Dezipper Startseite

beetleralf · 28.06.2016, 20:02

Hallo zusammen

habe den Laptop meines Bruders, der sich versehentlich ein Programm Installiert hat was scheinbar die Startseite im Browser immer wieder ändert und den Rechner langsamer macht. Da steht was von Dezipper
Der Pfad im Firefox sieht so aus:

hxxp://hp.myway.com/dezipper/ttab02/index.html?coId=d8d6c3c3cfce4c86ad9cd51a6dcd257f&subId=undefined&ln=en&n=782a7fa2&ptb=BDE45665-BA80-4F96-868B-A7EA633B6BBC&st=tab&p2=%5EBXL%5Exdm011%5ETTAB02%5Ede&si=undefined

kann mir jemand helfen das wieder weg zu bekommen?

MfG Ralf

M-K-D-B · 28.06.2016, 20:10

Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.

Bitte beachte folgende Hinweise:

Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort als Administrator zu starten!
Einige Programme, die wir hier verwenden, können unter Umständen von deinem Antiviren- oder Anti-Malwareprogramm fälschlicherweise als Bedrohung eingestuft werden. Die Sicherheitsprogramme können aufgrund eines bestimmten Programmverhaltens nicht zwischen "gut" oder "böse" unterscheiden und schlagen Alarm. Dabei handelt es sich um Fehlalarme, welche du getrost ignorieren kannst. Gegebenenfalls musst du deine Sicherheitssoftware vor der Ausführung eines Programms deaktivieren, damit unsere Bereinigungsvorgänge nicht beeinträchtigt werden.

Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!

Da ist sicher mehr im Argen...

Zur ersten Analyse bitte FRST und TDSS-Killer ausführen:

Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Schritt 2
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Bitte poste mit deiner nächsten Antwort

die Logdatei von TDSS-Killer,
die beiden neuen Logdateien von FRST.

beetleralf · 28.06.2016, 20:26

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 28-06-2016
durchgeführt von a (Administrator) auf LAPTOP-SG29RGOV (28-06-2016 21:22:28)
Gestartet von C:\Users\a\Downloads
Geladene Profile: a (Verfügbare Profile: a & louis & jbeur)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Amazon Inc.) C:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonService64.Exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
() C:\Program Files\AVAST Software\SecureLine\vpnsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
() C:\Users\a\AppData\Roaming\Dashlane\Dashlane.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
() C:\Users\a\AppData\Roaming\Dashlane\DashlanePlugin.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFTips.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
() C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerButton_NB.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_3.6.22051.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14040792 2015-07-07] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-06-23] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-17] (Apple Inc.)
HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [91488 2015-11-23] ()
HKLM-x32\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [4567720 2015-10-28] (Fitbit, Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [5971232 2016-06-14] (IObit)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-06-01] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [814608 2016-04-04] (Avira Operations GmbH & Co. KG)
HKLM\...\Policies\Explorer: [NoThemesTab] 1
HKU\S-1-5-21-1723475428-3538683685-1902373366-1001\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [4567720 2015-10-28] (Fitbit, Inc.)
HKU\S-1-5-21-1723475428-3538683685-1902373366-1001\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [721504 2015-09-02] (Microsoft Corporation)
HKU\S-1-5-21-1723475428-3538683685-1902373366-1001\...\Run: [Dashlane] => C:\Users\a\AppData\Roaming\Dashlane\Dashlane.exe [227200 2016-06-03] ()
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-04-20] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-04-20] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-04-20] (Acer Incorporated)
GroupPolicyUsers\S-1-5-21-1723475428-3538683685-1902373366-1003\User: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{b7772e8a-7d1b-4ad1-bacc-94bc28f43f38}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1723475428-3538683685-1902373366-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-1723475428-3538683685-1902373366-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer15.msn.com/?pc=ACTE
SearchScopes: HKU\S-1-5-21-1723475428-3538683685-1902373366-1001 -> DefaultScope {33FD5AA0-110F-415F-8431-8B1289FF3777} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-06-10] (Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-06-10] (Microsoft Corporation)
BHO-x32: Dashlane BHO -> {42D79B50-CC4A-4A8E-860F-BE674AF053A2} -> C:\Users\a\AppData\Roaming\Dashlane\ie\Dashlanei.dll [2016-06-03] (Dashlane)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
Toolbar: HKLM-x32 - Dashlane Toolbar - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\Users\a\AppData\Roaming\Dashlane\ie\KWIEBar.dll [2016-06-03] (Dashlane)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-10] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-10] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-10] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-10] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\oycd7pgf.default-1467050251082
FF DefaultSearchEngine: Google
FF Homepage: hxxp://hp.myway.com/dezipper/ttab02/index.html?coId=d8d6c3c3cfce4c86ad9cd51a6dcd257f&subId=undefined&ln=en&n=782a7fa2&ptb=BDE45665-BA80-4F96-868B-A7EA633B6BBC&st=tab&p2=%5EBXL%5Exdm011%5ETTAB02%5Ede&si=undefined
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-06-19] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-19] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-06-10] (Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2014-11-15] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Extension: Deutsch (DE) Language Pack - C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\oycd7pgf.default-1467050251082\Extensions\langpack-de@firefox.mozilla.org.xpi [2016-06-27]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Amazon 1Button App Service; c:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonService64.Exe [436032 2016-02-17] (Amazon Inc.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [970656 2016-04-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [467016 2016-04-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [467016 2016-04-04] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1435704 2016-04-04] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [302680 2016-06-01] (Avira Operations GmbH & Co. KG)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2860760 2016-04-18] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2944768 2016-06-10] (Microsoft Corporation)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2016-03-21] (Digital Wave Ltd.)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573568 2015-05-14] (Acer Incorporated)
R2 Fitbit Connect; C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe [5906088 2015-10-28] (Fitbit, Inc.)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [373312 2015-04-14] (WildTangent)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-06-23] (NVIDIA Corporation)
R2 ibtsiva; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [165104 2015-06-30] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [370064 2016-02-23] (Intel Corporation)
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [1597728 2016-06-13] (IObit)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Datei ist nicht signiert]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Datei ist nicht signiert]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223008 2015-07-06] (Intel Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2960672 2016-06-14] (IObit)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-06-12] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1868432 2015-06-23] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23007376 2015-06-23] (NVIDIA Corporation)
R3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [398176 2015-07-09] (Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [450400 2015-07-09] (Acer Incorporated)
R2 SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [592392 2016-05-27] ()
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [247040 2015-05-27] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3831200 2015-06-12] (Intel® Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128664 2016-04-04] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146712 2016-04-04] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2016-04-04] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [78208 2016-04-04] (Avira Operations GmbH & Co. KG)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-06-02] ()
R3 ETDI2C; C:\Windows\system32\DRIVERS\ETDI2C.sys [175152 2015-06-09] (ELAN Microelectronic Corp.)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [266512 2016-02-27] (Intel Corporation)
R3 IMFFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\IMFFilter.sys [22208 2016-04-01] (IObit)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21344 2015-07-09] (Acer Incorporated)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-06-27] (Malwarebytes)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [184096 2015-06-29] (Intel Corporation)
R3 Netwtw02; C:\Windows\System32\drivers\Netwtw02.sys [9391896 2015-06-21] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-06-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [46768 2015-05-18] (NVIDIA Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14688 2015-07-09] (Acer Incorporated)
R3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2016-01-11] (IObit.com)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [886528 2015-05-29] (Realtek                                            )
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [411712 2015-05-19] (Realsil Semiconductor Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-06-28 21:22 - 2016-06-28 21:23 - 00022678 _____ C:\Users\a\Downloads\FRST.txt
2016-06-28 21:22 - 2016-06-28 21:22 - 00000000 ____D C:\FRST
2016-06-28 21:21 - 2016-06-28 21:21 - 02389504 _____ (Farbar) C:\Users\a\Downloads\FRST64.exe
2016-06-27 20:28 - 2016-06-27 20:28 - 00000000 ____D C:\Users\a\AppData\Roaming\ProductData
2016-06-27 20:26 - 2016-06-27 20:28 - 00000000 ____D C:\ProgramData\ProductData
2016-06-27 19:57 - 2016-06-27 19:57 - 00000000 ____D C:\Users\a\Desktop\Old Firefox Data
2016-06-27 19:43 - 2016-06-27 19:44 - 01610816 _____ (Malwarebytes) C:\Users\a\Downloads\JRT.exe
2016-06-27 19:39 - 2016-06-27 19:39 - 22851472 _____ (Malwarebytes ) C:\Users\a\Downloads\mbam-setup-2.2.1.1043.exe
2016-06-27 19:29 - 2016-06-27 19:32 - 00000000 ____D C:\AdwCleaner
2016-06-27 19:29 - 2016-06-27 19:29 - 03703360 _____ C:\Users\a\Downloads\AdwCleaner_5.200.exe
2016-06-27 19:24 - 2016-06-27 19:24 - 00000000 ____D C:\Users\a\AppData\Roaming\Avira
2016-06-27 19:21 - 2016-04-04 17:07 - 00146712 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2016-06-27 19:21 - 2016-04-04 17:07 - 00128664 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2016-06-27 19:21 - 2016-04-04 17:07 - 00078208 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2016-06-27 19:21 - 2016-04-04 17:07 - 00035488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2016-06-27 19:20 - 2016-06-27 19:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-06-27 19:20 - 2016-06-27 19:21 - 00000000 ____D C:\ProgramData\Avira
2016-06-27 19:20 - 2016-06-27 19:21 - 00000000 ____D C:\Program Files (x86)\Avira
2016-06-27 19:20 - 2016-06-27 19:20 - 00001291 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2016-06-27 19:11 - 2016-06-27 19:20 - 04657056 _____ (Avira Operations GmbH & Co. KG) C:\Users\a\Downloads\avira_de_av_57715dbc5850b__adw.exe
2016-06-20 19:37 - 2016-06-20 19:37 - 00001827 _____ C:\Users\a\Desktop\Dashlane.lnk
2016-06-20 19:37 - 2016-06-20 19:37 - 00000000 ____D C:\Users\a\AppData\LocalLow\Dashlane
2016-06-20 19:35 - 2016-06-20 19:37 - 00000000 ____D C:\Users\a\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dashlane
2016-06-20 19:35 - 2016-06-20 19:37 - 00000000 ____D C:\Users\a\AppData\Roaming\Dashlane
2016-06-20 19:35 - 2016-06-20 19:36 - 00000000 ____D C:\Program Files (x86)\Dashlane
2016-06-20 19:34 - 2016-06-20 19:34 - 00001254 _____ C:\Users\Public\Desktop\IObit Malware Fighter.lnk
2016-06-20 19:34 - 2016-06-20 19:34 - 00000000 ____D C:\Users\louis\AppData\Roaming\IObit
2016-06-20 19:34 - 2016-06-20 19:34 - 00000000 ____D C:\Users\a\AppData\Roaming\IObit
2016-06-20 19:34 - 2016-06-20 19:34 - 00000000 ____D C:\Users\a\AppData\LocalLow\IObit
2016-06-20 19:34 - 2016-06-20 19:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
2016-06-20 19:33 - 2016-06-20 19:34 - 00000000 ____D C:\ProgramData\IObit
2016-06-20 19:33 - 2016-06-20 19:34 - 00000000 ____D C:\Program Files (x86)\IObit
2016-06-20 19:33 - 2016-06-20 19:33 - 00000000 ____D C:\ProgramData\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705}
2016-06-20 19:21 - 2016-06-20 19:32 - 43739048 _____ (IObit ) C:\Users\a\Downloads\IObit-Malware-Fighter-Setup.exe
2016-06-16 23:03 - 2016-06-16 23:03 - 00048402 _____ C:\Users\a\Downloads\Stellenausschreibung_Brandmeister_2016_langzeit.pdf
2016-06-16 08:20 - 2016-05-28 08:13 - 01401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-06-16 08:20 - 2016-05-28 08:13 - 00046784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-06-16 08:20 - 2016-05-28 07:07 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-06-16 08:20 - 2016-05-28 07:07 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-06-16 08:20 - 2016-05-28 06:58 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-06-16 08:20 - 2016-05-28 06:57 - 01594416 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-06-16 08:20 - 2016-05-28 06:57 - 01372312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-06-16 08:20 - 2016-05-28 06:57 - 00636304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-06-16 08:20 - 2016-05-28 06:57 - 00546456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-06-16 08:20 - 2016-05-28 06:57 - 00316256 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-06-16 08:20 - 2016-05-28 06:35 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
2016-06-16 08:20 - 2016-05-28 06:35 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-06-16 08:20 - 2016-05-28 06:31 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-06-16 08:20 - 2016-05-28 06:29 - 22379008 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-06-16 08:20 - 2016-05-28 06:29 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-06-16 08:20 - 2016-05-28 06:28 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-06-16 08:20 - 2016-05-28 06:27 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-06-16 08:20 - 2016-05-28 06:27 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-06-16 08:20 - 2016-05-28 06:26 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-06-16 08:20 - 2016-05-28 06:26 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-06-16 08:20 - 2016-05-28 06:24 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-06-16 08:20 - 2016-05-28 06:22 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-06-16 08:20 - 2016-05-28 06:22 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-06-16 08:20 - 2016-05-28 06:22 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-06-16 08:20 - 2016-05-28 06:19 - 24605696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-06-16 08:20 - 2016-05-28 06:18 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-06-16 08:20 - 2016-05-28 06:18 - 07977472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-06-16 08:20 - 2016-05-28 06:18 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-06-16 08:20 - 2016-05-28 06:17 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-06-16 08:20 - 2016-05-28 06:15 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-06-16 08:20 - 2016-05-28 06:15 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-06-16 08:20 - 2016-05-28 06:15 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-06-16 08:20 - 2016-05-28 06:14 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-06-16 08:20 - 2016-05-28 06:14 - 00606208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-06-16 08:20 - 2016-05-28 06:14 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-06-16 08:20 - 2016-05-28 06:13 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-06-16 08:20 - 2016-05-28 06:12 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-06-16 08:20 - 2016-05-28 06:11 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-06-16 08:20 - 2016-05-28 06:11 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-06-16 08:20 - 2016-05-28 06:11 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-06-16 08:20 - 2016-05-28 06:08 - 13385728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-06-16 08:20 - 2016-05-28 06:08 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-06-16 08:20 - 2016-05-28 06:06 - 12128256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-06-16 08:20 - 2016-05-28 06:06 - 07200256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-06-16 08:20 - 2016-05-28 06:04 - 06973952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-06-16 08:20 - 2016-05-28 06:03 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-06-16 08:20 - 2016-05-28 06:03 - 02609664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-06-16 08:20 - 2016-05-28 06:00 - 03585536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-06-16 08:20 - 2016-05-28 06:00 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-06-16 08:20 - 2016-05-28 05:58 - 07832576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-06-16 08:20 - 2016-05-28 05:58 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-06-16 08:19 - 2016-05-28 08:13 - 01184960 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-06-16 08:19 - 2016-05-28 08:13 - 00514752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-06-16 08:19 - 2016-05-28 08:13 - 00290496 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-06-16 08:19 - 2016-05-28 08:13 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-06-16 08:19 - 2016-05-28 07:25 - 04268880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2016-06-16 08:19 - 2016-05-28 07:23 - 00388384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
2016-06-16 08:19 - 2016-05-28 07:23 - 00312160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll
2016-06-16 08:19 - 2016-05-28 07:22 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-06-16 08:19 - 2016-05-28 07:22 - 04387680 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2016-06-16 08:19 - 2016-05-28 07:22 - 00428896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2016-06-16 08:19 - 2016-05-28 07:22 - 00211296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2016-06-16 08:19 - 2016-05-28 07:22 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-06-16 08:19 - 2016-05-28 07:20 - 00430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2016-06-16 08:19 - 2016-05-28 07:18 - 00357216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
2016-06-16 08:19 - 2016-05-28 07:09 - 00501600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-06-16 08:19 - 2016-05-28 07:08 - 00693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-06-16 08:19 - 2016-05-28 07:07 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-06-16 08:19 - 2016-05-28 07:07 - 02921880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-06-16 08:19 - 2016-05-28 07:07 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-06-16 08:19 - 2016-05-28 07:07 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-06-16 08:19 - 2016-05-28 07:07 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-06-16 08:19 - 2016-05-28 07:06 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-06-16 08:19 - 2016-05-28 07:06 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-06-16 08:19 - 2016-05-28 07:06 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-06-16 08:19 - 2016-05-28 07:06 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-06-16 08:19 - 2016-05-28 07:06 - 00254656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-06-16 08:19 - 2016-05-28 07:05 - 04515264 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-06-16 08:19 - 2016-05-28 07:04 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-06-16 08:19 - 2016-05-28 07:04 - 00431296 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2016-06-16 08:19 - 2016-05-28 07:04 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2016-06-16 08:19 - 2016-05-28 07:04 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-06-16 08:19 - 2016-05-28 07:04 - 00111064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2016-06-16 08:19 - 2016-05-28 07:04 - 00097096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2016-06-16 08:19 - 2016-05-28 07:03 - 00131248 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2016-06-16 08:19 - 2016-05-28 06:58 - 01996640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-06-16 08:19 - 2016-05-28 06:57 - 02548944 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-06-16 08:19 - 2016-05-28 06:57 - 02195632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-06-16 08:19 - 2016-05-28 06:57 - 00649792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-06-16 08:19 - 2016-05-28 06:57 - 00577376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-06-16 08:19 - 2016-05-28 06:57 - 00521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-06-16 08:19 - 2016-05-28 06:35 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsdport.sys
2016-06-16 08:19 - 2016-05-28 06:31 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe
2016-06-16 08:19 - 2016-05-28 06:31 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-06-16 08:19 - 2016-05-28 06:26 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2016-06-16 08:19 - 2016-05-28 06:25 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-06-16 08:19 - 2016-05-28 06:24 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-06-16 08:19 - 2016-05-28 06:22 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-06-16 08:19 - 2016-05-28 06:22 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2016-06-16 08:19 - 2016-05-28 06:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2016-06-16 08:19 - 2016-05-28 06:22 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptsvc.dll
2016-06-16 08:19 - 2016-05-28 06:21 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrokerLib.dll
2016-06-16 08:19 - 2016-05-28 06:21 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-06-16 08:19 - 2016-05-28 06:20 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-06-16 08:19 - 2016-05-28 06:20 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\polstore.dll
2016-06-16 08:19 - 2016-05-28 06:20 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GnssAdapter.dll
2016-06-16 08:19 - 2016-05-28 06:20 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll
2016-06-16 08:19 - 2016-05-28 06:19 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-06-16 08:19 - 2016-05-28 06:18 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2016-06-16 08:19 - 2016-05-28 06:18 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2016-06-16 08:19 - 2016-05-28 06:18 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPSECSVC.DLL
2016-06-16 08:19 - 2016-05-28 06:18 - 00380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2016-06-16 08:19 - 2016-05-28 06:18 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-06-16 08:19 - 2016-05-28 06:17 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-06-16 08:19 - 2016-05-28 06:17 - 00963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2016-06-16 08:19 - 2016-05-28 06:17 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-06-16 08:19 - 2016-05-28 06:17 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-06-16 08:19 - 2016-05-28 06:16 - 19344384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-06-16 08:19 - 2016-05-28 06:16 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-06-16 08:19 - 2016-05-28 06:16 - 00684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2016-06-16 08:19 - 2016-05-28 06:16 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2016-06-16 08:19 - 2016-05-28 06:16 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-06-16 08:19 - 2016-05-28 06:16 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-06-16 08:19 - 2016-05-28 06:15 - 00794624 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-06-16 08:19 - 2016-05-28 06:15 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2016-06-16 08:19 - 2016-05-28 06:15 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-06-16 08:19 - 2016-05-28 06:14 - 18674176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-06-16 08:19 - 2016-05-28 06:14 - 01716736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-06-16 08:19 - 2016-05-28 06:14 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-06-16 08:19 - 2016-05-28 06:14 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-06-16 08:19 - 2016-05-28 06:14 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-06-16 08:19 - 2016-05-28 06:13 - 00990208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-06-16 08:19 - 2016-05-28 06:13 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-06-16 08:19 - 2016-05-28 06:13 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-06-16 08:19 - 2016-05-28 06:13 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2016-06-16 08:19 - 2016-05-28 06:12 - 00614400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-06-16 08:19 - 2016-05-28 06:12 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2016-06-16 08:19 - 2016-05-28 06:11 - 01445888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-06-16 08:19 - 2016-05-28 06:11 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-06-16 08:19 - 2016-05-28 06:11 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-06-16 08:19 - 2016-05-28 06:11 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-06-16 08:19 - 2016-05-28 06:09 - 01073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-06-16 08:19 - 2016-05-28 06:06 - 01339904 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2016-06-16 08:19 - 2016-05-28 06:05 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-06-16 08:19 - 2016-05-28 06:05 - 03664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-06-16 08:19 - 2016-05-28 06:05 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-06-16 08:19 - 2016-05-28 06:05 - 01797120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-06-16 08:19 - 2016-05-28 06:04 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-06-16 08:19 - 2016-05-28 06:04 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-06-16 08:19 - 2016-05-28 06:03 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-06-16 08:19 - 2016-05-28 06:03 - 01185280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationFramework.dll
2016-06-16 08:19 - 2016-05-28 06:03 - 00693760 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2016-06-16 08:19 - 2016-05-28 06:03 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-06-16 08:19 - 2016-05-28 06:02 - 03590144 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-06-16 08:19 - 2016-05-28 06:02 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-06-16 08:19 - 2016-05-28 06:02 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2016-06-16 08:19 - 2016-05-28 06:01 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-06-16 08:19 - 2016-05-28 06:01 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-06-16 08:19 - 2016-05-28 06:01 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-06-16 08:19 - 2016-05-28 06:00 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-06-16 08:19 - 2016-05-28 06:00 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-06-16 08:19 - 2016-05-28 06:00 - 02230272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-06-16 08:19 - 2016-05-28 06:00 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-06-16 08:19 - 2016-05-28 06:00 - 01730560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-06-16 08:19 - 2016-05-28 06:00 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-06-16 08:19 - 2016-05-28 05:58 - 04896256 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-06-16 08:19 - 2016-05-28 05:58 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-06-16 08:19 - 2016-05-28 05:58 - 02066432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-06-16 08:19 - 2016-05-28 05:57 - 02281472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-06-16 08:19 - 2016-05-28 05:55 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-06-16 08:18 - 2016-05-28 07:16 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-06-16 08:18 - 2016-05-28 07:09 - 00170848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.exe
2016-06-16 08:18 - 2016-05-28 07:09 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-06-16 08:18 - 2016-05-28 07:08 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
2016-06-16 08:18 - 2016-05-28 07:08 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-06-16 08:18 - 2016-05-28 06:29 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2016-06-16 08:18 - 2016-05-28 06:29 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxp.dll
2016-06-16 08:18 - 2016-05-28 06:28 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-06-16 08:18 - 2016-05-28 06:28 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\FwRemoteSvr.dll
2016-06-16 08:18 - 2016-05-28 06:26 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-06-16 08:18 - 2016-05-28 06:26 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2016-06-16 08:18 - 2016-05-28 06:24 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-06-16 08:18 - 2016-05-28 06:24 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Ndu.sys
2016-06-16 08:18 - 2016-05-28 06:24 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-06-16 08:18 - 2016-05-28 06:24 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-06-16 08:18 - 2016-05-28 06:24 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2016-06-16 08:18 - 2016-05-28 06:24 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FwRemoteSvr.dll
2016-06-16 08:18 - 2016-05-28 06:23 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-06-16 08:18 - 2016-05-28 06:23 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2016-06-16 08:18 - 2016-05-28 06:22 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-06-16 08:18 - 2016-05-28 06:22 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-06-16 08:18 - 2016-05-28 06:21 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-06-16 08:18 - 2016-05-28 06:21 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-06-16 08:18 - 2016-05-28 06:20 - 00511488 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
2016-06-16 08:18 - 2016-05-28 06:20 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2016-06-16 08:18 - 2016-05-28 06:20 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2016-06-16 08:18 - 2016-05-28 06:19 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-06-16 08:18 - 2016-05-28 06:19 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-06-16 08:18 - 2016-05-28 06:19 - 00355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2016-06-16 08:18 - 2016-05-28 06:19 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2016-06-16 08:18 - 2016-05-28 06:17 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll
2016-06-16 08:18 - 2016-05-28 06:17 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-06-16 08:18 - 2016-05-28 06:17 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2016-06-16 08:18 - 2016-05-28 06:16 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\polstore.dll
2016-06-16 08:18 - 2016-05-28 06:16 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2016-06-16 08:18 - 2016-05-28 06:15 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2016-06-16 08:18 - 2016-05-28 06:14 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2016-06-16 08:18 - 2016-05-28 06:13 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-06-16 08:18 - 2016-05-28 06:13 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-06-16 08:18 - 2016-05-28 06:13 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-06-16 08:18 - 2016-05-28 06:11 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2016-06-16 08:18 - 2016-05-28 06:02 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-06-16 08:18 - 2016-05-28 06:01 - 00111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-06-16 08:18 - 2016-05-28 06:00 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-06-16 08:18 - 2016-05-28 06:00 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-06-16 08:18 - 2016-05-28 05:59 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-06-16 08:18 - 2016-05-28 05:53 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2016-06-10 17:34 - 2016-06-10 17:34 - 00001486 _____ C:\Users\Public\Desktop\Free Audio CD to MP3 Converter.lnk
2016-06-10 17:34 - 2016-06-10 17:34 - 00001322 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2016-06-10 17:34 - 2016-06-10 17:34 - 00000000 ____D C:\Users\a\Documents\DVDVideoSoft
2016-06-10 17:34 - 2016-06-10 17:34 - 00000000 ____D C:\Users\a\AppData\Roaming\DVDVideoSoft
2016-06-10 17:34 - 2016-06-10 17:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2016-06-10 17:34 - 2016-06-10 17:34 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2016-06-10 17:33 - 2016-06-10 17:34 - 25948496 _____ (DVDVideoSoft Ltd. ) C:\Users\a\Downloads\FreeAudioCDToMP3Converter_1.3.12.1228s.exe
2016-06-10 17:29 - 2016-06-16 07:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-06-10 16:43 - 2016-06-27 20:29 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-06-10 16:42 - 2016-06-10 16:42 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-06-10 16:39 - 2016-06-10 16:40 - 01473544 _____ C:\Users\a\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe
2016-06-08 09:12 - 2016-06-15 22:40 - 00484008 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-06-02 16:46 - 2016-06-02 16:46 - 00000000 _____ C:\autoexec.bat
2016-06-02 16:44 - 2016-06-02 16:44 - 03482800 _____ (Enigma Software Group USA, LLC.) C:\Users\a\Downloads\SpyHunter-Installer.exe
2016-06-02 16:44 - 2016-06-02 16:44 - 00022704 _____ C:\WINDOWS\system32\Drivers\EsgScanner.sys

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-06-28 21:23 - 2016-03-16 18:51 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-06-28 20:59 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-06-28 20:58 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-06-28 20:54 - 2016-02-23 18:23 - 00004164 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{D4391977-0E1E-455B-ADAD-1CFD3B6AC71D}
2016-06-27 22:46 - 2016-02-27 21:42 - 00000000 ____D C:\Users\a\AppData\Local\CrashDumps
2016-06-27 20:58 - 2016-05-21 11:44 - 00000000 ___HD C:\OneDriveTemp
2016-06-27 20:58 - 2016-02-09 00:38 - 00000000 ___RD C:\Users\a\OneDrive
2016-06-27 20:57 - 2016-03-08 14:28 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-06-27 20:57 - 2016-02-09 00:34 - 00000000 __SHD C:\Users\a\IntelGraphicsProfiles
2016-06-27 20:57 - 2015-07-16 05:34 - 00000000 ____D C:\ProgramData\McAfee
2016-06-27 20:56 - 2016-03-08 14:48 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-06-27 20:55 - 2015-10-30 08:28 - 01048576 ___SH C:\WINDOWS\system32\config\BBI
2016-06-27 20:54 - 2015-10-30 09:24 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-06-27 20:54 - 2015-10-30 08:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-06-27 20:54 - 2015-07-10 11:05 - 00000000 ____D C:\Users\Default.migrated
2016-06-27 19:32 - 2016-05-11 18:22 - 00000000 ____D C:\Users\a\AppData\Roaming\Lavasoft
2016-06-27 19:32 - 2016-05-11 18:22 - 00000000 ____D C:\ProgramData\Lavasoft
2016-06-27 19:32 - 2016-05-11 18:22 - 00000000 ____D C:\Program Files (x86)\Lavasoft
2016-06-27 19:20 - 2015-09-20 04:53 - 00000000 ____D C:\ProgramData\Package Cache
2016-06-27 18:58 - 2016-03-08 14:31 - 00000000 ____D C:\Users\a
2016-06-27 18:58 - 2016-02-27 11:34 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-06-27 18:58 - 2016-02-27 11:34 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-06-27 18:57 - 2016-03-08 14:31 - 00000000 ____D C:\Users\louis
2016-06-27 18:36 - 2015-10-30 09:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-06-27 18:30 - 2015-09-20 04:48 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-06-27 18:29 - 2015-07-16 05:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2016-06-27 18:23 - 2016-02-09 00:37 - 00000000 ____D C:\Users\a\AppData\Local\clear.fi
2016-06-27 18:19 - 2016-03-27 14:05 - 00033280 ___SH C:\Users\a\Desktop\Thumbs.db
2016-06-26 17:47 - 2016-02-27 11:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-06-21 14:19 - 2015-10-30 20:35 - 00776766 _____ C:\WINDOWS\system32\perfh007.dat
2016-06-21 14:19 - 2015-10-30 20:35 - 00155544 _____ C:\WINDOWS\system32\perfc007.dat
2016-06-21 14:19 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-06-21 14:19 - 2015-07-16 05:31 - 01799166 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-06-20 20:15 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-06-20 14:25 - 2016-02-24 21:10 - 00000000 ____D C:\Users\louis\AppData\Local\CrashDumps
2016-06-20 13:51 - 2016-02-23 19:12 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-06-20 13:45 - 2016-02-23 19:12 - 142482544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-06-20 13:43 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-06-20 13:35 - 2016-02-23 20:32 - 00000000 __SHD C:\Users\louis\IntelGraphicsProfiles
2016-06-20 13:35 - 2015-07-16 05:28 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-06-16 19:57 - 2016-03-08 14:23 - 00364912 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-06-16 19:55 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-06-16 19:55 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-06-16 19:54 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-06-16 07:38 - 2015-07-16 05:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-06-14 20:33 - 2015-10-30 09:26 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-06-14 20:33 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-10 17:24 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\TAPI
2016-06-10 17:18 - 2016-03-08 14:31 - 00000000 ____D C:\Users\jbeur
2016-06-06 11:00 - 2016-02-27 11:27 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-03-08 14:28 - 2016-03-08 14:28 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
C:\Users\a\AppData\Local\Temp\0327561467053630mcinst.exe
C:\Users\a\AppData\Local\Temp\avgnt.exe
C:\Users\a\AppData\Local\Temp\Dashlane_Launcher_1437420342.exe
C:\Users\a\AppData\Local\Temp\libeay32.dll
C:\Users\a\AppData\Local\Temp\msvcr120.dll
C:\Users\a\AppData\Local\Temp\oct55DB.tmp.exe
C:\Users\a\AppData\Local\Temp\oct7378.tmp.exe
C:\Users\a\AppData\Local\Temp\pcvjn7rw.dll
C:\Users\a\AppData\Local\Temp\sqlite3.dll
C:\Users\a\AppData\Local\Temp\vneprvqc.dll
C:\Users\a\AppData\Local\Temp\yinh5vka.dll
C:\Users\louis\AppData\Local\Temp\octE0B5.tmp.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-06-27 19:16

==================== Ende von FRST.txt ============================

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 28-06-2016
durchgeführt von a (2016-06-28 21:23:52)
Gestartet von C:\Users\a\Downloads
Windows 10 Home Version 1511 (X64) (2016-03-08 12:56:25)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

a (S-1-5-21-1723475428-3538683685-1902373366-1001 - Administrator - Enabled) => C:\Users\a
Administrator (S-1-5-21-1723475428-3538683685-1902373366-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1723475428-3538683685-1902373366-503 - Limited - Disabled)
Gast (S-1-5-21-1723475428-3538683685-1902373366-501 - Limited - Disabled)
jbeur (S-1-5-21-1723475428-3538683685-1902373366-1004 - Limited - Enabled) => C:\Users\jbeur
louis (S-1-5-21-1723475428-3538683685-1902373366-1003 - Limited - Enabled) => C:\Users\louis

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: IObit Malware Fighter (Disabled - Out of date) {4D381C57-3C7A-6F22-07EB-639F49E836D4}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: IObit Malware Fighter (Enabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

12 Labours of Hercules III: Girl Power (x32 Version: 3.0.2.118 - WildTangent) Hidden
7-Zip 16.00 (HKLM-x32\...\7-Zip) (Version: 16.00 - Igor Pavlov)
abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.09.2001 - Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.02.2001 - Acer Incorporated)
abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.03.2003 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.07.2003.0 - Acer Incorporated)
Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3005 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3001 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.10.2001 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8109 - Acer Incorporated)
Acer Quick Access (HKLM\...\{E3678E72-78E3-4F91-A9FB-913876FF6DA2}) (Version: 2.00.3005 - Acer Incorporated)
Acer UEIP Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 2.01.3002 - Acer Incorporated)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Amazon 1Button App (HKLM-x32\...\{B6DCCCD3-520D-4485-B642-FCC136CE12C3}) (Version: 2.3.4 - Amazon) <==== ACHTUNG
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.17.2002.1 - Acer Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{691F30EB-9009-475A-B8A9-E1BF39598FD5}) (Version: 4.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Avast SecureLine (HKLM\...\{2CD3C92F-EDC5-4B02-9B0A-9C1D37C58EF5}_is1) (Version: 1.0.239.4 - AVAST Software)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.17.273 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{3d9e0476-943f-4962-99dc-b9c937a43840}) (Version: 1.1.65.9690 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.65.9690 - Avira Operations GmbH & Co. KG) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5427.02 - CyberLink Corp.)
Dashlane (HKU\S-1-5-21-1723475428-3538683685-1902373366-1001\...\Dashlane) (Version: 4.5.0.13208 - Dashlane SAS)
Dino Storm (x32 Version: 13.0.0.6 - WildTangent) Hidden
DriverSetupUtility (HKLM\...\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}) (Version: 1.00.3011 - Acer Incorporated)
eBay Worldwide (HKLM-x32\...\{3DC26EA7-03E3-4353-9424-EEB7A34A7504}) (Version: 2.5.0427 - OEM)
ELAN HIDI2C Filter Driver X64 13.6.3.1_WHQL (HKLM\...\Elantech) (Version: 13.6.3.1 - ELAN Microelectronic Corp.)
Fitbit Connect (HKLM-x32\...\{F5A49DF0-A632-4E7E-BD87-59701449DE0F}) (Version: 2.0.1.6742 - Fitbit Inc.)
Foxit PhantomPDF (HKLM-x32\...\{A4023BDF-82D5-412D-9D58-8C2819EBFE2E}) (Version: 7.0.410.326 - Foxit Software Inc.)
Free Audio CD to MP3 Converter (HKLM-x32\...\Free Audio CD to MP3 Converter_is1) (Version: 1.3.12.1228 - DVDVideoSoft Ltd.)
Game Explorer Categories - genres (HKLM-x32\...\WildTangentGameProvider-acer-genres) (Version: 13.0.0.6 - WildTangent, Inc.)
Game Explorer Categories - main (HKLM-x32\...\WildTangentGameProvider-acer-main) (Version: 13.0.0.6 - WildTangent, Inc.)
Home Makeover (x32 Version: 3.0.2.59 - WildTangent) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1156 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4248 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.253.0 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{F352BFBE-5960-48EC-B189-7F744B2991F3}) (Version: 17.1.1527.1534 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.1.1.8 - Intel(R) Corporation) Hidden
Intel® PROSet/Wireless Software (HKLM-x32\...\{d9e230c1-06bb-4b78-a9f1-c1ddce14e6fc}) (Version: 18.11.0 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
IObit Malware Fighter 4 (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 4.2 - IObit)
iTunes (HKLM\...\{FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E}) (Version: 12.3.2.35 - Apple Inc.)
Jewel Match 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Jewel Match Snowscapes (x32 Version: 3.0.2.118 - WildTangent) Hidden
Magic Academy (x32 Version: 2.2.0.97 - WildTangent) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.6965.2058 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 47.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 47.0 (x86 en-US)) (Version: 47.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.0.5999 - Mozilla)
NVIDIA GeForce Experience 2.4.5.57 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.57 - NVIDIA Corporation)
NVIDIA Grafiktreiber 353.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.54 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6925.1018 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6925.1018 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6925.1018 - Microsoft Corporation) Hidden
OnlineFotoservice (HKLM-x32\...\OnlineFotoservice) (Version: 6.1.3 - CEWE Stiftung u Co. KGaA)
Polar Bowler 1st Frame (x32 Version: 3.0.2.59 - WildTangent) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.31213 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7553 - Realtek Semiconductor Corp.)
Rory's Restaurant (x32 Version: 3.0.2.126 - WildTangent) Hidden
Runefall (x32 Version: 3.0.2.126 - WildTangent) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.5.57 - NVIDIA Corporation) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Vegas World (x32 Version: 13.0.0.6 - WildTangent) Hidden
Villagers and Heroes (x32 Version: 13.0.0.6 - WildTangent) Hidden
Web Companion (HKLM-x32\...\{ace5d9cf-4b28-44ce-b86b-07eeac288150}) (Version: 2.3.1411.2698 - Lavasoft)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.11.16 - WildTangent) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1723475428-3538683685-1902373366-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\a\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {00B5DA24-A9F6-439F-9165-FDE6B289C94B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-06-10] (Microsoft Corporation)
Task: {159B32EE-BE2F-4015-9839-812F4C73359B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {3B3B0D22-F0BD-44B4-AF70-77195BE5A064} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-13] (TODO: <Company name>)
Task: {4AB3798A-A883-4A8E-83BC-AFAF82A6607E} - System32\Tasks\Power Button => C:\Program Files\Acer\Acer Power Management\ePowerButton_NB.exe [2015-05-14] (Acer Incorporated)
Task: {4F9F0D7E-237B-46EA-B3C0-2EC8D2E02F3B} - System32\Tasks\abDocsDllLoader => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe [2015-11-23] ()
Task: {644DD111-74F2-41F9-91D1-0DBF73397DF9} - System32\Tasks\avast! SL Update => C:\Program Files\AVAST Software\SecureLine\SLUpdate.exe [2016-03-08] (AVAST Software)
Task: {6637C9EC-F17C-4174-AA2E-E84441854F62} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-06-10] (Microsoft Corporation)
Task: {748C56D9-D949-423A-BAD8-FA08023868C5} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2015-07-09] (Acer Incorporated)
Task: {91F9D2B6-9405-4B55-8297-BF24C7AD5C78} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2015-07-10] ()
Task: {990840B6-1D29-4796-8B6E-5633AB46887E} - System32\Tasks\Avast SecureLine => C:\Program Files\AVAST Software\SecureLine\SecureLine.exe [2016-05-27] (AVAST Software)
Task: {A2696E75-60A9-4460-BE5C-B78754F9281A} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2016-04-18] (Acer Incorporated)
Task: {A4A7AE22-A83E-4259-8E75-C73921CC01FB} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-06-19] (Adobe Systems Incorporated)
Task: {A56974CF-9CCC-4E57-9AA9-E2FF709695B7} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-06-20] (Microsoft Corporation)
Task: {AA194137-E3A1-43A2-9575-B41637D21E99} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2015-05-14] (Acer Incorporated)
Task: {B5EB7928-22D4-4286-BB54-397920C08268} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2016-04-20] (Acer)
Task: {CAD2B80F-4334-499A-9A94-54F196810E9F} - System32\Tasks\FUBTrackingByPLD => C:\OEM\Preload\FubTracking\FubTracking.exe [2015-05-14] ()
Task: {CD6F702C-470B-4241-8589-E1071B89BA8F} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [2015-07-10] ()
Task: {DC0657DA-2CD4-4D26-9C1A-220624452D10} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2015-07-09] (Acer Incorporated)
Task: {E02B5105-EEF3-499C-83D1-F8D59078D5A0} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-06-10] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-03-08 14:28 - 2015-07-13 19:37 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-05-27 12:29 - 2016-05-27 12:29 - 00592392 _____ () C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
2015-12-17 19:38 - 2015-12-17 19:38 - 00085800 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-12-17 19:38 - 2015-12-17 19:38 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-04-13 18:23 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-13 18:23 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-05-21 11:42 - 2016-05-21 11:42 - 00959168 _____ () C:\Users\a\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2015-07-16 05:41 - 2015-05-08 19:41 - 00111872 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2016-03-08 14:19 - 2016-03-08 14:19 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-05-11 18:20 - 2016-04-23 06:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-06-16 08:20 - 2016-05-28 05:59 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-06-16 08:20 - 2016-05-28 05:53 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-06-16 08:20 - 2016-05-28 05:54 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-06-16 08:20 - 2016-05-28 05:56 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-02-23 18:21 - 2016-02-23 18:21 - 00415128 _____ () C:\WINDOWS\system32\igfxTray.exe
2016-06-20 19:37 - 2016-06-03 11:46 - 00227200 _____ () C:\Users\a\AppData\Roaming\Dashlane\Dashlane.exe
2015-11-23 19:44 - 2015-11-23 19:44 - 01769312 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
2016-06-20 19:36 - 2016-06-03 11:46 - 00286080 _____ () C:\Users\a\AppData\Roaming\Dashlane\DashlanePlugin.exe
2015-07-10 12:38 - 2015-07-10 12:38 - 04580704 _____ () C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
2016-04-19 19:37 - 2016-04-19 19:37 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2015-09-20 14:19 - 2015-09-20 14:19 - 00117920 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_3.6.22051.0_x64__8wekyb3d8bbwe\GNSDK_FP.DLL
2016-06-20 19:34 - 2016-03-31 17:57 - 00625440 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2016-06-10 17:34 - 2016-03-21 14:47 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2016-06-10 17:34 - 2016-03-21 14:47 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll
2016-06-10 17:34 - 2016-03-21 14:47 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll
2016-06-10 17:34 - 2016-03-21 14:47 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2016-06-10 17:34 - 2016-03-21 14:47 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2016-06-10 17:34 - 2016-03-21 14:47 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2015-09-20 05:10 - 2015-06-23 22:37 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-05-21 11:42 - 2016-05-21 11:42 - 00679624 _____ () C:\Users\a\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll
2014-12-11 18:40 - 2014-12-11 18:40 - 40622592 ____R () C:\Program Files (x86)\Fitbit Connect\libcef.dll
2015-07-16 05:41 - 2015-05-08 19:41 - 00090368 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext.dll
2016-06-20 19:36 - 2016-06-03 11:43 - 00347520 _____ () C:\Users\a\AppData\Roaming\Dashlane\4.5.0.13208\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWDebugDll_win32.4.5.0.13208.dll
2016-06-20 19:36 - 2016-06-03 11:43 - 00436608 _____ () C:\Users\a\AppData\Roaming\Dashlane\4.5.0.13208\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWDebug.4.5.0.13208.dll
2016-06-20 19:36 - 2016-06-03 11:43 - 00469376 _____ () C:\Users\a\AppData\Roaming\Dashlane\4.5.0.13208\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWUtils.4.5.0.13208.dll
2016-06-20 19:36 - 2016-06-03 11:43 - 63070592 _____ () C:\Users\a\AppData\Roaming\Dashlane\4.5.0.13208\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWExternLib.4.5.0.13208.dll
2016-06-20 19:36 - 2016-06-03 11:43 - 00299392 _____ () C:\Users\a\AppData\Roaming\Dashlane\4.5.0.13208\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWMainLib_win.4.5.0.13208.dll
2016-06-20 19:36 - 2016-06-03 11:43 - 06254464 _____ () C:\Users\a\AppData\Roaming\Dashlane\4.5.0.13208\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWData.4.5.0.13208.dll
2016-06-20 19:36 - 2016-06-03 11:43 - 07393664 _____ () C:\Users\a\AppData\Roaming\Dashlane\4.5.0.13208\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWApplication.4.5.0.13208.dll
2016-06-20 19:34 - 2016-03-31 17:57 - 00899872 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\webres.dll
2016-06-20 19:34 - 2016-03-31 17:57 - 00188704 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\unrar.dll
2016-06-20 19:34 - 2016-03-31 17:57 - 00151840 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\zlibwapi.dll
2016-06-20 19:34 - 2016-03-31 17:57 - 00625440 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\ProductStatistics.dll
2016-06-20 19:36 - 2016-06-03 11:43 - 13624192 _____ () C:\Users\a\AppData\Roaming\Dashlane\4.5.0.13208\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWMainLib.4.5.0.13208.dll
2016-06-20 19:36 - 2016-06-03 11:43 - 02284928 _____ () C:\Users\a\AppData\Roaming\Dashlane\4.5.0.13208\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWMainLibData.4.5.0.13208.dll
2016-06-20 19:36 - 2016-06-03 11:43 - 00353664 _____ () C:\Users\a\AppData\Roaming\Dashlane\4.5.0.13208\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\Kwift_DP.4.5.0.13208.dll
2016-06-20 19:34 - 2016-03-31 17:57 - 00355616 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madExcept_.bpl
2016-06-20 19:34 - 2016-03-31 17:57 - 00190240 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madBasic_.bpl
2016-06-20 19:34 - 2016-03-31 17:57 - 00057632 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madDisAsm_.bpl
2015-07-06 20:36 - 2015-07-06 20:36 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-04-20 14:57 - 2016-04-20 14:57 - 00194048 _____ () C:\Program Files (x86)\Acer\Acer Portal\curllib.dll
2016-04-20 14:57 - 2016-04-20 14:57 - 00110592 _____ () C:\Program Files (x86)\Acer\Acer Portal\OpenLDAP.dll
2016-05-16 11:02 - 2016-05-16 11:02 - 00202456 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll
2016-05-16 11:04 - 2016-05-16 11:04 - 00654000 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll
2016-05-16 11:04 - 2016-05-16 11:04 - 00641240 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll
2016-05-16 11:03 - 2016-05-16 11:03 - 00119000 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll
2016-04-27 06:40 - 2016-04-27 06:40 - 00015064 _____ () C:\WINDOWS\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2016-04-18 16:13 - 2016-04-18 16:13 - 00013016 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
2016-04-18 16:11 - 2016-04-18 16:11 - 00277856 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-1723475428-3538683685-1902373366-1001\...\amazon.de -> amazon.de
IE trusted site: HKU\S-1-5-21-1723475428-3538683685-1902373366-1001\...\localhost -> localhost

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2015-07-10 13:04 - 2016-06-27 19:07 - 00000832 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1723475428-3538683685-1902373366-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{984496EB-FF9E-47FE-89E1-C623DC2E34A8}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{BD854089-0D5F-4A7E-8A42-C09F63C3D1B5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{48264247-6BBD-4D33-9577-C121F9587C53}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{DE2C11A4-6F8E-4E83-98A4-F80B0367EB34}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E43E4FEC-CEC4-4D24-8C5B-F14AF883023D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{07CB66BD-7B48-48E2-8AA3-67028ECD10A1}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{68496DA1-FDB3-48C2-B83F-C69993C81201}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{06D00A1E-88C9-430D-BC23-8E2935DC8C45}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{67E00604-5860-41C5-979B-280684AEB3B7}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{18E0AAC4-7E92-4E87-882B-2922F9E77555}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{401D33D9-C483-4A8F-B4DE-681285D9F3CA}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{BF238560-2054-4610-A933-D37BBC61E342}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{541FCBE3-72B5-421D-8C83-416408B72FBE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{5A2A1D26-526F-445A-9E56-195BDD5A64E4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A0E298A9-C708-4900-B022-E8F20F8CA79D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{40BBC3FA-73A2-450E-A45B-FAFD8B4E3F4C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{CA3177F4-DDA9-4941-BD10-BB976BE74B1F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{E744BB56-BEFF-4964-998D-539971FAB3AC}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{1B9D0A36-6AAB-4CC3-8886-519D02528162}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{7456B177-F3A4-4680-BA3F-C029A641E7C8}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{EC3208F3-2858-4033-948B-9FC0C05D4036}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{030AD213-B01A-4478-8883-98ACC90362D1}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{AC4F09D0-A1A1-491B-A6C8-7B850DA5B4AB}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{8A51B2ED-B3C9-491A-9BE7-0BF196CCC4FB}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{90DCACF2-AD29-4E57-BC3B-9517855EA057}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{77047FE5-5BE3-46C4-9880-2EDCA9AD130E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{79335C2F-97B2-40AA-8478-EC22FE191C2F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Wiederherstellungspunkte =========================

26-06-2016 17:45:49 Windows Update
27-06-2016 19:45:02 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (06/28/2016 09:01:36 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073415161

Error: (06/27/2016 10:46:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: backgroundTaskHost.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d8f0
Name des fehlerhaften Moduls: AppCore.Windows.dll_unloaded, Version: 16.526.11240.0, Zeitstempel: 0x574741e6
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000010a0
ID des fehlerhaften Prozesses: 0x172c
Startzeit der fehlerhaften Anwendung: 0xbackgroundTaskHost.exe0
Pfad der fehlerhaften Anwendung: backgroundTaskHost.exe1
Pfad des fehlerhaften Moduls: backgroundTaskHost.exe2
Berichtskennung: backgroundTaskHost.exe3
Vollständiger Name des fehlerhaften Pakets: backgroundTaskHost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: backgroundTaskHost.exe5

Error: (06/27/2016 10:33:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: backgroundTaskHost.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d8f0
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.10586.306, Zeitstempel: 0x571af2eb
Ausnahmecode: 0xc0000409
Fehleroffset: 0x00000000000a9ba0
ID des fehlerhaften Prozesses: 0x3b10
Startzeit der fehlerhaften Anwendung: 0xbackgroundTaskHost.exe0
Pfad der fehlerhaften Anwendung: backgroundTaskHost.exe1
Pfad des fehlerhaften Moduls: backgroundTaskHost.exe2
Berichtskennung: backgroundTaskHost.exe3
Vollständiger Name des fehlerhaften Pakets: backgroundTaskHost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: backgroundTaskHost.exe5

Error: (06/27/2016 07:45:16 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (06/27/2016 07:13:57 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-SG29RGOV)
Description: Bei der Aktivierung der App „Microsoft.WindowsMaps_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (06/27/2016 07:11:50 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (06/27/2016 07:06:13 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073415161

Error: (06/27/2016 07:00:26 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-SG29RGOV)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (06/27/2016 06:29:52 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073415161

Error: (06/27/2016 06:20:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbamscheduler.exe, Version: 3.1.7.0, Zeitstempel: 0x56aac2ef
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e
Ausnahmecode: 0x40000015
Fehleroffset: 0x0008d6fd
ID des fehlerhaften Prozesses: 0xa04
Startzeit der fehlerhaften Anwendung: 0xmbamscheduler.exe0
Pfad der fehlerhaften Anwendung: mbamscheduler.exe1
Pfad des fehlerhaften Moduls: mbamscheduler.exe2
Berichtskennung: mbamscheduler.exe3
Vollständiger Name des fehlerhaften Pakets: mbamscheduler.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: mbamscheduler.exe5


Systemfehler:
=============
Error: (06/28/2016 09:18:26 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-SG29RGOV)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}LAPTOP-SG29RGOVaS-1-5-21-1723475428-3538683685-1902373366-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (06/28/2016 09:06:52 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (06/28/2016 07:05:06 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (06/28/2016 12:00:37 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (06/27/2016 10:29:38 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-SG29RGOV)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}LAPTOP-SG29RGOVaS-1-5-21-1723475428-3538683685-1902373366-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (06/27/2016 09:53:42 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-SG29RGOV)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}LAPTOP-SG29RGOVaS-1-5-21-1723475428-3538683685-1902373366-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (06/27/2016 09:53:42 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-SG29RGOV)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}LAPTOP-SG29RGOVaS-1-5-21-1723475428-3538683685-1902373366-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (06/27/2016 09:53:42 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-SG29RGOV)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}LAPTOP-SG29RGOVaS-1-5-21-1723475428-3538683685-1902373366-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (06/27/2016 09:53:42 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-SG29RGOV)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}LAPTOP-SG29RGOVaS-1-5-21-1723475428-3538683685-1902373366-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (06/27/2016 08:56:26 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "cphs" wurde mit folgendem Fehler beendet: 
%%2147942406 = Das Handle ist ungültig.



