914A65BB8546E436AD540E00610D5D13FDE486C4446E95C24 ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
21:23:19.0255 0x1178  igfx - ok
21:23:19.0269 0x1178  [ BA1BA1C9E40BCEB88678747C1E7C256F, C85CC690D353FCEBFD243304C25EEAA2BC13DB1E2A4C8C65371F455511540959 ] igfxCUIService2.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
21:23:19.0284 0x1178  igfxCUIService2.0.0.0 - ok
21:23:19.0286 0x1178  IKEEXT - ok
21:23:19.0290 0x1178  [ FC7C456AF9B9811499EDBD10616832EE, CA2D8B0E672D3AE449C2FF0B9E142D74E8C72FD877D11162A9F7CC51AF58220F ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
21:23:19.0296 0x1178  intaud_WaveExtensible - ok
21:23:19.0358 0x1178  [ C0A462BA7E9A07EFBD3571740F8D0145, 79AA2136EEBD07F5B66F177C64CA9B887A11DC777EDF5D1797C64611129FD32F ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
21:23:19.0424 0x1178  IntcAzAudAddService - ok
21:23:19.0438 0x1178  [ 42777B7BE4946135578E5C3BC1D2E4AD, CE4FF334238D0A98139676420E770A42DC0F5567F49D618B56CD55417F556D05 ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
21:23:19.0451 0x1178  IntcDAud - ok
21:23:19.0469 0x1178  [ 4C17F57E43645E75800E9E84787E34E5, 6A1531D97462BA3B3DBDAD472AF15B717C958AA8C5CE2373DE0B2A41C35BE33E ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
21:23:19.0487 0x1178  Intel(R) Capability Licensing Service TCP IP Interface - ok
21:23:19.0493 0x1178  [ 2390C395882F7773AB7D6CC2547B41DE, 220EBA14BC4A686ED9879D27900AD66ACD937899759A4319297E0F15DFAB247C ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
21:23:19.0499 0x1178  Intel(R) ME Service - ok
21:23:19.0503 0x1178  [ 4E8816C659026539CF740EEC006F32D5, 3CA822F6659CD701122DBAFF3568B5B7E7415BEE340B56E7C4A8E672EFADDEFF ] Intel(R) TA SAM C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe
21:23:19.0510 0x1178  Intel(R) TA SAM - ok
21:23:19.0515 0x1178  [ A10C371176065BC0D7CAC5389C9D73C9, 7071646D336DC077ADABC6609E145B53799B3AC3DCF5DCC23CE1F58511A05F7D ] Intel(R) TechnologyAccessLegacyCSLoader C:\Program Files\Intel Corporation\Intel(R) Technology Access\LegacyCsLoaderService.exe
21:23:19.0524 0x1178  Intel(R) TechnologyAccessLegacyCSLoader - ok
21:23:19.0534 0x1178  [ B926D92B9C6E1055FE8C1BF55AAED770, 6BD1580C4DCE535427C306B582279DB9094C68704BC17B98EBC4F509E63FEAC6 ] Intel(R) TechnologyAccessService C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe
21:23:19.0546 0x1178  Intel(R) TechnologyAccessService - ok
21:23:19.0549 0x1178  intelide - ok
21:23:19.0551 0x1178  intelpep - ok
21:23:19.0553 0x1178  intelppm - ok
21:23:19.0556 0x1178  IoQos - ok
21:23:19.0558 0x1178  IpFilterDriver - ok
21:23:19.0561 0x1178  iphlpsvc - ok
21:23:19.0563 0x1178  IPMIDRV - ok
21:23:19.0565 0x1178  IPNAT - ok
21:23:19.0567 0x1178  IRENUM - ok
21:23:19.0569 0x1178  isapnp - ok
21:23:19.0572 0x1178  iScsiPrt - ok
21:23:19.0578 0x1178  [ 16B5B394028D8ED80A569123A38DC4F7, 19839364B7A48584615F0ED56D94AB6E6F8159EAD826605F74C73845CE2C5C12 ] iumsvc          C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
21:23:19.0585 0x1178  iumsvc - ok
21:23:19.0589 0x1178  [ A90C843F4FDD7A07129BA73C6BE13976, A76DEA9F09E3B2F18D3B646A0DD39E2773EC62E2F3C55421BA61C12190D78C1C ] iwdbus          C:\WINDOWS\System32\drivers\iwdbus.sys
21:23:19.0594 0x1178  iwdbus - ok
21:23:19.0598 0x1178  [ BDC9C7931DB723CB1AF9F7075EA06645, EEBD5DC9C4656F14F8F0A0A5E84657B6B2BA35283E0E571119DA82F131D5C21B ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
21:23:19.0605 0x1178  jhi_service - ok
21:23:19.0608 0x1178  k57nd60a - ok
21:23:19.0610 0x1178  kbdclass - ok
21:23:19.0612 0x1178  kbdhid - ok
21:23:19.0615 0x1178  kdnic - ok
21:23:19.0616 0x1178  KeyIso - ok
21:23:19.0627 0x1178  [ BEE1682DA217A4AD46C36896769AA580, 4D853D78E459F7BFE4F4217FCAD47CDACFAC19C2F6CF8261FBAA46BDB387FFDC ] kl1             C:\WINDOWS\system32\DRIVERS\kl1.sys
21:23:19.0641 0x1178  kl1 - ok
21:23:19.0645 0x1178  [ 86F40D79CE80ACBE6BEBAC8CE89D75A0, 8B800425160D1AF3C32EF7B5CA794658EE09CD3EE782473D8D38E1C7706076B3 ] klbackupdisk    C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys
21:23:19.0650 0x1178  klbackupdisk - ok
21:23:19.0655 0x1178  [ 2B4BC41223326FF440E2DB32B9239138, E95D5BB3388D6B219A4C175D5DA77CEB620A27A13F5AA4E7E2C05694B6E26947 ] klbackupflt     C:\WINDOWS\system32\DRIVERS\klbackupflt.sys
21:23:19.0661 0x1178  klbackupflt - ok
21:23:19.0667 0x1178  [ 80D7529E1CF09261FADF55E69EFDA90B, 2FE5EC38866E12D78AE3F4AD8CF647BDED616E8A36D9D737F9B6564DDA4685E7 ] kldisk          C:\WINDOWS\system32\DRIVERS\kldisk.sys
21:23:19.0674 0x1178  kldisk - ok
21:23:19.0677 0x1178  [ E2097C8F18F1E8E3B7D09F12B51843A3, 0506A99BD0962AAE64692BD7F080DB080F8B678DC59685CF22830A47B486430C ] klelam          C:\WINDOWS\system32\DRIVERS\klelam.sys
21:23:19.0686 0x1178  klelam - ok
21:23:19.0692 0x1178  [ BACE50477C184A3AA0755702C23B8B27, 5708A1B7C22702AD2E5DD4491A911A51D2FB768E46857639C0C5D8736E487D0F ] klflt           C:\WINDOWS\system32\DRIVERS\klflt.sys
21:23:19.0700 0x1178  klflt - ok
21:23:19.0707 0x1178  [ 0698A6918DAF5B1710F5A5170C34FC03, 15CBA4089950812A5815D7517B6C25959A793A55A66F8AA6746618D42A849351 ] klhk            C:\WINDOWS\system32\DRIVERS\klhk.sys
21:23:19.0715 0x1178  klhk - ok
21:23:19.0733 0x1178  [ 3DC953B77F13031C7763464FC0AD1E71, B0142B8A9FB5889D7F76E16EA26F1EA9BC7F1770226CD139B3C932671EBD802B ] KLIF            C:\WINDOWS\system32\DRIVERS\klif.sys
21:23:19.0752 0x1178  KLIF - ok
21:23:19.0756 0x1178  [ E62321376344231F5F488758ACC6D553, 1155C1FDD5C95B05EABBD4268A7D3FFF050D0C0921B61226179C312605AB46C3 ] KLIM6           C:\WINDOWS\system32\DRIVERS\klim6.sys
21:23:19.0762 0x1178  KLIM6 - ok
21:23:19.0765 0x1178  [ DAE5768E6FD34A36E3B9D1AF1FCA682B, 24DA0B71E3B4AC0FABEE0BF687DF8D35283DBF808CA3AB6F86E72B37471F6B33 ] klkbdflt        C:\WINDOWS\system32\DRIVERS\klkbdflt.sys
21:23:19.0771 0x1178  klkbdflt - ok
21:23:19.0774 0x1178  [ FD47C92A63B6EADEA830BFA96C06EAEE, C15C39B6FA53CBD01A2F95243845C4B706B4229F8FFB75C7128819B9CEE5B2CB ] klmouflt        C:\WINDOWS\system32\DRIVERS\klmouflt.sys
21:23:19.0780 0x1178  klmouflt - ok
21:23:19.0783 0x1178  [ F610F5F17BC87D61EF8954CCD793BAE4, A77FE26B4A474FE799C3D569BDD7858319C57FC14C1BB43ECFAB1FDB19AF5DC6 ] klpd            C:\WINDOWS\system32\DRIVERS\klpd.sys
21:23:19.0789 0x1178  klpd - ok
21:23:19.0793 0x1178  [ 26D3895A519220E94D241A8858D40CD9, CBDE2B937D2897FC2F356F73D983023F7CBE3C9E8A2873877E5CAF40F3D9A680 ] klwfp           C:\WINDOWS\system32\DRIVERS\klwfp.sys
21:23:19.0800 0x1178  klwfp - ok
21:23:19.0804 0x1178  [ 91234D71CEED29F2DBA16942CABDCA4F, 5D71BAC86C33BC77EEBF1ECB8F372DFE631991E4C5F36EAF0C8C957150BD6D52 ] Klwtp           C:\WINDOWS\system32\DRIVERS\klwtp.sys
21:23:19.0811 0x1178  Klwtp - ok
21:23:19.0816 0x1178  [ 1686DE8288052316EFDD49EEA8929065, AD43D6ACCD8693BD76F218E1A4EE088BA061C1309A3E7DAA7EC94D875985D895 ] kneps           C:\WINDOWS\system32\DRIVERS\kneps.sys
21:23:19.0824 0x1178  kneps - ok
21:23:19.0832 0x1178  KSecDD - ok
21:23:19.0834 0x1178  KSecPkg - ok
21:23:19.0837 0x1178  ksthunk - ok
21:23:19.0839 0x1178  KtmRm - ok
21:23:19.0842 0x1178  LanmanServer - ok
21:23:19.0844 0x1178  LanmanWorkstation - ok
21:23:19.0848 0x1178  lfsvc - ok
21:23:19.0849 0x1178  LicenseManager - ok
21:23:19.0852 0x1178  lltdio - ok
21:23:19.0854 0x1178  lltdsvc - ok
21:23:19.0857 0x1178  [ 4ACC60B4CBC911F3F34A1D66213BBBF5, C09A87ACAE0D41FD425BAF076FFE9B601DB89BB66199E5BD72FC59C6A8E449DB ] LMDriver        C:\WINDOWS\System32\drivers\LMDriver.sys
21:23:19.0861 0x1178  LMDriver - ok
21:23:19.0864 0x1178  lmhosts - ok
21:23:19.0873 0x1178  [ D6BF6FD055BD719F3D62E51B90857159, A7777D18E404164B4DA531AD94D2A712D9CC6A9288795B7388037752A558E96F ] LMIGuardianSvc  C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
21:23:19.0883 0x1178  LMIGuardianSvc - ok
21:23:19.0893 0x1178  [ A7D2A96187E5C5F4F7650900A15788AA, F131C3E8206A89A9244ECF2507F4FC1A8550E594A58F75338939A54C973078AF ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
21:23:19.0903 0x1178  LMS - ok
21:23:19.0913 0x1178  [ 5059A4211317A8272F53B6179BB6A631, A2EB1BE89520A34597373635503A751B37B8EFD95820B4CAA1CE9A68A471AF73 ] LMSvc           C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
21:23:19.0924 0x1178  LMSvc - ok
21:23:19.0928 0x1178  LSI_SAS - ok
21:23:19.0931 0x1178  LSI_SAS2i - ok
21:23:19.0933 0x1178  LSI_SAS3i - ok
21:23:19.0935 0x1178  LSI_SSS - ok
21:23:19.0937 0x1178  LSM - ok
21:23:19.0939 0x1178  luafv - ok
21:23:19.0941 0x1178  MapsBroker - ok
21:23:19.0945 0x1178  [ 78BFF5425E044086E74E78650A359FBB, 294738C10F3ED933D4EC40EA0659372FCF19A3C6D45D356917438CA495F2CB45 ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys
21:23:19.0951 0x1178  MBAMProtector - ok
21:23:19.0977 0x1178  [ 9611577752E293259C7DCE19E9026362, 8CB5DFD63FA15603BB6FA6B501E09ED7F4DE0E8F68CB28B78CECAC3711BEFD24 ] MBAMScheduler   C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
21:23:20.0004 0x1178  MBAMScheduler - ok
21:23:20.0025 0x1178  [ F1A89A34388B5626F1548D393B23ECB1, EA00AC76C4C8C9340753B58A3313C9177A9B98F9F1BDE08F184CD0F53D0C186F ] MBAMService     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
21:23:20.0047 0x1178  MBAMService - ok
21:23:20.0054 0x1178  [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy   C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
21:23:20.0061 0x1178  MBAMSwissArmy - ok
21:23:20.0065 0x1178  [ 898415AC0B5F1D2A9A48ABCB68A6DC4B, E1FD9AE5E22E3E5A18288E66A6184E92A4B63A1274DCE147A7728BB09C6A225E ] MBAMWebAccessControl C:\WINDOWS\system32\drivers\mwac.sys
21:23:20.0070 0x1178  MBAMWebAccessControl - ok
21:23:20.0073 0x1178  megasas - ok
21:23:20.0075 0x1178  megasr - ok
21:23:20.0080 0x1178  [ AFEA4FAABCE6F0C299E9231FF4F466BE, BCF0C50F02C4AC2784139935F3756F5C4D24FCAF07ACD9567B87991A9D1F16DB ] MEIx64          C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys
21:23:20.0086 0x1178  MEIx64 - ok
21:23:20.0088 0x1178  MessagingService - ok
21:23:20.0115 0x1178  mlx4_bus - ok
21:23:20.0117 0x1178  MMCSS - ok
21:23:20.0119 0x1178  Modem - ok
21:23:20.0121 0x1178  monitor - ok
21:23:20.0123 0x1178  mouclass - ok
21:23:20.0126 0x1178  mouhid - ok
21:23:20.0128 0x1178  mountmgr - ok
21:23:20.0131 0x1178  mpsdrv - ok
21:23:20.0133 0x1178  MpsSvc - ok
21:23:20.0135 0x1178  MRxDAV - ok
21:23:20.0137 0x1178  mrxsmb - ok
21:23:20.0139 0x1178  mrxsmb10 - ok
21:23:20.0141 0x1178  mrxsmb20 - ok
21:23:20.0144 0x1178  MsBridge - ok
21:23:20.0146 0x1178  MSDTC - ok
21:23:20.0150 0x1178  Msfs - ok
21:23:20.0152 0x1178  msgpiowin32 - ok
21:23:20.0154 0x1178  mshidkmdf - ok
21:23:20.0156 0x1178  mshidumdf - ok
21:23:20.0158 0x1178  msisadrv - ok
21:23:20.0161 0x1178  MSiSCSI - ok
21:23:20.0163 0x1178  msiserver - ok
21:23:20.0165 0x1178  MSKSSRV - ok
21:23:20.0168 0x1178  MsLldp - ok
21:23:20.0170 0x1178  MSPCLOCK - ok
21:23:20.0172 0x1178  MSPQM - ok
21:23:20.0174 0x1178  MsRPC - ok
21:23:20.0177 0x1178  mssmbios - ok
21:23:20.0179 0x1178  MSTEE - ok
21:23:20.0182 0x1178  MTConfig - ok
21:23:20.0184 0x1178  Mup - ok
21:23:20.0186 0x1178  mvumis - ok
21:23:20.0189 0x1178  NativeWifiP - ok
21:23:20.0191 0x1178  NcaSvc - ok
21:23:20.0194 0x1178  NcbService - ok
21:23:20.0197 0x1178  NcdAutoSetup - ok
21:23:20.0199 0x1178  ndfltr - ok
21:23:20.0201 0x1178  NDIS - ok
21:23:20.0203 0x1178  NdisCap - ok
21:23:20.0206 0x1178  NdisImPlatform - ok
21:23:20.0210 0x1178  [ 93052B06C5E4F33B0A459DD3CDA0E8D4, 3A3C8D8F5D733E4E7D44DB026DDE88A1C117A9AA5275C42A5B16CE1EBE8CE908 ] ndisrd          C:\WINDOWS\system32\DRIVERS\ndisrfl.sys
21:23:20.0216 0x1178  ndisrd - ok
21:23:20.0219 0x1178  NdisTapi - ok
21:23:20.0221 0x1178  Ndisuio - ok
21:23:20.0223 0x1178  NdisVirtualBus - ok
21:23:20.0225 0x1178  NdisWan - ok
21:23:20.0228 0x1178  ndiswanlegacy - ok
21:23:20.0230 0x1178  ndproxy - ok
21:23:20.0232 0x1178  Ndu - ok
21:23:20.0234 0x1178  NetBIOS - ok
21:23:20.0238 0x1178  NetBT - ok
21:23:20.0240 0x1178  Netlogon - ok
21:23:20.0242 0x1178  Netman - ok
21:23:20.0244 0x1178  netprofm - ok
21:23:20.0247 0x1178  NetSetupSvc - ok
21:23:20.0250 0x1178  [ 3C3FEBD9D5CA88A92B8BCA720218D0BD, 394E9A4A9003F729B22C49FB4D63EFD044DF5263782500EB9DBB09BCC4884A41 ] NetTap630       C:\WINDOWS\system32\DRIVERS\nettap630.sys
21:23:20.0257 0x1178  NetTap630 - ok
21:23:20.0262 0x1178  NetTcpPortSharing - ok
21:23:20.0266 0x1178  NgcCtnrSvc - ok
21:23:20.0268 0x1178  NgcSvc - ok
21:23:20.0271 0x1178  NlaSvc - ok
21:23:20.0273 0x1178  Npfs - ok
21:23:20.0275 0x1178  npsvctrig - ok
21:23:20.0278 0x1178  nsi - ok
21:23:20.0280 0x1178  nsiproxy - ok
21:23:20.0283 0x1178  NTFS - ok
21:23:20.0285 0x1178  Null - ok
21:23:20.0473 0x1178  [ B5F9DEF00388F66891E4808DE6974048, 11EA5FD0A92D31A9627CB211C1109E4F716CEC3AC8AD8104B5700227E2F159E7 ] nvlddmkm        C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
21:23:20.0673 0x1178  nvlddmkm - ok
21:23:20.0716 0x1178  [ D2D76544A26DB7819CBDFC1F4A995B65, 528B529C21B2B9E580F15781918B302378CFAA1111F347ADE40476C484C2FA66 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
21:23:20.0748 0x1178  NvNetworkService - ok
21:23:20.0753 0x1178  nvraid - ok
21:23:20.0755 0x1178  nvstor - ok
21:23:20.0758 0x1178  [ 86893B821E35433759EBD7D21B56B42E, 4979D7F4B41AEA1CF693076D9574CE44ABE8F2584C7383510CB95EF324E70553 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
21:23:20.0763 0x1178  NvStreamKms - ok
21:23:20.0819 0x1178  [ 6917C4B6633B3F0BFAC3DB20011126A8, EE91CCA7453F749258B9EB884D4FDD4BFC32119EB69DD62D9961642233805522 ] NvStreamNetworkSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
21:23:20.0879 0x1178  NvStreamNetworkSvc - ok
21:23:20.0922 0x1178  [ 871DF38D1C791031988AC1932D6499FF, BCE58D69BB0D785787BA684F75F75D2F23E65037CAD6A70DBA5B91508DD90256 ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
21:23:20.0965 0x1178  NvStreamSvc - ok
21:23:20.0990 0x1178  [ 1542254423FBB8BE196856CCF1BDFD7B, D820DF2D0FFAF5198C92011503E2B1E0711B147DA6D95C4538989E13C63B73F5 ] nvsvc           C:\WINDOWS\system32\nvvsvc.exe
21:23:21.0019 0x1178  nvsvc - ok
21:23:21.0024 0x1178  [ 0BAF8B3DF77EFF04CC0BEA5F2C3657F9, 8E7A542E20416835F31B8648B5724446A78609C0ACC26FCC20E885CF83BE9CB2 ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
21:23:21.0030 0x1178  nvvad_WaveExtensible - ok
21:23:21.0033 0x1178  nv_agp - ok
21:23:21.0035 0x1178  OneSyncSvc - ok
21:23:21.0091 0x1178  [ 4F2ED8FB21F127DC1FA98D4CA2279E75, 96DB5DF9C55757EB2F761309036F87D8C55BAB2851FBB716A02A9248712CB13A ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
21:23:21.0124 0x1178  Origin Client Service - ok
21:23:21.0132 0x1178  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:23:21.0139 0x1178  ose - ok
21:23:21.0218 0x1178  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:23:21.0301 0x1178  osppsvc - ok
21:23:21.0308 0x1178  p2pimsvc - ok
21:23:21.0310 0x1178  p2psvc - ok
21:23:21.0312 0x1178  Parport - ok
21:23:21.0315 0x1178  partmgr - ok
21:23:21.0317 0x1178  PcaSvc - ok
21:23:21.0319 0x1178  pci - ok
21:23:21.0321 0x1178  pciide - ok
21:23:21.0323 0x1178  pcmcia - ok
21:23:21.0326 0x1178  pcw - ok
21:23:21.0328 0x1178  pdc - ok
21:23:21.0331 0x1178  PEAUTH - ok
21:23:21.0333 0x1178  percsas2i - ok
21:23:21.0335 0x1178  percsas3i - ok
21:23:21.0364 0x1178  PerfHost - ok
21:23:21.0370 0x1178  PhoneSvc - ok
21:23:21.0372 0x1178  PimIndexMaintenanceSvc - ok
21:23:21.0401 0x1178  pla - ok
21:23:21.0403 0x1178  PlugPlay - ok
21:23:21.0406 0x1178  PNRPAutoReg - ok
21:23:21.0408 0x1178  PNRPsvc - ok
21:23:21.0411 0x1178  PolicyAgent - ok
21:23:21.0414 0x1178  Power - ok
21:23:21.0416 0x1178  PptpMiniport - ok
21:23:21.0479 0x1178  [ 959F94AD1255BC749884EDDD14EC29C4, 2CD6DA9778EA36FA0B4080F6DB1C634712238E014E47546403CD3CDB35A1DCA8 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
21:23:21.0567 0x1178  PrintNotify - ok
21:23:21.0572 0x1178  Processor - ok
21:23:21.0574 0x1178  ProfSvc - ok
21:23:21.0577 0x1178  Psched - ok
21:23:21.0587 0x1178  [ 2ACAB8C99FFCB2555A5979944D26EB50, BA0543FEBFCB50A7A379D695F110DB0C6CB5AA299D3C517FE270635044F00BFA ] QASvc           C:\Program Files\Acer\Acer Quick Access\QASvc.exe
21:23:21.0598 0x1178  QASvc - ok
21:23:21.0602 0x1178  QWAVE - ok
21:23:21.0604 0x1178  QWAVEdrv - ok
21:23:21.0607 0x1178  [ 6A52182919E25FB56D253D389F92CE98, AE6497D5CF324CB813248ADECB0F53E5CB3D6C326774E2257319E4CE7782C591 ] RadioShim       C:\WINDOWS\System32\drivers\RadioShim.sys
21:23:21.0611 0x1178  RadioShim - ok
21:23:21.0614 0x1178  RasAcd - ok
21:23:21.0616 0x1178  RasAgileVpn - ok
21:23:21.0619 0x1178  RasAuto - ok
21:23:21.0621 0x1178  Rasl2tp - ok
21:23:21.0623 0x1178  RasMan - ok
21:23:21.0626 0x1178  RasPppoe - ok
21:23:21.0628 0x1178  RasSstp - ok
21:23:21.0630 0x1178  rdbss - ok
21:23:21.0633 0x1178  rdpbus - ok
21:23:21.0635 0x1178  RDPDR - ok
21:23:21.0638 0x1178  RdpVideoMiniport - ok
21:23:21.0641 0x1178  rdyboost - ok
21:23:21.0643 0x1178  ReFSv1 - ok
21:23:21.0646 0x1178  RemoteAccess - ok
21:23:21.0648 0x1178  RemoteRegistry - ok
21:23:21.0651 0x1178  RetailDemo - ok
21:23:21.0653 0x1178  RFCOMM - ok
21:23:21.0662 0x1178  [ 41DDCF1ADD1FB7DE23DCF671740DDBE6, 87ECB5C883CEFF76D126A5B4D92E069C9298FA5B62CC981870F9ECCA13C074F1 ] RichVideo       C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
21:23:21.0669 0x1178  RichVideo - ok
21:23:21.0679 0x1178  [ 858DB87C457D2B44DDEF876B170AAACE, E59D06DCBD94573A89D98B58C46A3DA0AD115831D2A0FBD2F7940A6694504A28 ] RMSvc           C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
21:23:21.0690 0x1178  RMSvc - ok
21:23:21.0698 0x1178  RpcEptMapper - ok
21:23:21.0700 0x1178  RpcLocator - ok
21:23:21.0702 0x1178  RpcSs - ok
21:23:21.0704 0x1178  rspndr - ok
