| 19luigi96 | 06.05.2016 20:44 |
ADDITION.txt: Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:06-05-2016 03
durchgeführt von 19luigi96 (2016-05-06 21:14:23)
Gestartet von D:\Downloads
Windows 10 Home Version 1511 (X64) (2015-12-22 17:41:17)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
19luigi96 (S-1-5-21-1020560147-1002730045-4244577835-1001 - Administrator - Enabled) => C:\Users\19luigi96
Administrator (S-1-5-21-1020560147-1002730045-4244577835-500 - Administrator - Disabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-1020560147-1002730045-4244577835-503 - Limited - Disabled)
Gast (S-1-5-21-1020560147-1002730045-4244577835-501 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 9.38 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0938-000001000000}) (Version: 9.38.00.0 - Igor Pavlov)
A1 Servicecenter (HKLM-x32\...\A1 Servicecenter) (Version: 9.15.2.1548 - A1 Telekom Austria AG)
abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.00.3002 - Acer Incorporated)
abMedia (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.05.2004.3 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.00.2005.6 - Acer Incorporated)
Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3016 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8107 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8105 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3016.0 - Acer Incorporated)
Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.02.3004 - Acer Incorporated)
Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.02.3004 - Acer Incorporated)
Acer Video Player (HKLM-x32\...\{B6846F20-4821-11E3-8F96-0800200C9A66}) (Version: 1.00.2005.0 - Acer Incorporated)
Aerosoft's - Airbus A318-A319 - FSX (HKLM-x32\...\Airbus A318-A319 - FSX) (Version: 1.10 - Aerosoft)
Aerosoft's - Airbus A320-A321 - FSX (HKLM-x32\...\Airbus A320-A321 - FSX) (Version: 1.10 - Aerosoft)
aerosoft's - German Airports 3 X - FSX (HKLM-x32\...\{6360C5E9-2842-4213-88B9-47D814FAAD54}) (Version: 1.01 - aerosoft)
Airbus A340 Mega Package Vol 1 FSX & P3D (HKLM\...\{F9690B9F-BF8C-4369-B054-E35EB1399EBC}) (Version: 1 - Luis Quintero, Thomas Ruth (and his team))
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.01.2008.3 - Acer Incorporated)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom NetLink Controller (HKLM\...\{7FBA83D7-D58E-4B70-9B9B-12E95B183B22}) (Version: 16.6.1.3 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.15 - Piriform)
Cities In Motion (HKLM-x32\...\{15FA5ED6-2F98-4B5E-AF0B-18E5F4723FAD}_is1) (Version: - )
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4917 - CyberLink Corp.)
CyberLink Power Media Player 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3.4218 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.4220 - CyberLink Corp.)
Desk Pilot 1.4.3(Free) (HKLM-x32\...\Desk Pilot 1.4.3(Free)) (Version: - )
Digitale Schulbücher (HKLM-x32\...\{DE24A5DA-8CE2-4BF8-AE5E-125FBC70BE9B}) (Version: 1.1.0.65 - VBM Service GmbH)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.6.3.1 - Dolby Laboratories Inc)
DraftSight 2016 SP0 x64 (HKLM\...\{78F7D38E-85AE-42B8-B3A2-F935AF8B64D1}) (Version: 16.0.4061 - Dassault Systemes)
Foxit PhantomPDF (HKLM-x32\...\{2DF18CA8-86F2-4F3A-A1BF-A2A7D39B9161}) (Version: 7.0.49.127 - Foxit Software Inc.)
FsPassengersX for Microsoft Flight Simulator X (HKLM-x32\...\FsPassengersX) (Version: 20160123 - SecondReality Software)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.94 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
HappyFoto-Designer 5.4 (HKLM-x32\...\HappyFoto-Designer_is1) (Version: - )
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet Pro 8620 - Grundlegende Software für das Gerät (HKLM\...\{F6CE08BC-6929-412E-BB42-A9A7CD9721D7}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
HP Officejet Pro 8620 Hilfe (HKLM-x32\...\{F8E43C63-DFF2-4134-A46C-2A6F00517A35}) (Version: 32.0.0 - Hewlett Packard)
HP Support Assistant (HKLM-x32\...\{61EB474B-67A6-47F4-B1B7-386851BAB3D0}) (Version: 8.2.8.25 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{8F1A441E-AD6D-4732-BD6A-F38D5F1D1E47}) (Version: 12.2.8.17 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.0.1168 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4248 - Intel Corporation)
Intel(R) Technology Access (HKLM-x32\...\{1709a432-4aab-4ad0-870d-ff74abc41bdd}) (Version: 1.9.0.1021 - Intel Corporation)
Intel(R) Technology Access Software Asset Manager (x32 Version: 3.1.814 - Intel Corporation) Hidden
Intel(R) Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.20 - Intel(R) Corporation) Hidden
Intel® PROSet/Wireless Software (HKLM-x32\...\{7991b5ae-96d7-4df2-97fb-a605b7cb638b}) (Version: 17.12.0 - Intel Corporation)
Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden
KlausTrial (HKLM-x32\...\{DB2AC811-5937-43CE-B538-46EBD6F0CAC4}) (Version: 1.00.0000 - Naturalsoft)
Letasoft Sound Booster Version 1.2 (HKLM-x32\...\{6C6CF38B-11DD-45C6-A15E-A3A0C4CE60F8}_is1) (Version: 1.2 - Letasoft LLC)
LG PC Suite (HKLM-x32\...\LG PC Suite) (Version: 5.3.24.20150327 - LG Electronics)
LG United Mobile Drivers (HKLM-x32\...\{2D5218EB-6992-46E3-8ECE-76C79AB955CE}) (Version: 3.13.2.0 - LG Electronics)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.422 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.422 - LogMeIn, Inc.) Hidden
Majestic Dash8 Q400 (HKLM-x32\...\Majestic Dash8 Q400v1.013) (Version: v1.013 - Majestic Software)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Flight Simulator SimConnect Client v10.0.60905.0 (HKLM-x32\...\{D1AC9B0B-2727-4811-91DC-1FC3C4E47A9B}) (Version: 10.0.60905.0 - Microsoft Corporation)
Microsoft Flight Simulator SimConnect Client v10.0.61242.0 (HKLM-x32\...\{85DF6786-66AA-42EE-8616-AE456B07BD99}) (Version: 10.0.61242.0 - Microsoft Corporation)
Microsoft Flight Simulator SimConnect Client v10.0.61259.0 (HKLM-x32\...\{D61CA184-3F6D-4A50-B2CC-7A18447D6A8D}) (Version: 10.0.61259.0 - Microsoft Corporation)
Microsoft Flight Simulator X Service Pack 2 (HKLM-x32\...\{E7CC4B85-DC2F-463F-8FEB-E7398E25C19A}) (Version: 10.0.61472.0 - Microsoft Game Studios)
Microsoft Office 2003 Web Components (HKLM-x32\...\{90120000-00A4-0409-0000-0000000FF1CE}) (Version: 12.0.6213.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office PowerPoint 2003 Template Pack 3 (HKLM-x32\...\{90AD0407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d491dd9d-2eda-4d75-b504-1a201436e7fd}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU) (Version: - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.8.2 - Notepad++ Team)
NVIDIA GeForce Experience 2.11.2.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.2.66 - NVIDIA Corporation)
NVIDIA Grafiktreiber 365.10 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 365.10 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 9.0.14.2148 - Electronic Arts, Inc.)
PMDG 737 6700 NGX Expansion FSX (HKLM-x32\...\{C7EE862A-D83D-4A9F-B746-CBDE39BD7001}) (Version: 1.10.6436 - PMDG Simulations, LLC.)
PMDG 737 8900 NGX Base Package FSX (HKLM-x32\...\{20708FD5-E94D-4097-A21E-E28564CDBC06}) (Version: 1.10.6436 - PMDG Simulations, LLC.)
PMDG 777-200LR/F Base Package FSX (HKLM-x32\...\{0F16340B-5B5B-4531-8D87-4952E3BCA6E6}) (Version: 1.00.5376 - PMDG Simulations, LLC.)
POSKY Boeing 757-300 Thomas Cook FSX (HKLM\...\{2C00E146-C9E9-4EC7-9193-72CD7F8BE1C9}) (Version: - Project OpenSky)
Qualcomm Atheros 61x4 Wireless LAN&Bluetooth Installer (HKLM-x32\...\{3241744A-BA36-41F0-B4AA-EF3946D00632}) (Version: 11.0.0.619A - Qualcomm Atheros)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.322 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.33 - Qualcomm Atheros)
RAAS Professional by FS2Crew (LOCKED) (HKLM-x32\...\RAAS Professional by FS2Crew (LOCKED)) (Version: - )
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.39059 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7260 - Realtek Semiconductor Corp.)
SarahTrial (HKLM-x32\...\{A4FC4084-580D-4548-9803-A9B2EE3C1E26}) (Version: 1.00.0000 - Naturalsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.2.66 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Skype™ 7.21 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.21.100 - Skype Technologies S.A.)
SOLIDWORKS 2015 x64 Edition SP02.1 (HKLM-x32\...\SolidWorks Installation Manager 20150-40201-1100-100) (Version: 23.2.1.1 - SolidWorks Corporation)
SOLIDWORKS 2015 x64 Edition SP02.1 (Version: 23.121.1 - Dassault Systemes SolidWorks Corp) Hidden
SOLIDWORKS 2015 x64 German Resources (Version: 23.121.1 - Dassault Systèmes SolidWorks Corp) Hidden
SOLIDWORKS Composer Player 2015 SP02.1 x64 Edition (Version: 23.21.1 - Dassault Systèmes SolidWorks Corp) Hidden
SOLIDWORKS eDrawings 2015 x64 Edition SP02.1 (Version: 15.2.0033 - Dassault Systèmes SolidWorks Corp) Hidden
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.6.81.gd359a796 - Spotify AB)
Studie zur Verbesserung von HP Officejet Pro 8620 (HKLM\...\{825BC9A9-A005-4FDB-BDE9-A4F2DF69C3B7}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
TDS Boeing 737-700 AA FSX & P3D (HKLM\...\{E07401D2-F2F3-43A9-A2D4-69CBC4E646EA}) (Version: 1 - TDS, Alejandro Rojas Lucena, repaint by G Catena, repack by Chris Evans)
TI-Nspire™ Computer Link (HKLM-x32\...\{6C5AC088-3136-4043-8985-8B0772A9580E}) (Version: 3.9.0.455 - Texas Instruments Inc.)
Unity Web Player (HKU\S-1-5-21-1020560147-1002730045-4244577835-1001\...\UnityWebPlayer) (Version: 4.6.1f1 - Unity Technologies ApS)
Vulkan Run Time Libraries 1.0.8.1 (HKLM\...\VulkanRT1.0.8.1) (Version: 1.0.8.1 - LunarG, Inc.)
WestJet_L1011_Vistaliners (HKLM-x32\...\WestJet_L1011_Vistaliners) (Version: - )
WinFACT 7 (HKLM-x32\...\{FE2A7490-32EA-47D1-BCB4-0705F73F4C24}) (Version: 7.1.1 - Ingenieurbüro Dr. Kahlert)
WinFACT 8 (HKLM-x32\...\{0F00C986-561C-4536-B62B-0EDE3475312A}) (Version: 8.1.1 - Ingenieurbüro Dr. Kahlert)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1020560147-1002730045-4244577835-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\19luigi96\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {095345C4-688F-4079-A7E9-646E5501CFE8} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe [2014-04-07] (Dolby Laboratories Inc.)