CodeIntegrity:
===================================
  Date: 2016-06-27 18:32:11.229
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-21 14:13:03.906
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-20 19:26:30.022
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-06-20 19:26:30.005
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-06-20 19:26:29.983
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-06-20 19:26:29.409
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-06-20 19:26:29.315
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-06-20 19:05:30.768
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-20 18:40:31.806
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-06-20 18:40:15.023
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i3-5005U CPU @ 2.00GHz
Prozentuale Nutzung des RAM: 34%
Installierter physikalischer RAM: 8106.45 MB
Verfügbarer physikalischer RAM: 5335.49 MB
Summe virtueller Speicher: 9386.45 MB
Verfügbarer virtueller Speicher: 6024.69 MB

==================== Laufwerke ================================

Drive c: (Acer) (Fixed) (Total:930.91 GB) (Free:855.93 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 449E0580)

Partition: GPT.

==================== Ende von Addition.txt ============================

M-K-D-B · 28.06.2016, 20:30

Servus,

evtl. bereits vorhandene Logdateien bitte posten!
Hast du Amazon1ButtonApp bewusst installiert?

Schritt 1
Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 2
Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 3

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

Schritt 4

Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Bitte poste mit deiner nächsten Antwort

die Logdatei von AdwCleaner,
die Logdatei von MBAM,
die Logdatei von JRT,
die beiden neuen Logdateien von FRST.

beetleralf · 28.06.2016, 20:34

Code:

ATTFilter

21:27:55.0265 0x2864  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
21:27:55.0265 0x2864  UEFI system
21:28:01.0552 0x2864  ============================================================
21:28:01.0552 0x2864  Current date / time: 2016/06/28 21:28:01.0552
21:28:01.0552 0x2864  SystemInfo:
21:28:01.0552 0x2864  
21:28:01.0552 0x2864  OS Version: 10.0.10586 ServicePack: 0.0
21:28:01.0552 0x2864  Product type: Workstation
21:28:01.0552 0x2864  ComputerName: LAPTOP-SG29RGOV
21:28:01.0552 0x2864  UserName: a
21:28:01.0552 0x2864  Windows directory: C:\WINDOWS
21:28:01.0552 0x2864  System windows directory: C:\WINDOWS
21:28:01.0552 0x2864  Running under WOW64
21:28:01.0552 0x2864  Processor architecture: Intel x64
21:28:01.0552 0x2864  Number of processors: 4
21:28:01.0552 0x2864  Page size: 0x1000
21:28:01.0552 0x2864  Boot type: Normal boot
21:28:01.0552 0x2864  ============================================================
21:28:02.0125 0x2864  KLMD registered as C:\WINDOWS\system32\drivers\67134931.sys
21:28:02.0516 0x2864  System UUID: {E1F3140D-798F-0AFF-E3D1-9ED569558C8E}
21:28:03.0487 0x2864  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:28:03.0501 0x2864  ============================================================
21:28:03.0501 0x2864  \Device\Harddisk0\DR0:
21:28:03.0501 0x2864  GPT partitions:
21:28:03.0502 0x2864  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {D497E45B-16F9-48CB-86FE-2D35630EDB49}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x32000
21:28:03.0502 0x2864  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {2E6997F9-5456-4E05-B84A-D4C6F5590261}, Name: Microsoft reserved partition, StartLBA 0x32800, BlocksNum 0x8000
21:28:03.0502 0x2864  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {8EF12F7E-9974-4327-BA99-D0FC4A41B8D5}, Name: Basic data partition, StartLBA 0x3A800, BlocksNum 0x745D2000
21:28:03.0502 0x2864  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {AB51C9FE-061C-4D0D-98E8-DB0A1543E256}, Name: Basic data partition, StartLBA 0x7460C800, BlocksNum 0xFA000
21:28:03.0502 0x2864  MBR partitions:
21:28:03.0502 0x2864  ============================================================
21:28:03.0540 0x2864  C: <-> \Device\Harddisk0\DR0\Partition3
21:28:03.0540 0x2864  ============================================================
21:28:03.0540 0x2864  Initialize success
21:28:03.0540 0x2864  ============================================================
21:28:08.0808 0x5e08  ============================================================
21:28:08.0808 0x5e08  Scan started
21:28:08.0808 0x5e08  Mode: Manual; 
21:28:08.0808 0x5e08  ============================================================
21:28:08.0808 0x5e08  KSN ping started
21:28:08.0881 0x5e08  KSN ping finished: true
21:28:17.0920 0x5e08  ================ Scan system memory ========================
21:28:17.0920 0x5e08  System memory - ok
21:28:17.0920 0x5e08  ================ Scan services =============================
21:28:18.0067 0x5e08  [ DF1C3D7E6C7929AD83BE22852B5B08CB, 9ECF6211CCD30273A23247E87C31B3A2ACDA623133CEF6E9B3243463C0609C5F ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
21:28:18.0073 0x5e08  1394ohci - ok
21:28:18.0110 0x5e08  [ 2C5B3035B86770ADD2FE9BFBAF5B35A4, 19E16F9144FE3E33B5FF248CF0040AB079ACAE22290B1369CC72AE4CB5FE3A90 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
21:28:18.0113 0x5e08  3ware - ok
21:28:18.0158 0x5e08  [ 469441BAE3FF8A16826FC62C51EF5E18, E1204677B87F47222D05F670F8DF3DB65EA0881782A8DCFBE0103478ED71187C ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
21:28:18.0178 0x5e08  ACPI - ok
21:28:18.0197 0x5e08  [ 7EADED8087C392876521F7EBCE846EF4, 99BF1BD948F97C1ECBC049C7F949B71D73D0B41FB505B2F75B208E655F7DC8A3 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
21:28:18.0200 0x5e08  acpiex - ok
21:28:18.0208 0x5e08  [ C498887123327CDFD73A05E7A2780920, B45392C46254FCB8D79B6C3A82C8D894063199E6167D8E5F7EA7D60C75CD16EA ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
21:28:18.0208 0x5e08  acpipagr - ok
21:28:18.0234 0x5e08  [ C8DBE6EFFCF014CAA010B9BDDAC833EC, 96FC29340C62A6B0910DCCBF8945F32089FC300F45B451A540B8854D53734298 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
21:28:18.0235 0x5e08  AcpiPmi - ok
21:28:18.0243 0x5e08  [ 17039DBEB3B7B9ADCDB4B4533AA9771F, A4D38B144639A20B8B31E4F35FB776A028DB502FAC849FC73EECEB3CCD91830B ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
21:28:18.0243 0x5e08  acpitime - ok
21:28:18.0315 0x5e08  [ 36114214BF8D7C464D1E92E4EB6B2DD3, 8E7CB266D4ABCDF332A3D4D341753811D51B72985E36F24A7E757DCA11A65A2A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:28:18.0317 0x5e08  AdobeARMservice - ok
21:28:18.0420 0x5e08  [ E324D38B6CCF843ED4F6D521908AEE5B, D34DAF5AB7A3C2751C0C3BD3C21E52909E6D182DD202BD3C0B4981535320E64A ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:28:18.0427 0x5e08  AdobeFlashPlayerUpdateSvc - ok
21:28:18.0470 0x5e08  [ F7D0CD345D2DA42E7042ABCD73662403, 03183F90A994D69066F15C3DFC1D7D7514AEAF46A5AAC059B1FB327F8C30A35C ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
21:28:18.0513 0x5e08  ADP80XX - ok
21:28:18.0551 0x5e08  [ 70148EFA9A562E7185B75BBE7D376BF7, 8200E3349A1AFA1040B3D956A17BAF3CDC784A1A3CA396125E7872B36C03D84A ] AFD             C:\WINDOWS\system32\drivers\afd.sys
21:28:18.0572 0x5e08  AFD - ok
21:28:18.0596 0x5e08  [ 870F1A2C936F92B5D053DF7EC75B352F, D617524FD5886D6D3BC2EFBBB5EA310E906454CD7CA7257C3D7BDEA8C4F2DA71 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
21:28:18.0598 0x5e08  agp440 - ok
21:28:18.0621 0x5e08  [ 3DF7751D5DC6525E7DC6617FBB45054F, 8E6D4C809DB3B66E7558C4829E01F5C227EE614AC82F33FD99DCC629770D1BE3 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
21:28:18.0627 0x5e08  ahcache - ok
21:28:18.0658 0x5e08  [ 19707ECBCEA71080A85DB2336580DB39, A09AE69C9DE2F3765417F212453B6927C317A94801AE68FBA6A8E8A7CB16CED7 ] AJRouter        C:\WINDOWS\System32\AJRouter.dll
21:28:18.0659 0x5e08  AJRouter - ok
21:28:18.0680 0x5e08  [ AA91A5E156D0364ABA7B01658C2EB014, F61055D581745023939C741CAB3370074D1416BB5A0BE0BD47642D5A75669E12 ] ALG             C:\WINDOWS\System32\alg.exe
21:28:18.0683 0x5e08  ALG - ok
21:28:18.0741 0x5e08  [ 976966A13B587E2FEB883B516D868B6B, 8E95476EAFF9F75DE2DA85BD791AD8F5BE6EAC933C59DCC41B9F71860CA80868 ] Amazon 1Button App Service c:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonService64.Exe
21:28:18.0749 0x5e08  Amazon 1Button App Service - ok
21:28:18.0766 0x5e08  [ B70F0F2F54B4A4DB6E9C830454752F5A, C882DEAC30812E5FA4479A8CB688603C6AF269EF08236688F4C5E7EBED1D4572 ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
21:28:18.0769 0x5e08  AmdK8 - ok
21:28:18.0800 0x5e08  [ 35E890482C9728DD5C552B85DA8A5AB2, 1E0EB7D902AB4C38E23CAFC0BEA250E7F6E180E8814385B4F29730BFC373A191 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
21:28:18.0803 0x5e08  AmdPPM - ok
21:28:18.0809 0x5e08  [ 5B30BCFE6E02E45D3EE268FF001BC5E0, 9901DB728885CE36911F79998629B2DD42D56AF9633B5277834F498CC59B0346 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
21:28:18.0811 0x5e08  amdsata - ok
21:28:18.0832 0x5e08  [ F20B30F35A5C7888441B4DCA001ECF8E, 695A5BC1F18B65992EB06A202AD3CBFA17228E76DDFD1AE6977FD315724F75C2 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
21:28:18.0839 0x5e08  amdsbs - ok
21:28:18.0857 0x5e08  [ AFE838D7576C581D6483529621AB10CC, 14476A04CC64E7A0F1BBFDACCBD7A87F384BE1877C27656DBB973AF3975D4AE2 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
21:28:18.0859 0x5e08  amdxata - ok
21:28:18.0943 0x5e08  [ 157DA3885AA4F03C80C10DAEB0949CAA, 69EA1C9F904FBDFE904A3BC52CB0E188AF18A93EA87A119E5E6234C6F5D4742E ] AntiVirMailService C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
21:28:18.0963 0x5e08  AntiVirMailService - ok
21:28:18.0996 0x5e08  [ BD65021AB0EC790AECC503C394E61BA4, 51AD9C6F1192A3604902AE4F3B4B791DF1D58EA0B39B12AE4FA38F59E02F6D68 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\Antivirus\sched.exe
21:28:19.0005 0x5e08  AntiVirSchedulerService - ok
21:28:19.0040 0x5e08  [ BD65021AB0EC790AECC503C394E61BA4, 51AD9C6F1192A3604902AE4F3B4B791DF1D58EA0B39B12AE4FA38F59E02F6D68 ] AntiVirService  C:\Program Files (x86)\Avira\Antivirus\avguard.exe
21:28:19.0049 0x5e08  AntiVirService - ok
21:28:19.0112 0x5e08  [ CF586007CB1F9189CDF07D0D5A02C448, 7BA6E27A835A0851C12A7A115C24665631CC77D857DAF32D24BF2D2AF676FE30 ] AntiVirWebService C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
21:28:19.0141 0x5e08  AntiVirWebService - ok
21:28:19.0175 0x5e08  [ EDDB0D726DBECDFC1DBCC6DB464E5A13, 98D128D1E6FA270ED9ADBFE50078F68A794C00D4CBB86E28EC6161FFAD0CA8FF ] AppID           C:\WINDOWS\system32\drivers\appid.sys
21:28:19.0178 0x5e08  AppID - ok
21:28:19.0197 0x5e08  [ 7A55F9237F726D1667073A47B0D1B90F, 7C2D9AA84F1D4CC6C1FAF6848DF9479A534E01029C4387E8C0647745F1E74603 ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
21:28:19.0200 0x5e08  AppIDSvc - ok
21:28:19.0212 0x5e08  [ 56E219DF92BE16F62308F884739BE022, FE189EE8A52BC5A0E6B76C632021F84F60307A182F2A67C0C0C7CAA72DEFC723 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
21:28:19.0215 0x5e08  Appinfo - ok
21:28:19.0323 0x5e08  [ 2D564BB1C4559A517B390A031955714D, 3048C187FD107C958D43DD8B954AB55FDD1BC538D3E0066CBFCB428C7A8A87E1 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:28:19.0325 0x5e08  Apple Mobile Device Service - ok
21:28:19.0353 0x5e08  [ 610499A73DF3599608EBB6B3F9929052, A9CA49C4A39A825916AB3791090BCFC7044FDB6B2C3538E01F0CFBC2A9931152 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
21:28:19.0373 0x5e08  AppReadiness - ok
21:28:19.0463 0x5e08  [ 1CF69EF4E2844F9D297F309CF80122CB, 577428E4A364212AA5E650059C99139B8F9F4952DF228D6150D6B93E7D06AF61 ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
21:28:19.0520 0x5e08  AppXSvc - ok
21:28:19.0552 0x5e08  [ E3FE8F610B1CC12BC3B2E6BC43DC97E2, 0E18542CF2095A9ADA1759AB8F986E78B0A50A3C6B2AD4EACD80A23D832A2C6D ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
21:28:19.0556 0x5e08  arcsas - ok
21:28:19.0568 0x5e08  [ 5E00748A1AD246CAECBBB7553BED36CC, DAD2C93F0894E7BB5E5D8D767D8286A909086B49172C504A01097C3A180998C6 ] AsyncMac        C:\WINDOWS\System32\drivers\asyncmac.sys
21:28:19.0570 0x5e08  AsyncMac - ok
21:28:19.0580 0x5e08  [ 492B99D2E3D5D7BFD5F0AE1BE7BD37DD, A3F6BFC4FDC1933FBF3145019B118689A414108B04F43E2563946B2673C89324 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
21:28:19.0581 0x5e08  atapi - ok
21:28:19.0610 0x5e08  [ 42BF7FA295F453618104B5A50BEE105B, AB44BA2AD2FC5AF3B6BE4489C444C03FD1AB02C22109BF5F39BE459294C4CB18 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
21:28:19.0617 0x5e08  AudioEndpointBuilder - ok
21:28:19.0665 0x5e08  [ 2A2C0983B6FE62F02E7183335B1F5C20, 07845269FE72894D31D3FC927EECE26333AE9A2149A995DA4AE007276B05C647 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
21:28:19.0698 0x5e08  Audiosrv - ok
21:28:19.0729 0x5e08  [ 5CF5E80616F74B769AABCF76FEA791D1, CA56643D41DB4E139FE85098DCD67187AAC126CE2414276364A97334E15F9F53 ] avgntflt        C:\WINDOWS\system32\DRIVERS\avgntflt.sys
21:28:19.0732 0x5e08  avgntflt - ok
21:28:19.0759 0x5e08  [ 8EF22CC03EFA1CB6810003C6A3B287D3, 352FE3194713D86BBD900A74AF033D5FE96A71389CC63DFC4821B43A55837206 ] avipbb          C:\WINDOWS\system32\DRIVERS\avipbb.sys
21:28:19.0763 0x5e08  avipbb - ok
21:28:19.0831 0x5e08  [ 9C57AD1165D9F4866EBA6C18E91A8A14, E75288B3BED90CABAEE01383F8CB68719B67158FEB0FE036668693D237F275CF ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
21:28:19.0837 0x5e08  Avira.ServiceHost - ok
21:28:19.0848 0x5e08  [ 79F7741A773FF194EEC64A8161AE26D5, 3DDEA5FBDCB74A2BACC895A44C8C2A947F09E2649ED61D781E99DD61DBFACA5D ] avkmgr          C:\WINDOWS\system32\DRIVERS\avkmgr.sys
21:28:19.0848 0x5e08  avkmgr - ok
21:28:19.0860 0x5e08  [ 899D89FDF015BBAF628076987D74C295, 7534A10F652FBE559431B9B1C6BC13874E8BC7438D7AFD7553F96811FD3E59BD ] avnetflt        C:\WINDOWS\system32\DRIVERS\avnetflt.sys
21:28:19.0863 0x5e08  avnetflt - ok
21:28:19.0892 0x5e08  [ 7062CE507814D5306DCA5D6A15B7B6B6, 9D60506003A66C2E516B1FCB70CC5B26FB3A9948B95D97C828DD0328E76F2C91 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
21:28:19.0896 0x5e08  AxInstSV - ok
21:28:19.0935 0x5e08  [ 6447BA6FA709514B6C803D159B4C7D1E, 549DDCEAD93DF333F6BBD56A9258A867E4DA219741C00D48C68F8F230A87B11A ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
21:28:19.0954 0x5e08  b06bdrv - ok
21:28:19.0991 0x5e08  [ B4AC08B1D04D0CE085435E5CD0E663C5, 61E641388E5692B2EB351E44BA1DB86B5305DD105EE56865D59072CA9407C8AC ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
21:28:19.0993 0x5e08  BasicDisplay - ok
21:28:20.0007 0x5e08  [ 25B5BB369DEE2BAE4BF459C978FF9035, DBC2157B2AC0BC92B4011CE5E01F2DCDAAE71E37D9D21102503C6455FAAC4DCA ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
21:28:20.0009 0x5e08  BasicRender - ok
21:28:20.0019 0x5e08  [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn           C:\WINDOWS\System32\drivers\bcmfn.sys
21:28:20.0019 0x5e08  bcmfn - ok
21:28:20.0031 0x5e08  [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
21:28:20.0032 0x5e08  bcmfn2 - ok
21:28:20.0068 0x5e08  [ F374C27099807E99A156953F8416D34A, D267B8CD837290F9FC6B4FFD2DB8F54867D808FB155698FC7713BCAB3AE475B5 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
21:28:20.0078 0x5e08  BDESVC - ok
21:28:20.0111 0x5e08  [ 5A88834AEE15D97695FAE0837B73B3E4, 03035FB51DE218B8EDB15129A0376DDED0C7E7B6DA58DD95B12E4E5C8D852ED8 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
21:28:20.0112 0x5e08  Beep - ok
21:28:20.0152 0x5e08  [ 37F5E2385CB4D10AB42186974B9C241A, D38FA2B8CE19AC32056060F04B04D031F1621C07528DEDCCD5A8C01AB0A35995 ] BFE             C:\WINDOWS\System32\bfe.dll
21:28:20.0186 0x5e08  BFE - ok
21:28:20.0240 0x5e08  [ 64582C924C48175D52AED0D0E64AB413, 75DC6BC01D26A4BABEDB8013F0C106780F0991CA63075798C7C24B66022F58E3 ] BITS            C:\WINDOWS\System32\qmgr.dll
21:28:20.0285 0x5e08  BITS - ok
21:28:20.0357 0x5e08  [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
21:28:20.0367 0x5e08  Bonjour Service - ok
21:28:20.0377 0x5e08  [ DA2C6F7ACE392193C424FEA975C5BFFB, 668F91F3E5F8EA170C10823D6959E0EDB32434C51FAA68BEA782EDDF5618690E ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
21:28:20.0380 0x5e08  bowser - ok
21:28:20.0425 0x5e08  [ 4F2621E187382D22045D0BC65B23858E, E6AB3B1EB13446128BA69A4D0B00BCA36625BB656F0056D3D43F3A252F6F09AC ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
21:28:20.0447 0x5e08  BrokerInfrastructure - ok
21:28:20.0475 0x5e08  [ A617BE5E429A035A1CA8217C1B16F0BB, 197EE6C6EB22FF8A626540886F5A2163CC4CB177504C5423856F54BF01EB0FF1 ] Browser         C:\WINDOWS\System32\browser.dll
21:28:20.0479 0x5e08  Browser - ok
21:28:20.0501 0x5e08  [ CAEC7BC11AF69A181AF7932E636E09E4, 503C69045F1E025CBEE2405043BB71CC58478985ECAF6587F73FCB57860F5709 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
21:28:20.0504 0x5e08  BthAvrcpTg - ok
21:28:20.0514 0x5e08  [ 5F2B4B32E986C058525D3BA2A475A16C, CEC5BB0B025DD9525CFBBEDF6EB6F63336534798495A4F95763CE112DF915088 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
21:28:20.0516 0x5e08  BthHFEnum - ok
21:28:20.0527 0x5e08  [ 5406289E8AE2CB52FC408154E0A64BA7, 0A3795F2E6E2B51198452CF69A99159D8E11650E95F41DF0B575CB72F9C6C6B5 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
21:28:20.0529 0x5e08  bthhfhid - ok
21:28:20.0560 0x5e08  [ BAB101E7826BE287F79C4BA721621989, E6DD25C89267FE87253B8226292F2894F5E702075D3B23B09339D3B28744C060 ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
21:28:20.0569 0x5e08  BthHFSrv - ok
21:28:20.0580 0x5e08  [ A76F20CCCA31895A1DA78A875E50F946, ECD4B3670DA5984AA24F4354457B4E45983938A89FF6DB03B556A633B4B37E3C ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
21:28:20.0582 0x5e08  BTHMODEM - ok
21:28:20.0627 0x5e08  [ FFB773E4AA55E4F5FBBB084B41D7A86F, 911ED632DC4A234410D4A87565F55D27BFF2A050669031C868A3F5C6220DCA5A ] BTHPORT         C:\WINDOWS\System32\drivers\BTHport.sys
21:28:20.0661 0x5e08  BTHPORT - ok
21:28:20.0717 0x5e08  [ 7A177E18AA6A6A6365E6351C2BF8EDAE, A35224A20014B1215A6824AE5E17B8869A775EA272EF7F25EAFFA18733F8D09D ] bthserv         C:\WINDOWS\system32\bthserv.dll
21:28:20.0720 0x5e08  bthserv - ok
21:28:20.0730 0x5e08  [ BE265ABFB467BBAC8C73A55AD94F4216, 21186F398D700089397EAE4AC1B1197C7EB592AE0CC5FF5972000957472393CC ] BTHUSB          C:\WINDOWS\System32\drivers\BTHUSB.sys
21:28:20.0732 0x5e08  BTHUSB - ok
21:28:20.0743 0x5e08  [ BF89BDBA5D3A0B4256D3F6FC8D31880D, 940F3BF55B88261C9E9A951A092331559FC5B24FE3BA0F1E1AB3450D2CA364C1 ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
21:28:20.0743 0x5e08  buttonconverter - ok
21:28:20.0773 0x5e08  [ C24C27FDF93B85A4EFCF25F830253AA2, 35C87518BB59663B57C2361A13AD4E57E37392598F1EB9F07F86CA5A6321AF5A ] CapImg          C:\WINDOWS\System32\drivers\capimg.sys
21:28:20.0776 0x5e08  CapImg - ok
21:28:20.0934 0x5e08  [ 41D709EB4211F6F6411F6105FA39518F, C8C95242BDD88B3FA5CBD1F235A80083B025B59FDAF2BA9040E21A8377BA6FA3 ] CCDMonitorService C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
21:28:21.0022 0x5e08  CCDMonitorService - ok
21:28:21.0058 0x5e08  [ 7F9C7226D743B232907ED2537B8A574F, 2211AFC30E8F8FA03020DB48EE14914CD31E50BB6A63FF20AC7C6FA481E72C18 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
21:28:21.0062 0x5e08  cdfs - ok
21:28:21.0087 0x5e08  [ 0A92DC116CFC7F6BE8167DD25CB925CC, 50CAC7BE14FF69B10C029E049F7C441A5572540F027F95F940B185C76C689409 ] CDPSvc          C:\WINDOWS\System32\CDPSvc.dll
21:28:21.0093 0x5e08  CDPSvc - ok
21:28:21.0114 0x5e08  [ 82D97776BF982AA143BDC7DFB5054EA8, 954F56728371E6B3514586DCEAF15C4727BAED6CAFBF788654C4E03BD702942C ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
21:28:21.0119 0x5e08  cdrom - ok
21:28:21.0138 0x5e08  [ 4E9158CECF77A029AB98E8FBB43FCED5, AFF8BDB8F8F8DDF4FC0D65712E031DC360856CD3CE5C8A4C8FF960388F37462F ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
21:28:21.0144 0x5e08  CertPropSvc - ok
21:28:21.0173 0x5e08  [ 0505C1D991D0F9D47F3353BB98597C7E, 3B801CCF4980256327A4A9FBD98007DA1E3ACE9C94E5A4C23AB21303B46E8B5A ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
21:28:21.0175 0x5e08  circlass - ok
21:28:21.0210 0x5e08  [ 8B4B39C507ABA09AAFE8E3932D1B392C, 734700155A658BC08FC96E8F99A01DE7F7251D7DDEFA79D258B2EEB370BA7AA8 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
21:28:21.0219 0x5e08  CLFS - ok
21:28:21.0353 0x5e08  [ 1475C7821E9E919D14817D46C830D28B, 4ACC419736027184278915345BF10CBAAFB93B6F50A789CBC675FA126DAFC1A6 ] ClickToRunSvc   C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
21:28:21.0411 0x5e08  ClickToRunSvc - ok
21:28:21.0461 0x5e08  [ F7526C133AC265F283012E9CD751F873, 6AABDD92FD880F49F63C1CC478C3D8291AF670802CEC58B32730E7675D858D88 ] ClipSVC         C:\WINDOWS\System32\ClipSVC.dll
21:28:21.0485 0x5e08  ClipSVC - ok
21:28:21.0508 0x5e08  [ 95832B049E2833B9F5189823CDF946C7, 72773A42A89220B4A6AC72D1633B16F11191A44D876A44FAB5CEFB717CE3223D ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
21:28:21.0510 0x5e08  CmBatt - ok
21:28:21.0556 0x5e08  [ 3F7C80D9F16B94367646CBF8B8C052F4, 3F33980348E92876CD2A367C31E4B959C92BA6572266B1C75CB0C062095DFCB7 ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
21:28:21.0578 0x5e08  CNG - ok
21:28:21.0594 0x5e08  [ 58D640BC2294C71BDE0953F12D4B432F, 0B3B7659FCB97791A2A1F895C8E6F9078F855C94C13EB47464492588C4B02B85 ] cnghwassist     C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
21:28:21.0595 0x5e08  cnghwassist - ok
21:28:21.0638 0x5e08  [ 14F9883588398A1BDE49C75098C75DE6, D9D82DE89FAFE60BC902683BC44C7555533A030150FD5E5A35A24542FACC5CAD ] CompositeBus    C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_912dfdedc3d2f520\CompositeBus.sys
21:28:21.0640 0x5e08  CompositeBus - ok
21:28:21.0644 0x5e08  COMSysApp - ok
21:28:21.0666 0x5e08  [ 02B8E49148DE5E0A2F6FDF28CE94A6AC, EEA405823F441CA604BEAA44EB71A1D20BC80E124FF7B27380D0201AAF2E0849 ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
21:28:21.0668 0x5e08  condrv - ok
21:28:21.0710 0x5e08  [ 86BE19C6A177AEB93302EA5C4FBE2D11, 5404AB84D270549B1A46574EBDC857525F71B117BE3BA0098FA0A696E56D5C39 ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
21:28:21.0733 0x5e08  CoreMessagingRegistrar - ok
21:28:21.0825 0x5e08  [ 700A193A1555B083E3A08F5D3A844925, 974F7F0C78289EFE821407E418EB65A022D6445DED8EA112B9866784AF0221EE ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
21:28:21.0832 0x5e08  cphs - ok
21:28:21.0851 0x5e08  [ 9E79A2208A9ED205A7383CBC92C28053, 2E6599DF30DF19BD7BE6FEF1B21FED7F349A3F2306CC5CFDB767ABA7283E8A55 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
21:28:21.0854 0x5e08  CryptSvc - ok
21:28:21.0881 0x5e08  [ 2619DC483579DB9FE804044C1ADFFD1A, 23A5420288735A980917091532BE7BB36EB51660AA4555C615AF736357EB02EC ] dam             C:\WINDOWS\system32\drivers\dam.sys
21:28:21.0883 0x5e08  dam - ok
21:28:21.0944 0x5e08  [ B339861C6A2A86FBCA67C2006B461473, 228ADC8A8603C0A4342C6CBC6F2CC919271D42391365061AF660E0D7151C66A4 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
21:28:21.0963 0x5e08  DcomLaunch - ok
21:28:21.0985 0x5e08  [ 620921E77351FB651632322AD2C195C4, 5A98971995D7A2B5AE6BEA69344FCC6687B582FEF74BDA206D32FB2E6CEB0478 ] DcpSvc          C:\WINDOWS\system32\dcpsvc.dll
21:28:21.0990 0x5e08  DcpSvc - ok
21:28:22.0028 0x5e08  [ 6129EA4294C5C69E4665801E95B16AB2, CE419186CF0F57434426FF925A09F13BE87639679CBB5F2074B0E1A243349D27 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
21:28:22.0070 0x5e08  defragsvc - ok
21:28:22.0125 0x5e08  [ D12B9B6A6C4885824876422AACC89954, 5853ED5CAF84B7AAFF3EDC5C71FE23EB121DB681D81267D77118424BA9AB6F88 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
21:28:22.0136 0x5e08  DeviceAssociationService - ok
21:28:22.0175 0x5e08  [ 15BA68662CED4B0618010A54478E18E5, 1B913BFA7AA11F3A82D80E95FC4857B810D341F9E68545710F90EBE44DAC1DF8 ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
21:28:22.0180 0x5e08  DeviceInstall - ok
21:28:22.0193 0x5e08  [ 5BF8BD9B19D665452494C8D56DF4B28D, E5FC649207EF42C04B6737D442FECD3383E82F8998B140319FF400773F1D0978 ] DevQueryBroker  C:\WINDOWS\system32\DevQueryBroker.dll
21:28:22.0195 0x5e08  DevQueryBroker - ok
21:28:22.0222 0x5e08  [ 935823F79CBEDB91637B63D37E3A5A36, BE9A46F1CA631B9252C71758901D55456DC3C143053003D9FA7D67811A1E5026 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
21:28:22.0227 0x5e08  Dfsc - ok
21:28:22.0265 0x5e08  [ D461D2BECEFA661291EB1B748A8D2CCB, 7275859FCDE58DE6C0C683AFDAD910EB4602336CC724EEE42495A8839213469D ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
21:28:22.0274 0x5e08  Dhcp - ok
21:28:22.0344 0x5e08  [ 9F5AC03F5A0000DD96FA29CD68A6605B, 6964E077635E65DA902CA6C69E704A9DCD5856D22BA75E1CF823E63E62266AF7 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
21:28:22.0345 0x5e08  diagnosticshub.standardcollector.service - ok
21:28:22.0412 0x5e08  [ 15D174719872A30F2FDD6B5B1B8BA5D9, B0E6FF6FC47B731C204F110D4B768231906B144B31F602ECE8EAC24D70BA880D ] DiagTrack       C:\WINDOWS\system32\diagtrack.dll
21:28:22.0468 0x5e08  DiagTrack - ok
21:28:22.0548 0x5e08  [ E0707D9C2431733712CE1A5FD17A4D26, D3E52484B2BF34C5AF61CEEA5ACF4AD5797F681E81B0788D19E3ACA795520B36 ] DigitalWave.Update.Service C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
21:28:22.0557 0x5e08  DigitalWave.Update.Service - ok
21:28:22.0585 0x5e08  [ 4904B152E4942BF700F2D73228B4D477, 0E5646DCA05A24C71F057C9F9F64AE992D338DA72DF3126175C2FA178854C30F ] disk            C:\WINDOWS\system32\drivers\disk.sys
21:28:22.0588 0x5e08  disk - ok
21:28:22.0611 0x5e08  [ E32F15E26724F3BB6423FB29FF3E2A8F, E8CF9829D2A74F4423424F8D169E726B88F50734F0B1ADC735691C37C9F32DAA ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
21:28:22.0620 0x5e08  DmEnrollmentSvc - ok
21:28:22.0634 0x5e08  [ 0197AE4B9790A4E73751CACFAA480126, 86BBB398F1A93754B2C329271F13A88FD2F285F30225C38F068F565CCA14EB9F ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
21:28:22.0635 0x5e08  dmvsc - ok
21:28:22.0660 0x5e08  [ 5EF8EC71A7A91F3DF7798BEFE6786B0E, A3A56B43C72926881C66B7A17C9EAA35C2D9603C8D3849438838536BCD3F4633 ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
21:28:22.0662 0x5e08  dmwappushservice - ok
21:28:22.0703 0x5e08  [ 5839A317C25F70979433E0905DFABB1B, 7F1CD50C77A33A10259D8A208A355BE7ECAFEA69F810AD908EF8878A792741AF ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
21:28:22.0711 0x5e08  Dnscache - ok
21:28:22.0730 0x5e08  [ 1B15297A3A2CAB6BD586676154F389D8, 623D5F5FC8622B7D9AEEEB1787E6846C1570F0EEF94341239440B616D09D672A ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
21:28:22.0737 0x5e08  dot3svc - ok
21:28:22.0769 0x5e08  [ 316C2D8B8E3C0727969F1C3790EF7193, 631F8578FDB26578C8436E4B9C4DF21E1F58FCFE6DA66E5769AAC3739005D465 ] DPS             C:\WINDOWS\system32\dps.dll
21:28:22.0774 0x5e08  DPS - ok
21:28:22.0794 0x5e08  [ 25FA06D3B49D6ADF8E874FFCDCD76B50, 9AF09B96ED79D94EA36581ABE6CC73313A72891779774B15860D018BEA2BBA0F ] drmkaud         C:\WINDOWS\System32\drivers\drmkaud.sys
21:28:22.0796 0x5e08  drmkaud - ok
21:28:22.0832 0x5e08  [ 16EE6701115BECF8C657D9D6E123F6A1, 16E115B5245C3C988F8B58B90D30F183021C7C7792D3D1C74BEC606E49672B2A ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
21:28:22.0838 0x5e08  DsmSvc - ok
21:28:22.0863 0x5e08  [ FBC8C56814642A7CA88ACBCA8DD1121F, 108690704A359991C3D6577477E232F5F2F46B36DF6B4B0738A893EF05D7D4EB ] DsSvc           C:\WINDOWS\System32\DsSvc.dll
21:28:22.0868 0x5e08  DsSvc - ok
21:28:22.0942 0x5e08  [ 8B83335B6A86F39785FC7C9DE5F5B29F, 2B9D6BB75E0AB6408C685EBB2CEC6291D7B1F41486E30CAB1EC132C83455CE3D ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
21:28:23.0009 0x5e08  DXGKrnl - ok
21:28:23.0041 0x5e08  [ 0CDF6B61D7F7FFCD195AF0113B9B2C16, 828D3FA31742B54075EAED2E67BBB5166D2EF4F84B791077E96DC0BD5557F11E ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
21:28:23.0045 0x5e08  Eaphost - ok
21:28:23.0167 0x5e08  [ 491275B864B704B54EC08168344E0F38, B4849400C3F819CF7809A2001EA2ECB527022483F7DFE31C3930F951EAFE50CE ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
21:28:23.0268 0x5e08  ebdrv - ok
21:28:23.0299 0x5e08  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] EFS             C:\WINDOWS\System32\lsass.exe
21:28:23.0302 0x5e08  EFS - ok
21:28:23.0332 0x5e08  [ CEF108FCE06892CFA5F1B49527D4BF49, FA337584024B6E6EE4AF519F57FFA4C0FCA19EDC148FF309336C4CCA8F9C9CE8 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
21:28:23.0335 0x5e08  EhStorClass - ok
21:28:23.0354 0x5e08  [ 5B1EAAE3001A7A320C106FC3859F4111, 700BA2C7D4DFAFFEB78D3804B310A4EE5B4295C84600442665693FF661673951 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
21:28:23.0357 0x5e08  EhStorTcgDrv - ok
21:28:23.0386 0x5e08  [ E34DEFC09F2843C2C24C2248F1ABE6D8, 1FD67EB5820A1D2F4402DE9D95DE288DB69D421A8473074FF23491D7CA8B5ACE ] embeddedmode    C:\WINDOWS\System32\embeddedmodesvc.dll
21:28:23.0396 0x5e08  embeddedmode - ok
21:28:23.0441 0x5e08  [ 062152DD5B225518A991DFCD8536770C, 5C8EF4E0C7DE3B24387FF239A8D0CDA39C2376826F16EAFF09739A6C7EDA01E0 ] EntAppSvc       C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
21:28:23.0450 0x5e08  EntAppSvc - ok
21:28:23.0612 0x5e08  [ B17FB7318D7CB8E315309F7484461369, 5D9E6464EDF3D8DA6D9CB2649E923B9DB1B0AA4EBF48A7E9CD64F8C9EAF9E56F ] ePowerSvc       C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
21:28:23.0690 0x5e08  ePowerSvc - ok
21:28:23.0709 0x5e08  [ 7A2705148A4BB3CA255F81624338B461, 68AC8F8D2DD8AA4E8F2224A0054DE2AF67EA199217E87CD3C7299B021048F14F ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
21:28:23.0710 0x5e08  ErrDev - ok
21:28:23.0736 0x5e08  [ 3B32CAA07D672F8A2E0DF5CB3A873F45, 09687E30FA5779C3593769D66CAEBED95C932746EDD6E83DABE3DCFD126AB5EC ] EsgScanner      C:\WINDOWS\system32\DRIVERS\EsgScanner.sys
21:28:23.0737 0x5e08  EsgScanner - ok
21:28:23.0764 0x5e08  [ DE746B8A003484E68ACF0F0FD9E177A1, 2FF895EF39FD923A390E851E4C34D10A4C067318C2D67CDA253C8BD440DCA0C8 ] ETDI2C          C:\WINDOWS\system32\DRIVERS\ETDI2C.sys
21:28:23.0769 0x5e08  ETDI2C - ok
21:28:23.0819 0x5e08  [ 17BE4A35829B37C742084DC02D48E5F0, 7FDA62B56DF585C3F2C6FFB10AC7C0D8F70FA921C4DEA47B2789745CFE2618CE ] EventSystem     C:\WINDOWS\system32\es.dll
21:28:23.0829 0x5e08  EventSystem - ok
21:28:23.0905 0x5e08  [ 8828725F79A93611CB4AB80B65DEC4F9, C208641DAD2EEBB07BAC489352CED7D6B3C7574836DD9D3158BB58089185C7C0 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
21:28:23.0928 0x5e08  EvtEng - ok
21:28:23.0964 0x5e08  [ DFE8A33FBCF6F38182631A4D6097B92D, F9D06780830E74FD5309E6DC5C3EEDB9334A8AE284F381FA91EF2729297F8632 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
21:28:23.0971 0x5e08  exfat - ok
21:28:23.0998 0x5e08  [ C330883C06E2D4CE4F6982F048265D37, 26044DE176056B7F5BF2A50A659243CFD7F25CFEE035B3A3C3165B3699872926 ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
21:28:24.0006 0x5e08  fastfat - ok
21:28:24.0049 0x5e08  [ 952F10D2116B91BA433842D07879AE7A, 9E1EC0C719877EF198AA4DDBE896E9DDEAD360AAC1FC6DF305E7C5C73C7A761D ] Fax             C:\WINDOWS\system32\fxssvc.exe
21:28:24.0072 0x5e08  Fax - ok
21:28:24.0087 0x5e08  [ 9D299AE86D671488926126A84DF77BFD, C076EEDD0524B7D88BC56C97089E0A836CC1AD725E1A544CC4F8DDBB6670C366 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
21:28:24.0089 0x5e08  fdc - ok
21:28:24.0118 0x5e08  [ 47D09B8C312658ACE433E46DDF51C3A5, E76948DA0F51C7DC6D69B7E36D63CE6E98FDE619FA30E91637F75B5084107D22 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
21:28:24.0120 0x5e08  fdPHost - ok
21:28:24.0130 0x5e08  [ 177AC945B20C81400A1525ED7B49A425, FD215A2E718EA38A95D985F53AB3DD44B50C2549AA67F44BA98C4709E492051F ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
21:28:24.0132 0x5e08  FDResPub - ok
21:28:24.0187 0x5e08  [ 3E78BEC276DA5A062E4D55F3291B3463, 62983457F506C70D1F89F527AB61C1C0F4D1B002631256A2708F9AF092A8C95E ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
21:28:24.0191 0x5e08  fhsvc - ok
21:28:24.0207 0x5e08  [ 8F2523C9D8F1448FF2156452AF60FA00, 1D39CA54F5F1E62385D9EC041F9445BDDCB63740859B9418AE904FDF3D8388ED ] FileCrypt       C:\WINDOWS\system32\drivers\filecrypt.sys
21:28:24.0209 0x5e08  FileCrypt - ok
21:28:24.0232 0x5e08  [ 92ECCFA58C8195B8EA33ED942469D4E6, 8DB12E8CF80ECA22182F9A1F4CA922336A430297F1F596F204ECF4D9D19F30D9 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
21:28:24.0235 0x5e08  FileInfo - ok
21:28:24.0244 0x5e08  [ 87C51FDD50C17882BA93E28BBABB9847, 8987D80FB77D1D3F9E89B491B1287B027DA26FFC4E4BA7B01E07D4D4FC69E236 ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
21:28:24.0246 0x5e08  Filetrace - ok
21:28:24.0433 0x5e08  [ 494F167530B08FBB0BF0924242FDD071, D1AC16908B189FCB0BCE0154BD56F958E87C6ACB757FC5918B1690214DEAB6F4 ] Fitbit Connect  C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe
21:28:24.0614 0x5e08  Fitbit Connect - ok
21:28:24.0632 0x5e08  [ E99261DD76D1C9E05AF575939CAE5AC5, A789724FD2E22AFB2F921836F5C19A21D17F4BBD604771E2908C2651BD31989C ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
21:28:24.0633 0x5e08  flpydisk - ok
21:28:24.0668 0x5e08  [ 25D7A58625E1453E40D36825DE74E4F1, 74119803D35E3C3CC349B44C6CD9EDF6B797F88584B847F0BF9EED542719B86B ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
21:28:24.0676 0x5e08  FltMgr - ok
21:28:24.0749 0x5e08  [ 4387DE200BF8DD0E2EE828E655434B9A, 9148D65E54663EEC139E754091F47ABF439A637BEA83F600D30736522DAA845D ] FontCache       C:\WINDOWS\system32\FntCache.dll
21:28:24.0817 0x5e08  FontCache - ok
21:28:24.0901 0x5e08  [ E79DAC43A5E191FC4DDB04197A704BFA, 2FA6C8B5B2DFE66C05828E3F55DFD6268A8210E9BD083F2D09367AD59AF1C6C1 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:28:24.0903 0x5e08  FontCache3.0.0.0 - ok
21:28:24.0920 0x5e08  [ B4175E8BE60B099686FF55CA7D692316, 3158FC5B4D1A2F1FC1346754392AE24AE58999B9061B1CE78A65E785BFFADD52 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
21:28:24.0923 0x5e08  FsDepends - ok
21:28:24.0940 0x5e08  [ CC71372CEB811A72F1DC99089C5CBF53, BB9DDE74D60E534A6F8A51B63DDBB441245F06A00A0AFD37DBBE86255690946D ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
21:28:24.0941 0x5e08  Fs_Rec - ok
21:28:24.0981 0x5e08  [ 50DFE05C698E9B0A63D95E3D669A105C, 3A7D5AE4A01B90C2ECF22AD2783A84C2329EAB9BACFA5237A7DCC3DC5995A864 ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
21:28:25.0004 0x5e08  fvevol - ok
21:28:25.0031 0x5e08  [ B9981A4CB9F728B3312A3885BFAA7204, 12FB2EB2E5D2A912769823DD9C1B33DB358CD0B7FBFC788529EF83DD584334F8 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
21:28:25.0034 0x5e08  gagp30kx - ok
21:28:25.0078 0x5e08  [ D32DCD05E383D673F31FEB4442A52AA5, D0B529ACD196A8B50172584569CC7FB5D98F2CCC51C4EA141603F5ECCA084501 ] GamesAppIntegrationService C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
21:28:25.0087 0x5e08  GamesAppIntegrationService - ok
21:28:25.0107 0x5e08  [ C23410A44ADDF0E1A9B4BA42A5DD5EA7, 384382D16D09A17E29D8348E1CF8DD7E377607DB3472AB8888EF8E83671B772C ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
21:28:25.0114 0x5e08  GamesAppService - ok
21:28:25.0140 0x5e08  [ 77555B11B264991DDC26872FFCF1AB97, D5F230EEF74EB869F771F8A4AB19C1E6C845BB0EF4A1234882EBDA4FDC431E44 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
21:28:25.0141 0x5e08  gencounter - ok
21:28:25.0150 0x5e08  [ F3AC9652D88BF87BA6596CBEA28CE10F, 115F3C0A5B9903B17ADEA80E1825FE927B7361F5BDDF80CE3685EF2D327EDF4F ] genericusbfn    C:\WINDOWS\System32\drivers\genericusbfn.sys
21:28:25.0151 0x5e08  genericusbfn - ok
21:28:25.0231 0x5e08  [ 171CCFEB86294AFAA3609DB3899A841E, 0C2162A2D4A276182E922BBEF195CB936ABCBE6729C535CA23CDA9DAD0DDF491 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
21:28:25.0254 0x5e08  GfExperienceService - ok
21:28:25.0278 0x5e08  [ F802FBABF0C4DF1BAA733187B2E476F5, E2533284CEBBB872196B013DD1FBBCA794DB1CAAA37D64849BD9264ECDD2CEE6 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
21:28:25.0282 0x5e08  GPIOClx0101 - ok
21:28:25.0338 0x5e08  [ B89C353AFC8F56D961D07FF1FE7B4BCD, C4491A1E33E0151AF3D7589769D4DCFABC68518A22393A7584FB573B47643B2F ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
21:28:25.0384 0x5e08  gpsvc - ok
21:28:25.0412 0x5e08  [ D011B0ADB15F4815310CE1BF4780B33E, 3860630917F83A89FE7A6407CC544505FA4BD754619CF273DD630ABFBAAE42EE ] GpuEnergyDrv    C:\WINDOWS\system32\drivers\gpuenergydrv.sys
21:28:25.0413 0x5e08  GpuEnergyDrv - ok
21:28:25.0444 0x5e08  [ 84BC034B6BB763733C1949B7B9BAF976, 18C2C0F15BAFA46197F0BB629C4F585D893C2A78324CA198F88A04527D524F23 ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
21:28:25.0446 0x5e08  HDAudBus - ok
21:28:25.0457 0x5e08  [ 6B8CB114B8E64C0636EB49F7B914D1FC, 1AD7A43CC5CD99DCEF60C61242B6843D4AD925CE93BA5D75CD8395C7125EF5A7 ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
21:28:25.0458 0x5e08  HidBatt - ok
21:28:25.0473 0x5e08  [ D1AD197CCDAAC0CB4819DA1D6EB17BAE, C370F974D0A1F7B60F47EAFF57B6CCABE82913187F8BFEE169B8237AE91247B1 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
21:28:25.0477 0x5e08  HidBth - ok
21:28:25.0494 0x5e08  [ 64909DECCFCC6FB5D9A5BAFDCCB31FEE, E19C91FD8D5102A8C4F6C6FF70CA058BB272FEC1B6E9CBA3A473C49948E6AC7E ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
21:28:25.0496 0x5e08  hidi2c - ok
21:28:25.0511 0x5e08  [ F510F7B7BF61DEAAC04E65C3B65E8D59, 11566086B06FB08B6A179E3068E022DA381C762DC8962D1E1D63DC646DD4D301 ] hidinterrupt    C:\WINDOWS\System32\drivers\hidinterrupt.sys
21:28:25.0513 0x5e08  hidinterrupt - ok
21:28:25.0530 0x5e08  [ 90F3ED42D423C942BA5EA54E2FFE7AC7, BF7DE0C8141CD20A6235657BA897A019ABEFF6A01AA3FB202C73C33433CDEAF8 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
21:28:25.0532 0x5e08  HidIr - ok
21:28:25.0557 0x5e08  [ 46DE2EF6382DD9613CB506760648F262, 419555220794380134A64E1956B83B2FD1D1B6E403C5FC729A9107E14A12E968 ] hidserv         C:\WINDOWS\system32\hidserv.dll
21:28:25.0559 0x5e08  hidserv - ok
21:28:25.0587 0x5e08  [ 128DEDDD61915DBA4D451D91D21F0513, 961A0DDA02B0879989300C15E4FF9022882A4CD895D65335C263AC0DD1918314 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
21:28:25.0589 0x5e08  HidUsb - ok
21:28:25.0621 0x5e08  [ 7CEC266216126BC9A0E1072E1A7E5702, 6B2C0768C8F2590E65B9520D266C07D1A9D89B9E185CC359B0453F399836759F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
21:28:25.0631 0x5e08  HomeGroupListener - ok
21:28:25.0666 0x5e08  [ E2145534FB853921788F52701BED0CAB, DF71F842772FAC21DD8994C97F578A78AC43D06C5F26F752FB69B47DFE3BB112 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
21:28:25.0686 0x5e08  HomeGroupProvider - ok
21:28:25.0714 0x5e08  [ FF442DCDCE1F6E9FAA9C8AD0CD1D199B, A239414E97B310C9545995B0E723B5E792B08D71F651450EB006AD4D1765E4F7 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
21:28:25.0717 0x5e08  HpSAMD - ok
21:28:25.0771 0x5e08  [ 63C3F74DC398A1C1A77E39DFB9C312CA, 283A13899838B4313BFBC406E832042696C549640A1AB11E23C0B9E499289836 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
21:28:25.0805 0x5e08  HTTP - ok
21:28:25.0835 0x5e08  [ CBA5E88A0F0475B7F49653BB72150BEF, 0F03560D9C30E069D117A555AEE729C81E6BCAE443FA25172D0E9E6903695C67 ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
21:28:25.0836 0x5e08  hwpolicy - ok
21:28:25.0860 0x5e08  [ D668FAB4B0397B426EE3D41683B9A1C0, 66F3E3B2ABC3C9B25A0DADBF09818547ED301230374AC5302B4794629A95DDF8 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
21:28:25.0861 0x5e08  hyperkbd - ok
21:28:25.0876 0x5e08  [ 53FDD9E69189E546DE4740F8C4D8AB2F, 45ED5B229ED5FD0CEE8BF52EFF88FD8B1889BF348ED7187926F290B3AD48A76D ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
21:28:25.0879 0x5e08  i8042prt - ok
21:28:25.0894 0x5e08  [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c           C:\WINDOWS\System32\drivers\iai2c.sys
21:28:25.0896 0x5e08  iai2c - ok
21:28:25.0903 0x5e08  [ 59A20F5AD9F4AE54098154359519408E, E27B7389C9D123CDDA4EC9CBDB06C4AA5000012391F940EE1492419B593608FE ] iaLPSS2i_I2C    C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
21:28:25.0908 0x5e08  iaLPSS2i_I2C - ok
21:28:25.0917 0x5e08  [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
21:28:25.0918 0x5e08  iaLPSSi_GPIO - ok
21:28:25.0937 0x5e08  [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
21:28:25.0940 0x5e08  iaLPSSi_I2C - ok
21:28:25.0968 0x5e08  [ 6B0029A0253098CCE28EACCFDB9E7208, E33AD69644E1683A971DA1169B704FBCFD9F715E9550816058E420BB5DE4D946 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
21:28:25.0991 0x5e08  iaStorAV - ok
21:28:26.0017 0x5e08  [ 9652E1E35A92D8C75710C17A63B15796, 72F8C4A49B874226DEE9B7C9704F0E0A98DAA2DF4EAE2F2258E8324ACBD242E4 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
21:28:26.0027 0x5e08  iaStorV - ok
21:28:26.0040 0x5e08  [ FFADF691F7BF727AF5C863454A372723, FCF5A5595E8C9C937BE9F1C3AB5D9BD0EFE82DE1298D12085E0CCD84A186D2F2 ] ibbus           C:\WINDOWS\System32\drivers\ibbus.sys
21:28:26.0050 0x5e08  ibbus - ok
21:28:26.0104 0x5e08  [ 880547396E5EE06799EBE046B0E18391, 80DA25EA98DCC6C4598DE249D423A8901C310A65093014F67A8EDECA4D962FC3 ] ibtsiva         C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe
21:28:26.0109 0x5e08  ibtsiva - ok
21:28:26.0147 0x5e08  [ 6F477FB2256293B976A71ADCC38A8FDA, 694073301CA43FD9CC9E98AD3F4C809EC4D2DB8A3D26EA2C2380BAD60F013011 ] ibtusb          C:\WINDOWS\system32\DRIVERS\ibtusb.sys
21:28:26.0168 0x5e08  ibtusb - ok
21:28:26.0234 0x5e08  [ 57C88C15CEC97318F580D7F4327AAA46, FD3AD83576804DA819F48E3E198FE470420E730F6118AD0E719A91E67C80D3FE ] icssvc          C:\WINDOWS\System32\tetheringservice.dll
21:28:26.0240 0x5e08  icssvc - ok
21:28:26.0244 0x5e08  IEEtwCollectorService - ok
21:28:26.0451 0x5e08  [ 548712979B0BA12ECE2D8549797593D4, 6809412A76DE30C914A65BB8546E436AD540E00610D5D13FDE486C4446E95C24 ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
21:28:26.0625 0x5e08  igfx - ok
21:28:26.0666 0x5e08  [ BA1BA1C9E40BCEB88678747C1E7C256F, C85CC690D353FCEBFD243304C25EEAA2BC13DB1E2A4C8C65371F455511540959 ] igfxCUIService2.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
21:28:26.0675 0x5e08  igfxCUIService2.0.0.0 - ok
21:28:26.0730 0x5e08  [ 95A03F67830FDCB950E70261128D540D, D052CB703500E2871CF51E015E444F2A99FA9A7579AC422104F0E411F6107BD0 ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
21:28:26.0764 0x5e08  IKEEXT - ok
21:28:26.0815 0x5e08  [ E9857F4C30CCD4FEECF2B33EF3D6DCDB, 9613CE083EA7AD507ACA8DED5EF5BF20E39BD5C442BC855DFC9FE323F4F516CA ] IMFFilter       C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\IMFFilter.sys
21:28:26.0816 0x5e08  IMFFilter - ok
21:28:26.0875 0x5e08  [ 99A0A16D16B9EE9AA503B433847DCC99, EF79AC91105BBCEAAA7864EF7992A3813B80194C62803F238905EF832DA0F64D ] IMFservice      C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
21:28:26.0906 0x5e08  IMFservice - ok
21:28:27.0069 0x5e08  [ D172E06EFE08DF148155A59DB716C1B6, F059B0B37C5E944D70626E9F029BC6311029E0A9D778C9C75DDDDC59A5AF1605 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
21:28:27.0202 0x5e08  IntcAzAudAddService - ok
21:28:27.0240 0x5e08  [ 907C8FE6894710604AD1F1F92324A7D6, F210D74B94BA55E0222C497F5C91EF4F95E346A46A1BF968404B62BEA8EA3035 ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
21:28:27.0251 0x5e08  IntcDAud - ok
21:28:27.0304 0x5e08  [ B63CF22D1AD2ABDC39D85851B2BEAA6D, 37E9043BABB5895BFD2B59AFB60C438B992C6EAA1B5FDE5B3445314343F4C406 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
21:28:27.0339 0x5e08  Intel(R) Capability Licensing Service TCP IP Interface - ok
21:28:27.0373 0x5e08  [ 8213094EA736A9C575AB0E22AD09B0BA, 12670A466B5AA37283BD4CB481D000DE3AE2A8D1BD159F67A41703A6FE5675EC ] Intel(R) Security Assist C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
21:28:27.0380 0x5e08  Intel(R) Security Assist - ok
21:28:27.0397 0x5e08  [ ECDB27420D3A98424666904525A8562A, BDA98C3C95F2AD79945EF8213D5C65064052C09C82DD36F0D6724E1D21DCC30A ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
21:28:27.0398 0x5e08  intelide - ok
21:28:27.0409 0x5e08  [ 8FF1978643EFD219C5BA49690191D701, 6FD78A8490107C80090D7125644B8C910855374BE1373D1D6B199307C79680BA ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
21:28:27.0411 0x5e08  intelpep - ok
21:28:27.0430 0x5e08  [ B61B60F36E1C8022FA8166ABF0F66B07, 23161F1DA51D44D936329E62DF4C2DAEE3DDD4B3D62CC501A888C0E149788968 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
21:28:27.0434 0x5e08  intelppm - ok
21:28:27.0449 0x5e08  [ CA0D42029AFFC4514D295E1EF823D02D, F2A05CB2B2E8C843FD02DC37E86F23CF928A4B2F9044424A60DE4E82B87DF5C3 ] IoQos           C:\WINDOWS\system32\drivers\ioqos.sys
21:28:27.0450 0x5e08  IoQos - ok
21:28:27.0484 0x5e08  [ 6E3F9D95235DFC9417384080A216F310, 6F13D72661038A91CFABB360621F4B169D78955C3EAD64956A7C825ABAEC5121 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
21:28:27.0487 0x5e08  IpFilterDriver - ok
21:28:27.0543 0x5e08  [ 5AAB28A6AC2AAC9F66D4EAB6695D0474, BDAB1D04989788EA945C7FE0DE962F0FEC672D9703C271F8469822A91D7462B9 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
21:28:27.0588 0x5e08  iphlpsvc - ok
21:28:27.0602 0x5e08  [ 4F527ECB5EAB47D8EAF34A469666C469, 8FFBEEF42515B6A7758BE579ED69E3911856CBF7710D9785011332C5E3DFE495 ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
21:28:27.0604 0x5e08  IPMIDRV - ok
21:28:27.0620 0x5e08  [ 9E5E8F2A1996F23B7E9687846AA81B01, 29E59384A4F92B3B4F2974942C91A12380113C13D3800900B5F44E2355D05455 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
21:28:27.0625 0x5e08  IPNAT - ok
21:28:27.0674 0x5e08  [ B066C46E4B638B849245E35A5703AF80, 738A2A76A68721DCA5004DFF381EF2F032A7E309454294E4ABDFF5141BAC9337 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
21:28:27.0687 0x5e08  iPod Service - ok
21:28:27.0697 0x5e08  [ C317EB660138BC9CBFE37CCDE56351AE, F3AF6C573419D7F65C96A4841D4F056CA281CD5AFACDC7A5F586A390DC6E615B ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
21:28:27.0698 0x5e08  IRENUM - ok
21:28:27.0706 0x5e08  [ 1DFC3CCA51785254C5604238BB1A5467, 31451A90A91AEE14C6B24F84CB9816E5C77179D411B8B3E8547F538235BEEFB0 ] isaHelperSvc    C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
21:28:27.0707 0x5e08  isaHelperSvc - ok
21:28:27.0735 0x5e08  [ 531994A6D9399D9B74BE12B5BB58A81E, 6D5CF540C777F4828E1D4C5FE58EE41E6C2F5F399C554DC85F19D1E52229B094 ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
21:28:27.0736 0x5e08  isapnp - ok
21:28:27.0751 0x5e08  [ 68D5354A4A9692EEC24664C60F47D4A2, 92124E98B6E286B6127DC6D0BFACC9C6D293D58EAE2B47B45532714CE6A6D0CD ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
21:28:27.0758 0x5e08  iScsiPrt - ok
21:28:27.0791 0x5e08  [ 832F7C2747F04D1294AEF46A2CE5B63B, ABAECEFCAD9B526C3D98681A874966B924EB99AF61CDFAC6D5E767BE2FAF6CFA ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
21:28:27.0796 0x5e08  jhi_service - ok
21:28:27.0808 0x5e08  [ 701D7DB13B0815E7076EF4CB4CE981F8, 02585661656C0069AC318B82DE83DAC660451A0B970FDBCA0F7A8B4CBF7D93A9 ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
21:28:27.0810 0x5e08  kbdclass - ok
21:28:27.0830 0x5e08  [ 884EBBDDBF5968003B40185BD96FF0E6, E3934D0FF0BEDDF5526AF529F7D15BA8BE479383894975B1AF1A1818C394A6E3 ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
21:28:27.0830 0x5e08  kbdhid - ok
21:28:27.0849 0x5e08  [ 6B3A0C7902811E6372643447E41F7048, 30667B56A306CFD5D15BC46F8E7D9E167612E71B6C8F554406E706A6330F5B94 ] kdnic           C:\WINDOWS\System32\drivers\kdnic.sys
21:28:27.0850 0x5e08  kdnic - ok
21:28:27.0860 0x5e08  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] KeyIso          C:\WINDOWS\system32\lsass.exe
21:28:27.0863 0x5e08  KeyIso - ok
21:28:27.0875 0x5e08  [ 982C795DE20CED7AEDD2E7899B5D9BC1, 9F4E7536DB253CD83AA2AB89E9F3311714CD70F13AFD16F9B4D4CD86A70FC164 ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
21:28:27.0879 0x5e08  KSecDD - ok
21:28:27.0906 0x5e08  [ 425CFD45BDF5B9F8B790BEB20E0A8721, 0AB57F9C450A53308B41C8C884E92AACF643A74056F14E3D6C49BE2C61614879 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
21:28:27.0909 0x5e08  KSecPkg - ok
21:28:27.0937 0x5e08  [ E9BB0023D730701BB5D9839B44F5E6B5, 19D4BAC09424D331922472CFD2D0E32BEFA9188A6AF194C8D1F93FD77CE36691 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
21:28:27.0938 0x5e08  ksthunk - ok
21:28:27.0968 0x5e08  [ 71DE1AD9B23661EEC4F2A6EAA5A7D33D, 3219AEF3D6AE5933AE669FD2ED9ED95A8780612E39F31DB3DB9ED6B6244C5F7B ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
21:28:27.0978 0x5e08  KtmRm - ok
21:28:28.0005 0x5e08  [ 8BBB2B4429AF340481520C20C17FC5B6, 9E32815349195FC4B1BE213600FD407F2EAEEC8368289EB3E6B769125A739C08 ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
21:28:28.0013 0x5e08  LanmanServer - ok
21:28:28.0043 0x5e08  [ 1F5D48B1DA1B812BD2411CA44D75DD32, D1BDB8142CB13E8C6DD6F42E07C9D19BBBF6410D5122A04C01B34B95B442DD95 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
21:28:28.0052 0x5e08  LanmanWorkstation - ok
21:28:28.0083 0x5e08  [ 02C54C5C7EBE371EC0C59795ED22213F, 712AFE0EDF40436124F3FD55ED9B5A3A33A8761A58F4D482BB65229741B1C270 ] lfsvc           C:\WINDOWS\System32\lfsvc.dll
21:28:28.0085 0x5e08  lfsvc - ok
21:28:28.0093 0x5e08  [ 01BF128CC327A2E53898F732AF52B3DB, D62ACDA69D9942F9CEF400874DBB6EAF9811D9657CBFEF89174F88D76BB8D8EA ] LicenseManager  C:\WINDOWS\system32\LicenseManagerSvc.dll
21:28:28.0095 0x5e08  LicenseManager - ok
21:28:28.0436 0x5e08  [ F17BEE9DE55D99BD4F5CA7C6667A425F, 740D946F12297B3711801BA0121D3137E5A1AC60BA693AB2172C5BA57AC66DFC ] LiveUpdateSvc   C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
21:28:28.0514 0x5e08  LiveUpdateSvc - ok
21:28:28.0542 0x5e08  [ EC34EED89C34B27C292166B725AC7A7B, 58F1BA0CB7743314AC012A82F8CE4072CBDD05D9570C52BC18DC551882F5B1BA ] lltdio          C:\WINDOWS\system32\drivers\lltdio.sys
21:28:28.0544 0x5e08  lltdio - ok
21:28:28.0577 0x5e08  [ 2C23283A0815B048C06D8C0ED76AAD95, 4335546939C1A98CFE9A4403CC82D79CC713439E4DFD1F4760FDD867305151E0 ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
21:28:28.0584 0x5e08  lltdsvc - ok
21:28:28.0613 0x5e08  [ 595FBB84D5E62AE8629ED0F6179818A7, 6BF747A759425BDC1080888B6D9C4611B55020A64B67AC1486DB8C4E70B16A9D ] LMDriver        C:\WINDOWS\System32\drivers\LMDriver.sys
21:28:28.0614 0x5e08  LMDriver - ok
21:28:28.0638 0x5e08  [ CB6365E995F4DB856866500EDD8F61C1, 717ED387F245CAC68217B0F393D7B8AB3805721AB2C4D2D43430FE6E740F0856 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
21:28:28.0640 0x5e08  lmhosts - ok
21:28:28.0680 0x5e08  [ 76BC5705E1F838E32451ECF14518B1C8, 3F664723DCF6C07BDB3287184175F60DD7B4A85B0480800ECBE065730E2DA5F5 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
21:28:28.0690 0x5e08  LMS - ok
21:28:28.0725 0x5e08  [ 961F28D879D345BFA50AF51285C90F2E, F9931A436651F695B746BC0C07E833D9C9F64126746DF976E691E6CAE26DAC9B ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
21:28:28.0728 0x5e08  LSI_SAS - ok
21:28:28.0747 0x5e08  [ 6BFB8D1B3407518BE06B6F81F92FA0F5, DE0818DCC0D8D1D30A29AB167C65461A78100ABE2368637CEB9D0ED2B4E88D8E ] LSI_SAS2i       C:\WINDOWS\system32\drivers\lsi_sas2i.sys
21:28:28.0750 0x5e08  LSI_SAS2i - ok
21:28:28.0765 0x5e08  [ BE0E47988D78F731DEC2C0CB03E765CB, CA0015E87A3962611DBF714253FA618A6568346BAE640884432C1D44DE4C8684 ] LSI_SAS3i       C:\WINDOWS\system32\drivers\lsi_sas3i.sys
21:28:28.0768 0x5e08  LSI_SAS3i - ok
21:28:28.0778 0x5e08  [ F99BF02BE9219986817BF094981EEB18, 4303C772366065885C5D937B2E9AC0BF80C84BFB2737716055AD57BF6AADD673 ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
21:28:28.0781 0x5e08  LSI_SSS - ok
21:28:28.0830 0x5e08  [ FFAA37FBBDD161E8C200C83B40F7872E, 0637B3119FC220CB8E23EE6694A9F1F25CF8D61008B14F6E30FDC17DCF9E077E ] LSM             C:\WINDOWS\System32\lsm.dll
21:28:28.0864 0x5e08  LSM - ok
21:28:28.0881 0x5e08  [ 2FCF837196082864F66CFD9CAB256275, 8BE01C3BCBC1E6E5D1FD7F49E936482E61ACB805F397AB81B8D39C2F0F1083BD ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
21:28:28.0884 0x5e08  luafv - ok
21:28:28.0911 0x5e08  [ FA2CDF42B3E9F53B12E506BA48BE16AA, 2E3757F21C0F6B5EBBC2F86415C1E858673B94DC4830C675567F3DCC2CD35BE5 ] MapsBroker      C:\WINDOWS\System32\moshost.dll
21:28:28.0914 0x5e08  MapsBroker - ok
21:28:28.0949 0x5e08  [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy   C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
21:28:28.0954 0x5e08  MBAMSwissArmy - ok
21:28:28.0986 0x5e08  [ 2ED29B635F35E31A1C0D3DDB7DD2AD03, F70CC20B98C2DBCD13B0D509D92B3BC3828D1B88F3ACD60C860E163064844181 ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
21:28:28.0989 0x5e08  megasas - ok
21:28:29.0013 0x5e08  [ 22E3CB85870879CBAE13C5095A8B12E3, 5FA5A8EFBA117089CFDBE09743A16BC3A7CC2042C96ABA1F57901747493106BF ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
21:28:29.0035 0x5e08  megasr - ok
21:28:29.0095 0x5e08  [ 0CAEA11CEC2EEC7511385A467FD464D1, C84DD82374D551C90CCB274AB7F8CE4A503042CC8D1337A1F6498B2538E1793A ] MEIx64          C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys
21:28:29.0141 0x5e08  MEIx64 - ok
21:28:29.0176 0x5e08  [ F2C23E25636BCA3543E6AD7858E861B7, 0CAB0A037471B4858CE9477E49BF50A5E3E6685E05F8A4BD2D9238551D5073A6 ] MessagingService C:\WINDOWS\System32\MessagingService.dll
21:28:29.0179 0x5e08  MessagingService - ok
21:28:29.0302 0x5e08  Microsoft SharePoint Workspace Audit Service - ok
21:28:29.0348 0x5e08  [ D41920FBFFF2BBCBBC69A5B383AD022E, E66218A8303422EA10C19BA12343740B9A1A70B11B39E185E805B4F74CD2B75E ] mlx4_bus        C:\WINDOWS\System32\drivers\mlx4_bus.sys
21:28:29.0370 0x5e08  mlx4_bus - ok
21:28:29.0400 0x5e08  [ 64BD0C87064EA20C2D3DC4199F9C239C, ED69706277A58ED2C5F2B1B4E9A4A9C7C20173D46EB57FB31D8B63340BA23193 ] MMCSS           C:\WINDOWS\system32\drivers\mmcss.sys
21:28:29.0402 0x5e08  MMCSS - ok
21:28:29.0420 0x5e08  [ 8D4B46FA84A3A3702EDADD37FAC6EDBA, E3B9E12BD324FE637C365FDC5E490C41889047004D4FC8F7D78339484F2F717B ] Modem           C:\WINDOWS\system32\drivers\modem.sys
21:28:29.0422 0x5e08  Modem - ok
21:28:29.0441 0x5e08  [ 78FEC1BDB168370F131BFBFEA0A04E9D, E07B1BC429C2CFBD6162F89A6502C67A4BAD904ADC05D3505D87A0B2BCE1061B ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
21:28:29.0443 0x5e08  monitor - ok
21:28:29.0460 0x5e08  [ D1CC0833CFBC4222A95CAA5D0C8C78FF, 54F04374C6D3EFF5C1B794C069870458F10757E5773AEE911957089EAF51EC8D ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
21:28:29.0462 0x5e08  mouclass - ok
21:28:29.0472 0x5e08  [ C2E05EC6B80BCF5AE362DA873E1BCE64, 4ABE5CA2005A54E92259EDB52205A5C59BDB83026FC0CD7CBB1E3A003C2B535B ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
21:28:29.0473 0x5e08  mouhid - ok
21:28:29.0488 0x5e08  [ D5B7668A8F6C67C51FA5C6C513396D6C, 35985AD89344A8464BD78B8DA6A772E4E60A2EB93072AC23673A86EFD0B2270A ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
21:28:29.0492 0x5e08  mountmgr - ok
21:28:29.0528 0x5e08  [ D6F67A73E6557578B755F7B534E00F47, 769F3D6CB86B2DC4065BDE4CE39139879B7D96F455A3BE80C7ECEAD5494E8B79 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:28:29.0533 0x5e08  MozillaMaintenance - ok
21:28:29.0548 0x5e08  [ 5FBCB85D127BE21E3A9DAF11A13C00EA, D00AB99CC813E26B0BD2D39161D4138AB89A06B3E3A28712F2D5BCA60905BEC4 ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
21:28:29.0550 0x5e08  mpsdrv - ok
21:28:29.0594 0x5e08  [ 0B28F2ACE5103586D322AD98FAA01309, CE3053DEB6E452C6DCDFD371CF113EB0D740DED6C1C537CB749D1BE5E97FAB09 ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
21:28:29.0627 0x5e08  MpsSvc - ok
21:28:29.0665 0x5e08  [ BF6CA7EA5ECD6CF72D3D76652A9B8280, 8EC031D0D8E75CB583B129CBA518701097697498621307108388FA05FBF604BB ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
21:28:29.0669 0x5e08  MRxDAV - ok
21:28:29.0714 0x5e08  [ 0B3B0C1D86050355676640488FA897D3, DBED9D6F7AAFB11F4C00C1F69DB7A887A3058E5FA66615A1640242439822B60C ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
21:28:29.0724 0x5e08  mrxsmb - ok
21:28:29.0760 0x5e08  [ 1A490555FD330CA2764D89191177C867, 1004AE2F80BEA9A6DBA3E6B5D2DDFA44FBA253F7137D60B000B094699DE1CB12 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
21:28:29.0767 0x5e08  mrxsmb10 - ok
21:28:29.0789 0x5e08  [ 0F47A6C09F0A7FB5513D322A2B9BE4EC, 00A17CB55D232E11F3D24D0B43FE4FA9E55F7EF5E5607B26ED84C13108AAC4FA ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
21:28:29.0795 0x5e08  mrxsmb20 - ok
21:28:29.0810 0x5e08  [ A4411C522D41707D5BCA817A5BB9E30B, EF7505BE475ECAB2B5E66A7419EDAF42A7E7A65BAD3BBE346A8CEE5DD69782CC ] MsBridge        C:\WINDOWS\system32\drivers\bridge.sys
21:28:29.0813 0x5e08  MsBridge - ok
21:28:29.0843 0x5e08  [ 807A6636828E5F43C10A01474B8907EE, F275645F4F0D0A796C33C03EA7FA563A0B890AB3A93E5F99C5EA166F91D249B1 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
21:28:29.0848 0x5e08  MSDTC - ok
21:28:29.0857 0x5e08  [ D123343DDB02E372B02BF2C4293F835F, 8E02D9F7E5DA717B64538444B3FE1C55AA4B0F26F51DA20947E971D27EA09D12 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
21:28:29.0859 0x5e08  Msfs - ok
21:28:29.0886 0x5e08  [ B3358F380BA3F29F56BE0F7734C24D5F, 229D9E72C429AC51BF6E7C8306218620CB1AA50FE39BA6C11ED0F643E7AF90E5 ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
21:28:29.0889 0x5e08  msgpiowin32 - ok
21:28:29.0906 0x5e08  [ B2044D5D125F249680508EC0B2AAEFAC, 9631FF42DA5A7CEE1F2607AA8972EF0A67616F0EEEBC95F97B1C8F5A577ED5C4 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
21:28:29.0907 0x5e08  mshidkmdf - ok
21:28:29.0920 0x5e08  [ 36ABE7FC80BED4FE44754AE5CFB51432, FB89DF3A50C52B69D4E831A370157D1901810093A0D7D7120A120FC5C6E14BF5 ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
21:28:29.0921 0x5e08  mshidumdf - ok
21:28:29.0924 0x5e08  [ 59307FEAFC9E72EEEC56B7FD7D294F4C, 56576635870FC68980977FFA0E7F8E8D69A7981DECF5B52D0B2A82E3BA6685EA ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
21:28:29.0926 0x5e08  msisadrv - ok
21:28:29.0958 0x5e08  [ 236A38F5CB0A23BF0ACCD70ED0BD7F70, 8106B528458E6C8E4437D9064D58F10FF195E67CD308AEBBD5F860AD2D59DCC4 ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
21:28:29.0963 0x5e08  MSiSCSI - ok
21:28:29.0967 0x5e08  msiserver - ok