21:23:21.0714 0x1178  [ 3940780911A7BD1793B7CEEC9E4429C2, 539511D26D2EE348F80D9EFA414FD731983B14D8218E498217E7A0A0E439E41C ] RTSUER          C:\WINDOWS\system32\Drivers\RtsUer.sys
21:23:21.0730 0x1178  RTSUER - ok
21:23:21.0733 0x1178  s3cap - ok
21:23:21.0735 0x1178  SamSs - ok
21:23:21.0737 0x1178  sbp2port - ok
21:23:21.0740 0x1178  SCardSvr - ok
21:23:21.0741 0x1178  ScDeviceEnum - ok
21:23:21.0744 0x1178  scfilter - ok
21:23:21.0746 0x1178  Schedule - ok
21:23:21.0749 0x1178  SCPolicySvc - ok
21:23:21.0751 0x1178  sdbus - ok
21:23:21.0753 0x1178  SDRSVC - ok
21:23:21.0755 0x1178  sdstor - ok
21:23:21.0757 0x1178  seclogon - ok
21:23:21.0760 0x1178  SENS - ok
21:23:21.0763 0x1178  SensorDataService - ok
21:23:21.0765 0x1178  SensorService - ok
21:23:21.0767 0x1178  SensrSvc - ok
21:23:21.0770 0x1178  SerCx - ok
21:23:21.0773 0x1178  SerCx2 - ok
21:23:21.0775 0x1178  Serenum - ok
21:23:21.0778 0x1178  Serial - ok
21:23:21.0780 0x1178  sermouse - ok
21:23:21.0785 0x1178  SessionEnv - ok
21:23:21.0788 0x1178  sfloppy - ok
21:23:21.0790 0x1178  SharedAccess - ok
21:23:21.0795 0x1178  ShellHWDetection - ok
21:23:21.0797 0x1178  SiSRaid2 - ok
21:23:21.0799 0x1178  SiSRaid4 - ok
21:23:21.0807 0x1178  [ 3E98CE04689597C76B3EF4D3D0323836, F7FFF675066281190C236F2995EB003A1779231E5164EEE6BEE334A4240B1DF9 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
21:23:21.0817 0x1178  SkypeUpdate - ok
21:23:21.0820 0x1178  smphost - ok
21:23:21.0823 0x1178  SmsRouter - ok
21:23:21.0828 0x1178  SNMPTRAP - ok
21:23:21.0831 0x1178  [ 4945020BC094C322571184A6E8056B3A, 9E09257411F7C3631537D0198E0E64CDD1A697D80430F6379139B15A2BA8A6C9 ] SolidWorks Licensing Service C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
21:23:21.0835 0x1178  SolidWorks Licensing Service - detected UnsignedFile.Multi.Generic ( 1 )
21:23:27.0788 0x6ddc  Object required for P2P: [ 3E98CE04689597C76B3EF4D3D0323836 ] SkypeUpdate
21:23:27.0886 0x1178  Detect skipped due to KSN trusted
21:23:27.0886 0x1178  SolidWorks Licensing Service - ok
21:23:27.0889 0x1178  spaceport - ok
21:23:27.0891 0x1178  SpbCx - ok
21:23:27.0894 0x1178  Spooler - ok
21:23:27.0896 0x1178  sppsvc - ok
21:23:27.0899 0x1178  srv - ok
21:23:27.0902 0x1178  srv2 - ok
21:23:27.0904 0x1178  srvnet - ok
21:23:27.0906 0x1178  SSDPSRV - ok
21:23:27.0911 0x1178  SstpSvc - ok
21:23:27.0914 0x1178  StateRepository - ok
21:23:27.0916 0x1178  stexstor - ok
21:23:27.0919 0x1178  [ 2834415C4EDD6CE35CB3CFEC50E08469, 28426616C709457DF38B5E2B4B9666C1255B81D2097589A95AAABD1BFACD302A ] StillCam        C:\WINDOWS\system32\DRIVERS\serscan.sys
21:23:27.0929 0x64f8  Object required for P2P: [ 86893B821E35433759EBD7D21B56B42E ] NvStreamKms
21:23:27.0929 0x1178  StillCam - ok
21:23:27.0932 0x1178  stisvc - ok
21:23:27.0934 0x1178  storahci - ok
21:23:27.0937 0x1178  storflt - ok
21:23:27.0939 0x1178  stornvme - ok
21:23:27.0942 0x1178  storqosflt - ok
21:23:27.0944 0x1178  StorSvc - ok
21:23:27.0946 0x1178  storufs - ok
21:23:27.0949 0x1178  storvsc - ok
21:23:27.0951 0x1178  svsvc - ok
21:23:27.0953 0x1178  swenum - ok
21:23:27.0955 0x1178  swprv - ok
21:23:27.0957 0x1178  Synth3dVsc - ok
21:23:27.0960 0x1178  SysMain - ok
21:23:27.0962 0x1178  SystemEventsBroker - ok
21:23:27.0965 0x1178  TabletInputService - ok
21:23:27.0967 0x1178  TapiSrv - ok
21:23:27.0969 0x1178  Tcpip - ok
21:23:27.0971 0x1178  Tcpip6 - ok
21:23:27.0974 0x1178  tcpipreg - ok
21:23:27.0978 0x1178  tdx - ok
21:23:27.0980 0x1178  terminpt - ok
21:23:27.0983 0x1178  TermService - ok
21:23:27.0985 0x1178  Themes - ok
21:23:27.0987 0x1178  TieringEngineService - ok
21:23:27.0990 0x1178  tiledatamodelsvc - ok
21:23:27.0992 0x1178  TimeBroker - ok
21:23:27.0996 0x1178  TPM - ok
21:23:27.0998 0x1178  TrkWks - ok
21:23:28.0000 0x1178  TrustedInstaller - ok
21:23:28.0003 0x1178  tsusbflt - ok
21:23:28.0005 0x1178  TsUsbGD - ok
21:23:28.0008 0x1178  tunnel - ok
21:23:28.0010 0x1178  tzautoupdate - ok
21:23:28.0012 0x1178  uagp35 - ok
21:23:28.0015 0x1178  UASPStor - ok
21:23:28.0017 0x1178  UcmCx0101 - ok
21:23:28.0019 0x1178  UcmUcsi - ok
21:23:28.0021 0x1178  Ucx01000 - ok
21:23:28.0023 0x1178  UdeCx - ok
21:23:28.0025 0x1178  udfs - ok
21:23:28.0028 0x1178  UEFI - ok
21:23:28.0035 0x1178  [ EE33325429532937D51AC3F54DC93589, D861B541E42F41EDC69A2A3B44860E40164D797D11B4343495DE6281D33F718C ] UEIPSvc         C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
21:23:28.0043 0x1178  UEIPSvc - ok
21:23:28.0045 0x1178  Ufx01000 - ok
21:23:28.0048 0x1178  UfxChipidea - ok
21:23:28.0050 0x1178  ufxsynopsys - ok
21:23:28.0055 0x1178  UI0Detect - ok
21:23:28.0057 0x1178  uliagpkx - ok
21:23:28.0060 0x1178  umbus - ok
21:23:28.0062 0x1178  UmPass - ok
21:23:28.0065 0x1178  UmRdpService - ok
21:23:28.0068 0x1178  UnistoreSvc - ok
21:23:28.0096 0x1178  upnphost - ok
21:23:28.0099 0x1178  UrsChipidea - ok
21:23:28.0101 0x1178  UrsCx01000 - ok
21:23:28.0105 0x1178  UrsSynopsys - ok
21:23:28.0106 0x1178  usbaudio - ok
21:23:28.0108 0x1178  usbccgp - ok
21:23:28.0111 0x1178  usbcir - ok
21:23:28.0113 0x1178  usbehci - ok
21:23:28.0115 0x1178  usbhub - ok
21:23:28.0118 0x1178  USBHUB3 - ok
21:23:28.0120 0x1178  usbohci - ok
21:23:28.0122 0x1178  usbprint - ok
21:23:28.0125 0x1178  [ D67B6A4A6FB99D29444C2DBA2B636799, 62BC778D60593B2AB0DA13C4DB3EA5971895AE09DA06E8AB2D03973C940C890C ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
21:23:28.0135 0x1178  usbscan - ok
21:23:28.0138 0x1178  usbser - ok
21:23:28.0140 0x1178  USBSTOR - ok
21:23:28.0145 0x1178  [ C44D96B1CDDE705B23F55AB423CCA73D, AB9842E90DD3D686E66BDBE043EB0068272B611D6F63C818EB9D1B6FE2FE23BD ] USBTINSP        C:\WINDOWS\System32\drivers\tinspusb.sys
21:23:28.0154 0x1178  USBTINSP - ok
21:23:28.0157 0x1178  usbuhci - ok
21:23:28.0159 0x1178  usbvideo - ok
21:23:28.0162 0x1178  USBXHCI - ok
21:23:28.0164 0x1178  UserDataSvc - ok
21:23:28.0192 0x1178  UserManager - ok
21:23:28.0194 0x1178  UsoSvc - ok
21:23:28.0197 0x1178  VaultSvc - ok
21:23:28.0199 0x1178  vdrvroot - ok
21:23:28.0201 0x1178  vds - ok
21:23:28.0204 0x1178  VerifierExt - ok
21:23:28.0206 0x1178  vhdmp - ok
21:23:28.0209 0x1178  vhf - ok
21:23:28.0212 0x1178  vmbus - ok
21:23:28.0214 0x1178  VMBusHID - ok
21:23:28.0217 0x1178  vmicguestinterface - ok
21:23:28.0219 0x1178  vmicheartbeat - ok
21:23:28.0221 0x1178  vmickvpexchange - ok
21:23:28.0223 0x1178  vmicrdv - ok
21:23:28.0226 0x1178  vmicshutdown - ok
21:23:28.0229 0x1178  vmictimesync - ok
21:23:28.0231 0x1178  vmicvmsession - ok
21:23:28.0233 0x1178  vmicvss - ok
21:23:28.0235 0x1178  volmgr - ok
21:23:28.0237 0x1178  volmgrx - ok
21:23:28.0240 0x1178  volsnap - ok
21:23:28.0242 0x1178  vpci - ok
21:23:28.0245 0x1178  vsmraid - ok
21:23:28.0247 0x1178  VSS - ok
21:23:28.0256 0x1178  [ 79F4D90FAA0ACC1866F2F3E03E39CA89, EE08BCBF29A7E4AFFF520B8DF067281425F433EC275F8C86CE8F20F000E92E3D ] vssbrigde64     C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe
21:23:28.0263 0x1178  vssbrigde64 - ok
21:23:28.0265 0x1178  VSTXRAID - ok
21:23:28.0268 0x1178  vwifibus - ok
21:23:28.0271 0x1178  vwififlt - ok
21:23:28.0273 0x1178  vwifimp - ok
21:23:28.0276 0x1178  W32Time - ok
21:23:28.0278 0x1178  WacomPen - ok
21:23:28.0281 0x1178  WalletService - ok
21:23:28.0283 0x1178  wanarp - ok
21:23:28.0285 0x1178  wanarpv6 - ok
21:23:28.0288 0x1178  wbengine - ok
21:23:28.0290 0x1178  WbioSrvc - ok
21:23:28.0293 0x1178  Wcmsvc - ok
21:23:28.0296 0x1178  wcncsvc - ok
21:23:28.0298 0x1178  WcsPlugInService - ok
21:23:28.0300 0x1178  WdBoot - ok
21:23:28.0303 0x1178  Wdf01000 - ok
21:23:28.0305 0x1178  WdFilter - ok
21:23:28.0307 0x1178  WdiServiceHost - ok
21:23:28.0310 0x1178  WdiSystemHost - ok
21:23:28.0313 0x1178  wdiwifi - ok
21:23:28.0315 0x1178  WdNisDrv - ok
21:23:28.0317 0x1178  WdNisSvc - ok
21:23:28.0320 0x1178  WebClient - ok
21:23:28.0322 0x1178  Wecsvc - ok
21:23:28.0325 0x1178  WEPHOSTSVC - ok
21:23:28.0327 0x1178  wercplsupport - ok
21:23:28.0330 0x1178  WerSvc - ok
21:23:28.0332 0x1178  WFPLWFS - ok
21:23:28.0334 0x1178  WiaRpc - ok
21:23:28.0337 0x1178  WIMMount - ok
21:23:28.0338 0x1178  WinDefend - ok
21:23:28.0344 0x1178  WindowsTrustedRT - ok
21:23:28.0346 0x1178  WindowsTrustedRTProxy - ok
21:23:28.0349 0x1178  WinHttpAutoProxySvc - ok
21:23:28.0351 0x1178  WinMad - ok
21:23:28.0356 0x1178  Winmgmt - ok
21:23:28.0359 0x1178  WinRM - ok
21:23:28.0364 0x1178  WINUSB - ok
21:23:28.0365 0x1178  WinVerbs - ok
21:23:28.0369 0x1178  WlanSvc - ok
21:23:28.0371 0x1178  wlidsvc - ok
21:23:28.0373 0x1178  WmiAcpi - ok
21:23:28.0377 0x1178  wmiApSrv - ok
21:23:28.0379 0x1178  WMPNetworkSvc - ok
21:23:28.0386 0x1178  [ 2A9650FCC696DB28E45EA8B33B99B8E6, FBEBC6C05D50F578C6EEE0A7285EBE1DEADB08DD21FA3232630FD8D5A68FC3FB ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
21:23:28.0398 0x1178  Wof - ok
21:23:28.0402 0x1178  workfolderssvc - ok
21:23:28.0404 0x1178  wpcfltr - ok
21:23:28.0407 0x1178  WPDBusEnum - ok
21:23:28.0410 0x1178  WpdUpFltr - ok
21:23:28.0412 0x1178  WpnService - ok
21:23:28.0415 0x1178  ws2ifsl - ok
21:23:28.0417 0x1178  wscsvc - ok
21:23:28.0420 0x1178  WSDPrintDevice - ok
21:23:28.0422 0x1178  WSDScan - ok
21:23:28.0424 0x1178  WSearch - ok
21:23:28.0428 0x1178  WSService - ok
21:23:28.0430 0x1178  wuauserv - ok
21:23:28.0432 0x1178  WudfPf - ok
21:23:28.0435 0x1178  WUDFRd - ok
21:23:28.0437 0x1178  wudfsvc - ok
21:23:28.0440 0x1178  WUDFWpdFs - ok
21:23:28.0442 0x1178  WUDFWpdMtp - ok
21:23:28.0445 0x1178  WwanSvc - ok
21:23:28.0448 0x1178  XblAuthManager - ok
21:23:28.0450 0x1178  XblGameSave - ok
21:23:28.0453 0x1178  xboxgip - ok
21:23:28.0455 0x1178  XboxNetApiSvc - ok
21:23:28.0458 0x1178  xinputhid - ok
21:23:28.0459 0x1178  ================ Scan global ===============================
21:23:28.0469 0x1178  [ Global ] - ok
21:23:28.0469 0x1178  ================ Scan MBR ==================================
21:23:28.0470 0x1178  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
21:23:28.0493 0x1178  \Device\Harddisk0\DR0 - ok
21:23:28.0494 0x1178  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
21:23:29.0027 0x1178  \Device\Harddisk1\DR1 - ok
21:23:29.0028 0x1178  ================ Scan VBR ==================================
21:23:29.0030 0x1178  [ 03D548E55A681A951986B9218CE2C7EC ] \Device\Harddisk0\DR0\Partition1
21:23:29.0032 0x1178  \Device\Harddisk0\DR0\Partition1 - ok
21:23:29.0034 0x1178  [ 75CC1B2347FB75DDBD30DD61C221A0E1 ] \Device\Harddisk0\DR0\Partition2
21:23:29.0035 0x1178  \Device\Harddisk0\DR0\Partition2 - ok
21:23:29.0037 0x1178  [ 2B97C6ED32253AE89C72F74EC2CA498B ] \Device\Harddisk0\DR0\Partition3
21:23:29.0037 0x1178  \Device\Harddisk0\DR0\Partition3 - ok
21:23:29.0039 0x1178  [ 7C0387306F082AD8C008C2CD00552A11 ] \Device\Harddisk0\DR0\Partition4
21:23:29.0040 0x1178  \Device\Harddisk0\DR0\Partition4 - ok
21:23:29.0041 0x1178  [ EDE91A49EBC5D72C12753712040D1345 ] \Device\Harddisk0\DR0\Partition5
21:23:29.0043 0x1178  \Device\Harddisk0\DR0\Partition5 - ok
21:23:29.0047 0x1178  [ F3E3A02FEC0984A5853C66D3D2572675 ] \Device\Harddisk1\DR1\Partition1
21:23:29.0163 0x1178  \Device\Harddisk1\DR1\Partition1 - ok
21:23:29.0206 0x1178  [ FC6D43828A88492B87AF4E883C883CD6 ] \Device\Harddisk1\DR1\Partition2
21:23:29.0226 0x1178  \Device\Harddisk1\DR1\Partition2 - ok
21:23:29.0226 0x1178  ================ Scan generic autorun ======================
21:23:29.0426 0x1178  [ 92894CE1B4DBBB9BB55EA0A1E6E7DF99, 06E575611BEF01D75789DD92AFE33A6CE9BA18831AD97E7C096BE6C2B0BFE64A ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
21:23:29.0662 0x1178  RtHDVCpl - ok
21:23:29.0696 0x1178  [ 01F0FC06366F80BF8964708042E0D9F5, 7DEA61576AC17C902B6041EE168BEF2AF2A43401829D2FF7E19747ED8D43B16D ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
21:23:29.0725 0x1178  RtHDVBg_Dolby - ok
21:23:29.0763 0x1178  [ 8792B098E4B72A53ACC14FCD7DB4261A, B70273E2CCDB120C1B4F80E49DC7EFF574E2E0BB80E4B5C8D2383CD21DBBE34D ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
21:23:29.0810 0x1178  NvBackend - ok
21:23:29.0813 0x1178  ShadowPlay - ok
21:23:29.0816 0x1178  [ 9B60E29C094772FAAAA3D0C95C582A7A, E1654FD77F74C801A48CED2627660FDE3D3701E9994B43EC0DEBE063516D3F06 ] C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
21:23:29.0818 0x1178  Suspicious file ( Forged ): C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe. Real md5: 9B60E29C094772FAAAA3D0C95C582A7A, sha256: E1654FD77F74C801A48CED2627660FDE3D3701E9994B43EC0DEBE063516D3F06, fake md5: 1B9F7D3F5BFBF0415C6244E06587D301, fake sha256: E187B63D2D0ABCAD533F5B54F3F44368429297CA2B8BAB8D3ED7CC40F28170D6
21:23:29.0818 0x1178  BacKGround Agent - detected ForgedFile.Multi.Generic ( 1 )
21:23:35.0740 0x1178  BacKGround Agent ( ForgedFile.Multi.Generic ) - warning
21:23:35.0856 0x64f8  Object send P2P result: true
21:23:35.0856 0x64f8  Object required for P2P: [ 6917C4B6633B3F0BFAC3DB20011126A8 ] NvStreamNetworkSvc
21:23:35.0883 0x6ddc  Object send P2P result: true
21:23:43.0704 0x1178  [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
21:23:43.0710 0x1178  HP Software Update - ok
21:23:43.0738 0x1178  OneDriveSetup - ok
21:23:43.0739 0x1178  OneDriveSetup - ok
21:23:43.0740 0x1178  AcerCloud - ok
21:23:43.0794 0x64f8  Object send P2P result: true
21:23:43.0795 0x64f8  Object required for P2P: [ 1542254423FBB8BE196856CCF1BDFD7B ] nvsvc
21:23:43.0797 0x1178  [ 501E808B5832505C51F539874E586353, 2F0C36BBB52052DD86E31BD7E0D3B7DD3BB7CF84E212900518E9CBE0C935DC43 ] C:\Program Files\HP\HP Officejet Pro 8620\Bin\ScanToPCActivationApp.exe
21:23:43.0863 0x1178  HP Officejet Pro 8620 (NET) - ok
21:23:43.0920 0x1178  [ 501E808B5832505C51F539874E586353, 2F0C36BBB52052DD86E31BD7E0D3B7DD3BB7CF84E212900518E9CBE0C935DC43 ] C:\Program Files\HP\HP Officejet Pro 8620\Bin\ScanToPCActivationApp.exe
21:23:43.0976 0x1178  HP Officejet Pro 8620 (NET) #2 - ok
21:23:44.0006 0x1178  [ 8E3A4D64A060C5CAA90F3B0C15A7DFE9, 62CEE1449AF368A5FA16DDF9690526965C32979564CF66BD8B3BB534110A910C ] C:\Users\19luigi96\AppData\Roaming\Spotify\SpotifyWebHelper.exe
21:23:44.0033 0x1178  Spotify Web Helper - ok
21:23:44.0185 0x1178  [ E93D62A6DB736AA82A3EEDDFDFE73311, 96EC57F66EE1A36580536518A814299DE6D5DACC0026F5A659B41918434ED8FA ] C:\Program Files\CCleaner\CCleaner64.exe
21:23:44.0340 0x1178  CCleaner Monitoring - ok
21:23:44.0352 0x1178  Uninstall C:\Users\19luigi96\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64 - ok
21:23:44.0353 0x1178  OneDriveSetup - ok
21:23:44.0354 0x1178  WAB Migrate - ok
21:23:44.0355 0x1178  Waiting for KSN requests completion. In queue: 14
21:23:45.0355 0x1178  Waiting for KSN requests completion. In queue: 14
21:23:46.0355 0x1178  Waiting for KSN requests completion. In queue: 14
21:23:47.0356 0x1178  Waiting for KSN requests completion. In queue: 14
21:23:48.0356 0x1178  Waiting for KSN requests completion. In queue: 14
21:23:49.0357 0x1178  Waiting for KSN requests completion. In queue: 14
21:23:50.0357 0x1178  Waiting for KSN requests completion. In queue: 14
21:23:51.0357 0x1178  Waiting for KSN requests completion. In queue: 14
21:23:51.0764 0x6f2c  Object required for P2P: [ 8E3A4D64A060C5CAA90F3B0C15A7DFE9 ] C:\Users\19luigi96\AppData\Roaming\Spotify\SpotifyWebHelper.exe
21:23:51.0889 0x64f8  Object send P2P result: true
21:23:52.0357 0x1178  Waiting for KSN requests completion. In queue: 2
21:23:53.0357 0x1178  Waiting for KSN requests completion. In queue: 2
21:23:54.0358 0x1178  Waiting for KSN requests completion. In queue: 2
21:23:55.0358 0x1178  Waiting for KSN requests completion. In queue: 2
21:23:56.0358 0x1178  Waiting for KSN requests completion. In queue: 2
21:23:57.0358 0x1178  Waiting for KSN requests completion. In queue: 2
21:23:58.0358 0x1178  Waiting for KSN requests completion. In queue: 2
21:23:59.0359 0x1178  Waiting for KSN requests completion. In queue: 2
21:23:59.0823 0x6f2c  Object send P2P result: true
21:23:59.0823 0x6f2c  Object required for P2P: [ E93D62A6DB736AA82A3EEDDFDFE73311 ] C:\Program Files\CCleaner\CCleaner64.exe
21:24:00.0359 0x1178  Waiting for KSN requests completion. In queue: 1
21:24:01.0359 0x1178  Waiting for KSN requests completion. In queue: 1
21:24:02.0360 0x1178  Waiting for KSN requests completion. In queue: 1
21:24:03.0360 0x1178  Waiting for KSN requests completion. In queue: 1
21:24:04.0360 0x1178  Waiting for KSN requests completion. In queue: 1
21:24:05.0360 0x1178  Waiting for KSN requests completion. In queue: 1
21:24:06.0361 0x1178  Waiting for KSN requests completion. In queue: 1
21:24:07.0361 0x1178  Waiting for KSN requests completion. In queue: 1
21:24:07.0926 0x6f2c  Object send P2P result: true
21:24:08.0396 0x1178  AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\wmiav.exe ( 16.0.0.614 ), 0x41000 ( enabled : updated )
21:24:08.0399 0x1178  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.9.10586.0 ), 0x60100 ( disabled : updated )
21:24:08.0400 0x1178  FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\wmiav.exe ( 16.0.0.614 ), 0x41010 ( enabled )
21:24:16.0376 0x1178  ============================================================
21:24:16.0376 0x1178  Scan finished
21:24:16.0376 0x1178  ============================================================
21:24:16.0382 0x4b10  Detected object count: 2
21:24:16.0382 0x4b10  Actual detected object count: 2
21:24:44.0932 0x4b10  DraftSight API Service ( UnsignedFile.Multi.Generic ) - skipped by user
21:24:44.0933 0x4b10  DraftSight API Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:24:44.0933 0x4b10  BacKGround Agent ( ForgedFile.Multi.Generic ) - skipped by user
21:24:44.0933 0x4b10  BacKGround Agent ( ForgedFile.Multi.Generic ) - User select action: Skip 
21:24:55.0917 0x5bbc  Deinitialize success
Das war alles