Task: {151CA8B2-F4E3-48EC-8ED0-FEBF25B57843} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {16C5EE26-5B59-493E-B0FC-9F194414028E} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {16E5994F-1799-4C07-98DD-DAF318E0B352} - System32\Tasks\CareCenter\Spotify_Reg_HKCURun_S-1-5-21-1020560147-1002730045-4244577835-1001 => C:\Users\19luigi96\AppData\Roaming\Spotify\Spotify.exe [2016-04-28] (Spotify Ltd)
Task: {1C306739-C6BB-43AB-A67F-9075A054CECB} - System32\Tasks\CareCenter\A1Servicecenter_Reg_HKLMWow6432Run => C:\Program Files (x86)\A1 Servicecenter\A1 Servicecenter\A1Servicecenter_Launcher.exe [2015-08-17] (A1)
Task: {24A3F703-3D8C-49D4-94E2-D922BAAA4E95} - System32\Tasks\CareCenter\MyPublicWiFi_Reg_HKLMWow6432Run => C:\Program Files (x86)\MyPublicWiFi\MyPublicWiFi.exe [2014-02-11] ()
Task: {287A9918-1FFF-439A-931E-4F33C1BBFAB5} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {2EB10DD2-0129-466D-BFEB-B0D7A8C3490C} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {2F5EC484-D32F-44A3-8C3F-D2DCDE515D1C} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-12] (TODO: <Company name>)
Task: {2FAFBE25-EB8D-4D43-B997-F7EABBA763AC} - System32\Tasks\HP AR Program Upload - bbd4014448154beab69eabd2dff484ea9a1134f83db9445a8f5962bbb9094fa3 => C:\Program Files\HP\HP Officejet Pro 8620\bin\HPRewards.exe [2014-07-21] (TODO: <Company name>)
Task: {316E8F1F-2948-4116-A3B2-655044092DB9} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-05-06] (Microsoft Corporation)
Task: {368B1527-D6FC-4723-844D-2F5404E73F4B} - System32\Tasks\CareCenter\OneDrive_Reg_HKCURun_S-1-5-21-1020560147-1002730045-4244577835-1001 => C:\Users\19luigi96\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2015-12-22] (Microsoft Corporation)
Task: {389A03CF-740C-479B-9933-81266E069492} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: {3A609F3E-CC0E-4CD9-AF8E-22DB3453DE39} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {3E40CF7C-3BE9-4623-AFDE-A85EC02FA468} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {506F16F9-80FE-4D47-8022-6380160D56A6} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2014-06-10] (Acer Incorporate)
Task: {53A964EB-6ABE-47AE-AF72-AE9C8AD2AA58} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-03-07] (Hewlett-Packard)
Task: {628468E4-5006-40AA-B827-467B13400D01} - System32\Tasks\HP AR Program Upload - 57425e4fc46a45bd8971d31003384695588c5414a9784f5b97518b858b6e39b0 => C:\Program Files\HP\HP Officejet Pro 8620\bin\HPRewards.exe [2014-07-21] (TODO: <Company name>)
Task: {65D5FAD8-1911-4C71-863B-4745ACB04993} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2014-06-12] (Acer Incorporated)
Task: {67C74684-5495-48F5-B4A6-207D99849A3B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {6A3E5B7E-A6AB-4D94-A3D6-0E9E1D5C8262} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-03-02] (Hewlett-Packard)
Task: {6FCD230B-43E5-4722-8EBA-832CB94353AD} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-26] (Intel Corporation)
Task: {7232FFD8-2419-4D5A-905B-9265E41A2566} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {7A84F213-DD52-43C1-B1DB-A75516F6325D} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-26] (Intel Corporation)
Task: {7B274E68-8A0B-4CA1-8D69-389A55F55445} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-03-02] (Hewlett-Packard)
Task: {815B574D-9BFB-4C65-A5B7-2E875CD5D802} - System32\Tasks\{30045596-C1AF-483E-8B40-D361E19F2416} => pcalua.exe -a "C:\Program Files (x86)\Desk Pilot 1.4.3(Free)\Uninstal.exe"
Task: {85FC9005-22FC-4DF7-9ED2-9DFA1E622E9C} - System32\Tasks\HPCustParticipation HP Officejet Pro 8620 => C:\Program Files\HP\HP Officejet Pro 8620\Bin\HPCustPartic.exe [2014-07-21] (Hewlett-Packard Development Company, LP)
Task: {864E6530-D79D-47ED-9691-3A4CE093F203} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2015-09-04] (Intel Corporation)
Task: {8A3DF52A-EBB6-4DE0-8055-1F1986FD2389} - System32\Tasks\IntelTA-Upgrade-56460984-97c2-4bc7-a632-d776cf817f5d => C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2015-08-12] (Intel Corporation)
Task: {8C0F8D7E-4A32-4E32-930B-4A68D42976E3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company)
Task: {8FA43D7D-8305-4BF6-B3AB-A10864774E72} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {9829AB20-A0B2-4778-8B83-6E78DCB294D9} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2015-07-17] ()
Task: {9AB90F94-BD2D-43A2-BFD8-03DB7BD7A872} - System32\Tasks\HPCeeScheduleFor19luigi96 => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {9ACDEF90-0947-4924-A02B-1B3880861C7B} - System32\Tasks\IntelTA-Upgrade-56460984-97c2-4bc7-a632-d776cf817f5d-Logon => C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2015-08-12] (Intel Corporation)
Task: {A2528674-D9BB-4FAC-983C-13D8521F2F16} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-27] (Google Inc.)
Task: {A33941DC-84E3-4B81-864D-E3D274D8BA3A} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [2015-11-25] ()
Task: {AF5014DB-C34A-4240-9EA4-80A285981216} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {B19DEFDC-32C3-4B83-A8D9-A58ECF74F840} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {B2B0346E-DB61-4B1D-88F5-9217CFBDA29A} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {C5B9A436-61E4-4F20-ABE8-98167B8861B3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-03-07] (Hewlett-Packard)
Task: {D0AC25E5-892D-4EF0-80C7-E2A7D1105BEE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-27] (Google Inc.)
Task: {D1F849D5-CF00-4ADB-852D-D296C8C01425} - System32\Tasks\avast! Windows 10 Start Menu helper => c:\program files\avast software\avast\asww10mon.exe
Task: {DAE0114B-CE4E-424B-8829-D3EE66AB0B50} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company)
Task: {E8AEE66B-CABA-431F-B649-E60F2AEC2567} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {EB28C1EE-FD97-47F7-9643-EF853747EFAE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-04-06] (Hewlett-Packard)
Task: {F8A7E422-ED3B-423C-B27E-56A92BB32354} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-02-12] (Piriform Ltd)
Task: {F91A08E6-1DD9-43BA-8496-45A3D24108BD} - System32\Tasks\SafeZone scheduled Autoupdate 1459710278 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe
Task: {FD133015-2D45-4501-9DCD-EED167C2FCD1} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2015-07-17] (Acer Incorporated)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleFor19luigi96.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-10-16 15:38 - 2015-10-16 15:38 - 00088064 _____ () C:\Program Files\Intel Corporation\Intel(R) Technology Access\libglog.dll
2016-03-15 15:42 - 2016-03-15 15:42 - 00368800 _____ () C:\Program Files\Intel Corporation\Intel(R) Technology Access\JsonCpp.dll
2014-09-24 22:34 - 2012-04-24 12:43 - 00254512 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2016-04-13 17:45 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-13 17:45 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2014-09-24 22:38 - 2014-07-01 14:13 - 00111872 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2015-04-15 22:13 - 2015-04-15 22:13 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2016-04-19 15:21 - 2016-04-19 15:21 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-02-12 23:13 - 2016-02-12 23:13 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2015-12-22 19:27 - 2015-12-22 19:27 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-04-13 17:44 - 2016-04-02 05:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-04-13 17:44 - 2016-04-02 05:03 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-04-13 17:44 - 2016-04-02 04:58 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-04-13 17:44 - 2016-04-02 04:59 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-04-13 17:44 - 2016-04-02 05:02 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-03-29 10:12 - 2016-03-29 10:13 - 00016896 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.325.12390.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-03-29 10:12 - 2016-03-29 10:13 - 17535488 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.325.12390.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2016-03-03 19:28 - 2016-03-03 19:28 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.325.12390.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2016-01-21 18:12 - 2016-01-21 18:12 - 03746816 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1601.49020.0_x64__8wekyb3d8bbwe\Calculator.exe
2015-12-20 11:22 - 2015-12-20 11:22 - 00258560 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1601.49020.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2015-07-09 00:18 - 2015-07-09 00:18 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\kpcengine.2.3.dll
2016-04-19 15:21 - 2016-04-19 15:21 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-19 15:21 - 2016-04-19 15:22 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2014-02-19 18:51 - 2014-02-19 18:51 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-05-03 17:31 - 2016-04-28 01:25 - 01738904 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.94\libglesv2.dll
2016-05-03 17:31 - 2016-04-28 01:25 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.94\libegl.dll
2015-03-21 20:15 - 2016-04-28 09:45 - 47503472 _____ () C:\Users\19luigi96\AppData\Roaming\Spotify\libcef.dll
2015-03-21 20:15 - 2016-04-28 09:45 - 01584240 _____ () C:\Users\19luigi96\AppData\Roaming\Spotify\libglesv2.dll
2015-03-21 20:15 - 2016-04-28 09:45 - 00082032 _____ () C:\Users\19luigi96\AppData\Roaming\Spotify\libegl.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1020560147-1002730045-4244577835-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\19luigi96\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{4f4abf89-d5be-43f8-aa57-a07067ed19b8}.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\...\StartupApproved\Run32: => "A1Servicecenter"
HKU\S-1-5-21-1020560147-1002730045-4244577835-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1020560147-1002730045-4244577835-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1020560147-1002730045-4244577835-1001\...\StartupApproved\Run: => "WinThrusterReminder"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{6A917514-C7A0-4C0A-8E5B-0B788E43F01B}] => (Allow) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe
FirewallRules: [{5324807F-35E2-4CDF-9A85-489A016D8A2C}] => (Allow) C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe
