Zip-datei DirectPay

Rose1982 · 02.06.2016, 20:23

Hi! Hab leider eine Email von DirectPay bekommen, hab auch die Datei runtergeladen, konnte die Zip-Datei allerdings nicht öffen, hab immer Fehlermeldungen erhalten. Hab aber trotzdem das FRST runtergeladen. Habe Angst, dass ich mir trotzdem einen Trojaner eingefangen habe. Könnte sich das bitte jemand anschauen? Vielen Dank im Voraus.

FRST Logfile:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:01-06-2016
durchgeführt von Nina (Administrator) auf LAPTOP-U1BDH09N (02-06-2016 20:49:28)
Gestartet von C:\Users\Nina\Downloads
Geladene Profile: Nina (Verfügbare Profile: Nina)
Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Zhuhai Kingsoft Office Software Co.,Ltd) C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5113\wtoolex\wpsupdatesvr.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Online Games Manager\ogmservice.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
(Amazon Inc.) C:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonService64.Exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
() C:\Program Files\AVAST Software\SecureLine\vpnsvc.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.9.741.0\McCSPServiceHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
() C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(SweetLabs, Inc) C:\Users\Nina\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
() C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
() C:\OEM\Preload\FubTracking\FubTracking.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(AVAST Software) C:\Program Files\AVAST Software\SecureLine\secureline.exe
() C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McUICnt.exe
(the VideoLAN Team) C:\Users\Nina\AppData\Local\Temp\D959.tmp
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(acer) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\Core\mchost.exe
(McAfee, Inc.) C:\Program Files\mcafee\virusscan\mcods.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\Core\mchost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13876952 2015-04-13] (Realtek Semiconductor)
HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [91488 2015-11-23] ()
HKLM-x32\...\Run: [isa] => C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [330240 2015-02-26] ()
HKU\S-1-5-21-2042935925-1608211190-3008143175-1001\...\Run: [AcerPortal] => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2740440 2016-04-20] (Acer)
HKU\S-1-5-21-2042935925-1608211190-3008143175-1001\...\Run: [eia232-89] => C:\ProgramData\eia232-80\eia232-29.exe [656896 2016-06-02] (the VideoLAN Team)
HKU\S-1-5-21-2042935925-1608211190-3008143175-1001\...\RunOnce: [gaasfet-20] => C:\Users\Nina\AppData\Roaming\gaasfet-98\gaasfet-2.exe [495104 2016-06-02] ()
HKU\S-1-5-21-2042935925-1608211190-3008143175-1001\...\Winlogon: [Shell] C:\ProgramData\lithium-7\lithium-81.exe -43,explorer.exe <==== ACHTUNG
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-04-20] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-04-20] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-04-20] (Acer Incorporated)
Startup: C:\Users\Nina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\centroid-7.lnk [2016-06-02]
ShortcutTarget: centroid-7.lnk -> C:\Users\Nina\AppData\Roaming\centroid-61\centroid-81.exe (XemiComputers ltd.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{32b05ac3-8cd9-4651-a343-52b1f977f102}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{bad8cf67-bb2b-4ce4-97c0-2c8d231e1097}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-2042935925-1608211190-3008143175-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage-web.com/?s=acer&m=start
HKU\S-1-5-21-2042935925-1608211190-3008143175-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer15.msn.com/?pc=ACTE
HKU\S-1-5-21-2042935925-1608211190-3008143175-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://homepage-web.com/?s=acer&m=start
SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2042935925-1608211190-3008143175-1001 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-05-15] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-05-15] (Microsoft Corporation)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-05-16] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-05-16] (McAfee, Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-15] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-15] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-15] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-15] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-05-16] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-05-16] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2016-04-28] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2016-04-28] (McAfee, Inc.)