beetleralf · 28.06.2016, 20:35

Code:

ATTFilter

21:28:29.0979 0x5e08  [ E9457EDFEBC774199F907395C6D09CA2, C3655CE83F4AD1258382722E9A99C33FDD3AA40B62CFEB8DFDD141E254E6DCE2 ] MSKSSRV         C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys
21:28:29.0980 0x5e08  MSKSSRV - ok
21:28:29.0996 0x5e08  [ C85D79735641D27C5821C35ECDDC2334, C1BAFD98122B04665870171C143EC119181351D10777A83680A63BF305703FF3 ] MsLldp          C:\WINDOWS\system32\drivers\mslldp.sys
21:28:29.0999 0x5e08  MsLldp - ok
21:28:30.0009 0x5e08  [ EF75184B64356850D0F04D049C253526, 325476F53372BD70201347F044C8EFEC0DB939E1926454B6DCC0CF7864969650 ] MSPCLOCK        C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys
21:28:30.0010 0x5e08  MSPCLOCK - ok
21:28:30.0040 0x5e08  [ 543933D166C618E7588EA77707EC1683, 84A65D277E28FDD7CE2345188891093AC88B577E4C528AD39AB629E341199688 ] MSPQM           C:\WINDOWS\system32\DRIVERS\MSPQM.sys
21:28:30.0041 0x5e08  MSPQM - ok
21:28:30.0066 0x5e08  [ 182711E9DDF70121A20EBB61B2DFB9E8, 70606503F6280EA3175B9AEC8370A8F461575755DA86EF6E9C9D04EAD61481FA ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
21:28:30.0075 0x5e08  MsRPC - ok
21:28:30.0093 0x5e08  [ E887FFDD6734C496407E9219225CB6FF, 0EC9A79224BCE5D0A782E62CC38E3494E8FB65DFC07C66D25C5A1A351121C27D ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
21:28:30.0095 0x5e08  mssmbios - ok
21:28:30.0111 0x5e08  [ 83A2AB75951000D681FABDB80C07AEFC, 3B2F582F097E3F934C4587B27CB05525350F36924B74CA6BCD364878FA8EC273 ] MSTEE           C:\WINDOWS\system32\DRIVERS\MSTEE.sys
21:28:30.0112 0x5e08  MSTEE - ok
21:28:30.0130 0x5e08  [ 4FA0483896FC16583851EFB733FCB083, BB59243ABE32FBE92EC1B04D24239BE2DF7C2354A407C2EFF97623F07DCBDA35 ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
21:28:30.0131 0x5e08  MTConfig - ok
21:28:30.0147 0x5e08  [ 60F88248608315E13391C2F1C3B4473F, 99E8B74118A01FC281A1C6B323EFD1A8EA1997B81A013442205066F55327D555 ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
21:28:30.0151 0x5e08  Mup - ok
21:28:30.0170 0x5e08  [ 218705233D02776AE4D19CC37D985C1B, 3D92925867B6B8FFAF78E4080139DCB3D45E1E6E1D0AFB6A4FE248B002BD8471 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
21:28:30.0172 0x5e08  mvumis - ok
21:28:30.0206 0x5e08  [ F41102EEE5B1D6001CD003CED1D63812, 1A879823FAF5240A6CFAEBE999EB4097284C2D5541E4499B6D87CA6C214DD9CE ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
21:28:30.0212 0x5e08  MyWiFiDHCPDNS - ok
21:28:30.0272 0x5e08  [ AA4CD20708B7E0412A5316D7E2875103, 4E60A0865B7656735F3AB34AF5FE48304138F47DE961D4D16661617D711DEBC0 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
21:28:30.0292 0x5e08  NativeWifiP - ok
21:28:30.0343 0x5e08  [ A340A4B27CC7DEDDF953B7E2C9699747, 4C5AB23BD0C69B17E9BD29CAFEDC100A6EFC78BAB645B007FCAE4318C459D345 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
21:28:30.0349 0x5e08  NcaSvc - ok
21:28:30.0367 0x5e08  [ 24146738C422814EEB2A98FF1FC5C6E1, 3C70C6768681CE63DED339822EFB36194037B987D92456B9E955061A3A3C63BC ] NcbService      C:\WINDOWS\System32\ncbservice.dll
21:28:30.0377 0x5e08  NcbService - ok
21:28:30.0420 0x5e08  [ 476466DC3AB2327E2DBFAEC11798E2EE, 9ACD74720664CF3F239601DF0BE80AC443AF0FBF666CBB8509169364FB22B95D ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
21:28:30.0423 0x5e08  NcdAutoSetup - ok
21:28:30.0434 0x5e08  [ B57CE307DA101C739885B7CC0678077F, F7F45DB6D306060F0FE0E59F39C3B95F6A9B6173930F22C5C41B2003895D6642 ] ndfltr          C:\WINDOWS\System32\drivers\ndfltr.sys
21:28:30.0436 0x5e08  ndfltr - ok
21:28:30.0481 0x5e08  [ E582DA849A58524E645545FB68B6625D, B74E2CF078F6C575EFC4A2E4293D03FE6BA933307D656E0E57FFA17EF324948D ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
21:28:30.0551 0x5e08  NDIS - ok
21:28:30.0566 0x5e08  [ 202260E7CDD731A32AF62ABD1ABEE008, 0E019FAE09B2659CC3267756DB962CCD69172BA67E3288B491F7B455287A5392 ] NdisCap         C:\WINDOWS\system32\drivers\ndiscap.sys
21:28:30.0568 0x5e08  NdisCap - ok
21:28:30.0584 0x5e08  [ A1D473D0CF10561F29B58EA7C5412A92, 3DBFC1D769E03E30C87FF4F30A9B523A69A7E0CD4EB87F8A9ECE190FEB84C569 ] NdisImPlatform  C:\WINDOWS\system32\drivers\NdisImPlatform.sys
21:28:30.0587 0x5e08  NdisImPlatform - ok
21:28:30.0608 0x5e08  [ 1A0AE283B8DE6BB76412A0F8213D45AC, 91AFFDC7A9277EB59CD54021049BEA715078F90470B8A12F3E9F1386DF068D2D ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
21:28:30.0609 0x5e08  NdisTapi - ok
21:28:30.0626 0x5e08  [ A74EE2D2C0BFF5EC3A6185791868C4CA, A346320DEBEAE890575B4C6594FB3A3A9890A0E86881ADD8376E442282C88D38 ] Ndisuio         C:\WINDOWS\system32\drivers\ndisuio.sys
21:28:30.0628 0x5e08  Ndisuio - ok
21:28:30.0635 0x5e08  [ 32A9BD1342640D48AD85C8B3E812B984, B702B05A0180472139B35B105DD3B6B6F75AEDC9DD1EE342FB576259076455AE ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
21:28:30.0637 0x5e08  NdisVirtualBus - ok
21:28:30.0659 0x5e08  [ 6A6A8CF5EE61801375A38EBB871D4057, AE8EFF18D82BBE83101B380189A6889822891A993EB865E2E81C1D2F60B77C4C ] NdisWan         C:\WINDOWS\System32\drivers\ndiswan.sys
21:28:30.0664 0x5e08  NdisWan - ok
21:28:30.0672 0x5e08  [ 6A6A8CF5EE61801375A38EBB871D4057, AE8EFF18D82BBE83101B380189A6889822891A993EB865E2E81C1D2F60B77C4C ] ndiswanlegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:28:30.0676 0x5e08  ndiswanlegacy - ok
21:28:30.0695 0x5e08  [ 50AEF8EF0064A91ABB08D858D039C9DE, 16F1CBE1EC3778D157CC054261068C8D7F8A72D85853CB70178F8DF81D238C8F ] ndproxy         C:\WINDOWS\system32\DRIVERS\NDProxy.sys
21:28:30.0697 0x5e08  ndproxy - ok
21:28:30.0728 0x5e08  [ 883A36E2FF7FA3E1281CB575579FE3AF, F1BE02B13C090E2E36BD211055FC980E79BD14F72042773A3619A5143AAEE485 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
21:28:30.0731 0x5e08  Ndu - ok
21:28:30.0742 0x5e08  [ 026618ECF6C4BEBDCB7885D42EC0DBE4, 8E7E13361DCF8748FA3AD518B3DE0A3DCE932316EE32E5529E75785BC5395AD1 ] NetBIOS         C:\WINDOWS\system32\drivers\netbios.sys
21:28:30.0744 0x5e08  NetBIOS - ok
21:28:30.0760 0x5e08  [ C03E926B0E7D66D68994067231DC3246, 1895BE28921431AA78BEF9AFE01411FE8CDA570867E527E4D925E6FAA35D8BC0 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
21:28:30.0768 0x5e08  NetBT - ok
21:28:30.0783 0x5e08  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] Netlogon        C:\WINDOWS\system32\lsass.exe
21:28:30.0786 0x5e08  Netlogon - ok
21:28:30.0816 0x5e08  [ 7FD4C3D32DAE890608F44074A3437CD8, 5B7D9E9AEE26896B818F3C5DBE4C96A33D43CE2CF7716B95AAB7203611C03BFE ] Netman          C:\WINDOWS\System32\netman.dll
21:28:30.0824 0x5e08  Netman - ok
21:28:30.0867 0x5e08  [ A059F75402710535A90A8D043674A514, E98536DF74A2B75FDBA6B866DC1909544292DFE5E14F984941470FBA6E8D810C ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
21:28:30.0889 0x5e08  netprofm - ok
21:28:30.0911 0x5e08  [ A3AA03C0C5002F3D89397637B770A1BA, CB40F8FFE2850C11C9EA309BFDBB97C2C978202AF70D052573D8CF18A0677AEB ] NetSetupSvc     C:\WINDOWS\System32\NetSetupSvc.dll
21:28:30.0918 0x5e08  NetSetupSvc - ok
21:28:30.0954 0x5e08  [ 9E9BEB22644CE1DA521A1D7821BF891F, 5480D52AE1942205B513F916DBCBF5B5F2FFF92D927F4E598FBA618E75BBC2E9 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:28:30.0980 0x5e08  NetTcpPortSharing - ok
21:28:31.0253 0x5e08  [ 04185E14E32B9C6EA4F660E93DA8BD40, 5635CD66CF9E9EC11767817D6811A06D0A157CBC5AFABD0E6E41D1487611C769 ] Netwtw02        C:\WINDOWS\System32\drivers\Netwtw02.sys
21:28:31.0522 0x5e08  Netwtw02 - ok
21:28:31.0571 0x5e08  [ 0FB83658FBB2C5A18AB98C5C94DB9FAF, 2D15A49F47D8185D7914D26916D1237FCBE2F8351A64877CDDDDE26E766C3D2F ] NgcCtnrSvc      C:\WINDOWS\System32\NgcCtnrSvc.dll
21:28:31.0579 0x5e08  NgcCtnrSvc - ok
21:28:31.0628 0x5e08  [ 7AAA9916AA10F4B0E9743798A5BA6549, 2E38EEF3F487A7DD0B719A048FFA0EB36B2487A1068BB322553E9DD2FCE46711 ] NgcSvc          C:\WINDOWS\system32\ngcsvc.dll
21:28:31.0659 0x5e08  NgcSvc - ok
21:28:31.0702 0x5e08  [ 1B8F07B59F7DAE02264FB8A16088C467, 1795DA9F72C34A9F47D9AAF5E95D40C3296948EB89D9600679AB4660671A5C65 ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
21:28:31.0713 0x5e08  NlaSvc - ok
21:28:31.0739 0x5e08  [ 465DC580170CD844206D7E3EF1DBF2A1, 5A14001029BE154C708CCA34449B280905DB79978FC7F0BE0CF20B20E47752CF ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
21:28:31.0742 0x5e08  Npfs - ok
21:28:31.0769 0x5e08  [ 29395C214D2CD4C81F73166AB988A797, 3631EB2EA17E455ECD151C0BC9A3DF6EC87C75B15DC9B607CFB68D7C463E04B7 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
21:28:31.0770 0x5e08  npsvctrig - ok
21:28:31.0785 0x5e08  [ AF8B7848E102A83AAECCD24B181CEBE5, B2AAE3567EE3A7975CDFCB3FE41D33C74D4486BFF35FF56E0516A01C744BA52B ] nsi             C:\WINDOWS\system32\nsisvc.dll
21:28:31.0787 0x5e08  nsi - ok
21:28:31.0797 0x5e08  [ 2871225495F832A8C8A7DD1A17EDB3DC, 2F6664C7F5FB2341B2AAF3C5A258FA0D7AEEE447562D7F39FD5A4EE905C18C6D ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
21:28:31.0799 0x5e08  nsiproxy - ok
21:28:31.0887 0x5e08  [ 19BD8A88AAC580592668B070AC0727D9, 60DB84895C40E6412BEB2D0E4D7F05891446B9DE992D70579CC90BA3FB27FC01 ] NTFS            C:\WINDOWS\system32\drivers\NTFS.sys
21:28:31.0955 0x5e08  NTFS - ok
21:28:31.0985 0x5e08  [ 6DBD703320484C37CEA9E4E2D266A8CE, 85D6F73C0E3FDE16829C9BC0D13DD89E64183EAE02F84607F6B8440CB7F366E6 ] Null            C:\WINDOWS\system32\drivers\Null.sys
21:28:31.0986 0x5e08  Null - ok
21:28:32.0315 0x5e08  [ AEEA2EC9CEEB8ADE8284583BBB98AB0D, AB629C047EFB8F5CF13FF923C332A05CD3F510A8C07D2EA6D3C493E2533DB1E0 ] nvlddmkm        C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
21:28:32.0618 0x5e08  nvlddmkm - ok
21:28:32.0734 0x5e08  [ 4B1E6975B565883985FB43C3FD6C88C6, D4CCA860A9AFDF5D729885896B3034A55C4778FE0A333C06B8B71C20BF73A48A ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
21:28:32.0790 0x5e08  NvNetworkService - ok
21:28:32.0818 0x5e08  [ 604D27CC38CC23493F218D0BB834B3FF, EF5E5759CCF16DD97271C82DAF47FB2086EBCA5DE7D05177B70CA1197B95F41E ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
21:28:32.0822 0x5e08  nvraid - ok
21:28:32.0838 0x5e08  [ 8B50D897657AB4A15FD9E251BBF7D107, 36036130DD46D9BF105AC7176E219F3BE7D1168A660A0F8DFF76F61FBFA4B417 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
21:28:32.0842 0x5e08  nvstor - ok
21:28:32.0891 0x5e08  [ DD8043B662B1F0CFC037976E38271975, A129975AE17677783A76E8DBEC6D01709BC40202672AAB5BB72A8E19A285C4C9 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
21:28:32.0892 0x5e08  NvStreamKms - ok
21:28:32.0895 0x5e08  NvStreamSvc - ok
21:28:32.0952 0x5e08  [ 1B44B5244EAF26BEC315AE84B0AFFC66, 760F376FFF7665E32718E890387CA2404D70DED2D2694A1647483722287D01B8 ] nvsvc           C:\WINDOWS\system32\nvvsvc.exe
21:28:32.0997 0x5e08  nvsvc - ok
21:28:33.0036 0x5e08  [ 6AC68DDFCAC19A300D738AF3493E46AA, 4E92215B6E3ED263E89489851C6FEAD08D3155C82A74E880DA460DED0021DF42 ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
21:28:33.0039 0x5e08  nvvad_WaveExtensible - ok
21:28:33.0057 0x5e08  [ 31F990B2B6B91E9D7A667405CE12FCB1, 907E095D1E83CDAFF34BE789FC41CDD7BB4DEE23261E1D03C1CF0D4D030534AC ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
21:28:33.0061 0x5e08  nv_agp - ok
21:28:33.0094 0x5e08  [ 7F3A0D052B8E00E730316210B1DD092F, 14BD026EA759F6C81ED6B4DBB04E0584B7F6456725503FC73CD4347B7743005F ] OneSyncSvc      C:\WINDOWS\System32\APHostService.dll
21:28:33.0102 0x5e08  OneSyncSvc - ok
21:28:33.0190 0x5e08  [ 33840F7285A70D308882A23AF6D65D7E, 08506691E5F4AAB76811B1B2BCB9A68731B771F27A0571489E363D26A6EF0D0C ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:28:33.0196 0x5e08  ose - ok
21:28:33.0415 0x5e08  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:28:33.0560 0x5e08  osppsvc - ok
21:28:33.0600 0x5e08  [ 334131C162B118EF49930D41B0E17825, 10EF08870B6E118AED2E0E3F45E06BA8A485439823BE98F44E34E7D2B65AA2EF ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
21:28:33.0610 0x5e08  p2pimsvc - ok
21:28:33.0650 0x5e08  [ 4A5634915AF62C983E08425905D0C04C, 09BC3F7AD9F79C5FF59520933D06FE155AC21CD0ABAFE66B81C9F87D83A2339F ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
21:28:33.0669 0x5e08  p2psvc - ok
21:28:33.0689 0x5e08  [ 7D0FC96264C0F8F2C1321E33E8EB646C, 82A06437B9B096BCCF5CE31BDF3539696E2E41DFA9870C358566EEE2F7D3B447 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
21:28:33.0692 0x5e08  Parport - ok
21:28:33.0714 0x5e08  [ D330D74B5F99309B5CCA30AE41C57CDE, AE5186CB4B639A5241BF0D17FE8A73D6DAFA505C31E250EA225CD498C8A4A07E ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
21:28:33.0717 0x5e08  partmgr - ok
21:28:33.0740 0x5e08  [ 0ECA2ADD5FBCE73183A68935C71B40B7, 08CC5F2F10D1DD1A1396CC29196314003491D3AF3DE59CADB281F252577F1860 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
21:28:33.0762 0x5e08  PcaSvc - ok
21:28:33.0777 0x5e08  [ CF78AF126B00C1B0A6FF45BD838E8EFE, AE01B107E1D9072F10F194AEE2AE4F9D75A4EC8FF3A46E45D27E7BF615CE0985 ] pci             C:\WINDOWS\system32\drivers\pci.sys
21:28:33.0785 0x5e08  pci - ok
21:28:33.0814 0x5e08  [ 2B4D98DF0CA57FB9536DBC80D2449D1F, AB34FA8585A20854369C0FAEB18BF5C7734D7E3C791F644B0576E40D609FCD09 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
21:28:33.0815 0x5e08  pciide - ok
21:28:33.0832 0x5e08  [ F4D5793BF2E58AF15C6CF2FEEF9E73EB, 9B5A40AF8838063F8F0A2B1480B39A2711AAE78BD972CDA60CCA0EB2BA211A87 ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
21:28:33.0835 0x5e08  pcmcia - ok
21:28:33.0855 0x5e08  [ 22A53744CEEADFFFD33BA010FAD95229, 30B775EC9795105B8BF785BD63115C160955E7EFF74B995D3EC288138D1825A3 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
21:28:33.0857 0x5e08  pcw - ok
21:28:33.0875 0x5e08  [ 67B9684B8272D5EBD1CCBB1DBD425EC8, 09BE2A2EB3A71E594D08B8D817820965DEEAD283029EBB0B74CCC658A2706233 ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
21:28:33.0878 0x5e08  pdc - ok
21:28:33.0924 0x5e08  [ E2F8376F9731D12A009C522036C6073A, 5B8B68D3C013AAA8ED368C97042984C35E8D023542DBA404E7A03E89F2357E66 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
21:28:33.0947 0x5e08  PEAUTH - ok
21:28:33.0960 0x5e08  [ 1398A85E59698067CBBE1D66A9C13ADF, E3609F183068BFAED756B2F9237181D60A6F6D78691248B8BF5B0AEB6A367E3D ] percsas2i       C:\WINDOWS\system32\drivers\percsas2i.sys
21:28:33.0962 0x5e08  percsas2i - ok
21:28:33.0976 0x5e08  [ 35F7C7AD709D909D618D9EDF987FC3ED, EE713E33688E74C5A2546CC58EBD8EA8F8116F25E42DCF8DA21DCBC7C7590E0E ] percsas3i       C:\WINDOWS\system32\drivers\percsas3i.sys
21:28:33.0978 0x5e08  percsas3i - ok
21:28:34.0060 0x5e08  [ 0DAF7B7D85F7AF38E29161460899C63F, F2609F2BD02C714857F5D5E6EF580643429C54E175AA72D38467F8F3A4E7F59F ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
21:28:34.0063 0x5e08  PerfHost - ok
21:28:34.0118 0x5e08  [ 57606281E23B0F53347527691E947B2B, 7030182E706CEBE6BD52BDC71CA8F2230AD445AE6554188E76F09A5E2612BD2E ] PhoneSvc        C:\WINDOWS\System32\PhoneService.dll
21:28:34.0152 0x5e08  PhoneSvc - ok
21:28:34.0184 0x5e08  [ 04F7878E7017105AB782353231561749, FB2811D98216720D4FDF0AC0EDF16C6CD33D7224B4CAFA752B4D2A839E6DD88A ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
21:28:34.0229 0x5e08  PimIndexMaintenanceSvc - ok
21:28:34.0366 0x5e08  [ A546F72EFFE5CBBC98003A0CA19DA0F8, 89AE396676A37D851F46427E421E8E8ED5B4BADC33023F1E215CC352A4110F44 ] pla             C:\WINDOWS\system32\pla.dll
21:28:34.0422 0x5e08  pla - ok
21:28:34.0451 0x5e08  [ 15BA68662CED4B0618010A54478E18E5, 1B913BFA7AA11F3A82D80E95FC4857B810D341F9E68545710F90EBE44DAC1DF8 ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
21:28:34.0456 0x5e08  PlugPlay - ok
21:28:34.0471 0x5e08  [ 6BF7093B27EA90FD9222845D19C1BE5F, CF8A6764BB6B369258F21FD303E4CAE08632195620A0BD66B62F62F5D7B762B8 ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
21:28:34.0474 0x5e08  PNRPAutoReg - ok
21:28:34.0497 0x5e08  [ 334131C162B118EF49930D41B0E17825, 10EF08870B6E118AED2E0E3F45E06BA8A485439823BE98F44E34E7D2B65AA2EF ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
21:28:34.0507 0x5e08  PNRPsvc - ok
21:28:34.0536 0x5e08  [ D67052BD0DA9C17BCBBF8AB5B6D354EE, 7FE9B414C74CF69E531B27C506216F7F5CBE00B67E90305A4A4A2ECADAA4F349 ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
21:28:34.0546 0x5e08  PolicyAgent - ok
21:28:34.0559 0x5e08  [ AE3B1056FC1795F18D990C4908A6ECBF, 1C41F7714EBF54DF358D9B19D6AFE7281D3EABE20038B568A12031B76E1D50D9 ] Power           C:\WINDOWS\system32\umpo.dll
21:28:34.0564 0x5e08  Power - ok
21:28:34.0594 0x5e08  [ 5BA6B9AD03B81546BA64E488C4EF9D17, C43442577685FA1A7C32094B2F14FC92BA6B511FD9FDBA6FD82473A1B165FC61 ] PptpMiniport    C:\WINDOWS\System32\drivers\raspptp.sys
21:28:34.0596 0x5e08  PptpMiniport - ok
21:28:34.0754 0x5e08  [ 15709A9AB1411565754CEE33AAB36387, 77CBC04346F8F247B4614CE65FBD225F0A24827EDD1FDB34900D05673B682D84 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
21:28:34.0855 0x5e08  PrintNotify - ok
21:28:34.0889 0x5e08  [ 21AECFF3EB5748CBE12538A2500EFDE5, A1679F21363E99E3698B9C6F7E7E3BB2877D47089BC381AF0C51B1DD8B24325B ] Processor       C:\WINDOWS\System32\drivers\processr.sys
21:28:34.0892 0x5e08  Processor - ok
21:28:34.0926 0x5e08  [ 7E0078F1EFEB6F8F47CF85C1D73C7EBC, 831BC3CE72F29AD259DEE7121D6F785CE0A8462CFB69DD7FB1F3BDAF16CDBF3E ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
21:28:34.0935 0x5e08  ProfSvc - ok
21:28:34.0969 0x5e08  [ 596FB6C5A72F34B7566930985E543806, 870B43783DB4CF845FA72BC5E40CE76BE6DFC66FE9E9B4B0A52D6B7FE7EA65FC ] Psched          C:\WINDOWS\system32\drivers\pacer.sys
21:28:34.0974 0x5e08  Psched - ok
21:28:35.0036 0x5e08  [ 605750DA0741F2B28906BD27EFCB78D8, 91AD3952B4FA19FA28FC4C3151BAD2EDE94D250A87EBC4B2EE3A534A2D41C456 ] QALSvc          C:\Program Files\Acer\Acer Quick Access\QALSvc.exe
21:28:35.0045 0x5e08  QALSvc - ok
21:28:35.0058 0x5e08  [ D232A1F1DD250F9B9944F0D98045FA9B, 330719FED4D4A53A3A75263560B4A32D06AC1E3F00F0AD6A45C4F504A1C1AB6D ] QASvc           C:\Program Files\Acer\Acer Quick Access\QASvc.exe
21:28:35.0069 0x5e08  QASvc - ok
21:28:35.0149 0x5e08  [ E84F66BA185934C166F8DF0FA8F88455, 2E0380E98DA29B3F43FB3FE0E1ECA52B3C9AEF54CE982D5514F70FAE81758449 ] QWAVE           C:\WINDOWS\system32\qwave.dll
21:28:35.0157 0x5e08  QWAVE - ok
21:28:35.0195 0x5e08  [ CFBA9C976CBF6796E5DC39EF59984021, A1C956AD828FC70ED92D702516E0F88A4BDAF8C93C571D7CA20F1695FD8E70C2 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
21:28:35.0196 0x5e08  QWAVEdrv - ok
21:28:35.0228 0x5e08  [ 29EF474475CA406FF5B14D6B434F1ECE, A09ABDCE77FF45E0FEB826E96C9F54A5BC6699BF644C8816BAF4CA5630C9D44E ] RadioShim       C:\WINDOWS\System32\drivers\RadioShim.sys
21:28:35.0229 0x5e08  RadioShim - ok
21:28:35.0253 0x5e08  [ 7B2AD8C55217B514C14281AB97B4E21D, A1E295897B864B9C0177FF1C502EB060084A1783C0E7E53636291F901C2E2AA8 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
21:28:35.0254 0x5e08  RasAcd - ok
21:28:35.0281 0x5e08  [ E15A9CE1E2E7D1C8DF97A4FC1FFE6289, 44B53418D6BC51ACC567CF6917A0981889B44AE420489C9C03F5A30418B37267 ] RasAgileVpn     C:\WINDOWS\System32\drivers\AgileVpn.sys
21:28:35.0284 0x5e08  RasAgileVpn - ok
21:28:35.0302 0x5e08  [ D60BA4C76D194472D6602FF3D2D51ADE, 01272663897685C75FFBC3F1C0CFDB8D0E1A58182049E0B607D634536A8F6400 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
21:28:35.0306 0x5e08  RasAuto - ok
21:28:35.0331 0x5e08  [ E3C82823B22463BC38AA4F8ADA852624, FF601B117F4003E2CC65B6143C2A270331EB257EE82B3BC020247D1AB1CD625F ] Rasl2tp         C:\WINDOWS\System32\drivers\rasl2tp.sys
21:28:35.0334 0x5e08  Rasl2tp - ok
21:28:35.0381 0x5e08  [ 3655D86C5E2982B131FC0935DE24F98F, 0386B31FECDDED77450609A807097B2307361CB59B236DEC41037BDC95897463 ] RasMan          C:\WINDOWS\System32\rasmans.dll
21:28:35.0416 0x5e08  RasMan - ok
21:28:35.0428 0x5e08  [ 3369023EB5790A75BA7DABA14B75D922, 36B63D5B74FDC932AAF1A876514024602D2F3EAF2CA33D1247CBA1E52FDB0418 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
21:28:35.0430 0x5e08  RasPppoe - ok
21:28:35.0444 0x5e08  [ 1E32A8CD65C4AD0A827CFEB13034DA29, 5D9A92E13020D994CCD39F701BACAFE2177A40A9CC89649441B91E3F3DECD911 ] RasSstp         C:\WINDOWS\System32\drivers\rassstp.sys
21:28:35.0447 0x5e08  RasSstp - ok
21:28:35.0481 0x5e08  [ 2B648363E4C5E34B469C58596F377DD9, 30F82770468BBA562CEA0E9E39B24ACEFBE022343D0180C82E2ACE8957B73E44 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
21:28:35.0500 0x5e08  rdbss - ok
21:28:35.0508 0x5e08  [ D0221C13960E274CC539D72D5A842ED0, A5A961506B9D7429D97D0635FD69E74736C0E8405487E1D22BB5CD978A60044C ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
21:28:35.0510 0x5e08  rdpbus - ok
21:28:35.0525 0x5e08  [ 1DC2CC74B51E4DC4CD5A20C1021E4010, 46B7D17EE27439F2191504D1C6F6C70B2540BD4F2261DBB1F4BE783BEA99B04C ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
21:28:35.0529 0x5e08  RDPDR - ok
21:28:35.0548 0x5e08  [ 177DF954D0DEC0465A380C75F6E7F65F, 6B30C78223029BD5DBA586BF961968F85762209BA55CD031460A215B20F93AB2 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
21:28:35.0550 0x5e08  RdpVideoMiniport - ok
21:28:35.0579 0x5e08  [ 5D1680871054D2B0B8A971BC8AB3B837, 9CAB0B2E3857829D34A82A78B120D07E292D4D5060168D964295EB23339B7DE7 ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
21:28:35.0585 0x5e08  rdyboost - ok
21:28:35.0623 0x5e08  [ 341E6830DA70F65730300DAB4CB0B490, 341EC8DB5E39963EF89E726F08730AFB2356C3BAD71CCE9EECCAB4D9B31C4863 ] ReFSv1          C:\WINDOWS\system32\drivers\ReFSv1.sys
21:28:35.0656 0x5e08  ReFSv1 - ok
21:28:35.0732 0x5e08  [ 5623E2CC4F1F6DE24BE9DB3319E42D23, 2EA009F85804BF2757559DC7EBE4BCB637DE3786795891290F8F99580C32C9ED ] RegFilter       C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys
21:28:35.0734 0x5e08  RegFilter - ok
21:28:35.0772 0x5e08  [ 0060A50F5E3A397E1F84B0C8F5F9898B, 685452985AF6BF68A63A8A306E7BFA4051B0E8C41CA67EE74D506E6F560FF5DD ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
21:28:35.0775 0x5e08  RegSrvc - ok
21:28:35.0814 0x5e08  [ 8355BCA85B0928382DFCDD02FCD1681A, F306F038DA09C8D2095C311818E2F991B55BCD96B40B95D2A53A60EA6AC37014 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
21:28:35.0834 0x5e08  RemoteAccess - ok
21:28:35.0882 0x5e08  [ 2C82F4DCABAB389CEBB1C9E86C715C9C, 70354621D3D467616A419A818C54D2C89EA013C5050BA9944E3A7A4F25CAD6BA ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
21:28:35.0888 0x5e08  RemoteRegistry - ok
21:28:35.0940 0x5e08  [ DF7A59E70F398EEB9FDCDD310987D8AE, 67817FC336B2046351BDEB84A57252D6708E17656CD84FF5BCA85FCA24F430E0 ] RetailDemo      C:\WINDOWS\system32\RDXService.dll
21:28:35.0976 0x5e08  RetailDemo - ok
21:28:36.0004 0x5e08  [ 176D8470B15CD9080861594F9A33FA01, CFB66D7FEB9465985C2866D64EA03B7E7BE830DCF6C02B3FE2244D7F7E5343E2 ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
21:28:36.0008 0x5e08  RpcEptMapper - ok
21:28:36.0042 0x5e08  [ 1A563653DAEDFE4CA81936E0D2FD8B56, 308B0DFEBA63333D407093C449A08ABFECE118C9274100809356BDAF7FA32EB6 ] RpcLocator      C:\WINDOWS\system32\locator.exe
21:28:36.0044 0x5e08  RpcLocator - ok
21:28:36.0079 0x5e08  [ B339861C6A2A86FBCA67C2006B461473, 228ADC8A8603C0A4342C6CBC6F2CC919271D42391365061AF660E0D7151C66A4 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
21:28:36.0098 0x5e08  RpcSs - ok
21:28:36.0125 0x5e08  [ 0AC5FCDC29ED97ECDEF1276425EE2059, 8A12D1732D4AA18A9ED8416F4D4A49B81CE7C4C86ABCEE8FF28A16EA61993CFE ] rspndr          C:\WINDOWS\system32\drivers\rspndr.sys
21:28:36.0127 0x5e08  rspndr - ok
21:28:36.0173 0x5e08  [ 12A3D1530E3F67B8664EBA923A3981E4, 8670C39EB0A7C37C17D014A8917493B776DE0829B55EFED13D91B6FA7B81CA11 ] rt640x64        C:\WINDOWS\System32\drivers\rt640x64.sys
21:28:36.0206 0x5e08  rt640x64 - ok
21:28:36.0248 0x5e08  [ 02CB159500B40705BE8644F3B42C3992, B4F6238BF2D9E53DE3C43FC4A247700C94B9F0BEFA8D3F0AE043B1F3405A1D70 ] RTSUER          C:\WINDOWS\system32\Drivers\RtsUer.sys
21:28:36.0258 0x5e08  RTSUER - ok
21:28:36.0274 0x5e08  [ 044890BB0D6CF1E23C1087234D320509, FA6C79D24BE4ACCFAC617D2850B922BFAA7C2766AE625C725F3ACF43C934EFAF ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
21:28:36.0275 0x5e08  s3cap - ok
21:28:36.0306 0x5e08  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] SamSs           C:\WINDOWS\system32\lsass.exe
21:28:36.0308 0x5e08  SamSs - ok
21:28:36.0335 0x5e08  [ 530F797129776AA7E81994783A97E2AD, F131EF036702C6E741E5A6851AE07E81043CE8BAEED0768838C0F31CE14FEC1A ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
21:28:36.0338 0x5e08  sbp2port - ok
21:28:36.0371 0x5e08  [ 0C12493B333B96797AFC5F3C7831C051, BEE786D7ED14221B1A9450060597393AC44116D776B913E045B5F6066D720F74 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
21:28:36.0379 0x5e08  SCardSvr - ok
21:28:36.0398 0x5e08  [ 40110802D217FE1CB581D9A70B1FD16F, CCB920593CCC6663676039F3F731536DFEF535C3F715F6DB6F34D0D733BEF89B ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
21:28:36.0404 0x5e08  ScDeviceEnum - ok
21:28:36.0421 0x5e08  [ 9B6B1D4DB35A3D9BEAF023BC95E1F49D, CA44124CA3E9958FB77A891CD234A993B63E8AC6632AE801CDEC6666267E7C7E ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
21:28:36.0422 0x5e08  scfilter - ok
21:28:36.0485 0x5e08  [ EA195B8BC11C1CDB313CFD456EFFA0E9, EEDF349C59ED0645B04040707906BB4496527243858C2A6BE46BE7029B4A7F37 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
21:28:36.0519 0x5e08  Schedule - ok
21:28:36.0558 0x5e08  [ 4E9158CECF77A029AB98E8FBB43FCED5, AFF8BDB8F8F8DDF4FC0D65712E031DC360856CD3CE5C8A4C8FF960388F37462F ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
21:28:36.0563 0x5e08  SCPolicySvc - ok
21:28:36.0594 0x5e08  [ B24408471C1BCB17FC44F5B47EA8DEA3, 1CFE07C793F2A3D883E9071B8703C01A7619C8C0A02AAEBAA1130F36654AFD4F ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
21:28:36.0601 0x5e08  sdbus - ok
21:28:36.0633 0x5e08  [ 811EC0B1221402FCED0BA37E112BF627, 366EB8AF04C603BED6CF53652CC937099B247D5DD8C58D699D0D8DA22F8FDD51 ] SDRSVC          C:\WINDOWS\System32\SDRSVC.dll
21:28:36.0639 0x5e08  SDRSVC - ok
21:28:36.0668 0x5e08  [ DE6D7DC78D956928F59F7415A0F41E13, C0F8EEED29BF63A0D8FB5A0286C1C768BFEF598EC52715D910B5BB1A76231805 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
21:28:36.0671 0x5e08  sdstor - ok
21:28:36.0692 0x5e08  [ EBD07BD20B5E0E92A398566EF8720F79, 8A88C861D4113B9938C32CBD28FD3D7F1C3133E700E23E17F5DFD7B26CCDA04A ] seclogon        C:\WINDOWS\system32\seclogon.dll
21:28:36.0695 0x5e08  seclogon - ok
21:28:36.0761 0x5e08  [ EA160DB2589350DFF52C7ACCD7763187, 1EA4C33AE67EE0EC0748D892D402AD49832FE752F6864AF99AFCA52873D6F4A4 ] SecureLine      C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
21:28:36.0774 0x5e08  SecureLine - ok
21:28:36.0799 0x5e08  [ B7B9EEBCB7466338403A75D15AC120D7, B8F79DA71F8CD0F30983F7D92B625A431C212DD543DE2B3DC03EC5A68C41B00D ] SENS            C:\WINDOWS\System32\sens.dll
21:28:36.0803 0x5e08  SENS - ok
21:28:36.0867 0x5e08  [ D14DD7D766664F880FECF44CE6017966, ECF966E3ACF4EBD5A3259468A076619A539E35F1B97AB6A98FBD7882F1FBBBAB ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
21:28:36.0912 0x5e08  SensorDataService - ok
21:28:36.0948 0x5e08  [ 45D26646E3AD737E5DE3DB91CCCE7DBA, B05AB32700998C8347BC5797B18EB97F303FCB2302BED852348F2703DEDE72F9 ] SensorService   C:\WINDOWS\system32\SensorService.dll
21:28:36.0958 0x5e08  SensorService - ok
21:28:36.0978 0x5e08  [ 7363A65C738F5A5292D7BDBE55D8C3C2, C53C10A0AE58613DFCC91E62E004D9B188E4793C2A19B4BE871A705EEE77048E ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
21:28:36.0984 0x5e08  SensrSvc - ok
21:28:37.0010 0x5e08  [ 67585C295FF2D221679E376B68893B35, 4B5E9A8DA8C6F7B1F7129F80A0603503D467E5650306FB4C309977D74037E46B ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
21:28:37.0035 0x5e08  SerCx - ok
21:28:37.0074 0x5e08  [ B8C4852CBCAAC1374C08EC7445443824, DDE577A81B3E11B5B56096317BC47AA6E286573042407B96A9D29BE981F3FA4D ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
21:28:37.0078 0x5e08  SerCx2 - ok
21:28:37.0095 0x5e08  [ D3A103944A8FCD78FD48B2B19092790C, 252DB8395DA8639E748658D3BE7863C1700E27AA5C41BB700CFCE193FE3F04E9 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
21:28:37.0097 0x5e08  Serenum - ok
21:28:37.0122 0x5e08  [ 249A563C48DFD9E42A37587653E003BB, D022FAE2B7AC9D99B9F230A4DF0B045891588162587E1F468B5E05C8DA98AA9A ] Serial          C:\WINDOWS\System32\drivers\serial.sys
21:28:37.0124 0x5e08  Serial - ok
21:28:37.0142 0x5e08  [ 0F5B43074AE731D2C6F061241C9D84A6, 05CFEB30A4FC11441552D37687608C8C2FD6DC2F2266AE9D6526753E26283DE6 ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
21:28:37.0143 0x5e08  sermouse - ok
21:28:37.0172 0x5e08  [ CD90E445F6458512A5BA884D561EFCF1, E792FAB8AFF4126C1977024060842D788A06475139782896AFD7B39C85FCDF3F ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
21:28:37.0182 0x5e08  SessionEnv - ok
21:28:37.0191 0x5e08  [ D9FE59276BD56A9643C32D5FACE2F251, 591862D868A545F468496DE97DEE42C9DB3AFBFC0881CBA79EB6641A254AF033 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
21:28:37.0192 0x5e08  sfloppy - ok
21:28:37.0250 0x5e08  [ F8083C536BEDE61AFB4069D8A8C16DA7, 13AADAD7B5582911B8ABBE0CF7132CC517F7413A361CCF8ED502F803D061FFA3 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
21:28:37.0261 0x5e08  SharedAccess - ok
21:28:37.0319 0x5e08  [ AE6E4D3172FBF45B944668CB3998B8A8, E7D7F98CB464C236A17069987F7B678D7688D9D577334151EF09DF5C6F22AFFC ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
21:28:37.0342 0x5e08  ShellHWDetection - ok
21:28:37.0353 0x5e08  [ ABBE803FE0BDAE0E5BE74DDEFBE62F23, 5009F489F7A6D66628C23A0FA3D7632399D0AD72BD11A1B70D7E768ED507377D ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
21:28:37.0354 0x5e08  SiSRaid2 - ok
21:28:37.0371 0x5e08  [ 6043DF55CFE3C7ACF477645FA64DEA98, 0E18EF8EC589841BC319C17FBABA7383FD247C9441ABF64A0D830976F3E611AE ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
21:28:37.0374 0x5e08  SiSRaid4 - ok
21:28:37.0399 0x5e08  [ B922D32039A3B5991E64429EC4EE52A9, 5EB7EB1F6D2C25F06044D8CA9F3BA0471FB40C8C96432BDC2C80CC36DC49BA0B ] smphost         C:\WINDOWS\System32\smphost.dll
21:28:37.0402 0x5e08  smphost - ok
21:28:37.0441 0x5e08  [ F07301C282AA222C33F8C28B4F545275, 2938943A3A62B33C8296DF3B57897D32293F5395A5E2A01C76B0160A98C12520 ] SmsRouter       C:\WINDOWS\system32\SmsRouterSvc.dll
21:28:37.0464 0x5e08  SmsRouter - ok
21:28:37.0498 0x5e08  [ 0B6BECB2651EF947249CDC3715E8B9CC, EB7281AF3529DE16FE8CD0C0C0C8877641865A5864D58628DBAB865B510B0D0B ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
21:28:37.0500 0x5e08  SNMPTRAP - ok
21:28:37.0539 0x5e08  [ 1A6CB30F0EFC1632E6F1B852CA892583, 0E6BDCEE837AEC3D02C437478143C75550C94A50E36895DDB095F54A2FA18E2A ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
21:28:37.0559 0x5e08  spaceport - ok
21:28:37.0572 0x5e08  [ E1C158F6C00359278727A2CEE5D2ED71, 1591F942C6DD99D3BA7FD4D72D957864117B2263F205468A15F1D1417C6F799D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
21:28:37.0574 0x5e08  SpbCx - ok
21:28:37.0629 0x5e08  [ D1241DFC397FA8CCFB4BB4B63AAD31AC, F8C57C2F7CA8B6D8FEE1505A143A3FECF502C8DCFFC375F9C8848A87D9714C9E ] Spooler         C:\WINDOWS\System32\spoolsv.exe
21:28:37.0662 0x5e08  Spooler - ok
21:28:38.0025 0x5e08  [ 7C58AFEC26E9F7730A8AA7FD40225937, 546EAD8889F2A1BB6DCCB7781976B975F34DA1C9047F95FEAA52CF38EC60C6DD ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
21:28:38.0232 0x5e08  sppsvc - ok
21:28:38.0275 0x5e08  [ BE88248427A6AA548A904FD867667F70, 37E7BB76881F4E896311721B1FCB7B1908524591D36F7D63B233CA0115FECC2C ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
21:28:38.0285 0x5e08  srv - ok
21:28:38.0311 0x5e08  [ 2568B86F6A50D254324CB89022CA9EFC, 001B7A0061227E8E78A35FDC095C71A6974F18B1289FA392FA0B864A88C20672 ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
21:28:38.0334 0x5e08  srv2 - ok
21:28:38.0364 0x5e08  [ 6E520D6B16EA8AE23D1F81C1194F00C8, 42CAB0772D351023DBF1DAD4BDB1FC214827CEA660284838B41062B8DF89DF10 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
21:28:38.0370 0x5e08  srvnet - ok
21:28:38.0421 0x5e08  [ 8C1786C073A496B8C0C8A5450A4FFD5B, 13BF3B42A63CE6C461259D4CE767FB0DE1F10433512A11D2B2C033E36E652542 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
21:28:38.0429 0x5e08  SSDPSRV - ok
21:28:38.0455 0x5e08  [ 217A982201052EFC8C3C0C88D229791C, 11509E3446ED7B75C9A05CDC4A7AF18926CB463E0D98BAE1CD5DB43E88F94F90 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
21:28:38.0462 0x5e08  SstpSvc - ok
21:28:38.0563 0x5e08  [ 58863C57E4598C4F9DA967C5C36CFA5D, BB34FBC324E84E05128258CE3755241ECB63F7F2AE7F96716AC373931FAF92A8 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
21:28:38.0653 0x5e08  StateRepository - ok
21:28:38.0688 0x5e08  [ CCDA497C880AD16D87EDFAEFCFB2EDF5, 622599AA35ACFF0375DA252210BE42E7E90F30EDFEFF2F62FDB14AE6E45B5F88 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
21:28:38.0689 0x5e08  stexstor - ok
21:28:38.0737 0x5e08  [ 75476CAA8FA0A4E573948CDE8C7F0304, 68C4405CACA77AEED71761875A9AF60BCFBDD39E356BEA1BA8226E099BAA5FA4 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
21:28:38.0761 0x5e08  stisvc - ok
21:28:38.0777 0x5e08  [ BF8EA6FC3358C2F69678E3E94F764F84, D274DAD7B5756DD49CA44277C73497F1EC465C8E365CC730CD194932C3825920 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
21:28:38.0780 0x5e08  storahci - ok
21:28:38.0796 0x5e08  [ 32FF460DA8C1F370F5C08B7654899B73, 0C9D5D38D033109BA672ABAFEF0F0CD295E9FFA108ACFCA9044429D9B2CA9057 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys
21:28:38.0799 0x5e08  storflt - ok
21:28:38.0812 0x5e08  [ CC21DB3EF619B9480FE31A4EFE92CBEB, 256EFCA2F231F41D34250E1460BF88894D943EAE83A0B153FCADE700AB4DE11E ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
21:28:38.0815 0x5e08  stornvme - ok
21:28:38.0833 0x5e08  [ 390B8A75768E2689586539C224520895, D72F52E6D7AC5DC318FF9C1DF1F4E8A435D65B6BB59D7F1642222EC026BC54DB ] storqosflt      C:\WINDOWS\system32\drivers\storqosflt.sys
21:28:38.0835 0x5e08  storqosflt - ok
21:28:38.0873 0x5e08  [ FE42F8A07885E518ED1E846C93E4B78C, 264B21A5E07654F159A3E324F3B38A8C11AF619F61B5779A46367DD99EBD00A6 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
21:28:38.0895 0x5e08  StorSvc - ok
21:28:38.0907 0x5e08  [ 770A92D9D3A0BF61C97C3AFCB36847D9, 21A8CC3F8E63B971C4FF8DDED5C7032E093A7B0F16E2128A9BD2E890BA76A1D9 ] storufs         C:\WINDOWS\system32\drivers\storufs.sys
21:28:38.0909 0x5e08  storufs - ok
21:28:38.0933 0x5e08  [ 736A2418E3E7F3DB3CF6EB0A55D1D581, 2D3BBC4E0C7B51EDE7479A978E4BCD5F47A7257745179F01D2D9ECFD83CCCC82 ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
21:28:38.0935 0x5e08  storvsc - ok
21:28:38.0975 0x5e08  [ FA8F6E3AD3F92B35D2673CC9FD20429C, 62F81CBACF7E16FEF9DE3BE95FA5C9BDB51BAE4667AE5AE71399864A390FF6D5 ] svsvc           C:\WINDOWS\system32\svsvc.dll
21:28:38.0978 0x5e08  svsvc - ok
21:28:38.0994 0x5e08  [ BD98B0225BCD49E8A62F4F8EE1D1F613, CDAD11969B2DA417079547724BECC3DB4FC4711B3C01590EB0D02774B69B6D90 ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
21:28:38.0995 0x5e08  swenum - ok
21:28:39.0016 0x5e08  [ 22E539A9B96C66A713583EC017562616, 210DA61DFC7AA9AD23277D9CC0239B781F4EABD322D0803AEC9434D68B81FABD ] swprv           C:\WINDOWS\System32\swprv.dll
21:28:39.0035 0x5e08  swprv - ok
21:28:39.0062 0x5e08  [ CAE4B27B469C583131EA5AAE622F5D76, 3979006EB22489D1AAD2EC2E9F32C286EEDCDB83B37B97E58BA831263EC33B84 ] Synth3dVsc      C:\WINDOWS\System32\drivers\Synth3dVsc.sys
21:28:39.0065 0x5e08  Synth3dVsc - ok
21:28:39.0122 0x5e08  [ 34A3EB84B2A830E6F450B8F885AE4E6E, E61AC6D17B815CB71F26D71CA3CCAFD9E66A170E3ED2E64A4F20D097A0C683B5 ] SysMain         C:\WINDOWS\system32\sysmain.dll
21:28:39.0156 0x5e08  SysMain - ok
21:28:39.0188 0x5e08  [ FA8E0A9C648035CA1B47C9DA77EDB7EA, 4097AB89D2DB4741B138F3939AED4C5DB00BA124BF66E5DC2218ACF3A37513A3 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
21:28:39.0199 0x5e08  SystemEventsBroker - ok
21:28:39.0227 0x5e08  [ 6979A147C0D5C5CAB621ADC394D32B80, C30B8E3D271A1591D965559EA4A11A1BE63A34D832ED53B26CE91799C888DF77 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
21:28:39.0247 0x5e08  TabletInputService - ok
21:28:39.0272 0x5e08  [ 86B62FC8CB89946446F9B24FE49A66FD, 7B095310D1C78B82E5ACAC4713E101DD1323A3CF6FB39218C2E78ABE2B0385B5 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