FirewallRules: [{F23A5594-F8EC-4265-8F4E-EF462299E6CF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{DB1155D6-E3D8-43A3-9CA7-DA088A4D99AB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{1D41004B-29A3-45BA-8FC7-3ABAEFBC9901}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{EB3A5297-9517-4844-AF21-577E48779727}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C6F5281B-3A7D-4ACD-9C55-F930C5D74EC6}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Update\M2Updater.exe
FirewallRules: [{066B4EA7-04D3-4912-85AB-1999E0E8B94A}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Update\M2Updater.exe
FirewallRules: [{2F6A0DFF-D8C0-498D-8E6C-F11765997EF9}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Servicecenter\A1Servicecenter_Repair.exe
FirewallRules: [{3DCF6E61-F8AC-4998-9E68-8DACEA9B2CE4}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Servicecenter\A1Servicecenter_Repair.exe
FirewallRules: [{6B6D29A4-7466-497E-9EF0-7E458D916BCA}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Servicecenter\A1Servicecenter_Launcher.exe
FirewallRules: [{99CFD82D-6751-4075-880B-303527BB457E}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Servicecenter\A1Servicecenter_Launcher.exe
FirewallRules: [{91F9F927-B45E-4B81-B3CF-D424AAED42B1}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Bandbreiten-Optimierer\A1_Bandbreiten_Optimierer.exe
FirewallRules: [{A7502419-75AA-4723-84AE-C9E3BA6009E0}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Bandbreiten-Optimierer\A1_Bandbreiten_Optimierer.exe
FirewallRules: [{5B7761E3-1221-4CB8-B837-5A09A9B39557}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Bandbreiten-Optimierer\A1_Bandbreiten_Optimierer.exe
FirewallRules: [{D529F5DB-807F-4DF7-9326-7E19A7F120A4}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Bandbreiten-Optimierer\A1_Bandbreiten_Optimierer.exe
FirewallRules: [{4AF98E2D-AC5F-4CA2-A4E3-0EE71E5DBD0E}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Servicecenter\A1Modemkonfigurator.exe
FirewallRules: [{66C66DA1-6174-46F7-B6C3-40352D60E15F}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Servicecenter\A1Modemkonfigurator.exe
FirewallRules: [{FC3BD932-9C5B-453D-A707-DE32BE86CA51}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Breitband\A1Breitband.exe
FirewallRules: [{93604A01-43F4-4F94-B7BA-6BC1A22081DC}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Breitband\A1Breitband.exe
FirewallRules: [{1BB7C49A-7739-4203-AC9E-8F2B0EA7C099}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Servicecenter\A1Servicecenter.exe
FirewallRules: [{82C04994-9A06-4BD9-8A46-01E522E15720}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Servicecenter\A1Servicecenter.exe
FirewallRules: [{4D5A4913-5B6B-4EFD-8CAA-5846F7ACBA7A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{AFDC61D9-909A-49EC-8AAF-88B00F374682}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe
FirewallRules: [{70D4B500-7C12-4A89-B7A1-9F7B114891C2}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe
FirewallRules: [{46FAC1D2-7F28-4A9F-AA63-BA39C4A41F5E}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{4EF19973-E6C9-4FCF-A7FC-5482F1CF8EE4}] => (Allow) LPort=5357
FirewallRules: [{1E07586E-E20D-4292-AB30-103D0D05DF8D}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\Bin\DeviceSetup.exe
FirewallRules: [{3ADD2FBE-0620-4525-A66D-1C999396EF26}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\bin\SendAFax.exe
FirewallRules: [{E4DD66A3-B4FC-45FD-9FEB-5FB7DE352A0E}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\bin\DigitalWizards.exe
FirewallRules: [{ECB94716-A1B8-4A1D-A669-16E119E79DFB}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\bin\FaxApplications.exe
FirewallRules: [{AF5DD415-F5D4-4337-9C77-96E541EC7182}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Servicecenter\A1WLANAssistent.exe
FirewallRules: [{CCDC56C7-F4E3-4E43-824F-53D66E67EC98}] => (Allow) C:\Program Files (x86)\A1 Servicecenter\A1 Servicecenter\A1WLANAssistent.exe
FirewallRules: [{2966FB4D-C583-476B-89B4-A4AFEAC95935}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{55D1DB7B-D233-4FE1-BC3A-F577037AA8D8}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{41643B2A-850F-4535-A901-ED771F215B3F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{1C4F8203-C00D-4B20-A0C0-F764E4E1A8D5}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{AAC1D531-F5A9-466C-8F7A-F3F23F2B95AB}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{45A84740-B18F-462D-A261-D87DF268DC08}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{E36A8FB2-5BE8-43AC-B5C8-F1D91C38865A}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{AE2312F9-55A7-42AA-9A57-75FEAF2C59D2}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{4486A622-D872-4DE0-8553-CCE57DA7C426}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{35CDA8E0-6EAB-4F48-862B-572F3DE82B20}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Play.exe
FirewallRules: [{976923A9-3E58-4FBC-B384-98DAB38050BA}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{4B9BD938-C3FB-4F39-BD28-144812BEEFB8}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{7F7D2BB6-1963-4C89-8C12-562A6605FAFD}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{D93C273B-7E70-4FED-A2E0-F0BCF68A2E6F}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{A39FD355-869C-4796-9E02-1DFE5B187E67}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{12B9C52F-6D9D-4F5C-B3A6-141FA47F8704}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{DB3EB6B5-C96F-4D1D-A6FA-F6E4D326D64F}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{72946402-5DF7-4F15-82C9-6F113C0B9420}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{FB2C9DD1-4CB2-49BF-9364-FC3981A2995D}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{B6583BE9-3E50-4C9B-A231-9B2CC2AA6753}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{EC414F04-0AED-4300-810C-89AA7BDDAB9A}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{0A2FC43E-725C-4C41-A337-F52CF5D91B39}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{206547CB-4A3C-4A54-BE3C-71372DF00963}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{7A69563A-386A-4831-8053-F6580D68A87D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{064257C0-DDD0-4409-BB99-A6EAA5AA14B7}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{298D2711-F92D-4465-ACDC-1AFDD46C1542}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{232343F4-83F4-4E88-8FA4-FCD183A66AA1}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{DEB10FC8-9847-4D99-8366-D27AB0C4AD86}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{1ED2BE91-C12E-4139-8841-77ECDB165A7E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{C13EBD20-B2AA-4F59-BDDB-B5F79D4358F6}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{94A62F29-2D72-481D-BC59-E1C23D5B99C5}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{9DD6069E-4A5D-493A-8D4A-6C5357E38249}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{A7BF866D-E6D0-4EFD-A156-3DBFD7C95302}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{88D7D15B-0AFD-4D09-9FFB-8AE00FC65AB0}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{A2773EF9-8623-4DDF-B128-B6D13DC5B2FB}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{703DA667-6592-40C7-BAB7-A9ABB575B1B4}] => (Allow) C:\Program Files (x86)\Seilbahn Simulator 2014\seilbahn.exe
FirewallRules: [{0502888B-F4A6-4489-9826-337ED9C4618E}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{5AFC3091-3B54-4E18-A364-5EBA33A89C01}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\photoview\photoview360.exe
FirewallRules: [{CA27BBCE-A25B-41F1-9773-6F9987835867}] => (Allow) C:\Program Files\SolidWorks Corp\SolidWorks\photoview\photoview360.exe
FirewallRules: [{BF900996-E9E7-4F4C-8AEC-34597E73572A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{1E9C2860-8EBD-4B39-BF26-38C29B82BF00}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{458B84B1-2A9F-4B5A-9E05-2AF9E5AE870F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{5934A5DF-01BD-42A8-A69C-31318F2058A6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{BF0F045F-BDC5-409A-BB48-234FC7128D9A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{344FDE4E-96B4-450C-8B0A-ED479EBC45A5}] => (Allow) C:\Program Files (x86)\Seilbahn Simulator 2014\seilbahn.exe
FirewallRules: [{2570D302-F8CD-4048-B7EB-BA4CCC38583F}] => (Allow) D:\Filme\MyPublicWiFi.exe
FirewallRules: [{1A0FE94A-F4D9-467D-87D9-7F11D4CACBD5}] => (Allow) D:\Filme\MyPublicWiFi.exe
FirewallRules: [{62AE5D87-28B9-4E74-B7CF-D9D22F1E728C}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{46492EC0-B40A-43A6-81FC-186FBEAE8C2D}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{35440F5C-3CD2-4390-B3A6-95D19C618EF5}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{EFFE1EBA-8FFA-4D80-AD81-BE772E0072D1}] => (Allow) C:\Program Files (x86)\MyPublicWiFi\MyPublicWiFi.exe
FirewallRules: [{FAA03E9D-D86C-49CE-B2F9-22F914FAC775}] => (Allow) C:\Program Files (x86)\MyPublicWiFi\MyPublicWiFi.exe
FirewallRules: [{9E4CD94E-C647-4B9E-88CE-9366B2D44F56}] => (Allow) C:\Program Files (x86)\MyPublicWiFi\MyPublicWiFi.exe
FirewallRules: [{DEFA3EFE-C4DA-4E7C-AF1D-8A564FF9B48E}] => (Allow) C:\Program Files (x86)\MyPublicWiFi\MyPublicWiFi.exe
==================== Wiederherstellungspunkte =========================
ACHTUNG: Systemwiederherstellung ist deaktiviert
==================== Fehlerhafte Geräte im Gerätemanager =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (05/06/2016 10:34:07 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2422
Error: (05/06/2016 10:34:07 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2422
Error: (05/06/2016 10:34:07 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/06/2016 10:34:06 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1172
Error: (05/06/2016 10:34:06 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1172
Error: (05/06/2016 10:34:06 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/06/2016 10:28:44 AM) (Source: MsiInstaller) (EventID: 1002) (User: LUKAS)
Description: Nicht erwarteter oder fehlender Wert (Name: "PackageName", Wert: "") für Schlüssel "HKLM\Software\Classes\Installer\Products\D139E7FE48CDB174D86B8A3385904547\SourceList".
Error: (05/06/2016 10:28:28 AM) (Source: HP Active Health) (EventID: 2200) (User: )
Description: Agent DriverCrash threw an exception: System.NullReferenceException: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
bei HP.ActiveHealth.Agents.DriverCrash.DriverCrashAgent.ParseMinidump(FileInfo minidumpFile)
bei HP.ActiveHealth.Agents.DriverCrash.DriverCrashAgent.CollectNewDataClasses(FileInfo agentStateFile, IDataClassCollector dataClassColector)