FireFox:
========
FF ProfilePath: C:\Users\Nina\AppData\Roaming\Mozilla\Firefox\Profiles\nd8ajx4c.default
FF DefaultSearchEngine: Web Search
FF SelectedSearchEngine: Web Search
FF Homepage: hxxp://homepage-web.com/?s=acer&m=start
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2016-04-28] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll [2014-07-01] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll [2014-07-01] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2016-04-28] ()
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-05-15] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll [2016-04-17] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Nina\AppData\Roaming\Mozilla\Firefox\Profiles\nd8ajx4c.default\searchplugins\Web Search.xml [2016-01-05]
FF Extension: McAfee WebAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2016-06-02]
FF Extension: Amazon Assistant for Firefox - C:\Users\Nina\AppData\Roaming\Mozilla\Firefox\Profiles\nd8ajx4c.default\Extensions\abb@amazon.com.xpi [2015-12-16]
FF Extension: Deutsch (DE) Language Pack - C:\Users\Nina\AppData\Roaming\Mozilla\Firefox\Profiles\nd8ajx4c.default\Extensions\langpack-de@firefox.mozilla.org [2015-12-16] [ist nicht signiert]
FF Extension: PAYBACK Internet Assistent fuer Firefox - C:\Users\Nina\AppData\Roaming\Mozilla\Firefox\Profiles\nd8ajx4c.default\Extensions\toolbar-ff@payback.de.xpi [2015-12-19] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2016-06-02] [ist nicht signiert]

Chrome: 
=======
CHR HomePage: Default -> hxxp://homepage-web.com/?s=acer&m=home
CHR StartupUrls: Default -> "hxxp://homepage-web.com/?s=acer&m=start","hxxp://www.google.com/"
CHR DefaultSearchURL: Default -> hxxps://de.search.yahoo.com/search?fr=mcafee&type=C211DE662D20151220&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR Profile: C:\Users\Nina\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Nina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-20]
CHR Extension: (Google Docs) - C:\Users\Nina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-20]
CHR Extension: (Google Drive) - C:\Users\Nina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-20]
CHR Extension: (YouTube) - C:\Users\Nina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-20]
CHR Extension: (Google-Suche) - C:\Users\Nina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-20]
CHR Extension: (SiteAdvisor) - C:\Users\Nina\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2015-12-21]
CHR Extension: (Google Docs Offline) - C:\Users\Nina\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-19]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Nina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-06]
CHR Extension: (Google Mail) - C:\Users\Nina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-20]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-05-24]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-05-24]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 0238311461682514mcinstcleanup; C:\Windows\TEMP\023831~1.EXE [962400 2016-04-12] (McAfee, Inc.)
R2 Amazon 1Button App Service; c:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonService64.Exe [436032 2016-02-17] (Amazon Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [323152 2015-05-29] (Windows (R) Win 7 DDK provider)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2860760 2016-04-18] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2911472 2016-05-15] (Microsoft Corporation)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573568 2015-05-14] (Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [350064 2016-04-17] (WildTangent)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [599864 2016-04-23] (McAfee, Inc.)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [368552 2015-12-16] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [330240 2015-02-26] () [Datei ist nicht signiert]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-02-26] () [Datei ist nicht signiert]
R2 jhi_service; C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe [174368 2015-04-21] (Intel Corporation)
R2 Kingsoft_WPS_UpdateService; C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5113\wtoolex\wpsupdatesvr.exe [133480 2015-08-04] (Zhuhai Kingsoft Office Software Co.,Ltd)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [163592 2016-05-16] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [989192 2016-04-28] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [338208 2015-03-20] (McAfee, Inc.)
R2 mcbootdelaystartsvc; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [599864 2016-04-23] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.9.741.0\\McCSPServiceHost.exe [1903320 2016-04-18] (McAfee, Inc.)
S2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [599864 2016-04-23] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [599864 2016-04-23] (McAfee, Inc.)
R3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [795528 2016-04-20] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [599864 2016-04-23] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [599864 2016-04-23] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [599864 2016-04-23] (McAfee, Inc.)
S4 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232688 2016-03-07] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [382456 2016-04-01] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [277744 2016-03-07] (McAfee, Inc.)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1424352 2016-04-21] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [599864 2016-04-23] (McAfee, Inc.)