21:28:39.0281 0x5e08  TapiSrv - ok
21:28:39.0385 0x5e08  [ 083A727D784009F9CCFB120C7841B7AF, 14242ECC3EB17154AD856A2C5229324BA6914291F4E2CD93E6AE251A31130448 ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
21:28:39.0452 0x5e08  Tcpip - ok
21:28:39.0513 0x5e08  [ 083A727D784009F9CCFB120C7841B7AF, 14242ECC3EB17154AD856A2C5229324BA6914291F4E2CD93E6AE251A31130448 ] Tcpip6          C:\WINDOWS\system32\drivers\tcpip.sys
21:28:39.0560 0x5e08  Tcpip6 - ok
21:28:39.0578 0x5e08  [ 17F37EC9042D84561C550620643D9A85, B01620BA319A1383D403E6E50C7724879520F3267654556D975CAFFF91A82C78 ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
21:28:39.0580 0x5e08  tcpipreg - ok
21:28:39.0613 0x5e08  [ 91D3F2A6253EF83EFBD7903028F58C4D, C15768CCCF734093B0F8A5E76882B35927B716E4F14D91ACEE897E1C078D43D1 ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
21:28:39.0617 0x5e08  tdx - ok
21:28:39.0651 0x5e08  [ E730D0EB1B84EBC98423FC8D285EDBC0, 442DD433F9D22304E64EC7ACFC4E04892D4D92D8AC545A3530FC932A2EEC4767 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
21:28:39.0653 0x5e08  terminpt - ok
21:28:39.0700 0x5e08  [ 14307D4801C8CEF0A615907C09E886B3, C7F34C294D70DE689F673E0B5E9253B27EFEBBE6FA38B68B3B0B0374A896407E ] TermService     C:\WINDOWS\System32\termsrv.dll
21:28:39.0733 0x5e08  TermService - ok
21:28:39.0748 0x5e08  [ D009D1BC14FD5F2AC93D1878735F6C39, D8BCE505B66E05BC00075E46B38359CA4D0FA484EB7981A74221885E8A1FFB87 ] Themes          C:\WINDOWS\system32\themeservice.dll
21:28:39.0752 0x5e08  Themes - ok
21:28:39.0787 0x5e08  [ 5F27DE2082E16D4C1D6C627C8ECBD341, 08DA3EB3EF2B2006B6F9F2C8C149DF55DE6738975D556206A814096CAB5C1411 ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
21:28:39.0798 0x5e08  TieringEngineService - ok
21:28:39.0843 0x5e08  [ 7ECACE6D0B4C2D323408EB00FD93C682, EE7F5E5185EA8C8098046FA573659443014ED7C9DA9E710D9EF3FCACBBFFA100 ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
21:28:39.0863 0x5e08  tiledatamodelsvc - ok
21:28:39.0899 0x5e08  [ 7E81E3E0D7F83BFE3C3975020B6C7F12, 316F9415646CC7A4E9A5F1E07310D433457E623B3E589543E4A6C73C4F77712C ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
21:28:39.0905 0x5e08  TimeBroker - ok
21:28:39.0943 0x5e08  [ 87B9ABB965F7AF987D52791F0DD1663D, 6E42F764D47ACAD644E5F547E503B7AEA8D700C335674D1B0EB5493914F747E7 ] TPM             C:\WINDOWS\System32\drivers\tpm.sys
21:28:39.0948 0x5e08  TPM - ok
21:28:39.0980 0x5e08  [ AA84AF93CE5AF1F05838B51D20295419, 85B3EE773C691EEDFA080CD9C59D31CB58A5BC577AEE91A929F5DFBE1368AB6D ] TrkWks          C:\WINDOWS\System32\trkwks.dll
21:28:39.0985 0x5e08  TrkWks - ok
21:28:40.0034 0x5e08  [ E50DD57F496CED8873FA3E7D38BCCD42, 36B95F6F2CF48078C6B19FB452C87BB07E95C8804A5C6B526D349AC6227CAB26 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
21:28:40.0037 0x5e08  TrustedInstaller - ok
21:28:40.0051 0x5e08  [ 48E828C66AB016E48F2CB4DD585315FD, 063809B610F6B177B65D62D12605FB94F108DB26A9FD3067E6D6C51F0D92E774 ] tsusbflt        C:\WINDOWS\system32\drivers\TsUsbFlt.sys
21:28:40.0053 0x5e08  tsusbflt - ok
21:28:40.0065 0x5e08  [ 267C76EE60736EA5A1811A53FA02AABE, 28D4C4CB972534204B8336D0403B70E4EFE4F8369ABDE7401FFCCF7D4E3EA165 ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
21:28:40.0067 0x5e08  TsUsbGD - ok
21:28:40.0093 0x5e08  [ 8CE72F094B822AD5EE9C3A3AFC0C16B6, 827CCD849544E1DA364B03DBC82A848D2F93AD32BA14ED52709C609BC70CE5CA ] tunnel          C:\WINDOWS\System32\drivers\tunnel.sys
21:28:40.0097 0x5e08  tunnel - ok
21:28:40.0132 0x5e08  [ 56C238ACFE4CB020D3E38508249039EA, 172868080F07D98175229A02410FE751B5958ED5A3D567D4AE5736F4025DF432 ] tzautoupdate    C:\WINDOWS\system32\tzautoupdate.dll
21:28:40.0137 0x5e08  tzautoupdate - ok
21:28:40.0165 0x5e08  [ 42C546414F80BD6C0137FC3A106F8A69, 067FFCAF0059935851888BD984E848E4E1A6CC1941A8F4534067CCF0B2A3B2E6 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
21:28:40.0167 0x5e08  uagp35 - ok
21:28:40.0186 0x5e08  [ 1686DBC81748B096232B15F16C302985, 63D72D1838C42A95599AF3C0B19A069E310ADB091208011D7D6FBAC968D1A59A ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
21:28:40.0188 0x5e08  UASPStor - ok
21:28:40.0203 0x5e08  [ 82D3B1F4D80057826AA649D78147DE36, 344A738F6866BFD3095BB802206DDB2F9E9AD89DC39CAA7DE96455F410683829 ] UcmCx0101       C:\WINDOWS\system32\Drivers\UcmCx.sys
21:28:40.0205 0x5e08  UcmCx0101 - ok
21:28:40.0224 0x5e08  [ 1C95F7CE37D9EFB90EBE987A9712356C, B9EE7743ADA50276F05D735C5C29E44039D630A7DC93766A0EAF400DA037E4AF ] UcmUcsi         C:\WINDOWS\System32\drivers\UcmUcsi.sys
21:28:40.0226 0x5e08  UcmUcsi - ok
21:28:40.0246 0x5e08  [ AED081772091C98173905E2DF28C223B, 08541CF3354EBB634BD590E0019128F70A6FCA9075B7E785A9E9BD82EC234DD3 ] Ucx01000        C:\WINDOWS\system32\drivers\ucx01000.sys
21:28:40.0251 0x5e08  Ucx01000 - ok
21:28:40.0262 0x5e08  [ DCA34A111C29E4578DF2B8CEA3C7CDBD, 86BCE4C8EC228724D5896067A85A4768B6069D10A482ECC51A8F828DBD3880C9 ] UdeCx           C:\WINDOWS\system32\drivers\udecx.sys
21:28:40.0264 0x5e08  UdeCx - ok
21:28:40.0281 0x5e08  [ 718A956AE00CE086F381044AB66CC29C, E4EED1600C72CECE1D4507827C329A93D356BBA027470FCF6C4B5C1651DED643 ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
21:28:40.0289 0x5e08  udfs - ok
21:28:40.0307 0x5e08  [ BA760F8E66428BA9FF1E8BFBC6248136, BE7DCBB293B12672CB3653E640C46F669BD738D320F34F4FA4A26F6B248561F0 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
21:28:40.0308 0x5e08  UEFI - ok
21:28:40.0352 0x5e08  [ AD53262AFF486D28190439D3A59C80F7, 9A57AA4BD93392894110B344CAB884476A2F107442FAB6E840178BE544B5CC6E ] UEIPSvc         C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
21:28:40.0358 0x5e08  UEIPSvc - ok
21:28:40.0392 0x5e08  [ 05DD22294A4F3F89E52351C7721E6D2C, 300A7D4BD5F26814CF73400E01DEB810CA3F91BD190B3D37B74ADF080F582829 ] Ufx01000        C:\WINDOWS\system32\drivers\ufx01000.sys
21:28:40.0399 0x5e08  Ufx01000 - ok
21:28:40.0412 0x5e08  [ 2B1DABA97DDF5365FC66EE7DEDD86A13, 2FF3355862938B37EE63FCA149415CE5032BF54747B07517BB21460733B65AD8 ] UfxChipidea     C:\WINDOWS\System32\drivers\UfxChipidea.sys
21:28:40.0415 0x5e08  UfxChipidea - ok
21:28:40.0437 0x5e08  [ 2A87EA182EA333D79AA0B03833EA67F2, 227792A8B4E63CF60A3DEECF829448C8FD59A40DEF3F42414E432820F8D34F64 ] ufxsynopsys     C:\WINDOWS\System32\drivers\ufxsynopsys.sys
21:28:40.0441 0x5e08  ufxsynopsys - ok
21:28:40.0471 0x5e08  [ 63451BD694651307254B8DD37A3D79C7, C781E2D876AF42D5972CCDCF86B7A59F6AF8AF0C6350647F3FA1B209119B5EF9 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
21:28:40.0475 0x5e08  UI0Detect - ok
21:28:40.0497 0x5e08  [ 6DE78C04BF32ECA7AF3064F53687C9A5, 164D3BB24EBA3EAF613799928063FE75220A4E583D985F53A895017782C18600 ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
21:28:40.0499 0x5e08  uliagpkx - ok
21:28:40.0514 0x5e08  [ 67D1E0E6E4D5D33AF0AEF0E33B4DA0F4, BA2E6F16B6B3B54C943F1E7B9F79A6D1332A7ED228D754CC5AE70E3CD78B1F37 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
21:28:40.0516 0x5e08  umbus - ok
21:28:40.0530 0x5e08  [ 11680607944A719EF20E0E740785712A, 1567C2B3AAD702DCC2DC9C6B7B92EE5B681C06701A39DAC3AA7E2BE9E1E04F47 ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
21:28:40.0531 0x5e08  UmPass - ok
21:28:40.0564 0x5e08  [ FD949725D9EB52C0B87435CDE1134668, 96E2B3D3379E9AE225E5A4C5251207F1E7DA573901F4F026758EDE9FAEF4F2C5 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
21:28:40.0572 0x5e08  UmRdpService - ok
21:28:40.0633 0x5e08  [ CB902A15DD21B363FECA5DCCF34F5C57, 6A0836A12A410EBD5C667982852B58CA9E9EDB11EA666C413CC0F811E01A549D ] UnistoreSvc     C:\WINDOWS\System32\unistore.dll
21:28:40.0678 0x5e08  UnistoreSvc - ok
21:28:40.0755 0x5e08  [ B85A8CF2BE74DFF1E80097AC94584112, B1DBACC33A4143FEE2CF54E567590A69580312AD7A053BCC85B487C4D451FBDA ] upnphost        C:\WINDOWS\System32\upnphost.dll
21:28:40.0767 0x5e08  upnphost - ok
21:28:40.0793 0x5e08  [ 2410A0C20D21A25E6C01979FA886BE90, DD3F92D8CF110D47B9E36BA0EB10EB34C0FDD28FE0D57E4B60F9326703388F75 ] UrsChipidea     C:\WINDOWS\System32\drivers\urschipidea.sys
21:28:40.0794 0x5e08  UrsChipidea - ok
21:28:40.0809 0x5e08  [ 6E59CE43B6BA5AA1ADCF36A4DBBB92BB, 647D66775A90F67D803043DE8C8AE8BC2F7A042A8DCF9C95BF5458C79609481B ] UrsCx01000      C:\WINDOWS\system32\drivers\urscx01000.sys
21:28:40.0811 0x5e08  UrsCx01000 - ok
21:28:40.0820 0x5e08  [ E8A59FA109A22FC07E44BDFCC9727DBD, 0DC5928C0FF7E5B38917660D6EFECCC22172DB0BB9B23216F33E750790529C16 ] UrsSynopsys     C:\WINDOWS\System32\drivers\urssynopsys.sys
21:28:40.0821 0x5e08  UrsSynopsys - ok
21:28:40.0847 0x5e08  [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64       C:\WINDOWS\System32\Drivers\usbaapl64.sys
21:28:40.0849 0x5e08  USBAAPL64 - ok
21:28:40.0870 0x5e08  [ D8A44550ECE102B6443F5D54DCE7DAB3, 97F5AE7B17DAC4A4F3186C77116BC8E49874FB0018C99D8E2CDA29D89E8B0912 ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
21:28:40.0874 0x5e08  usbccgp - ok
21:28:40.0886 0x5e08  [ 66B3D22DAB5312FF238ABF5C6D9F8FAB, 4A644AFC1C27D692D352BEB8801398A00EA5B4055476063AF905A0A46DDBF8BB ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
21:28:40.0889 0x5e08  usbcir - ok
21:28:40.0919 0x5e08  [ 3E4F20DB902D2E2914F3FF3DB9772200, F3D32BE06A26164B5F6E8DB67160D1DBBDC6D14666EEF84EA43C78CB7706E31C ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
21:28:40.0922 0x5e08  usbehci - ok
21:28:40.0945 0x5e08  [ 41F7F00D76904416EF1F9EFA1A4C37A2, 7A4250EB2E2E0037B3AE1480C13B229ECFF5C575E68E4F934EE011DB1833B46A ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
21:28:40.0958 0x5e08  usbhub - ok
21:28:40.0996 0x5e08  [ E7463CE8579A0418A98BE9BE42C647D7, 923CD51C82FCF9DC4E9EEA99E53634EE07EBF62FB5DFC337F01309D7D5C7622C ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
21:28:41.0016 0x5e08  USBHUB3 - ok
21:28:41.0024 0x5e08  [ DAB35CCA86F5FBE77D870A40089BC4A1, 4A47D59D882D0F2B93F2EE7F10995E7D68B58009434E2CBD04C659E0D1F059D8 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
21:28:41.0026 0x5e08  usbohci - ok
21:28:41.0036 0x5e08  [ 21162F65C7756AAECAEBED9E67D0A5FE, DE3B43964171DB5B0464DA5E7A674A5D200A8695E6EF1AE2030681066ABA2688 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
21:28:41.0037 0x5e08  usbprint - ok
21:28:41.0060 0x5e08  [ 4AAD6547953D373A1EB5B2DF583D868B, 4E3DCEC9644550996C314FCC39F885DDE4AA7AD821B8596D96C5BEA5D60795F7 ] usbser          C:\WINDOWS\System32\drivers\usbser.sys
21:28:41.0062 0x5e08  usbser - ok
21:28:41.0087 0x5e08  [ 8949F77132A4F8F3BA17C6727099F002, 86AD4A2263B34983335180FDAE775D1744E042D2A11300D27DF546F15F285A25 ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
21:28:41.0091 0x5e08  USBSTOR - ok
21:28:41.0103 0x5e08  [ 8B3E458A8851F9A3B2109B1680EE1159, 753AC8F82F65564F00EA2F60B43E4B815FEAABE0DA35B6356210A5F4B1CA3EFC ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
21:28:41.0105 0x5e08  usbuhci - ok
21:28:41.0131 0x5e08  [ 4B13B61CBB9CC3CB373C60B930D648F5, C79D10A1BF2B6BF141DD37A90BCCA0E1F2AF31B5028BB21537A8EE6EED630F5B ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys
21:28:41.0137 0x5e08  usbvideo - ok
21:28:41.0177 0x5e08  [ 9E9D58F5E1702955B2F4D62996F80E8E, 6C21C250B9D98346D0D5CB7D6C11AB120A1D195C28313BDB0CE532663F0114E2 ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
21:28:41.0187 0x5e08  USBXHCI - ok
21:28:41.0254 0x5e08  [ 2771EBB565F5C121E66060B173991D4D, 1EB34A6262A18E47ADCA392FDB2D58E8428A1CA43EB4196D76A897F74A03CA7F ] UserDataSvc     C:\WINDOWS\System32\userdataservice.dll
21:28:41.0300 0x5e08  UserDataSvc - ok
21:28:41.0408 0x5e08  [ 36EC82F0E399F36BD25F593D63DC144A, 2A9E916A098ACD5A5074A5FD053ECAB027A0932A348C728F20CD63EF16289533 ] UserManager     C:\WINDOWS\System32\usermgr.dll
21:28:41.0441 0x5e08  UserManager - ok
21:28:41.0465 0x5e08  [ 0D33D06EF42E3BC6A7BBC4F7F7517C25, 1B19739341F5D76C0C491D20BD676877D7D59C73AFC3108567C81E6963E6384A ] UsoSvc          C:\WINDOWS\system32\usocore.dll
21:28:41.0476 0x5e08  UsoSvc - ok
21:28:41.0487 0x5e08  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
21:28:41.0490 0x5e08  VaultSvc - ok
21:28:41.0525 0x5e08  [ E1BE37312785A71862516F66B3FD24CE, D248C513DBEACB192653C6E46809209F341771B146544BBF43B86369280B4F8B ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
21:28:41.0527 0x5e08  vdrvroot - ok
21:28:41.0574 0x5e08  [ 67A6E949395A09914AD8B38FE14B8D15, 593F2FAA880B2E0468F98BD58B5214A170E5890907B25294D7A47C66505A3D45 ] vds             C:\WINDOWS\System32\vds.exe
21:28:41.0608 0x5e08  vds - ok
21:28:41.0628 0x5e08  [ E42C0F2850735FF9D908B9DB581E6314, E2204A56BF37FC57CD2ED96E3F908882D72B4BFF1BFB97C5172C851F1E4F9650 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
21:28:41.0633 0x5e08  VerifierExt - ok
21:28:41.0661 0x5e08  [ EC15FD6A28757793E2DA394CD94ABD52, DC758BBEE9C6952D7B3F7171EF67B037B4068E88189A2C4A894122D1D1209468 ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
21:28:41.0684 0x5e08  vhdmp - ok
21:28:41.0699 0x5e08  [ D0C9632C350F46786643A069251BC249, CF65BA0D3F3D2B821C10E2D4F53F5B6BF6236CA9767419392A561CFA79254C3B ] vhf             C:\WINDOWS\System32\drivers\vhf.sys
21:28:41.0700 0x5e08  vhf - ok
21:28:41.0725 0x5e08  [ E886CB75DA2B6EB35469EF10135624C7, 3AFC59A0709B984F517A918D5BBEBEB1C80001BEC87C133447DCEAEDE00E516D ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
21:28:41.0728 0x5e08  vmbus - ok
21:28:41.0738 0x5e08  [ 46D2EC27820EC0F798F85821E53C2942, D298A7D6AC16F76A069F843C8DD323ECB340D361733CB9B076BCDE8FC5F1FEFC ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
21:28:41.0739 0x5e08  VMBusHID - ok
21:28:41.0776 0x5e08  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
21:28:41.0796 0x5e08  vmicguestinterface - ok
21:28:41.0812 0x5e08  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
21:28:41.0822 0x5e08  vmicheartbeat - ok
21:28:41.0838 0x5e08  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
21:28:41.0849 0x5e08  vmickvpexchange - ok
21:28:41.0868 0x5e08  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
21:28:41.0880 0x5e08  vmicrdv - ok
21:28:41.0894 0x5e08  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
21:28:41.0905 0x5e08  vmicshutdown - ok
21:28:41.0920 0x5e08  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
21:28:41.0931 0x5e08  vmictimesync - ok
21:28:41.0946 0x5e08  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicvmsession   C:\WINDOWS\System32\ICSvc.dll
21:28:41.0957 0x5e08  vmicvmsession - ok
21:28:41.0972 0x5e08  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
21:28:41.0983 0x5e08  vmicvss - ok
21:28:42.0002 0x5e08  [ B9265F47E7A354BAAA0AF5CBA3F8F7CE, F836E7BEDC7CAB1C01225164D171A0210D8F909F52992E4C0BF3C92B365BCD52 ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
21:28:42.0005 0x5e08  volmgr - ok
21:28:42.0021 0x5e08  [ BEE9C8B72AB752B794F69C2B9B3678AA, 49A5093C26F3CDCD60577F7F2D7F936C7B2BD010B27F2C49A7B6AA41E42DF98D ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
21:28:42.0031 0x5e08  volmgrx - ok
21:28:42.0051 0x5e08  [ E1F91A727A04C9F8199D04FF3BBBF63C, 076CAEE621DBF7DE24ED92BA239C440879FDB674CF3213DF3E35AEC03D0D2031 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
21:28:42.0062 0x5e08  volsnap - ok
21:28:42.0094 0x5e08  [ F7B1B1101271E31F43CC76E890704F51, 2282D82B220C3D13FF980ED8E40443C83816D3DA9557EACEA137873F92BB9CF4 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
21:28:42.0096 0x5e08  vpci - ok
21:28:42.0127 0x5e08  [ D48ED0A08BD2FD25A833E6AC99623091, 6CA7580878D3893E14B4938023A00CDFC9BE215A0CE4ED59A94F95DFD9FDF4D8 ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
21:28:42.0132 0x5e08  vsmraid - ok
21:28:42.0193 0x5e08  [ 4CF5A1E0C4FCA956ACD6C654E2A8610E, 57F3C7200C25E8717AF92AF2ED7615C6605179D3514B432220FA6EA94CAB4F2E ] VSS             C:\WINDOWS\system32\vssvc.exe
21:28:42.0231 0x5e08  VSS - ok
21:28:42.0261 0x5e08  [ 6990D4AFDF545669D4E6C232F26DE1FB, 9B8F99A035188FD96BA79E935E8EF387BEA2223ECA0B74CF64AB993DABAA5722 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
21:28:42.0268 0x5e08  VSTXRAID - ok
21:28:42.0298 0x5e08  [ 1EE11F0508C58EF081F4176E66D6970B, 9069B3FC8850C7CF617909C6DBFC3753FEB59A9E708379CC57190F4097FB374E ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
21:28:42.0299 0x5e08  vwifibus - ok
21:28:42.0316 0x5e08  [ 938E4EF58E42D252B742B0E243011B90, AC0C21FBAF15924CB271CA43ACB7A86287936C78B4852BCFC59EC7EC703E036C ] vwififlt        C:\WINDOWS\system32\drivers\vwififlt.sys
21:28:42.0319 0x5e08  vwififlt - ok
21:28:42.0331 0x5e08  [ 3BE5AAC930447FD18D4A8255A2FEC95C, A517357188FE4A5BD98A3CDB2165ACCE96CCE4BE2B90DDBEAF70B6DDF393F506 ] vwifimp         C:\WINDOWS\System32\drivers\vwifimp.sys
21:28:42.0332 0x5e08  vwifimp - ok
21:28:42.0378 0x5e08  [ 48C1A256591297C43ECFC4E30D144EAA, 8E66833ED2CEB6D7E499EB2E4282B4F9DFA28B6D21757BB88EC52FD069D7FACE ] W32Time         C:\WINDOWS\system32\w32time.dll
21:28:42.0400 0x5e08  W32Time - ok
21:28:42.0411 0x5e08  [ 00C27B64C758C111E5D78A70DE6CA2B6, C99761B9B671B3A1FF1C52796CCA3F4F825BF50D9657D13B551E849CDD82055D ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
21:28:42.0412 0x5e08  WacomPen - ok
21:28:42.0451 0x5e08  [ D76D1AC4F2C642D09A68227D129A4726, D14D6C4D94E9660848C74B220359683D91A4A3D70750E781A20B6D86D46794CE ] WalletService   C:\WINDOWS\system32\WalletService.dll
21:28:42.0472 0x5e08  WalletService - ok
21:28:42.0506 0x5e08  [ 8CB53620B2C2F0641DD7563EA0FDF491, D62FE75C908409A54949F0E3C39558DC7A8F11AF7496ED7B0872D80D08CB67A7 ] wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:28:42.0509 0x5e08  wanarp - ok
21:28:42.0514 0x5e08  [ 8CB53620B2C2F0641DD7563EA0FDF491, D62FE75C908409A54949F0E3C39558DC7A8F11AF7496ED7B0872D80D08CB67A7 ] wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:28:42.0516 0x5e08  wanarpv6 - ok
21:28:42.0583 0x5e08  [ 2598BBF11C9E7D0885DCA52E7FD5BCBD, 46B1FB080A2CD88C89A0EB8BA2594A1FA2C341ED77A6C6835CBFFE42907FAC55 ] wbengine        C:\WINDOWS\system32\wbengine.exe
21:28:42.0662 0x5e08  wbengine - ok
21:28:42.0700 0x5e08  [ 642EFABF900374FA85639D83B5533AFD, 292692D6AAC2A785D237ADFBC7CA3D379E8FC79FA366A8CE7D06F5CA5CE6866B ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
21:28:42.0724 0x5e08  WbioSrvc - ok
21:28:42.0761 0x5e08  [ 0BF8D8C7EC9FB15D6480A12101E88B71, E7BC6A4E53D8C9D73BF83097DFE43ED8038B7BED0AE56E5AF7983F74562F15A3 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
21:28:42.0783 0x5e08  Wcmsvc - ok
21:28:42.0823 0x5e08  [ 53A036CED1270F2459E708A05922FD49, 2F281A72E4B0408DE6C8153F5988C9AA38591FB1E72558767D389637D0666A85 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
21:28:42.0844 0x5e08  wcncsvc - ok
21:28:42.0854 0x5e08  [ 965B6197A659782B6A0F68411A180AAD, 5541AB78B71E4FA655BCBF2D80D574B2A3B4AA8871F65D26620BDE549FA5459A ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
21:28:42.0858 0x5e08  WcsPlugInService - ok
21:28:42.0874 0x5e08  [ 069D3D6E20AD753B34FCE856F0436869, CF8C12295DDAA56E7350019AADBA533D7857CFB3F20DEE14E557963645A9331B ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
21:28:42.0876 0x5e08  WdBoot - ok
21:28:42.0924 0x5e08  [ 6CC727E94CD84E9720FDCDA8089CABCC, BCF66056B06DED6BC2D329E910FCD3E685D627BAD3B5D7F4B0E970B45CD9CEF4 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
21:28:42.0957 0x5e08  Wdf01000 - ok
21:28:42.0996 0x5e08  [ E3E97151A1D1E87BB2D5371F66C5F169, 0ED0B9852FE0533816F5EE2F06045B3964A00FD749A7011DB3C663AB6FA369E2 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
21:28:43.0002 0x5e08  WdFilter - ok
21:28:43.0031 0x5e08  [ 75DC67553051103547B693898CB32D08, 4FCF2C3DBBE85461364B1F3A3F3629B52C8664487D30142D15937A4C96EF6A8F ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
21:28:43.0036 0x5e08  WdiServiceHost - ok
21:28:43.0041 0x5e08  [ 75DC67553051103547B693898CB32D08, 4FCF2C3DBBE85461364B1F3A3F3629B52C8664487D30142D15937A4C96EF6A8F ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
21:28:43.0045 0x5e08  WdiSystemHost - ok
21:28:43.0087 0x5e08  [ 2BC2E99623119521EEF7910A11D0FDE0, 3F3E48A79534F0F65F961D9B170D534562E04901B630127B16DF02E6D42F2BBF ] wdiwifi         C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
21:28:43.0109 0x5e08  wdiwifi - ok
21:28:43.0127 0x5e08  [ 07B043160399AF4009054E2EA3464BF4, 8D652D7CD75F8FB2B5414155355F0C970015914E1AC6522DBB8387BB8662F542 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
21:28:43.0131 0x5e08  WdNisDrv - ok
21:28:43.0154 0x5e08  WdNisSvc - ok
21:28:43.0180 0x5e08  [ 9972D395DBD05D91DA5EDADEB9325680, 9382D846793F285721A1A0FED42F914035A53D856B902FADB0B7144C471BDA91 ] WebClient       C:\WINDOWS\System32\webclnt.dll
21:28:43.0188 0x5e08  WebClient - ok
21:28:43.0201 0x5e08  [ B6BF579761489720BCE787F723F596E5, 879B17F6A4F23F5E85A09126B7B407955DDCEB1BA4A8FFC0A418B7F47311C056 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
21:28:43.0208 0x5e08  Wecsvc - ok
21:28:43.0221 0x5e08  [ 10C9CF8771A2A87F575F9FB56821474E, 15E3DFFE9CF6777F67E426ECF797D2DF743EA152DEE336DCC9C2F92A0E6EB9A3 ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
21:28:43.0224 0x5e08  WEPHOSTSVC - ok
21:28:43.0242 0x5e08  [ 357C083FE35D030D991D163AAF622A06, F301852D49DBDEF0D28F56CD74CBDC71CA003EBD07D3F46EA5C870DC1BD07896 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
21:28:43.0247 0x5e08  wercplsupport - ok
21:28:43.0268 0x5e08  [ 2235AF716D15D9DFE4C59DC2AC0C440C, 2DCFCEBEA77E7E40CEF9A785BE1A794B390B36E40FBCF49B494F9CEA3F6A28C4 ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
21:28:43.0274 0x5e08  WerSvc - ok
21:28:43.0295 0x5e08  [ C11272713719922DE5711094333BD166, 61D4F07E02AECF04964FF51EEA31069A2B0EAA549AD2B29B5FD3E1E6BB543593 ] WFPLWFS         C:\WINDOWS\system32\drivers\wfplwfs.sys
21:28:43.0299 0x5e08  WFPLWFS - ok
21:28:43.0318 0x5e08  [ 205A1FAE910F5C493D236245850BB62A, DBA4D1D734BAA3CDEB8A7F9C81A8DAA88CEA55AF5C4C5908E76FB8E522C5EC8A ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
21:28:43.0322 0x5e08  WiaRpc - ok
21:28:43.0351 0x5e08  [ EF536C54AB9281FDC4E83B07279FCFC4, 22E4F133170682EE14413CA8FDC2DBE73AB31960D6ACB728A6B398229FDDFD3B ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
21:28:43.0353 0x5e08  WIMMount - ok
21:28:43.0356 0x5e08  WinDefend - ok
21:28:43.0395 0x5e08  [ D8966A76408107224C6013993135DD78, 6159F69BC26FF817078E68C70E6DFC9075FEBF9EF9F4F046C7A65BC377544AE6 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
21:28:43.0398 0x5e08  WindowsTrustedRT - ok
21:28:43.0407 0x5e08  [ 8B102A7B6CE326FD4208CC7C2D183343, E47C1D76CBFD2A382C3A7BB048D752FB6DD4616FADDEB1C3ADD5DDAE149742AF ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
21:28:43.0408 0x5e08  WindowsTrustedRTProxy - ok
21:28:43.0454 0x5e08  [ D4B30E23A3B373648F61290DAF432CB2, 7084E24A2E813BDD11C880F2B2D2626CD3600D9BABAA8AA8F068748E90BC8D58 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
21:28:43.0488 0x5e08  WinHttpAutoProxySvc - ok
21:28:43.0515 0x5e08  [ 4A53441C1C4D2878BEF27E381138BB2D, C221E74491E6FD2AF472B53876B46788D5CF62F4E645457F3B3816FD0ED2BAA1 ] WinMad          C:\WINDOWS\System32\drivers\winmad.sys
21:28:43.0516 0x5e08  WinMad - ok
21:28:43.0589 0x5e08  [ 1033C37122C7404C3B926ADF84874832, 163B3A7112F13AE7BB2655A28C6B19AF9B263F2AD2FF1B75314BE3E2B9118903 ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
21:28:43.0596 0x5e08  Winmgmt - ok
21:28:43.0700 0x5e08  [ 703D0F62C5AA4D08EE8756516C0D125D, 02015A5E62490C11EC968160C528C2AFD1D7194AACA27F407B06EB462657511F ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
21:28:43.0782 0x5e08  WinRM - ok
21:28:43.0811 0x5e08  [ 260907CE034FE327AC99BDA4153AB22F, B96501F43248713C2E153B9D22B78D51412A3C6989A2FB5F53A406C6CDC98D30 ] WINUSB          C:\WINDOWS\System32\drivers\WinUSB.SYS
21:28:43.0814 0x5e08  WINUSB - ok
21:28:43.0826 0x5e08  [ 40A3E8D729F458B2C9A8BD9380FF83D5, CD42FFC138969EF8C9588FD113F0B9A98FBA282D46A5B6BCFA765F55ED6E97A1 ] WinVerbs        C:\WINDOWS\System32\drivers\winverbs.sys
21:28:43.0829 0x5e08  WinVerbs - ok
21:28:43.0920 0x5e08  [ 453740989239803FE363FF8B40EA2E08, 25499705627C38D3431B3C336E0CF3BF55ABB0C461B88DA6D3767CAAE1E2B893 ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
21:28:43.0999 0x5e08  WlanSvc - ok
21:28:44.0082 0x5e08  [ E48BBF1363F843E030757EC190DD33E6, B37199495115ED423BA99B7317377CE865BB482D4E847861E871480AC49D4A84 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
21:28:44.0149 0x5e08  wlidsvc - ok
21:28:44.0157 0x5e08  [ 8F010BF65238F3F822D22BA12831796E, 2CA830F259B742D2F5CDD0437960BF512D40FB4A4C2342E3BABB38D468F79694 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
21:28:44.0159 0x5e08  WmiAcpi - ok
21:28:44.0191 0x5e08  [ 74ACA5A7880C1F0BB9D60E32E1705A70, A89817BCCBFF94D7394614DA81D1C6C4F53AF47A539E674EEF6DC3FC496BF702 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
21:28:44.0197 0x5e08  wmiApSrv - ok
21:28:44.0220 0x5e08  WMPNetworkSvc - ok
21:28:44.0246 0x5e08  [ 2A9650FCC696DB28E45EA8B33B99B8E6, FBEBC6C05D50F578C6EEE0A7285EBE1DEADB08DD21FA3232630FD8D5A68FC3FB ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
21:28:44.0261 0x5e08  Wof - ok
21:28:44.0338 0x5e08  [ 4090C6738AA92B428220857B4D44F638, 4A3EE47494051E5BA8393F2AC8226EF434DA3AA1895CF4BADC9BC1BC378647C6 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
21:28:44.0395 0x5e08  workfolderssvc - ok
21:28:44.0423 0x5e08  [ 22C52D7EE7C7D0E02C8EFD8CAE8E3A71, 126605A12CEC9CC07DE3050F12E43CECABEAF0D00DF12300AF70F34700F7FE8E ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
21:28:44.0425 0x5e08  wpcfltr - ok
21:28:44.0444 0x5e08  [ 45FA01F8B7971ACB65202038E34D04A3, 9B2C2ABC7DB716295B0BD0AF04DA08E6B4200D7CF1C7DB59DD8FD8FEBD56D94C ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
21:28:44.0449 0x5e08  WPDBusEnum - ok
21:28:44.0463 0x5e08  [ 1C08E424CBDD5065BB7266F8C048C1B1, 0452C85EDA6CBAB75C2617886C5D8117ED25D91F1BE0F8377B08D55B6629B028 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
21:28:44.0464 0x5e08  WpdUpFltr - ok
21:28:44.0482 0x5e08  [ 2C6EEFFBB7FB1C51CCD3737C77AB9109, 8C2ED309FAF4312512E7BCCBBC51B1353603A3499077A1DE21991F0692AF1620 ] WpnService      C:\WINDOWS\system32\WpnService.dll
21:28:44.0486 0x5e08  WpnService - ok
21:28:44.0497 0x5e08  [ 638B43D39A3D0B47024555CF1095E6F1, C7EA0A6ED227A5256EB02CA76FEC538DF196B8DC38DA2A567757D2B221C9473E ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
21:28:44.0498 0x5e08  ws2ifsl - ok
21:28:44.0517 0x5e08  [ 5B813FADEA5BE9195F01C83287F823F7, B186175B12AF444F987FE9F0F9D329A0F9186C06E3D228824E0929BB0084853F ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
21:28:44.0523 0x5e08  wscsvc - ok
21:28:44.0527 0x5e08  WSearch - ok
21:28:44.0655 0x5e08  [ 6E04BBE242E2889B37300C4DF5CE1126, FBDAEAC62C48A4FC5EF412AE47FF10590AE83E8871412F76F6F9BAE910542DFA ] WSService       C:\WINDOWS\System32\WSService.dll
21:28:44.0755 0x5e08  WSService - ok
21:28:44.0838 0x5e08  [ 8D3AC00C88BC2A63D1D3CC320E0EAA19, 0E46765269B6FAD8ED8F032C42B38FA5998610CD9E85EB91A414135C595B3E75 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
21:28:44.0905 0x5e08  wuauserv - ok
21:28:44.0937 0x5e08  [ A928F25CB62232F413EE655352856E10, 1D2B278A24DDDE8792ADE7649FF90A98E186B79F13AA296C30E4180293BE906A ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
21:28:44.0940 0x5e08  WudfPf - ok
21:28:44.0957 0x5e08  [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFRd          C:\WINDOWS\system32\drivers\WudfRd.sys
21:28:44.0962 0x5e08  WUDFRd - ok
21:28:44.0989 0x5e08  [ 1336DA39FE006EAB2733CA4DE5B3560C, F0D6C71ADCB66D4D14EC6D09FD43F5521A3A8CA53F248DFD01696FB4F033BE77 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
21:28:44.0993 0x5e08  wudfsvc - ok
21:28:45.0002 0x5e08  [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
21:28:45.0007 0x5e08  WUDFWpdFs - ok
21:28:45.0015 0x5e08  [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFWpdMtp      C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
21:28:45.0019 0x5e08  WUDFWpdMtp - ok
21:28:45.0075 0x5e08  [ 5DA95027DF2317174E8C39B4A8D1FCD8, 99B356411CB08B8BCCF2348DBF1FD5D4F417EA509D9C7CE23E5877C333F4D304 ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
21:28:45.0121 0x5e08  WwanSvc - ok
21:28:45.0164 0x5e08  [ 5DFAF8BE5A3CABAABF6795BC09EB7876, 1AFD0BC50EA5C2CCB2874E97FE5205175C80849BD6C9BDAF9FBC49174D478997 ] XblAuthManager  C:\WINDOWS\System32\XblAuthManager.dll
21:28:45.0199 0x5e08  XblAuthManager - ok
21:28:45.0262 0x5e08  [ 7118498F6E48758A2EF5A7D1982E2B62, 1FF75AE64CB6DB263E8B35515E092B325AA71A6B2210F8F2B0AD087B3BA33345 ] XblGameSave     C:\WINDOWS\System32\XblGameSave.dll
21:28:45.0307 0x5e08  XblGameSave - ok
21:28:45.0331 0x5e08  [ F279536122B83FD0D8E158AA753E1B7C, 6A542F28E24B30DBDC2EEE24DA33C2F4ADB3596AEDDD71DC1495DD40577CE4BB ] xboxgip         C:\WINDOWS\System32\drivers\xboxgip.sys
21:28:45.0337 0x5e08  xboxgip - ok
21:28:45.0391 0x5e08  [ 69E727F94BEA64E66C284F3C482F33E6, B3E0F287E7A251E0FC17C41089C45737027E54F0213BDE847356AC882B4D3700 ] XboxNetApiSvc   C:\WINDOWS\system32\XboxNetApiSvc.dll
21:28:45.0425 0x5e08  XboxNetApiSvc - ok
21:28:45.0448 0x5e08  [ DA0807D87A62D076C29C4E30F1E84F46, CA3079350038091AEE04D4DA7C06865E9DB3095120AE61AAB575AA77E86A6223 ] xinputhid       C:\WINDOWS\System32\drivers\xinputhid.sys
21:28:45.0449 0x5e08  xinputhid - ok
21:28:45.0625 0x5e08  [ 8BA550098E9A09FA934C05F0CF9D5857, EF105D2A1FEEF7F3253810F0CF4694E2668CE9964BD528F10BBCCE02CA7F3485 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
21:28:45.0744 0x5e08  ZeroConfigService - ok
21:28:45.0749 0x5e08  ================ Scan global ===============================
21:28:45.0779 0x5e08  [ 82E25186617BA6C15010F0D47C705705, 5BF9E38918E6EAE86448137E2D120B80318AA1143CDDF539A2BFBEE227646816 ] C:\WINDOWS\system32\basesrv.dll
21:28:45.0810 0x5e08  [ E2899695BD30B5F93EC626EBBEF2CB69, B190D2903A109D2C146D881F90769060A0E971942F4AA61AEAD81861032D89C3 ] C:\WINDOWS\system32\winsrv.dll
21:28:45.0837 0x5e08  [ 09E92888FFF86F3334E59778724DCA6F, 2344763B52395EF565A9DE5F55BEDCA026AD2E8072FFD06F826BF366B3BA2AB4 ] C:\WINDOWS\system32\sxssrv.dll
21:28:45.0877 0x5e08  [ 6FF8248F3A9D69A095C7F3F42BC29CB2, 9077B1AA0AFB8DB329FDED0E51085DE1C51B22A986162F29037FCA404A80D512 ] C:\WINDOWS\system32\services.exe
21:28:45.0888 0x5e08  [ Global ] - ok
21:28:45.0888 0x5e08  ================ Scan MBR ==================================
21:28:45.0896 0x5e08  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
21:28:45.0905 0x5e08  \Device\Harddisk0\DR0 - ok
21:28:45.0905 0x5e08  ================ Scan VBR ==================================
21:28:45.0907 0x5e08  [ E926A62C9478E6651904DBC50A2B3767 ] \Device\Harddisk0\DR0\Partition1
21:28:45.0958 0x5e08  \Device\Harddisk0\DR0\Partition1 - ok
21:28:45.0974 0x5e08  [ 8F68DF771FD1C57B9C9C68ACF7B78FF8 ] \Device\Harddisk0\DR0\Partition2
21:28:45.0974 0x5e08  \Device\Harddisk0\DR0\Partition2 - ok
21:28:45.0980 0x5e08  [ 075D6AACA2B08EE5633DE881768119DE ] \Device\Harddisk0\DR0\Partition3
21:28:46.0050 0x5e08  \Device\Harddisk0\DR0\Partition3 - ok
21:28:46.0085 0x5e08  [ 08752727020074BEF0391A3E08F6B1A0 ] \Device\Harddisk0\DR0\Partition4
21:28:46.0087 0x5e08  \Device\Harddisk0\DR0\Partition4 - ok
21:28:46.0087 0x5e08  ================ Scan generic autorun ======================
21:28:46.0529 0x5e08  [ BF225BCD0EC2D85719C382019B5B4250, 7FE5A85209BD930FC1622600AB74E59854488986AA052A0D03D5FC7B361F247D ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
21:28:46.0797 0x5e08  RTHDVCPL - ok
21:28:46.0928 0x5e08  [ 2DC2C370F785AD5B2717A205238B03E2, 50D002FF269741855986179D4B9D5A820C04E881B624AFEF0B76E80A68930F3D ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
21:28:47.0005 0x5e08  NvBackend - ok
21:28:47.0035 0x5e08  [ 0DCB89B1F3689BC6262FF30BBD603171, 594E6E07BC6B161469848A477F28211B70E759A8D369276810F622EE00D97783 ] C:\Windows\system32\rundll32.exe
21:28:47.0039 0x5e08  ShadowPlay - ok
21:28:47.0090 0x5e08  [ ADFCC68B42627055979B26FC00759D17, 5C1C8395A7846E5DDEB6FFE2B37B537DDA4712D62CE05D7EA8B1773C75D46DE6 ] C:\Program Files\iTunes\iTunesHelper.exe
21:28:47.0093 0x5e08  iTunesHelper - ok
21:28:47.0152 0x5e08  [ C91635CC2BF215F9D7A5A7FC2E385D1D, A77AC38D3ACF7C199C0C8A3DB5EF9610FF0E8ED68D6F5E08C75771D5A3659EEB ] C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
21:28:47.0155 0x5e08  abDocsDllLoader - ok
21:28:47.0308 0x5e08  [ 8A744F7B384C17CB548564EB31739E10, 92A08E881BD1A181BAAAFF6B147BC3C920CFEA96F2F79B6DDADC4DDFFD4CE111 ] C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe
21:28:47.0394 0x5e08  Fitbit Connect - ok
21:28:47.0456 0x5e08  [ 187F4C75A89E3F412322C94526320074, D78FA7EF93C8C7B4326A5B6DB04A92ADD091DF00658FA8731D07C5D3BE29ED04 ] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe
21:28:47.0459 0x5e08  BCSSync - ok
21:28:47.0640 0x5e08  [ 6199734D49D84D7EC4BA3D7CB87EE0F9, 2F11A8AE687B60E79D1D4E775D282AA2013C8C6D375B9EA1083B1ADBB6A9555D ] C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
21:28:47.0800 0x5e08  IObit Malware Fighter - ok
21:28:47.0838 0x5e08  [ 97B71ADAABD4E9468FCFA58E99133C42, 03AFEBBA2257BC9457B7A3976174B1CD329AE84806F794DA1ADF389E3D87F132 ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
21:28:47.0840 0x5e08  Avira SystrayStartTrigger - ok
21:28:47.0900 0x5e08  [ F316A9C0C8BBA9D2A98BE70EE0D8CA96, 20C83B6D1706DED7B645008CD29346A5FD14A4F67FCF17FED28E7A17F021E15B ] C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
21:28:47.0916 0x5e08  avgnt - ok
21:28:48.0312 0x5e08  [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
21:28:48.0521 0x5e08  OneDriveSetup - ok
21:28:48.0757 0x5e08  [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
21:28:48.0953 0x5e08  OneDriveSetup - ok
21:28:49.0054 0x5e08  [ 8F2EA5EE0695CCE2285D92C44108375C, 2C96A8E7E41E87C27B6A3325526F99A03333357EF2682C17A4892BE4A58D157E ] C:\Users\a\AppData\Local\Microsoft\OneDrive\OneDrive.exe
21:28:49.0066 0x5e08  OneDrive - ok
21:28:49.0273 0x5e08  [ 8A744F7B384C17CB548564EB31739E10, 92A08E881BD1A181BAAAFF6B147BC3C920CFEA96F2F79B6DDADC4DDFFD4CE111 ] C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe
21:28:49.0354 0x5e08  Fitbit Connect - ok
21:28:49.0406 0x5e08  [ 06F6DB72ADABC5E858F38EF69014CE52, B4AEABF3EA6FCABBED879D642BA070DF9C244E28DB5BDC3211205C7B8DB97BFB ] C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
21:28:49.0422 0x5e08  OfficeSyncProcess - ok
21:28:49.0475 0x5e08  [ 8BFA51F0FF28C8D846D6D4244B625ADA, 65A503158AD4EA93C38857026279C92D32D770D68769956F29FEEF4CC07DD809 ] C:\Users\a\AppData\Roaming\Dashlane\Dashlane.exe
21:28:49.0475 0x5e08  Dashlane - ok
21:28:49.0591 0x5e08  [ 8F2EA5EE0695CCE2285D92C44108375C, 2C96A8E7E41E87C27B6A3325526F99A03333357EF2682C17A4892BE4A58D157E ] C:\Users\louis\AppData\Local\Microsoft\OneDrive\OneDrive.exe
21:28:49.0622 0x5e08  OneDrive - ok
21:28:49.0707 0x5e08  [ 8F2EA5EE0695CCE2285D92C44108375C, 2C96A8E7E41E87C27B6A3325526F99A03333357EF2682C17A4892BE4A58D157E ] C:\Users\jbeur\AppData\Local\Microsoft\OneDrive\OneDrive.exe
21:28:49.0738 0x5e08  OneDrive - ok
21:28:49.0776 0x5e08  [ 41E25E514D90E9C8BC570484DBAFF62B, E6C49F7CE186DC4C9DA2C393469B070C0F1B95A01D281AE2B89538DA453D1583 ] C:\WINDOWS\system32\cmd.exe
21:28:49.0776 0x5e08  Uninstall C:\Users\jbeur\AppData\Local\Microsoft\OneDrive\17.3.6301.0127_1\amd64 - ok
21:28:49.0776 0x5e08  Waiting for KSN requests completion. In queue: 237
21:28:50.0792 0x5e08  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\Antivirus\wsctool.exe ( 15.0.17.264 ), 0x41000 ( enabled : updated )
21:28:50.0792 0x5e08  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.9.10586.0 ), 0x60100 ( disabled : updated )
21:28:50.0823 0x5e08  AV detected via SS2: IObit Malware Fighter, C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFAntivirusFix.exe ( 4.2.0.7533 ), 0x70010 ( disabled : outofdate )
21:28:50.0823 0x5e08  Win FW state via NFP2: enabled ( trusted )
21:28:50.0955 0x5e08  ============================================================
21:28:50.0955 0x5e08  Scan finished
21:28:50.0955 0x5e08  ============================================================
21:28:50.0955 0x45fc  Detected object count: 0
21:28:50.0955 0x45fc  Actual detected object count: 0
21:29:03.0356 0x5c70  Deinitialize success