bei HP.ActiveHealth.API.DataGeneration.AgentRunner.QueryAgentDelegate(Object agentObj)
Error: (05/06/2016 10:23:59 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NvStreamNetworkService.exe, Version: 7.1.2061.1794, Zeitstempel: 0x5702d6ad
Name des fehlerhaften Moduls: MessageBus.dll, Version: 0.0.0.0, Zeitstempel: 0x5702d023
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000010f73
ID des fehlerhaften Prozesses: 0x117c
Startzeit der fehlerhaften Anwendung: 0xNvStreamNetworkService.exe0
Pfad der fehlerhaften Anwendung: NvStreamNetworkService.exe1
Pfad des fehlerhaften Moduls: NvStreamNetworkService.exe2
Berichtskennung: NvStreamNetworkService.exe3
Vollständiger Name des fehlerhaften Pakets: NvStreamNetworkService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: NvStreamNetworkService.exe5
Error: (05/06/2016 10:23:54 AM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT-AUTORITÄT)
Description: Überspringen: Eap method DLL path Fehler bei der Überprüfung. Fehler: Type-ID=43, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
Systemfehler:
=============
Error: (05/06/2016 08:33:51 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}
Error: (05/06/2016 04:47:14 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (05/06/2016 03:40:38 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (05/06/2016 03:35:52 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}
Error: (05/06/2016 01:16:34 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (05/06/2016 01:07:31 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}
Error: (05/06/2016 12:08:01 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (05/06/2016 11:48:35 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}
Error: (05/06/2016 11:44:44 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (05/06/2016 10:48:27 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070490 fehlgeschlagen: HP - Other hardware, Printer - Null Fax - HP Officejet Pro 8620
CodeIntegrity:
===================================
Date: 2016-04-18 21:13:58.638
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-04-14 21:27:17.479
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-04-14 08:12:06.473
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-24 20:55:23.498
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-18 18:41:26.354
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-17 23:16:04.158
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-17 22:06:10.323
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-07 09:20:51.881
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-04 16:49:06.108
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-02-16 08:19:57.709
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-4710HQ CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 43%
Installierter physikalischer RAM: 8115.27 MB
Verfügbarer physikalischer RAM: 4608.53 MB
Summe virtueller Speicher: 9395.27 MB
Verfügbarer virtueller Speicher: 5262.04 MB
==================== Laufwerke ================================
Drive c: (Acer) (Fixed) (Total:117.99 GB) (Free:12.27 GB) NTFS
Drive d: (DATA) (Fixed) (Total:915.33 GB) (Free:720.5 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 3A122DE6)
Partition: GPT.
========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 3A122D91)
Partition: GPT.
==================== Ende von Addition.txt ============================
Schritt 2: TDS Killer: Code:
21:22:03.0789 0x384c TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
21:22:03.0789 0x384c UEFI system
21:22:08.0009 0x384c ============================================================
21:22:08.0009 0x384c Current date / time: 2016/05/06 21:22:08.0009
21:22:08.0009 0x384c SystemInfo:
21:22:08.0010 0x384c
21:22:08.0010 0x384c OS Version: 10.0.10586 ServicePack: 0.0
21:22:08.0010 0x384c Product type: Workstation
21:22:08.0010 0x384c ComputerName: LUKAS
21:22:08.0010 0x384c UserName: 19luigi96
21:22:08.0010 0x384c Windows directory: C:\WINDOWS
21:22:08.0010 0x384c System windows directory: C:\WINDOWS
21:22:08.0010 0x384c Running under WOW64
21:22:08.0010 0x384c Processor architecture: Intel x64
21:22:08.0010 0x384c Number of processors: 8
21:22:08.0010 0x384c Page size: 0x1000
21:22:08.0010 0x384c Boot type: Normal boot
21:22:08.0010 0x384c ============================================================
21:22:08.0140 0x384c KLMD registered as C:\WINDOWS\system32\drivers\83567304.sys
21:22:08.0325 0x384c System UUID: {DFA70C23-7619-EFFD-DF4F-31ECAC17E41E}
21:22:08.0834 0x384c Drive \Device\Harddisk0\DR0 - Size: 0x1DCF856000 ( 119.24 Gb ), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:22:08.0834 0x384c Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:22:08.0837 0x384c ============================================================
21:22:08.0837 0x384c \Device\Harddisk0\DR0:
21:22:08.0837 0x384c GPT partitions:
21:22:08.0837 0x384c \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {C6B6DAAE-710B-4126-812F-C5A1A507D748}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x12C000
21:22:08.0837 0x384c \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {000C2AEB-615B-405F-8802-05F24130C9DC}, Name: EFI system partition, StartLBA 0x12C800, BlocksNum 0x32000
21:22:08.0837 0x384c \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {BF8A662A-70C9-4B68-A517-7F0DC7550E82}, Name: Microsoft reserved partition, StartLBA 0x15E800, BlocksNum 0x40000
21:22:08.0837 0x384c \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {E9471D31-8A5C-4737-BAD9-70522B114D51}, Name: Basic data partition, StartLBA 0x19E800, BlocksNum 0xEBFC800
21:22:08.0837 0x384c \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {38BF1DA5-5700-4D1D-9F51-6D6E1752B984}, Name: , StartLBA 0xED9B000, BlocksNum 0xE1000
21:22:08.0837 0x384c MBR partitions:
21:22:08.0837 0x384c \Device\Harddisk1\DR1:
21:22:08.0838 0x384c GPT partitions:
21:22:08.0838 0x384c \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {7FFE6E93-6DA5-4CA6-A7A3-2CB43F12A380}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x726A9000
21:22:08.0838 0x384c \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {6D371802-ECD1-46D9-B8AE-6957DC024193}, Name: Basic data partition, StartLBA 0x726A9800, BlocksNum 0x205D000
21:22:08.0838 0x384c MBR partitions:
21:22:08.0838 0x384c ============================================================
21:22:08.0839 0x384c C: <-> \Device\Harddisk0\DR0\Partition4
21:22:08.0899 0x384c D: <-> \Device\Harddisk1\DR1\Partition1
21:22:08.0899 0x384c ============================================================
21:22:08.0899 0x384c Initialize success
21:22:08.0899 0x384c ============================================================
21:22:34.0302 0x1178 ============================================================
21:22:34.0302 0x1178 Scan started
21:22:34.0302 0x1178 Mode: Manual; SigCheck; TDLFS;
21:22:34.0302 0x1178 ============================================================
21:22:34.0302 0x1178 KSN ping started
21:22:42.0311 0x1178 KSN ping finished: true
21:22:45.0478 0x1178 ================ Scan system memory ========================
21:22:45.0478 0x1178 System memory - ok
21:22:45.0478 0x1178 ================ Scan services =============================
21:22:45.0528 0x1178 1394ohci - ok
21:22:45.0531 0x1178 3ware - ok
21:22:45.0533 0x1178 ACPI - ok
21:22:45.0535 0x1178 acpiex - ok
21:22:45.0537 0x1178 acpipagr - ok
21:22:45.0540 0x1178 AcpiPmi - ok
21:22:45.0542 0x1178 acpitime - ok
21:22:45.0545 0x1178 ADP80XX - ok
21:22:45.0549 0x1178 AFD - ok
21:22:45.0551 0x1178 agp440 - ok
21:22:45.0554 0x1178 ahcache - ok
21:22:45.0556 0x1178 AJRouter - ok
21:22:45.0558 0x1178 ALG - ok
21:22:45.0561 0x1178 AmdK8 - ok
21:22:45.0564 0x1178 AmdPPM - ok
21:22:45.0566 0x1178 amdsata - ok
21:22:45.0568 0x1178 amdsbs - ok
21:22:45.0570 0x1178 amdxata - ok
21:22:45.0573 0x1178 [ A74D6CCEECD8DCDE348521E6A7F3FAE3, 6CC14CFA95C98B011F017F32ED6A0CFA48A108002F605835358FFBCF21EA3C9F ] AndnetBus C:\WINDOWS\System32\drivers\lgandnetbus64.sys
21:22:45.0617 0x1178 AndnetBus - ok
21:22:45.0627 0x1178 [ FF7DBB0CC5D0576DF07C901D8451F40A, E1AEF2856DFBBE188698EC45AD15D6D677737068D38952CD7074C9BEB4B2F023 ] AndNetDiag C:\WINDOWS\system32\DRIVERS\lgandnetdiag64.sys
21:22:45.0637 0x1178 AndNetDiag - ok
21:22:45.0640 0x1178 [ 24B6E19D8A068992114CF4EF6BDDD63A, 1CB4EAB27D93F4352CA957548EC2FEAE91175A23F71D83E81CE324B6CCA5E118 ] ANDNetModem C:\WINDOWS\system32\DRIVERS\lgandnetmodem64.sys
21:22:45.0649 0x1178 ANDNetModem - ok
21:22:45.0651 0x1178 AppID - ok
21:22:45.0653 0x1178 AppIDSvc - ok
21:22:45.0656 0x1178 Appinfo - ok
21:22:45.0658 0x1178 AppReadiness - ok
21:22:45.0661 0x1178 AppXSvc - ok
21:22:45.0663 0x1178 arcsas - ok
21:22:45.0665 0x1178 AsyncMac - ok
21:22:45.0668 0x1178 atapi - ok
21:22:45.0670 0x1178 athr - ok
21:22:45.0672 0x1178 AudioEndpointBuilder - ok
21:22:45.0674 0x1178 Audiosrv - ok
21:22:45.0686 0x1178 [ 50C3C62FFE6337E6E4F2F01CB07DF63C, CC9C7D2827E872F22A2A79D42195530F61DF6EA6A1C8F520E25DB35537574FAB ] AVP16.0.0 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
21:22:45.0702 0x1178 AVP16.0.0 - ok
21:22:45.0705 0x1178 AxInstSV - ok
21:22:45.0708 0x1178 b06bdrv - ok
21:22:45.0710 0x1178 BasicDisplay - ok
21:22:45.0713 0x1178 BasicRender - ok
21:22:45.0717 0x1178 bcmfn - ok
21:22:45.0720 0x1178 bcmfn2 - ok
21:22:45.0722 0x1178 BDESVC - ok
21:22:45.0724 0x1178 Beep - ok
21:22:45.0727 0x1178 BFE - ok
21:22:45.0729 0x1178 BITS - ok
21:22:45.0740 0x1178 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
21:22:45.0751 0x1178 Bonjour Service - ok
21:22:45.0754 0x1178 bowser - ok
21:22:45.0756 0x1178 BrokerInfrastructure - ok
21:22:45.0760 0x1178 Browser - ok
21:22:45.0765 0x1178 [ 63A00CDBEB300522C49EC7CA77324060, 99CB6D37C7D898982A192AAA8DE5CE255E6FA482E19FE9032BAA7069E652F6F5 ] BrSerIb C:\WINDOWS\system32\DRIVERS\BrSerIb.sys
21:22:45.0771 0x1178 BrSerIb - ok
21:22:45.0774 0x1178 [ BBCFD6C6EF66449F55AF1BFDB08C9B12, D6D5D408FCFFF9ED69D095948E786C08EEECD5F55905A3D8FE2BB08944C5E1F2 ] BrUsbSIb C:\WINDOWS\system32\DRIVERS\BrUsbSIb.sys
21:22:45.0779 0x1178 BrUsbSIb - ok
21:22:45.0782 0x1178 [ AF7DEA6A0E93AF8517A310D189B656BE, 008FE5102EE6B73A8D9AFC2B0E563C6A3567167380FCEDC538278240D2AE1FD4 ] BTATH_BUS C:\WINDOWS\system32\drivers\btath_bus.sys
21:22:45.0787 0x1178 BTATH_BUS - ok
21:22:45.0800 0x1178 [ 239A81CC18170F3369D389DA65E74342, 5E26976176A6651B149784B1ED86ECCA133B7755EBB8B04361A8DDB705767AA3 ] BtFilter C:\WINDOWS\system32\DRIVERS\btfilter.sys
21:22:45.0814 0x1178 BtFilter - ok
21:22:45.0817 0x1178 BthA2DP - ok
21:22:45.0819 0x1178 BthAvrcpTg - ok