LG und Danke!

Alt 07.05.2016, 14:56   #5
M-K-D-B
/// TB-Ausbilder
 
Werbungen, Popups, Weiterleitungen - Standard

Werbungen, Popups, Weiterleitungen


Bitte beachten:
Zitat:
Gestartet von D:\Downloads
Leider hast du unsere Anleitung nicht richtig befolgt:
Bitte alle Tools direkt auf den Desktop downloaden bzw. dorthin verschieben und vom Desktop starten, da unsere Anleitungen daraufhin ausgelegt sind.
Zudem lassen sich dann am Ende der Bereinigung alle verwendeten Tools sehr einfach entfernen.
Alle Tools bis zum Ende der Bereinigung auf dem Desktop lassen, evtl. benötigen wir manche öfter.


Alt 07.05.2016, 16:46   #6
19luigi96
 
Werbungen, Popups, Weiterleitungen - Standard

Werbungen, Popups, Weiterleitungen


Okay. Soll ich die ganzen Codes erneut schicken oder genügt es, wenn ich einfach die Anwendungen auf den Desktop verschiebe?

Alt 08.05.2016, 11:07   #7
M-K-D-B
/// TB-Ausbilder
 
Werbungen, Popups, Weiterleitungen - Standard

Werbungen, Popups, Weiterleitungen


Zitat:
Zitat von 19luigi96 Beitrag anzeigen
Okay. Soll ich die ganzen Codes erneut schicken oder genügt es, wenn ich einfach die Anwendungen auf den Desktop verschiebe?
Auf den Desktop verschieben und FRST bitte nochmal.
Danke.

Alt 11.05.2016, 08:15   #8
19luigi96
 
Werbungen, Popups, Weiterleitungen - Standard

Werbungen, Popups, Weiterleitungen


Okay dann mache ich das jetzt schnell

Habe nun alle Programme am Desktop installiert und als Administrator ausgeführt.

Hier sind alle Reports:

FRST.txt:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:09-05-2016
durchgeführt von 19luigi96 (Administrator) auf LUKAS (11-05-2016 09:09:12)
Gestartet von D:\Filme
Geladene Profile: 19luigi96 (Verfügbare Profile: 19luigi96 & Administrator)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Dassault Systèmes) C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe
(Intel(R) Corporation) C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel Corporation\Intel(R) Technology Access\LegacyCsLoaderService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Dolby Laboratories Inc.) C:\Program Files\Dolby Digital Plus\ddp.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet Pro 8620\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet Pro 8620\Bin\ScanToPCActivationApp.exe
(Spotify Ltd) C:\Users\19luigi96\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Dassault Systèmes SolidWorks Corp.) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\sldworks_fs.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Spotify Ltd) C:\Users\19luigi96\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\19luigi96\AppData\Roaming\Spotify\SpotifyCrashService.exe
(Spotify Ltd) C:\Users\19luigi96\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\19luigi96\AppData\Roaming\Spotify\Spotify.exe
() C:\Program Files (x86)\MyPublicWiFi\MyPublicWiFi.exe
() C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(A1) C:\Program Files (x86)\A1 Servicecenter\A1 Servicecenter\A1Servicecenter_Launcher.exe
(A1) C:\Program Files (x86)\A1 Servicecenter\A1 Servicecenter\A1Servicecenter_Repair.exe
(A1 Telekom Austria AG) C:\Program Files (x86)\A1 Servicecenter\A1 Servicecenter\A1Servicecenter_Notification.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Farbar) D:\Filme\FRST64 (1).exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-05-26] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387376 2014-05-13] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397752 2016-04-27] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [BacKGround Agent] => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [62208 2014-12-19] ()
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2016-04-05] (LogMeIn Inc.)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
HKU\S-1-5-21-1020560147-1002730045-4244577835-1001\...\Run: [AcerCloud] => "C:\Program Files (x86)\Acer\Acer Portal\acpanel_win.exe" startup
HKU\S-1-5-21-1020560147-1002730045-4244577835-1001\...\Run: [HP Officejet Pro 8620 (NET)] => C:\Program Files\HP\HP Officejet Pro 8620\Bin\ScanToPCActivationApp.exe [3487240 2014-07-21] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-1020560147-1002730045-4244577835-1001\...\Run: [HP Officejet Pro 8620 (NET) #2] => C:\Program Files\HP\HP Officejet Pro 8620\Bin\ScanToPCActivationApp.exe [3487240 2014-07-21] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-1020560147-1002730045-4244577835-1001\...\Run: [Spotify Web Helper] => C:\Users\19luigi96\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1525360 2016-04-28] (Spotify Ltd)
HKU\S-1-5-21-1020560147-1002730045-4244577835-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8641240 2016-02-12] (Piriform Ltd)
HKU\S-1-5-21-1020560147-1002730045-4244577835-1001\...\RunOnce: [Uninstall C:\Users\19luigi96\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\19luigi96\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64"
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  Keine Datei
Startup: C:\Users\19luigi96\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - .lnk [2015-08-10]
ShortcutTarget: Tintenwarnungen überwachen - .lnk -> C:\Program Files\HP\HP Officejet Pro 8620\Bin\HPStatusBL.dll (Hewlett-Packard Development Company, LP)
Startup: C:\Users\19luigi96\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet Pro 8620 (Netzwerk).lnk [2015-11-05]
ShortcutTarget: Tintenwarnungen überwachen - HP Officejet Pro 8620 (Netzwerk).lnk -> C:\Program Files\HP\HP Officejet Pro 8620\Bin\HPStatusBL.dll (Hewlett-Packard Development Company, LP)
Startup: C:\Users\19luigi96\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet Pro 8620.lnk [2016-05-11]
ShortcutTarget: Tintenwarnungen überwachen - HP Officejet Pro 8620.lnk -> C:\Program Files\HP\HP Officejet Pro 8620\Bin\HPStatusBL.dll (Hewlett-Packard Development Company, LP)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SOLIDWORKS 2015 Schnellstart.lnk [2015-10-05]
ShortcutTarget: SOLIDWORKS 2015 Schnellstart.lnk -> C:\Windows\Installer\{F8093877-4F2C-40ED-9BA7-2F9F48F5176F}\NewShortcut2_87EDF6C81D0A4B7B84F42FE0C6A9D608.exe (Flexera Software LLC)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\..\Interfaces\{3801378c-19fb-4249-bd3f-ee84311b4a5a}: [DhcpNameServer] 208.67.220.220 208.67.222.222
Tcpip\..\Interfaces\{9c55ce6f-8b82-4961-afc2-89734233e46f}: [DhcpNameServer] 8.8.8.8

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1020560147-1002730045-4244577835-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1020560147-1002730045-4244577835-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKU\S-1-5-21-1020560147-1002730045-4244577835-1001 -> DefaultScope {18864BE2-BC64-46D6-8324-56B28B0AAAB6} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1020560147-1002730045-4244577835-1001 -> {18864BE2-BC64-46D6-8324-56B28B0AAAB6} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1020560147-1002730045-4244577835-1001 -> {9CDA2F28-FE39-4047-91D4-EABECC4C82C6} URL = hxxps://at.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-04-29] (Microsoft Corporation)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\PROGRA~2\mcafee\siteadvisor\x64\mcieplg.dll => Keine Datei
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-11-15] (AO Kaspersky Lab)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-03-19] (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-04-29] (Microsoft Corporation)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\PROGRA~2\mcafee\siteadvisor\mcieplg.dll => Keine Datei
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-11-15] (AO Kaspersky Lab)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-03-19] (Oracle Corporation)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\siteadvisor\x64\mcieplg.dll Keine Datei
Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-11-15] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\siteadvisor\mcieplg.dll Keine Datei
Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-11-15] (AO Kaspersky Lab)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\siteadvisor\mcieplg.dll Keine Datei
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\siteadvisor\mcieplg.dll Keine Datei
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-04-29] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-04-29] (Microsoft Corporation)

FireFox:
========
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-02-19] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-02-19] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-03-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-03-19] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-03-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-03-27] (Google Inc.)
FF Plugin HKU\S-1-5-21-1020560147-1002730045-4244577835-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\19luigi96\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-12-05] (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox
FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox [2016-03-01]

Chrome: 
=======
CHR Profile: C:\Users\19luigi96\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\19luigi96\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-03-27]
CHR Extension: (Google Docs) - C:\Users\19luigi96\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-03-27]
CHR Extension: (Google Drive) - C:\Users\19luigi96\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-27]
CHR Extension: (YouTube) - C:\Users\19luigi96\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-27]
CHR Extension: (Adblock Plus) - C:\Users\19luigi96\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-03-28]
CHR Extension: (Kaspersky Protection) - C:\Users\19luigi96\AppData\Local\Google\Chrome\User Data\Default\Extensions\eahebamiopdhefndnmappcihfajigkka [2016-03-27]
CHR Extension: (Google Tabellen) - C:\Users\19luigi96\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-03-27]
CHR Extension: (SiteAdvisor) - C:\Users\19luigi96\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2016-03-27]
CHR Extension: (Google Docs Offline) - C:\Users\19luigi96\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-27]
CHR Extension: (Skype) - C:\Users\19luigi96\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-05-06]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\19luigi96\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Google Mail) - C:\Users\19luigi96\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-27]
CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-04-29]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [194000 2015-11-15] (Kaspersky Lab ZAO)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-04-29] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-04-29] (Microsoft Corporation)
R2 DraftSight API Service; C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [125440 2016-02-04] (Dassault Systèmes) [Datei ist nicht signiert]
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-06-12] (Acer Incorporated)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1164856 2016-04-27] (NVIDIA Corporation)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [26680 2016-02-18] (Hewlett-Packard Company)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [370064 2015-10-14] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-02-19] (Intel Corporation)
S3 Intel(R) TA SAM; C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [19088 2015-08-12] (Intel Corporation)
R2 Intel(R) TechnologyAccessLegacyCSLoader; C:\Program Files\Intel Corporation\Intel(R) Technology Access\LegacyCsLoaderService.exe [154272 2016-03-15] (Intel(R) Corporation)
R2 Intel(R) TechnologyAccessService; C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe [479392 2016-03-15] (Intel(R) Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-26] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-02-19] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2016-04-05] (LogMeIn, Inc.)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [466664 2014-06-10] (Acer Incorporate)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-04-27] (NVIDIA Corporation)
S3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-04-27] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-04-27] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910128 2015-02-15] (Electronic Arts)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-06-26] (Acer Incorporate)
S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2015-06-26] (SolidWorks) [Datei ist nicht signiert]
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [233216 2014-06-23] (acer)
S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe [144640 2015-07-09] (AO Kaspersky Lab)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 AndnetBus; C:\Windows\System32\drivers\lgandnetbus64.sys [20992 2014-10-10] (LG Electronics Inc.)
S3 AndNetDiag; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [30720 2014-10-10] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [37376 2014-10-10] (LG Electronics Inc.)
S3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [165376 2015-10-30] (Microsoft Corporation)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-11-12] (LogMeIn Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70512 2015-06-27] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [77728 2016-03-01] (AO Kaspersky Lab)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [30328 2015-06-24] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [181640 2015-11-15] (AO Kaspersky Lab)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [227512 2015-11-15] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [927640 2016-03-01] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [39608 2015-06-11] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [41656 2015-06-06] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41352 2015-11-15] (AO Kaspersky Lab)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [87944 2015-11-15] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [102584 2015-06-16] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-05-11] (Malwarebytes)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [116736 2014-02-19] (Intel Corporation)
R1 ndisrd; C:\Windows\system32\DRIVERS\ndisrfl.sys [50448 2015-07-28] (Intel Corporation)
R3 NetTap630; C:\Windows\system32\DRIVERS\nettap630.sys [76560 2015-07-29] (Intel Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-04-27] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-27] (NVIDIA Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [402960 2015-12-20] (Realsil Semiconductor Corporation)
S3 USBTINSP; C:\Windows\System32\drivers\tinspusb.sys [142848 2014-04-21] (Texas Instruments)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S1 epp; \??\C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\epp.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-05-06 21:22 - 2016-05-06 21:24 - 00107702 _____ C:\TDSSKiller.3.1.0.9_06.05.2016_21.22.03_log.txt
2016-05-06 21:13 - 2016-05-11 09:09 - 00000000 ____D C:\FRST
2016-05-06 10:27 - 2016-05-11 08:41 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-05-06 10:27 - 2016-05-06 10:27 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-05-03 13:25 - 2016-05-03 13:25 - 00000000 ____D C:\Users\19luigi96\AppData\Roaming\NVIDIA
2016-05-02 16:37 - 2016-05-02 16:37 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2016-05-02 16:36 - 2016-05-02 16:36 - 00000000 ____D C:\ProgramData\NVIDIA
2016-05-02 16:36 - 2016-04-27 14:18 - 06369728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-05-02 16:36 - 2016-04-27 14:18 - 02994744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-05-02 16:36 - 2016-04-27 14:18 - 02563128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-05-02 16:36 - 2016-04-27 14:18 - 01265720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-05-02 16:36 - 2016-04-27 14:18 - 00530880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-05-02 16:36 - 2016-04-27 14:18 - 00393784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-05-02 16:36 - 2016-04-27 14:18 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-05-02 16:36 - 2016-04-27 14:18 - 00071224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-05-02 16:36 - 2016-04-25 07:33 - 06381278 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-05-02 16:35 - 2016-05-02 16:35 - 00000000 ____D C:\NVIDIA
2016-05-02 16:35 - 2016-04-28 18:18 - 12631616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2016-05-02 16:35 - 2016-04-27 16:33 - 42921920 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-05-02 16:35 - 2016-04-27 16:33 - 37567424 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-05-02 16:35 - 2016-04-27 16:33 - 31598136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-05-02 16:35 - 2016-04-27 16:33 - 25350712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-05-02 16:35 - 2016-04-27 16:33 - 21365048 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-05-02 16:35 - 2016-04-27 16:33 - 20906872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-05-02 16:35 - 2016-04-27 16:33 - 20079168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2016-05-02 16:35 - 2016-04-27 16:33 - 17756440 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-05-02 16:35 - 2016-04-27 16:33 - 17369768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2016-05-02 16:35 - 2016-04-27 16:33 - 17350288 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-05-02 16:35 - 2016-04-27 16:33 - 17333344 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2016-05-02 16:35 - 2016-04-27 16:33 - 14227888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2016-05-02 16:35 - 2016-04-27 16:33 - 10550736 _____ C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-05-02 16:35 - 2016-04-27 16:33 - 08659472 _____ C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-05-02 16:35 - 2016-04-27 16:33 - 03685280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-05-02 16:35 - 2016-04-27 16:33 - 03262784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-05-02 16:35 - 2016-04-27 16:33 - 02614208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-05-02 16:35 - 2016-04-27 16:33 - 02258368 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-05-02 16:35 - 2016-04-27 16:33 - 01922496 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436510.dll
2016-05-02 16:35 - 2016-04-27 16:33 - 01573432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436510.dll
2016-05-02 16:35 - 2016-04-27 16:33 - 00960056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-05-02 16:35 - 2016-04-27 16:33 - 00887744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-05-02 16:35 - 2016-04-27 16:33 - 00786872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2016-05-02 16:35 - 2016-04-27 16:33 - 00753208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-05-02 16:35 - 2016-04-27 16:33 - 00694208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-05-02 16:35 - 2016-04-27 16:33 - 00678704 _____ C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-05-02 16:35 - 2016-04-27 16:33 - 00632152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-05-02 16:35 - 2016-04-27 16:33 - 00571912 _____ C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-05-02 16:35 - 2016-04-27 16:33 - 00425016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-05-02 16:35 - 2016-04-27 16:33 - 00379480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-05-02 16:35 - 2016-04-27 16:33 - 00379448 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-05-02 16:35 - 2016-04-27 16:33 - 00317472 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-05-02 16:35 - 2016-04-27 16:33 - 00175880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2016-05-02 16:35 - 2016-04-27 16:33 - 00153392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2016-05-02 16:35 - 2016-04-27 16:33 - 00109632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2016-05-02 16:35 - 2016-04-27 16:33 - 00100416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2016-05-02 16:35 - 2016-04-27 16:33 - 00038050 _____ C:\WINDOWS\system32\nvinfo.pb
2016-05-02 16:35 - 2016-04-27 16:33 - 00000139 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2016-05-02 16:35 - 2016-04-27 16:33 - 00000139 _____ C:\WINDOWS\system32\nv-vk64.json
2016-04-29 07:23 - 2016-04-29 07:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinFACT 7
2016-04-28 18:32 - 2016-04-28 18:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2016-04-28 18:32 - 2016-04-28 18:32 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2016-04-13 17:45 - 2016-03-29 12:20 - 07474016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-04-13 17:45 - 2016-03-29 12:20 - 02656952 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-13 17:45 - 2016-03-29 12:18 - 02152280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-04-13 17:45 - 2016-03-29 11:37 - 01862008 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-04-13 17:45 - 2016-03-29 10:41 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-04-13 17:45 - 2016-03-29 10:06 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-04-13 17:45 - 2016-03-29 10:01 - 00541304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-04-13 17:45 - 2016-03-29 09:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-04-13 17:45 - 2016-03-29 09:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-04-13 17:45 - 2016-03-29 09:46 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-04-13 17:45 - 2016-03-29 09:36 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-04-13 17:45 - 2016-03-29 09:19 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-04-13 17:45 - 2016-03-29 09:15 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-04-13 17:45 - 2016-03-29 09:12 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-04-13 17:45 - 2016-03-29 09:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-04-13 17:45 - 2016-03-29 09:07 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-04-13 17:45 - 2016-03-29 09:02 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-04-13 17:45 - 2016-03-29 08:42 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-04-13 17:45 - 2016-03-29 08:37 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-04-13 17:45 - 2016-03-29 08:32 - 01731584 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-04-13 17:45 - 2016-03-29 08:31 - 02275328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-04-13 17:45 - 2016-03-29 08:26 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-04-13 17:45 - 2016-03-29 08:05 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-04-13 17:45 - 2016-03-29 08:05 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-04-13 17:45 - 2016-03-29 08:02 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-04-13 17:45 - 2016-03-29 07:51 - 22378496 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-04-13 17:45 - 2016-03-29 07:41 - 24602112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-04-13 17:45 - 2016-03-29 07:41 - 12125184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-04-13 17:45 - 2016-03-29 07:39 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-04-13 17:45 - 2016-03-29 07:38 - 18673664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-04-13 17:45 - 2016-03-29 07:37 - 19340800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-04-13 17:44 - 2016-04-02 06:13 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-04-13 17:44 - 2016-04-02 06:10 - 00770640 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2016-04-13 17:44 - 2016-04-02 06:10 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-04-13 17:44 - 2016-04-02 06:10 - 00374008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-04-13 17:44 - 2016-04-02 05:30 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-04-13 17:44 - 2016-04-02 05:29 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-04-13 17:44 - 2016-04-02 05:29 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2016-04-13 17:44 - 2016-04-02 05:26 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-04-13 17:44 - 2016-04-02 05:25 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2016-04-13 17:44 - 2016-04-02 05:25 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
2016-04-13 17:44 - 2016-04-02 05:23 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-04-13 17:44 - 2016-04-02 05:23 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-04-13 17:44 - 2016-04-02 05:21 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-04-13 17:44 - 2016-04-02 05:19 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-04-13 17:44 - 2016-04-02 05:18 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-04-13 17:44 - 2016-04-02 05:15 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-04-13 17:44 - 2016-04-02 05:14 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-04-13 17:44 - 2016-04-02 05:09 - 01832448 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-04-13 17:44 - 2016-04-02 05:08 - 02193408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-04-13 17:44 - 2016-04-02 05:07 - 03575296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-04-13 17:44 - 2016-04-02 05:07 - 02158592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-04-13 17:44 - 2016-04-02 05:03 - 04774912 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-04-13 17:44 - 2016-04-02 05:00 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-04-13 17:44 - 2016-03-29 12:23 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-04-13 17:44 - 2016-03-29 12:22 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-04-13 17:44 - 2016-03-29 12:22 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-04-13 17:44 - 2016-03-29 12:20 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-04-13 17:44 - 2016-03-29 12:20 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-04-13 17:44 - 2016-03-29 12:15 - 00100232 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2016-04-13 17:44 - 2016-03-29 12:11 - 00686976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-04-13 17:44 - 2016-03-29 12:05 - 01152864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-04-13 17:44 - 2016-03-29 12:02 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-04-13 17:44 - 2016-03-29 12:02 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-04-13 17:44 - 2016-03-29 11:56 - 01297752 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-04-13 17:44 - 2016-03-29 11:28 - 00696664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-04-13 17:44 - 2016-03-29 11:28 - 00535080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2016-04-13 17:44 - 2016-03-29 11:28 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-04-13 17:44 - 2016-03-29 11:25 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
2016-04-13 17:44 - 2016-03-29 11:25 - 00058400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-04-13 17:44 - 2016-03-29 11:19 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-04-13 17:44 - 2016-03-29 11:18 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-04-13 17:44 - 2016-03-29 11:17 - 00300104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-04-13 17:44 - 2016-03-29 11:13 - 00986976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-04-13 17:44 - 2016-03-29 11:11 - 00605440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-04-13 17:44 - 2016-03-29 11:11 - 00074424 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2016-04-13 17:44 - 2016-03-29 11:10 - 00110584 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvcli.dll
2016-04-13 17:44 - 2016-03-29 11:09 - 00078040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkscli.dll
2016-04-13 17:44 - 2016-03-29 11:08 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-04-13 17:44 - 2016-03-29 11:08 - 00261376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2016-04-13 17:44 - 2016-03-29 11:07 - 00081144 _____ (Microsoft Corporation) C:\WINDOWS\system32\netapi32.dll
2016-04-13 17:44 - 2016-03-29 10:44 - 00502104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-04-13 17:44 - 2016-03-29 10:44 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-04-13 17:44 - 2016-03-29 10:41 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2016-04-13 17:44 - 2016-03-29 10:32 - 00253088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-04-13 17:44 - 2016-03-29 10:26 - 02403680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-04-13 17:44 - 2016-03-29 10:26 - 01089888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-04-13 17:44 - 2016-03-29 10:26 - 00073872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srvcli.dll
2016-04-13 17:44 - 2016-03-29 10:25 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkscli.dll
2016-04-13 17:44 - 2016-03-29 10:24 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-04-13 17:44 - 2016-03-29 10:23 - 00069744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netapi32.dll
2016-04-13 17:44 - 2016-03-29 10:21 - 00378208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2016-04-13 17:44 - 2016-03-29 10:17 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-04-13 17:44 - 2016-03-29 10:16 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-04-13 17:44 - 2016-03-29 10:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2016-04-13 17:44 - 2016-03-29 10:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2016-04-13 17:44 - 2016-03-29 10:07 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-04-13 17:44 - 2016-03-29 10:07 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2016-04-13 17:44 - 2016-03-29 10:07 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsdchngr.dll
2016-04-13 17:44 - 2016-03-29 10:06 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacchooks.dll
2016-04-13 17:44 - 2016-03-29 10:02 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-04-13 17:44 - 2016-03-29 10:00 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-04-13 17:44 - 2016-03-29 10:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2016-04-13 17:44 - 2016-03-29 10:00 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-04-13 17:44 - 2016-03-29 09:59 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2016-04-13 17:44 - 2016-03-29 09:57 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-04-13 17:44 - 2016-03-29 09:57 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-04-13 17:44 - 2016-03-29 09:57 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-04-13 17:44 - 2016-03-29 09:57 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\browcli.dll
2016-04-13 17:44 - 2016-03-29 09:55 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-04-13 17:44 - 2016-03-29 09:55 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serial.sys
2016-04-13 17:44 - 2016-03-29 09:55 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2016-04-13 17:44 - 2016-03-29 09:54 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-04-13 17:44 - 2016-03-29 09:54 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2016-04-13 17:44 - 2016-03-29 09:53 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2016-04-13 17:44 - 2016-03-29 09:52 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2016-04-13 17:44 - 2016-03-29 09:51 - 00181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2016-04-13 17:44 - 2016-03-29 09:51 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-04-13 17:44 - 2016-03-29 09:51 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-04-13 17:44 - 2016-03-29 09:50 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-04-13 17:44 - 2016-03-29 09:50 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-04-13 17:44 - 2016-03-29 09:50 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-04-13 17:44 - 2016-03-29 09:50 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-04-13 17:44 - 2016-03-29 09:50 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2016-04-13 17:44 - 2016-03-29 09:49 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthLEEnum.sys
2016-04-13 17:44 - 2016-03-29 09:49 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-04-13 17:44 - 2016-03-29 09:48 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2016-04-13 17:44 - 2016-03-29 09:48 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-04-13 17:44 - 2016-03-29 09:46 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2016-04-13 17:44 - 2016-03-29 09:44 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2016-04-13 17:44 - 2016-03-29 09:42 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-04-13 17:44 - 2016-03-29 09:39 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-04-13 17:44 - 2016-03-29 09:38 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-04-13 17:44 - 2016-03-29 09:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-04-13 17:44 - 2016-03-29 09:36 - 00530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2016-04-13 17:44 - 2016-03-29 09:35 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2016-04-13 17:44 - 2016-03-29 09:35 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2016-04-13 17:44 - 2016-03-29 09:34 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-04-13 17:44 - 2016-03-29 09:34 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-04-13 17:44 - 2016-03-29 09:34 - 00333824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2016-04-13 17:44 - 2016-03-29 09:34 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2016-04-13 17:44 - 2016-03-29 09:33 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-04-13 17:44 - 2016-03-29 09:32 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-04-13 17:44 - 2016-03-29 09:32 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-04-13 17:44 - 2016-03-29 09:30 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2016-04-13 17:44 - 2016-03-29 09:30 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-04-13 17:44 - 2016-03-29 09:28 - 00460288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-04-13 17:44 - 2016-03-29 09:27 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-04-13 17:44 - 2016-03-29 09:26 - 00169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-04-13 17:44 - 2016-03-29 09:23 - 00694784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2016-04-13 17:44 - 2016-03-29 09:23 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-04-13 17:44 - 2016-03-29 09:23 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-04-13 17:44 - 2016-03-29 09:22 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2016-04-13 17:44 - 2016-03-29 09:21 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-13 17:44 - 2016-03-29 09:20 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-04-13 17:44 - 2016-03-29 09:20 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2016-04-13 17:44 - 2016-03-29 09:20 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll
2016-04-13 17:44 - 2016-03-29 09:20 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsdchngr.dll
2016-04-13 17:44 - 2016-03-29 09:19 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-04-13 17:44 - 2016-03-29 09:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacchooks.dll
2016-04-13 17:44 - 2016-03-29 09:18 - 00676352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2016-04-13 17:44 - 2016-03-29 09:17 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-04-13 17:44 - 2016-03-29 09:17 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-04-13 17:44 - 2016-03-29 09:17 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-04-13 17:44 - 2016-03-29 09:16 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-04-13 17:44 - 2016-03-29 09:16 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-04-13 17:44 - 2016-03-29 09:15 - 01714688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-04-13 17:44 - 2016-03-29 09:14 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-04-13 17:44 - 2016-03-29 09:14 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-04-13 17:44 - 2016-03-29 09:14 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-04-13 17:44 - 2016-03-29 09:14 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-04-13 17:44 - 2016-03-29 09:13 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-04-13 17:44 - 2016-03-29 09:12 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-04-13 17:44 - 2016-03-29 09:11 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-04-13 17:44 - 2016-03-29 09:11 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-04-13 17:44 - 2016-03-29 09:11 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-04-13 17:44 - 2016-03-29 09:11 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-04-13 17:44 - 2016-03-29 09:11 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-04-13 17:44 - 2016-03-29 09:11 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\browcli.dll
2016-04-13 17:44 - 2016-03-29 09:10 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-04-13 17:44 - 2016-03-29 09:10 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-04-13 17:44 - 2016-03-29 09:09 - 01239552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-04-13 17:44 - 2016-03-29 09:09 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-04-13 17:44 - 2016-03-29 09:09 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2016-04-13 17:44 - 2016-03-29 09:08 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-04-13 17:44 - 2016-03-29 09:08 - 00841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-04-13 17:44 - 2016-03-29 09:08 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-04-13 17:44 - 2016-03-29 09:07 - 01902592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-04-13 17:44 - 2016-03-29 09:06 - 01575936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-04-13 17:44 - 2016-03-29 09:06 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-04-13 17:44 - 2016-03-29 09:06 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2016-04-13 17:44 - 2016-03-29 09:05 - 01395712 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-04-13 17:44 - 2016-03-29 09:05 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll
2016-04-13 17:44 - 2016-03-29 09:04 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2016-04-13 17:44 - 2016-03-29 09:03 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-04-13 17:44 - 2016-03-29 09:02 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-04-13 17:44 - 2016-03-29 09:02 - 01211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-04-13 17:44 - 2016-03-29 09:00 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-04-13 17:44 - 2016-03-29 09:00 - 00235008 _____ C:\WINDOWS\system32\MTF.dll
2016-04-13 17:44 - 2016-03-29 09:00 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-04-13 17:44 - 2016-03-29 09:00 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-04-13 17:44 - 2016-03-29 08:59 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-04-13 17:44 - 2016-03-29 08:59 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-04-13 17:44 - 2016-03-29 08:59 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-04-13 17:44 - 2016-03-29 08:56 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-04-13 17:44 - 2016-03-29 08:56 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-04-13 17:44 - 2016-03-29 08:55 - 01052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-04-13 17:44 - 2016-03-29 08:53 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2016-04-13 17:44 - 2016-03-29 08:53 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2016-04-13 17:44 - 2016-03-29 08:52 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-04-13 17:44 - 2016-03-29 08:52 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2016-04-13 17:44 - 2016-03-29 08:49 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2016-04-13 17:44 - 2016-03-29 08:48 - 00346624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-04-13 17:44 - 2016-03-29 08:44 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-04-13 17:44 - 2016-03-29 08:43 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AccountsRt.dll
2016-04-13 17:44 - 2016-03-29 08:42 - 01410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-04-13 17:44 - 2016-03-29 08:42 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-13 17:44 - 2016-03-29 08:41 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2016-04-13 17:44 - 2016-03-29 08:40 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2016-04-13 17:44 - 2016-03-29 08:39 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2016-04-13 17:44 - 2016-03-29 08:39 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2016-04-13 17:44 - 2016-03-29 08:39 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-04-13 17:44 - 2016-03-29 08:38 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-04-13 17:44 - 2016-03-29 08:37 - 01444352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-04-13 17:44 - 2016-03-29 08:37 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-04-13 17:44 - 2016-03-29 08:36 - 03351040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-04-13 17:44 - 2016-03-29 08:36 - 00649728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-04-13 17:44 - 2016-03-29 08:35 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-04-13 17:44 - 2016-03-29 08:34 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-04-13 17:44 - 2016-03-29 08:34 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-04-13 17:44 - 2016-03-29 08:34 - 00682496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2016-04-13 17:44 - 2016-03-29 08:34 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-04-13 17:44 - 2016-03-29 08:32 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2016-04-13 17:44 - 2016-03-29 08:32 - 01098240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-04-13 17:44 - 2016-03-29 08:32 - 00854528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2016-04-13 17:44 - 2016-03-29 08:32 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-04-13 17:44 - 2016-03-29 08:32 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-04-13 17:44 - 2016-03-29 08:32 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-04-13 17:44 - 2016-03-29 08:32 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2016-04-13 17:44 - 2016-03-29 08:31 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-04-13 17:44 - 2016-03-29 08:31 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-04-13 17:44 - 2016-03-29 08:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-04-13 17:44 - 2016-03-29 08:30 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-04-13 17:44 - 2016-03-29 08:29 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-04-13 17:44 - 2016-03-29 08:29 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-04-13 17:44 - 2016-03-29 08:28 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-04-13 17:44 - 2016-03-29 08:28 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-04-13 17:44 - 2016-03-29 08:27 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-04-13 17:44 - 2016-03-29 08:27 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-04-13 17:44 - 2016-03-29 08:27 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll
2016-04-13 17:44 - 2016-03-29 08:27 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-04-13 17:44 - 2016-03-29 08:27 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-04-13 17:44 - 2016-03-29 08:23 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2016-04-13 17:44 - 2016-03-29 08:22 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-04-13 17:44 - 2016-03-29 08:19 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-04-13 17:44 - 2016-03-29 08:17 - 00765952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-04-13 17:44 - 2016-03-29 08:14 - 01072128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-04-13 17:44 - 2016-03-29 08:13 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2016-04-13 17:44 - 2016-03-29 08:10 - 03671040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-04-13 17:44 - 2016-03-29 08:06 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-04-13 17:44 - 2016-03-29 08:05 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-04-13 17:44 - 2016-03-29 08:05 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-04-13 17:44 - 2016-03-29 08:05 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-04-13 17:44 - 2016-03-29 08:05 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-04-13 17:44 - 2016-03-29 08:04 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-04-13 17:44 - 2016-03-29 08:04 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-04-13 17:44 - 2016-03-29 08:01 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-04-13 17:44 - 2016-03-29 08:01 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-04-13 17:44 - 2016-03-29 08:00 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-04-13 17:44 - 2016-03-29 07:58 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-04-13 17:44 - 2016-03-29 07:56 - 16985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-04-13 17:44 - 2016-03-29 07:52 - 11545600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-04-13 17:44 - 2016-03-29 07:51 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-04-13 17:44 - 2016-03-29 07:49 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-04-13 17:44 - 2016-03-29 07:45 - 03078144 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2016-04-13 17:44 - 2016-03-29 07:45 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2016-04-13 17:44 - 2016-03-29 07:43 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-04-13 17:44 - 2016-03-29 07:43 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2016-04-13 17:44 - 2016-03-29 07:38 - 02798080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-04-13 17:44 - 2016-03-29 07:36 - 02722816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2016-04-13 17:44 - 2016-03-29 07:35 - 00821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2016-04-13 17:44 - 2016-03-29 07:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2016-04-13 17:44 - 2016-03-29 07:27 - 07836160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-04-13 17:44 - 2016-03-29 07:27 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-04-13 17:44 - 2016-03-29 07:27 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2016-04-13 17:44 - 2016-03-29 07:26 - 00958976 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-04-13 17:44 - 2016-03-29 07:26 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2016-04-13 17:44 - 2016-03-29 07:25 - 00712704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2016-04-13 17:44 - 2016-03-29 07:25 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2016-04-13 17:44 - 2016-03-29 07:21 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-05-11 08:42 - 2015-01-23 16:54 - 00000000 ____D C:\Users\19luigi96\AppData\Roaming\Spotify
2016-05-11 08:42 - 2015-01-23 16:54 - 00000000 ____D C:\Users\19luigi96\AppData\Local\Spotify
2016-05-11 08:40 - 2016-03-27 15:25 - 00001124 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-11 08:40 - 2016-02-17 19:13 - 00000000 ____D C:\Users\19luigi96\AppData\Local\LogMeIn Hamachi
2016-05-11 08:40 - 2015-12-22 19:31 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-05-11 08:40 - 2015-07-12 10:54 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-05-11 08:40 - 2014-12-02 23:52 - 00000000 __SHD C:\Users\19luigi96\IntelGraphicsProfiles
2016-05-10 23:14 - 2015-12-22 19:32 - 00000000 ____D C:\Users\19luigi96
2016-05-10 22:30 - 2016-03-27 15:25 - 00001128 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-10 17:07 - 2015-03-03 22:11 - 00000000 ____D C:\Users\19luigi96\AppData\Roaming\.minecraft
2016-05-10 15:39 - 2015-10-30 20:35 - 00776766 _____ C:\WINDOWS\system32\perfh007.dat
2016-05-10 15:39 - 2015-10-30 20:35 - 00155544 _____ C:\WINDOWS\system32\perfc007.dat
2016-05-10 15:39 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-05-10 15:39 - 2015-08-13 17:59 - 01799166 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-05-10 15:33 - 2015-12-22 19:38 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-05-09 16:48 - 2015-01-26 12:57 - 00000000 ____D C:\Users\19luigi96\AppData\Local\CrashDumps
2016-05-08 22:29 - 2015-08-25 22:00 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-05-08 22:28 - 2016-02-20 14:16 - 00000360 _____ C:\WINDOWS\Tasks\HPCeeScheduleFor19luigi96.job
2016-05-08 14:27 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-05-07 11:41 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-05-07 11:22 - 2016-02-20 14:16 - 00003268 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleFor19luigi96
2016-05-06 11:31 - 2015-01-26 19:30 - 135176864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-05-06 10:23 - 2016-03-27 15:19 - 00000000 ____D C:\AdwCleaner
2016-05-06 10:23 - 2015-10-30 08:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-05-03 17:31 - 2016-03-27 15:26 - 00002268 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-05-02 16:36 - 2015-12-22 19:31 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-05-02 16:36 - 2015-12-22 19:31 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-05-02 16:36 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\Help
2016-04-29 07:24 - 2015-01-23 15:01 - 00000000 ____D C:\Users\19luigi96\AppData\Local\VirtualStore
2016-04-29 07:23 - 2016-01-11 09:10 - 00000000 ____D C:\Program Files (x86)\Kahlert
2016-04-28 18:32 - 2016-02-14 11:25 - 00000000 ____D C:\Users\19luigi96\AppData\Roaming\RAASPRO
2016-04-28 18:32 - 2015-12-22 19:30 - 00387592 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-04-27 16:33 - 2015-12-26 13:52 - 00112032 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2016-04-27 16:33 - 2015-11-04 22:26 - 00056384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2016-04-27 16:33 - 2014-09-24 22:21 - 01767432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2016-04-27 16:33 - 2014-09-24 22:21 - 01756424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2016-04-27 16:33 - 2014-09-24 22:21 - 01373864 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2016-04-27 16:33 - 2014-09-24 22:21 - 01316000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2016-04-22 09:57 - 2015-08-09 21:00 - 00453288 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-04-21 16:19 - 2015-10-27 14:37 - 00000000 ____D C:\xampp
2016-04-21 16:16 - 2014-09-24 22:12 - 00000000 ____D C:\ProgramData\Package Cache
2016-04-19 15:35 - 2015-12-22 19:32 - 00000000 ____D C:\Users\Administrator
2016-04-16 22:47 - 2015-02-23 17:23 - 00000000 ____D C:\Users\19luigi96\AppData\Roaming\Skype
2016-04-16 16:45 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-04-14 21:26 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-04-14 21:26 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-04-14 21:26 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-04-14 21:26 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-04-13 19:53 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-04-13 19:52 - 2015-01-26 19:30 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-04-13 17:47 - 2014-12-02 23:52 - 00000000 ____D C:\Users\19luigi96\AppData\Local\Packages
2016-04-13 13:52 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\NDF