M-K-D-B · 28.06.2016, 20:35

Und jetzt damit weiter...

Zitat:

Zitat von M-K-D-B

Servus,

evtl. bereits vorhandene Logdateien bitte posten!
Hast du Amazon1ButtonApp bewusst installiert?

Schritt 1
Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 2
Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 3

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

Schritt 4

Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Bitte poste mit deiner nächsten Antwort

die Logdatei von AdwCleaner,
die Logdatei von MBAM,
die Logdatei von JRT,
die beiden neuen Logdateien von FRST.

beetleralf · 28.06.2016, 21:35

Code:

ATTFilter

# AdwCleaner v5.200 - Bericht erstellt am 28/06/2016 um 21:44:28
# Aktualisiert am 14/06/2016 von ToolsLib
# Datenbank : 2016-06-26.1 [Server]
# Betriebssystem : Windows 10 Home  (X64)
# Benutzername : a - LAPTOP-SG29RGOV
# Gestartet von : C:\Users\a\Downloads\AdwCleaner_5.200(1).exe
# Option : Löschen
# Unterstützung : https://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****


***** [ Dateien ] *****


***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Internetbrowser ] *****

[-] [C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\oycd7pgf.default-1467050251082\prefs.js] gelöscht : user_pref("browser.startup.homepage", "hxxp://hp.myway.com/dezipper/ttab02/index.html?coId=d8d6c3c3cfce4c86ad9cd51a6dcd257f&subId=undefined&ln=en&n=782a7fa2&ptb=BDE45665-BA80-4F96-868B-A7EA633B6BBC&st[...]

*************************

:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [13363 Bytes] - [27/06/2016 19:32:31]
C:\AdwCleaner\AdwCleaner[C2].txt - [1296 Bytes] - [28/06/2016 21:44:28]
C:\AdwCleaner\AdwCleaner[S1].txt - [13327 Bytes] - [27/06/2016 19:29:30]
C:\AdwCleaner\AdwCleaner[S2].txt - [1293 Bytes] - [28/06/2016 21:36:12]
C:\AdwCleaner\AdwCleaner[S3].txt - [1366 Bytes] - [28/06/2016 21:41:02]

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1589 Bytes] ##########

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 28.06.2016
Suchlaufzeit: 22:03
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2016.06.28.06
Rootkit-Datenbank: v2016.05.27.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: a

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 460229
Abgelaufene Zeit: 24 Min., 11 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 2
PUP.Optional.AmazonTB, C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\oycd7pgf.default-1467050251082\jetpack\abb@amazon.com, In Quarantäne, [83d39c66564458dee0c3911be81a837d], 
PUP.Optional.AmazonTB, C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\oycd7pgf.default-1467050251082\jetpack\abb@amazon.com\simple-storage, In Quarantäne, [83d39c66564458dee0c3911be81a837d], 

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 28-06-2016
durchgeführt von a (Administrator) auf LAPTOP-SG29RGOV (28-06-2016 22:29:49)
Gestartet von C:\Users\a\Downloads
Geladene Profile: a &  (Verfügbare Profile: a & louis & jbeur)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Amazon Inc.) C:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonService64.Exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files\AVAST Software\SecureLine\vpnsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avcenter.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14040792 2015-07-07] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-06-23] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-17] (Apple Inc.)
HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [91488 2015-11-23] ()
HKLM-x32\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [4567720 2015-10-28] (Fitbit, Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [5971232 2016-06-14] (IObit)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-06-01] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [814608 2016-04-04] (Avira Operations GmbH & Co. KG)
HKLM\...\Policies\Explorer: [NoThemesTab] 1
HKU\S-1-5-21-1723475428-3538683685-1902373366-1001\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [4567720 2015-10-28] (Fitbit, Inc.)
HKU\S-1-5-21-1723475428-3538683685-1902373366-1001\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [721504 2015-09-02] (Microsoft Corporation)
HKU\S-1-5-21-1723475428-3538683685-1902373366-1001\...\Run: [Dashlane] => C:\Users\a\AppData\Roaming\Dashlane\Dashlane.exe [227200 2016-06-03] ()
HKU\S-1-5-21-1723475428-3538683685-1902373366-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [4567720 2015-10-28] (Fitbit, Inc.)
HKU\S-1-5-21-1723475428-3538683685-1902373366-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [721504 2015-09-02] (Microsoft Corporation)
HKU\S-1-5-21-1723475428-3538683685-1902373366-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Dashlane] => C:\Users\a\AppData\Roaming\Dashlane\Dashlane.exe [227200 2016-06-03] ()
HKU\S-1-5-21-1723475428-3538683685-1902373366-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [4567720 2015-10-28] (Fitbit, Inc.)
HKU\S-1-5-21-1723475428-3538683685-1902373366-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [721504 2015-09-02] (Microsoft Corporation)
HKU\S-1-5-21-1723475428-3538683685-1902373366-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [Dashlane] => C:\Users\a\AppData\Roaming\Dashlane\Dashlane.exe [227200 2016-06-03] ()
HKU\S-1-5-21-1723475428-3538683685-1902373366-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\RunOnce: [Uninstall C:\Users\jbeur\AppData\Local\Microsoft\OneDrive\17.3.6301.0127_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\jbeur\AppData\Local\Microsoft\OneDrive\17.3.6301.0127_1\amd64"
HKU\S-1-5-21-1723475428-3538683685-1902373366-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Uninstall C:\Users\jbeur\AppData\Local\Microsoft\OneDrive\17.3.6301.0127_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\jbeur\AppData\Local\Microsoft\OneDrive\17.3.6301.0127_1\amd64"
HKU\S-1-5-21-1723475428-3538683685-1902373366-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\RunOnce: [Uninstall C:\Users\jbeur\AppData\Local\Microsoft\OneDrive\17.3.6301.0127_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\jbeur\AppData\Local\Microsoft\OneDrive\17.3.6301.0127_1\amd64"
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-04-20] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-04-20] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-04-20] (Acer Incorporated)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{b7772e8a-7d1b-4ad1-bacc-94bc28f43f38}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1723475428-3538683685-1902373366-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-1723475428-3538683685-1902373366-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer15.msn.com/?pc=ACTE
HKU\S-1-5-21-1723475428-3538683685-1902373366-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-1723475428-3538683685-1902373366-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer15.msn.com/?pc=ACTE
HKU\S-1-5-21-1723475428-3538683685-1902373366-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-1723475428-3538683685-1902373366-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer15.msn.com/?pc=ACTE
HKU\S-1-5-21-1723475428-3538683685-1902373366-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1723475428-3538683685-1902373366-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer15.msn.com/?pc=ACTE
HKU\S-1-5-21-1723475428-3538683685-1902373366-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1723475428-3538683685-1902373366-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer15.msn.com/?pc=ACTE
HKU\S-1-5-21-1723475428-3538683685-1902373366-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1723475428-3538683685-1902373366-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer15.msn.com/?pc=ACTE
HKU\S-1-5-21-1723475428-3538683685-1902373366-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1723475428-3538683685-1902373366-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer15.msn.com/?pc=ACTE
HKU\S-1-5-21-1723475428-3538683685-1902373366-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1723475428-3538683685-1902373366-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer15.msn.com/?pc=ACTE
HKU\S-1-5-21-1723475428-3538683685-1902373366-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1723475428-3538683685-1902373366-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer15.msn.com/?pc=ACTE
SearchScopes: HKU\S-1-5-21-1723475428-3538683685-1902373366-1001 -> DefaultScope {33FD5AA0-110F-415F-8431-8B1289FF3777} URL = 
SearchScopes: HKU\S-1-5-21-1723475428-3538683685-1902373366-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {33FD5AA0-110F-415F-8431-8B1289FF3777} URL = 
SearchScopes: HKU\S-1-5-21-1723475428-3538683685-1902373366-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> DefaultScope {33FD5AA0-110F-415F-8431-8B1289FF3777} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-06-10] (Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-06-10] (Microsoft Corporation)
BHO-x32: Dashlane BHO -> {42D79B50-CC4A-4A8E-860F-BE674AF053A2} -> C:\Users\a\AppData\Roaming\Dashlane\ie\Dashlanei.dll [2016-06-03] (Dashlane)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
Toolbar: HKLM-x32 - Dashlane Toolbar - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\Users\a\AppData\Roaming\Dashlane\ie\KWIEBar.dll [2016-06-03] (Dashlane)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-10] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-10] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-10] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-10] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\oycd7pgf.default-1467050251082
FF DefaultSearchEngine: Google
FF Homepage: hxxp://hp.myway.com/dezipper/ttab02/index.html?coId=d8d6c3c3cfce4c86ad9cd51a6dcd257f&subId=undefined&ln=en&n=782a7fa2&ptb=BDE45665-BA80-4F96-868B-A7EA633B6BBC&st=tab&p2=%5EBXL%5Exdm011%5ETTAB02%5Ede&si=undefined
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-06-19] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-19] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-06-10] (Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2014-11-15] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Extension: Deutsch (DE) Language Pack - C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\oycd7pgf.default-1467050251082\Extensions\langpack-de@firefox.mozilla.org.xpi [2016-06-27]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Amazon 1Button App Service; c:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonService64.Exe [436032 2016-02-17] (Amazon Inc.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [970656 2016-04-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [467016 2016-04-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [467016 2016-04-04] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1435704 2016-04-04] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [302680 2016-06-01] (Avira Operations GmbH & Co. KG)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2860760 2016-04-18] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2944768 2016-06-10] (Microsoft Corporation)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2016-03-21] (Digital Wave Ltd.)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573568 2015-05-14] (Acer Incorporated)
R2 Fitbit Connect; C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe [5906088 2015-10-28] (Fitbit, Inc.)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [373312 2015-04-14] (WildTangent)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-06-23] (NVIDIA Corporation)
R2 ibtsiva; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [165104 2015-06-30] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [370064 2016-02-23] (Intel Corporation)
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [1597728 2016-06-13] (IObit)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Datei ist nicht signiert]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Datei ist nicht signiert]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223008 2015-07-06] (Intel Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2960672 2016-06-14] (IObit)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-06-12] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1868432 2015-06-23] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23007376 2015-06-23] (NVIDIA Corporation)
R3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [398176 2015-07-09] (Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [450400 2015-07-09] (Acer Incorporated)
R2 SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [592392 2016-05-27] ()
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [247040 2015-05-27] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3831200 2015-06-12] (Intel® Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128664 2016-04-04] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146712 2016-04-04] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2016-04-04] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [78208 2016-04-04] (Avira Operations GmbH & Co. KG)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-06-02] ()
R3 ETDI2C; C:\Windows\system32\DRIVERS\ETDI2C.sys [175152 2015-06-09] (ELAN Microelectronic Corp.)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [266512 2016-02-27] (Intel Corporation)
R3 IMFFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\IMFFilter.sys [22208 2016-04-01] (IObit)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21344 2015-07-09] (Acer Incorporated)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-06-28] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [184096 2015-06-29] (Intel Corporation)
R3 Netwtw02; C:\Windows\System32\drivers\Netwtw02.sys [9391896 2015-06-21] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-06-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [46768 2015-05-18] (NVIDIA Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14688 2015-07-09] (Acer Incorporated)
R3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2016-01-11] (IObit.com)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [886528 2015-05-29] (Realtek                                            )
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [411712 2015-05-19] (Realsil Semiconductor Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-06-28 22:28 - 2016-06-28 22:28 - 00001536 _____ C:\Users\a\Desktop\mbam.txt
2016-06-28 22:00 - 2016-06-28 22:00 - 00000675 _____ C:\Users\a\Desktop\JRT.txt
2016-06-28 21:58 - 2016-06-28 21:59 - 01610816 _____ (Malwarebytes) C:\Users\a\Downloads\JRT(1).exe
2016-06-28 21:57 - 2016-06-28 21:57 - 00001179 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-06-28 21:57 - 2016-06-28 21:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-06-28 21:57 - 2016-06-28 21:57 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-06-28 21:57 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-06-28 21:57 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-06-28 21:57 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-06-28 21:56 - 2016-06-28 21:56 - 22851472 _____ (Malwarebytes ) C:\Users\a\Downloads\mbam-setup-2.2.1.1043(1).exe
2016-06-28 21:35 - 2016-06-28 21:36 - 03703360 _____ C:\Users\a\Downloads\AdwCleaner_5.200(1).exe
2016-06-28 21:27 - 2016-06-28 21:29 - 00264780 _____ C:\TDSSKiller.3.1.0.9_28.06.2016_21.27.55_log.txt
2016-06-28 21:27 - 2016-06-28 21:27 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\a\Downloads\tdsskiller.exe
2016-06-28 21:23 - 2016-06-28 21:25 - 00042792 _____ C:\Users\a\Downloads\Addition.txt
2016-06-28 21:22 - 2016-06-28 22:29 - 00026004 _____ C:\Users\a\Downloads\FRST.txt
2016-06-28 21:22 - 2016-06-28 22:29 - 00000000 ____D C:\FRST
2016-06-28 21:21 - 2016-06-28 21:21 - 02389504 _____ (Farbar) C:\Users\a\Downloads\FRST64.exe
2016-06-27 19:57 - 2016-06-27 19:57 - 00000000 ____D C:\Users\a\Desktop\Old Firefox Data
2016-06-27 19:43 - 2016-06-27 19:44 - 01610816 _____ (Malwarebytes) C:\Users\a\Downloads\JRT.exe
2016-06-27 19:39 - 2016-06-27 19:39 - 22851472 _____ (Malwarebytes ) C:\Users\a\Downloads\mbam-setup-2.2.1.1043.exe
2016-06-27 19:29 - 2016-06-28 21:44 - 00000000 ____D C:\AdwCleaner
2016-06-27 19:29 - 2016-06-27 19:29 - 03703360 _____ C:\Users\a\Downloads\AdwCleaner_5.200.exe
2016-06-27 19:24 - 2016-06-27 19:24 - 00000000 ____D C:\Users\a\AppData\Roaming\Avira
2016-06-27 19:21 - 2016-04-04 17:07 - 00146712 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2016-06-27 19:21 - 2016-04-04 17:07 - 00128664 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2016-06-27 19:21 - 2016-04-04 17:07 - 00078208 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2016-06-27 19:21 - 2016-04-04 17:07 - 00035488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2016-06-27 19:20 - 2016-06-27 19:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-06-27 19:20 - 2016-06-27 19:21 - 00000000 ____D C:\ProgramData\Avira
2016-06-27 19:20 - 2016-06-27 19:21 - 00000000 ____D C:\Program Files (x86)\Avira
2016-06-27 19:20 - 2016-06-27 19:20 - 00001291 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2016-06-27 19:11 - 2016-06-27 19:20 - 04657056 _____ (Avira Operations GmbH & Co. KG) C:\Users\a\Downloads\avira_de_av_57715dbc5850b__adw.exe
2016-06-20 19:37 - 2016-06-20 19:37 - 00001827 _____ C:\Users\a\Desktop\Dashlane.lnk
2016-06-20 19:37 - 2016-06-20 19:37 - 00000000 ____D C:\Users\a\AppData\LocalLow\Dashlane
2016-06-20 19:35 - 2016-06-20 19:37 - 00000000 ____D C:\Users\a\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dashlane
2016-06-20 19:35 - 2016-06-20 19:37 - 00000000 ____D C:\Users\a\AppData\Roaming\Dashlane
2016-06-20 19:35 - 2016-06-20 19:36 - 00000000 ____D C:\Program Files (x86)\Dashlane
2016-06-20 19:34 - 2016-06-20 19:34 - 00001254 _____ C:\Users\Public\Desktop\IObit Malware Fighter.lnk
2016-06-20 19:34 - 2016-06-20 19:34 - 00000000 ____D C:\Users\louis\AppData\Roaming\IObit
2016-06-20 19:34 - 2016-06-20 19:34 - 00000000 ____D C:\Users\a\AppData\Roaming\IObit
2016-06-20 19:34 - 2016-06-20 19:34 - 00000000 ____D C:\Users\a\AppData\LocalLow\IObit
2016-06-20 19:34 - 2016-06-20 19:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
2016-06-20 19:33 - 2016-06-20 19:34 - 00000000 ____D C:\ProgramData\IObit
2016-06-20 19:33 - 2016-06-20 19:34 - 00000000 ____D C:\Program Files (x86)\IObit
2016-06-20 19:33 - 2016-06-20 19:33 - 00000000 ____D C:\ProgramData\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705}
2016-06-20 19:21 - 2016-06-20 19:32 - 43739048 _____ (IObit ) C:\Users\a\Downloads\IObit-Malware-Fighter-Setup.exe
2016-06-16 23:03 - 2016-06-16 23:03 - 00048402 _____ C:\Users\a\Downloads\Stellenausschreibung_Brandmeister_2016_langzeit.pdf
2016-06-16 08:20 - 2016-05-28 08:13 - 01401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-06-16 08:20 - 2016-05-28 08:13 - 00046784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-06-16 08:20 - 2016-05-28 07:07 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-06-16 08:20 - 2016-05-28 07:07 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-06-16 08:20 - 2016-05-28 06:58 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-06-16 08:20 - 2016-05-28 06:57 - 01594416 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-06-16 08:20 - 2016-05-28 06:57 - 01372312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-06-16 08:20 - 2016-05-28 06:57 - 00636304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-06-16 08:20 - 2016-05-28 06:57 - 00546456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-06-16 08:20 - 2016-05-28 06:57 - 00316256 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-06-16 08:20 - 2016-05-28 06:35 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
2016-06-16 08:20 - 2016-05-28 06:35 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-06-16 08:20 - 2016-05-28 06:31 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-06-16 08:20 - 2016-05-28 06:29 - 22379008 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-06-16 08:20 - 2016-05-28 06:29 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-06-16 08:20 - 2016-05-28 06:28 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-06-16 08:20 - 2016-05-28 06:27 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-06-16 08:20 - 2016-05-28 06:27 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-06-16 08:20 - 2016-05-28 06:26 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-06-16 08:20 - 2016-05-28 06:26 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-06-16 08:20 - 2016-05-28 06:24 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-06-16 08:20 - 2016-05-28 06:22 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-06-16 08:20 - 2016-05-28 06:22 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-06-16 08:20 - 2016-05-28 06:22 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-06-16 08:20 - 2016-05-28 06:19 - 24605696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-06-16 08:20 - 2016-05-28 06:18 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-06-16 08:20 - 2016-05-28 06:18 - 07977472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-06-16 08:20 - 2016-05-28 06:18 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-06-16 08:20 - 2016-05-28 06:17 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-06-16 08:20 - 2016-05-28 06:15 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-06-16 08:20 - 2016-05-28 06:15 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-06-16 08:20 - 2016-05-28 06:15 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-06-16 08:20 - 2016-05-28 06:14 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-06-16 08:20 - 2016-05-28 06:14 - 00606208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-06-16 08:20 - 2016-05-28 06:14 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-06-16 08:20 - 2016-05-28 06:13 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-06-16 08:20 - 2016-05-28 06:12 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-06-16 08:20 - 2016-05-28 06:11 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-06-16 08:20 - 2016-05-28 06:11 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-06-16 08:20 - 2016-05-28 06:11 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-06-16 08:20 - 2016-05-28 06:08 - 13385728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-06-16 08:20 - 2016-05-28 06:08 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-06-16 08:20 - 2016-05-28 06:06 - 12128256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-06-16 08:20 - 2016-05-28 06:06 - 07200256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-06-16 08:20 - 2016-05-28 06:04 - 06973952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-06-16 08:20 - 2016-05-28 06:03 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-06-16 08:20 - 2016-05-28 06:03 - 02609664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-06-16 08:20 - 2016-05-28 06:00 - 03585536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-06-16 08:20 - 2016-05-28 06:00 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-06-16 08:20 - 2016-05-28 05:58 - 07832576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-06-16 08:20 - 2016-05-28 05:58 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-06-16 08:19 - 2016-05-28 08:13 - 01184960 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-06-16 08:19 - 2016-05-28 08:13 - 00514752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-06-16 08:19 - 2016-05-28 08:13 - 00290496 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-06-16 08:19 - 2016-05-28 08:13 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-06-16 08:19 - 2016-05-28 07:25 - 04268880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2016-06-16 08:19 - 2016-05-28 07:23 - 00388384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
2016-06-16 08:19 - 2016-05-28 07:23 - 00312160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll
2016-06-16 08:19 - 2016-05-28 07:22 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-06-16 08:19 - 2016-05-28 07:22 - 04387680 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2016-06-16 08:19 - 2016-05-28 07:22 - 00428896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2016-06-16 08:19 - 2016-05-28 07:22 - 00211296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2016-06-16 08:19 - 2016-05-28 07:22 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-06-16 08:19 - 2016-05-28 07:20 - 00430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2016-06-16 08:19 - 2016-05-28 07:18 - 00357216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
2016-06-16 08:19 - 2016-05-28 07:09 - 00501600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-06-16 08:19 - 2016-05-28 07:08 - 00693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-06-16 08:19 - 2016-05-28 07:07 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-06-16 08:19 - 2016-05-28 07:07 - 02921880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-06-16 08:19 - 2016-05-28 07:07 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-06-16 08:19 - 2016-05-28 07:07 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-06-16 08:19 - 2016-05-28 07:07 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-06-16 08:19 - 2016-05-28 07:06 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-06-16 08:19 - 2016-05-28 07:06 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-06-16 08:19 - 2016-05-28 07:06 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-06-16 08:19 - 2016-05-28 07:06 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-06-16 08:19 - 2016-05-28 07:06 - 00254656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-06-16 08:19 - 2016-05-28 07:05 - 04515264 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-06-16 08:19 - 2016-05-28 07:04 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-06-16 08:19 - 2016-05-28 07:04 - 00431296 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2016-06-16 08:19 - 2016-05-28 07:04 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2016-06-16 08:19 - 2016-05-28 07:04 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-06-16 08:19 - 2016-05-28 07:04 - 00111064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2016-06-16 08:19 - 2016-05-28 07:04 - 00097096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2016-06-16 08:19 - 2016-05-28 07:03 - 00131248 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2016-06-16 08:19 - 2016-05-28 06:58 - 01996640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-06-16 08:19 - 2016-05-28 06:57 - 02548944 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-06-16 08:19 - 2016-05-28 06:57 - 02195632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-06-16 08:19 - 2016-05-28 06:57 - 00649792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-06-16 08:19 - 2016-05-28 06:57 - 00577376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-06-16 08:19 - 2016-05-28 06:57 - 00521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-06-16 08:19 - 2016-05-28 06:35 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsdport.sys
2016-06-16 08:19 - 2016-05-28 06:31 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe
2016-06-16 08:19 - 2016-05-28 06:31 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-06-16 08:19 - 2016-05-28 06:26 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2016-06-16 08:19 - 2016-05-28 06:25 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-06-16 08:19 - 2016-05-28 06:24 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-06-16 08:19 - 2016-05-28 06:22 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-06-16 08:19 - 2016-05-28 06:22 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2016-06-16 08:19 - 2016-05-28 06:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2016-06-16 08:19 - 2016-05-28 06:22 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptsvc.dll
2016-06-16 08:19 - 2016-05-28 06:21 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrokerLib.dll
2016-06-16 08:19 - 2016-05-28 06:21 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-06-16 08:19 - 2016-05-28 06:20 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-06-16 08:19 - 2016-05-28 06:20 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\polstore.dll
2016-06-16 08:19 - 2016-05-28 06:20 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GnssAdapter.dll
2016-06-16 08:19 - 2016-05-28 06:20 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll
2016-06-16 08:19 - 2016-05-28 06:19 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-06-16 08:19 - 2016-05-28 06:18 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2016-06-16 08:19 - 2016-05-28 06:18 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2016-06-16 08:19 - 2016-05-28 06:18 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPSECSVC.DLL
2016-06-16 08:19 - 2016-05-28 06:18 - 00380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2016-06-16 08:19 - 2016-05-28 06:18 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-06-16 08:19 - 2016-05-28 06:17 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-06-16 08:19 - 2016-05-28 06:17 - 00963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2016-06-16 08:19 - 2016-05-28 06:17 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-06-16 08:19 - 2016-05-28 06:17 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-06-16 08:19 - 2016-05-28 06:16 - 19344384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-06-16 08:19 - 2016-05-28 06:16 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-06-16 08:19 - 2016-05-28 06:16 - 00684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2016-06-16 08:19 - 2016-05-28 06:16 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2016-06-16 08:19 - 2016-05-28 06:16 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-06-16 08:19 - 2016-05-28 06:16 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-06-16 08:19 - 2016-05-28 06:15 - 00794624 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-06-16 08:19 - 2016-05-28 06:15 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2016-06-16 08:19 - 2016-05-28 06:15 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-06-16 08:19 - 2016-05-28 06:14 - 18674176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-06-16 08:19 - 2016-05-28 06:14 - 01716736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-06-16 08:19 - 2016-05-28 06:14 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-06-16 08:19 - 2016-05-28 06:14 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-06-16 08:19 - 2016-05-28 06:14 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-06-16 08:19 - 2016-05-28 06:13 - 00990208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-06-16 08:19 - 2016-05-28 06:13 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-06-16 08:19 - 2016-05-28 06:13 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-06-16 08:19 - 2016-05-28 06:13 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2016-06-16 08:19 - 2016-05-28 06:12 - 00614400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-06-16 08:19 - 2016-05-28 06:12 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2016-06-16 08:19 - 2016-05-28 06:11 - 01445888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-06-16 08:19 - 2016-05-28 06:11 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-06-16 08:19 - 2016-05-28 06:11 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-06-16 08:19 - 2016-05-28 06:11 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-06-16 08:19 - 2016-05-28 06:09 - 01073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-06-16 08:19 - 2016-05-28 06:06 - 01339904 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2016-06-16 08:19 - 2016-05-28 06:05 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-06-16 08:19 - 2016-05-28 06:05 - 03664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-06-16 08:19 - 2016-05-28 06:05 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-06-16 08:19 - 2016-05-28 06:05 - 01797120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-06-16 08:19 - 2016-05-28 06:04 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-06-16 08:19 - 2016-05-28 06:04 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-06-16 08:19 - 2016-05-28 06:03 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-06-16 08:19 - 2016-05-28 06:03 - 01185280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationFramework.dll
2016-06-16 08:19 - 2016-05-28 06:03 - 00693760 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2016-06-16 08:19 - 2016-05-28 06:03 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-06-16 08:19 - 2016-05-28 06:02 - 03590144 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-06-16 08:19 - 2016-05-28 06:02 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-06-16 08:19 - 2016-05-28 06:02 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2016-06-16 08:19 - 2016-05-28 06:01 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-06-16 08:19 - 2016-05-28 06:01 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-06-16 08:19 - 2016-05-28 06:01 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-06-16 08:19 - 2016-05-28 06:00 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-06-16 08:19 - 2016-05-28 06:00 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-06-16 08:19 - 2016-05-28 06:00 - 02230272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-06-16 08:19 - 2016-05-28 06:00 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-06-16 08:19 - 2016-05-28 06:00 - 01730560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-06-16 08:19 - 2016-05-28 06:00 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-06-16 08:19 - 2016-05-28 05:58 - 04896256 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-06-16 08:19 - 2016-05-28 05:58 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-06-16 08:19 - 2016-05-28 05:58 - 02066432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-06-16 08:19 - 2016-05-28 05:57 - 02281472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-06-16 08:19 - 2016-05-28 05:55 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-06-16 08:18 - 2016-05-28 07:16 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-06-16 08:18 - 2016-05-28 07:09 - 00170848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.exe
2016-06-16 08:18 - 2016-05-28 07:09 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-06-16 08:18 - 2016-05-28 07:08 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
2016-06-16 08:18 - 2016-05-28 07:08 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-06-16 08:18 - 2016-05-28 06:29 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2016-06-16 08:18 - 2016-05-28 06:29 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxp.dll
2016-06-16 08:18 - 2016-05-28 06:28 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-06-16 08:18 - 2016-05-28 06:28 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\FwRemoteSvr.dll
2016-06-16 08:18 - 2016-05-28 06:26 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-06-16 08:18 - 2016-05-28 06:26 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2016-06-16 08:18 - 2016-05-28 06:24 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-06-16 08:18 - 2016-05-28 06:24 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Ndu.sys
2016-06-16 08:18 - 2016-05-28 06:24 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-06-16 08:18 - 2016-05-28 06:24 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-06-16 08:18 - 2016-05-28 06:24 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2016-06-16 08:18 - 2016-05-28 06:24 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FwRemoteSvr.dll
2016-06-16 08:18 - 2016-05-28 06:23 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-06-16 08:18 - 2016-05-28 06:23 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2016-06-16 08:18 - 2016-05-28 06:22 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-06-16 08:18 - 2016-05-28 06:22 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-06-16 08:18 - 2016-05-28 06:21 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-06-16 08:18 - 2016-05-28 06:21 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-06-16 08:18 - 2016-05-28 06:20 - 00511488 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
2016-06-16 08:18 - 2016-05-28 06:20 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2016-06-16 08:18 - 2016-05-28 06:20 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2016-06-16 08:18 - 2016-05-28 06:19 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-06-16 08:18 - 2016-05-28 06:19 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-06-16 08:18 - 2016-05-28 06:19 - 00355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2016-06-16 08:18 - 2016-05-28 06:19 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2016-06-16 08:18 - 2016-05-28 06:17 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll
2016-06-16 08:18 - 2016-05-28 06:17 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-06-16 08:18 - 2016-05-28 06:17 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2016-06-16 08:18 - 2016-05-28 06:16 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\polstore.dll
2016-06-16 08:18 - 2016-05-28 06:16 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2016-06-16 08:18 - 2016-05-28 06:15 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2016-06-16 08:18 - 2016-05-28 06:14 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2016-06-16 08:18 - 2016-05-28 06:13 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-06-16 08:18 - 2016-05-28 06:13 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-06-16 08:18 - 2016-05-28 06:13 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-06-16 08:18 - 2016-05-28 06:11 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2016-06-16 08:18 - 2016-05-28 06:02 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-06-16 08:18 - 2016-05-28 06:01 - 00111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-06-16 08:18 - 2016-05-28 06:00 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-06-16 08:18 - 2016-05-28 06:00 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-06-16 08:18 - 2016-05-28 05:59 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-06-16 08:18 - 2016-05-28 05:53 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2016-06-10 17:34 - 2016-06-10 17:34 - 00001486 _____ C:\Users\Public\Desktop\Free Audio CD to MP3 Converter.lnk
2016-06-10 17:34 - 2016-06-10 17:34 - 00001322 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2016-06-10 17:34 - 2016-06-10 17:34 - 00000000 ____D C:\Users\a\Documents\DVDVideoSoft
2016-06-10 17:34 - 2016-06-10 17:34 - 00000000 ____D C:\Users\a\AppData\Roaming\DVDVideoSoft
2016-06-10 17:34 - 2016-06-10 17:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2016-06-10 17:34 - 2016-06-10 17:34 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2016-06-10 17:33 - 2016-06-10 17:34 - 25948496 _____ (DVDVideoSoft Ltd. ) C:\Users\a\Downloads\FreeAudioCDToMP3Converter_1.3.12.1228s.exe
2016-06-10 17:29 - 2016-06-16 07:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-06-10 16:43 - 2016-06-28 22:01 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-06-10 16:42 - 2016-06-10 16:42 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-06-10 16:39 - 2016-06-10 16:40 - 01473544 _____ C:\Users\a\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe
2016-06-08 09:12 - 2016-06-15 22:40 - 00484008 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-06-02 16:46 - 2016-06-02 16:46 - 00000000 _____ C:\autoexec.bat
2016-06-02 16:44 - 2016-06-02 16:44 - 03482800 _____ (Enigma Software Group USA, LLC.) C:\Users\a\Downloads\SpyHunter-Installer.exe
2016-06-02 16:44 - 2016-06-02 16:44 - 00022704 _____ C:\WINDOWS\system32\Drivers\EsgScanner.sys