21:22:45.0822 0x1178 BthEnum - ok
21:22:45.0825 0x1178 BthHFEnum - ok
21:22:45.0828 0x1178 bthhfhid - ok
21:22:45.0830 0x1178 BthHFSrv - ok
21:22:45.0832 0x1178 BthLEEnum - ok
21:22:45.0835 0x1178 BTHMODEM - ok
21:22:45.0837 0x1178 BthPan - ok
21:22:45.0839 0x1178 BTHPORT - ok
21:22:45.0842 0x1178 bthserv - ok
21:22:45.0844 0x1178 BTHUSB - ok
21:22:45.0847 0x1178 buttonconverter - ok
21:22:45.0872 0x1178 [ 52AE2CDD37AB735FBDA52263EFD524AA, 844103913E6079CC1C49B05FFB1CDC9A68692A8EE5A05C9C28FD272DFE534913 ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
21:22:45.0901 0x1178 c2cautoupdatesvc - ok
21:22:45.0933 0x1178 [ C35B91B6777E7C6DB67B8583D2AA66A7, CE3A004B560EB750442150FEEFEE074A11A17E66B3F2A489E8EF1DBCF8FE8390 ] c2cpnrsvc C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
21:22:45.0966 0x1178 c2cpnrsvc - ok
21:22:45.0971 0x1178 CapImg - ok
21:22:45.0974 0x1178 cdfs - ok
21:22:45.0977 0x1178 CDPSvc - ok
21:22:45.0979 0x1178 cdrom - ok
21:22:45.0982 0x1178 CertPropSvc - ok
21:22:45.0984 0x1178 circlass - ok
21:22:45.0986 0x1178 CLFS - ok
21:22:45.0988 0x1178 ClipSVC - ok
21:22:45.0994 0x1178 CmBatt - ok
21:22:46.0003 0x1178 [ B2A6D2A30E93B6F215F74AC7E1733C9C, 960299F7BF2501B46296EDEA050BF30313C17A9B785574B56B79C070BD1B6E1A ] cm_km C:\WINDOWS\system32\DRIVERS\cm_km.sys
21:22:46.0015 0x1178 cm_km - ok
21:22:46.0018 0x1178 CNG - ok
21:22:46.0020 0x1178 cnghwassist - ok
21:22:46.0040 0x1178 CompositeBus - ok
21:22:46.0043 0x1178 COMSysApp - ok
21:22:46.0045 0x1178 condrv - ok
21:22:46.0074 0x1178 [ B46F13958F918C00A9D3EF3B23613D8A, A5E18BFB828BA0789E17BBBD4BEF1D491EEA5F908CD7572F4B9089025CB5634B ] CoordinatorServiceHost C:\Program Files\SOLIDWORKS Corp\SOLIDWORKS\swScheduler\DTSCoordinatorService.exe
21:22:46.0079 0x1178 CoordinatorServiceHost - ok
21:22:46.0082 0x1178 CoreMessagingRegistrar - ok
21:22:46.0117 0x1178 [ 700A193A1555B083E3A08F5D3A844925, 974F7F0C78289EFE821407E418EB65A022D6445DED8EA112B9866784AF0221EE ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
21:22:46.0130 0x1178 cphs - ok
21:22:46.0134 0x1178 CryptSvc - ok
21:22:46.0140 0x1178 dam - ok
21:22:46.0144 0x1178 DcomLaunch - ok
21:22:46.0147 0x1178 DcpSvc - ok
21:22:46.0149 0x1178 defragsvc - ok
21:22:46.0151 0x1178 DeviceAssociationService - ok
21:22:46.0154 0x1178 DeviceInstall - ok
21:22:46.0156 0x1178 DevQueryBroker - ok
21:22:46.0158 0x1178 Dfsc - ok
21:22:46.0161 0x1178 Dhcp - ok
21:22:46.0164 0x1178 diagnosticshub.standardcollector.service - ok
21:22:46.0166 0x1178 DiagTrack - ok
21:22:46.0168 0x1178 disk - ok
21:22:46.0171 0x1178 DmEnrollmentSvc - ok
21:22:46.0173 0x1178 dmvsc - ok
21:22:46.0175 0x1178 dmwappushservice - ok
21:22:46.0177 0x1178 Dnscache - ok
21:22:46.0180 0x1178 dot3svc - ok
21:22:46.0182 0x1178 DPS - ok
21:22:46.0190 0x1178 [ F8D8AD4CEE8949878B24CFC06F09B5B9, 0EEDDE26912926A8C8D4BA43F3D50D587F6CA115CAB05D9E06AC2249A0CC3DE6 ] DraftSight API Service C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe
21:22:46.0198 0x1178 DraftSight API Service - detected UnsignedFile.Multi.Generic ( 1 )
21:22:54.0305 0x48d8 Object required for P2P: [ C35B91B6777E7C6DB67B8583D2AA66A7 ] c2cpnrsvc
21:22:54.0331 0x1178 DraftSight API Service ( UnsignedFile.Multi.Generic ) - warning
21:22:54.0331 0x1178 Force sending object to P2P due to detect: DraftSight API Service
21:23:02.0405 0x48d8 Object send P2P result: true
21:23:02.0420 0x1178 Object send P2P result: true
21:23:10.0409 0x1178 drmkaud - ok
21:23:10.0413 0x1178 DsmSvc - ok
21:23:10.0416 0x1178 DsSvc - ok
21:23:10.0418 0x1178 DXGKrnl - ok
21:23:10.0421 0x1178 Eaphost - ok
21:23:10.0423 0x1178 ebdrv - ok
21:23:10.0425 0x1178 EFS - ok
21:23:10.0429 0x1178 EhStorClass - ok
21:23:10.0431 0x1178 EhStorTcgDrv - ok
21:23:10.0434 0x1178 embeddedmode - ok
21:23:10.0437 0x1178 EntAppSvc - ok
21:23:10.0479 0x1178 [ F800FEA3F6865E506AC2B218F25F1E38, 25E8EE3D009D52EDEF9F67587EA8E9E0FFD6094F3971B9470B0A7AC018AD469D ] ePowerSvc C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
21:23:10.0524 0x1178 ePowerSvc - ok
21:23:10.0529 0x1178 epp - ok
21:23:10.0532 0x1178 ErrDev - ok
21:23:10.0537 0x1178 EventSystem - ok
21:23:10.0539 0x1178 exfat - ok
21:23:10.0541 0x1178 fastfat - ok
21:23:10.0544 0x1178 Fax - ok
21:23:10.0546 0x1178 fdc - ok
21:23:10.0549 0x1178 fdPHost - ok
21:23:10.0551 0x1178 FDResPub - ok
21:23:10.0554 0x1178 fhsvc - ok
21:23:10.0556 0x1178 FileCrypt - ok
21:23:10.0558 0x1178 FileInfo - ok
21:23:10.0561 0x1178 Filetrace - ok
21:23:10.0581 0x1178 [ 00EDB531DFB127197D625204B138269B, 0CE6536344CE30F06C6CD04BEB202C935B10439200B9CE792B4440D2EE3CB9D9 ] FlexNet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe
21:23:10.0602 0x1178 FlexNet Licensing Service - ok
21:23:10.0630 0x1178 [ 668D43EFEB7F129584100CF6320E8A6F, 093254127A63420F93001BA63CF323AA4C17A38914D5B991E31F3B8C1971E9D7 ] FlexNet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe
21:23:10.0657 0x1178 FlexNet Licensing Service 64 - ok
21:23:10.0662 0x1178 flpydisk - ok
21:23:10.0664 0x1178 FltMgr - ok
21:23:10.0666 0x1178 FontCache - ok
21:23:10.0670 0x1178 FontCache3.0.0.0 - ok
21:23:10.0672 0x1178 FsDepends - ok
21:23:10.0675 0x1178 Fs_Rec - ok
21:23:10.0678 0x1178 fvevol - ok
21:23:10.0681 0x1178 gagp30kx - ok
21:23:10.0684 0x1178 gencounter - ok
21:23:10.0686 0x1178 genericusbfn - ok
21:23:10.0708 0x1178 [ 154651F84794535631970749476B53E6, 62D94A36133EB1E1E403159619362E77B34BBE55282A6EE53E503E6DF6A9839E ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
21:23:10.0730 0x1178 GfExperienceService - ok
21:23:10.0734 0x1178 GPIOClx0101 - ok
21:23:10.0736 0x1178 gpsvc - ok
21:23:10.0738 0x1178 GpuEnergyDrv - ok
21:23:10.0743 0x1178 [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:23:10.0750 0x1178 gupdate - ok
21:23:10.0754 0x1178 [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:23:10.0760 0x1178 gupdatem - ok
21:23:10.0764 0x1178 [ 7F79205B4EFA98F0767309479C8C01C6, 4B576903A83F33A8CF31D3887144A3D51C56D1187115C83AC99C0E9F6B4BF128 ] Hamachi C:\WINDOWS\system32\DRIVERS\Hamdrv.sys
21:23:10.0775 0x1178 Hamachi - ok
21:23:10.0816 0x1178 [ BDC536D4D5280451E12842DEAF7717E5, 7103AC074E2DD1B90FD88DF24E6503E7A6643768A5E43933AA995BE58EE5541E ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
21:23:10.0859 0x1178 Hamachi2Svc - ok
21:23:10.0864 0x1178 HDAudBus - ok
21:23:10.0866 0x1178 HidBatt - ok
21:23:10.0869 0x1178 HidBth - ok
21:23:10.0871 0x1178 hidi2c - ok
21:23:10.0873 0x1178 hidinterrupt - ok
21:23:10.0875 0x1178 HidIr - ok
21:23:10.0878 0x1178 hidserv - ok
21:23:10.0880 0x1178 HidUsb - ok
21:23:10.0882 0x1178 HomeGroupListener - ok
21:23:10.0884 0x1178 HomeGroupProvider - ok
21:23:10.0887 0x1178 HpSAMD - ok
21:23:10.0890 0x1178 [ 2C884CBC1CC8804B771C845CD683BA84, 4BDCD012AB9D2ED0A2831BB01F77DB47B83565527C4964CA7BE6FC66917AC265 ] HPSupportSolutionsFrameworkService C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
21:23:10.0897 0x1178 HPSupportSolutionsFrameworkService - ok
21:23:10.0900 0x1178 HTTP - ok
21:23:10.0902 0x1178 hwpolicy - ok
21:23:10.0904 0x1178 hyperkbd - ok
21:23:10.0906 0x1178 i8042prt - ok
21:23:10.0909 0x1178 iai2c - ok
21:23:10.0911 0x1178 iaLPSS2i_I2C - ok
21:23:10.0915 0x1178 iaLPSSi_GPIO - ok
21:23:10.0917 0x1178 iaLPSSi_I2C - ok
21:23:10.0919 0x1178 iaStorAV - ok
21:23:10.0922 0x1178 iaStorV - ok
21:23:10.0924 0x1178 ibbus - ok
21:23:10.0926 0x1178 icssvc - ok
21:23:10.0930 0x1178 [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
21:23:10.0934 0x1178 IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
21:23:19.0056 0x1178 Detect skipped due to KSN trusted
21:23:19.0056 0x1178 IDriverT - ok
21:23:19.0059 0x1178 IEEtwCollectorService - ok
21:23:19.0153 0x1178 [ 548712979B0BA12ECE2D8549797593D4, 6809412A76DE30C914A65BB8546E436AD540E00610D5D13FDE486C4446E95C24 ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
21:23:19.0255 0x1178 igfx - ok
21:23:19.0269 0x1178 [ BA1BA1C9E40BCEB88678747C1E7C256F, C85CC690D353FCEBFD243304C25EEAA2BC13DB1E2A4C8C65371F455511540959 ] igfxCUIService2.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
21:23:19.0284 0x1178 igfxCUIService2.0.0.0 - ok
21:23:19.0286 0x1178 IKEEXT - ok
21:23:19.0290 0x1178 [ FC7C456AF9B9811499EDBD10616832EE, CA2D8B0E672D3AE449C2FF0B9E142D74E8C72FD877D11162A9F7CC51AF58220F ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
21:23:19.0296 0x1178 intaud_WaveExtensible - ok
21:23:19.0358 0x1178 [ C0A462BA7E9A07EFBD3571740F8D0145, 79AA2136EEBD07F5B66F177C64CA9B887A11DC777EDF5D1797C64611129FD32F ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
21:23:19.0424 0x1178 IntcAzAudAddService - ok
21:23:19.0438 0x1178 [ 42777B7BE4946135578E5C3BC1D2E4AD, CE4FF334238D0A98139676420E770A42DC0F5567F49D618B56CD55417F556D05 ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
21:23:19.0451 0x1178 IntcDAud - ok
21:23:19.0469 0x1178 [ 4C17F57E43645E75800E9E84787E34E5, 6A1531D97462BA3B3DBDAD472AF15B717C958AA8C5CE2373DE0B2A41C35BE33E ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
21:23:19.0487 0x1178 Intel(R) Capability Licensing Service TCP IP Interface - ok
21:23:19.0493 0x1178 [ 2390C395882F7773AB7D6CC2547B41DE, 220EBA14BC4A686ED9879D27900AD66ACD937899759A4319297E0F15DFAB247C ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
21:23:19.0499 0x1178 Intel(R) ME Service - ok
21:23:19.0503 0x1178 [ 4E8816C659026539CF740EEC006F32D5, 3CA822F6659CD701122DBAFF3568B5B7E7415BEE340B56E7C4A8E672EFADDEFF ] Intel(R) TA SAM C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe
21:23:19.0510 0x1178 Intel(R) TA SAM - ok
21:23:19.0515 0x1178 [ A10C371176065BC0D7CAC5389C9D73C9, 7071646D336DC077ADABC6609E145B53799B3AC3DCF5DCC23CE1F58511A05F7D ] Intel(R) TechnologyAccessLegacyCSLoader C:\Program Files\Intel Corporation\Intel(R) Technology Access\LegacyCsLoaderService.exe
21:23:19.0524 0x1178 Intel(R) TechnologyAccessLegacyCSLoader - ok
21:23:19.0534 0x1178 [ B926D92B9C6E1055FE8C1BF55AAED770, 6BD1580C4DCE535427C306B582279DB9094C68704BC17B98EBC4F509E63FEAC6 ] Intel(R) TechnologyAccessService C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe
21:23:19.0546 0x1178 Intel(R) TechnologyAccessService - ok
21:23:19.0549 0x1178 intelide - ok
21:23:19.0551 0x1178 intelpep - ok
21:23:19.0553 0x1178 intelppm - ok
21:23:19.0556 0x1178 IoQos - ok
21:23:19.0558 0x1178 IpFilterDriver - ok
21:23:19.0561 0x1178 iphlpsvc - ok
21:23:19.0563 0x1178 IPMIDRV - ok
21:23:19.0565 0x1178 IPNAT - ok
21:23:19.0567 0x1178 IRENUM - ok
21:23:19.0569 0x1178 isapnp - ok
21:23:19.0572 0x1178 iScsiPrt - ok