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-02-17 22:21 - 2016-02-17 22:21 - 0000037 ___SH () C:\Users\19luigi96\AppData\Local\20986331705021ca58edc424.96250074
2016-04-10 15:47 - 2016-04-10 15:47 - 0007605 _____ () C:\Users\19luigi96\AppData\Local\Resmon.ResmonCfg
2015-08-03 11:19 - 2016-01-28 17:09 - 0000000 _____ () C:\Users\19luigi96\AppData\Local\Temptable.xml
2015-04-27 17:17 - 2016-03-24 23:25 - 0000028 _____ () C:\Users\19luigi96\AppData\Local\X-Plane Installer.prf
2016-03-24 22:52 - 2016-03-24 22:52 - 0000027 _____ () C:\Users\19luigi96\AppData\Local\x-plane_install_10.txt
2015-02-26 13:20 - 2015-02-26 13:20 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-12-22 19:31 - 2015-12-22 19:31 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-08-13 16:32 - 2014-04-17 00:08 - 0658000 _____ (WildTangent, Inc.) C:\ProgramData\uninstall1928852.exe

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\uninstall1928852.exe


Einige Dateien in TEMP:
====================
C:\Users\19luigi96\AppData\Local\Temp\jansi-64-2183965772882801231.dll
C:\Users\19luigi96\AppData\Local\Temp\jansi-64-2484865374604876261.dll
C:\Users\19luigi96\AppData\Local\Temp\jansi-64-3571864907557787339.dll
C:\Users\19luigi96\AppData\Local\Temp\jansi-64-3690536332481272905.dll
C:\Users\19luigi96\AppData\Local\Temp\jansi-64-3843901393863405197.dll
C:\Users\19luigi96\AppData\Local\Temp\jansi-64-4121097493805825394.dll
C:\Users\19luigi96\AppData\Local\Temp\jansi-64-4488955159157956045.dll
C:\Users\19luigi96\AppData\Local\Temp\jansi-64-4987374504914046777.dll
C:\Users\19luigi96\AppData\Local\Temp\jansi-64-5176306758942253443.dll
C:\Users\19luigi96\AppData\Local\Temp\jansi-64-5972435545035325160.dll
C:\Users\19luigi96\AppData\Local\Temp\jansi-64-5992546385488262033.dll
C:\Users\19luigi96\AppData\Local\Temp\jansi-64-6448248030494062687.dll
C:\Users\19luigi96\AppData\Local\Temp\jansi-64-7442667742187308165.dll
C:\Users\19luigi96\AppData\Local\Temp\jansi-64-7594854538453313450.dll
C:\Users\19luigi96\AppData\Local\Temp\jansi-64-7705841694259774983.dll
C:\Users\19luigi96\AppData\Local\Temp\jansi-64-7759469958108942631.dll
C:\Users\19luigi96\AppData\Local\Temp\jansi-64-8454238592368665437.dll
C:\Users\19luigi96\AppData\Local\Temp\libeay32.dll
C:\Users\19luigi96\AppData\Local\Temp\msvcr120.dll
C:\Users\19luigi96\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-05-09 20:08

==================== Ende von FRST.txt ============================

Alt 11.05.2016, 08:17   #9
19luigi96
 
Werbungen, Popups, Weiterleitungen - Standard

Werbungen, Popups, Weiterleitungen


Addition.txt:

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:09-05-2016
durchgeführt von 19luigi96 (2016-05-11 09:09:51)
Gestartet von D:\Filme
Windows 10 Home Version 1511 (X64) (2015-12-22 17:41:17)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