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-06-28 22:23 - 2016-03-16 18:51 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-06-28 21:59 - 2016-02-09 00:38 - 00000000 ___RD C:\Users\a\OneDrive
2016-06-28 21:51 - 2016-03-08 14:28 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-06-28 21:51 - 2016-02-09 00:34 - 00000000 __SHD C:\Users\a\IntelGraphicsProfiles
2016-06-28 21:46 - 2016-03-08 14:48 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-06-28 21:45 - 2015-10-30 08:28 - 01048576 ___SH C:\WINDOWS\system32\config\BBI
2016-06-28 20:59 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-06-28 20:58 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-06-28 20:54 - 2016-02-23 18:23 - 00004164 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{D4391977-0E1E-455B-ADAD-1CFD3B6AC71D}
2016-06-27 22:46 - 2016-02-27 21:42 - 00000000 ____D C:\Users\a\AppData\Local\CrashDumps
2016-06-27 20:58 - 2016-05-21 11:44 - 00000000 ___HD C:\OneDriveTemp
2016-06-27 20:57 - 2015-07-16 05:34 - 00000000 ____D C:\ProgramData\McAfee
2016-06-27 20:54 - 2015-10-30 09:24 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-06-27 20:54 - 2015-10-30 08:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-06-27 20:54 - 2015-07-10 11:05 - 00000000 ____D C:\Users\Default.migrated
2016-06-27 19:32 - 2016-05-11 18:22 - 00000000 ____D C:\Users\a\AppData\Roaming\Lavasoft
2016-06-27 19:32 - 2016-05-11 18:22 - 00000000 ____D C:\ProgramData\Lavasoft
2016-06-27 19:32 - 2016-05-11 18:22 - 00000000 ____D C:\Program Files (x86)\Lavasoft
2016-06-27 19:20 - 2015-09-20 04:53 - 00000000 ____D C:\ProgramData\Package Cache
2016-06-27 18:58 - 2016-03-08 14:31 - 00000000 ____D C:\Users\a
2016-06-27 18:58 - 2016-02-27 11:34 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-06-27 18:58 - 2016-02-27 11:34 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-06-27 18:57 - 2016-03-08 14:31 - 00000000 ____D C:\Users\louis
2016-06-27 18:36 - 2015-10-30 09:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-06-27 18:30 - 2015-09-20 04:48 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-06-27 18:29 - 2015-07-16 05:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2016-06-27 18:23 - 2016-02-09 00:37 - 00000000 ____D C:\Users\a\AppData\Local\clear.fi
2016-06-27 18:19 - 2016-03-27 14:05 - 00033280 ___SH C:\Users\a\Desktop\Thumbs.db
2016-06-26 17:47 - 2016-02-27 11:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-06-21 14:19 - 2015-10-30 20:35 - 00776766 _____ C:\WINDOWS\system32\perfh007.dat
2016-06-21 14:19 - 2015-10-30 20:35 - 00155544 _____ C:\WINDOWS\system32\perfc007.dat
2016-06-21 14:19 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-06-21 14:19 - 2015-07-16 05:31 - 01799166 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-06-20 20:15 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-06-20 14:25 - 2016-02-24 21:10 - 00000000 ____D C:\Users\louis\AppData\Local\CrashDumps
2016-06-20 13:51 - 2016-02-23 19:12 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-06-20 13:45 - 2016-02-23 19:12 - 142482544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-06-20 13:43 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-06-20 13:35 - 2016-02-23 20:32 - 00000000 __SHD C:\Users\louis\IntelGraphicsProfiles
2016-06-20 13:35 - 2015-07-16 05:28 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-06-16 19:57 - 2016-03-08 14:23 - 00364912 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-06-16 19:55 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-06-16 19:55 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-06-16 19:54 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-06-16 07:38 - 2015-07-16 05:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-06-14 20:33 - 2015-10-30 09:26 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-06-14 20:33 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-10 17:24 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\TAPI
2016-06-10 17:18 - 2016-03-08 14:31 - 00000000 ____D C:\Users\jbeur
2016-06-06 11:00 - 2016-02-27 11:27 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-03-08 14:28 - 2016-03-08 14:28 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
C:\Users\a\AppData\Local\Temp\avgnt.exe
C:\Users\a\AppData\Local\Temp\Dashlane_Launcher_1437420342.exe
C:\Users\a\AppData\Local\Temp\libeay32.dll
C:\Users\a\AppData\Local\Temp\msvcr120.dll
C:\Users\a\AppData\Local\Temp\oct55DB.tmp.exe
C:\Users\a\AppData\Local\Temp\oct7378.tmp.exe
C:\Users\a\AppData\Local\Temp\pcvjn7rw.dll
C:\Users\a\AppData\Local\Temp\sqlite3.dll
C:\Users\a\AppData\Local\Temp\vneprvqc.dll
C:\Users\a\AppData\Local\Temp\yinh5vka.dll
C:\Users\louis\AppData\Local\Temp\octE0B5.tmp.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-06-27 19:16

==================== Ende von FRST.txt ============================

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 28-06-2016
durchgeführt von a (2016-06-28 22:30:45)
Gestartet von C:\Users\a\Downloads
Windows 10 Home Version 1511 (X64) (2016-03-08 12:56:25)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

a (S-1-5-21-1723475428-3538683685-1902373366-1001 - Administrator - Enabled) => C:\Users\a
Administrator (S-1-5-21-1723475428-3538683685-1902373366-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1723475428-3538683685-1902373366-503 - Limited - Disabled)
Gast (S-1-5-21-1723475428-3538683685-1902373366-501 - Limited - Disabled)
jbeur (S-1-5-21-1723475428-3538683685-1902373366-1004 - Limited - Enabled) => C:\Users\jbeur
louis (S-1-5-21-1723475428-3538683685-1902373366-1003 - Limited - Enabled) => C:\Users\louis

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: IObit Malware Fighter (Disabled - Out of date) {4D381C57-3C7A-6F22-07EB-639F49E836D4}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: IObit Malware Fighter (Enabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

12 Labours of Hercules III: Girl Power (x32 Version: 3.0.2.118 - WildTangent) Hidden
7-Zip 16.00 (HKLM-x32\...\7-Zip) (Version: 16.00 - Igor Pavlov)
abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.09.2001 - Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.02.2001 - Acer Incorporated)
abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.03.2003 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.07.2003.0 - Acer Incorporated)
Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3005 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3001 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.10.2001 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8109 - Acer Incorporated)
Acer Quick Access (HKLM\...\{E3678E72-78E3-4F91-A9FB-913876FF6DA2}) (Version: 2.00.3005 - Acer Incorporated)
Acer UEIP Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 2.01.3002 - Acer Incorporated)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Amazon 1Button App (HKLM-x32\...\{B6DCCCD3-520D-4485-B642-FCC136CE12C3}) (Version: 2.3.4 - Amazon) <==== ACHTUNG
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.17.2002.1 - Acer Incorporated)
App Explorer (HKU\S-1-5-21-1723475428-3538683685-1902373366-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Host App Service) (Version: 0.271.1.403 - SweetLabs)
App Explorer (HKU\S-1-5-21-1723475428-3538683685-1902373366-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Host App Service) (Version: 0.271.1.403 - SweetLabs)
App Explorer (HKU\S-1-5-21-1723475428-3538683685-1902373366-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Host App Service) (Version: 0.271.1.403 - SweetLabs)
App Explorer (HKU\S-1-5-21-1723475428-3538683685-1902373366-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Host App Service) (Version: 0.271.1.333 - SweetLabs)
App Explorer (HKU\S-1-5-21-1723475428-3538683685-1902373366-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Host App Service) (Version: 0.271.1.333 - SweetLabs)
App Explorer (HKU\S-1-5-21-1723475428-3538683685-1902373366-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Host App Service) (Version: 0.271.1.333 - SweetLabs)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{691F30EB-9009-475A-B8A9-E1BF39598FD5}) (Version: 4.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Avast SecureLine (HKLM\...\{2CD3C92F-EDC5-4B02-9B0A-9C1D37C58EF5}_is1) (Version: 1.0.239.4 - AVAST Software)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.17.273 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{3d9e0476-943f-4962-99dc-b9c937a43840}) (Version: 1.1.65.9690 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.65.9690 - Avira Operations GmbH & Co. KG) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5427.02 - CyberLink Corp.)
Dashlane (HKU\S-1-5-21-1723475428-3538683685-1902373366-1001\...\Dashlane) (Version: 4.5.0.13208 - Dashlane SAS)
Dashlane (HKU\S-1-5-21-1723475428-3538683685-1902373366-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Dashlane) (Version: 4.5.0.13208 - Dashlane SAS)
Dashlane (HKU\S-1-5-21-1723475428-3538683685-1902373366-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Dashlane) (Version: 4.5.0.13208 - Dashlane SAS)
Dino Storm (x32 Version: 13.0.0.6 - WildTangent) Hidden
DriverSetupUtility (HKLM\...\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}) (Version: 1.00.3011 - Acer Incorporated)
eBay Worldwide (HKLM-x32\...\{3DC26EA7-03E3-4353-9424-EEB7A34A7504}) (Version: 2.5.0427 - OEM)
ELAN HIDI2C Filter Driver X64 13.6.3.1_WHQL (HKLM\...\Elantech) (Version: 13.6.3.1 - ELAN Microelectronic Corp.)
Fitbit Connect (HKLM-x32\...\{F5A49DF0-A632-4E7E-BD87-59701449DE0F}) (Version: 2.0.1.6742 - Fitbit Inc.)
Foxit PhantomPDF (HKLM-x32\...\{A4023BDF-82D5-412D-9D58-8C2819EBFE2E}) (Version: 7.0.410.326 - Foxit Software Inc.)
Free Audio CD to MP3 Converter (HKLM-x32\...\Free Audio CD to MP3 Converter_is1) (Version: 1.3.12.1228 - DVDVideoSoft Ltd.)
Game Explorer Categories - genres (HKLM-x32\...\WildTangentGameProvider-acer-genres) (Version: 13.0.0.6 - WildTangent, Inc.)
Game Explorer Categories - main (HKLM-x32\...\WildTangentGameProvider-acer-main) (Version: 13.0.0.6 - WildTangent, Inc.)
Home Makeover (x32 Version: 3.0.2.59 - WildTangent) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1156 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4248 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.253.0 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{F352BFBE-5960-48EC-B189-7F744B2991F3}) (Version: 17.1.1527.1534 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.1.1.8 - Intel(R) Corporation) Hidden
Intel® PROSet/Wireless Software (HKLM-x32\...\{d9e230c1-06bb-4b78-a9f1-c1ddce14e6fc}) (Version: 18.11.0 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
IObit Malware Fighter 4 (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 4.2 - IObit)
iTunes (HKLM\...\{FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E}) (Version: 12.3.2.35 - Apple Inc.)
Jewel Match 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Jewel Match Snowscapes (x32 Version: 3.0.2.118 - WildTangent) Hidden
Magic Academy (x32 Version: 2.2.0.97 - WildTangent) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.6965.2058 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 47.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 47.0 (x86 en-US)) (Version: 47.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.0.5999 - Mozilla)
NVIDIA GeForce Experience 2.4.5.57 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.57 - NVIDIA Corporation)
NVIDIA Grafiktreiber 353.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.54 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6925.1018 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6925.1018 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6925.1018 - Microsoft Corporation) Hidden
OnlineFotoservice (HKLM-x32\...\OnlineFotoservice) (Version: 6.1.3 - CEWE Stiftung u Co. KGaA)
Polar Bowler 1st Frame (x32 Version: 3.0.2.59 - WildTangent) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.31213 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7553 - Realtek Semiconductor Corp.)
Rory's Restaurant (x32 Version: 3.0.2.126 - WildTangent) Hidden
Runefall (x32 Version: 3.0.2.126 - WildTangent) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.5.57 - NVIDIA Corporation) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Vegas World (x32 Version: 13.0.0.6 - WildTangent) Hidden
Villagers and Heroes (x32 Version: 13.0.0.6 - WildTangent) Hidden
Web Companion (HKLM-x32\...\{ace5d9cf-4b28-44ce-b86b-07eeac288150}) (Version: 2.3.1411.2698 - Lavasoft)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.11.16 - WildTangent) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1723475428-3538683685-1902373366-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\a\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {00B5DA24-A9F6-439F-9165-FDE6B289C94B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-06-10] (Microsoft Corporation)
Task: {159B32EE-BE2F-4015-9839-812F4C73359B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {3B3B0D22-F0BD-44B4-AF70-77195BE5A064} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-13] (TODO: <Company name>)
Task: {4AB3798A-A883-4A8E-83BC-AFAF82A6607E} - System32\Tasks\Power Button => C:\Program Files\Acer\Acer Power Management\ePowerButton_NB.exe [2015-05-14] (Acer Incorporated)
Task: {4F9F0D7E-237B-46EA-B3C0-2EC8D2E02F3B} - System32\Tasks\abDocsDllLoader => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe [2015-11-23] ()
Task: {644DD111-74F2-41F9-91D1-0DBF73397DF9} - System32\Tasks\avast! SL Update => C:\Program Files\AVAST Software\SecureLine\SLUpdate.exe [2016-03-08] (AVAST Software)
Task: {6637C9EC-F17C-4174-AA2E-E84441854F62} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-06-10] (Microsoft Corporation)
Task: {748C56D9-D949-423A-BAD8-FA08023868C5} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2015-07-09] (Acer Incorporated)
Task: {91F9D2B6-9405-4B55-8297-BF24C7AD5C78} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2015-07-10] ()
Task: {990840B6-1D29-4796-8B6E-5633AB46887E} - System32\Tasks\Avast SecureLine => C:\Program Files\AVAST Software\SecureLine\SecureLine.exe [2016-05-27] (AVAST Software)
Task: {A2696E75-60A9-4460-BE5C-B78754F9281A} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2016-04-18] (Acer Incorporated)
Task: {A4A7AE22-A83E-4259-8E75-C73921CC01FB} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-06-19] (Adobe Systems Incorporated)
Task: {A56974CF-9CCC-4E57-9AA9-E2FF709695B7} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-06-20] (Microsoft Corporation)
Task: {AA194137-E3A1-43A2-9575-B41637D21E99} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2015-05-14] (Acer Incorporated)
Task: {B5EB7928-22D4-4286-BB54-397920C08268} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2016-04-20] (Acer)
Task: {CAD2B80F-4334-499A-9A94-54F196810E9F} - System32\Tasks\FUBTrackingByPLD => C:\OEM\Preload\FubTracking\FubTracking.exe [2015-05-14] ()
Task: {CD6F702C-470B-4241-8589-E1071B89BA8F} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [2015-07-10] ()
Task: {DC0657DA-2CD4-4D26-9C1A-220624452D10} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2015-07-09] (Acer Incorporated)
Task: {E02B5105-EEF3-499C-83D1-F8D59078D5A0} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-06-10] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-12-17 19:38 - 2015-12-17 19:38 - 00085800 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-12-17 19:38 - 2015-12-17 19:38 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-05-27 12:29 - 2016-05-27 12:29 - 00592392 _____ () C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
2016-04-13 18:23 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-13 18:23 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-05-21 11:42 - 2016-05-21 11:42 - 00959168 _____ () C:\Users\a\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-03-08 14:19 - 2016-03-08 14:19 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-05-11 18:20 - 2016-04-23 06:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-06-16 08:20 - 2016-05-28 05:59 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-06-16 08:20 - 2016-05-28 05:53 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-06-16 08:20 - 2016-05-28 05:54 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-06-16 08:20 - 2016-05-28 05:56 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-06-10 17:34 - 2016-03-21 14:47 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2016-06-10 17:34 - 2016-03-21 14:47 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll
2016-06-10 17:34 - 2016-03-21 14:47 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll
2016-06-10 17:34 - 2016-03-21 14:47 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2016-06-10 17:34 - 2016-03-21 14:47 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2016-06-10 17:34 - 2016-03-21 14:47 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2016-06-20 19:34 - 2016-03-31 17:57 - 00625440 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2015-07-06 20:36 - 2015-07-06 20:36 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2015-07-16 05:41 - 2015-05-08 19:41 - 00090368 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-1723475428-3538683685-1902373366-1001\...\amazon.de -> amazon.de
IE trusted site: HKU\S-1-5-21-1723475428-3538683685-1902373366-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1723475428-3538683685-1902373366-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\amazon.de -> amazon.de
IE trusted site: HKU\S-1-5-21-1723475428-3538683685-1902373366-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1723475428-3538683685-1902373366-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\amazon.de -> amazon.de
IE trusted site: HKU\S-1-5-21-1723475428-3538683685-1902373366-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\localhost -> localhost

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2015-07-10 13:04 - 2016-06-27 19:07 - 00000832 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1723475428-3538683685-1902373366-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
HKU\S-1-5-21-1723475428-3538683685-1902373366-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
HKU\S-1-5-21-1723475428-3538683685-1902373366-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
HKU\S-1-5-21-1723475428-3538683685-1902373366-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Acer01.jpg
HKU\S-1-5-21-1723475428-3538683685-1902373366-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Acer01.jpg
HKU\S-1-5-21-1723475428-3538683685-1902373366-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Acer01.jpg
HKU\S-1-5-21-1723475428-3538683685-1902373366-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\jbeur\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\acer01.jpg
HKU\S-1-5-21-1723475428-3538683685-1902373366-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\jbeur\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\acer01.jpg
HKU\S-1-5-21-1723475428-3538683685-1902373366-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Control Panel\Desktop\\Wallpaper -> C:\Users\jbeur\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\acer01.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{984496EB-FF9E-47FE-89E1-C623DC2E34A8}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{BD854089-0D5F-4A7E-8A42-C09F63C3D1B5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{48264247-6BBD-4D33-9577-C121F9587C53}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{DE2C11A4-6F8E-4E83-98A4-F80B0367EB34}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E43E4FEC-CEC4-4D24-8C5B-F14AF883023D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{07CB66BD-7B48-48E2-8AA3-67028ECD10A1}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{68496DA1-FDB3-48C2-B83F-C69993C81201}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{06D00A1E-88C9-430D-BC23-8E2935DC8C45}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{67E00604-5860-41C5-979B-280684AEB3B7}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{18E0AAC4-7E92-4E87-882B-2922F9E77555}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{401D33D9-C483-4A8F-B4DE-681285D9F3CA}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{BF238560-2054-4610-A933-D37BBC61E342}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{541FCBE3-72B5-421D-8C83-416408B72FBE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{5A2A1D26-526F-445A-9E56-195BDD5A64E4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A0E298A9-C708-4900-B022-E8F20F8CA79D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{40BBC3FA-73A2-450E-A45B-FAFD8B4E3F4C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{CA3177F4-DDA9-4941-BD10-BB976BE74B1F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{E744BB56-BEFF-4964-998D-539971FAB3AC}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{1B9D0A36-6AAB-4CC3-8886-519D02528162}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{7456B177-F3A4-4680-BA3F-C029A641E7C8}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{EC3208F3-2858-4033-948B-9FC0C05D4036}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{030AD213-B01A-4478-8883-98ACC90362D1}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{AC4F09D0-A1A1-491B-A6C8-7B850DA5B4AB}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{8A51B2ED-B3C9-491A-9BE7-0BF196CCC4FB}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{90DCACF2-AD29-4E57-BC3B-9517855EA057}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{77047FE5-5BE3-46C4-9880-2EDCA9AD130E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{79335C2F-97B2-40AA-8478-EC22FE191C2F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Wiederherstellungspunkte =========================

26-06-2016 17:45:49 Windows Update
27-06-2016 19:45:02 JRT Pre-Junkware Removal
28-06-2016 21:59:19 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (06/28/2016 09:59:33 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (06/28/2016 09:55:00 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (06/28/2016 09:01:36 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073415161

Error: (06/27/2016 10:46:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: backgroundTaskHost.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d8f0
Name des fehlerhaften Moduls: AppCore.Windows.dll_unloaded, Version: 16.526.11240.0, Zeitstempel: 0x574741e6
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000010a0
ID des fehlerhaften Prozesses: 0x172c
Startzeit der fehlerhaften Anwendung: 0xbackgroundTaskHost.exe0
Pfad der fehlerhaften Anwendung: backgroundTaskHost.exe1
Pfad des fehlerhaften Moduls: backgroundTaskHost.exe2
Berichtskennung: backgroundTaskHost.exe3
Vollständiger Name des fehlerhaften Pakets: backgroundTaskHost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: backgroundTaskHost.exe5

Error: (06/27/2016 10:33:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: backgroundTaskHost.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d8f0
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.10586.306, Zeitstempel: 0x571af2eb
Ausnahmecode: 0xc0000409
Fehleroffset: 0x00000000000a9ba0
ID des fehlerhaften Prozesses: 0x3b10
Startzeit der fehlerhaften Anwendung: 0xbackgroundTaskHost.exe0
Pfad der fehlerhaften Anwendung: backgroundTaskHost.exe1
Pfad des fehlerhaften Moduls: backgroundTaskHost.exe2
Berichtskennung: backgroundTaskHost.exe3
Vollständiger Name des fehlerhaften Pakets: backgroundTaskHost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: backgroundTaskHost.exe5

Error: (06/27/2016 07:45:16 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (06/27/2016 07:13:57 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-SG29RGOV)
Description: Bei der Aktivierung der App „Microsoft.WindowsMaps_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (06/27/2016 07:11:50 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (06/27/2016 07:06:13 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073415161

Error: (06/27/2016 07:00:26 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-SG29RGOV)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.


Systemfehler:
=============
Error: (06/28/2016 10:14:27 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-SG29RGOV)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}LAPTOP-SG29RGOVaS-1-5-21-1723475428-3538683685-1902373366-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (06/28/2016 10:14:27 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-SG29RGOV)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}LAPTOP-SG29RGOVaS-1-5-21-1723475428-3538683685-1902373366-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (06/28/2016 09:59:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Streamer Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/28/2016 09:59:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/28/2016 09:46:18 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "cphs" wurde mit folgendem Fehler beendet: 
%%2147942406 = Das Handle ist ungültig.


Error: (06/28/2016 09:45:40 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\WINDOWS\System32\IWMSSvc.dll

Error: (06/28/2016 09:45:40 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\WINDOWS\System32\IWMSSvc.dll

Error: (06/28/2016 09:45:34 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\WINDOWS\System32\IWMSSvc.dll

Error: (06/28/2016 09:45:31 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-SG29RGOV)
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (06/28/2016 09:45:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_48336" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.


CodeIntegrity:
===================================
  Date: 2016-06-27 18:32:11.229
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-21 14:13:03.906
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-20 19:26:30.022
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-06-20 19:26:30.005
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-06-20 19:26:29.983
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-06-20 19:26:29.409
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-06-20 19:26:29.315
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-06-20 19:05:30.768
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-20 18:40:31.806
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-06-20 18:40:15.023
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i3-5005U CPU @ 2.00GHz
Prozentuale Nutzung des RAM: 30%
Installierter physikalischer RAM: 8106.45 MB
Verfügbarer physikalischer RAM: 5602.16 MB
Summe virtueller Speicher: 9386.45 MB
Verfügbarer virtueller Speicher: 6654.8 MB

==================== Laufwerke ================================

Drive c: (Acer) (Fixed) (Total:930.91 GB) (Free:855.3 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 449E0580)

Partition: GPT.

==================== Ende von Addition.txt ============================

Die AmazonApp ist auch nicht nötig

M-K-D-B · 29.06.2016, 16:29

Servus,

es fehlen:
- Die Logdatei von JRT
- Die Beantwortung der Frage

beetleralf · 29.06.2016, 17:59

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.6 (04.25.2016)
Operating System: Windows 10 Home x64 
Ran by a (Administrator) on 28.06.2016 at 21:59:16,71
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 2 

Successfully deleted: C:\ProgramData\productdata (Folder) 
Successfully deleted: C:\Users\a\AppData\Roaming\productdata (Folder) 



Registry: 0 





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 28.06.2016 at 22:00:43,95
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Ob die AmazonApp bewusst Installiert wurde weiss ich nicht, gebraucht wird sie jedenfalls nicht

M-K-D-B · 29.06.2016, 19:47

Servus,

Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

start
CloseProcesses:
SearchScopes: HKU\S-1-5-21-1723475428-3538683685-1902373366-1001 -> DefaultScope {33FD5AA0-110F-415F-8431-8B1289FF3777} URL = 
SearchScopes: HKU\S-1-5-21-1723475428-3538683685-1902373366-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {33FD5AA0-110F-415F-8431-8B1289FF3777} URL = 
SearchScopes: HKU\S-1-5-21-1723475428-3538683685-1902373366-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> DefaultScope {33FD5AA0-110F-415F-8431-8B1289FF3777} URL = 
FF Homepage: hxxp://hp.myway.com/dezipper/ttab02/index.html?coId=d8d6c3c3cfce4c86ad9cd51a6dcd257f&subId=undefined&ln=en&n=782a7fa2&ptb=BDE45665-BA80-4F96-868B-A7EA633B6BBC&st=tab&p2=%5EBXL%5Exdm011%5ETTAB02%5Ede&si=undefined
R2 Amazon 1Button App Service; c:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonService64.Exe [436032 2016-02-17] (Amazon Inc.)
c:\Program Files (x86)\Amazon\Amazon1ButtonApp 
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Schritt 2
Lade dir die passende Version von SystemLook vom folgenden Spiegel herunter und speichere das Tool auf dem Desktop:
SystemLook (32 bit) | SystemLook (64 bit)

Doppelklicke auf die SystemLook.exe, um das Tool zu starten.
Kopiere den Inhalt der folgenden Codebox in das Textfeld des Tools:
Code:
ATTFilter
```
:regfind
Web Companion
Amazon 1Button App
Host App Service
SweetLabs
         
```
Klicke nun auf den Button Look, um den Scan zu starten.
Der Suchlauf kann einige Zeit dauern.
Wenn der Suchlauf beendet ist, wird sich dein Editor mit den Ergebnissen öffnen, poste diese in deinen Thread.
Die Ergebnisse werden auch auf dem Desktop als SystemLook.txt gespeichert.

Schritt 3

Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Bitte poste mit deiner nächsten Antwort

die Logdatei des FRST-Fix,
die Logdatei von SystemLook,
die beiden neuen Logdateien von FRST.

beetleralf · 29.06.2016, 20:12

Code:

ATTFilter

Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 29-06-2016
durchgeführt von a (2016-06-29 20:55:31) Run:1
Gestartet von C:\Users\a\Downloads
Geladene Profile: a &  (Verfügbare Profile: a & louis & jbeur)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
start
CloseProcesses:
SearchScopes: HKU\S-1-5-21-1723475428-3538683685-1902373366-1001 -> DefaultScope {33FD5AA0-110F-415F-8431-8B1289FF3777} URL = 
SearchScopes: HKU\S-1-5-21-1723475428-3538683685-1902373366-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {33FD5AA0-110F-415F-8431-8B1289FF3777} URL = 
SearchScopes: HKU\S-1-5-21-1723475428-3538683685-1902373366-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> DefaultScope {33FD5AA0-110F-415F-8431-8B1289FF3777} URL = 
FF Homepage: hxxp://hp.myway.com/dezipper/ttab02/index.html?coId=d8d6c3c3cfce4c86ad9cd51a6dcd257f&subId=undefined&ln=en&n=782a7fa2&ptb=BDE45665-BA80-4F96-868B-A7EA633B6BBC&st=tab&p2=%5EBXL%5Exdm011%5ETTAB02%5Ede&si=undefined
R2 Amazon 1Button App Service; c:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonService64.Exe [436032 2016-02-17] (Amazon Inc.)
c:\Program Files (x86)\Amazon\Amazon1ButtonApp 
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
       
*****************

Prozess erfolgreich geschlossen.
HKU\S-1-5-21-1723475428-3538683685-1902373366-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wert erfolgreich entfernt
HKU\S-1-5-21-1723475428-3538683685-1902373366-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wert erfolgreich entfernt
HKU\S-1-5-21-1723475428-3538683685-1902373366-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wert erfolgreich entfernt
Firefox "homepage" erfolgreich entfernt
Amazon 1Button App Service => Dienst konnte nicht gestoppt werden.
Amazon 1Button App Service => Dienst erfolgreich entfernt
c:\Program Files (x86)\Amazon\Amazon1ButtonApp => erfolgreich verschoben

========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-1723475428-3538683685-1902373366-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-1723475428-3538683685-1902373366-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-1723475428-3538683685-1902373366-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-1723475428-3538683685-1902373366-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-1723475428-3538683685-1902373366-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-1723475428-3538683685-1902373366-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-1723475428-3538683685-1902373366-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-1723475428-3538683685-1902373366-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-1723475428-3538683685-1902373366-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-1723475428-3538683685-1902373366-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-1723475428-3538683685-1902373366-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-1723475428-3538683685-1902373366-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-1723475428-3538683685-1902373366-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-1723475428-3538683685-1902373366-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-1723475428-3538683685-1902373366-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-1723475428-3538683685-1902373366-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-1723475428-3538683685-1902373366-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-1723475428-3538683685-1902373366-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt


========= Ende von RemoveProxy: =========


=========  ipconfig /flushdns =========


Windows-IP-Konfiguration

Der DNS-Aufl�sungscache wurde geleert.

========= Ende von CMD: =========


=========  netsh winsock reset =========


Der Winsock-Katalog wurde zur�ckgesetzt.
Sie m�ssen den Computer neu starten, um den Vorgang abzuschlie�en.


========= Ende von CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 39301127 B
Java, Flash, Steam htmlcache => 3494 B
Windows/system/drivers => 123708133 B
Edge => 11057213 B
Chrome => 0 B
Firefox => 41004440 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 315408 B
NetworkService => 30832 B
a => 346751927 B
louis => 356771434 B
jbeur => 32138247 B

RecycleBin => 7338 B
EmptyTemp: => 907 MB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 20:56:03 ====

Code:

ATTFilter

SystemLook 30.07.11 by jpshortstuff
Log created at 21:06 on 29/06/2016 by a
Administrator - Elevation successful

========== regfind ==========

Searching for "Web Companion"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{ace5d9cf-4b28-44ce-b86b-07eeac288150}]
"DisplayName"="Web Companion"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{ace5d9cf-4b28-44ce-b86b-07eeac288150}]
"DisplayIcon"="C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanionIcon.ico"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{ace5d9cf-4b28-44ce-b86b-07eeac288150}]
"UninstallString"="C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanionInstaller.exe --uninstall"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\WinSock2\Parameters\AppId_Catalog\2A1442DD]
"AppFullPath"="C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\AppId_Catalog\2A1442DD]
"AppFullPath"="C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe"

Searching for "Amazon 1Button App"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Amazon1ButtonBrowserHelper.Amazon1ButtonBHO]
@="The Amazon 1Button App for Internet Explorer"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Amazon1ButtonRuntime.Amazon1ButtonRuntime]
@="The Amazon 1Button App for Internet Explorer Runtime Server"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Amazon1ButtonRuntime.AmazonRuntimeServer]
@="The Amazon 1Button App for Internet Explorer"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AmazonAppIE.AppGateway]
@="The Amazon 1Button App Gateway"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{7F46C358-270D-4791-A579-AD1DDA1A3F7B}]
"LocalService"="Amazon 1Button App Service"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BAC72C85-CEC6-4B86-AF06-FA20C259FAB8}]
@="The Amazon 1Button App for Internet Explorer"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}]
@="The Amazon 1Button App for Internet Explorer"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\3DCCCD6BD02558446B24CF1C63EC213C]
"ProductName"="Amazon 1Button App"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{6557DB6C-EFE1-45AC-92A6-FBB1554B7502}]
@="The Amazon 1Button App for Internet Explorer"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{BAC72C85-CEC6-4B86-AF06-FA20C259FAB8}]
@="The Amazon 1Button App for Internet Explorer"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}]
@="The Amazon 1Button App for Internet Explorer"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\AppID\{7F46C358-270D-4791-A579-AD1DDA1A3F7B}]
"LocalService"="Amazon 1Button App Service"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3DCCCD6BD02558446B24CF1C63EC213C\InstallProperties]
"DisplayName"="Amazon 1Button App"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B6DCCCD3-520D-4485-B642-FCC136CE12C3}]
"DisplayName"="Amazon 1Button App"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Classes\CLSID\{6557DB6C-EFE1-45AC-92A6-FBB1554B7502}]
@="The Amazon 1Button App for Internet Explorer"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Classes\CLSID\{BAC72C85-CEC6-4B86-AF06-FA20C259FAB8}]
@="The Amazon 1Button App for Internet Explorer"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Classes\CLSID\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}]
@="The Amazon 1Button App for Internet Explorer"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Classes\AppID\{7F46C358-270D-4791-A579-AD1DDA1A3F7B}]
"LocalService"="Amazon 1Button App Service"

Searching for "Host App Service"
No data found.

Searching for "SweetLabs"
No data found.

-= EOF =-

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 29-06-2016
durchgeführt von a (2016-06-29 21:10:41)
Gestartet von C:\Users\a\Desktop
Windows 10 Home Version 1511 (X64) (2016-03-08 12:56:25)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

a (S-1-5-21-1723475428-3538683685-1902373366-1001 - Administrator - Enabled) => C:\Users\a
Administrator (S-1-5-21-1723475428-3538683685-1902373366-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1723475428-3538683685-1902373366-503 - Limited - Disabled)
Gast (S-1-5-21-1723475428-3538683685-1902373366-501 - Limited - Disabled)
jbeur (S-1-5-21-1723475428-3538683685-1902373366-1004 - Limited - Enabled) => C:\Users\jbeur
louis (S-1-5-21-1723475428-3538683685-1902373366-1003 - Limited - Enabled) => C:\Users\louis

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: IObit Malware Fighter (Disabled - Out of date) {4D381C57-3C7A-6F22-07EB-639F49E836D4}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: IObit Malware Fighter (Enabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

12 Labours of Hercules III: Girl Power (x32 Version: 3.0.2.118 - WildTangent) Hidden
7-Zip 16.00 (HKLM-x32\...\7-Zip) (Version: 16.00 - Igor Pavlov)
abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.09.2001 - Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.02.2001 - Acer Incorporated)
abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.03.2003 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.07.2003.0 - Acer Incorporated)
Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3005 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3001 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.10.2001 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8109 - Acer Incorporated)
Acer Quick Access (HKLM\...\{E3678E72-78E3-4F91-A9FB-913876FF6DA2}) (Version: 2.00.3005 - Acer Incorporated)
Acer UEIP Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 2.01.3002 - Acer Incorporated)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Amazon 1Button App (HKLM-x32\...\{B6DCCCD3-520D-4485-B642-FCC136CE12C3}) (Version: 2.3.4 - Amazon) <==== ACHTUNG
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.17.2002.1 - Acer Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{691F30EB-9009-475A-B8A9-E1BF39598FD5}) (Version: 4.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Avast SecureLine (HKLM\...\{2CD3C92F-EDC5-4B02-9B0A-9C1D37C58EF5}_is1) (Version: 1.0.239.4 - AVAST Software)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.17.273 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{3d9e0476-943f-4962-99dc-b9c937a43840}) (Version: 1.1.65.9690 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.65.9690 - Avira Operations GmbH & Co. KG) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5427.02 - CyberLink Corp.)
Dashlane (HKU\S-1-5-21-1723475428-3538683685-1902373366-1001\...\Dashlane) (Version: 4.5.0.13208 - Dashlane SAS)
Dino Storm (x32 Version: 13.0.0.6 - WildTangent) Hidden
DriverSetupUtility (HKLM\...\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}) (Version: 1.00.3011 - Acer Incorporated)
eBay Worldwide (HKLM-x32\...\{3DC26EA7-03E3-4353-9424-EEB7A34A7504}) (Version: 2.5.0427 - OEM)
ELAN HIDI2C Filter Driver X64 13.6.3.1_WHQL (HKLM\...\Elantech) (Version: 13.6.3.1 - ELAN Microelectronic Corp.)
Fitbit Connect (HKLM-x32\...\{F5A49DF0-A632-4E7E-BD87-59701449DE0F}) (Version: 2.0.1.6742 - Fitbit Inc.)
Foxit PhantomPDF (HKLM-x32\...\{A4023BDF-82D5-412D-9D58-8C2819EBFE2E}) (Version: 7.0.410.326 - Foxit Software Inc.)
Free Audio CD to MP3 Converter (HKLM-x32\...\Free Audio CD to MP3 Converter_is1) (Version: 1.3.12.1228 - DVDVideoSoft Ltd.)
Game Explorer Categories - genres (HKLM-x32\...\WildTangentGameProvider-acer-genres) (Version: 13.0.0.6 - WildTangent, Inc.)
Game Explorer Categories - main (HKLM-x32\...\WildTangentGameProvider-acer-main) (Version: 13.0.0.6 - WildTangent, Inc.)
Home Makeover (x32 Version: 3.0.2.59 - WildTangent) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1156 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4248 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.253.0 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{F352BFBE-5960-48EC-B189-7F744B2991F3}) (Version: 17.1.1527.1534 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.1.1.8 - Intel(R) Corporation) Hidden
Intel® PROSet/Wireless Software (HKLM-x32\...\{d9e230c1-06bb-4b78-a9f1-c1ddce14e6fc}) (Version: 18.11.0 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
IObit Malware Fighter 4 (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 4.2 - IObit)
iTunes (HKLM\...\{FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E}) (Version: 12.3.2.35 - Apple Inc.)
Jewel Match 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Jewel Match Snowscapes (x32 Version: 3.0.2.118 - WildTangent) Hidden
Magic Academy (x32 Version: 2.2.0.97 - WildTangent) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.6965.2058 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 47.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 47.0 (x86 en-US)) (Version: 47.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.0.5999 - Mozilla)
NVIDIA GeForce Experience 2.4.5.57 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.57 - NVIDIA Corporation)
NVIDIA Grafiktreiber 353.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.54 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6925.1018 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6925.1018 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6925.1018 - Microsoft Corporation) Hidden
OnlineFotoservice (HKLM-x32\...\OnlineFotoservice) (Version: 6.1.3 - CEWE Stiftung u Co. KGaA)
Polar Bowler 1st Frame (x32 Version: 3.0.2.59 - WildTangent) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.31213 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7553 - Realtek Semiconductor Corp.)
Rory's Restaurant (x32 Version: 3.0.2.126 - WildTangent) Hidden
Runefall (x32 Version: 3.0.2.126 - WildTangent) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.5.57 - NVIDIA Corporation) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Vegas World (x32 Version: 13.0.0.6 - WildTangent) Hidden
Villagers and Heroes (x32 Version: 13.0.0.6 - WildTangent) Hidden
Web Companion (HKLM-x32\...\{ace5d9cf-4b28-44ce-b86b-07eeac288150}) (Version: 2.3.1411.2698 - Lavasoft)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.11.16 - WildTangent) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1723475428-3538683685-1902373366-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\a\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {00B5DA24-A9F6-439F-9165-FDE6B289C94B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-06-10] (Microsoft Corporation)
Task: {159B32EE-BE2F-4015-9839-812F4C73359B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {3B3B0D22-F0BD-44B4-AF70-77195BE5A064} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-13] (TODO: <Company name>)
Task: {4AB3798A-A883-4A8E-83BC-AFAF82A6607E} - System32\Tasks\Power Button => C:\Program Files\Acer\Acer Power Management\ePowerButton_NB.exe [2015-05-14] (Acer Incorporated)
Task: {4F9F0D7E-237B-46EA-B3C0-2EC8D2E02F3B} - System32\Tasks\abDocsDllLoader => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe [2015-11-23] ()
Task: {644DD111-74F2-41F9-91D1-0DBF73397DF9} - System32\Tasks\avast! SL Update => C:\Program Files\AVAST Software\SecureLine\SLUpdate.exe [2016-03-08] (AVAST Software)
Task: {6637C9EC-F17C-4174-AA2E-E84441854F62} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-06-10] (Microsoft Corporation)
Task: {748C56D9-D949-423A-BAD8-FA08023868C5} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2015-07-09] (Acer Incorporated)
Task: {91F9D2B6-9405-4B55-8297-BF24C7AD5C78} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2015-07-10] ()
Task: {990840B6-1D29-4796-8B6E-5633AB46887E} - System32\Tasks\Avast SecureLine => C:\Program Files\AVAST Software\SecureLine\SecureLine.exe [2016-05-27] (AVAST Software)
Task: {A2696E75-60A9-4460-BE5C-B78754F9281A} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2016-04-18] (Acer Incorporated)
Task: {A4A7AE22-A83E-4259-8E75-C73921CC01FB} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-06-19] (Adobe Systems Incorporated)
Task: {A56974CF-9CCC-4E57-9AA9-E2FF709695B7} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-06-20] (Microsoft Corporation)
Task: {AA194137-E3A1-43A2-9575-B41637D21E99} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2015-05-14] (Acer Incorporated)
Task: {B5EB7928-22D4-4286-BB54-397920C08268} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2016-04-20] (Acer)
Task: {CAD2B80F-4334-499A-9A94-54F196810E9F} - System32\Tasks\FUBTrackingByPLD => C:\OEM\Preload\FubTracking\FubTracking.exe [2015-05-14] ()
Task: {CD6F702C-470B-4241-8589-E1071B89BA8F} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [2015-07-10] ()
Task: {DC0657DA-2CD4-4D26-9C1A-220624452D10} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2015-07-09] (Acer Incorporated)
Task: {E02B5105-EEF3-499C-83D1-F8D59078D5A0} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-06-10] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-03-08 14:28 - 2015-07-13 19:37 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-12-17 19:38 - 2015-12-17 19:38 - 00085800 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-12-17 19:38 - 2015-12-17 19:38 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-05-19 09:11 - 2015-05-19 09:11 - 00007680 _____ () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
2016-05-27 12:29 - 2016-05-27 12:29 - 00592392 _____ () C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
2016-04-13 18:23 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-13 18:23 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-05-21 11:42 - 2016-05-21 11:42 - 00959168 _____ () C:\Users\a\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2016-04-19 19:37 - 2016-04-19 19:37 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-02-23 18:21 - 2016-02-23 18:21 - 00415128 _____ () C:\WINDOWS\system32\igfxTray.exe
2016-03-08 14:19 - 2016-03-08 14:19 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-05-11 18:20 - 2016-04-23 06:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-06-16 08:20 - 2016-05-28 05:59 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-06-16 08:20 - 2016-05-28 05:53 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-06-16 08:20 - 2016-05-28 05:54 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-06-16 08:20 - 2016-05-28 05:56 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-09-20 04:56 - 2015-02-09 05:18 - 00124440 _____ () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
2016-06-20 19:37 - 2016-06-03 11:46 - 00227200 _____ () C:\Users\a\AppData\Roaming\Dashlane\Dashlane.exe
2015-11-23 19:44 - 2015-11-23 19:44 - 01769312 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
2016-06-20 19:36 - 2016-06-03 11:46 - 00286080 _____ () C:\Users\a\AppData\Roaming\Dashlane\DashlanePlugin.exe
2015-09-20 06:02 - 2015-05-14 09:10 - 00030976 _____ () C:\OEM\Preload\FubTracking\FubTracking.exe
2015-07-10 12:38 - 2015-07-10 12:38 - 04580704 _____ () C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
2016-06-29 21:04 - 2016-06-29 21:05 - 00165376 _____ () C:\Users\a\Desktop\SystemLook_x64.exe
2016-06-10 17:34 - 2016-03-21 14:47 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2016-06-10 17:34 - 2016-03-21 14:47 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll
2016-06-10 17:34 - 2016-03-21 14:47 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll
2016-06-10 17:34 - 2016-03-21 14:47 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2016-06-10 17:34 - 2016-03-21 14:47 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2016-06-10 17:34 - 2016-03-21 14:47 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2016-06-20 19:34 - 2016-03-31 17:57 - 00625440 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2015-07-06 20:36 - 2015-07-06 20:36 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2016-04-19 19:37 - 2016-04-19 19:37 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2015-09-20 05:10 - 2015-06-23 22:37 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-05-21 11:42 - 2016-05-21 11:42 - 00679624 _____ () C:\Users\a\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll
2014-12-11 18:40 - 2014-12-11 18:40 - 40622592 ____R () C:\Program Files (x86)\Fitbit Connect\libcef.dll
2015-07-16 05:41 - 2015-05-08 19:41 - 00090368 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext.dll
2016-06-20 19:36 - 2016-06-03 11:43 - 00347520 _____ () C:\Users\a\AppData\Roaming\Dashlane\4.5.0.13208\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWDebugDll_win32.4.5.0.13208.dll
2016-06-20 19:36 - 2016-06-03 11:43 - 00436608 _____ () C:\Users\a\AppData\Roaming\Dashlane\4.5.0.13208\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWDebug.4.5.0.13208.dll
2016-06-20 19:36 - 2016-06-03 11:43 - 00469376 _____ () C:\Users\a\AppData\Roaming\Dashlane\4.5.0.13208\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWUtils.4.5.0.13208.dll
2016-06-20 19:36 - 2016-06-03 11:43 - 63070592 _____ () C:\Users\a\AppData\Roaming\Dashlane\4.5.0.13208\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWExternLib.4.5.0.13208.dll
2016-06-20 19:36 - 2016-06-03 11:43 - 00299392 _____ () C:\Users\a\AppData\Roaming\Dashlane\4.5.0.13208\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWMainLib_win.4.5.0.13208.dll
2016-06-20 19:36 - 2016-06-03 11:43 - 06254464 _____ () C:\Users\a\AppData\Roaming\Dashlane\4.5.0.13208\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWData.4.5.0.13208.dll
2016-06-20 19:36 - 2016-06-03 11:43 - 07393664 _____ () C:\Users\a\AppData\Roaming\Dashlane\4.5.0.13208\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWApplication.4.5.0.13208.dll
2016-06-20 19:34 - 2016-03-31 17:57 - 00899872 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\webres.dll
2016-06-20 19:34 - 2016-03-31 17:57 - 00188704 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\unrar.dll
2016-06-20 19:34 - 2016-03-31 17:57 - 00151840 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\zlibwapi.dll
2016-06-20 19:34 - 2016-03-31 17:57 - 00625440 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\ProductStatistics.dll
2016-06-20 19:36 - 2016-06-03 11:43 - 13624192 _____ () C:\Users\a\AppData\Roaming\Dashlane\4.5.0.13208\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWMainLib.4.5.0.13208.dll
2016-06-20 19:36 - 2016-06-03 11:43 - 02284928 _____ () C:\Users\a\AppData\Roaming\Dashlane\4.5.0.13208\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWMainLibData.4.5.0.13208.dll
2016-06-20 19:36 - 2016-06-03 11:43 - 00353664 _____ () C:\Users\a\AppData\Roaming\Dashlane\4.5.0.13208\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\Kwift_DP.4.5.0.13208.dll
2016-06-20 19:34 - 2016-03-31 17:57 - 00355616 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madExcept_.bpl
2016-06-20 19:34 - 2016-03-31 17:57 - 00190240 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madBasic_.bpl
2016-06-20 19:34 - 2016-03-31 17:57 - 00057632 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madDisAsm_.bpl
2016-05-16 11:04 - 2016-05-16 11:04 - 00641240 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll
2016-05-16 11:02 - 2016-05-16 11:02 - 00202456 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll
2016-05-16 11:04 - 2016-05-16 11:04 - 00654000 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll
2016-05-16 11:03 - 2016-05-16 11:03 - 00119000 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll
2016-04-27 06:40 - 2016-04-27 06:40 - 00015064 _____ () C:\WINDOWS\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2016-04-18 16:13 - 2016-04-18 16:13 - 00013016 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
2016-04-18 16:11 - 2016-04-18 16:11 - 00277856 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll
2016-05-27 12:33 - 2016-05-27 12:33 - 38907672 _____ () C:\Program Files\AVAST Software\SecureLine\libcef.dll
2016-04-20 14:57 - 2016-04-20 14:57 - 00194048 _____ () C:\Program Files (x86)\Acer\Acer Portal\curllib.dll
2016-04-20 14:57 - 2016-04-20 14:57 - 00110592 _____ () C:\Program Files (x86)\Acer\Acer Portal\OpenLDAP.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-1723475428-3538683685-1902373366-1001\...\amazon.de -> amazon.de
IE trusted site: HKU\S-1-5-21-1723475428-3538683685-1902373366-1001\...\localhost -> localhost

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2015-07-10 13:04 - 2016-06-27 19:07 - 00000832 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1723475428-3538683685-1902373366-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{984496EB-FF9E-47FE-89E1-C623DC2E34A8}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{BD854089-0D5F-4A7E-8A42-C09F63C3D1B5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{48264247-6BBD-4D33-9577-C121F9587C53}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{DE2C11A4-6F8E-4E83-98A4-F80B0367EB34}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E43E4FEC-CEC4-4D24-8C5B-F14AF883023D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{07CB66BD-7B48-48E2-8AA3-67028ECD10A1}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{68496DA1-FDB3-48C2-B83F-C69993C81201}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{06D00A1E-88C9-430D-BC23-8E2935DC8C45}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{67E00604-5860-41C5-979B-280684AEB3B7}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{18E0AAC4-7E92-4E87-882B-2922F9E77555}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{401D33D9-C483-4A8F-B4DE-681285D9F3CA}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{BF238560-2054-4610-A933-D37BBC61E342}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{541FCBE3-72B5-421D-8C83-416408B72FBE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{5A2A1D26-526F-445A-9E56-195BDD5A64E4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A0E298A9-C708-4900-B022-E8F20F8CA79D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{40BBC3FA-73A2-450E-A45B-FAFD8B4E3F4C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{CA3177F4-DDA9-4941-BD10-BB976BE74B1F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{E744BB56-BEFF-4964-998D-539971FAB3AC}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{1B9D0A36-6AAB-4CC3-8886-519D02528162}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{7456B177-F3A4-4680-BA3F-C029A641E7C8}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{EC3208F3-2858-4033-948B-9FC0C05D4036}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{030AD213-B01A-4478-8883-98ACC90362D1}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{AC4F09D0-A1A1-491B-A6C8-7B850DA5B4AB}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{8A51B2ED-B3C9-491A-9BE7-0BF196CCC4FB}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{90DCACF2-AD29-4E57-BC3B-9517855EA057}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{77047FE5-5BE3-46C4-9880-2EDCA9AD130E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{79335C2F-97B2-40AA-8478-EC22FE191C2F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Wiederherstellungspunkte =========================

27-06-2016 19:45:02 JRT Pre-Junkware Removal
28-06-2016 21:59:19 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (06/29/2016 07:04:51 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073415161

Error: (06/29/2016 06:55:18 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-SG29RGOV)
Description: Bei der Aktivierung der App „Microsoft.Windows.Photos_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (06/28/2016 09:59:33 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (06/28/2016 09:55:00 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (06/28/2016 09:01:36 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073415161

Error: (06/27/2016 10:46:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: backgroundTaskHost.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d8f0
Name des fehlerhaften Moduls: AppCore.Windows.dll_unloaded, Version: 16.526.11240.0, Zeitstempel: 0x574741e6
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000010a0
ID des fehlerhaften Prozesses: 0x172c
Startzeit der fehlerhaften Anwendung: 0xbackgroundTaskHost.exe0
Pfad der fehlerhaften Anwendung: backgroundTaskHost.exe1
Pfad des fehlerhaften Moduls: backgroundTaskHost.exe2
Berichtskennung: backgroundTaskHost.exe3
Vollständiger Name des fehlerhaften Pakets: backgroundTaskHost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: backgroundTaskHost.exe5

Error: (06/27/2016 10:33:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: backgroundTaskHost.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d8f0
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.10586.306, Zeitstempel: 0x571af2eb
Ausnahmecode: 0xc0000409
Fehleroffset: 0x00000000000a9ba0
ID des fehlerhaften Prozesses: 0x3b10
Startzeit der fehlerhaften Anwendung: 0xbackgroundTaskHost.exe0
Pfad der fehlerhaften Anwendung: backgroundTaskHost.exe1
Pfad des fehlerhaften Moduls: backgroundTaskHost.exe2
Berichtskennung: backgroundTaskHost.exe3
Vollständiger Name des fehlerhaften Pakets: backgroundTaskHost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: backgroundTaskHost.exe5

Error: (06/27/2016 07:45:16 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (06/27/2016 07:13:57 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-SG29RGOV)
Description: Bei der Aktivierung der App „Microsoft.WindowsMaps_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927148. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (06/27/2016 07:11:50 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8


Systemfehler:
=============
Error: (06/29/2016 08:57:07 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "cphs" wurde mit folgendem Fehler beendet: 
%%2147942406 = Das Handle ist ungültig.