21:23:19.0578 0x1178 [ 16B5B394028D8ED80A569123A38DC4F7, 19839364B7A48584615F0ED56D94AB6E6F8159EAD826605F74C73845CE2C5C12 ] iumsvc C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
21:23:19.0585 0x1178 iumsvc - ok
21:23:19.0589 0x1178 [ A90C843F4FDD7A07129BA73C6BE13976, A76DEA9F09E3B2F18D3B646A0DD39E2773EC62E2F3C55421BA61C12190D78C1C ] iwdbus C:\WINDOWS\System32\drivers\iwdbus.sys
21:23:19.0594 0x1178 iwdbus - ok
21:23:19.0598 0x1178 [ BDC9C7931DB723CB1AF9F7075EA06645, EEBD5DC9C4656F14F8F0A0A5E84657B6B2BA35283E0E571119DA82F131D5C21B ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
21:23:19.0605 0x1178 jhi_service - ok
21:23:19.0608 0x1178 k57nd60a - ok
21:23:19.0610 0x1178 kbdclass - ok
21:23:19.0612 0x1178 kbdhid - ok
21:23:19.0615 0x1178 kdnic - ok
21:23:19.0616 0x1178 KeyIso - ok
21:23:19.0627 0x1178 [ BEE1682DA217A4AD46C36896769AA580, 4D853D78E459F7BFE4F4217FCAD47CDACFAC19C2F6CF8261FBAA46BDB387FFDC ] kl1 C:\WINDOWS\system32\DRIVERS\kl1.sys
21:23:19.0641 0x1178 kl1 - ok
21:23:19.0645 0x1178 [ 86F40D79CE80ACBE6BEBAC8CE89D75A0, 8B800425160D1AF3C32EF7B5CA794658EE09CD3EE782473D8D38E1C7706076B3 ] klbackupdisk C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys
21:23:19.0650 0x1178 klbackupdisk - ok
21:23:19.0655 0x1178 [ 2B4BC41223326FF440E2DB32B9239138, E95D5BB3388D6B219A4C175D5DA77CEB620A27A13F5AA4E7E2C05694B6E26947 ] klbackupflt C:\WINDOWS\system32\DRIVERS\klbackupflt.sys
21:23:19.0661 0x1178 klbackupflt - ok
21:23:19.0667 0x1178 [ 80D7529E1CF09261FADF55E69EFDA90B, 2FE5EC38866E12D78AE3F4AD8CF647BDED616E8A36D9D737F9B6564DDA4685E7 ] kldisk C:\WINDOWS\system32\DRIVERS\kldisk.sys
21:23:19.0674 0x1178 kldisk - ok
21:23:19.0677 0x1178 [ E2097C8F18F1E8E3B7D09F12B51843A3, 0506A99BD0962AAE64692BD7F080DB080F8B678DC59685CF22830A47B486430C ] klelam C:\WINDOWS\system32\DRIVERS\klelam.sys
21:23:19.0686 0x1178 klelam - ok
21:23:19.0692 0x1178 [ BACE50477C184A3AA0755702C23B8B27, 5708A1B7C22702AD2E5DD4491A911A51D2FB768E46857639C0C5D8736E487D0F ] klflt C:\WINDOWS\system32\DRIVERS\klflt.sys
21:23:19.0700 0x1178 klflt - ok
21:23:19.0707 0x1178 [ 0698A6918DAF5B1710F5A5170C34FC03, 15CBA4089950812A5815D7517B6C25959A793A55A66F8AA6746618D42A849351 ] klhk C:\WINDOWS\system32\DRIVERS\klhk.sys
21:23:19.0715 0x1178 klhk - ok
21:23:19.0733 0x1178 [ 3DC953B77F13031C7763464FC0AD1E71, B0142B8A9FB5889D7F76E16EA26F1EA9BC7F1770226CD139B3C932671EBD802B ] KLIF C:\WINDOWS\system32\DRIVERS\klif.sys
21:23:19.0752 0x1178 KLIF - ok
21:23:19.0756 0x1178 [ E62321376344231F5F488758ACC6D553, 1155C1FDD5C95B05EABBD4268A7D3FFF050D0C0921B61226179C312605AB46C3 ] KLIM6 C:\WINDOWS\system32\DRIVERS\klim6.sys
21:23:19.0762 0x1178 KLIM6 - ok
21:23:19.0765 0x1178 [ DAE5768E6FD34A36E3B9D1AF1FCA682B, 24DA0B71E3B4AC0FABEE0BF687DF8D35283DBF808CA3AB6F86E72B37471F6B33 ] klkbdflt C:\WINDOWS\system32\DRIVERS\klkbdflt.sys
21:23:19.0771 0x1178 klkbdflt - ok
21:23:19.0774 0x1178 [ FD47C92A63B6EADEA830BFA96C06EAEE, C15C39B6FA53CBD01A2F95243845C4B706B4229F8FFB75C7128819B9CEE5B2CB ] klmouflt C:\WINDOWS\system32\DRIVERS\klmouflt.sys
21:23:19.0780 0x1178 klmouflt - ok
21:23:19.0783 0x1178 [ F610F5F17BC87D61EF8954CCD793BAE4, A77FE26B4A474FE799C3D569BDD7858319C57FC14C1BB43ECFAB1FDB19AF5DC6 ] klpd C:\WINDOWS\system32\DRIVERS\klpd.sys
21:23:19.0789 0x1178 klpd - ok
21:23:19.0793 0x1178 [ 26D3895A519220E94D241A8858D40CD9, CBDE2B937D2897FC2F356F73D983023F7CBE3C9E8A2873877E5CAF40F3D9A680 ] klwfp C:\WINDOWS\system32\DRIVERS\klwfp.sys
21:23:19.0800 0x1178 klwfp - ok
21:23:19.0804 0x1178 [ 91234D71CEED29F2DBA16942CABDCA4F, 5D71BAC86C33BC77EEBF1ECB8F372DFE631991E4C5F36EAF0C8C957150BD6D52 ] Klwtp C:\WINDOWS\system32\DRIVERS\klwtp.sys
21:23:19.0811 0x1178 Klwtp - ok
21:23:19.0816 0x1178 [ 1686DE8288052316EFDD49EEA8929065, AD43D6ACCD8693BD76F218E1A4EE088BA061C1309A3E7DAA7EC94D875985D895 ] kneps C:\WINDOWS\system32\DRIVERS\kneps.sys
21:23:19.0824 0x1178 kneps - ok
21:23:19.0832 0x1178 KSecDD - ok
21:23:19.0834 0x1178 KSecPkg - ok
21:23:19.0837 0x1178 ksthunk - ok
21:23:19.0839 0x1178 KtmRm - ok
21:23:19.0842 0x1178 LanmanServer - ok
21:23:19.0844 0x1178 LanmanWorkstation - ok
21:23:19.0848 0x1178 lfsvc - ok
21:23:19.0849 0x1178 LicenseManager - ok
21:23:19.0852 0x1178 lltdio - ok
21:23:19.0854 0x1178 lltdsvc - ok
21:23:19.0857 0x1178 [ 4ACC60B4CBC911F3F34A1D66213BBBF5, C09A87ACAE0D41FD425BAF076FFE9B601DB89BB66199E5BD72FC59C6A8E449DB ] LMDriver C:\WINDOWS\System32\drivers\LMDriver.sys
21:23:19.0861 0x1178 LMDriver - ok
21:23:19.0864 0x1178 lmhosts - ok
21:23:19.0873 0x1178 [ D6BF6FD055BD719F3D62E51B90857159, A7777D18E404164B4DA531AD94D2A712D9CC6A9288795B7388037752A558E96F ] LMIGuardianSvc C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
21:23:19.0883 0x1178 LMIGuardianSvc - ok
21:23:19.0893 0x1178 [ A7D2A96187E5C5F4F7650900A15788AA, F131C3E8206A89A9244ECF2507F4FC1A8550E594A58F75338939A54C973078AF ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
21:23:19.0903 0x1178 LMS - ok
21:23:19.0913 0x1178 [ 5059A4211317A8272F53B6179BB6A631, A2EB1BE89520A34597373635503A751B37B8EFD95820B4CAA1CE9A68A471AF73 ] LMSvc C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
21:23:19.0924 0x1178 LMSvc - ok
21:23:19.0928 0x1178 LSI_SAS - ok
21:23:19.0931 0x1178 LSI_SAS2i - ok
21:23:19.0933 0x1178 LSI_SAS3i - ok
21:23:19.0935 0x1178 LSI_SSS - ok
21:23:19.0937 0x1178 LSM - ok
21:23:19.0939 0x1178 luafv - ok
21:23:19.0941 0x1178 MapsBroker - ok
21:23:19.0945 0x1178 [ 78BFF5425E044086E74E78650A359FBB, 294738C10F3ED933D4EC40EA0659372FCF19A3C6D45D356917438CA495F2CB45 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
21:23:19.0951 0x1178 MBAMProtector - ok
21:23:19.0977 0x1178 [ 9611577752E293259C7DCE19E9026362, 8CB5DFD63FA15603BB6FA6B501E09ED7F4DE0E8F68CB28B78CECAC3711BEFD24 ] MBAMScheduler C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
21:23:20.0004 0x1178 MBAMScheduler - ok
21:23:20.0025 0x1178 [ F1A89A34388B5626F1548D393B23ECB1, EA00AC76C4C8C9340753B58A3313C9177A9B98F9F1BDE08F184CD0F53D0C186F ] MBAMService C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
21:23:20.0047 0x1178 MBAMService - ok
21:23:20.0054 0x1178 [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
21:23:20.0061 0x1178 MBAMSwissArmy - ok
21:23:20.0065 0x1178 [ 898415AC0B5F1D2A9A48ABCB68A6DC4B, E1FD9AE5E22E3E5A18288E66A6184E92A4B63A1274DCE147A7728BB09C6A225E ] MBAMWebAccessControl C:\WINDOWS\system32\drivers\mwac.sys
21:23:20.0070 0x1178 MBAMWebAccessControl - ok
21:23:20.0073 0x1178 megasas - ok
21:23:20.0075 0x1178 megasr - ok
21:23:20.0080 0x1178 [ AFEA4FAABCE6F0C299E9231FF4F466BE, BCF0C50F02C4AC2784139935F3756F5C4D24FCAF07ACD9567B87991A9D1F16DB ] MEIx64 C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys
21:23:20.0086 0x1178 MEIx64 - ok
21:23:20.0088 0x1178 MessagingService - ok
21:23:20.0115 0x1178 mlx4_bus - ok
21:23:20.0117 0x1178 MMCSS - ok
21:23:20.0119 0x1178 Modem - ok
21:23:20.0121 0x1178 monitor - ok
21:23:20.0123 0x1178 mouclass - ok
21:23:20.0126 0x1178 mouhid - ok
21:23:20.0128 0x1178 mountmgr - ok
21:23:20.0131 0x1178 mpsdrv - ok
21:23:20.0133 0x1178 MpsSvc - ok
21:23:20.0135 0x1178 MRxDAV - ok
21:23:20.0137 0x1178 mrxsmb - ok
21:23:20.0139 0x1178 mrxsmb10 - ok
21:23:20.0141 0x1178 mrxsmb20 - ok
21:23:20.0144 0x1178 MsBridge - ok
21:23:20.0146 0x1178 MSDTC - ok
21:23:20.0150 0x1178 Msfs - ok
21:23:20.0152 0x1178 msgpiowin32 - ok
21:23:20.0154 0x1178 mshidkmdf - ok
21:23:20.0156 0x1178 mshidumdf - ok
21:23:20.0158 0x1178 msisadrv - ok
21:23:20.0161 0x1178 MSiSCSI - ok
21:23:20.0163 0x1178 msiserver - ok
21:23:20.0165 0x1178 MSKSSRV - ok
21:23:20.0168 0x1178 MsLldp - ok
21:23:20.0170 0x1178 MSPCLOCK - ok
21:23:20.0172 0x1178 MSPQM - ok
21:23:20.0174 0x1178 MsRPC - ok
21:23:20.0177 0x1178 mssmbios - ok
21:23:20.0179 0x1178 MSTEE - ok
21:23:20.0182 0x1178 MTConfig - ok
21:23:20.0184 0x1178 Mup - ok
21:23:20.0186 0x1178 mvumis - ok
21:23:20.0189 0x1178 NativeWifiP - ok
21:23:20.0191 0x1178 NcaSvc - ok
21:23:20.0194 0x1178 NcbService - ok
21:23:20.0197 0x1178 NcdAutoSetup - ok
21:23:20.0199 0x1178 ndfltr - ok
21:23:20.0201 0x1178 NDIS - ok
21:23:20.0203 0x1178 NdisCap - ok
21:23:20.0206 0x1178 NdisImPlatform - ok
21:23:20.0210 0x1178 [ 93052B06C5E4F33B0A459DD3CDA0E8D4, 3A3C8D8F5D733E4E7D44DB026DDE88A1C117A9AA5275C42A5B16CE1EBE8CE908 ] ndisrd C:\WINDOWS\system32\DRIVERS\ndisrfl.sys
21:23:20.0216 0x1178 ndisrd - ok
21:23:20.0219 0x1178 NdisTapi - ok
21:23:20.0221 0x1178 Ndisuio - ok
21:23:20.0223 0x1178 NdisVirtualBus - ok
21:23:20.0225 0x1178 NdisWan - ok
21:23:20.0228 0x1178 ndiswanlegacy - ok
21:23:20.0230 0x1178 ndproxy - ok
21:23:20.0232 0x1178 Ndu - ok
21:23:20.0234 0x1178 NetBIOS - ok
21:23:20.0238 0x1178 NetBT - ok
21:23:20.0240 0x1178 Netlogon - ok
21:23:20.0242 0x1178 Netman - ok
21:23:20.0244 0x1178 netprofm - ok
21:23:20.0247 0x1178 NetSetupSvc - ok
21:23:20.0250 0x1178 [ 3C3FEBD9D5CA88A92B8BCA720218D0BD, 394E9A4A9003F729B22C49FB4D63EFD044DF5263782500EB9DBB09BCC4884A41 ] NetTap630 C:\WINDOWS\system32\DRIVERS\nettap630.sys
21:23:20.0257 0x1178 NetTap630 - ok
21:23:20.0262 0x1178 NetTcpPortSharing - ok
21:23:20.0266 0x1178 NgcCtnrSvc - ok
21:23:20.0268 0x1178 NgcSvc - ok
21:23:20.0271 0x1178 NlaSvc - ok
21:23:20.0273 0x1178 Npfs - ok
21:23:20.0275 0x1178 npsvctrig - ok
21:23:20.0278 0x1178 nsi - ok
21:23:20.0280 0x1178 nsiproxy - ok
21:23:20.0283 0x1178 NTFS - ok
21:23:20.0285 0x1178 Null - ok
21:23:20.0473 0x1178 [ B5F9DEF00388F66891E4808DE6974048, 11EA5FD0A92D31A9627CB211C1109E4F716CEC3AC8AD8104B5700227E2F159E7 ] nvlddmkm C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
21:23:20.0673 0x1178 nvlddmkm - ok
21:23:20.0716 0x1178 [ D2D76544A26DB7819CBDFC1F4A995B65, 528B529C21B2B9E580F15781918B302378CFAA1111F347ADE40476C484C2FA66 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
21:23:20.0748 0x1178 NvNetworkService - ok
21:23:20.0753 0x1178 nvraid - ok
21:23:20.0755 0x1178 nvstor - ok
21:23:20.0758 0x1178 [ 86893B821E35433759EBD7D21B56B42E, 4979D7F4B41AEA1CF693076D9574CE44ABE8F2584C7383510CB95EF324E70553 ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
21:23:20.0763 0x1178 NvStreamKms - ok
21:23:20.0819 0x1178 [ 6917C4B6633B3F0BFAC3DB20011126A8, EE91CCA7453F749258B9EB884D4FDD4BFC32119EB69DD62D9961642233805522 ] NvStreamNetworkSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
21:23:20.0879 0x1178 NvStreamNetworkSvc - ok
21:23:20.0922 0x1178 [ 871DF38D1C791031988AC1932D6499FF, BCE58D69BB0D785787BA684F75F75D2F23E65037CAD6A70DBA5B91508DD90256 ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
21:23:20.0965 0x1178 NvStreamSvc - ok
21:23:20.0990 0x1178 [ 1542254423FBB8BE196856CCF1BDFD7B, D820DF2D0FFAF5198C92011503E2B1E0711B147DA6D95C4538989E13C63B73F5 ] nvsvc C:\WINDOWS\system32\nvvsvc.exe