19luigi96 (S-1-5-21-1020560147-1002730045-4244577835-1001 - Administrator - Enabled) => C:\Users\19luigi96
Administrator (S-1-5-21-1020560147-1002730045-4244577835-500 - Administrator - Disabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-1020560147-1002730045-4244577835-503 - Limited - Disabled)
Gast (S-1-5-21-1020560147-1002730045-4244577835-501 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.38 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0938-000001000000}) (Version: 9.38.00.0 - Igor Pavlov)
A1 Servicecenter (HKLM-x32\...\A1 Servicecenter) (Version: 9.15.2.1548 - A1 Telekom Austria AG)
abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.00.3002 - Acer Incorporated)
abMedia (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.05.2004.3 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.00.2005.6 - Acer Incorporated)
Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3016 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8107 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8105 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3016.0 - Acer Incorporated)
Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.02.3004 - Acer Incorporated)
Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.02.3004 - Acer Incorporated)
Acer Video Player (HKLM-x32\...\{B6846F20-4821-11E3-8F96-0800200C9A66}) (Version: 1.00.2005.0 - Acer Incorporated)
Aerosoft's - Airbus A318-A319 - FSX (HKLM-x32\...\Airbus A318-A319 - FSX) (Version: 1.10 - Aerosoft)
Aerosoft's - Airbus A320-A321 - FSX (HKLM-x32\...\Airbus A320-A321 - FSX) (Version: 1.10 - Aerosoft)
aerosoft's - German Airports 3 X - FSX (HKLM-x32\...\{6360C5E9-2842-4213-88B9-47D814FAAD54}) (Version: 1.01 - aerosoft)
Airbus A340 Mega Package Vol 1 FSX & P3D (HKLM\...\{F9690B9F-BF8C-4369-B054-E35EB1399EBC}) (Version: 1 - Luis Quintero, Thomas Ruth (and his team))
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.01.2008.3 - Acer Incorporated)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom NetLink Controller (HKLM\...\{7FBA83D7-D58E-4B70-9B9B-12E95B183B22}) (Version: 16.6.1.3 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.15 - Piriform)
Cities In Motion (HKLM-x32\...\{15FA5ED6-2F98-4B5E-AF0B-18E5F4723FAD}_is1) (Version:  - )
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4917 - CyberLink Corp.)
CyberLink Power Media Player 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3.4218 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.4220 - CyberLink Corp.)
Desk Pilot 1.4.3(Free) (HKLM-x32\...\Desk Pilot 1.4.3(Free)) (Version:  - )
Digitale Schulbücher (HKLM-x32\...\{DE24A5DA-8CE2-4BF8-AE5E-125FBC70BE9B}) (Version: 1.1.0.65 - VBM Service GmbH)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.6.3.1 - Dolby Laboratories Inc)
DraftSight 2016 SP0 x64 (HKLM\...\{78F7D38E-85AE-42B8-B3A2-F935AF8B64D1}) (Version: 16.0.4061 - Dassault Systemes)
Foxit PhantomPDF (HKLM-x32\...\{2DF18CA8-86F2-4F3A-A1BF-A2A7D39B9161}) (Version: 7.0.49.127 - Foxit Software Inc.)
FsPassengersX for Microsoft Flight Simulator X (HKLM-x32\...\FsPassengersX) (Version: 20160123 - SecondReality Software)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.94 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
HappyFoto-Designer 5.4 (HKLM-x32\...\HappyFoto-Designer_is1) (Version:  - )
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet Pro 8620 - Grundlegende Software für das Gerät (HKLM\...\{F6CE08BC-6929-412E-BB42-A9A7CD9721D7}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
HP Officejet Pro 8620 Hilfe (HKLM-x32\...\{F8E43C63-DFF2-4134-A46C-2A6F00517A35}) (Version: 32.0.0 - Hewlett Packard)
HP Support Assistant (HKLM-x32\...\{61EB474B-67A6-47F4-B1B7-386851BAB3D0}) (Version: 8.2.8.25 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{8F1A441E-AD6D-4732-BD6A-F38D5F1D1E47}) (Version: 12.2.8.17 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.0.1168 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4248 - Intel Corporation)
Intel(R) Technology Access (HKLM-x32\...\{1709a432-4aab-4ad0-870d-ff74abc41bdd}) (Version: 1.9.0.1021 - Intel Corporation)
Intel(R) Technology Access Software Asset Manager (x32 Version: 3.1.814 - Intel Corporation) Hidden
Intel(R) Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.20 - Intel(R) Corporation) Hidden
Intel® PROSet/Wireless Software (HKLM-x32\...\{7991b5ae-96d7-4df2-97fb-a605b7cb638b}) (Version: 17.12.0 - Intel Corporation)
Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden
KlausTrial (HKLM-x32\...\{DB2AC811-5937-43CE-B538-46EBD6F0CAC4}) (Version: 1.00.0000 - Naturalsoft)
Letasoft Sound Booster Version 1.2 (HKLM-x32\...\{6C6CF38B-11DD-45C6-A15E-A3A0C4CE60F8}_is1) (Version: 1.2 - Letasoft LLC)
LG PC Suite (HKLM-x32\...\LG PC Suite) (Version: 5.3.24.20150327 - LG Electronics)
LG United Mobile Drivers (HKLM-x32\...\{2D5218EB-6992-46E3-8ECE-76C79AB955CE}) (Version: 3.13.2.0 - LG Electronics)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.422 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.422 - LogMeIn, Inc.) Hidden
Majestic Dash8 Q400 (HKLM-x32\...\Majestic Dash8 Q400v1.013) (Version: v1.013 - Majestic Software)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Flight Simulator SimConnect Client v10.0.60905.0 (HKLM-x32\...\{D1AC9B0B-2727-4811-91DC-1FC3C4E47A9B}) (Version: 10.0.60905.0 - Microsoft Corporation)
Microsoft Flight Simulator SimConnect Client v10.0.61242.0 (HKLM-x32\...\{85DF6786-66AA-42EE-8616-AE456B07BD99}) (Version: 10.0.61242.0 - Microsoft Corporation)
Microsoft Flight Simulator SimConnect Client v10.0.61259.0 (HKLM-x32\...\{D61CA184-3F6D-4A50-B2CC-7A18447D6A8D}) (Version: 10.0.61259.0 - Microsoft Corporation)
Microsoft Flight Simulator X Service Pack 2 (HKLM-x32\...\{E7CC4B85-DC2F-463F-8FEB-E7398E25C19A}) (Version: 10.0.61472.0 - Microsoft Game Studios)
Microsoft Office 2003 Web Components (HKLM-x32\...\{90120000-00A4-0409-0000-0000000FF1CE}) (Version: 12.0.6213.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office PowerPoint 2003 Template Pack 3 (HKLM-x32\...\{90AD0407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d491dd9d-2eda-4d75-b504-1a201436e7fd}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.8.2 - Notepad++ Team)
NVIDIA GeForce Experience 2.11.2.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.2.66 - NVIDIA Corporation)
NVIDIA Grafiktreiber 365.10 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 365.10 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.0.14.2148 - Electronic Arts, Inc.)
PMDG 737 6700 NGX Expansion FSX (HKLM-x32\...\{C7EE862A-D83D-4A9F-B746-CBDE39BD7001}) (Version: 1.10.6436 - PMDG Simulations, LLC.)
PMDG 737 8900 NGX Base Package FSX (HKLM-x32\...\{20708FD5-E94D-4097-A21E-E28564CDBC06}) (Version: 1.10.6436 - PMDG Simulations, LLC.)
PMDG 777-200LR/F Base Package FSX (HKLM-x32\...\{0F16340B-5B5B-4531-8D87-4952E3BCA6E6}) (Version: 1.00.5376 - PMDG Simulations, LLC.)
POSKY Boeing 757-300 Thomas Cook FSX  (HKLM\...\{2C00E146-C9E9-4EC7-9193-72CD7F8BE1C9}) (Version:  - Project OpenSky)
Qualcomm Atheros 61x4 Wireless LAN&Bluetooth Installer (HKLM-x32\...\{3241744A-BA36-41F0-B4AA-EF3946D00632}) (Version: 11.0.0.619A - Qualcomm Atheros)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.322 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.33 - Qualcomm Atheros)
RAAS Professional by FS2Crew (LOCKED) (HKLM-x32\...\RAAS Professional by FS2Crew (LOCKED)) (Version:  - )
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.39059 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7260 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.2.66 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.1.0.9134 - Microsoft Corporation)
Skype™ 7.21 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.21.100 - Skype Technologies S.A.)
SOLIDWORKS 2015 x64 Edition SP02.1 (HKLM-x32\...\SolidWorks Installation Manager 20150-40201-1100-100) (Version: 23.2.1.1 - SolidWorks Corporation)
SOLIDWORKS 2015 x64 Edition SP02.1 (Version: 23.121.1 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS 2015 x64 German Resources (Version: 23.121.1 - Dassault Systèmes SolidWorks Corp) Hidden
SOLIDWORKS Composer Player 2015 SP02.1 x64 Edition (Version: 23.21.1 - Dassault Systèmes SolidWorks Corp) Hidden
SOLIDWORKS eDrawings 2015 x64 Edition SP02.1 (Version: 15.2.0033 - Dassault Systèmes SolidWorks Corp) Hidden
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.6.81.gd359a796 - Spotify AB)
Studie zur Verbesserung von HP Officejet Pro 8620 (HKLM\...\{825BC9A9-A005-4FDB-BDE9-A4F2DF69C3B7}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
TDS Boeing 737-700 AA FSX & P3D (HKLM\...\{E07401D2-F2F3-43A9-A2D4-69CBC4E646EA}) (Version: 1 - TDS, Alejandro Rojas Lucena, repaint by G Catena, repack by Chris Evans)
TI-Nspire™ Computer Link (HKLM-x32\...\{6C5AC088-3136-4043-8985-8B0772A9580E}) (Version: 3.9.0.455 - Texas Instruments Inc.)
Unity Web Player (HKU\S-1-5-21-1020560147-1002730045-4244577835-1001\...\UnityWebPlayer) (Version: 4.6.1f1 - Unity Technologies ApS)
WestJet_L1011_Vistaliners (HKLM-x32\...\WestJet_L1011_Vistaliners) (Version:  - )
WinFACT 7 (HKLM-x32\...\{FE2A7490-32EA-47D1-BCB4-0705F73F4C24}) (Version: 7.1.1 - Ingenieurbüro Dr. Kahlert)
WinFACT 8 (HKLM-x32\...\{0F00C986-561C-4536-B62B-0EDE3475312A}) (Version: 8.1.1 - Ingenieurbüro Dr. Kahlert)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1020560147-1002730045-4244577835-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\19luigi96\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {095345C4-688F-4079-A7E9-646E5501CFE8} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe [2014-04-07] (Dolby Laboratories Inc.)
Task: {151CA8B2-F4E3-48EC-8ED0-FEBF25B57843} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {16C5EE26-5B59-493E-B0FC-9F194414028E} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {16E5994F-1799-4C07-98DD-DAF318E0B352} - System32\Tasks\CareCenter\Spotify_Reg_HKCURun_S-1-5-21-1020560147-1002730045-4244577835-1001 => C:\Users\19luigi96\AppData\Roaming\Spotify\Spotify.exe [2016-04-28] (Spotify Ltd)
Task: {1C306739-C6BB-43AB-A67F-9075A054CECB} - System32\Tasks\CareCenter\A1Servicecenter_Reg_HKLMWow6432Run => C:\Program Files (x86)\A1 Servicecenter\A1 Servicecenter\A1Servicecenter_Launcher.exe [2015-08-17] (A1)
Task: {24A3F703-3D8C-49D4-94E2-D922BAAA4E95} - System32\Tasks\CareCenter\MyPublicWiFi_Reg_HKLMWow6432Run => C:\Program Files (x86)\MyPublicWiFi\MyPublicWiFi.exe [2014-02-11] ()
Task: {287A9918-1FFF-439A-931E-4F33C1BBFAB5} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {2EB10DD2-0129-466D-BFEB-B0D7A8C3490C} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {2F5EC484-D32F-44A3-8C3F-D2DCDE515D1C} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-12] (TODO: <Company name>)
Task: {2FAFBE25-EB8D-4D43-B997-F7EABBA763AC} - System32\Tasks\HP AR Program Upload - bbd4014448154beab69eabd2dff484ea9a1134f83db9445a8f5962bbb9094fa3 => C:\Program Files\HP\HP Officejet Pro 8620\bin\HPRewards.exe [2014-07-21] (TODO: <Company name>)
Task: {316E8F1F-2948-4116-A3B2-655044092DB9} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-05-06] (Microsoft Corporation)
Task: {368B1527-D6FC-4723-844D-2F5404E73F4B} - System32\Tasks\CareCenter\OneDrive_Reg_HKCURun_S-1-5-21-1020560147-1002730045-4244577835-1001 => C:\Users\19luigi96\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2015-12-22] (Microsoft Corporation)
Task: {389A03CF-740C-479B-9933-81266E069492} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: {3A609F3E-CC0E-4CD9-AF8E-22DB3453DE39} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {3E40CF7C-3BE9-4623-AFDE-A85EC02FA468} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {506F16F9-80FE-4D47-8022-6380160D56A6} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2014-06-10] (Acer Incorporate)
Task: {53A964EB-6ABE-47AE-AF72-AE9C8AD2AA58} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-03-07] (Hewlett-Packard)
Task: {628468E4-5006-40AA-B827-467B13400D01} - System32\Tasks\HP AR Program Upload - 57425e4fc46a45bd8971d31003384695588c5414a9784f5b97518b858b6e39b0 => C:\Program Files\HP\HP Officejet Pro 8620\bin\HPRewards.exe [2014-07-21] (TODO: <Company name>)
Task: {65D5FAD8-1911-4C71-863B-4745ACB04993} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2014-06-12] (Acer Incorporated)
Task: {67C74684-5495-48F5-B4A6-207D99849A3B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {6FCD230B-43E5-4722-8EBA-832CB94353AD} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-26] (Intel Corporation)
Task: {7232FFD8-2419-4D5A-905B-9265E41A2566} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {7A84F213-DD52-43C1-B1DB-A75516F6325D} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-26] (Intel Corporation)
Task: {815B574D-9BFB-4C65-A5B7-2E875CD5D802} - System32\Tasks\{30045596-C1AF-483E-8B40-D361E19F2416} => pcalua.exe -a "C:\Program Files (x86)\Desk Pilot 1.4.3(Free)\Uninstal.exe"
Task: {85FC9005-22FC-4DF7-9ED2-9DFA1E622E9C} - System32\Tasks\HPCustParticipation HP Officejet Pro 8620 => C:\Program Files\HP\HP Officejet Pro 8620\Bin\HPCustPartic.exe [2014-07-21] (Hewlett-Packard Development Company, LP)
Task: {864E6530-D79D-47ED-9691-3A4CE093F203} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2015-09-04] (Intel Corporation)
Task: {8A3DF52A-EBB6-4DE0-8055-1F1986FD2389} - System32\Tasks\IntelTA-Upgrade-56460984-97c2-4bc7-a632-d776cf817f5d => C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2015-08-12] (Intel Corporation)
Task: {8C0F8D7E-4A32-4E32-930B-4A68D42976E3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company)
Task: {8DE24927-779F-4D77-A51F-797C06993B55} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-03-02] (Hewlett-Packard)
Task: {8FA43D7D-8305-4BF6-B3AB-A10864774E72} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {9829AB20-A0B2-4778-8B83-6E78DCB294D9} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2015-07-17] ()
Task: {9ACDEF90-0947-4924-A02B-1B3880861C7B} - System32\Tasks\IntelTA-Upgrade-56460984-97c2-4bc7-a632-d776cf817f5d-Logon => C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2015-08-12] (Intel Corporation)
Task: {9F8AF717-9D40-4CFD-AC6A-FE8C77EA0038} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-03-02] (Hewlett-Packard)
Task: {A2528674-D9BB-4FAC-983C-13D8521F2F16} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-27] (Google Inc.)
Task: {A33941DC-84E3-4B81-864D-E3D274D8BA3A} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [2015-11-25] ()
Task: {AF5014DB-C34A-4240-9EA4-80A285981216} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {B19DEFDC-32C3-4B83-A8D9-A58ECF74F840} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {B2B0346E-DB61-4B1D-88F5-9217CFBDA29A} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {C5B9A436-61E4-4F20-ABE8-98167B8861B3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-03-07] (Hewlett-Packard)
Task: {CE77B38B-3397-4A6B-A016-5104562466D2} - System32\Tasks\HPCeeScheduleFor19luigi96 => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {D0AC25E5-892D-4EF0-80C7-E2A7D1105BEE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-27] (Google Inc.)
Task: {D1F849D5-CF00-4ADB-852D-D296C8C01425} - System32\Tasks\avast! Windows 10 Start Menu helper => c:\program files\avast software\avast\asww10mon.exe
Task: {DAE0114B-CE4E-424B-8829-D3EE66AB0B50} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company)
Task: {E8AEE66B-CABA-431F-B649-E60F2AEC2567} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {EB28C1EE-FD97-47F7-9643-EF853747EFAE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-04-06] (Hewlett-Packard)
Task: {F8A7E422-ED3B-423C-B27E-56A92BB32354} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-02-12] (Piriform Ltd)
Task: {F91A08E6-1DD9-43BA-8496-45A3D24108BD} - System32\Tasks\SafeZone scheduled Autoupdate 1459710278 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe
Task: {FD133015-2D45-4501-9DCD-EED167C2FCD1} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2015-07-17] (Acer Incorporated)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleFor19luigi96.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-16 15:38 - 2015-10-16 15:38 - 00088064 _____ () C:\Program Files\Intel Corporation\Intel(R) Technology Access\libglog.dll
2016-03-15 15:42 - 2016-03-15 15:42 - 00368800 _____ () C:\Program Files\Intel Corporation\Intel(R) Technology Access\JsonCpp.dll
2014-09-24 22:34 - 2012-04-24 12:43 - 00254512 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-05-02 16:36 - 2016-04-27 14:18 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-04-13 17:45 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-13 17:45 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2014-09-24 22:38 - 2014-07-01 14:13 - 00111872 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2015-04-15 22:13 - 2015-04-15 22:13 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2015-10-14 18:03 - 2015-10-14 18:03 - 00415128 _____ () C:\WINDOWS\system32\igfxTray.exe
2015-12-22 19:27 - 2015-12-22 19:27 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-04-13 17:44 - 2016-04-02 05:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-02-12 23:13 - 2016-02-12 23:13 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2015-03-06 04:52 - 2015-03-06 04:52 - 00268280 _____ () C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\sldBodyDiffu.dll
2016-04-19 15:21 - 2016-04-19 15:21 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2015-02-03 20:42 - 2014-02-11 22:05 - 02006784 _____ () C:\Program Files (x86)\MyPublicWiFi\MyPublicWiFi.exe
2015-11-25 12:03 - 2015-11-25 12:03 - 04644256 _____ () C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
2016-04-13 17:44 - 2016-04-02 05:03 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-04-13 17:44 - 2016-04-02 04:58 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-04-13 17:44 - 2016-04-02 04:59 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-04-13 17:44 - 2016-04-02 05:02 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-09 00:18 - 2015-07-09 00:18 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\kpcengine.2.3.dll
2014-02-19 18:51 - 2014-02-19 18:51 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-03-30 21:38 - 2016-04-27 16:33 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-05-03 17:31 - 2016-04-28 01:25 - 01738904 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.94\libglesv2.dll
2016-05-03 17:31 - 2016-04-28 01:25 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.94\libegl.dll
2016-04-19 15:21 - 2016-04-19 15:21 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-19 15:21 - 2016-04-19 15:22 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2015-03-21 20:15 - 2016-04-28 09:45 - 47503472 _____ () C:\Users\19luigi96\AppData\Roaming\Spotify\libcef.dll
2015-03-21 20:15 - 2016-04-28 09:45 - 01584240 _____ () C:\Users\19luigi96\AppData\Roaming\Spotify\libglesv2.dll
2015-03-21 20:15 - 2016-04-28 09:45 - 00082032 _____ () C:\Users\19luigi96\AppData\Roaming\Spotify\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1020560147-1002730045-4244577835-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\19luigi96\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{4f4abf89-d5be-43f8-aa57-a07067ed19b8}.jpg
DNS Servers: 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\Run32: => "A1Servicecenter"
HKU\S-1-5-21-1020560147-1002730045-4244577835-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1020560147-1002730045-4244577835-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1020560147-1002730045-4244577835-1001\...\StartupApproved\Run: => "WinThrusterReminder"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{6A917514-C7A0-4C0A-8E5B-0B788E43F01B}] => (Allow) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe
FirewallRules: [{5324807F-35E2-4CDF-9A85-489A016D8A2C}] => (Allow) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe
FirewallRules: [{F23A5594-F8EC-4265-8F4E-EF462299E6CF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{DB1155D6-E3D8-43A3-9CA7-DA088A4D99AB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{1D41004B-29A3-45BA-8FC7-3ABAEFBC9901}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{EB3A5297-9517-4844-AF21-577E48779727}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C6F5281B-3A7D-4ACD-9C55-F930C5D74EC6}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Update\M2Updater.exe
FirewallRules: [{066B4EA7-04D3-4912-85AB-1999E0E8B94A}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Update\M2Updater.exe
FirewallRules: [{2F6A0DFF-D8C0-498D-8E6C-F11765997EF9}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Servicecenter\A1Servicecenter_Repair.exe
FirewallRules: [{3DCF6E61-F8AC-4998-9E68-8DACEA9B2CE4}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Servicecenter\A1Servicecenter_Repair.exe
FirewallRules: [{6B6D29A4-7466-497E-9EF0-7E458D916BCA}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Servicecenter\A1Servicecenter_Launcher.exe
FirewallRules: [{99CFD82D-6751-4075-880B-303527BB457E}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Servicecenter\A1Servicecenter_Launcher.exe
FirewallRules: [{91F9F927-B45E-4B81-B3CF-D424AAED42B1}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Bandbreiten-Optimierer\A1_Bandbreiten_Optimierer.exe
FirewallRules: [{A7502419-75AA-4723-84AE-C9E3BA6009E0}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Bandbreiten-Optimierer\A1_Bandbreiten_Optimierer.exe
FirewallRules: [{5B7761E3-1221-4CB8-B837-5A09A9B39557}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Bandbreiten-Optimierer\A1_Bandbreiten_Optimierer.exe
FirewallRules: [{D529F5DB-807F-4DF7-9326-7E19A7F120A4}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Bandbreiten-Optimierer\A1_Bandbreiten_Optimierer.exe
FirewallRules: [{4AF98E2D-AC5F-4CA2-A4E3-0EE71E5DBD0E}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Servicecenter\A1Modemkonfigurator.exe
FirewallRules: [{66C66DA1-6174-46F7-B6C3-40352D60E15F}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Servicecenter\A1Modemkonfigurator.exe
FirewallRules: [{FC3BD932-9C5B-453D-A707-DE32BE86CA51}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Breitband\A1Breitband.exe
FirewallRules: [{93604A01-43F4-4F94-B7BA-6BC1A22081DC}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Breitband\A1Breitband.exe
FirewallRules: [{1BB7C49A-7739-4203-AC9E-8F2B0EA7C099}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Servicecenter\A1Servicecenter.exe
FirewallRules: [{82C04994-9A06-4BD9-8A46-01E522E15720}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Servicecenter\A1Servicecenter.exe
FirewallRules: [{4D5A4913-5B6B-4EFD-8CAA-5846F7ACBA7A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{AFDC61D9-909A-49EC-8AAF-88B00F374682}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe
FirewallRules: [{70D4B500-7C12-4A89-B7A1-9F7B114891C2}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe
FirewallRules: [{46FAC1D2-7F28-4A9F-AA63-BA39C4A41F5E}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{4EF19973-E6C9-4FCF-A7FC-5482F1CF8EE4}] => (Allow) LPort=5357
FirewallRules: [{1E07586E-E20D-4292-AB30-103D0D05DF8D}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\Bin\DeviceSetup.exe
FirewallRules: [{3ADD2FBE-0620-4525-A66D-1C999396EF26}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\bin\SendAFax.exe
FirewallRules: [{E4DD66A3-B4FC-45FD-9FEB-5FB7DE352A0E}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\bin\DigitalWizards.exe
FirewallRules: [{ECB94716-A1B8-4A1D-A669-16E119E79DFB}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\bin\FaxApplications.exe
FirewallRules: [{AF5DD415-F5D4-4337-9C77-96E541EC7182}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Servicecenter\A1WLANAssistent.exe
FirewallRules: [{CCDC56C7-F4E3-4E43-824F-53D66E67EC98}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Servicecenter\A1WLANAssistent.exe
FirewallRules: [{2966FB4D-C583-476B-89B4-A4AFEAC95935}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{55D1DB7B-D233-4FE1-BC3A-F577037AA8D8}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{41643B2A-850F-4535-A901-ED771F215B3F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{1C4F8203-C00D-4B20-A0C0-F764E4E1A8D5}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{AAC1D531-F5A9-466C-8F7A-F3F23F2B95AB}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{45A84740-B18F-462D-A261-D87DF268DC08}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{E36A8FB2-5BE8-43AC-B5C8-F1D91C38865A}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{AE2312F9-55A7-42AA-9A57-75FEAF2C59D2}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{4486A622-D872-4DE0-8553-CCE57DA7C426}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{35CDA8E0-6EAB-4F48-862B-572F3DE82B20}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Play.exe
FirewallRules: [{976923A9-3E58-4FBC-B384-98DAB38050BA}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{4B9BD938-C3FB-4F39-BD28-144812BEEFB8}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{7F7D2BB6-1963-4C89-8C12-562A6605FAFD}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{D93C273B-7E70-4FED-A2E0-F0BCF68A2E6F}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{A39FD355-869C-4796-9E02-1DFE5B187E67}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{12B9C52F-6D9D-4F5C-B3A6-141FA47F8704}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{DB3EB6B5-C96F-4D1D-A6FA-F6E4D326D64F}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{72946402-5DF7-4F15-82C9-6F113C0B9420}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{FB2C9DD1-4CB2-49BF-9364-FC3981A2995D}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{B6583BE9-3E50-4C9B-A231-9B2CC2AA6753}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{EC414F04-0AED-4300-810C-89AA7BDDAB9A}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{0A2FC43E-725C-4C41-A337-F52CF5D91B39}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{206547CB-4A3C-4A54-BE3C-71372DF00963}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{7A69563A-386A-4831-8053-F6580D68A87D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{064257C0-DDD0-4409-BB99-A6EAA5AA14B7}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{298D2711-F92D-4465-ACDC-1AFDD46C1542}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{232343F4-83F4-4E88-8FA4-FCD183A66AA1}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{DEB10FC8-9847-4D99-8366-D27AB0C4AD86}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{1ED2BE91-C12E-4139-8841-77ECDB165A7E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{C13EBD20-B2AA-4F59-BDDB-B5F79D4358F6}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{94A62F29-2D72-481D-BC59-E1C23D5B99C5}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{9DD6069E-4A5D-493A-8D4A-6C5357E38249}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{A7BF866D-E6D0-4EFD-A156-3DBFD7C95302}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{88D7D15B-0AFD-4D09-9FFB-8AE00FC65AB0}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{A2773EF9-8623-4DDF-B128-B6D13DC5B2FB}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{703DA667-6592-40C7-BAB7-A9ABB575B1B4}] => (Allow) C:\Program Files (x86)\Seilbahn Simulator 2014\seilbahn.exe
FirewallRules: [{0502888B-F4A6-4489-9826-337ED9C4618E}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{5AFC3091-3B54-4E18-A364-5EBA33A89C01}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\photoview\photoview360.exe
FirewallRules: [{CA27BBCE-A25B-41F1-9773-6F9987835867}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\photoview\photoview360.exe
FirewallRules: [{BF900996-E9E7-4F4C-8AEC-34597E73572A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{1E9C2860-8EBD-4B39-BF26-38C29B82BF00}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{458B84B1-2A9F-4B5A-9E05-2AF9E5AE870F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{5934A5DF-01BD-42A8-A69C-31318F2058A6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{BF0F045F-BDC5-409A-BB48-234FC7128D9A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{344FDE4E-96B4-450C-8B0A-ED479EBC45A5}] => (Allow) C:\Program Files (x86)\Seilbahn Simulator 2014\seilbahn.exe
FirewallRules: [{2570D302-F8CD-4048-B7EB-BA4CCC38583F}] => (Allow) D:\Filme\MyPublicWiFi.exe
FirewallRules: [{1A0FE94A-F4D9-467D-87D9-7F11D4CACBD5}] => (Allow) D:\Filme\MyPublicWiFi.exe
FirewallRules: [{62AE5D87-28B9-4E74-B7CF-D9D22F1E728C}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{46492EC0-B40A-43A6-81FC-186FBEAE8C2D}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{35440F5C-3CD2-4390-B3A6-95D19C618EF5}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{2B90A92F-EFCC-4967-953D-2DBF0FC73150}] => (Allow) C:\Program Files (x86)\MyPublicWiFi\MyPublicWiFi.exe
FirewallRules: [{CE0E5D97-1853-4C50-A2CE-BA77E102A7A7}] => (Allow) C:\Program Files (x86)\MyPublicWiFi\MyPublicWiFi.exe
FirewallRules: [{121D9185-7036-4E77-B947-C3C2FE0F0772}] => (Allow) C:\Program Files (x86)\MyPublicWiFi\MyPublicWiFi.exe
FirewallRules: [{D0DA5429-B8DE-45E1-80E1-1E539E7587C3}] => (Allow) C:\Program Files (x86)\MyPublicWiFi\MyPublicWiFi.exe

==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (05/11/2016 08:44:47 AM) (Source: MsiInstaller) (EventID: 1002) (User: LUKAS)
Description: Nicht erwarteter oder fehlender Wert (Name: "PackageName", Wert: "") für Schlüssel "HKLM\Software\Classes\Installer\Products\D139E7FE48CDB174D86B8A3385904547\SourceList".

Error: (05/11/2016 08:44:31 AM) (Source: HP Active Health) (EventID: 2200) (User: )
Description: Agent DriverCrash threw an exception: System.NullReferenceException: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
   bei HP.ActiveHealth.Agents.DriverCrash.DriverCrashAgent.ParseMinidump(FileInfo minidumpFile)
   bei HP.ActiveHealth.Agents.DriverCrash.DriverCrashAgent.CollectNewDataClasses(FileInfo agentStateFile, IDataClassCollector dataClassColector)
   bei HP.ActiveHealth.API.DataGeneration.AgentRunner.QueryAgentDelegate(Object agentObj)

Error: (05/10/2016 11:14:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3500

Error: (05/10/2016 11:14:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3500

Error: (05/10/2016 11:14:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/10/2016 11:14:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2375

Error: (05/10/2016 11:14:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2375

Error: (05/10/2016 11:14:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/10/2016 11:14:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1234

Error: (05/10/2016 11:14:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1234


Systemfehler:
=============
Error: (05/11/2016 08:43:25 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}

Error: (05/10/2016 11:14:11 PM) (Source: DCOM) (EventID: 10010) (User: LUKAS)
Description: {0002DF02-0000-0000-C000-000000000046}

Error: (05/10/2016 11:14:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_959d3" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/10/2016 11:14:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _959d3" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/10/2016 11:14:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_959d3" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/10/2016 11:14:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_959d3" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/10/2016 11:14:10 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (05/10/2016 08:57:52 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (05/10/2016 06:03:37 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}

Error: (05/10/2016 05:54:57 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar


CodeIntegrity:
===================================
  Date: 2016-05-09 17:31:01.404
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-05-09 17:31:01.365
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-04-18 21:13:58.638
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-14 21:27:17.479
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-14 08:12:06.473
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-24 20:55:23.498
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-18 18:41:26.354
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-17 23:16:04.158
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-17 22:06:10.323
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-07 09:20:51.881
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4710HQ CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 37%
Installierter physikalischer RAM: 8115.27 MB
Verfügbarer physikalischer RAM: 5054.9 MB
Summe virtueller Speicher: 9395.27 MB
Verfügbarer virtueller Speicher: 5919.34 MB

==================== Laufwerke ================================

Drive c: (Acer) (Fixed) (Total:117.99 GB) (Free:12.27 GB) NTFS
Drive d: (DATA) (Fixed) (Total:915.33 GB) (Free:720.36 GB) NTFS
Drive f: (TRANSCEND A) (Removable) (Total:7.4 GB) (Free:0.23 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 3A122DE6)

Partition: GPT.

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 3A122D91)

Partition: GPT.