R2 ogmservice; C:\Program Files (x86)\Online Games Manager\ogmservice.exe [581568 2016-04-25] (RealNetworks, Inc.)
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1029856 2016-04-21] (Intel Security, Inc.)
R3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [398176 2015-07-09] (Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [450400 2015-07-09] (Acer Incorporated)
R2 SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [592392 2016-05-27] ()
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [247040 2015-05-27] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 athr; C:\Windows\System32\drivers\athw10x.sys [4301304 2015-05-17] (Qualcomm Atheros Communications, Inc.)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [78632 2016-03-11] (McAfee, Inc.)
R3 ETDI2C; C:\Windows\system32\DRIVERS\ETDI2C.sys [175152 2015-06-09] (ELAN Microelectronic Corp.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [207968 2016-02-24] (McAfee, Inc.)
R3 iagpioe; C:\Windows\System32\drivers\iagpioe.sys [41984 2015-06-02] (Intel(R) Corporation)
R3 iai2ce; C:\Windows\System32\drivers\iai2ce.sys [89592 2015-06-02] (Intel(R) Corporation)
R3 igfxLP; C:\Windows\system32\DRIVERS\igdkmd64lp.sys [5759240 2015-12-16] (Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21344 2015-07-09] (Acer Incorporated)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [419624 2016-03-11] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [349480 2016-03-11] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [83608 2016-03-11] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [493352 2016-03-11] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [842536 2016-03-11] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [543488 2016-02-10] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [109480 2016-02-10] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [45728 2016-03-15] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [243496 2016-03-11] (McAfee, Inc.)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14688 2015-07-09] (Acer Incorporated)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [895256 2015-06-18] (Realtek                                            )
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [411712 2015-05-19] (Realsil Semiconductor Corporation)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [146232 2015-06-26] (Intel Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-06-02 20:52 - 2016-06-02 20:52 - 08808696 _____ (SparkTrust) C:\Users\Nina\Downloads\SparkTrust PC Cleaner Plus Setup_26A2E207-047D-4D57-94E1-C1987A14A691_.exe
2016-06-02 20:49 - 2016-06-02 20:50 - 00024407 _____ C:\Users\Nina\Downloads\FRST.txt
2016-06-02 20:49 - 2016-06-02 20:49 - 00000000 ____D C:\FRST
2016-06-02 20:48 - 2016-06-02 20:49 - 02383872 _____ (Farbar) C:\Users\Nina\Downloads\FRST64.exe
2016-06-02 20:47 - 2016-06-02 20:47 - 01734656 _____ (Farbar) C:\Users\Nina\Downloads\FRST (2).exe
2016-06-02 20:46 - 2016-06-02 20:46 - 01734656 _____ (Farbar) C:\Users\Nina\Downloads\FRST.exe
2016-06-02 20:46 - 2016-06-02 20:46 - 01734656 _____ (Farbar) C:\Users\Nina\Downloads\FRST (1).exe
2016-06-02 20:35 - 2016-06-02 20:35 - 00016148 _____ C:\Windows\system32\LAPTOP-U1BDH09N_Nina_HistoryPrediction.bin
2016-06-02 20:35 - 2016-06-02 20:35 - 00000000 ____D C:\ProgramData\eia232-80
2016-06-02 20:10 - 2016-06-02 20:10 - 00000000 ____D C:\Users\Nina\AppData\Roaming\centroid-61
2016-06-02 20:08 - 2016-06-02 20:08 - 00000000 ____D C:\Users\Nina\AppData\Roaming\gaasfet-98
2016-06-02 20:08 - 2016-06-02 20:08 - 00000000 ____D C:\ProgramData\lithium-7
2016-06-02 20:07 - 2016-06-02 20:25 - 00000000 ____D C:\ProgramData\ckt
2016-06-02 20:02 - 2016-06-02 20:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2016-06-02 19:08 - 2016-06-02 19:09 - 00000000 ___HD C:\$WINDOWS.~BT