Error: (06/29/2016 08:56:33 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\WINDOWS\System32\IWMSSvc.dll

Error: (06/29/2016 08:56:33 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\WINDOWS\System32\IWMSSvc.dll

Error: (06/29/2016 08:56:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Apple Mobile Device Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%109 = Die Pipe wurde beendet.


Error: (06/29/2016 08:56:28 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\WINDOWS\System32\IWMSSvc.dll

Error: (06/29/2016 08:56:25 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-SG29RGOV)
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (06/29/2016 08:56:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_5cd42" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/29/2016 08:56:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _5cd42" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/29/2016 08:56:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_5cd42" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/29/2016 08:56:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_5cd42" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.


CodeIntegrity:
===================================
  Date: 2016-06-27 18:32:11.229
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-21 14:13:03.906
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-20 19:26:30.022
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-06-20 19:26:30.005
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-06-20 19:26:29.983
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-06-20 19:26:29.409
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-06-20 19:26:29.315
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-06-20 19:05:30.768
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-20 18:40:31.806
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-06-20 18:40:15.023
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i3-5005U CPU @ 2.00GHz
Prozentuale Nutzung des RAM: 39%
Installierter physikalischer RAM: 8106.45 MB
Verfügbarer physikalischer RAM: 4911.94 MB
Summe virtueller Speicher: 9386.45 MB
Verfügbarer virtueller Speicher: 5342.92 MB

==================== Laufwerke ================================

Drive c: (Acer) (Fixed) (Total:930.91 GB) (Free:857.38 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 449E0580)

Partition: GPT.

==================== Ende von Addition.txt ============================

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 29-06-2016
durchgeführt von a (Administrator) auf LAPTOP-SG29RGOV (29-06-2016 21:09:37)
Gestartet von C:\Users\a\Desktop
Geladene Profile: a (Verfügbare Profile: a & louis & jbeur)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe
() C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
() C:\Program Files\AVAST Software\SecureLine\vpnsvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
() C:\Users\a\AppData\Roaming\Dashlane\Dashlane.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
() C:\Users\a\AppData\Roaming\Dashlane\DashlanePlugin.exe
() C:\OEM\Preload\FubTracking\FubTracking.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSYNC.EXE
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFTips.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(AVAST Software) C:\Program Files\AVAST Software\SecureLine\secureline.exe
(Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerButton_NB.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
() C:\Users\a\Desktop\SystemLook_x64.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14040792 2015-07-07] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-06-23] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-17] (Apple Inc.)
HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [91488 2015-11-23] ()
HKLM-x32\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [4567720 2015-10-28] (Fitbit, Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [5971232 2016-06-14] (IObit)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-06-01] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [814608 2016-04-04] (Avira Operations GmbH & Co. KG)
HKLM\...\Policies\Explorer: [NoThemesTab] 1
HKU\S-1-5-21-1723475428-3538683685-1902373366-1001\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [4567720 2015-10-28] (Fitbit, Inc.)
HKU\S-1-5-21-1723475428-3538683685-1902373366-1001\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [721504 2015-09-02] (Microsoft Corporation)
HKU\S-1-5-21-1723475428-3538683685-1902373366-1001\...\Run: [Dashlane] => C:\Users\a\AppData\Roaming\Dashlane\Dashlane.exe [227200 2016-06-03] ()
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-04-20] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-04-20] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-04-20] (Acer Incorporated)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{b7772e8a-7d1b-4ad1-bacc-94bc28f43f38}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1723475428-3538683685-1902373366-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-1723475428-3538683685-1902373366-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer15.msn.com/?pc=ACTE
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-06-10] (Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-06-10] (Microsoft Corporation)
BHO-x32: Dashlane BHO -> {42D79B50-CC4A-4A8E-860F-BE674AF053A2} -> C:\Users\a\AppData\Roaming\Dashlane\ie\Dashlanei.dll [2016-06-03] (Dashlane)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
Toolbar: HKLM-x32 - Dashlane Toolbar - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\Users\a\AppData\Roaming\Dashlane\ie\KWIEBar.dll [2016-06-03] (Dashlane)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-10] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-10] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-10] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-10] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\oycd7pgf.default-1467050251082
FF DefaultSearchEngine: Google
FF Homepage: hxxp://hp.myway.com/dezipper/ttab02/index.html?coId=d8d6c3c3cfce4c86ad9cd51a6dcd257f&subId=undefined&ln=en&n=782a7fa2&ptb=BDE45665-BA80-4F96-868B-A7EA633B6BBC&st=tab&p2=%5EBXL%5Exdm011%5ETTAB02%5Ede&si=undefined
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-06-19] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-19] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-06-10] (Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2014-11-15] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Extension: Deutsch (DE) Language Pack - C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\oycd7pgf.default-1467050251082\Extensions\langpack-de@firefox.mozilla.org.xpi [2016-06-27]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [970656 2016-04-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [467016 2016-04-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [467016 2016-04-04] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1435704 2016-04-04] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [302680 2016-06-01] (Avira Operations GmbH & Co. KG)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2860760 2016-04-18] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2944768 2016-06-10] (Microsoft Corporation)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2016-03-21] (Digital Wave Ltd.)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573568 2015-05-14] (Acer Incorporated)
R2 Fitbit Connect; C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe [5906088 2015-10-28] (Fitbit, Inc.)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [373312 2015-04-14] (WildTangent)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-06-23] (NVIDIA Corporation)
R2 ibtsiva; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [165104 2015-06-30] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [370064 2016-02-23] (Intel Corporation)
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [1597728 2016-06-13] (IObit)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Datei ist nicht signiert]
R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Datei ist nicht signiert]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223008 2015-07-06] (Intel Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2960672 2016-06-14] (IObit)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-06-12] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1868432 2015-06-23] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23007376 2015-06-23] (NVIDIA Corporation)
R3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [398176 2015-07-09] (Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [450400 2015-07-09] (Acer Incorporated)
R2 SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [592392 2016-05-27] ()
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [247040 2015-05-27] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3831200 2015-06-12] (Intel® Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128664 2016-04-04] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146712 2016-04-04] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2016-04-04] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [78208 2016-04-04] (Avira Operations GmbH & Co. KG)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-06-02] ()
R3 ETDI2C; C:\Windows\system32\DRIVERS\ETDI2C.sys [175152 2015-06-09] (ELAN Microelectronic Corp.)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [266512 2016-02-27] (Intel Corporation)
R3 IMFFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\IMFFilter.sys [22208 2016-04-01] (IObit)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21344 2015-07-09] (Acer Incorporated)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-06-29] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [184096 2015-06-29] (Intel Corporation)
R3 Netwtw02; C:\Windows\System32\drivers\Netwtw02.sys [9391896 2015-06-21] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-06-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [46768 2015-05-18] (NVIDIA Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14688 2015-07-09] (Acer Incorporated)
R3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2016-01-11] (IObit.com)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [886528 2015-05-29] (Realtek                                            )
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [411712 2015-05-19] (Realsil Semiconductor Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-06-29 21:09 - 2016-06-29 21:10 - 00022810 _____ C:\Users\a\Desktop\FRST.txt
2016-06-29 21:06 - 2016-06-29 21:08 - 00007778 _____ C:\Users\a\Desktop\SystemLook.txt
2016-06-29 21:04 - 2016-06-29 21:05 - 00165376 _____ C:\Users\a\Desktop\SystemLook_x64.exe
2016-06-29 20:57 - 2016-06-29 21:01 - 00000000 ____D C:\ProgramData\ProductData
2016-06-29 20:55 - 2016-06-29 20:56 - 00008453 _____ C:\Users\a\Downloads\Fixlog.txt
2016-06-29 20:55 - 2016-06-29 20:55 - 00000000 ____D C:\Users\a\Downloads\FRST-OlderVersion
2016-06-29 20:53 - 2016-06-29 20:52 - 00000994 _____ C:\Fixlist.txt
2016-06-29 20:52 - 2016-06-29 20:52 - 00000994 _____ C:\Users\a\Desktop\Fixlist.txt
2016-06-29 18:56 - 2016-06-29 18:56 - 00000000 ____D C:\Users\a\AppData\Roaming\ProductData
2016-06-28 22:28 - 2016-06-28 22:28 - 00001536 _____ C:\Users\a\Desktop\mbam.txt
2016-06-28 22:00 - 2016-06-28 22:00 - 00000675 _____ C:\Users\a\Desktop\JRT.txt
2016-06-28 21:58 - 2016-06-28 21:59 - 01610816 _____ (Malwarebytes) C:\Users\a\Downloads\JRT(1).exe
2016-06-28 21:57 - 2016-06-28 21:57 - 00001179 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-06-28 21:57 - 2016-06-28 21:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-06-28 21:57 - 2016-06-28 21:57 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-06-28 21:57 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-06-28 21:57 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-06-28 21:57 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-06-28 21:56 - 2016-06-28 21:56 - 22851472 _____ (Malwarebytes ) C:\Users\a\Downloads\mbam-setup-2.2.1.1043(1).exe
2016-06-28 21:35 - 2016-06-28 21:36 - 03703360 _____ C:\Users\a\Downloads\AdwCleaner_5.200(1).exe
2016-06-28 21:27 - 2016-06-28 21:29 - 00264780 _____ C:\TDSSKiller.3.1.0.9_28.06.2016_21.27.55_log.txt
2016-06-28 21:27 - 2016-06-28 21:27 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\a\Downloads\tdsskiller.exe
2016-06-28 21:23 - 2016-06-28 22:31 - 00039528 _____ C:\Users\a\Downloads\Addition.txt
2016-06-28 21:22 - 2016-06-29 21:09 - 00000000 ____D C:\FRST
2016-06-28 21:22 - 2016-06-28 22:31 - 00063829 _____ C:\Users\a\Downloads\FRST.txt
2016-06-28 21:21 - 2016-06-29 20:55 - 02390016 _____ (Farbar) C:\Users\a\Desktop\FRST64.exe
2016-06-27 19:57 - 2016-06-27 19:57 - 00000000 ____D C:\Users\a\Desktop\Old Firefox Data
2016-06-27 19:43 - 2016-06-27 19:44 - 01610816 _____ (Malwarebytes) C:\Users\a\Downloads\JRT.exe
2016-06-27 19:39 - 2016-06-27 19:39 - 22851472 _____ (Malwarebytes ) C:\Users\a\Downloads\mbam-setup-2.2.1.1043.exe
2016-06-27 19:29 - 2016-06-28 21:44 - 00000000 ____D C:\AdwCleaner
2016-06-27 19:29 - 2016-06-27 19:29 - 03703360 _____ C:\Users\a\Downloads\AdwCleaner_5.200.exe
2016-06-27 19:24 - 2016-06-27 19:24 - 00000000 ____D C:\Users\a\AppData\Roaming\Avira
2016-06-27 19:21 - 2016-04-04 17:07 - 00146712 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2016-06-27 19:21 - 2016-04-04 17:07 - 00128664 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2016-06-27 19:21 - 2016-04-04 17:07 - 00078208 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2016-06-27 19:21 - 2016-04-04 17:07 - 00035488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2016-06-27 19:20 - 2016-06-27 19:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-06-27 19:20 - 2016-06-27 19:21 - 00000000 ____D C:\ProgramData\Avira
2016-06-27 19:20 - 2016-06-27 19:21 - 00000000 ____D C:\Program Files (x86)\Avira
2016-06-27 19:20 - 2016-06-27 19:20 - 00001291 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2016-06-27 19:11 - 2016-06-27 19:20 - 04657056 _____ (Avira Operations GmbH & Co. KG) C:\Users\a\Downloads\avira_de_av_57715dbc5850b__adw.exe
2016-06-20 19:37 - 2016-06-20 19:37 - 00001827 _____ C:\Users\a\Desktop\Dashlane.lnk
2016-06-20 19:37 - 2016-06-20 19:37 - 00000000 ____D C:\Users\a\AppData\LocalLow\Dashlane
2016-06-20 19:35 - 2016-06-20 19:37 - 00000000 ____D C:\Users\a\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dashlane
2016-06-20 19:35 - 2016-06-20 19:37 - 00000000 ____D C:\Users\a\AppData\Roaming\Dashlane
2016-06-20 19:35 - 2016-06-20 19:36 - 00000000 ____D C:\Program Files (x86)\Dashlane
2016-06-20 19:34 - 2016-06-20 19:34 - 00001254 _____ C:\Users\Public\Desktop\IObit Malware Fighter.lnk
2016-06-20 19:34 - 2016-06-20 19:34 - 00000000 ____D C:\Users\louis\AppData\Roaming\IObit
2016-06-20 19:34 - 2016-06-20 19:34 - 00000000 ____D C:\Users\a\AppData\Roaming\IObit
2016-06-20 19:34 - 2016-06-20 19:34 - 00000000 ____D C:\Users\a\AppData\LocalLow\IObit
2016-06-20 19:34 - 2016-06-20 19:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
2016-06-20 19:33 - 2016-06-20 19:34 - 00000000 ____D C:\ProgramData\IObit
2016-06-20 19:33 - 2016-06-20 19:34 - 00000000 ____D C:\Program Files (x86)\IObit
2016-06-20 19:33 - 2016-06-20 19:33 - 00000000 ____D C:\ProgramData\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705}
2016-06-20 19:21 - 2016-06-20 19:32 - 43739048 _____ (IObit ) C:\Users\a\Downloads\IObit-Malware-Fighter-Setup.exe
2016-06-16 23:03 - 2016-06-16 23:03 - 00048402 _____ C:\Users\a\Downloads\Stellenausschreibung_Brandmeister_2016_langzeit.pdf
2016-06-16 08:20 - 2016-05-28 08:13 - 01401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-06-16 08:20 - 2016-05-28 08:13 - 00046784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-06-16 08:20 - 2016-05-28 07:07 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-06-16 08:20 - 2016-05-28 07:07 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-06-16 08:20 - 2016-05-28 06:58 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-06-16 08:20 - 2016-05-28 06:57 - 01594416 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-06-16 08:20 - 2016-05-28 06:57 - 01372312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-06-16 08:20 - 2016-05-28 06:57 - 00636304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-06-16 08:20 - 2016-05-28 06:57 - 00546456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-06-16 08:20 - 2016-05-28 06:57 - 00316256 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-06-16 08:20 - 2016-05-28 06:35 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
2016-06-16 08:20 - 2016-05-28 06:35 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-06-16 08:20 - 2016-05-28 06:31 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-06-16 08:20 - 2016-05-28 06:29 - 22379008 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-06-16 08:20 - 2016-05-28 06:29 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-06-16 08:20 - 2016-05-28 06:28 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-06-16 08:20 - 2016-05-28 06:27 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-06-16 08:20 - 2016-05-28 06:27 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-06-16 08:20 - 2016-05-28 06:26 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-06-16 08:20 - 2016-05-28 06:26 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-06-16 08:20 - 2016-05-28 06:24 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-06-16 08:20 - 2016-05-28 06:22 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-06-16 08:20 - 2016-05-28 06:22 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-06-16 08:20 - 2016-05-28 06:22 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-06-16 08:20 - 2016-05-28 06:19 - 24605696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-06-16 08:20 - 2016-05-28 06:18 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-06-16 08:20 - 2016-05-28 06:18 - 07977472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-06-16 08:20 - 2016-05-28 06:18 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-06-16 08:20 - 2016-05-28 06:17 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-06-16 08:20 - 2016-05-28 06:15 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-06-16 08:20 - 2016-05-28 06:15 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-06-16 08:20 - 2016-05-28 06:15 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-06-16 08:20 - 2016-05-28 06:14 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-06-16 08:20 - 2016-05-28 06:14 - 00606208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-06-16 08:20 - 2016-05-28 06:14 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-06-16 08:20 - 2016-05-28 06:13 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-06-16 08:20 - 2016-05-28 06:12 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-06-16 08:20 - 2016-05-28 06:11 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-06-16 08:20 - 2016-05-28 06:11 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-06-16 08:20 - 2016-05-28 06:11 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-06-16 08:20 - 2016-05-28 06:08 - 13385728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-06-16 08:20 - 2016-05-28 06:08 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-06-16 08:20 - 2016-05-28 06:06 - 12128256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-06-16 08:20 - 2016-05-28 06:06 - 07200256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-06-16 08:20 - 2016-05-28 06:04 - 06973952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-06-16 08:20 - 2016-05-28 06:03 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-06-16 08:20 - 2016-05-28 06:03 - 02609664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-06-16 08:20 - 2016-05-28 06:00 - 03585536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-06-16 08:20 - 2016-05-28 06:00 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-06-16 08:20 - 2016-05-28 05:58 - 07832576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-06-16 08:20 - 2016-05-28 05:58 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-06-16 08:19 - 2016-05-28 08:13 - 01184960 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-06-16 08:19 - 2016-05-28 08:13 - 00514752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-06-16 08:19 - 2016-05-28 08:13 - 00290496 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-06-16 08:19 - 2016-05-28 08:13 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-06-16 08:19 - 2016-05-28 07:25 - 04268880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2016-06-16 08:19 - 2016-05-28 07:23 - 00388384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
2016-06-16 08:19 - 2016-05-28 07:23 - 00312160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll
2016-06-16 08:19 - 2016-05-28 07:22 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-06-16 08:19 - 2016-05-28 07:22 - 04387680 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2016-06-16 08:19 - 2016-05-28 07:22 - 00428896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2016-06-16 08:19 - 2016-05-28 07:22 - 00211296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2016-06-16 08:19 - 2016-05-28 07:22 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-06-16 08:19 - 2016-05-28 07:20 - 00430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2016-06-16 08:19 - 2016-05-28 07:18 - 00357216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
2016-06-16 08:19 - 2016-05-28 07:09 - 00501600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-06-16 08:19 - 2016-05-28 07:08 - 00693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-06-16 08:19 - 2016-05-28 07:07 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-06-16 08:19 - 2016-05-28 07:07 - 02921880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-06-16 08:19 - 2016-05-28 07:07 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-06-16 08:19 - 2016-05-28 07:07 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-06-16 08:19 - 2016-05-28 07:07 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-06-16 08:19 - 2016-05-28 07:06 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-06-16 08:19 - 2016-05-28 07:06 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-06-16 08:19 - 2016-05-28 07:06 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-06-16 08:19 - 2016-05-28 07:06 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-06-16 08:19 - 2016-05-28 07:06 - 00254656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-06-16 08:19 - 2016-05-28 07:05 - 04515264 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-06-16 08:19 - 2016-05-28 07:04 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-06-16 08:19 - 2016-05-28 07:04 - 00431296 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2016-06-16 08:19 - 2016-05-28 07:04 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2016-06-16 08:19 - 2016-05-28 07:04 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-06-16 08:19 - 2016-05-28 07:04 - 00111064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2016-06-16 08:19 - 2016-05-28 07:04 - 00097096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2016-06-16 08:19 - 2016-05-28 07:03 - 00131248 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2016-06-16 08:19 - 2016-05-28 06:58 - 01996640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-06-16 08:19 - 2016-05-28 06:57 - 02548944 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-06-16 08:19 - 2016-05-28 06:57 - 02195632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-06-16 08:19 - 2016-05-28 06:57 - 00649792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-06-16 08:19 - 2016-05-28 06:57 - 00577376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-06-16 08:19 - 2016-05-28 06:57 - 00521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-06-16 08:19 - 2016-05-28 06:35 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsdport.sys
2016-06-16 08:19 - 2016-05-28 06:31 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe
2016-06-16 08:19 - 2016-05-28 06:31 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-06-16 08:19 - 2016-05-28 06:26 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2016-06-16 08:19 - 2016-05-28 06:25 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-06-16 08:19 - 2016-05-28 06:24 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-06-16 08:19 - 2016-05-28 06:22 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-06-16 08:19 - 2016-05-28 06:22 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2016-06-16 08:19 - 2016-05-28 06:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2016-06-16 08:19 - 2016-05-28 06:22 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptsvc.dll
2016-06-16 08:19 - 2016-05-28 06:21 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrokerLib.dll
2016-06-16 08:19 - 2016-05-28 06:21 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-06-16 08:19 - 2016-05-28 06:20 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-06-16 08:19 - 2016-05-28 06:20 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\polstore.dll
2016-06-16 08:19 - 2016-05-28 06:20 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GnssAdapter.dll
2016-06-16 08:19 - 2016-05-28 06:20 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll
2016-06-16 08:19 - 2016-05-28 06:19 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-06-16 08:19 - 2016-05-28 06:18 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2016-06-16 08:19 - 2016-05-28 06:18 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2016-06-16 08:19 - 2016-05-28 06:18 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPSECSVC.DLL
2016-06-16 08:19 - 2016-05-28 06:18 - 00380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2016-06-16 08:19 - 2016-05-28 06:18 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-06-16 08:19 - 2016-05-28 06:17 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-06-16 08:19 - 2016-05-28 06:17 - 00963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2016-06-16 08:19 - 2016-05-28 06:17 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-06-16 08:19 - 2016-05-28 06:17 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-06-16 08:19 - 2016-05-28 06:16 - 19344384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-06-16 08:19 - 2016-05-28 06:16 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-06-16 08:19 - 2016-05-28 06:16 - 00684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2016-06-16 08:19 - 2016-05-28 06:16 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2016-06-16 08:19 - 2016-05-28 06:16 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-06-16 08:19 - 2016-05-28 06:16 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-06-16 08:19 - 2016-05-28 06:15 - 00794624 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-06-16 08:19 - 2016-05-28 06:15 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2016-06-16 08:19 - 2016-05-28 06:15 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-06-16 08:19 - 2016-05-28 06:14 - 18674176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-06-16 08:19 - 2016-05-28 06:14 - 01716736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-06-16 08:19 - 2016-05-28 06:14 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-06-16 08:19 - 2016-05-28 06:14 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-06-16 08:19 - 2016-05-28 06:14 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-06-16 08:19 - 2016-05-28 06:13 - 00990208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-06-16 08:19 - 2016-05-28 06:13 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-06-16 08:19 - 2016-05-28 06:13 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-06-16 08:19 - 2016-05-28 06:13 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2016-06-16 08:19 - 2016-05-28 06:12 - 00614400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-06-16 08:19 - 2016-05-28 06:12 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2016-06-16 08:19 - 2016-05-28 06:11 - 01445888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-06-16 08:19 - 2016-05-28 06:11 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-06-16 08:19 - 2016-05-28 06:11 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-06-16 08:19 - 2016-05-28 06:11 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-06-16 08:19 - 2016-05-28 06:09 - 01073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-06-16 08:19 - 2016-05-28 06:06 - 01339904 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2016-06-16 08:19 - 2016-05-28 06:05 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-06-16 08:19 - 2016-05-28 06:05 - 03664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-06-16 08:19 - 2016-05-28 06:05 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-06-16 08:19 - 2016-05-28 06:05 - 01797120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-06-16 08:19 - 2016-05-28 06:04 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-06-16 08:19 - 2016-05-28 06:04 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-06-16 08:19 - 2016-05-28 06:03 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-06-16 08:19 - 2016-05-28 06:03 - 01185280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationFramework.dll
2016-06-16 08:19 - 2016-05-28 06:03 - 00693760 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2016-06-16 08:19 - 2016-05-28 06:03 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-06-16 08:19 - 2016-05-28 06:02 - 03590144 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-06-16 08:19 - 2016-05-28 06:02 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-06-16 08:19 - 2016-05-28 06:02 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2016-06-16 08:19 - 2016-05-28 06:01 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-06-16 08:19 - 2016-05-28 06:01 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-06-16 08:19 - 2016-05-28 06:01 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-06-16 08:19 - 2016-05-28 06:00 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-06-16 08:19 - 2016-05-28 06:00 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-06-16 08:19 - 2016-05-28 06:00 - 02230272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-06-16 08:19 - 2016-05-28 06:00 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-06-16 08:19 - 2016-05-28 06:00 - 01730560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-06-16 08:19 - 2016-05-28 06:00 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-06-16 08:19 - 2016-05-28 05:58 - 04896256 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-06-16 08:19 - 2016-05-28 05:58 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-06-16 08:19 - 2016-05-28 05:58 - 02066432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-06-16 08:19 - 2016-05-28 05:57 - 02281472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-06-16 08:19 - 2016-05-28 05:55 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-06-16 08:18 - 2016-05-28 07:16 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-06-16 08:18 - 2016-05-28 07:09 - 00170848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.exe
2016-06-16 08:18 - 2016-05-28 07:09 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-06-16 08:18 - 2016-05-28 07:08 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
2016-06-16 08:18 - 2016-05-28 07:08 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-06-16 08:18 - 2016-05-28 06:29 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2016-06-16 08:18 - 2016-05-28 06:29 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxp.dll
2016-06-16 08:18 - 2016-05-28 06:28 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-06-16 08:18 - 2016-05-28 06:28 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\FwRemoteSvr.dll
2016-06-16 08:18 - 2016-05-28 06:26 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-06-16 08:18 - 2016-05-28 06:26 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2016-06-16 08:18 - 2016-05-28 06:24 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-06-16 08:18 - 2016-05-28 06:24 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Ndu.sys
2016-06-16 08:18 - 2016-05-28 06:24 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-06-16 08:18 - 2016-05-28 06:24 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-06-16 08:18 - 2016-05-28 06:24 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2016-06-16 08:18 - 2016-05-28 06:24 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FwRemoteSvr.dll
2016-06-16 08:18 - 2016-05-28 06:23 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-06-16 08:18 - 2016-05-28 06:23 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2016-06-16 08:18 - 2016-05-28 06:22 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-06-16 08:18 - 2016-05-28 06:22 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-06-16 08:18 - 2016-05-28 06:21 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-06-16 08:18 - 2016-05-28 06:21 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-06-16 08:18 - 2016-05-28 06:20 - 00511488 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
2016-06-16 08:18 - 2016-05-28 06:20 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2016-06-16 08:18 - 2016-05-28 06:20 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2016-06-16 08:18 - 2016-05-28 06:19 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-06-16 08:18 - 2016-05-28 06:19 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-06-16 08:18 - 2016-05-28 06:19 - 00355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2016-06-16 08:18 - 2016-05-28 06:19 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2016-06-16 08:18 - 2016-05-28 06:17 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll
2016-06-16 08:18 - 2016-05-28 06:17 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-06-16 08:18 - 2016-05-28 06:17 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2016-06-16 08:18 - 2016-05-28 06:16 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\polstore.dll
2016-06-16 08:18 - 2016-05-28 06:16 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2016-06-16 08:18 - 2016-05-28 06:15 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2016-06-16 08:18 - 2016-05-28 06:14 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2016-06-16 08:18 - 2016-05-28 06:13 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-06-16 08:18 - 2016-05-28 06:13 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-06-16 08:18 - 2016-05-28 06:13 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-06-16 08:18 - 2016-05-28 06:11 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2016-06-16 08:18 - 2016-05-28 06:02 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-06-16 08:18 - 2016-05-28 06:01 - 00111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-06-16 08:18 - 2016-05-28 06:00 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-06-16 08:18 - 2016-05-28 06:00 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-06-16 08:18 - 2016-05-28 05:59 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-06-16 08:18 - 2016-05-28 05:53 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2016-06-10 17:34 - 2016-06-10 17:34 - 00001486 _____ C:\Users\Public\Desktop\Free Audio CD to MP3 Converter.lnk
2016-06-10 17:34 - 2016-06-10 17:34 - 00001322 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2016-06-10 17:34 - 2016-06-10 17:34 - 00000000 ____D C:\Users\a\Documents\DVDVideoSoft
2016-06-10 17:34 - 2016-06-10 17:34 - 00000000 ____D C:\Users\a\AppData\Roaming\DVDVideoSoft
2016-06-10 17:34 - 2016-06-10 17:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2016-06-10 17:34 - 2016-06-10 17:34 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2016-06-10 17:33 - 2016-06-10 17:34 - 25948496 _____ (DVDVideoSoft Ltd. ) C:\Users\a\Downloads\FreeAudioCDToMP3Converter_1.3.12.1228s.exe
2016-06-10 17:29 - 2016-06-16 07:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-06-10 16:43 - 2016-06-29 21:00 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-06-10 16:42 - 2016-06-10 16:42 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-06-10 16:39 - 2016-06-10 16:40 - 01473544 _____ C:\Users\a\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe
2016-06-08 09:12 - 2016-06-15 22:40 - 00484008 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-06-02 16:46 - 2016-06-02 16:46 - 00000000 _____ C:\autoexec.bat
2016-06-02 16:44 - 2016-06-02 16:44 - 03482800 _____ (Enigma Software Group USA, LLC.) C:\Users\a\Downloads\SpyHunter-Installer.exe
2016-06-02 16:44 - 2016-06-02 16:44 - 00022704 _____ C:\WINDOWS\system32\Drivers\EsgScanner.sys

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-06-29 21:03 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-06-29 21:01 - 2016-02-09 00:38 - 00000000 ___RD C:\Users\a\OneDrive
2016-06-29 21:00 - 2016-03-08 14:28 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-06-29 21:00 - 2016-02-09 00:34 - 00000000 __SHD C:\Users\a\IntelGraphicsProfiles
2016-06-29 20:57 - 2016-03-08 14:48 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-06-29 20:56 - 2015-10-30 08:28 - 01048576 ___SH C:\WINDOWS\system32\config\BBI
2016-06-29 20:55 - 2016-03-27 14:05 - 00033280 ___SH C:\Users\a\Desktop\Thumbs.db
2016-06-29 20:55 - 2016-02-26 11:47 - 00000000 ____D C:\Users\a\AppData\LocalLow\Temp
2016-06-29 20:55 - 2015-09-20 05:15 - 00000000 ____D C:\Program Files (x86)\Amazon
2016-06-29 19:23 - 2016-03-16 18:51 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-06-29 19:01 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-06-29 18:58 - 2016-02-23 18:23 - 00004164 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{D4391977-0E1E-455B-ADAD-1CFD3B6AC71D}
2016-06-27 22:46 - 2016-02-27 21:42 - 00000000 ____D C:\Users\a\AppData\Local\CrashDumps
2016-06-27 20:58 - 2016-05-21 11:44 - 00000000 ___HD C:\OneDriveTemp
2016-06-27 20:57 - 2015-07-16 05:34 - 00000000 ____D C:\ProgramData\McAfee
2016-06-27 20:54 - 2015-10-30 09:24 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-06-27 20:54 - 2015-10-30 08:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-06-27 20:54 - 2015-07-10 11:05 - 00000000 ____D C:\Users\Default.migrated
2016-06-27 19:32 - 2016-05-11 18:22 - 00000000 ____D C:\Users\a\AppData\Roaming\Lavasoft
2016-06-27 19:32 - 2016-05-11 18:22 - 00000000 ____D C:\ProgramData\Lavasoft
2016-06-27 19:32 - 2016-05-11 18:22 - 00000000 ____D C:\Program Files (x86)\Lavasoft
2016-06-27 19:20 - 2015-09-20 04:53 - 00000000 ____D C:\ProgramData\Package Cache
2016-06-27 18:58 - 2016-03-08 14:31 - 00000000 ____D C:\Users\a
2016-06-27 18:58 - 2016-02-27 11:34 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-06-27 18:58 - 2016-02-27 11:34 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-06-27 18:57 - 2016-03-08 14:31 - 00000000 ____D C:\Users\louis
2016-06-27 18:36 - 2015-10-30 09:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-06-27 18:30 - 2015-09-20 04:48 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-06-27 18:29 - 2015-07-16 05:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2016-06-27 18:23 - 2016-02-09 00:37 - 00000000 ____D C:\Users\a\AppData\Local\clear.fi
2016-06-26 17:47 - 2016-02-27 11:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-06-21 14:19 - 2015-10-30 20:35 - 00776766 _____ C:\WINDOWS\system32\perfh007.dat
2016-06-21 14:19 - 2015-10-30 20:35 - 00155544 _____ C:\WINDOWS\system32\perfc007.dat
2016-06-21 14:19 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-06-21 14:19 - 2015-07-16 05:31 - 01799166 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-06-20 20:15 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-06-20 14:25 - 2016-02-24 21:10 - 00000000 ____D C:\Users\louis\AppData\Local\CrashDumps
2016-06-20 13:51 - 2016-02-23 19:12 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-06-20 13:45 - 2016-02-23 19:12 - 142482544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-06-20 13:43 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-06-20 13:35 - 2016-02-23 20:32 - 00000000 __SHD C:\Users\louis\IntelGraphicsProfiles
2016-06-20 13:35 - 2015-07-16 05:28 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-06-16 19:57 - 2016-03-08 14:23 - 00364912 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-06-16 19:55 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-06-16 19:55 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-06-16 19:54 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-06-16 07:38 - 2015-07-16 05:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-06-14 20:33 - 2015-10-30 09:26 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-06-14 20:33 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-10 17:24 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\TAPI
2016-06-10 17:18 - 2016-03-08 14:31 - 00000000 ____D C:\Users\jbeur
2016-06-06 11:00 - 2016-02-27 11:27 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-03-08 14:28 - 2016-03-08 14:28 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
C:\Users\a\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-06-27 19:16

==================== Ende von FRST.txt ============================

M-K-D-B · 30.06.2016, 13:43

Servus,

wir entfernen die letzten Reste und kontrollieren nochmal alles.

Hinweis: Der Suchlauf mit ESET kann länger dauern.

Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

start
CloseProcesses:
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{ace5d9cf-4b28-44ce-b86b-07eeac288150}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Amazon1ButtonBrowserHelper.Amazon1ButtonBHO
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Amazon1ButtonRuntime.Amazon1ButtonRuntime
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Amazon1ButtonRuntime.AmazonRuntimeServer
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AmazonAppIE.AppGateway
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{7F46C358-270D-4791-A579-AD1DDA1A3F7B}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BAC72C85-CEC6-4B86-AF06-FA20C259FAB8}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\3DCCCD6BD02558446B24CF1C63EC213C
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{6557DB6C-EFE1-45AC-92A6-FBB1554B7502}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{BAC72C85-CEC6-4B86-AF06-FA20C259FAB8}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\AppID\{7F46C358-270D-4791-A579-AD1DDA1A3F7B}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3DCCCD6BD02558446B24CF1C63EC213C
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B6DCCCD3-520D-4485-B642-FCC136CE12C3}
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Schritt 2
setze bitte Firefox wie folgt zurück:
Firefox zurücksetzen

Schritt 3

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Schritt 4
Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.

Starte die HitmanPro.exe
Klicke auf
Entferne den Haken bei
Klicke auf
und
Akzeptiere die Lizenzbedingungen und klicke auf
Klicke auf

und auf
Wenn der Scan beendet wurde, nichts löschen lassen etc. sondern wähle unten links auf der Button-Leiste
und speichere die Logdatei auf Deinem Desktop.
Schließe HitmanPro und poste mir das Log.

Schritt 5

Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Untersuchen.
FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Gibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?

Bitte poste mit deiner nächsten Antwort

die Logdatei des FRST-Fix,
die Logdatei von ESET,
die Logdatei von HitmanPro,
die beiden neuen Logdateien von FRST,
die Beantwortung der gestellten Fragen.

beetleralf · 30.06.2016, 19:50

Code:

ATTFilter

Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 29-06-2016
durchgeführt von a (2016-06-30 19:54:36) Run:2
Gestartet von C:\Users\a\Desktop
Geladene Profile: a (Verfügbare Profile: a & louis & jbeur)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
start
CloseProcesses:
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{ace5d9cf-4b28-44ce-b86b-07eeac288150}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Amazon1ButtonBrowserHelper.Amazon1ButtonBHO
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Amazon1ButtonRuntime.Amazon1ButtonRuntime
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Amazon1ButtonRuntime.AmazonRuntimeServer
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AmazonAppIE.AppGateway
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{7F46C358-270D-4791-A579-AD1DDA1A3F7B}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BAC72C85-CEC6-4B86-AF06-FA20C259FAB8}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\3DCCCD6BD02558446B24CF1C63EC213C
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{6557DB6C-EFE1-45AC-92A6-FBB1554B7502}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{BAC72C85-CEC6-4B86-AF06-FA20C259FAB8}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\AppID\{7F46C358-270D-4791-A579-AD1DDA1A3F7B}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3DCCCD6BD02558446B24CF1C63EC213C
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B6DCCCD3-520D-4485-B642-FCC136CE12C3}
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
         
*****************

Prozess erfolgreich geschlossen.
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{ace5d9cf-4b28-44ce-b86b-07eeac288150} => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Amazon1ButtonBrowserHelper.Amazon1ButtonBHO => konnte nicht entfernt werden im ersten Versuch (ErrorCode: C0000121), siehe nächste Zeile.
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Amazon1ButtonBrowserHelper.Amazon1ButtonBHO => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Amazon1ButtonRuntime.Amazon1ButtonRuntime => konnte nicht entfernt werden im ersten Versuch (ErrorCode: C0000121), siehe nächste Zeile.
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Amazon1ButtonRuntime.Amazon1ButtonRuntime => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Amazon1ButtonRuntime.AmazonRuntimeServer => konnte nicht entfernt werden im ersten Versuch (ErrorCode: C0000121), siehe nächste Zeile.
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Amazon1ButtonRuntime.AmazonRuntimeServer => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AmazonAppIE.AppGateway => konnte nicht entfernt werden im ersten Versuch (ErrorCode: C0000121), siehe nächste Zeile.
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AmazonAppIE.AppGateway => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{7F46C358-270D-4791-A579-AD1DDA1A3F7B} => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BAC72C85-CEC6-4B86-AF06-FA20C259FAB8} => konnte nicht entfernt werden im ersten Versuch (ErrorCode: C0000121), siehe nächste Zeile.
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BAC72C85-CEC6-4B86-AF06-FA20C259FAB8} => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE} => konnte nicht entfernt werden im ersten Versuch (ErrorCode: C0000121), siehe nächste Zeile.
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE} => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\3DCCCD6BD02558446B24CF1C63EC213C => konnte nicht entfernt werden im ersten Versuch (ErrorCode: C0000121), siehe nächste Zeile.
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\3DCCCD6BD02558446B24CF1C63EC213C => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{6557DB6C-EFE1-45AC-92A6-FBB1554B7502} => konnte nicht entfernt werden im ersten Versuch (ErrorCode: C0000121), siehe nächste Zeile.
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{6557DB6C-EFE1-45AC-92A6-FBB1554B7502} => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{BAC72C85-CEC6-4B86-AF06-FA20C259FAB8} => konnte nicht entfernt werden im ersten Versuch (ErrorCode: C0000121), siehe nächste Zeile.
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{BAC72C85-CEC6-4B86-AF06-FA20C259FAB8} => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE} => konnte nicht entfernt werden im ersten Versuch (ErrorCode: C0000121), siehe nächste Zeile.
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE} => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\AppID\{7F46C358-270D-4791-A579-AD1DDA1A3F7B} => Schlüssel nicht gefunden. 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3DCCCD6BD02558446B24CF1C63EC213C => konnte nicht entfernt werden im ersten Versuch (ErrorCode: C0000121), siehe nächste Zeile.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3DCCCD6BD02558446B24CF1C63EC213C => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B6DCCCD3-520D-4485-B642-FCC136CE12C3} => Schlüssel erfolgreich entfernt

========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-1723475428-3538683685-1902373366-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-1723475428-3538683685-1902373366-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt


========= Ende von RemoveProxy: =========


=========  ipconfig /flushdns =========


Windows-IP-Konfiguration

Der DNS-Aufl�sungscache wurde geleert.

========= Ende von CMD: =========


=========  netsh winsock reset =========


Der Winsock-Katalog wurde zur�ckgesetzt.
Sie m�ssen den Computer neu starten, um den Vorgang abzuschlie�en.