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 7.4 GB) (Disk ID: C3072E18)
Partition 1: (Not Active) - (Size=7.4 GB) - (Type=0C)

==================== Ende von Addition.txt ============================
TDSKiller-Report:

Code:
ATTFilter
09:11:32.0530 0x10ec  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
09:11:32.0530 0x10ec  UEFI system
09:11:36.0063 0x10ec  ============================================================
09:11:36.0063 0x10ec  Current date / time: 2016/05/11 09:11:36.0063
09:11:36.0063 0x10ec  SystemInfo:
09:11:36.0063 0x10ec  
09:11:36.0063 0x10ec  OS Version: 10.0.10586 ServicePack: 0.0
09:11:36.0063 0x10ec  Product type: Workstation
09:11:36.0063 0x10ec  ComputerName: LUKAS
09:11:36.0063 0x10ec  UserName: 19luigi96
09:11:36.0063 0x10ec  Windows directory: C:\WINDOWS
09:11:36.0063 0x10ec  System windows directory: C:\WINDOWS
09:11:36.0063 0x10ec  Running under WOW64
09:11:36.0063 0x10ec  Processor architecture: Intel x64
09:11:36.0063 0x10ec  Number of processors: 8
09:11:36.0063 0x10ec  Page size: 0x1000
09:11:36.0063 0x10ec  Boot type: Normal boot
09:11:36.0063 0x10ec  ============================================================
09:11:36.0162 0x10ec  KLMD registered as C:\WINDOWS\system32\drivers\12432671.sys
09:11:36.0425 0x10ec  System UUID: {DFA70C23-7619-EFFD-DF4F-31ECAC17E41E}
09:11:37.0068 0x10ec  Drive \Device\Harddisk0\DR0 - Size: 0x1DCF856000 ( 119.24 Gb ), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:11:37.0069 0x10ec  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:11:37.0071 0x10ec  Drive \Device\Harddisk2\DR3 - Size: 0x1DA6D8000 ( 7.41 Gb ), SectorSize: 0x200, Cylinders: 0x3C7, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
09:11:37.0073 0x10ec  ============================================================
09:11:37.0073 0x10ec  \Device\Harddisk0\DR0:
09:11:37.0073 0x10ec  GPT partitions:
09:11:37.0073 0x10ec  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {C6B6DAAE-710B-4126-812F-C5A1A507D748}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x12C000
09:11:37.0073 0x10ec  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {000C2AEB-615B-405F-8802-05F24130C9DC}, Name: EFI system partition, StartLBA 0x12C800, BlocksNum 0x32000
09:11:37.0073 0x10ec  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {BF8A662A-70C9-4B68-A517-7F0DC7550E82}, Name: Microsoft reserved partition, StartLBA 0x15E800, BlocksNum 0x40000
09:11:37.0073 0x10ec  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {E9471D31-8A5C-4737-BAD9-70522B114D51}, Name: Basic data partition, StartLBA 0x19E800, BlocksNum 0xEBFC800
09:11:37.0073 0x10ec  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {38BF1DA5-5700-4D1D-9F51-6D6E1752B984}, Name: , StartLBA 0xED9B000, BlocksNum 0xE1000
09:11:37.0073 0x10ec  MBR partitions:
09:11:37.0073 0x10ec  \Device\Harddisk1\DR1:
09:11:37.0074 0x10ec  GPT partitions:
09:11:37.0074 0x10ec  \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {7FFE6E93-6DA5-4CA6-A7A3-2CB43F12A380}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x726A9000
09:11:37.0074 0x10ec  \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {6D371802-ECD1-46D9-B8AE-6957DC024193}, Name: Basic data partition, StartLBA 0x726A9800, BlocksNum 0x205D000
09:11:37.0074 0x10ec  MBR partitions:
09:11:37.0074 0x10ec  \Device\Harddisk2\DR3:
09:11:37.0075 0x10ec  MBR partitions:
09:11:37.0075 0x10ec  \Device\Harddisk2\DR3\Partition1: MBR, Type 0xC, StartLBA 0x38, BlocksNum 0xED3688
09:11:37.0075 0x10ec  ============================================================
09:11:37.0076 0x10ec  C: <-> \Device\Harddisk0\DR0\Partition4
09:11:37.0146 0x10ec  D: <-> \Device\Harddisk1\DR1\Partition1
09:11:37.0146 0x10ec  ============================================================
09:11:37.0146 0x10ec  Initialize success
09:11:37.0146 0x10ec  ============================================================
09:12:07.0883 0x1ac0  ============================================================
09:12:07.0883 0x1ac0  Scan started
09:12:07.0883 0x1ac0  Mode: Manual; SigCheck; TDLFS; 
09:12:07.0883 0x1ac0  ============================================================
09:12:07.0883 0x1ac0  KSN ping started
09:12:08.0887 0x1ac0  KSN ping finished: true
09:12:11.0783 0x1ac0  ================ Scan system memory ========================
09:12:11.0783 0x1ac0  System memory - ok
09:12:11.0783 0x1ac0  ================ Scan services =============================
09:12:11.0837 0x1ac0  1394ohci - ok
09:12:11.0840 0x1ac0  3ware - ok
09:12:11.0842 0x1ac0  ACPI - ok
09:12:11.0844 0x1ac0  acpiex - ok
09:12:11.0846 0x1ac0  acpipagr - ok
09:12:11.0848 0x1ac0  AcpiPmi - ok
09:12:11.0851 0x1ac0  acpitime - ok
09:12:11.0854 0x1ac0  ADP80XX - ok
09:12:11.0857 0x1ac0  AFD - ok
09:12:11.0860 0x1ac0  agp440 - ok
09:12:11.0862 0x1ac0  ahcache - ok
09:12:11.0864 0x1ac0  AJRouter - ok
09:12:11.0866 0x1ac0  ALG - ok
09:12:11.0869 0x1ac0  AmdK8 - ok
09:12:11.0871 0x1ac0  AmdPPM - ok
09:12:11.0873 0x1ac0  amdsata - ok
09:12:11.0875 0x1ac0  amdsbs - ok
09:12:11.0877 0x1ac0  amdxata - ok
09:12:11.0880 0x1ac0  [ A74D6CCEECD8DCDE348521E6A7F3FAE3, 6CC14CFA95C98B011F017F32ED6A0CFA48A108002F605835358FFBCF21EA3C9F ] AndnetBus       C:\WINDOWS\System32\drivers\lgandnetbus64.sys
09:12:11.0909 0x1ac0  AndnetBus - ok
09:12:11.0919 0x1ac0  [ FF7DBB0CC5D0576DF07C901D8451F40A, E1AEF2856DFBBE188698EC45AD15D6D677737068D38952CD7074C9BEB4B2F023 ] AndNetDiag      C:\WINDOWS\system32\DRIVERS\lgandnetdiag64.sys
09:12:11.0928 0x1ac0  AndNetDiag - ok
09:12:11.0932 0x1ac0  [ 24B6E19D8A068992114CF4EF6BDDD63A, 1CB4EAB27D93F4352CA957548EC2FEAE91175A23F71D83E81CE324B6CCA5E118 ] ANDNetModem     C:\WINDOWS\system32\DRIVERS\lgandnetmodem64.sys
09:12:11.0952 0x1ac0  ANDNetModem - ok
09:12:11.0955 0x1ac0  AppID - ok
09:12:11.0957 0x1ac0  AppIDSvc - ok
09:12:11.0959 0x1ac0  Appinfo - ok
09:12:11.0963 0x1ac0  AppReadiness - ok
09:12:11.0965 0x1ac0  AppXSvc - ok
09:12:11.0968 0x1ac0  arcsas - ok
09:12:11.0971 0x1ac0  AsyncMac - ok
09:12:11.0973 0x1ac0  atapi - ok
09:12:11.0975 0x1ac0  athr - ok
09:12:11.0978 0x1ac0  AudioEndpointBuilder - ok
09:12:11.0980 0x1ac0  Audiosrv - ok
09:12:11.0991 0x1ac0  [ 50C3C62FFE6337E6E4F2F01CB07DF63C, CC9C7D2827E872F22A2A79D42195530F61DF6EA6A1C8F520E25DB35537574FAB ] AVP16.0.0       C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
09:12:12.0004 0x1ac0  AVP16.0.0 - ok
09:12:12.0007 0x1ac0  AxInstSV - ok
09:12:12.0009 0x1ac0  b06bdrv - ok
09:12:12.0012 0x1ac0  BasicDisplay - ok
09:12:12.0014 0x1ac0  BasicRender - ok
09:12:12.0018 0x1ac0  bcmfn - ok
09:12:12.0020 0x1ac0  bcmfn2 - ok
09:12:12.0022 0x1ac0  BDESVC - ok
09:12:12.0025 0x1ac0  Beep - ok
09:12:12.0027 0x1ac0  BFE - ok
09:12:12.0029 0x1ac0  BITS - ok
09:12:12.0040 0x1ac0  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
09:12:12.0052 0x1ac0  Bonjour Service - ok
09:12:12.0055 0x1ac0  bowser - ok
09:12:12.0057 0x1ac0  BrokerInfrastructure - ok
09:12:12.0060 0x1ac0  Browser - ok
09:12:12.0064 0x1ac0  [ 63A00CDBEB300522C49EC7CA77324060, 99CB6D37C7D898982A192AAA8DE5CE255E6FA482E19FE9032BAA7069E652F6F5 ] BrSerIb         C:\WINDOWS\system32\DRIVERS\BrSerIb.sys
09:12:12.0070 0x1ac0  BrSerIb - ok
09:12:12.0073 0x1ac0  [ BBCFD6C6EF66449F55AF1BFDB08C9B12, D6D5D408FCFFF9ED69D095948E786C08EEECD5F55905A3D8FE2BB08944C5E1F2 ] BrUsbSIb        C:\WINDOWS\system32\DRIVERS\BrUsbSIb.sys
09:12:12.0077 0x1ac0  BrUsbSIb - ok
09:12:12.0081 0x1ac0  [ AF7DEA6A0E93AF8517A310D189B656BE, 008FE5102EE6B73A8D9AFC2B0E563C6A3567167380FCEDC538278240D2AE1FD4 ] BTATH_BUS       C:\WINDOWS\system32\drivers\btath_bus.sys
09:12:12.0086 0x1ac0  BTATH_BUS - ok
09:12:12.0100 0x1ac0  [ 239A81CC18170F3369D389DA65E74342, 5E26976176A6651B149784B1ED86ECCA133B7755EBB8B04361A8DDB705767AA3 ] BtFilter        C:\WINDOWS\system32\DRIVERS\btfilter.sys
09:12:12.0113 0x1ac0  BtFilter - ok
09:12:12.0116 0x1ac0  BthA2DP - ok
09:12:12.0119 0x1ac0  BthAvrcpTg - ok
09:12:12.0122 0x1ac0  BthEnum - ok
09:12:12.0125 0x1ac0  BthHFEnum - ok
09:12:12.0128 0x1ac0  bthhfhid - ok
09:12:12.0131 0x1ac0  BthHFSrv - ok
09:12:12.0134 0x1ac0  BthLEEnum - ok
09:12:12.0136 0x1ac0  BTHMODEM - ok
09:12:12.0139 0x1ac0  BthPan - ok
09:12:12.0141 0x1ac0  BTHPORT - ok
09:12:12.0144 0x1ac0  bthserv - ok
09:12:12.0146 0x1ac0  BTHUSB - ok
09:12:12.0148 0x1ac0  buttonconverter - ok
09:12:12.0175 0x1ac0  [ DF86BED1D3EF519E33C6816A96C7BF9D, 435E61A03E1E56C7D727DE8C401B8D71BD599B188270645F66744B04A5EB27E1 ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
09:12:12.0203 0x1ac0  c2cautoupdatesvc - ok
09:12:12.0233 0x1ac0  [ 461743EB55ABCE22AA2D330552E95A3F, AFF85E1AEEF57B9F0403DE21B7BCAB356217001937B09AC3C2F8B1056E0A0605 ] c2cpnrsvc       C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
09:12:12.0265 0x1ac0  c2cpnrsvc - ok
09:12:12.0270 0x1ac0  CapImg - ok
09:12:12.0272 0x1ac0  cdfs - ok
09:12:12.0275 0x1ac0  CDPSvc - ok
09:12:12.0277 0x1ac0  cdrom - ok
09:12:12.0279 0x1ac0  CertPropSvc - ok
09:12:12.0281 0x1ac0  circlass - ok
09:12:12.0283 0x1ac0  CLFS - ok
09:12:12.0286 0x1ac0  ClipSVC - ok
09:12:12.0302 0x1ac0  CmBatt - ok
09:12:12.0311 0x1ac0  [ B2A6D2A30E93B6F215F74AC7E1733C9C, 960299F7BF2501B46296EDEA050BF30313C17A9B785574B56B79C070BD1B6E1A ] cm_km           C:\WINDOWS\system32\DRIVERS\cm_km.sys
09:12:12.0322 0x1ac0  cm_km - ok
09:12:12.0326 0x1ac0  CNG - ok
09:12:12.0328 0x1ac0  cnghwassist - ok
09:12:12.0348 0x1ac0  CompositeBus - ok
09:12:12.0351 0x1ac0  COMSysApp - ok
09:12:12.0354 0x1ac0  condrv - ok
09:12:12.0383 0x1ac0  [ B46F13958F918C00A9D3EF3B23613D8A, A5E18BFB828BA0789E17BBBD4BEF1D491EEA5F908CD7572F4B9089025CB5634B ] CoordinatorServiceHost C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe
09:12:12.0388 0x1ac0  CoordinatorServiceHost - ok
09:12:12.0391 0x1ac0  CoreMessagingRegistrar - ok
09:12:12.0429 0x1ac0  [ 700A193A1555B083E3A08F5D3A844925, 974F7F0C78289EFE821407E418EB65A022D6445DED8EA112B9866784AF0221EE ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
09:12:12.0442 0x1ac0  cphs - ok
09:12:12.0446 0x1ac0  CryptSvc - ok
09:12:12.0454 0x1ac0  dam - ok
09:12:12.0457 0x1ac0  DcomLaunch - ok
09:12:12.0459 0x1ac0  DcpSvc - ok
09:12:12.0461 0x1ac0  defragsvc - ok
09:12:12.0463 0x1ac0  DeviceAssociationService - ok
09:12:12.0465 0x1ac0  DeviceInstall - ok
09:12:12.0467 0x1ac0  DevQueryBroker - ok
09:12:12.0470 0x1ac0  Dfsc - ok
09:12:12.0472 0x1ac0  Dhcp - ok
09:12:12.0475 0x1ac0  diagnosticshub.standardcollector.service - ok
09:12:12.0477 0x1ac0  DiagTrack - ok
09:12:12.0479 0x1ac0  disk - ok
09:12:12.0481 0x1ac0  DmEnrollmentSvc - ok
09:12:12.0483 0x1ac0  dmvsc - ok
09:12:12.0486 0x1ac0  dmwappushservice - ok
09:12:12.0488 0x1ac0  Dnscache - ok
09:12:12.0491 0x1ac0  dot3svc - ok
09:12:12.0493 0x1ac0  DPS - ok
09:12:12.0501 0x1ac0  [ F8D8AD4CEE8949878B24CFC06F09B5B9, 0EEDDE26912926A8C8D4BA43F3D50D587F6CA115CAB05D9E06AC2249A0CC3DE6 ] DraftSight API Service C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe
09:12:12.0509 0x1ac0  DraftSight API Service - detected UnsignedFile.Multi.Generic ( 1 )
09:12:14.0540 0x1ac0  DraftSight API Service ( UnsignedFile.Multi.Generic ) - warning
09:12:15.0534 0x1ac0  drmkaud - ok
09:12:15.0536 0x1ac0  DsmSvc - ok
09:12:15.0539 0x1ac0  DsSvc - ok
09:12:15.0541 0x1ac0  DXGKrnl - ok
09:12:15.0543 0x1ac0  Eaphost - ok
09:12:15.0545 0x1ac0  ebdrv - ok
09:12:15.0547 0x1ac0  EFS - ok
09:12:15.0550 0x1ac0  EhStorClass - ok
09:12:15.0553 0x1ac0  EhStorTcgDrv - ok
09:12:15.0555 0x1ac0  embeddedmode - ok
09:12:15.0557 0x1ac0  EntAppSvc - ok
09:12:15.0611 0x1ac0  [ F800FEA3F6865E506AC2B218F25F1E38, 25E8EE3D009D52EDEF9F67587EA8E9E0FFD6094F3971B9470B0A7AC018AD469D ] ePowerSvc       C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
09:12:15.0656 0x1ac0  ePowerSvc - ok
09:12:15.0660 0x1ac0  epp - ok
09:12:15.0662 0x1ac0  ErrDev - ok
09:12:15.0667 0x1ac0  EventSystem - ok
09:12:15.0669 0x1ac0  exfat - ok
09:12:15.0671 0x1ac0  fastfat - ok
09:12:15.0673 0x1ac0  Fax - ok
09:12:15.0675 0x1ac0  fdc - ok
09:12:15.0677 0x1ac0  fdPHost - ok
09:12:15.0679 0x1ac0  FDResPub - ok
09:12:15.0681 0x1ac0  fhsvc - ok
09:12:15.0683 0x1ac0  FileCrypt - ok
09:12:15.0686 0x1ac0  FileInfo - ok
09:12:15.0688 0x1ac0  Filetrace - ok
09:12:15.0709 0x1ac0  [ 00EDB531DFB127197D625204B138269B, 0CE6536344CE30F06C6CD04BEB202C935B10439200B9CE792B4440D2EE3CB9D9 ] FlexNet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
09:12:15.0730 0x1ac0  FlexNet Licensing Service - ok
09:12:15.0757 0x1ac0  [ 668D43EFEB7F129584100CF6320E8A6F, 093254127A63420F93001BA63CF323AA4C17A38914D5B991E31F3B8C1971E9D7 ] FlexNet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
09:12:15.0783 0x1ac0  FlexNet Licensing Service 64 - ok
09:12:15.0786 0x1ac0  flpydisk - ok
09:12:15.0789 0x1ac0  FltMgr - ok
09:12:15.0791 0x1ac0  FontCache - ok
09:12:15.0794 0x1ac0  FontCache3.0.0.0 - ok
09:12:15.0797 0x1ac0  FsDepends - ok
09:12:15.0799 0x1ac0  Fs_Rec - ok
09:12:15.0801 0x1ac0  fvevol - ok
09:12:15.0803 0x1ac0  gagp30kx - ok
09:12:15.0806 0x1ac0  gencounter - ok
09:12:15.0808 0x1ac0  genericusbfn - ok
09:12:15.0830 0x1ac0  [ 154651F84794535631970749476B53E6, 62D94A36133EB1E1E403159619362E77B34BBE55282A6EE53E503E6DF6A9839E ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
09:12:15.0852 0x1ac0  GfExperienceService - ok
09:12:15.0856 0x1ac0  GPIOClx0101 - ok
09:12:15.0858 0x1ac0  gpsvc - ok
09:12:15.0860 0x1ac0  GpuEnergyDrv - ok
09:12:15.0865 0x1ac0  [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:12:15.0872 0x1ac0  gupdate - ok
09:12:15.0876 0x1ac0  [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:12:15.0882 0x1ac0  gupdatem - ok
09:12:15.0886 0x1ac0  [ 7F79205B4EFA98F0767309479C8C01C6, 4B576903A83F33A8CF31D3887144A3D51C56D1187115C83AC99C0E9F6B4BF128 ] Hamachi         C:\WINDOWS\system32\DRIVERS\Hamdrv.sys
09:12:15.0897 0x1ac0  Hamachi - ok
09:12:15.0938 0x1ac0  [ BDC536D4D5280451E12842DEAF7717E5, 7103AC074E2DD1B90FD88DF24E6503E7A6643768A5E43933AA995BE58EE5541E ] Hamachi2Svc     C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
09:12:15.0980 0x1ac0  Hamachi2Svc - ok
09:12:15.0986 0x1ac0  HDAudBus - ok
09:12:15.0988 0x1ac0  HidBatt - ok
09:12:15.0990 0x1ac0  HidBth - ok
09:12:15.0993 0x1ac0  hidi2c - ok
09:12:15.0995 0x1ac0  hidinterrupt - ok
09:12:15.0997 0x1ac0  HidIr - ok
09:12:15.0999 0x1ac0  hidserv - ok
09:12:16.0001 0x1ac0  HidUsb - ok
09:12:16.0004 0x1ac0  HomeGroupListener - ok
09:12:16.0006 0x1ac0  HomeGroupProvider - ok
09:12:16.0008 0x1ac0  HpSAMD - ok
09:12:16.0011 0x1ac0  [ 2C884CBC1CC8804B771C845CD683BA84, 4BDCD012AB9D2ED0A2831BB01F77DB47B83565527C4964CA7BE6FC66917AC265 ] HPSupportSolutionsFrameworkService C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
09:12:16.0018 0x1ac0  HPSupportSolutionsFrameworkService - ok
09:12:16.0021 0x1ac0  HTTP - ok
09:12:16.0023 0x1ac0  hwpolicy - ok
09:12:16.0025 0x1ac0  hyperkbd - ok
09:12:16.0028 0x1ac0  i8042prt - ok
09:12:16.0030 0x1ac0  iai2c - ok
09:12:16.0032 0x1ac0  iaLPSS2i_I2C - ok
09:12:16.0034 0x1ac0  iaLPSSi_GPIO - ok
09:12:16.0042 0x1ac0  iaLPSSi_I2C - ok
09:12:16.0049 0x1ac0  iaStorAV - ok
09:12:16.0052 0x1ac0  iaStorV - ok
09:12:16.0054 0x1ac0  ibbus - ok
09:12:16.0056 0x1ac0  icssvc - ok
09:12:16.0059 0x1ac0  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
09:12:16.0065 0x1ac0  IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
09:12:17.0055 0x1ac0  Detect skipped due to KSN trusted
09:12:17.0055 0x1ac0  IDriverT - ok
09:12:17.0057 0x1ac0  IEEtwCollectorService - ok
09:12:17.0154 0x1ac0  [ 548712979B0BA12ECE2D8549797593D4, 6809412A76DE30C914A65BB8546E436AD540E00610D5D13FDE486C4446E95C24 ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
09:12:17.0254 0x1ac0  igfx - ok
09:12:17.0270 0x1ac0  [ BA1BA1C9E40BCEB88678747C1E7C256F, C85CC690D353FCEBFD243304C25EEAA2BC13DB1E2A4C8C65371F455511540959 ] igfxCUIService2.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
09:12:17.0283 0x1ac0  igfxCUIService2.0.0.0 - ok
09:12:17.0286 0x1ac0  IKEEXT - ok
09:12:17.0290 0x1ac0  [ FC7C456AF9B9811499EDBD10616832EE, CA2D8B0E672D3AE449C2FF0B9E142D74E8C72FD877D11162A9F7CC51AF58220F ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
09:12:17.0295 0x1ac0  intaud_WaveExtensible - ok
09:12:17.0356 0x1ac0  [ C0A462BA7E9A07EFBD3571740F8D0145, 79AA2136EEBD07F5B66F177C64CA9B887A11DC777EDF5D1797C64611129FD32F ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
09:12:17.0422 0x1ac0  IntcAzAudAddService - ok
09:12:17.0437 0x1ac0  [ 42777B7BE4946135578E5C3BC1D2E4AD, CE4FF334238D0A98139676420E770A42DC0F5567F49D618B56CD55417F556D05 ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
09:12:17.0450 0x1ac0  IntcDAud - ok
09:12:17.0468 0x1ac0  [ 4C17F57E43645E75800E9E84787E34E5, 6A1531D97462BA3B3DBDAD472AF15B717C958AA8C5CE2373DE0B2A41C35BE33E ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
09:12:17.0486 0x1ac0  Intel(R) Capability Licensing Service TCP IP Interface - ok
09:12:17.0492 0x1ac0  [ 2390C395882F7773AB7D6CC2547B41DE, 220EBA14BC4A686ED9879D27900AD66ACD937899759A4319297E0F15DFAB247C ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
09:12:17.0498 0x1ac0  Intel(R) ME Service - ok
09:12:17.0502 0x1ac0  [ 4E8816C659026539CF740EEC006F32D5, 3CA822F6659CD701122DBAFF3568B5B7E7415BEE340B56E7C4A8E672EFADDEFF ] Intel(R) TA SAM C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe
09:12:17.0508 0x1ac0  Intel(R) TA SAM - ok
09:12:17.0515 0x1ac0  [ A10C371176065BC0D7CAC5389C9D73C9, 7071646D336DC077ADABC6609E145B53799B3AC3DCF5DCC23CE1F58511A05F7D ] Intel(R) TechnologyAccessLegacyCSLoader C:\Program Files\Intel Corporation\Intel(R) Technology Access\LegacyCsLoaderService.exe
09:12:17.0523 0x1ac0  Intel(R) TechnologyAccessLegacyCSLoader - ok
09:12:17.0534 0x1ac0  [ B926D92B9C6E1055FE8C1BF55AAED770, 6BD1580C4DCE535427C306B582279DB9094C68704BC17B98EBC4F509E63FEAC6 ] Intel(R) TechnologyAccessService C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe
09:12:17.0546 0x1ac0  Intel(R) TechnologyAccessService - ok
09:12:17.0549 0x1ac0  intelide - ok
09:12:17.0551 0x1ac0  intelpep - ok
09:12:17.0554 0x1ac0  intelppm - ok
09:12:17.0556 0x1ac0  IoQos - ok
09:12:17.0558 0x1ac0  IpFilterDriver - ok
09:12:17.0560 0x1ac0  iphlpsvc - ok
09:12:17.0562 0x1ac0  IPMIDRV - ok
09:12:17.0564 0x1ac0  IPNAT - ok
09:12:17.0566 0x1ac0  IRENUM - ok
09:12:17.0569 0x1ac0  isapnp - ok
09:12:17.0571 0x1ac0  iScsiPrt - ok
09:12:17.0577 0x1ac0  [ 16B5B394028D8ED80A569123A38DC4F7, 19839364B7A48584615F0ED56D94AB6E6F8159EAD826605F74C73845CE2C5C12 ] iumsvc          C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
09:12:17.0585 0x1ac0  iumsvc - ok
09:12:17.0589 0x1ac0  [ A90C843F4FDD7A07129BA73C6BE13976, A76DEA9F09E3B2F18D3B646A0DD39E2773EC62E2F3C55421BA61C12190D78C1C ] iwdbus          C:\WINDOWS\System32\drivers\iwdbus.sys
09:12:17.0594 0x1ac0  iwdbus - ok
09:12:17.0598 0x1ac0  [ BDC9C7931DB723CB1AF9F7075EA06645, EEBD5DC9C4656F14F8F0A0A5E84657B6B2BA35283E0E571119DA82F131D5C21B ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
09:12:17.0604 0x1ac0  jhi_service - ok
09:12:17.0607 0x1ac0  k57nd60a - ok
09:12:17.0609 0x1ac0  kbdclass - ok
09:12:17.0615 0x1ac0  kbdhid - ok
09:12:17.0625 0x1ac0  kdnic - ok
09:12:17.0627 0x1ac0  KeyIso - ok
09:12:17.0638 0x1ac0  [ BEE1682DA217A4AD46C36896769AA580, 4D853D78E459F7BFE4F4217FCAD47CDACFAC19C2F6CF8261FBAA46BDB387FFDC ] kl1             C:\WINDOWS\system32\DRIVERS\kl1.sys
09:12:17.0650 0x1ac0  kl1 - ok
09:12:17.0654 0x1ac0  [ 86F40D79CE80ACBE6BEBAC8CE89D75A0, 8B800425160D1AF3C32EF7B5CA794658EE09CD3EE782473D8D38E1C7706076B3 ] klbackupdisk    C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys
09:12:17.0660 0x1ac0  klbackupdisk - ok
09:12:17.0664 0x1ac0  [ 2B4BC41223326FF440E2DB32B9239138, E95D5BB3388D6B219A4C175D5DA77CEB620A27A13F5AA4E7E2C05694B6E26947 ] klbackupflt     C:\WINDOWS\system32\DRIVERS\klbackupflt.sys
09:12:17.0670 0x1ac0  klbackupflt - ok
09:12:17.0674 0x1ac0  [ 80D7529E1CF09261FADF55E69EFDA90B, 2FE5EC38866E12D78AE3F4AD8CF647BDED616E8A36D9D737F9B6564DDA4685E7 ] kldisk          C:\WINDOWS\system32\DRIVERS\kldisk.sys
09:12:17.0681 0x1ac0  kldisk - ok
09:12:17.0685 0x1ac0  [ E2097C8F18F1E8E3B7D09F12B51843A3, 0506A99BD0962AAE64692BD7F080DB080F8B678DC59685CF22830A47B486430C ] klelam          C:\WINDOWS\system32\DRIVERS\klelam.sys
09:12:17.0694 0x1ac0  klelam - ok
09:12:17.0700 0x1ac0  [ BACE50477C184A3AA0755702C23B8B27, 5708A1B7C22702AD2E5DD4491A911A51D2FB768E46857639C0C5D8736E487D0F ] klflt           C:\WINDOWS\system32\DRIVERS\klflt.sys
09:12:17.0708 0x1ac0  klflt - ok
09:12:17.0725 0x1ac0  [ 0698A6918DAF5B1710F5A5170C34FC03, 15CBA4089950812A5815D7517B6C25959A793A55A66F8AA6746618D42A849351 ] klhk            C:\WINDOWS\system32\DRIVERS\klhk.sys
09:12:17.0733 0x1ac0  klhk - ok
09:12:17.0753 0x1ac0  [ 3DC953B77F13031C7763464FC0AD1E71, B0142B8A9FB5889D7F76E16EA26F1EA9BC7F1770226CD139B3C932671EBD802B ] KLIF            C:\WINDOWS\system32\DRIVERS\klif.sys
09:12:17.0773 0x1ac0  KLIF - ok
09:12:17.0777 0x1ac0  [ E62321376344231F5F488758ACC6D553, 1155C1FDD5C95B05EABBD4268A7D3FFF050D0C0921B61226179C312605AB46C3 ] KLIM6           C:\WINDOWS\system32\DRIVERS\klim6.sys
09:12:17.0782 0x1ac0  KLIM6 - ok
09:12:17.0788 0x1ac0  [ DAE5768E6FD34A36E3B9D1AF1FCA682B, 24DA0B71E3B4AC0FABEE0BF687DF8D35283DBF808CA3AB6F86E72B37471F6B33 ] klkbdflt        C:\WINDOWS\system32\DRIVERS\klkbdflt.sys
09:12:17.0802 0x1ac0  klkbdflt - ok
09:12:17.0805 0x1ac0  [ FD47C92A63B6EADEA830BFA96C06EAEE, C15C39B6FA53CBD01A2F95243845C4B706B4229F8FFB75C7128819B9CEE5B2CB ] klmouflt        C:\WINDOWS\system32\DRIVERS\klmouflt.sys
09:12:17.0811 0x1ac0  klmouflt - ok
09:12:17.0814 0x1ac0  [ F610F5F17BC87D61EF8954CCD793BAE4, A77FE26B4A474FE799C3D569BDD7858319C57FC14C1BB43ECFAB1FDB19AF5DC6 ] klpd            C:\WINDOWS\system32\DRIVERS\klpd.sys
09:12:17.0820 0x1ac0  klpd - ok
09:12:17.0824 0x1ac0  [ 26D3895A519220E94D241A8858D40CD9, CBDE2B937D2897FC2F356F73D983023F7CBE3C9E8A2873877E5CAF40F3D9A680 ] klwfp           C:\WINDOWS\system32\DRIVERS\klwfp.sys
09:12:17.0830 0x1ac0  klwfp - ok
09:12:17.0834 0x1ac0  [ 91234D71CEED29F2DBA16942CABDCA4F, 5D71BAC86C33BC77EEBF1ECB8F372DFE631991E4C5F36EAF0C8C957150BD6D52 ] Klwtp           C:\WINDOWS\system32\DRIVERS\klwtp.sys
09:12:17.0841 0x1ac0  Klwtp - ok
09:12:17.0847 0x1ac0  [ 1686DE8288052316EFDD49EEA8929065, AD43D6ACCD8693BD76F218E1A4EE088BA061C1309A3E7DAA7EC94D875985D895 ] kneps           C:\WINDOWS\system32\DRIVERS\kneps.sys
09:12:17.0855 0x1ac0  kneps - ok
09:12:17.0857 0x1ac0  KSecDD - ok
09:12:17.0859 0x1ac0  KSecPkg - ok
09:12:17.0862 0x1ac0  ksthunk - ok
09:12:17.0864 0x1ac0  KtmRm - ok
09:12:17.0866 0x1ac0  LanmanServer - ok
09:12:17.0869 0x1ac0  LanmanWorkstation - ok
09:12:17.0872 0x1ac0  lfsvc - ok
09:12:17.0874 0x1ac0  LicenseManager - ok
09:12:17.0876 0x1ac0  lltdio - ok
09:12:17.0879 0x1ac0  lltdsvc - ok
09:12:17.0881 0x1ac0  [ 4ACC60B4CBC911F3F34A1D66213BBBF5, C09A87ACAE0D41FD425BAF076FFE9B601DB89BB66199E5BD72FC59C6A8E449DB ] LMDriver        C:\WINDOWS\System32\drivers\LMDriver.sys
09:12:17.0886 0x1ac0  LMDriver - ok
09:12:17.0889 0x1ac0  lmhosts - ok
09:12:17.0898 0x1ac0  [ D6BF6FD055BD719F3D62E51B90857159, A7777D18E404164B4DA531AD94D2A712D9CC6A9288795B7388037752A558E96F ] LMIGuardianSvc  C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
09:12:17.0908 0x1ac0  LMIGuardianSvc - ok
09:12:17.0918 0x1ac0  [ A7D2A96187E5C5F4F7650900A15788AA, F131C3E8206A89A9244ECF2507F4FC1A8550E594A58F75338939A54C973078AF ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
09:12:17.0928 0x1ac0  LMS - ok
09:12:17.0939 0x1ac0  [ 5059A4211317A8272F53B6179BB6A631, A2EB1BE89520A34597373635503A751B37B8EFD95820B4CAA1CE9A68A471AF73 ] LMSvc           C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
09:12:17.0950 0x1ac0  LMSvc - ok
09:12:17.0954 0x1ac0  LSI_SAS - ok
09:12:17.0956 0x1ac0  LSI_SAS2i - ok
09:12:17.0958 0x1ac0  LSI_SAS3i - ok
09:12:17.0960 0x1ac0  LSI_SSS - ok
09:12:17.0964 0x1ac0  LSM - ok
09:12:17.0966 0x1ac0  luafv - ok
09:12:17.0968 0x1ac0  MapsBroker - ok
09:12:17.0976 0x1ac0  [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy   C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
09:12:17.0983 0x1ac0  MBAMSwissArmy - ok
09:12:17.0987 0x1ac0  megasas - ok
09:12:17.0989 0x1ac0  megasr - ok
09:12:17.0993 0x1ac0  [ AFEA4FAABCE6F0C299E9231FF4F466BE, BCF0C50F02C4AC2784139935F3756F5C4D24FCAF07ACD9567B87991A9D1F16DB ] MEIx64          C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys
09:12:18.0000 0x1ac0  MEIx64 - ok
09:12:18.0004 0x1ac0  MessagingService - ok
09:12:18.0046 0x1ac0  mlx4_bus - ok