2016-06-02 18:53 - 2016-06-02 18:53 - 00003388 _____ C:\Windows\System32\Tasks\AcerCloud
2016-06-01 13:32 - 2016-06-01 13:32 - 00003126 _____ C:\Windows\System32\Tasks\McAfeeLogon
2016-05-24 18:48 - 2016-05-24 18:48 - 00067013 _____ C:\Users\Nina\Downloads\Konto_660274655-Auszug_2016_002.PDF
2016-05-24 18:48 - 2016-05-24 18:48 - 00067013 _____ C:\Users\Nina\Downloads\Konto_660274655-Auszug_2016_002 (1).PDF
2016-05-22 21:13 - 2016-05-27 19:02 - 00000000 ____D C:\Users\Nina\AppData\Roaming\PlayFirst
2016-05-22 21:13 - 2016-05-27 19:02 - 00000000 ____D C:\ProgramData\PlayFirst
2016-05-22 20:09 - 2016-05-22 20:09 - 00000000 ____D C:\ProgramData\Sandlot Games
2016-05-22 15:00 - 2016-05-27 20:03 - 00000000 ____D C:\Zylom Games
2016-05-20 21:48 - 2016-05-20 21:53 - 00000000 ____D C:\Users\Nina\AppData\Roaming\FamilyVacation2
2016-05-19 21:17 - 2016-05-19 21:17 - 00000000 ____D C:\Users\Nina\AppData\Roaming\GameHouse
2016-05-18 18:57 - 2016-05-18 18:57 - 00126728 _____ C:\Users\Nina\Downloads\Yello Strom Rechnung 802255587_6166131458 - 09.08.2015 (1).pdf
2016-05-18 18:56 - 2016-05-18 18:57 - 00126728 _____ C:\Users\Nina\Downloads\Yello Strom Rechnung 802255587_6166131458 - 09.08.2015.pdf
2016-05-17 20:53 - 2016-05-17 20:53 - 00000000 ____D C:\Users\Nina\AppData\Roaming\8floor
2016-05-16 13:08 - 2016-05-16 13:08 - 00164619 _____ C:\Users\Nina\Downloads\PDF_Rechnung_M211160146964220_03-2016.pdf
2016-05-16 13:07 - 2016-05-16 13:07 - 00158496 _____ C:\Users\Nina\Downloads\PDF_Rechnung_M211160149079510_04-2016.pdf
2016-05-16 12:41 - 2016-04-15 09:21 - 01085776 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-05-16 12:41 - 2016-04-15 08:43 - 00916800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-05-16 12:41 - 2016-04-15 08:18 - 24593408 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-05-16 12:41 - 2016-04-15 08:06 - 00602624 _____ (Microsoft Corporation) C:\Windows\system32\LogonController.dll
2016-05-16 12:41 - 2016-04-15 08:01 - 03586560 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2016-05-16 12:41 - 2016-04-15 08:01 - 01381376 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2016-05-16 12:41 - 2016-04-15 07:59 - 04791808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-05-16 12:41 - 2016-04-15 07:55 - 19325952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-05-16 12:41 - 2016-04-15 07:42 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LogonController.dll
2016-05-16 12:41 - 2016-04-15 07:39 - 03580416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-05-16 12:41 - 2016-04-09 12:58 - 01365584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-05-16 12:41 - 2016-04-09 12:52 - 00502504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2016-05-16 12:41 - 2016-04-09 12:12 - 08021856 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-05-16 12:41 - 2016-04-09 12:10 - 00609976 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2016-05-16 12:41 - 2016-04-09 12:06 - 01981280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-05-16 12:41 - 2016-04-09 12:05 - 01199368 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-05-16 12:41 - 2016-04-09 12:04 - 02430304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2016-05-16 12:41 - 2016-04-09 12:04 - 01592360 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-05-16 12:41 - 2016-04-09 11:50 - 01515936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2016-05-16 12:41 - 2016-04-09 11:04 - 01780352 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2016-05-16 12:41 - 2016-04-09 10:13 - 05160960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-05-16 12:41 - 2016-04-09 10:09 - 00650240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-05-16 12:41 - 2016-04-09 09:54 - 00768000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-05-16 12:41 - 2016-04-09 09:52 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2016-05-16 12:41 - 2016-04-09 09:22 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