21:23:21.0019 0x1178 nvsvc - ok
21:23:21.0024 0x1178 [ 0BAF8B3DF77EFF04CC0BEA5F2C3657F9, 8E7A542E20416835F31B8648B5724446A78609C0ACC26FCC20E885CF83BE9CB2 ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
21:23:21.0030 0x1178 nvvad_WaveExtensible - ok
21:23:21.0033 0x1178 nv_agp - ok
21:23:21.0035 0x1178 OneSyncSvc - ok
21:23:21.0091 0x1178 [ 4F2ED8FB21F127DC1FA98D4CA2279E75, 96DB5DF9C55757EB2F761309036F87D8C55BAB2851FBB716A02A9248712CB13A ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
21:23:21.0124 0x1178 Origin Client Service - ok
21:23:21.0132 0x1178 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:23:21.0139 0x1178 ose - ok
21:23:21.0218 0x1178 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:23:21.0301 0x1178 osppsvc - ok
21:23:21.0308 0x1178 p2pimsvc - ok
21:23:21.0310 0x1178 p2psvc - ok
21:23:21.0312 0x1178 Parport - ok
21:23:21.0315 0x1178 partmgr - ok
21:23:21.0317 0x1178 PcaSvc - ok
21:23:21.0319 0x1178 pci - ok
21:23:21.0321 0x1178 pciide - ok
21:23:21.0323 0x1178 pcmcia - ok
21:23:21.0326 0x1178 pcw - ok
21:23:21.0328 0x1178 pdc - ok
21:23:21.0331 0x1178 PEAUTH - ok
21:23:21.0333 0x1178 percsas2i - ok
21:23:21.0335 0x1178 percsas3i - ok
21:23:21.0364 0x1178 PerfHost - ok
21:23:21.0370 0x1178 PhoneSvc - ok
21:23:21.0372 0x1178 PimIndexMaintenanceSvc - ok
21:23:21.0401 0x1178 pla - ok
21:23:21.0403 0x1178 PlugPlay - ok
21:23:21.0406 0x1178 PNRPAutoReg - ok
21:23:21.0408 0x1178 PNRPsvc - ok
21:23:21.0411 0x1178 PolicyAgent - ok
21:23:21.0414 0x1178 Power - ok
21:23:21.0416 0x1178 PptpMiniport - ok
21:23:21.0479 0x1178 [ 959F94AD1255BC749884EDDD14EC29C4, 2CD6DA9778EA36FA0B4080F6DB1C634712238E014E47546403CD3CDB35A1DCA8 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
21:23:21.0567 0x1178 PrintNotify - ok
21:23:21.0572 0x1178 Processor - ok
21:23:21.0574 0x1178 ProfSvc - ok
21:23:21.0577 0x1178 Psched - ok
21:23:21.0587 0x1178 [ 2ACAB8C99FFCB2555A5979944D26EB50, BA0543FEBFCB50A7A379D695F110DB0C6CB5AA299D3C517FE270635044F00BFA ] QASvc C:\Program Files\Acer\Acer Quick Access\QASvc.exe
21:23:21.0598 0x1178 QASvc - ok
21:23:21.0602 0x1178 QWAVE - ok
21:23:21.0604 0x1178 QWAVEdrv - ok
21:23:21.0607 0x1178 [ 6A52182919E25FB56D253D389F92CE98, AE6497D5CF324CB813248ADECB0F53E5CB3D6C326774E2257319E4CE7782C591 ] RadioShim C:\WINDOWS\System32\drivers\RadioShim.sys
21:23:21.0611 0x1178 RadioShim - ok
21:23:21.0614 0x1178 RasAcd - ok
21:23:21.0616 0x1178 RasAgileVpn - ok
21:23:21.0619 0x1178 RasAuto - ok
21:23:21.0621 0x1178 Rasl2tp - ok
21:23:21.0623 0x1178 RasMan - ok
21:23:21.0626 0x1178 RasPppoe - ok
21:23:21.0628 0x1178 RasSstp - ok
21:23:21.0630 0x1178 rdbss - ok
21:23:21.0633 0x1178 rdpbus - ok
21:23:21.0635 0x1178 RDPDR - ok
21:23:21.0638 0x1178 RdpVideoMiniport - ok
21:23:21.0641 0x1178 rdyboost - ok
21:23:21.0643 0x1178 ReFSv1 - ok
21:23:21.0646 0x1178 RemoteAccess - ok
21:23:21.0648 0x1178 RemoteRegistry - ok
21:23:21.0651 0x1178 RetailDemo - ok
21:23:21.0653 0x1178 RFCOMM - ok
21:23:21.0662 0x1178 [ 41DDCF1ADD1FB7DE23DCF671740DDBE6, 87ECB5C883CEFF76D126A5B4D92E069C9298FA5B62CC981870F9ECCA13C074F1 ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
21:23:21.0669 0x1178 RichVideo - ok
21:23:21.0679 0x1178 [ 858DB87C457D2B44DDEF876B170AAACE, E59D06DCBD94573A89D98B58C46A3DA0AD115831D2A0FBD2F7940A6694504A28 ] RMSvc C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
21:23:21.0690 0x1178 RMSvc - ok
21:23:21.0698 0x1178 RpcEptMapper - ok
21:23:21.0700 0x1178 RpcLocator - ok
21:23:21.0702 0x1178 RpcSs - ok
21:23:21.0704 0x1178 rspndr - ok
21:23:21.0714 0x1178 [ 3940780911A7BD1793B7CEEC9E4429C2, 539511D26D2EE348F80D9EFA414FD731983B14D8218E498217E7A0A0E439E41C ] RTSUER C:\WINDOWS\system32\Drivers\RtsUer.sys
21:23:21.0730 0x1178 RTSUER - ok
21:23:21.0733 0x1178 s3cap - ok
21:23:21.0735 0x1178 SamSs - ok
21:23:21.0737 0x1178 sbp2port - ok
21:23:21.0740 0x1178 SCardSvr - ok
21:23:21.0741 0x1178 ScDeviceEnum - ok
21:23:21.0744 0x1178 scfilter - ok
21:23:21.0746 0x1178 Schedule - ok
21:23:21.0749 0x1178 SCPolicySvc - ok
21:23:21.0751 0x1178 sdbus - ok
21:23:21.0753 0x1178 SDRSVC - ok
21:23:21.0755 0x1178 sdstor - ok
21:23:21.0757 0x1178 seclogon - ok
21:23:21.0760 0x1178 SENS - ok
21:23:21.0763 0x1178 SensorDataService - ok
21:23:21.0765 0x1178 SensorService - ok
21:23:21.0767 0x1178 SensrSvc - ok
21:23:21.0770 0x1178 SerCx - ok
21:23:21.0773 0x1178 SerCx2 - ok
21:23:21.0775 0x1178 Serenum - ok
21:23:21.0778 0x1178 Serial - ok
21:23:21.0780 0x1178 sermouse - ok
21:23:21.0785 0x1178 SessionEnv - ok
21:23:21.0788 0x1178 sfloppy - ok
21:23:21.0790 0x1178 SharedAccess - ok
21:23:21.0795 0x1178 ShellHWDetection - ok
21:23:21.0797 0x1178 SiSRaid2 - ok
21:23:21.0799 0x1178 SiSRaid4 - ok
21:23:21.0807 0x1178 [ 3E98CE04689597C76B3EF4D3D0323836, F7FFF675066281190C236F2995EB003A1779231E5164EEE6BEE334A4240B1DF9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
21:23:21.0817 0x1178 SkypeUpdate - ok
21:23:21.0820 0x1178 smphost - ok
21:23:21.0823 0x1178 SmsRouter - ok
21:23:21.0828 0x1178 SNMPTRAP - ok
21:23:21.0831 0x1178 [ 4945020BC094C322571184A6E8056B3A, 9E09257411F7C3631537D0198E0E64CDD1A697D80430F6379139B15A2BA8A6C9 ] SolidWorks Licensing Service C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe
21:23:21.0835 0x1178 SolidWorks Licensing Service - detected UnsignedFile.Multi.Generic ( 1 )
21:23:27.0788 0x6ddc Object required for P2P: [ 3E98CE04689597C76B3EF4D3D0323836 ] SkypeUpdate
21:23:27.0886 0x1178 Detect skipped due to KSN trusted
21:23:27.0886 0x1178 SolidWorks Licensing Service - ok
21:23:27.0889 0x1178 spaceport - ok
21:23:27.0891 0x1178 SpbCx - ok
21:23:27.0894 0x1178 Spooler - ok
21:23:27.0896 0x1178 sppsvc - ok
21:23:27.0899 0x1178 srv - ok
21:23:27.0902 0x1178 srv2 - ok
21:23:27.0904 0x1178 srvnet - ok
21:23:27.0906 0x1178 SSDPSRV - ok
21:23:27.0911 0x1178 SstpSvc - ok
21:23:27.0914 0x1178 StateRepository - ok
21:23:27.0916 0x1178 stexstor - ok
21:23:27.0919 0x1178 [ 2834415C4EDD6CE35CB3CFEC50E08469, 28426616C709457DF38B5E2B4B9666C1255B81D2097589A95AAABD1BFACD302A ] StillCam C:\WINDOWS\system32\DRIVERS\serscan.sys
21:23:27.0929 0x64f8 Object required for P2P: [ 86893B821E35433759EBD7D21B56B42E ] NvStreamKms
21:23:27.0929 0x1178 StillCam - ok
21:23:27.0932 0x1178 stisvc - ok
21:23:27.0934 0x1178 storahci - ok
21:23:27.0937 0x1178 storflt - ok
21:23:27.0939 0x1178 stornvme - ok
21:23:27.0942 0x1178 storqosflt - ok
21:23:27.0944 0x1178 StorSvc - ok
21:23:27.0946 0x1178 storufs - ok
21:23:27.0949 0x1178 storvsc - ok
21:23:27.0951 0x1178 svsvc - ok
21:23:27.0953 0x1178 swenum - ok
21:23:27.0955 0x1178 swprv - ok
21:23:27.0957 0x1178 Synth3dVsc - ok
21:23:27.0960 0x1178 SysMain - ok
21:23:27.0962 0x1178 SystemEventsBroker - ok
21:23:27.0965 0x1178 TabletInputService - ok
21:23:27.0967 0x1178 TapiSrv - ok
21:23:27.0969 0x1178 Tcpip - ok
21:23:27.0971 0x1178 Tcpip6 - ok
21:23:27.0974 0x1178 tcpipreg - ok
21:23:27.0978 0x1178 tdx - ok
21:23:27.0980 0x1178 terminpt - ok
21:23:27.0983 0x1178 TermService - ok
21:23:27.0985 0x1178 Themes - ok
21:23:27.0987 0x1178 TieringEngineService - ok
21:23:27.0990 0x1178 tiledatamodelsvc - ok
21:23:27.0992 0x1178 TimeBroker - ok
21:23:27.0996 0x1178 TPM - ok
21:23:27.0998 0x1178 TrkWks - ok
21:23:28.0000 0x1178 TrustedInstaller - ok
21:23:28.0003 0x1178 tsusbflt - ok
21:23:28.0005 0x1178 TsUsbGD - ok
21:23:28.0008 0x1178 tunnel - ok
21:23:28.0010 0x1178 tzautoupdate - ok
21:23:28.0012 0x1178 uagp35 - ok
21:23:28.0015 0x1178 UASPStor - ok
21:23:28.0017 0x1178 UcmCx0101 - ok
21:23:28.0019 0x1178 UcmUcsi - ok
21:23:28.0021 0x1178 Ucx01000 - ok
21:23:28.0023 0x1178 UdeCx - ok
21:23:28.0025 0x1178 udfs - ok
21:23:28.0028 0x1178 UEFI - ok
21:23:28.0035 0x1178 [ EE33325429532937D51AC3F54DC93589, D861B541E42F41EDC69A2A3B44860E40164D797D11B4343495DE6281D33F718C ] UEIPSvc C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
21:23:28.0043 0x1178 UEIPSvc - ok
21:23:28.0045 0x1178 Ufx01000 - ok
21:23:28.0048 0x1178 UfxChipidea - ok
21:23:28.0050 0x1178 ufxsynopsys - ok
21:23:28.0055 0x1178 UI0Detect - ok
21:23:28.0057 0x1178 uliagpkx - ok
21:23:28.0060 0x1178 umbus - ok
21:23:28.0062 0x1178 UmPass - ok
21:23:28.0065 0x1178 UmRdpService - ok
21:23:28.0068 0x1178 UnistoreSvc - ok
21:23:28.0096 0x1178 upnphost - ok
21:23:28.0099 0x1178 UrsChipidea - ok
21:23:28.0101 0x1178 UrsCx01000 - ok
21:23:28.0105 0x1178 UrsSynopsys - ok
21:23:28.0106 0x1178 usbaudio - ok
21:23:28.0108 0x1178 usbccgp - ok
21:23:28.0111 0x1178 usbcir - ok
21:23:28.0113 0x1178 usbehci - ok
21:23:28.0115 0x1178 usbhub - ok
21:23:28.0118 0x1178 USBHUB3 - ok
21:23:28.0120 0x1178 usbohci - ok
21:23:28.0122 0x1178 usbprint - ok
21:23:28.0125 0x1178 [ D67B6A4A6FB99D29444C2DBA2B636799, 62BC778D60593B2AB0DA13C4DB3EA5971895AE09DA06E8AB2D03973C940C890C ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
21:23:28.0135 0x1178 usbscan - ok
21:23:28.0138 0x1178 usbser - ok
21:23:28.0140 0x1178 USBSTOR - ok
21:23:28.0145 0x1178 [ C44D96B1CDDE705B23F55AB423CCA73D, AB9842E90DD3D686E66BDBE043EB0068272B611D6F63C818EB9D1B6FE2FE23BD ] USBTINSP C:\WINDOWS\System32\drivers\tinspusb.sys
21:23:28.0154 0x1178 USBTINSP - ok
21:23:28.0157 0x1178 usbuhci - ok
21:23:28.0159 0x1178 usbvideo - ok
21:23:28.0162 0x1178 USBXHCI - ok
21:23:28.0164 0x1178 UserDataSvc - ok
21:23:28.0192 0x1178 UserManager - ok
21:23:28.0194 0x1178 UsoSvc - ok
21:23:28.0197 0x1178 VaultSvc - ok
21:23:28.0199 0x1178 vdrvroot - ok
21:23:28.0201 0x1178 vds - ok
21:23:28.0204 0x1178 VerifierExt - ok
21:23:28.0206 0x1178 vhdmp - ok
21:23:28.0209 0x1178 vhf - ok
21:23:28.0212 0x1178 vmbus - ok
21:23:28.0214 0x1178 VMBusHID - ok
21:23:28.0217 0x1178 vmicguestinterface - ok
21:23:28.0219 0x1178 vmicheartbeat - ok
21:23:28.0221 0x1178 vmickvpexchange - ok
21:23:28.0223 0x1178 vmicrdv - ok
21:23:28.0226 0x1178 vmicshutdown - ok
21:23:28.0229 0x1178 vmictimesync - ok
21:23:28.0231 0x1178 vmicvmsession - ok
21:23:28.0233 0x1178 vmicvss - ok
21:23:28.0235 0x1178 volmgr - ok
21:23:28.0237 0x1178 volmgrx - ok
21:23:28.0240 0x1178 volsnap - ok
21:23:28.0242 0x1178 vpci - ok
21:23:28.0245 0x1178 vsmraid - ok
21:23:28.0247 0x1178 VSS - ok
21:23:28.0256 0x1178 [ 79F4D90FAA0ACC1866F2F3E03E39CA89, EE08BCBF29A7E4AFFF520B8DF067281425F433EC275F8C86CE8F20F000E92E3D ] vssbrigde64 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe
21:23:28.0263 0x1178 vssbrigde64 - ok
21:23:28.0265 0x1178 VSTXRAID - ok
21:23:28.0268 0x1178 vwifibus - ok
21:23:28.0271 0x1178 vwififlt - ok
21:23:28.0273 0x1178 vwifimp - ok