09:12:18.0049 0x1ac0  MMCSS - ok
09:12:18.0051 0x1ac0  Modem - ok
09:12:18.0053 0x1ac0  monitor - ok
09:12:18.0055 0x1ac0  mouclass - ok
09:12:18.0058 0x1ac0  mouhid - ok
09:12:18.0059 0x1ac0  mountmgr - ok
09:12:18.0062 0x1ac0  mpsdrv - ok
09:12:18.0064 0x1ac0  MpsSvc - ok
09:12:18.0066 0x1ac0  MRxDAV - ok
09:12:18.0068 0x1ac0  mrxsmb - ok
09:12:18.0072 0x1ac0  mrxsmb10 - ok
09:12:18.0074 0x1ac0  mrxsmb20 - ok
09:12:18.0077 0x1ac0  MsBridge - ok
09:12:18.0079 0x1ac0  MSDTC - ok
09:12:18.0083 0x1ac0  Msfs - ok
09:12:18.0086 0x1ac0  msgpiowin32 - ok
09:12:18.0088 0x1ac0  mshidkmdf - ok
09:12:18.0090 0x1ac0  mshidumdf - ok
09:12:18.0092 0x1ac0  msisadrv - ok
09:12:18.0094 0x1ac0  MSiSCSI - ok
09:12:18.0096 0x1ac0  msiserver - ok
09:12:18.0099 0x1ac0  MSKSSRV - ok
09:12:18.0100 0x1ac0  MsLldp - ok
09:12:18.0103 0x1ac0  MSPCLOCK - ok
09:12:18.0105 0x1ac0  MSPQM - ok
09:12:18.0107 0x1ac0  MsRPC - ok
09:12:18.0111 0x1ac0  mssmbios - ok
09:12:18.0112 0x1ac0  MSTEE - ok
09:12:18.0115 0x1ac0  MTConfig - ok
09:12:18.0117 0x1ac0  Mup - ok
09:12:18.0122 0x1ac0  mvumis - ok
09:12:18.0133 0x1ac0  NativeWifiP - ok
09:12:18.0135 0x1ac0  NcaSvc - ok
09:12:18.0138 0x1ac0  NcbService - ok
09:12:18.0140 0x1ac0  NcdAutoSetup - ok
09:12:18.0142 0x1ac0  ndfltr - ok
09:12:18.0144 0x1ac0  NDIS - ok
09:12:18.0146 0x1ac0  NdisCap - ok
09:12:18.0149 0x1ac0  NdisImPlatform - ok
09:12:18.0153 0x1ac0  [ 93052B06C5E4F33B0A459DD3CDA0E8D4, 3A3C8D8F5D733E4E7D44DB026DDE88A1C117A9AA5275C42A5B16CE1EBE8CE908 ] ndisrd          C:\WINDOWS\system32\DRIVERS\ndisrfl.sys
09:12:18.0159 0x1ac0  ndisrd - ok
09:12:18.0162 0x1ac0  NdisTapi - ok
09:12:18.0164 0x1ac0  Ndisuio - ok
09:12:18.0166 0x1ac0  NdisVirtualBus - ok
09:12:18.0168 0x1ac0  NdisWan - ok
09:12:18.0170 0x1ac0  ndiswanlegacy - ok
09:12:18.0173 0x1ac0  ndproxy - ok
09:12:18.0175 0x1ac0  Ndu - ok
09:12:18.0177 0x1ac0  NetBIOS - ok
09:12:18.0180 0x1ac0  NetBT - ok
09:12:18.0182 0x1ac0  Netlogon - ok
09:12:18.0184 0x1ac0  Netman - ok
09:12:18.0187 0x1ac0  netprofm - ok
09:12:18.0189 0x1ac0  NetSetupSvc - ok
09:12:18.0192 0x1ac0  [ 3C3FEBD9D5CA88A92B8BCA720218D0BD, 394E9A4A9003F729B22C49FB4D63EFD044DF5263782500EB9DBB09BCC4884A41 ] NetTap630       C:\WINDOWS\system32\DRIVERS\nettap630.sys
09:12:18.0199 0x1ac0  NetTap630 - ok
09:12:18.0207 0x1ac0  NetTcpPortSharing - ok
09:12:18.0216 0x1ac0  NgcCtnrSvc - ok
09:12:18.0219 0x1ac0  NgcSvc - ok
09:12:18.0221 0x1ac0  NlaSvc - ok
09:12:18.0223 0x1ac0  Npfs - ok
09:12:18.0225 0x1ac0  npsvctrig - ok
09:12:18.0227 0x1ac0  nsi - ok
09:12:18.0229 0x1ac0  nsiproxy - ok
09:12:18.0232 0x1ac0  NTFS - ok
09:12:18.0234 0x1ac0  Null - ok
09:12:18.0422 0x1ac0  [ B5F9DEF00388F66891E4808DE6974048, 11EA5FD0A92D31A9627CB211C1109E4F716CEC3AC8AD8104B5700227E2F159E7 ] nvlddmkm        C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
09:12:18.0622 0x1ac0  nvlddmkm - ok
09:12:18.0665 0x1ac0  [ D2D76544A26DB7819CBDFC1F4A995B65, 528B529C21B2B9E580F15781918B302378CFAA1111F347ADE40476C484C2FA66 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
09:12:18.0698 0x1ac0  NvNetworkService - ok
09:12:18.0703 0x1ac0  nvraid - ok
09:12:18.0710 0x1ac0  nvstor - ok
09:12:18.0718 0x1ac0  [ 86893B821E35433759EBD7D21B56B42E, 4979D7F4B41AEA1CF693076D9574CE44ABE8F2584C7383510CB95EF324E70553 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
09:12:18.0722 0x1ac0  NvStreamKms - ok
09:12:18.0778 0x1ac0  [ 6917C4B6633B3F0BFAC3DB20011126A8, EE91CCA7453F749258B9EB884D4FDD4BFC32119EB69DD62D9961642233805522 ] NvStreamNetworkSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
09:12:18.0838 0x1ac0  NvStreamNetworkSvc - ok
09:12:18.0889 0x1ac0  [ 871DF38D1C791031988AC1932D6499FF, BCE58D69BB0D785787BA684F75F75D2F23E65037CAD6A70DBA5B91508DD90256 ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
09:12:18.0933 0x1ac0  NvStreamSvc - ok
09:12:18.0958 0x1ac0  [ 1542254423FBB8BE196856CCF1BDFD7B, D820DF2D0FFAF5198C92011503E2B1E0711B147DA6D95C4538989E13C63B73F5 ] nvsvc           C:\WINDOWS\system32\nvvsvc.exe
09:12:18.0986 0x1ac0  nvsvc - ok
09:12:18.0990 0x1ac0  [ 0BAF8B3DF77EFF04CC0BEA5F2C3657F9, 8E7A542E20416835F31B8648B5724446A78609C0ACC26FCC20E885CF83BE9CB2 ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
09:12:18.0996 0x1ac0  nvvad_WaveExtensible - ok
09:12:18.0999 0x1ac0  nv_agp - ok
09:12:19.0001 0x1ac0  OneSyncSvc - ok
09:12:19.0080 0x1ac0  [ 4F2ED8FB21F127DC1FA98D4CA2279E75, 96DB5DF9C55757EB2F761309036F87D8C55BAB2851FBB716A02A9248712CB13A ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
09:12:19.0114 0x1ac0  Origin Client Service - ok
09:12:19.0127 0x1ac0  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:12:19.0139 0x1ac0  ose - ok
09:12:19.0216 0x1ac0  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
09:12:19.0298 0x1ac0  osppsvc - ok
09:12:19.0307 0x1ac0  p2pimsvc - ok
09:12:19.0315 0x1ac0  p2psvc - ok
09:12:19.0320 0x1ac0  Parport - ok
09:12:19.0322 0x1ac0  partmgr - ok
09:12:19.0324 0x1ac0  PcaSvc - ok
09:12:19.0327 0x1ac0  pci - ok
09:12:19.0329 0x1ac0  pciide - ok
09:12:19.0331 0x1ac0  pcmcia - ok
09:12:19.0333 0x1ac0  pcw - ok
09:12:19.0336 0x1ac0  pdc - ok
09:12:19.0344 0x1ac0  PEAUTH - ok
09:12:19.0350 0x1ac0  percsas2i - ok
09:12:19.0353 0x1ac0  percsas3i - ok
09:12:19.0393 0x1ac0  PerfHost - ok
09:12:19.0398 0x1ac0  PhoneSvc - ok
09:12:19.0402 0x1ac0  PimIndexMaintenanceSvc - ok
09:12:19.0484 0x1ac0  pla - ok
09:12:19.0492 0x1ac0  PlugPlay - ok
09:12:19.0498 0x1ac0  PNRPAutoReg - ok
09:12:19.0501 0x1ac0  PNRPsvc - ok
09:12:19.0507 0x1ac0  PolicyAgent - ok
09:12:19.0516 0x1ac0  Power - ok
09:12:19.0521 0x1ac0  PptpMiniport - ok
09:12:19.0594 0x1ac0  [ 959F94AD1255BC749884EDDD14EC29C4, 2CD6DA9778EA36FA0B4080F6DB1C634712238E014E47546403CD3CDB35A1DCA8 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
09:12:19.0690 0x1ac0  PrintNotify - ok
09:12:19.0696 0x1ac0  Processor - ok
09:12:19.0704 0x1ac0  ProfSvc - ok
09:12:19.0710 0x1ac0  Psched - ok
09:12:19.0720 0x1ac0  [ 2ACAB8C99FFCB2555A5979944D26EB50, BA0543FEBFCB50A7A379D695F110DB0C6CB5AA299D3C517FE270635044F00BFA ] QASvc           C:\Program Files\Acer\Acer Quick Access\QASvc.exe
09:12:19.0730 0x1ac0  QASvc - ok
09:12:19.0738 0x1ac0  QWAVE - ok
09:12:19.0746 0x1ac0  QWAVEdrv - ok
09:12:19.0756 0x1ac0  [ 6A52182919E25FB56D253D389F92CE98, AE6497D5CF324CB813248ADECB0F53E5CB3D6C326774E2257319E4CE7782C591 ] RadioShim       C:\WINDOWS\System32\drivers\RadioShim.sys
09:12:19.0764 0x1ac0  RadioShim - ok
09:12:19.0771 0x1ac0  RasAcd - ok
09:12:19.0779 0x1ac0  RasAgileVpn - ok
09:12:19.0781 0x1ac0  RasAuto - ok
09:12:19.0789 0x1ac0  Rasl2tp - ok
09:12:19.0796 0x1ac0  RasMan - ok
09:12:19.0799 0x1ac0  RasPppoe - ok
09:12:19.0801 0x1ac0  RasSstp - ok
09:12:19.0807 0x1ac0  rdbss - ok
09:12:19.0816 0x1ac0  rdpbus - ok
09:12:19.0818 0x1ac0  RDPDR - ok
09:12:19.0822 0x1ac0  RdpVideoMiniport - ok
09:12:19.0824 0x1ac0  rdyboost - ok
09:12:19.0826 0x1ac0  ReFSv1 - ok
09:12:19.0829 0x1ac0  RemoteAccess - ok
09:12:19.0831 0x1ac0  RemoteRegistry - ok
09:12:19.0835 0x1ac0  RetailDemo - ok
09:12:19.0844 0x1ac0  RFCOMM - ok
09:12:19.0859 0x1ac0  [ 41DDCF1ADD1FB7DE23DCF671740DDBE6, 87ECB5C883CEFF76D126A5B4D92E069C9298FA5B62CC981870F9ECCA13C074F1 ] RichVideo       C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
09:12:19.0873 0x1ac0  RichVideo - ok
09:12:19.0891 0x1ac0  [ 858DB87C457D2B44DDEF876B170AAACE, E59D06DCBD94573A89D98B58C46A3DA0AD115831D2A0FBD2F7940A6694504A28 ] RMSvc           C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
09:12:19.0902 0x1ac0  RMSvc - ok
09:12:19.0912 0x1ac0  RpcEptMapper - ok
09:12:19.0917 0x1ac0  RpcLocator - ok
09:12:19.0924 0x1ac0  RpcSs - ok
09:12:19.0932 0x1ac0  rspndr - ok
09:12:19.0952 0x1ac0  [ 3940780911A7BD1793B7CEEC9E4429C2, 539511D26D2EE348F80D9EFA414FD731983B14D8218E498217E7A0A0E439E41C ] RTSUER          C:\WINDOWS\system32\Drivers\RtsUer.sys
09:12:19.0967 0x1ac0  RTSUER - ok
09:12:19.0975 0x1ac0  s3cap - ok
09:12:19.0984 0x1ac0  SamSs - ok
09:12:19.0991 0x1ac0  sbp2port - ok
09:12:19.0999 0x1ac0  SCardSvr - ok
09:12:20.0001 0x1ac0  ScDeviceEnum - ok
09:12:20.0008 0x1ac0  scfilter - ok
09:12:20.0016 0x1ac0  Schedule - ok
09:12:20.0019 0x1ac0  SCPolicySvc - ok
09:12:20.0027 0x1ac0  sdbus - ok
09:12:20.0033 0x1ac0  SDRSVC - ok
09:12:20.0038 0x1ac0  sdstor - ok
09:12:20.0046 0x1ac0  seclogon - ok
09:12:20.0051 0x1ac0  SENS - ok
09:12:20.0053 0x1ac0  SensorDataService - ok
09:12:20.0058 0x1ac0  SensorService - ok
09:12:20.0066 0x1ac0  SensrSvc - ok
09:12:20.0071 0x1ac0  SerCx - ok
09:12:20.0073 0x1ac0  SerCx2 - ok
09:12:20.0077 0x1ac0  Serenum - ok
09:12:20.0085 0x1ac0  Serial - ok
09:12:20.0090 0x1ac0  sermouse - ok
09:12:20.0100 0x1ac0  SessionEnv - ok
09:12:20.0108 0x1ac0  sfloppy - ok
09:12:20.0110 0x1ac0  SharedAccess - ok
09:12:20.0114 0x1ac0  ShellHWDetection - ok
09:12:20.0116 0x1ac0  SiSRaid2 - ok
09:12:20.0118 0x1ac0  SiSRaid4 - ok
09:12:20.0135 0x1ac0  [ 3E98CE04689597C76B3EF4D3D0323836, F7FFF675066281190C236F2995EB003A1779231E5164EEE6BEE334A4240B1DF9 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
09:12:20.0145 0x1ac0  SkypeUpdate - ok
09:12:20.0148 0x1ac0  smphost - ok
09:12:20.0157 0x1ac0  SmsRouter - ok
09:12:20.0170 0x1ac0  SNMPTRAP - ok
09:12:20.0178 0x1ac0  [ 4945020BC094C322571184A6E8056B3A, 9E09257411F7C3631537D0198E0E64CDD1A697D80430F6379139B15A2BA8A6C9 ] SolidWorks Licensing Service C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
09:12:20.0183 0x1ac0  SolidWorks Licensing Service - detected UnsignedFile.Multi.Generic ( 1 )
09:12:21.0192 0x1ac0  Detect skipped due to KSN trusted
09:12:21.0192 0x1ac0  SolidWorks Licensing Service - ok
09:12:21.0196 0x1ac0  spaceport - ok
09:12:21.0198 0x1ac0  SpbCx - ok
09:12:21.0201 0x1ac0  Spooler - ok
09:12:21.0203 0x1ac0  sppsvc - ok
09:12:21.0206 0x1ac0  srv - ok
09:12:21.0208 0x1ac0  srv2 - ok
09:12:21.0210 0x1ac0  srvnet - ok
09:12:21.0213 0x1ac0  SSDPSRV - ok
09:12:21.0216 0x1ac0  SstpSvc - ok
09:12:21.0218 0x1ac0  StateRepository - ok
09:12:21.0220 0x1ac0  stexstor - ok
09:12:21.0223 0x1ac0  [ 2834415C4EDD6CE35CB3CFEC50E08469, 28426616C709457DF38B5E2B4B9666C1255B81D2097589A95AAABD1BFACD302A ] StillCam        C:\WINDOWS\system32\DRIVERS\serscan.sys
09:12:21.0232 0x1ac0  StillCam - ok
09:12:21.0234 0x1ac0  stisvc - ok
09:12:21.0237 0x1ac0  storahci - ok
09:12:21.0239 0x1ac0  storflt - ok
09:12:21.0242 0x1ac0  stornvme - ok
09:12:21.0244 0x1ac0  storqosflt - ok
09:12:21.0246 0x1ac0  StorSvc - ok
09:12:21.0248 0x1ac0  storufs - ok
09:12:21.0251 0x1ac0  storvsc - ok
09:12:21.0254 0x1ac0  svsvc - ok
09:12:21.0256 0x1ac0  swenum - ok
09:12:21.0259 0x1ac0  swprv - ok
09:12:21.0261 0x1ac0  Synth3dVsc - ok
09:12:21.0263 0x1ac0  SysMain - ok
09:12:21.0265 0x1ac0  SystemEventsBroker - ok
09:12:21.0268 0x1ac0  TabletInputService - ok
09:12:21.0270 0x1ac0  TapiSrv - ok
09:12:21.0272 0x1ac0  Tcpip - ok
09:12:21.0275 0x1ac0  Tcpip6 - ok
09:12:21.0278 0x1ac0  tcpipreg - ok
09:12:21.0281 0x1ac0  tdx - ok
09:12:21.0283 0x1ac0  terminpt - ok
09:12:21.0286 0x1ac0  TermService - ok
09:12:21.0288 0x1ac0  Themes - ok
09:12:21.0291 0x1ac0  TieringEngineService - ok
09:12:21.0293 0x1ac0  tiledatamodelsvc - ok
09:12:21.0296 0x1ac0  TimeBroker - ok
09:12:21.0299 0x1ac0  TPM - ok
09:12:21.0301 0x1ac0  TrkWks - ok
09:12:21.0303 0x1ac0  TrustedInstaller - ok
09:12:21.0306 0x1ac0  tsusbflt - ok
09:12:21.0309 0x1ac0  TsUsbGD - ok
09:12:21.0311 0x1ac0  tunnel - ok
09:12:21.0313 0x1ac0  tzautoupdate - ok
09:12:21.0316 0x1ac0  uagp35 - ok
09:12:21.0318 0x1ac0  UASPStor - ok
09:12:21.0321 0x1ac0  UcmCx0101 - ok
09:12:21.0323 0x1ac0  UcmUcsi - ok
09:12:21.0325 0x1ac0  Ucx01000 - ok
09:12:21.0327 0x1ac0  UdeCx - ok
09:12:21.0329 0x1ac0  udfs - ok
09:12:21.0331 0x1ac0  UEFI - ok
09:12:21.0338 0x1ac0  [ EE33325429532937D51AC3F54DC93589, D861B541E42F41EDC69A2A3B44860E40164D797D11B4343495DE6281D33F718C ] UEIPSvc         C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
09:12:21.0345 0x1ac0  UEIPSvc - ok
09:12:21.0348 0x1ac0  Ufx01000 - ok
09:12:21.0350 0x1ac0  UfxChipidea - ok
09:12:21.0353 0x1ac0  ufxsynopsys - ok
09:12:21.0357 0x1ac0  UI0Detect - ok
09:12:21.0359 0x1ac0  uliagpkx - ok
09:12:21.0361 0x1ac0  umbus - ok
09:12:21.0363 0x1ac0  UmPass - ok
09:12:21.0366 0x1ac0  UmRdpService - ok
09:12:21.0368 0x1ac0  UnistoreSvc - ok
09:12:21.0412 0x1ac0  upnphost - ok
09:12:21.0414 0x1ac0  UrsChipidea - ok
09:12:21.0417 0x1ac0  UrsCx01000 - ok
09:12:21.0419 0x1ac0  UrsSynopsys - ok
09:12:21.0422 0x1ac0  usbaudio - ok
09:12:21.0424 0x1ac0  usbccgp - ok
09:12:21.0426 0x1ac0  usbcir - ok
09:12:21.0429 0x1ac0  usbehci - ok
09:12:21.0431 0x1ac0  usbhub - ok
09:12:21.0433 0x1ac0  USBHUB3 - ok
09:12:21.0436 0x1ac0  usbohci - ok
09:12:21.0438 0x1ac0  usbprint - ok
09:12:21.0442 0x1ac0  [ D67B6A4A6FB99D29444C2DBA2B636799, 62BC778D60593B2AB0DA13C4DB3EA5971895AE09DA06E8AB2D03973C940C890C ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
09:12:21.0453 0x1ac0  usbscan - ok
09:12:21.0455 0x1ac0  usbser - ok
09:12:21.0458 0x1ac0  USBSTOR - ok
09:12:21.0472 0x1ac0  [ C44D96B1CDDE705B23F55AB423CCA73D, AB9842E90DD3D686E66BDBE043EB0068272B611D6F63C818EB9D1B6FE2FE23BD ] USBTINSP        C:\WINDOWS\System32\drivers\tinspusb.sys
09:12:21.0483 0x1ac0  USBTINSP - ok
09:12:21.0485 0x1ac0  usbuhci - ok
09:12:21.0488 0x1ac0  usbvideo - ok
09:12:21.0490 0x1ac0  USBXHCI - ok
09:12:21.0493 0x1ac0  UserDataSvc - ok
09:12:21.0525 0x1ac0  UserManager - ok
09:12:21.0527 0x1ac0  UsoSvc - ok
09:12:21.0530 0x1ac0  VaultSvc - ok
09:12:21.0532 0x1ac0  vdrvroot - ok
09:12:21.0534 0x1ac0  vds - ok
09:12:21.0537 0x1ac0  VerifierExt - ok
09:12:21.0539 0x1ac0  vhdmp - ok
09:12:21.0542 0x1ac0  vhf - ok
09:12:21.0544 0x1ac0  vmbus - ok
09:12:21.0547 0x1ac0  VMBusHID - ok
09:12:21.0549 0x1ac0  vmicguestinterface - ok
09:12:21.0551 0x1ac0  vmicheartbeat - ok
09:12:21.0554 0x1ac0  vmickvpexchange - ok
09:12:21.0556 0x1ac0  vmicrdv - ok
09:12:21.0558 0x1ac0  vmicshutdown - ok
09:12:21.0561 0x1ac0  vmictimesync - ok
09:12:21.0563 0x1ac0  vmicvmsession - ok
09:12:21.0565 0x1ac0  vmicvss - ok
09:12:21.0567 0x1ac0  volmgr - ok
09:12:21.0575 0x1ac0  volmgrx - ok
09:12:21.0583 0x1ac0  volsnap - ok
09:12:21.0586 0x1ac0  vpci - ok
09:12:21.0589 0x1ac0  vsmraid - ok
09:12:21.0593 0x1ac0  VSS - ok
09:12:21.0622 0x1ac0  [ 79F4D90FAA0ACC1866F2F3E03E39CA89, EE08BCBF29A7E4AFFF520B8DF067281425F433EC275F8C86CE8F20F000E92E3D ] vssbrigde64     C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe
09:12:21.0629 0x1ac0  vssbrigde64 - ok
09:12:21.0632 0x1ac0  VSTXRAID - ok
09:12:21.0643 0x1ac0  vwifibus - ok
09:12:21.0647 0x1ac0  vwififlt - ok
09:12:21.0650 0x1ac0  vwifimp - ok
09:12:21.0654 0x1ac0  W32Time - ok
09:12:21.0664 0x1ac0  WacomPen - ok
09:12:21.0669 0x1ac0  WalletService - ok
09:12:21.0671 0x1ac0  wanarp - ok
09:12:21.0673 0x1ac0  wanarpv6 - ok
09:12:21.0679 0x1ac0  wbengine - ok
09:12:21.0688 0x1ac0  WbioSrvc - ok
09:12:21.0691 0x1ac0  Wcmsvc - ok
09:12:21.0694 0x1ac0  wcncsvc - ok
09:12:21.0696 0x1ac0  WcsPlugInService - ok
09:12:21.0699 0x1ac0  WdBoot - ok
09:12:21.0702 0x1ac0  Wdf01000 - ok
09:12:21.0704 0x1ac0  WdFilter - ok
09:12:21.0707 0x1ac0  WdiServiceHost - ok
09:12:21.0710 0x1ac0  WdiSystemHost - ok
09:12:21.0712 0x1ac0  wdiwifi - ok
09:12:21.0715 0x1ac0  WdNisDrv - ok
09:12:21.0717 0x1ac0  WdNisSvc - ok
09:12:21.0719 0x1ac0  WebClient - ok
09:12:21.0722 0x1ac0  Wecsvc - ok
09:12:21.0724 0x1ac0  WEPHOSTSVC - ok
09:12:21.0727 0x1ac0  wercplsupport - ok
09:12:21.0729 0x1ac0  WerSvc - ok
09:12:21.0732 0x1ac0  WFPLWFS - ok
09:12:21.0734 0x1ac0  WiaRpc - ok
09:12:21.0737 0x1ac0  WIMMount - ok
09:12:21.0738 0x1ac0  WinDefend - ok
09:12:21.0743 0x1ac0  WindowsTrustedRT - ok
09:12:21.0746 0x1ac0  WindowsTrustedRTProxy - ok
09:12:21.0748 0x1ac0  WinHttpAutoProxySvc - ok
09:12:21.0751 0x1ac0  WinMad - ok
09:12:21.0757 0x1ac0  Winmgmt - ok
09:12:21.0760 0x1ac0  WinRM - ok
09:12:21.0764 0x1ac0  WINUSB - ok
09:12:21.0766 0x1ac0  WinVerbs - ok
09:12:21.0769 0x1ac0  WlanSvc - ok
09:12:21.0772 0x1ac0  wlidsvc - ok
09:12:21.0774 0x1ac0  WmiAcpi - ok
09:12:21.0778 0x1ac0  wmiApSrv - ok
09:12:21.0781 0x1ac0  WMPNetworkSvc - ok
09:12:21.0787 0x1ac0  [ 2A9650FCC696DB28E45EA8B33B99B8E6, FBEBC6C05D50F578C6EEE0A7285EBE1DEADB08DD21FA3232630FD8D5A68FC3FB ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
09:12:21.0798 0x1ac0  Wof - ok
09:12:21.0803 0x1ac0  workfolderssvc - ok
09:12:21.0805 0x1ac0  wpcfltr - ok
09:12:21.0808 0x1ac0  WPDBusEnum - ok
09:12:21.0811 0x1ac0  WpdUpFltr - ok
09:12:21.0813 0x1ac0  WpnService - ok
09:12:21.0816 0x1ac0  ws2ifsl - ok
09:12:21.0818 0x1ac0  wscsvc - ok
09:12:21.0820 0x1ac0  WSDPrintDevice - ok
09:12:21.0823 0x1ac0  WSDScan - ok
09:12:21.0825 0x1ac0  WSearch - ok
09:12:21.0829 0x1ac0  WSService - ok
09:12:21.0832 0x1ac0  wuauserv - ok
09:12:21.0834 0x1ac0  WudfPf - ok
09:12:21.0836 0x1ac0  WUDFRd - ok
09:12:21.0839 0x1ac0  wudfsvc - ok
09:12:21.0841 0x1ac0  WUDFWpdFs - ok
09:12:21.0844 0x1ac0  WUDFWpdMtp - ok
09:12:21.0846 0x1ac0  WwanSvc - ok
09:12:21.0849 0x1ac0  XblAuthManager - ok
09:12:21.0852 0x1ac0  XblGameSave - ok
09:12:21.0855 0x1ac0  xboxgip - ok
09:12:21.0857 0x1ac0  XboxNetApiSvc - ok
09:12:21.0860 0x1ac0  xinputhid - ok
09:12:21.0862 0x1ac0  ================ Scan global ===============================
09:12:21.0872 0x1ac0  [ Global ] - ok
09:12:21.0872 0x1ac0  ================ Scan MBR ==================================
09:12:21.0873 0x1ac0  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
09:12:21.0895 0x1ac0  \Device\Harddisk0\DR0 - ok
09:12:21.0897 0x1ac0  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
09:12:22.0431 0x1ac0  \Device\Harddisk1\DR1 - ok
09:12:22.0436 0x1ac0  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk2\DR3
09:12:22.0621 0x1ac0  \Device\Harddisk2\DR3 - ok
09:12:22.0621 0x1ac0  ================ Scan VBR ==================================
09:12:22.0623 0x1ac0  [ 03D548E55A681A951986B9218CE2C7EC ] \Device\Harddisk0\DR0\Partition1
09:12:22.0625 0x1ac0  \Device\Harddisk0\DR0\Partition1 - ok
09:12:22.0627 0x1ac0  [ 75CC1B2347FB75DDBD30DD61C221A0E1 ] \Device\Harddisk0\DR0\Partition2
09:12:22.0628 0x1ac0  \Device\Harddisk0\DR0\Partition2 - ok
09:12:22.0629 0x1ac0  [ 2B97C6ED32253AE89C72F74EC2CA498B ] \Device\Harddisk0\DR0\Partition3
09:12:22.0629 0x1ac0  \Device\Harddisk0\DR0\Partition3 - ok
09:12:22.0632 0x1ac0  [ 7C0387306F082AD8C008C2CD00552A11 ] \Device\Harddisk0\DR0\Partition4
09:12:22.0633 0x1ac0  \Device\Harddisk0\DR0\Partition4 - ok
09:12:22.0635 0x1ac0  [ EDE91A49EBC5D72C12753712040D1345 ] \Device\Harddisk0\DR0\Partition5
09:12:22.0636 0x1ac0  \Device\Harddisk0\DR0\Partition5 - ok
09:12:22.0638 0x1ac0  [ F3E3A02FEC0984A5853C66D3D2572675 ] \Device\Harddisk1\DR1\Partition1
09:12:22.0711 0x1ac0  \Device\Harddisk1\DR1\Partition1 - ok
09:12:22.0754 0x1ac0  [ FC6D43828A88492B87AF4E883C883CD6 ] \Device\Harddisk1\DR1\Partition2
09:12:22.0774 0x1ac0  \Device\Harddisk1\DR1\Partition2 - ok
09:12:22.0777 0x1ac0  [ 2F2A384FA423D019BFF29D55762B8273 ] \Device\Harddisk2\DR3\Partition1
09:12:22.0779 0x1ac0  \Device\Harddisk2\DR3\Partition1 - ok
09:12:22.0780 0x1ac0  ================ Scan generic autorun ======================
09:12:22.0981 0x1ac0  [ 92894CE1B4DBBB9BB55EA0A1E6E7DF99, 06E575611BEF01D75789DD92AFE33A6CE9BA18831AD97E7C096BE6C2B0BFE64A ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
09:12:23.0184 0x1ac0  RtHDVCpl - ok
09:12:23.0217 0x1ac0  [ 01F0FC06366F80BF8964708042E0D9F5, 7DEA61576AC17C902B6041EE168BEF2AF2A43401829D2FF7E19747ED8D43B16D ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
09:12:23.0242 0x1ac0  RtHDVBg_Dolby - ok
09:12:23.0292 0x1ac0  [ 8792B098E4B72A53ACC14FCD7DB4261A, B70273E2CCDB120C1B4F80E49DC7EFF574E2E0BB80E4B5C8D2383CD21DBBE34D ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
09:12:23.0332 0x1ac0  NvBackend - ok
09:12:23.0335 0x1ac0  ShadowPlay - ok
09:12:23.0338 0x1ac0  [ 9B60E29C094772FAAAA3D0C95C582A7A, E1654FD77F74C801A48CED2627660FDE3D3701E9994B43EC0DEBE063516D3F06 ] C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
09:12:23.0339 0x1ac0  Suspicious file ( Forged ): C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe. Real md5: 9B60E29C094772FAAAA3D0C95C582A7A, sha256: E1654FD77F74C801A48CED2627660FDE3D3701E9994B43EC0DEBE063516D3F06, fake md5: 1B9F7D3F5BFBF0415C6244E06587D301, fake sha256: E187B63D2D0ABCAD533F5B54F3F44368429297CA2B8BAB8D3ED7CC40F28170D6
09:12:23.0339 0x1ac0  BacKGround Agent - detected ForgedFile.Multi.Generic ( 1 )
09:12:24.0322 0x1ac0  BacKGround Agent ( ForgedFile.Multi.Generic ) - warning
09:12:25.0312 0x1ac0  [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
09:12:25.0318 0x1ac0  HP Software Update - ok
09:12:25.0347 0x1ac0  OneDriveSetup - ok
09:12:25.0348 0x1ac0  OneDriveSetup - ok
09:12:25.0348 0x1ac0  AcerCloud - ok
09:12:25.0405 0x1ac0  [ 501E808B5832505C51F539874E586353, 2F0C36BBB52052DD86E31BD7E0D3B7DD3BB7CF84E212900518E9CBE0C935DC43 ] C:\Program Files\HP\HP Officejet Pro 8620\Bin\ScanToPCActivationApp.exe
09:12:25.0461 0x1ac0  HP Officejet Pro 8620 (NET) - ok
09:12:25.0518 0x1ac0  [ 501E808B5832505C51F539874E586353, 2F0C36BBB52052DD86E31BD7E0D3B7DD3BB7CF84E212900518E9CBE0C935DC43 ] C:\Program Files\HP\HP Officejet Pro 8620\Bin\ScanToPCActivationApp.exe
09:12:25.0572 0x1ac0  HP Officejet Pro 8620 (NET) #2 - ok
09:12:25.0604 0x1ac0  [ 8E3A4D64A060C5CAA90F3B0C15A7DFE9, 62CEE1449AF368A5FA16DDF9690526965C32979564CF66BD8B3BB534110A910C ] C:\Users\19luigi96\AppData\Roaming\Spotify\SpotifyWebHelper.exe
09:12:25.0632 0x1ac0  Spotify Web Helper - ok
09:12:25.0787 0x1ac0  [ E93D62A6DB736AA82A3EEDDFDFE73311, 96EC57F66EE1A36580536518A814299DE6D5DACC0026F5A659B41918434ED8FA ] C:\Program Files\CCleaner\CCleaner64.exe
09:12:25.0917 0x1ac0  CCleaner Monitoring - ok
09:12:25.0929 0x1ac0  Uninstall C:\Users\19luigi96\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64 - ok
09:12:25.0931 0x1ac0  OneDriveSetup - ok
09:12:25.0932 0x1ac0  WAB Migrate - ok
09:12:25.0933 0x1ac0  Waiting for KSN requests completion. In queue: 90
09:12:26.0934 0x1ac0  Waiting for KSN requests completion. In queue: 30
09:12:26.0936 0x5b44  Object required for P2P: [ 86893B821E35433759EBD7D21B56B42E ] NvStreamKms
09:12:27.0935 0x1ac0  Waiting for KSN requests completion. In queue: 29
09:12:27.0980 0x5b44  Object send P2P result: true
09:12:27.0980 0x5b44  Object required for P2P: [ 6917C4B6633B3F0BFAC3DB20011126A8 ] NvStreamNetworkSvc
09:12:28.0935 0x1ac0  Waiting for KSN requests completion. In queue: 28
09:12:29.0043 0x5b44  Object send P2P result: true
09:12:29.0044 0x5b44  Object required for P2P: [ 1542254423FBB8BE196856CCF1BDFD7B ] nvsvc
09:12:29.0936 0x1ac0  Waiting for KSN requests completion. In queue: 26
09:12:30.0096 0x5b44  Object send P2P result: true
09:12:30.0098 0x5b44  Object required for P2P: [ 3E98CE04689597C76B3EF4D3D0323836 ] SkypeUpdate
09:12:30.0936 0x1ac0  Waiting for KSN requests completion. In queue: 15
09:12:31.0137 0x5b44  Object send P2P result: true
09:12:31.0137 0x5b44  Object required for P2P: [ 8E3A4D64A060C5CAA90F3B0C15A7DFE9 ] C:\Users\19luigi96\AppData\Roaming\Spotify\SpotifyWebHelper.exe
09:12:31.0937 0x1ac0  Waiting for KSN requests completion. In queue: 2
09:12:32.0187 0x5b44  Object send P2P result: true
09:12:32.0187 0x5b44  Object required for P2P: [ E93D62A6DB736AA82A3EEDDFDFE73311 ] C:\Program Files\CCleaner\CCleaner64.exe
09:12:32.0937 0x1ac0  Waiting for KSN requests completion. In queue: 1
09:12:33.0250 0x5b44  Object send P2P result: true
09:12:33.0951 0x1ac0  AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\wmiav.exe ( 16.0.0.614 ), 0x41000 ( enabled : updated )
09:12:33.0955 0x1ac0  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.9.10586.0 ), 0x60100 ( disabled : updated )
09:12:33.0956 0x1ac0  FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\wmiav.exe ( 16.0.0.614 ), 0x41010 ( enabled )
09:12:34.0945 0x1ac0  ============================================================
09:12:34.0945 0x1ac0  Scan finished
09:12:34.0945 0x1ac0  ============================================================
09:12:34.0953 0x2f48  Detected object count: 2
09:12:34.0953 0x2f48  Actual detected object count: 2
09:13:06.0207 0x2f48  DraftSight API Service ( UnsignedFile.Multi.Generic ) - skipped by user
09:13:06.0207 0x2f48  DraftSight API Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
09:13:06.0207 0x2f48  BacKGround Agent ( ForgedFile.Multi.Generic ) - skipped by user
09:13:06.0207 0x2f48  BacKGround Agent ( ForgedFile.Multi.Generic ) - User select action: Skip
So das wars jetzt