2016-05-16 12:41 - 2016-04-09 09:18 - 11264000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-05-16 12:41 - 2016-04-09 09:18 - 05454848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2016-05-16 12:41 - 2016-04-09 09:14 - 18798080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2016-05-16 12:41 - 2016-04-09 09:10 - 12504576 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-05-16 12:41 - 2016-04-09 09:09 - 06788608 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2016-05-16 12:41 - 2016-04-09 08:42 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-05-16 12:41 - 2016-04-09 08:41 - 00253952 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2016-05-16 12:41 - 2016-04-09 08:27 - 00627712 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll
2016-05-16 12:41 - 2016-04-09 08:13 - 21859328 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2016-05-16 12:41 - 2016-04-09 08:02 - 07521280 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2016-05-16 12:40 - 2016-04-22 07:52 - 00572928 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-05-16 12:40 - 2016-04-22 07:44 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-05-16 12:40 - 2016-04-15 08:14 - 00349184 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2016-05-16 12:40 - 2016-04-15 08:05 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\CloudDomainJoinDataModelServer.dll
2016-05-16 12:40 - 2016-04-09 12:53 - 01535032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-05-16 12:40 - 2016-04-09 12:52 - 00705520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-05-16 12:40 - 2016-04-09 12:10 - 01824872 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-05-16 12:40 - 2016-04-09 12:05 - 00331616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2016-05-16 12:40 - 2016-04-09 10:09 - 01380864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-05-16 12:40 - 2016-04-09 10:09 - 00574464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2016-05-16 12:40 - 2016-04-09 09:55 - 00373248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-05-16 12:40 - 2016-04-09 09:38 - 00464384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.dll
2016-05-16 12:40 - 2016-04-09 09:06 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-05-16 12:40 - 2016-04-09 09:05 - 01602560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-05-16 12:40 - 2016-04-09 09:05 - 00771072 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2016-05-16 12:40 - 2016-04-09 08:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-05-16 10:53 - 2016-05-16 10:53 - 00002062 _____ C:\Users\Public\Desktop\abPhoto.lnk

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-06-02 20:37 - 2015-08-04 14:03 - 00000424 _____ C:\Windows\Tasks\WpsNotifyTask_Administrator.job
2016-06-02 20:34 - 2015-08-04 14:03 - 00000424 _____ C:\Windows\Tasks\WpsUpdateTask_Administrator.job
2016-06-02 20:23 - 2015-12-20 17:02 - 00001150 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-02 19:54 - 2015-12-16 19:09 - 00000000 ____D C:\Users\Nina\AppData\Local\Host App Service
2016-06-02 19:53 - 2015-12-20 17:02 - 00001146 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-02 19:53 - 2015-12-16 19:09 - 00000000 __SHD C:\Users\Nina\IntelGraphicsProfiles
2016-06-02 19:52 - 2015-12-16 19:05 - 00000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-06-02 19:13 - 2015-07-10 13:04 - 00000000 ___HD C:\Program Files\WindowsApps
2016-06-02 19:13 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\AppReadiness