21:23:28.0276 0x1178 W32Time - ok
21:23:28.0278 0x1178 WacomPen - ok
21:23:28.0281 0x1178 WalletService - ok
21:23:28.0283 0x1178 wanarp - ok
21:23:28.0285 0x1178 wanarpv6 - ok
21:23:28.0288 0x1178 wbengine - ok
21:23:28.0290 0x1178 WbioSrvc - ok
21:23:28.0293 0x1178 Wcmsvc - ok
21:23:28.0296 0x1178 wcncsvc - ok
21:23:28.0298 0x1178 WcsPlugInService - ok
21:23:28.0300 0x1178 WdBoot - ok
21:23:28.0303 0x1178 Wdf01000 - ok
21:23:28.0305 0x1178 WdFilter - ok
21:23:28.0307 0x1178 WdiServiceHost - ok
21:23:28.0310 0x1178 WdiSystemHost - ok
21:23:28.0313 0x1178 wdiwifi - ok
21:23:28.0315 0x1178 WdNisDrv - ok
21:23:28.0317 0x1178 WdNisSvc - ok
21:23:28.0320 0x1178 WebClient - ok
21:23:28.0322 0x1178 Wecsvc - ok
21:23:28.0325 0x1178 WEPHOSTSVC - ok
21:23:28.0327 0x1178 wercplsupport - ok
21:23:28.0330 0x1178 WerSvc - ok
21:23:28.0332 0x1178 WFPLWFS - ok
21:23:28.0334 0x1178 WiaRpc - ok
21:23:28.0337 0x1178 WIMMount - ok
21:23:28.0338 0x1178 WinDefend - ok
21:23:28.0344 0x1178 WindowsTrustedRT - ok
21:23:28.0346 0x1178 WindowsTrustedRTProxy - ok
21:23:28.0349 0x1178 WinHttpAutoProxySvc - ok
21:23:28.0351 0x1178 WinMad - ok
21:23:28.0356 0x1178 Winmgmt - ok
21:23:28.0359 0x1178 WinRM - ok
21:23:28.0364 0x1178 WINUSB - ok
21:23:28.0365 0x1178 WinVerbs - ok
21:23:28.0369 0x1178 WlanSvc - ok
21:23:28.0371 0x1178 wlidsvc - ok
21:23:28.0373 0x1178 WmiAcpi - ok
21:23:28.0377 0x1178 wmiApSrv - ok
21:23:28.0379 0x1178 WMPNetworkSvc - ok
21:23:28.0386 0x1178 [ 2A9650FCC696DB28E45EA8B33B99B8E6, FBEBC6C05D50F578C6EEE0A7285EBE1DEADB08DD21FA3232630FD8D5A68FC3FB ] Wof C:\WINDOWS\system32\drivers\Wof.sys
21:23:28.0398 0x1178 Wof - ok
21:23:28.0402 0x1178 workfolderssvc - ok
21:23:28.0404 0x1178 wpcfltr - ok
21:23:28.0407 0x1178 WPDBusEnum - ok
21:23:28.0410 0x1178 WpdUpFltr - ok
21:23:28.0412 0x1178 WpnService - ok
21:23:28.0415 0x1178 ws2ifsl - ok
21:23:28.0417 0x1178 wscsvc - ok
21:23:28.0420 0x1178 WSDPrintDevice - ok
21:23:28.0422 0x1178 WSDScan - ok
21:23:28.0424 0x1178 WSearch - ok
21:23:28.0428 0x1178 WSService - ok
21:23:28.0430 0x1178 wuauserv - ok
21:23:28.0432 0x1178 WudfPf - ok
21:23:28.0435 0x1178 WUDFRd - ok
21:23:28.0437 0x1178 wudfsvc - ok
21:23:28.0440 0x1178 WUDFWpdFs - ok
21:23:28.0442 0x1178 WUDFWpdMtp - ok
21:23:28.0445 0x1178 WwanSvc - ok
21:23:28.0448 0x1178 XblAuthManager - ok
21:23:28.0450 0x1178 XblGameSave - ok
21:23:28.0453 0x1178 xboxgip - ok
21:23:28.0455 0x1178 XboxNetApiSvc - ok
21:23:28.0458 0x1178 xinputhid - ok
21:23:28.0459 0x1178 ================ Scan global ===============================
21:23:28.0469 0x1178 [ Global ] - ok
21:23:28.0469 0x1178 ================ Scan MBR ==================================
21:23:28.0470 0x1178 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
21:23:28.0493 0x1178 \Device\Harddisk0\DR0 - ok
21:23:28.0494 0x1178 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
21:23:29.0027 0x1178 \Device\Harddisk1\DR1 - ok
21:23:29.0028 0x1178 ================ Scan VBR ==================================
21:23:29.0030 0x1178 [ 03D548E55A681A951986B9218CE2C7EC ] \Device\Harddisk0\DR0\Partition1
21:23:29.0032 0x1178 \Device\Harddisk0\DR0\Partition1 - ok
21:23:29.0034 0x1178 [ 75CC1B2347FB75DDBD30DD61C221A0E1 ] \Device\Harddisk0\DR0\Partition2
21:23:29.0035 0x1178 \Device\Harddisk0\DR0\Partition2 - ok
21:23:29.0037 0x1178 [ 2B97C6ED32253AE89C72F74EC2CA498B ] \Device\Harddisk0\DR0\Partition3
21:23:29.0037 0x1178 \Device\Harddisk0\DR0\Partition3 - ok
21:23:29.0039 0x1178 [ 7C0387306F082AD8C008C2CD00552A11 ] \Device\Harddisk0\DR0\Partition4
21:23:29.0040 0x1178 \Device\Harddisk0\DR0\Partition4 - ok
21:23:29.0041 0x1178 [ EDE91A49EBC5D72C12753712040D1345 ] \Device\Harddisk0\DR0\Partition5
21:23:29.0043 0x1178 \Device\Harddisk0\DR0\Partition5 - ok
21:23:29.0047 0x1178 [ F3E3A02FEC0984A5853C66D3D2572675 ] \Device\Harddisk1\DR1\Partition1
21:23:29.0163 0x1178 \Device\Harddisk1\DR1\Partition1 - ok
21:23:29.0206 0x1178 [ FC6D43828A88492B87AF4E883C883CD6 ] \Device\Harddisk1\DR1\Partition2
21:23:29.0226 0x1178 \Device\Harddisk1\DR1\Partition2 - ok
21:23:29.0226 0x1178 ================ Scan generic autorun ======================
21:23:29.0426 0x1178 [ 92894CE1B4DBBB9BB55EA0A1E6E7DF99, 06E575611BEF01D75789DD92AFE33A6CE9BA18831AD97E7C096BE6C2B0BFE64A ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
21:23:29.0662 0x1178 RtHDVCpl - ok
21:23:29.0696 0x1178 [ 01F0FC06366F80BF8964708042E0D9F5, 7DEA61576AC17C902B6041EE168BEF2AF2A43401829D2FF7E19747ED8D43B16D ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
21:23:29.0725 0x1178 RtHDVBg_Dolby - ok
21:23:29.0763 0x1178 [ 8792B098E4B72A53ACC14FCD7DB4261A, B70273E2CCDB120C1B4F80E49DC7EFF574E2E0BB80E4B5C8D2383CD21DBBE34D ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
21:23:29.0810 0x1178 NvBackend - ok
21:23:29.0813 0x1178 ShadowPlay - ok
21:23:29.0816 0x1178 [ 9B60E29C094772FAAAA3D0C95C582A7A, E1654FD77F74C801A48CED2627660FDE3D3701E9994B43EC0DEBE063516D3F06 ] C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
21:23:29.0818 0x1178 Suspicious file ( Forged ): C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe. Real md5: 9B60E29C094772FAAAA3D0C95C582A7A, sha256: E1654FD77F74C801A48CED2627660FDE3D3701E9994B43EC0DEBE063516D3F06, fake md5: 1B9F7D3F5BFBF0415C6244E06587D301, fake sha256: E187B63D2D0ABCAD533F5B54F3F44368429297CA2B8BAB8D3ED7CC40F28170D6
21:23:29.0818 0x1178 BacKGround Agent - detected ForgedFile.Multi.Generic ( 1 )
21:23:35.0740 0x1178 BacKGround Agent ( ForgedFile.Multi.Generic ) - warning
21:23:35.0856 0x64f8 Object send P2P result: true
21:23:35.0856 0x64f8 Object required for P2P: [ 6917C4B6633B3F0BFAC3DB20011126A8 ] NvStreamNetworkSvc
21:23:35.0883 0x6ddc Object send P2P result: true
21:23:43.0704 0x1178 [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
21:23:43.0710 0x1178 HP Software Update - ok
21:23:43.0738 0x1178 OneDriveSetup - ok
21:23:43.0739 0x1178 OneDriveSetup - ok
21:23:43.0740 0x1178 AcerCloud - ok
21:23:43.0794 0x64f8 Object send P2P result: true
21:23:43.0795 0x64f8 Object required for P2P: [ 1542254423FBB8BE196856CCF1BDFD7B ] nvsvc
21:23:43.0797 0x1178 [ 501E808B5832505C51F539874E586353, 2F0C36BBB52052DD86E31BD7E0D3B7DD3BB7CF84E212900518E9CBE0C935DC43 ] C:\Program Files\HP\HP Officejet Pro 8620\Bin\ScanToPCActivationApp.exe
21:23:43.0863 0x1178 HP Officejet Pro 8620 (NET) - ok
21:23:43.0920 0x1178 [ 501E808B5832505C51F539874E586353, 2F0C36BBB52052DD86E31BD7E0D3B7DD3BB7CF84E212900518E9CBE0C935DC43 ] C:\Program Files\HP\HP Officejet Pro 8620\Bin\ScanToPCActivationApp.exe
21:23:43.0976 0x1178 HP Officejet Pro 8620 (NET) #2 - ok
21:23:44.0006 0x1178 [ 8E3A4D64A060C5CAA90F3B0C15A7DFE9, 62CEE1449AF368A5FA16DDF9690526965C32979564CF66BD8B3BB534110A910C ] C:\Users\19luigi96\AppData\Roaming\Spotify\SpotifyWebHelper.exe
21:23:44.0033 0x1178 Spotify Web Helper - ok
21:23:44.0185 0x1178 [ E93D62A6DB736AA82A3EEDDFDFE73311, 96EC57F66EE1A36580536518A814299DE6D5DACC0026F5A659B41918434ED8FA ] C:\Program Files\CCleaner\CCleaner64.exe
21:23:44.0340 0x1178 CCleaner Monitoring - ok
21:23:44.0352 0x1178 Uninstall C:\Users\19luigi96\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64 - ok
21:23:44.0353 0x1178 OneDriveSetup - ok
21:23:44.0354 0x1178 WAB Migrate - ok
21:23:44.0355 0x1178 Waiting for KSN requests completion. In queue: 14
21:23:45.0355 0x1178 Waiting for KSN requests completion. In queue: 14
21:23:46.0355 0x1178 Waiting for KSN requests completion. In queue: 14
21:23:47.0356 0x1178 Waiting for KSN requests completion. In queue: 14
21:23:48.0356 0x1178 Waiting for KSN requests completion. In queue: 14
21:23:49.0357 0x1178 Waiting for KSN requests completion. In queue: 14
21:23:50.0357 0x1178 Waiting for KSN requests completion. In queue: 14
21:23:51.0357 0x1178 Waiting for KSN requests completion. In queue: 14
21:23:51.0764 0x6f2c Object required for P2P: [ 8E3A4D64A060C5CAA90F3B0C15A7DFE9 ] C:\Users\19luigi96\AppData\Roaming\Spotify\SpotifyWebHelper.exe
21:23:51.0889 0x64f8 Object send P2P result: true
21:23:52.0357 0x1178 Waiting for KSN requests completion. In queue: 2
21:23:53.0357 0x1178 Waiting for KSN requests completion. In queue: 2
21:23:54.0358 0x1178 Waiting for KSN requests completion. In queue: 2
21:23:55.0358 0x1178 Waiting for KSN requests completion. In queue: 2
21:23:56.0358 0x1178 Waiting for KSN requests completion. In queue: 2
21:23:57.0358 0x1178 Waiting for KSN requests completion. In queue: 2
21:23:58.0358 0x1178 Waiting for KSN requests completion. In queue: 2
21:23:59.0359 0x1178 Waiting for KSN requests completion. In queue: 2
21:23:59.0823 0x6f2c Object send P2P result: true
21:23:59.0823 0x6f2c Object required for P2P: [ E93D62A6DB736AA82A3EEDDFDFE73311 ] C:\Program Files\CCleaner\CCleaner64.exe
21:24:00.0359 0x1178 Waiting for KSN requests completion. In queue: 1
21:24:01.0359 0x1178 Waiting for KSN requests completion. In queue: 1
21:24:02.0360 0x1178 Waiting for KSN requests completion. In queue: 1
21:24:03.0360 0x1178 Waiting for KSN requests completion. In queue: 1
21:24:04.0360 0x1178 Waiting for KSN requests completion. In queue: 1
21:24:05.0360 0x1178 Waiting for KSN requests completion. In queue: 1
21:24:06.0361 0x1178 Waiting for KSN requests completion. In queue: 1
21:24:07.0361 0x1178 Waiting for KSN requests completion. In queue: 1
21:24:07.0926 0x6f2c Object send P2P result: true
21:24:08.0396 0x1178 AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\wmiav.exe ( 16.0.0.614 ), 0x41000 ( enabled : updated )
21:24:08.0399 0x1178 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.9.10586.0 ), 0x60100 ( disabled : updated )
21:24:08.0400 0x1178 FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\wmiav.exe ( 16.0.0.614 ), 0x41010 ( enabled )
21:24:16.0376 0x1178 ============================================================
21:24:16.0376 0x1178 Scan finished
21:24:16.0376 0x1178 ============================================================
21:24:16.0382 0x4b10 Detected object count: 2
21:24:16.0382 0x4b10 Actual detected object count: 2
21:24:44.0932 0x4b10 DraftSight API Service ( UnsignedFile.Multi.Generic ) - skipped by user
21:24:44.0933 0x4b10 DraftSight API Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:24:44.0933 0x4b10 BacKGround Agent ( ForgedFile.Multi.Generic ) - skipped by user
21:24:44.0933 0x4b10 BacKGround Agent ( ForgedFile.Multi.Generic ) - User select action: Skip
21:24:55.0917 0x5bbc Deinitialize success
Das war alles
LG und Danke! |
So funktioniert es:
FRST 32-Bit | FRST 64-Bit
TDSSKiller.exe und speichere diese Datei auf dem Desktop