LG

Alt 11.05.2016, 16:43   #10
M-K-D-B
/// TB-Ausbilder
 
Werbungen, Popups, Weiterleitungen - Standard

Werbungen, Popups, Weiterleitungen


Servus,


Zitat:
Zitat von 19luigi96 Beitrag anzeigen
Habe nun alle Programme am Desktop installiert und als Administrator ausgeführt.
Nein, hast du nicht.

Zitat:
Gestartet von D:\Filme

Du hast vielleicht eine Verknüpfung auf den Desktop gelegt, aber davon war nicht die Rede.


Was ist so schwer daran, die Programme auf dem Desktop abzuspeichern bzw. dorthin zu verschieben?

Alt 14.05.2016, 12:52   #11
M-K-D-B
/// TB-Ausbilder
 
Werbungen, Popups, Weiterleitungen - Standard

Werbungen, Popups, Weiterleitungen


Fehlende Rückmeldung
Dieses Thema wurde aus den Abos gelöscht. Somit bekomme ich keine Benachrichtigung über neue Antworten.
PM an mich falls Du denoch weiter machen willst.

Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen!

Antwort

Themen zu Werbungen, Popups, Weiterleitungen
administrator, antivirus, anzeige, avast, browser, explorer, folge, home, internet, internet explorer, maleware, microsoft, neu, popups, problem, programme, scan, sekunden, setup, software, spiele, surfen, system, tab, windows


« Hab mir leider Seamonkey zerschossen, XML-Verarbeitungsfehler. | Trojaner durch Directpay Email »


Ähnliche Themen: Werbungen, Popups, Weiterleitungen


  1. Unregelmaessige Weiterleitungen im FF Browser
    Plagegeister aller Art und deren Bekämpfung - 08.12.2015 (15)
  2. Trotz allgemeiner Handlungsschritte immer noch Werbung, PopUps und Weiterleitungen
    Log-Analyse und Auswertung - 09.09.2015 (14)
  3. ständige PopUps und Werbungen
    Plagegeister aller Art und deren Bekämpfung - 29.04.2014 (3)
  4. Windows 7: Popups, unerwünschte Seiten, unerwünschte Weiterleitungen bei Internetnutzung
    Log-Analyse und Auswertung - 11.04.2014 (13)
  5. windows 7 - programme schließen nicht, surfen unmöglich wegen ständigen Popups und Weiterleitungen, lange Ladezeiten der Programme -Virus?
    Plagegeister aller Art und deren Bekämpfung - 22.12.2013 (9)
  6. Ihavenet.com weiterleitungen
    Log-Analyse und Auswertung - 02.11.2013 (22)
  7. Komische Weiterleitungen
    Plagegeister aller Art und deren Bekämpfung - 20.06.2013 (9)
  8. Werbetrojaner - Weiterleitungen von Google
    Log-Analyse und Auswertung - 14.05.2013 (11)
  9. Chitka Popups/ falsche Weiterleitungen
    Log-Analyse und Auswertung - 16.04.2013 (9)
  10. Weiterleitungen und ,,Recommended for you"-Popups
    Plagegeister aller Art und deren Bekämpfung - 06.05.2012 (3)
  11. Fehlerhafte Weiterleitungen bei google
    Log-Analyse und Auswertung - 20.07.2011 (4)
  12. Popups, Weiterleitungen auf andere Webseiten, falscher Zeichensatz
    Plagegeister aller Art und deren Bekämpfung - 17.02.2010 (6)
  13. Weiterleitungen und Popups Im IE
    Log-Analyse und Auswertung - 18.02.2009 (3)
  14. Probleme mit werbungen
    Mülltonne - 21.09.2008 (0)
  15. Ständige Weiterleitungen und Pop-Ups
    Log-Analyse und Auswertung - 14.05.2008 (13)
  16. WERBUNGEN am Desktop!
    Log-Analyse und Auswertung - 22.05.2006 (4)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Werbungen, Popups, Weiterleitungen - Hallo liebe Leute! Ich habe ein großes Problem mit meinem Laptop. Leider werde ich beim Surfen im Internet ständig auf nervige Werbeseiten weitergeleitet. Das ganze geschieht meistens dann, wenn ich - Werbungen, Popups, Weiterleitungen...
Archiv
Du betrachtest: Werbungen, Popups, Weiterleitungen auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131