========= Ende von CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 32768 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 5448363 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 156972 B
Edge => 0 B
Chrome => 0 B
Firefox => 11977270 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 47910 B
NetworkService => 0 B
a => 81360 B
louis => 0 B
jbeur => 0 B

RecycleBin => 0 B
EmptyTemp: => 16.9 MB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 19:54:47 ====

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=7a82968e0004c0409a440fbfb6622105
# end=init
# utc_time=2016-06-30 06:05:52
# local_time=2016-06-30 08:05:52 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT 
Update Init
Update Download
Update Finalize
Updated modules version: 29967
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=7a82968e0004c0409a440fbfb6622105
# end=updated
# utc_time=2016-06-30 06:12:02
# local_time=2016-06-30 08:12:02 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT 
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=7a82968e0004c0409a440fbfb6622105
# engine=29967
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-06-30 06:21:49
# local_time=2016-06-30 08:21:49 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1='Avira Antivirus'
# compatibility_mode=1815 16777213 100 99 79818 7528467 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 355329 21125052 0 0
# scanned=20495
# found=0
# cleaned=0
# scan_time=586

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 29-06-2016
durchgeführt von a (Administrator) auf LAPTOP-SG29RGOV (30-06-2016 20:42:43)
Gestartet von C:\Users\a\Desktop
Geladene Profile: a & louis & jbeur (Verfügbare Profile: a & louis & jbeur)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe
() C:\Program Files\AVAST Software\SecureLine\vpnsvc.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Fitbit, Inc.) C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
() C:\Users\a\AppData\Roaming\Dashlane\Dashlane.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
() C:\OEM\Preload\FubTracking\FubTracking.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE
() C:\Users\a\AppData\Roaming\Dashlane\DashlanePlugin.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFTips.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
(AVAST Software) C:\Program Files\AVAST Software\SecureLine\secureline.exe
() C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerButton_NB.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft) C:\Program Files\WindowsApps\Microsoft.BingFinance_4.11.156.0_x86__8wekyb3d8bbwe\Microsoft.Msn.Money.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14040792 2015-07-07] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-06-23] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-17] (Apple Inc.)
HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [91488 2015-11-23] ()
HKLM-x32\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [4567720 2015-10-28] (Fitbit, Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [5971232 2016-06-14] (IObit)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-06-01] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [814608 2016-04-04] (Avira Operations GmbH & Co. KG)
HKLM\...\Policies\Explorer: [NoThemesTab] 1
HKU\S-1-5-21-1723475428-3538683685-1902373366-1001\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [4567720 2015-10-28] (Fitbit, Inc.)
HKU\S-1-5-21-1723475428-3538683685-1902373366-1001\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [721504 2015-09-02] (Microsoft Corporation)
HKU\S-1-5-21-1723475428-3538683685-1902373366-1001\...\Run: [Dashlane] => C:\Users\a\AppData\Roaming\Dashlane\Dashlane.exe [227200 2016-06-03] ()
HKU\S-1-5-21-1723475428-3538683685-1902373366-1004\...\RunOnce: [Uninstall C:\Users\jbeur\AppData\Local\Microsoft\OneDrive\17.3.6301.0127_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\jbeur\AppData\Local\Microsoft\OneDrive\17.3.6301.0127_1\amd64"
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-04-20] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-04-20] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-04-20] (Acer Incorporated)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{b7772e8a-7d1b-4ad1-bacc-94bc28f43f38}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1723475428-3538683685-1902373366-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-1723475428-3538683685-1902373366-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer15.msn.com/?pc=ACTE
HKU\S-1-5-21-1723475428-3538683685-1902373366-1003\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1723475428-3538683685-1902373366-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer15.msn.com/?pc=ACTE
HKU\S-1-5-21-1723475428-3538683685-1902373366-1004\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1723475428-3538683685-1902373366-1004\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer15.msn.com/?pc=ACTE
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-06-10] (Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-06-10] (Microsoft Corporation)
BHO-x32: Dashlane BHO -> {42D79B50-CC4A-4A8E-860F-BE674AF053A2} -> C:\Users\a\AppData\Roaming\Dashlane\ie\Dashlanei.dll [2016-06-03] (Dashlane)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
Toolbar: HKLM-x32 - Dashlane Toolbar - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\Users\a\AppData\Roaming\Dashlane\ie\KWIEBar.dll [2016-06-03] (Dashlane)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-10] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-10] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-10] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-10] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\xvaojssf.default-1467309680984
FF Homepage: hxxp://hp.myway.com/dezipper/ttab02/index.html?coId=d8d6c3c3cfce4c86ad9cd51a6dcd257f&subId=undefined&ln=en&n=782a7fa2&ptb=BDE45665-BA80-4F96-868B-A7EA633B6BBC&st=tab&p2=%5EBXL%5Exdm011%5ETTAB02%5Ede&si=undefined
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-06-19] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-19] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-06-10] (Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2014-11-15] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Extension: Amazon Assistant for Firefox - C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\xvaojssf.default-1467309680984\Extensions\abb@amazon.com.xpi [2016-06-30]
FF Extension: Deutsch (DE) Language Pack - C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\xvaojssf.default-1467309680984\Extensions\langpack-de@firefox.mozilla.org.xpi [2016-06-30]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [970656 2016-04-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [467016 2016-04-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [467016 2016-04-04] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1435704 2016-04-04] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [302680 2016-06-01] (Avira Operations GmbH & Co. KG)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2860760 2016-04-18] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2944768 2016-06-10] (Microsoft Corporation)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2016-03-21] (Digital Wave Ltd.)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573568 2015-05-14] (Acer Incorporated)
R2 Fitbit Connect; C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe [5906088 2015-10-28] (Fitbit, Inc.)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [373312 2015-04-14] (WildTangent)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-06-23] (NVIDIA Corporation)
R2 ibtsiva; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [165104 2015-06-30] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [370064 2016-02-23] (Intel Corporation)
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [1597728 2016-06-13] (IObit)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Datei ist nicht signiert]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Datei ist nicht signiert]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223008 2015-07-06] (Intel Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2960672 2016-06-14] (IObit)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-06-12] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1868432 2015-06-23] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23007376 2015-06-23] (NVIDIA Corporation)
R3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [398176 2015-07-09] (Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [450400 2015-07-09] (Acer Incorporated)
R2 SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [592392 2016-05-27] ()
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [247040 2015-05-27] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3831200 2015-06-12] (Intel® Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128664 2016-04-04] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146712 2016-04-04] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2016-04-04] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [78208 2016-04-04] (Avira Operations GmbH & Co. KG)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-06-02] ()
R3 ETDI2C; C:\Windows\system32\DRIVERS\ETDI2C.sys [175152 2015-06-09] (ELAN Microelectronic Corp.)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [266512 2016-02-27] (Intel Corporation)
R3 IMFFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\IMFFilter.sys [22208 2016-04-01] (IObit)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21344 2015-07-09] (Acer Incorporated)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-06-30] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [184096 2015-06-29] (Intel Corporation)
R3 Netwtw02; C:\Windows\System32\drivers\Netwtw02.sys [9391896 2015-06-21] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-06-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [46768 2015-05-18] (NVIDIA Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14688 2015-07-09] (Acer Incorporated)
R3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2016-01-11] (IObit.com)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [886528 2015-05-29] (Realtek                                            )
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [411712 2015-05-19] (Realsil Semiconductor Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-06-30 20:33 - 2016-06-30 20:42 - 00000000 ____D C:\ProgramData\HitmanPro
2016-06-30 20:33 - 2016-06-30 20:33 - 11438608 _____ (SurfRight B.V.) C:\Users\a\Desktop\HitmanPro_x64.exe
2016-06-30 20:32 - 2016-06-30 20:33 - 11438608 _____ (SurfRight B.V.) C:\Users\a\Downloads\HitmanPro_x64.exe
2016-06-30 20:04 - 2016-06-30 20:05 - 02870984 _____ (ESET) C:\Users\a\Desktop\esetsmartinstaller_deu.exe
2016-06-30 20:03 - 2016-06-30 20:03 - 02870984 _____ (ESET) C:\Users\a\Downloads\esetsmartinstaller_deu.exe
2016-06-30 19:54 - 2016-06-30 19:54 - 00008036 _____ C:\Users\a\Desktop\Fixlog.txt
2016-06-29 21:10 - 2016-06-29 21:11 - 00041533 _____ C:\Users\a\Desktop\Addition.txt
2016-06-29 21:09 - 2016-06-30 20:43 - 00023702 _____ C:\Users\a\Desktop\FRST.txt
2016-06-29 21:06 - 2016-06-29 21:08 - 00007778 _____ C:\Users\a\Desktop\SystemLook.txt
2016-06-29 21:04 - 2016-06-29 21:05 - 00165376 _____ C:\Users\a\Desktop\SystemLook_x64.exe
2016-06-29 20:57 - 2016-06-29 21:01 - 00000000 ____D C:\ProgramData\ProductData
2016-06-29 20:55 - 2016-06-29 20:56 - 00008453 _____ C:\Users\a\Downloads\Fixlog.txt
2016-06-29 20:55 - 2016-06-29 20:55 - 00000000 ____D C:\Users\a\Downloads\FRST-OlderVersion
2016-06-29 20:53 - 2016-06-29 20:52 - 00000994 _____ C:\Fixlist.txt
2016-06-29 18:56 - 2016-06-29 18:56 - 00000000 ____D C:\Users\a\AppData\Roaming\ProductData
2016-06-28 22:28 - 2016-06-28 22:28 - 00001536 _____ C:\Users\a\Desktop\mbam.txt
2016-06-28 22:00 - 2016-06-28 22:00 - 00000675 _____ C:\Users\a\Desktop\JRT.txt
2016-06-28 21:58 - 2016-06-28 21:59 - 01610816 _____ (Malwarebytes) C:\Users\a\Downloads\JRT(1).exe
2016-06-28 21:57 - 2016-06-28 21:57 - 00001179 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-06-28 21:57 - 2016-06-28 21:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-06-28 21:57 - 2016-06-28 21:57 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-06-28 21:57 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-06-28 21:57 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-06-28 21:57 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-06-28 21:56 - 2016-06-28 21:56 - 22851472 _____ (Malwarebytes ) C:\Users\a\Downloads\mbam-setup-2.2.1.1043(1).exe
2016-06-28 21:35 - 2016-06-28 21:36 - 03703360 _____ C:\Users\a\Downloads\AdwCleaner_5.200(1).exe
2016-06-28 21:27 - 2016-06-28 21:29 - 00264780 _____ C:\TDSSKiller.3.1.0.9_28.06.2016_21.27.55_log.txt
2016-06-28 21:27 - 2016-06-28 21:27 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\a\Downloads\tdsskiller.exe
2016-06-28 21:23 - 2016-06-28 22:31 - 00039528 _____ C:\Users\a\Downloads\Addition.txt
2016-06-28 21:22 - 2016-06-30 20:42 - 00000000 ____D C:\FRST
2016-06-28 21:22 - 2016-06-28 22:31 - 00063829 _____ C:\Users\a\Downloads\FRST.txt
2016-06-28 21:21 - 2016-06-29 20:55 - 02390016 _____ (Farbar) C:\Users\a\Desktop\FRST64.exe
2016-06-27 19:57 - 2016-06-30 20:01 - 00000000 ____D C:\Users\a\Desktop\Old Firefox Data
2016-06-27 19:43 - 2016-06-27 19:44 - 01610816 _____ (Malwarebytes) C:\Users\a\Downloads\JRT.exe
2016-06-27 19:39 - 2016-06-27 19:39 - 22851472 _____ (Malwarebytes ) C:\Users\a\Downloads\mbam-setup-2.2.1.1043.exe
2016-06-27 19:29 - 2016-06-28 21:44 - 00000000 ____D C:\AdwCleaner
2016-06-27 19:29 - 2016-06-27 19:29 - 03703360 _____ C:\Users\a\Downloads\AdwCleaner_5.200.exe
2016-06-27 19:24 - 2016-06-27 19:24 - 00000000 ____D C:\Users\a\AppData\Roaming\Avira
2016-06-27 19:21 - 2016-04-04 17:07 - 00146712 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2016-06-27 19:21 - 2016-04-04 17:07 - 00128664 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2016-06-27 19:21 - 2016-04-04 17:07 - 00078208 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2016-06-27 19:21 - 2016-04-04 17:07 - 00035488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2016-06-27 19:20 - 2016-06-27 19:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-06-27 19:20 - 2016-06-27 19:21 - 00000000 ____D C:\ProgramData\Avira
2016-06-27 19:20 - 2016-06-27 19:21 - 00000000 ____D C:\Program Files (x86)\Avira
2016-06-27 19:20 - 2016-06-27 19:20 - 00001291 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2016-06-27 19:11 - 2016-06-27 19:20 - 04657056 _____ (Avira Operations GmbH & Co. KG) C:\Users\a\Downloads\avira_de_av_57715dbc5850b__adw.exe
2016-06-20 19:37 - 2016-06-20 19:37 - 00001827 _____ C:\Users\a\Desktop\Dashlane.lnk
2016-06-20 19:37 - 2016-06-20 19:37 - 00000000 ____D C:\Users\a\AppData\LocalLow\Dashlane
2016-06-20 19:35 - 2016-06-20 19:37 - 00000000 ____D C:\Users\a\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dashlane
2016-06-20 19:35 - 2016-06-20 19:37 - 00000000 ____D C:\Users\a\AppData\Roaming\Dashlane
2016-06-20 19:35 - 2016-06-20 19:36 - 00000000 ____D C:\Program Files (x86)\Dashlane
2016-06-20 19:34 - 2016-06-20 19:34 - 00001254 _____ C:\Users\Public\Desktop\IObit Malware Fighter.lnk
2016-06-20 19:34 - 2016-06-20 19:34 - 00000000 ____D C:\Users\louis\AppData\Roaming\IObit
2016-06-20 19:34 - 2016-06-20 19:34 - 00000000 ____D C:\Users\a\AppData\Roaming\IObit
2016-06-20 19:34 - 2016-06-20 19:34 - 00000000 ____D C:\Users\a\AppData\LocalLow\IObit
2016-06-20 19:34 - 2016-06-20 19:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
2016-06-20 19:33 - 2016-06-20 19:34 - 00000000 ____D C:\ProgramData\IObit
2016-06-20 19:33 - 2016-06-20 19:34 - 00000000 ____D C:\Program Files (x86)\IObit
2016-06-20 19:33 - 2016-06-20 19:33 - 00000000 ____D C:\ProgramData\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705}
2016-06-20 19:21 - 2016-06-20 19:32 - 43739048 _____ (IObit ) C:\Users\a\Downloads\IObit-Malware-Fighter-Setup.exe
2016-06-16 23:03 - 2016-06-16 23:03 - 00048402 _____ C:\Users\a\Downloads\Stellenausschreibung_Brandmeister_2016_langzeit.pdf
2016-06-16 08:20 - 2016-05-28 08:13 - 01401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-06-16 08:20 - 2016-05-28 08:13 - 00046784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-06-16 08:20 - 2016-05-28 07:07 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-06-16 08:20 - 2016-05-28 07:07 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-06-16 08:20 - 2016-05-28 06:58 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-06-16 08:20 - 2016-05-28 06:57 - 01594416 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-06-16 08:20 - 2016-05-28 06:57 - 01372312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-06-16 08:20 - 2016-05-28 06:57 - 00636304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-06-16 08:20 - 2016-05-28 06:57 - 00546456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-06-16 08:20 - 2016-05-28 06:57 - 00316256 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-06-16 08:20 - 2016-05-28 06:35 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
2016-06-16 08:20 - 2016-05-28 06:35 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-06-16 08:20 - 2016-05-28 06:31 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-06-16 08:20 - 2016-05-28 06:29 - 22379008 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-06-16 08:20 - 2016-05-28 06:29 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-06-16 08:20 - 2016-05-28 06:28 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-06-16 08:20 - 2016-05-28 06:27 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-06-16 08:20 - 2016-05-28 06:27 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-06-16 08:20 - 2016-05-28 06:26 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-06-16 08:20 - 2016-05-28 06:26 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-06-16 08:20 - 2016-05-28 06:24 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-06-16 08:20 - 2016-05-28 06:22 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-06-16 08:20 - 2016-05-28 06:22 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-06-16 08:20 - 2016-05-28 06:22 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-06-16 08:20 - 2016-05-28 06:19 - 24605696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-06-16 08:20 - 2016-05-28 06:18 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-06-16 08:20 - 2016-05-28 06:18 - 07977472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-06-16 08:20 - 2016-05-28 06:18 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-06-16 08:20 - 2016-05-28 06:17 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-06-16 08:20 - 2016-05-28 06:15 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-06-16 08:20 - 2016-05-28 06:15 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-06-16 08:20 - 2016-05-28 06:15 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-06-16 08:20 - 2016-05-28 06:14 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-06-16 08:20 - 2016-05-28 06:14 - 00606208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-06-16 08:20 - 2016-05-28 06:14 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-06-16 08:20 - 2016-05-28 06:13 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-06-16 08:20 - 2016-05-28 06:12 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-06-16 08:20 - 2016-05-28 06:11 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-06-16 08:20 - 2016-05-28 06:11 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-06-16 08:20 - 2016-05-28 06:11 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-06-16 08:20 - 2016-05-28 06:08 - 13385728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-06-16 08:20 - 2016-05-28 06:08 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-06-16 08:20 - 2016-05-28 06:06 - 12128256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-06-16 08:20 - 2016-05-28 06:06 - 07200256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-06-16 08:20 - 2016-05-28 06:04 - 06973952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-06-16 08:20 - 2016-05-28 06:03 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-06-16 08:20 - 2016-05-28 06:03 - 02609664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-06-16 08:20 - 2016-05-28 06:00 - 03585536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-06-16 08:20 - 2016-05-28 06:00 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-06-16 08:20 - 2016-05-28 05:58 - 07832576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-06-16 08:20 - 2016-05-28 05:58 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-06-16 08:19 - 2016-05-28 08:13 - 01184960 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-06-16 08:19 - 2016-05-28 08:13 - 00514752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-06-16 08:19 - 2016-05-28 08:13 - 00290496 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-06-16 08:19 - 2016-05-28 08:13 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-06-16 08:19 - 2016-05-28 07:25 - 04268880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2016-06-16 08:19 - 2016-05-28 07:23 - 00388384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
2016-06-16 08:19 - 2016-05-28 07:23 - 00312160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll
2016-06-16 08:19 - 2016-05-28 07:22 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-06-16 08:19 - 2016-05-28 07:22 - 04387680 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2016-06-16 08:19 - 2016-05-28 07:22 - 00428896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2016-06-16 08:19 - 2016-05-28 07:22 - 00211296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2016-06-16 08:19 - 2016-05-28 07:22 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-06-16 08:19 - 2016-05-28 07:20 - 00430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2016-06-16 08:19 - 2016-05-28 07:18 - 00357216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
2016-06-16 08:19 - 2016-05-28 07:09 - 00501600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-06-16 08:19 - 2016-05-28 07:08 - 00693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-06-16 08:19 - 2016-05-28 07:07 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-06-16 08:19 - 2016-05-28 07:07 - 02921880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-06-16 08:19 - 2016-05-28 07:07 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-06-16 08:19 - 2016-05-28 07:07 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-06-16 08:19 - 2016-05-28 07:07 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-06-16 08:19 - 2016-05-28 07:06 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-06-16 08:19 - 2016-05-28 07:06 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-06-16 08:19 - 2016-05-28 07:06 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-06-16 08:19 - 2016-05-28 07:06 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-06-16 08:19 - 2016-05-28 07:06 - 00254656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-06-16 08:19 - 2016-05-28 07:05 - 04515264 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-06-16 08:19 - 2016-05-28 07:04 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-06-16 08:19 - 2016-05-28 07:04 - 00431296 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2016-06-16 08:19 - 2016-05-28 07:04 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2016-06-16 08:19 - 2016-05-28 07:04 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-06-16 08:19 - 2016-05-28 07:04 - 00111064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2016-06-16 08:19 - 2016-05-28 07:04 - 00097096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2016-06-16 08:19 - 2016-05-28 07:03 - 00131248 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2016-06-16 08:19 - 2016-05-28 06:58 - 01996640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-06-16 08:19 - 2016-05-28 06:57 - 02548944 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-06-16 08:19 - 2016-05-28 06:57 - 02195632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-06-16 08:19 - 2016-05-28 06:57 - 00649792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-06-16 08:19 - 2016-05-28 06:57 - 00577376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-06-16 08:19 - 2016-05-28 06:57 - 00521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-06-16 08:19 - 2016-05-28 06:35 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsdport.sys
2016-06-16 08:19 - 2016-05-28 06:31 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe
2016-06-16 08:19 - 2016-05-28 06:31 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-06-16 08:19 - 2016-05-28 06:26 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2016-06-16 08:19 - 2016-05-28 06:25 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-06-16 08:19 - 2016-05-28 06:24 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-06-16 08:19 - 2016-05-28 06:22 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-06-16 08:19 - 2016-05-28 06:22 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2016-06-16 08:19 - 2016-05-28 06:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2016-06-16 08:19 - 2016-05-28 06:22 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptsvc.dll
2016-06-16 08:19 - 2016-05-28 06:21 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrokerLib.dll
2016-06-16 08:19 - 2016-05-28 06:21 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-06-16 08:19 - 2016-05-28 06:20 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-06-16 08:19 - 2016-05-28 06:20 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\polstore.dll
2016-06-16 08:19 - 2016-05-28 06:20 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GnssAdapter.dll
2016-06-16 08:19 - 2016-05-28 06:20 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll
2016-06-16 08:19 - 2016-05-28 06:19 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-06-16 08:19 - 2016-05-28 06:18 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2016-06-16 08:19 - 2016-05-28 06:18 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2016-06-16 08:19 - 2016-05-28 06:18 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPSECSVC.DLL
2016-06-16 08:19 - 2016-05-28 06:18 - 00380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2016-06-16 08:19 - 2016-05-28 06:18 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-06-16 08:19 - 2016-05-28 06:17 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-06-16 08:19 - 2016-05-28 06:17 - 00963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2016-06-16 08:19 - 2016-05-28 06:17 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-06-16 08:19 - 2016-05-28 06:17 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-06-16 08:19 - 2016-05-28 06:16 - 19344384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-06-16 08:19 - 2016-05-28 06:16 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-06-16 08:19 - 2016-05-28 06:16 - 00684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2016-06-16 08:19 - 2016-05-28 06:16 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2016-06-16 08:19 - 2016-05-28 06:16 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-06-16 08:19 - 2016-05-28 06:16 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-06-16 08:19 - 2016-05-28 06:15 - 00794624 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-06-16 08:19 - 2016-05-28 06:15 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2016-06-16 08:19 - 2016-05-28 06:15 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-06-16 08:19 - 2016-05-28 06:14 - 18674176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-06-16 08:19 - 2016-05-28 06:14 - 01716736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-06-16 08:19 - 2016-05-28 06:14 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-06-16 08:19 - 2016-05-28 06:14 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-06-16 08:19 - 2016-05-28 06:14 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-06-16 08:19 - 2016-05-28 06:13 - 00990208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-06-16 08:19 - 2016-05-28 06:13 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-06-16 08:19 - 2016-05-28 06:13 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-06-16 08:19 - 2016-05-28 06:13 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2016-06-16 08:19 - 2016-05-28 06:12 - 00614400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-06-16 08:19 - 2016-05-28 06:12 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2016-06-16 08:19 - 2016-05-28 06:11 - 01445888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-06-16 08:19 - 2016-05-28 06:11 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-06-16 08:19 - 2016-05-28 06:11 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-06-16 08:19 - 2016-05-28 06:11 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-06-16 08:19 - 2016-05-28 06:09 - 01073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-06-16 08:19 - 2016-05-28 06:06 - 01339904 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2016-06-16 08:19 - 2016-05-28 06:05 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-06-16 08:19 - 2016-05-28 06:05 - 03664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-06-16 08:19 - 2016-05-28 06:05 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-06-16 08:19 - 2016-05-28 06:05 - 01797120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-06-16 08:19 - 2016-05-28 06:04 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-06-16 08:19 - 2016-05-28 06:04 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-06-16 08:19 - 2016-05-28 06:03 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-06-16 08:19 - 2016-05-28 06:03 - 01185280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationFramework.dll
2016-06-16 08:19 - 2016-05-28 06:03 - 00693760 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2016-06-16 08:19 - 2016-05-28 06:03 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-06-16 08:19 - 2016-05-28 06:02 - 03590144 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-06-16 08:19 - 2016-05-28 06:02 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-06-16 08:19 - 2016-05-28 06:02 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2016-06-16 08:19 - 2016-05-28 06:01 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-06-16 08:19 - 2016-05-28 06:01 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-06-16 08:19 - 2016-05-28 06:01 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-06-16 08:19 - 2016-05-28 06:00 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-06-16 08:19 - 2016-05-28 06:00 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-06-16 08:19 - 2016-05-28 06:00 - 02230272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-06-16 08:19 - 2016-05-28 06:00 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-06-16 08:19 - 2016-05-28 06:00 - 01730560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-06-16 08:19 - 2016-05-28 06:00 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-06-16 08:19 - 2016-05-28 05:58 - 04896256 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-06-16 08:19 - 2016-05-28 05:58 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-06-16 08:19 - 2016-05-28 05:58 - 02066432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-06-16 08:19 - 2016-05-28 05:57 - 02281472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-06-16 08:19 - 2016-05-28 05:55 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-06-16 08:18 - 2016-05-28 07:16 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-06-16 08:18 - 2016-05-28 07:09 - 00170848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.exe
2016-06-16 08:18 - 2016-05-28 07:09 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-06-16 08:18 - 2016-05-28 07:08 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
2016-06-16 08:18 - 2016-05-28 07:08 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-06-16 08:18 - 2016-05-28 06:29 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2016-06-16 08:18 - 2016-05-28 06:29 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxp.dll
2016-06-16 08:18 - 2016-05-28 06:28 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-06-16 08:18 - 2016-05-28 06:28 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\FwRemoteSvr.dll
2016-06-16 08:18 - 2016-05-28 06:26 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-06-16 08:18 - 2016-05-28 06:26 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2016-06-16 08:18 - 2016-05-28 06:24 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-06-16 08:18 - 2016-05-28 06:24 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Ndu.sys
2016-06-16 08:18 - 2016-05-28 06:24 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-06-16 08:18 - 2016-05-28 06:24 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-06-16 08:18 - 2016-05-28 06:24 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2016-06-16 08:18 - 2016-05-28 06:24 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FwRemoteSvr.dll
2016-06-16 08:18 - 2016-05-28 06:23 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-06-16 08:18 - 2016-05-28 06:23 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2016-06-16 08:18 - 2016-05-28 06:22 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-06-16 08:18 - 2016-05-28 06:22 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-06-16 08:18 - 2016-05-28 06:21 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-06-16 08:18 - 2016-05-28 06:21 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-06-16 08:18 - 2016-05-28 06:20 - 00511488 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
2016-06-16 08:18 - 2016-05-28 06:20 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2016-06-16 08:18 - 2016-05-28 06:20 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2016-06-16 08:18 - 2016-05-28 06:19 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-06-16 08:18 - 2016-05-28 06:19 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-06-16 08:18 - 2016-05-28 06:19 - 00355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2016-06-16 08:18 - 2016-05-28 06:19 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2016-06-16 08:18 - 2016-05-28 06:17 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll
2016-06-16 08:18 - 2016-05-28 06:17 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-06-16 08:18 - 2016-05-28 06:17 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2016-06-16 08:18 - 2016-05-28 06:16 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\polstore.dll
2016-06-16 08:18 - 2016-05-28 06:16 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2016-06-16 08:18 - 2016-05-28 06:15 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2016-06-16 08:18 - 2016-05-28 06:14 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2016-06-16 08:18 - 2016-05-28 06:13 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-06-16 08:18 - 2016-05-28 06:13 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-06-16 08:18 - 2016-05-28 06:13 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-06-16 08:18 - 2016-05-28 06:11 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2016-06-16 08:18 - 2016-05-28 06:02 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-06-16 08:18 - 2016-05-28 06:01 - 00111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-06-16 08:18 - 2016-05-28 06:00 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-06-16 08:18 - 2016-05-28 06:00 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-06-16 08:18 - 2016-05-28 05:59 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-06-16 08:18 - 2016-05-28 05:53 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2016-06-10 17:34 - 2016-06-10 17:34 - 00001486 _____ C:\Users\Public\Desktop\Free Audio CD to MP3 Converter.lnk
2016-06-10 17:34 - 2016-06-10 17:34 - 00001322 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2016-06-10 17:34 - 2016-06-10 17:34 - 00000000 ____D C:\Users\a\Documents\DVDVideoSoft
2016-06-10 17:34 - 2016-06-10 17:34 - 00000000 ____D C:\Users\a\AppData\Roaming\DVDVideoSoft
2016-06-10 17:34 - 2016-06-10 17:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2016-06-10 17:34 - 2016-06-10 17:34 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2016-06-10 17:33 - 2016-06-10 17:34 - 25948496 _____ (DVDVideoSoft Ltd. ) C:\Users\a\Downloads\FreeAudioCDToMP3Converter_1.3.12.1228s.exe
2016-06-10 17:29 - 2016-06-16 07:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-06-10 16:43 - 2016-06-30 19:57 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-06-10 16:42 - 2016-06-10 16:42 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-06-10 16:39 - 2016-06-10 16:40 - 01473544 _____ C:\Users\a\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe
2016-06-08 09:12 - 2016-06-15 22:40 - 00484008 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-06-02 16:46 - 2016-06-02 16:46 - 00000000 _____ C:\autoexec.bat
2016-06-02 16:44 - 2016-06-02 16:44 - 03482800 _____ (Enigma Software Group USA, LLC.) C:\Users\a\Downloads\SpyHunter-Installer.exe
2016-06-02 16:44 - 2016-06-02 16:44 - 00022704 _____ C:\WINDOWS\system32\Drivers\EsgScanner.sys

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-06-30 20:23 - 2016-03-16 18:51 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-06-30 20:06 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-06-30 20:06 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-06-30 19:58 - 2016-02-09 00:38 - 00000000 ___RD C:\Users\a\OneDrive
2016-06-30 19:57 - 2016-03-27 14:05 - 00033280 ___SH C:\Users\a\Desktop\Thumbs.db
2016-06-30 19:57 - 2016-02-09 00:34 - 00000000 __SHD C:\Users\a\IntelGraphicsProfiles
2016-06-30 19:56 - 2016-03-08 14:28 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-06-30 19:55 - 2016-03-08 14:48 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-06-30 19:55 - 2015-10-30 08:28 - 01048576 ___SH C:\WINDOWS\system32\config\BBI
2016-06-30 19:48 - 2016-02-23 18:23 - 00004164 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{D4391977-0E1E-455B-ADAD-1CFD3B6AC71D}
2016-06-29 20:55 - 2016-02-26 11:47 - 00000000 ____D C:\Users\a\AppData\LocalLow\Temp
2016-06-29 20:55 - 2015-09-20 05:15 - 00000000 ____D C:\Program Files (x86)\Amazon
2016-06-27 22:46 - 2016-02-27 21:42 - 00000000 ____D C:\Users\a\AppData\Local\CrashDumps
2016-06-27 20:58 - 2016-05-21 11:44 - 00000000 ___HD C:\OneDriveTemp
2016-06-27 20:57 - 2015-07-16 05:34 - 00000000 ____D C:\ProgramData\McAfee
2016-06-27 20:54 - 2015-10-30 09:24 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-06-27 20:54 - 2015-10-30 08:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-06-27 20:54 - 2015-07-10 11:05 - 00000000 ____D C:\Users\Default.migrated
2016-06-27 19:32 - 2016-05-11 18:22 - 00000000 ____D C:\Users\a\AppData\Roaming\Lavasoft
2016-06-27 19:32 - 2016-05-11 18:22 - 00000000 ____D C:\ProgramData\Lavasoft
2016-06-27 19:32 - 2016-05-11 18:22 - 00000000 ____D C:\Program Files (x86)\Lavasoft
2016-06-27 19:20 - 2015-09-20 04:53 - 00000000 ____D C:\ProgramData\Package Cache
2016-06-27 18:58 - 2016-03-08 14:31 - 00000000 ____D C:\Users\a
2016-06-27 18:58 - 2016-02-27 11:34 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-06-27 18:58 - 2016-02-27 11:34 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-06-27 18:57 - 2016-03-08 14:31 - 00000000 ____D C:\Users\louis
2016-06-27 18:36 - 2015-10-30 09:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-06-27 18:30 - 2015-09-20 04:48 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-06-27 18:29 - 2015-07-16 05:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2016-06-27 18:23 - 2016-02-09 00:37 - 00000000 ____D C:\Users\a\AppData\Local\clear.fi
2016-06-26 17:47 - 2016-02-27 11:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-06-21 14:19 - 2015-10-30 20:35 - 00776766 _____ C:\WINDOWS\system32\perfh007.dat
2016-06-21 14:19 - 2015-10-30 20:35 - 00155544 _____ C:\WINDOWS\system32\perfc007.dat
2016-06-21 14:19 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-06-21 14:19 - 2015-07-16 05:31 - 01799166 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-06-20 20:15 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-06-20 14:25 - 2016-02-24 21:10 - 00000000 ____D C:\Users\louis\AppData\Local\CrashDumps
2016-06-20 13:51 - 2016-02-23 19:12 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-06-20 13:45 - 2016-02-23 19:12 - 142482544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-06-20 13:43 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-06-20 13:35 - 2016-02-23 20:32 - 00000000 __SHD C:\Users\louis\IntelGraphicsProfiles
2016-06-20 13:35 - 2015-07-16 05:28 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-06-16 19:57 - 2016-03-08 14:23 - 00364912 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-06-16 19:55 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-06-16 19:55 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-06-16 19:54 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-06-16 07:38 - 2015-07-16 05:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-06-14 20:33 - 2015-10-30 09:26 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-06-14 20:33 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-10 17:24 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\TAPI
2016-06-10 17:18 - 2016-03-08 14:31 - 00000000 ____D C:\Users\jbeur
2016-06-06 11:00 - 2016-02-27 11:27 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-03-08 14:28 - 2016-03-08 14:28 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
C:\Users\a\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-06-27 19:16

==================== Ende von FRST.txt ============================

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 29-06-2016
durchgeführt von a (2016-06-30 20:43:45)
Gestartet von C:\Users\a\Desktop
Windows 10 Home Version 1511 (X64) (2016-03-08 12:56:25)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

a (S-1-5-21-1723475428-3538683685-1902373366-1001 - Administrator - Enabled) => C:\Users\a
Administrator (S-1-5-21-1723475428-3538683685-1902373366-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1723475428-3538683685-1902373366-503 - Limited - Disabled)
Gast (S-1-5-21-1723475428-3538683685-1902373366-501 - Limited - Disabled)
jbeur (S-1-5-21-1723475428-3538683685-1902373366-1004 - Limited - Enabled) => C:\Users\jbeur
louis (S-1-5-21-1723475428-3538683685-1902373366-1003 - Limited - Enabled) => C:\Users\louis

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: IObit Malware Fighter (Disabled - Out of date) {4D381C57-3C7A-6F22-07EB-639F49E836D4}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: IObit Malware Fighter (Enabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

12 Labours of Hercules III: Girl Power (x32 Version: 3.0.2.118 - WildTangent) Hidden
7-Zip 16.00 (HKLM-x32\...\7-Zip) (Version: 16.00 - Igor Pavlov)
abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.09.2001 - Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.02.2001 - Acer Incorporated)
abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.03.2003 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.07.2003.0 - Acer Incorporated)
Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3005 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3001 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.10.2001 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8109 - Acer Incorporated)
Acer Quick Access (HKLM\...\{E3678E72-78E3-4F91-A9FB-913876FF6DA2}) (Version: 2.00.3005 - Acer Incorporated)
Acer UEIP Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 2.01.3002 - Acer Incorporated)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated)
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.17.2002.1 - Acer Incorporated)
App Explorer (HKU\S-1-5-21-1723475428-3538683685-1902373366-1003\...\Host App Service) (Version: 0.271.1.403 - SweetLabs)
App Explorer (HKU\S-1-5-21-1723475428-3538683685-1902373366-1004\...\Host App Service) (Version: 0.271.1.333 - SweetLabs)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{691F30EB-9009-475A-B8A9-E1BF39598FD5}) (Version: 4.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Avast SecureLine (HKLM\...\{2CD3C92F-EDC5-4B02-9B0A-9C1D37C58EF5}_is1) (Version: 1.0.239.4 - AVAST Software)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.17.273 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{3d9e0476-943f-4962-99dc-b9c937a43840}) (Version: 1.1.65.9690 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.65.9690 - Avira Operations GmbH & Co. KG) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5427.02 - CyberLink Corp.)
Dashlane (HKU\S-1-5-21-1723475428-3538683685-1902373366-1001\...\Dashlane) (Version: 4.5.0.13208 - Dashlane SAS)
Dino Storm (x32 Version: 13.0.0.6 - WildTangent) Hidden
DriverSetupUtility (HKLM\...\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}) (Version: 1.00.3011 - Acer Incorporated)
eBay Worldwide (HKLM-x32\...\{3DC26EA7-03E3-4353-9424-EEB7A34A7504}) (Version: 2.5.0427 - OEM)
ELAN HIDI2C Filter Driver X64 13.6.3.1_WHQL (HKLM\...\Elantech) (Version: 13.6.3.1 - ELAN Microelectronic Corp.)
Fitbit Connect (HKLM-x32\...\{F5A49DF0-A632-4E7E-BD87-59701449DE0F}) (Version: 2.0.1.6742 - Fitbit Inc.)
Foxit PhantomPDF (HKLM-x32\...\{A4023BDF-82D5-412D-9D58-8C2819EBFE2E}) (Version: 7.0.410.326 - Foxit Software Inc.)
Free Audio CD to MP3 Converter (HKLM-x32\...\Free Audio CD to MP3 Converter_is1) (Version: 1.3.12.1228 - DVDVideoSoft Ltd.)
Game Explorer Categories - genres (HKLM-x32\...\WildTangentGameProvider-acer-genres) (Version: 13.0.0.6 - WildTangent, Inc.)
Game Explorer Categories - main (HKLM-x32\...\WildTangentGameProvider-acer-main) (Version: 13.0.0.6 - WildTangent, Inc.)
Home Makeover (x32 Version: 3.0.2.59 - WildTangent) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1156 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4248 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.253.0 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{F352BFBE-5960-48EC-B189-7F744B2991F3}) (Version: 17.1.1527.1534 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.1.1.8 - Intel(R) Corporation) Hidden
Intel® PROSet/Wireless Software (HKLM-x32\...\{d9e230c1-06bb-4b78-a9f1-c1ddce14e6fc}) (Version: 18.11.0 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
IObit Malware Fighter 4 (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 4.2 - IObit)
iTunes (HKLM\...\{FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E}) (Version: 12.3.2.35 - Apple Inc.)
Jewel Match 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Jewel Match Snowscapes (x32 Version: 3.0.2.118 - WildTangent) Hidden
Magic Academy (x32 Version: 2.2.0.97 - WildTangent) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.6965.2058 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 47.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 47.0 (x86 en-US)) (Version: 47.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.0.5999 - Mozilla)
NVIDIA GeForce Experience 2.4.5.57 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.57 - NVIDIA Corporation)
NVIDIA Grafiktreiber 353.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.54 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6925.1018 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6925.1018 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6925.1018 - Microsoft Corporation) Hidden
OnlineFotoservice (HKLM-x32\...\OnlineFotoservice) (Version: 6.1.3 - CEWE Stiftung u Co. KGaA)
Polar Bowler 1st Frame (x32 Version: 3.0.2.59 - WildTangent) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.31213 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7553 - Realtek Semiconductor Corp.)
Rory's Restaurant (x32 Version: 3.0.2.126 - WildTangent) Hidden
Runefall (x32 Version: 3.0.2.126 - WildTangent) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.5.57 - NVIDIA Corporation) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Vegas World (x32 Version: 13.0.0.6 - WildTangent) Hidden
Villagers and Heroes (x32 Version: 13.0.0.6 - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.11.16 - WildTangent) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1723475428-3538683685-1902373366-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\a\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {00B5DA24-A9F6-439F-9165-FDE6B289C94B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-06-10] (Microsoft Corporation)
Task: {159B32EE-BE2F-4015-9839-812F4C73359B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {3B3B0D22-F0BD-44B4-AF70-77195BE5A064} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-13] (TODO: <Company name>)
Task: {4AB3798A-A883-4A8E-83BC-AFAF82A6607E} - System32\Tasks\Power Button => C:\Program Files\Acer\Acer Power Management\ePowerButton_NB.exe [2015-05-14] (Acer Incorporated)
Task: {4F9F0D7E-237B-46EA-B3C0-2EC8D2E02F3B} - System32\Tasks\abDocsDllLoader => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe [2015-11-23] ()
Task: {644DD111-74F2-41F9-91D1-0DBF73397DF9} - System32\Tasks\avast! SL Update => C:\Program Files\AVAST Software\SecureLine\SLUpdate.exe [2016-03-08] (AVAST Software)
Task: {6637C9EC-F17C-4174-AA2E-E84441854F62} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-06-10] (Microsoft Corporation)
Task: {748C56D9-D949-423A-BAD8-FA08023868C5} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2015-07-09] (Acer Incorporated)
Task: {91F9D2B6-9405-4B55-8297-BF24C7AD5C78} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2015-07-10] ()
Task: {990840B6-1D29-4796-8B6E-5633AB46887E} - System32\Tasks\Avast SecureLine => C:\Program Files\AVAST Software\SecureLine\SecureLine.exe [2016-05-27] (AVAST Software)
Task: {A2696E75-60A9-4460-BE5C-B78754F9281A} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2016-04-18] (Acer Incorporated)
Task: {A4A7AE22-A83E-4259-8E75-C73921CC01FB} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-06-19] (Adobe Systems Incorporated)
Task: {A56974CF-9CCC-4E57-9AA9-E2FF709695B7} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-06-20] (Microsoft Corporation)
Task: {AA194137-E3A1-43A2-9575-B41637D21E99} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2015-05-14] (Acer Incorporated)
Task: {B5EB7928-22D4-4286-BB54-397920C08268} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2016-04-20] (Acer)
Task: {CAD2B80F-4334-499A-9A94-54F196810E9F} - System32\Tasks\FUBTrackingByPLD => C:\OEM\Preload\FubTracking\FubTracking.exe [2015-05-14] ()
Task: {CD6F702C-470B-4241-8589-E1071B89BA8F} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [2015-07-10] ()
Task: {DC0657DA-2CD4-4D26-9C1A-220624452D10} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2015-07-09] (Acer Incorporated)
Task: {E02B5105-EEF3-499C-83D1-F8D59078D5A0} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-06-10] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-03-08 14:28 - 2015-07-13 19:37 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-12-17 19:38 - 2015-12-17 19:38 - 00085800 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-12-17 19:38 - 2015-12-17 19:38 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-05-27 12:29 - 2016-05-27 12:29 - 00592392 _____ () C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
2016-04-13 18:23 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-13 18:23 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-05-21 11:42 - 2016-05-21 11:42 - 00959168 _____ () C:\Users\a\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2015-07-16 05:41 - 2015-05-08 19:41 - 00111872 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2016-04-19 19:37 - 2016-04-19 19:37 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-02-23 18:21 - 2016-02-23 18:21 - 00415128 _____ () C:\WINDOWS\system32\igfxTray.exe
2016-03-08 14:19 - 2016-03-08 14:19 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-05-11 18:20 - 2016-04-23 06:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-06-16 08:20 - 2016-05-28 05:59 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-06-16 08:20 - 2016-05-28 05:53 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-06-16 08:20 - 2016-05-28 05:54 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-06-16 08:20 - 2016-05-28 05:56 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-06-20 19:37 - 2016-06-03 11:46 - 00227200 _____ () C:\Users\a\AppData\Roaming\Dashlane\Dashlane.exe
2015-11-23 19:44 - 2015-11-23 19:44 - 01769312 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
2015-09-20 06:02 - 2015-05-14 09:10 - 00030976 _____ () C:\OEM\Preload\FubTracking\FubTracking.exe
2016-06-20 19:36 - 2016-06-03 11:46 - 00286080 _____ () C:\Users\a\AppData\Roaming\Dashlane\DashlanePlugin.exe
2015-07-10 12:38 - 2015-07-10 12:38 - 04580704 _____ () C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
2016-06-10 17:34 - 2016-03-21 14:47 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2016-06-10 17:34 - 2016-03-21 14:47 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll
2016-06-10 17:34 - 2016-03-21 14:47 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll
2016-06-10 17:34 - 2016-03-21 14:47 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2016-06-10 17:34 - 2016-03-21 14:47 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2016-06-10 17:34 - 2016-03-21 14:47 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2016-06-20 19:34 - 2016-03-31 17:57 - 00625440 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2016-04-19 19:37 - 2016-04-19 19:37 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-19 19:37 - 2016-04-19 19:37 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2015-09-20 05:10 - 2015-06-23 22:37 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-05-21 11:42 - 2016-05-21 11:42 - 00679624 _____ () C:\Users\a\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll
2014-12-11 18:40 - 2014-12-11 18:40 - 40622592 ____R () C:\Program Files (x86)\Fitbit Connect\libcef.dll
2015-07-16 05:41 - 2015-05-08 19:41 - 00090368 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext.dll
2016-06-20 19:36 - 2016-06-03 11:43 - 00347520 _____ () C:\Users\a\AppData\Roaming\Dashlane\4.5.0.13208\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWDebugDll_win32.4.5.0.13208.dll
2016-06-20 19:36 - 2016-06-03 11:43 - 00436608 _____ () C:\Users\a\AppData\Roaming\Dashlane\4.5.0.13208\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWDebug.4.5.0.13208.dll
2016-06-20 19:36 - 2016-06-03 11:43 - 00469376 _____ () C:\Users\a\AppData\Roaming\Dashlane\4.5.0.13208\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWUtils.4.5.0.13208.dll
2016-06-20 19:36 - 2016-06-03 11:43 - 63070592 _____ () C:\Users\a\AppData\Roaming\Dashlane\4.5.0.13208\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWExternLib.4.5.0.13208.dll
2016-06-20 19:36 - 2016-06-03 11:43 - 00299392 _____ () C:\Users\a\AppData\Roaming\Dashlane\4.5.0.13208\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWMainLib_win.4.5.0.13208.dll
2016-06-20 19:36 - 2016-06-03 11:43 - 06254464 _____ () C:\Users\a\AppData\Roaming\Dashlane\4.5.0.13208\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWData.4.5.0.13208.dll
2016-06-20 19:36 - 2016-06-03 11:43 - 07393664 _____ () C:\Users\a\AppData\Roaming\Dashlane\4.5.0.13208\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWApplication.4.5.0.13208.dll
2016-06-20 19:34 - 2016-03-31 17:57 - 00899872 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\webres.dll
2016-06-20 19:34 - 2016-03-31 17:57 - 00188704 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\unrar.dll
2016-06-20 19:34 - 2016-03-31 17:57 - 00151840 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\zlibwapi.dll
2016-06-20 19:34 - 2016-03-31 17:57 - 00625440 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\ProductStatistics.dll
2016-06-20 19:36 - 2016-06-03 11:43 - 13624192 _____ () C:\Users\a\AppData\Roaming\Dashlane\4.5.0.13208\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWMainLib.4.5.0.13208.dll
2016-06-20 19:36 - 2016-06-03 11:43 - 02284928 _____ () C:\Users\a\AppData\Roaming\Dashlane\4.5.0.13208\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWMainLibData.4.5.0.13208.dll
2016-06-20 19:36 - 2016-06-03 11:43 - 00353664 _____ () C:\Users\a\AppData\Roaming\Dashlane\4.5.0.13208\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\Kwift_DP.4.5.0.13208.dll
2016-06-20 19:34 - 2016-03-31 17:57 - 00355616 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madExcept_.bpl
2016-06-20 19:34 - 2016-03-31 17:57 - 00190240 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madBasic_.bpl
2016-06-20 19:34 - 2016-03-31 17:57 - 00057632 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madDisAsm_.bpl
2015-07-06 20:36 - 2015-07-06 20:36 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-05-16 11:02 - 2016-05-16 11:02 - 00202456 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll
2016-05-16 11:04 - 2016-05-16 11:04 - 00654000 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll
2016-05-16 11:04 - 2016-05-16 11:04 - 00641240 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll
2016-05-16 11:03 - 2016-05-16 11:03 - 00119000 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll
2016-04-27 06:40 - 2016-04-27 06:40 - 00015064 _____ () C:\WINDOWS\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2016-04-18 16:13 - 2016-04-18 16:13 - 00013016 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
2016-04-18 16:11 - 2016-04-18 16:11 - 00277856 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll
2016-04-20 14:57 - 2016-04-20 14:57 - 00194048 _____ () C:\Program Files (x86)\Acer\Acer Portal\curllib.dll
2016-04-20 14:57 - 2016-04-20 14:57 - 00110592 _____ () C:\Program Files (x86)\Acer\Acer Portal\OpenLDAP.dll
2016-05-27 12:33 - 2016-05-27 12:33 - 38907672 _____ () C:\Program Files\AVAST Software\SecureLine\libcef.dll
2016-06-30 19:51 - 2016-06-30 19:51 - 00964096 _____ () C:\Program Files\WindowsApps\Microsoft.BingFinance_4.11.156.0_x86__8wekyb3d8bbwe\SQLite3Wrapper.dll
2016-02-11 14:00 - 2016-02-11 14:00 - 00645120 _____ () C:\Program Files\WindowsApps\Microsoft.BingFinance_4.11.156.0_x86__8wekyb3d8bbwe\Microsoft.Aria.ClientTelemetry.dll
2016-06-29 18:59 - 2016-06-29 18:59 - 03311000 _____ () C:\Program Files\WindowsApps\Microsoft.BingFinance_4.11.156.0_x86__8wekyb3d8bbwe\Microsoft.Advertising.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-1723475428-3538683685-1902373366-1001\...\amazon.de -> amazon.de
IE trusted site: HKU\S-1-5-21-1723475428-3538683685-1902373366-1001\...\localhost -> localhost

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2015-07-10 13:04 - 2016-06-27 19:07 - 00000832 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1723475428-3538683685-1902373366-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
HKU\S-1-5-21-1723475428-3538683685-1902373366-1003\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Acer01.jpg
HKU\S-1-5-21-1723475428-3538683685-1902373366-1004\Control Panel\Desktop\\Wallpaper -> C:\Users\jbeur\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\acer01.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{984496EB-FF9E-47FE-89E1-C623DC2E34A8}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{BD854089-0D5F-4A7E-8A42-C09F63C3D1B5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{48264247-6BBD-4D33-9577-C121F9587C53}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{DE2C11A4-6F8E-4E83-98A4-F80B0367EB34}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E43E4FEC-CEC4-4D24-8C5B-F14AF883023D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{07CB66BD-7B48-48E2-8AA3-67028ECD10A1}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{68496DA1-FDB3-48C2-B83F-C69993C81201}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{06D00A1E-88C9-430D-BC23-8E2935DC8C45}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{67E00604-5860-41C5-979B-280684AEB3B7}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{18E0AAC4-7E92-4E87-882B-2922F9E77555}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{401D33D9-C483-4A8F-B4DE-681285D9F3CA}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{BF238560-2054-4610-A933-D37BBC61E342}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{541FCBE3-72B5-421D-8C83-416408B72FBE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{5A2A1D26-526F-445A-9E56-195BDD5A64E4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A0E298A9-C708-4900-B022-E8F20F8CA79D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{40BBC3FA-73A2-450E-A45B-FAFD8B4E3F4C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{CA3177F4-DDA9-4941-BD10-BB976BE74B1F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{E744BB56-BEFF-4964-998D-539971FAB3AC}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{1B9D0A36-6AAB-4CC3-8886-519D02528162}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{7456B177-F3A4-4680-BA3F-C029A641E7C8}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{EC3208F3-2858-4033-948B-9FC0C05D4036}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{030AD213-B01A-4478-8883-98ACC90362D1}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{AC4F09D0-A1A1-491B-A6C8-7B850DA5B4AB}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{8A51B2ED-B3C9-491A-9BE7-0BF196CCC4FB}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{90DCACF2-AD29-4E57-BC3B-9517855EA057}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{77047FE5-5BE3-46C4-9880-2EDCA9AD130E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{79335C2F-97B2-40AA-8478-EC22FE191C2F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Wiederherstellungspunkte =========================

27-06-2016 19:45:02 JRT Pre-Junkware Removal
28-06-2016 21:59:19 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (06/30/2016 08:33:11 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (06/30/2016 08:28:42 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (06/30/2016 08:22:13 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (06/30/2016 08:09:05 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (06/30/2016 08:06:27 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (06/30/2016 08:06:09 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073415161

Error: (06/30/2016 08:05:43 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (06/30/2016 08:05:42 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (06/30/2016 08:05:35 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (06/30/2016 08:05:34 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.


Systemfehler:
=============
Error: (06/30/2016 08:11:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275 = Der Treiber konnte nicht geladen werden.


Error: (06/30/2016 08:11:54 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\a\AppData\Local\Temp\ehdrv.sys

Error: (06/30/2016 08:11:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275 = Der Treiber konnte nicht geladen werden.


Error: (06/30/2016 08:11:53 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\a\AppData\Local\Temp\ehdrv.sys

Error: (06/30/2016 08:11:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275 = Der Treiber konnte nicht geladen werden.


Error: (06/30/2016 08:11:53 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\a\AppData\Local\Temp\ehdrv.sys

Error: (06/30/2016 08:08:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275 = Der Treiber konnte nicht geladen werden.


Error: (06/30/2016 08:08:18 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\a\AppData\Local\Temp\ehdrv.sys

Error: (06/30/2016 08:08:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275 = Der Treiber konnte nicht geladen werden.


Error: (06/30/2016 08:08:17 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\a\AppData\Local\Temp\ehdrv.sys


CodeIntegrity:
===================================
  Date: 2016-06-27 18:32:11.229
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-21 14:13:03.906
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-20 19:26:30.022
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-06-20 19:26:30.005
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-06-20 19:26:29.983
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-06-20 19:26:29.409
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-06-20 19:26:29.315
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-06-20 19:05:30.768
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-20 18:40:31.806
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-06-20 18:40:15.023
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i3-5005U CPU @ 2.00GHz
Prozentuale Nutzung des RAM: 35%
Installierter physikalischer RAM: 8106.45 MB
Verfügbarer physikalischer RAM: 5246.75 MB
Summe virtueller Speicher: 9386.45 MB
Verfügbarer virtueller Speicher: 5906.09 MB

==================== Laufwerke ================================

Drive c: (Acer) (Fixed) (Total:930.91 GB) (Free:856.85 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 449E0580)

Partition: GPT.

==================== Ende von Addition.txt ============================

Habe immer noch die hp.myway.com Dezipper Startseite

M-K-D-B · 01.07.2016, 20:42

Servus,

bitte poste mir noch die Logdatei von HitmanPro.

Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

start
CloseProcesses:
FF Extension: Amazon Assistant for Firefox - C:\Users\a\AppData\Roaming\Mozilla\Firefox\Profiles\xvaojssf.default-1467309680984\Extensions\abb@amazon.com.xpi [2016-06-30]
FF Homepage: hxxp://hp.myway.com/dezipper/ttab02/index.html?coId=d8d6c3c3cfce4c86ad9cd51a6dcd257f&subId=undefined&ln=en&n=782a7fa2&ptb=BDE45665-BA80-4F96-868B-A7EA633B6BBC&st=tab&p2=%5EBXL%5Exdm011%5ETTAB02%5Ede&si=undefined
Reboot:
end

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Schritt 2

Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Bitte poste mit deiner nächsten Antwort

die Logdatei des FRST-Fix,
die beiden neuen Logdateien von FRST.

29.06.2016, 16:29	#9
M-K-D-B /// TB-Ausbilder	Dezipper Startseite Servus, es fehlen: - Die Logdatei von JRT - Die Beantwortung der Frage

Dezipper Startseite

Plagegeister aller Art und deren Bekämpfung: Dezipper Startseite