2016-06-02 19:12 - 2015-07-16 06:18 - 00000000 ____D C:\Windows\Panther
2016-06-02 19:07 - 2015-07-10 13:04 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-06-02 19:04 - 2015-08-04 13:26 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-06-02 18:56 - 2015-12-20 17:02 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-06-02 18:52 - 2015-07-16 05:34 - 00000000 ____D C:\Program Files\Common Files\McAfee
2016-06-02 18:52 - 2015-07-16 05:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2016-06-02 18:52 - 2015-07-16 05:31 - 00000000 ____D C:\Program Files (x86)\Acer
2016-06-02 18:47 - 2015-08-04 22:34 - 00772342 _____ C:\Windows\system32\perfh007.dat
2016-06-02 18:47 - 2015-08-04 22:34 - 00154170 _____ C:\Windows\system32\perfc007.dat
2016-06-02 18:47 - 2015-07-16 05:31 - 01790124 _____ C:\Windows\system32\PerfStringBackup.INI
2016-06-02 18:47 - 2015-07-10 13:02 - 00000000 ____D C:\Windows\INF
2016-06-02 18:44 - 2015-12-16 19:14 - 00000000 ____D C:\Users\Nina\AppData\Local\clear.fi
2016-06-02 18:41 - 2015-07-10 14:21 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-02 07:44 - 2015-07-10 13:04 - 00000000 ___HD C:\Windows\ELAMBKUP
2016-06-02 07:44 - 2015-07-10 11:05 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-06-01 13:32 - 2015-12-19 19:45 - 00000000 ____D C:\Windows\System32\Tasks\McAfee
2016-05-31 14:50 - 2015-07-10 11:05 - 00032768 ___SH C:\Windows\system32\config\ELAM
2016-05-30 15:55 - 2015-12-16 19:18 - 00000000 ____D C:\Users\Nina\AppData\Local\Comms
2016-05-29 20:46 - 2015-12-17 22:59 - 00000000 ____D C:\Users\Nina\AppData\Local\CrashDumps
2016-05-28 10:30 - 2015-12-28 12:38 - 00000000 ____D C:\Users\Nina\Documents\Haushaltsbuch
2016-05-27 20:03 - 2016-04-14 22:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zylom
2016-05-27 20:03 - 2016-04-14 22:04 - 00000000 ____D C:\Users\Nina\AppData\Local\com.gamehouse.acid
2016-05-27 19:01 - 2016-04-14 22:05 - 00000000 ____D C:\ProgramData\Trymedia
2016-05-25 17:24 - 2015-07-16 05:34 - 00000000 ____D C:\ProgramData\McAfee
2016-05-22 15:00 - 2016-04-17 11:52 - 00000000 ____D C:\Users\Nina\AppData\Local\JollyBear
2016-05-22 15:00 - 2016-04-17 11:52 - 00000000 ____D C:\ProgramData\JollyBear
2016-05-20 21:19 - 2016-04-15 18:32 - 00000000 ____D C:\Users\Nina\AppData\Roaming\ERS Game Studios
2016-05-20 20:01 - 2015-12-16 19:17 - 00002388 _____ C:\Users\Nina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-05-20 20:01 - 2015-12-16 19:17 - 00000000 ___RD C:\Users\Nina\OneDrive
2016-05-19 21:26 - 2015-12-20 17:02 - 00003972 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-05-18 22:13 - 2015-07-10 15:14 - 00000000 ____D C:\Program Files\Windows Journal
2016-05-17 21:03 - 2016-04-15 19:35 - 00000000 ____D C:\ProgramData\Playrix Entertainment
2016-05-16 22:11 - 2015-07-10 12:55 - 00000000 ____D C:\Windows\CbsTemp
2016-05-16 22:10 - 2015-12-17 22:20 - 00000000 ____D C:\Windows\system32\MRT
2016-05-16 20:51 - 2015-12-17 22:20 - 139319312 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-05-16 12:43 - 2015-12-16 19:09 - 00000000 ____D C:\Users\Nina\AppData\Local\Packages
2016-05-16 10:53 - 2015-12-16 19:18 - 00003508 _____ C:\Windows\System32\Tasks\BacKGroundAgent
2016-05-16 10:53 - 2015-07-16 06:13 - 00000000 ___HD C:\OEM
2016-05-15 22:35 - 2015-12-16 19:09 - 00000000 ____D C:\Users\Nina
2016-05-13 22:24 - 2015-12-20 17:03 - 00002268 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-05-13 22:24 - 2015-12-20 17:03 - 00002256 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-05-11 21:50 - 2015-07-10 13:06 - 00829944 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-05-11 21:50 - 2015-07-10 13:06 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-05-11 13:18 - 2015-12-20 17:02 - 00004208 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-05-11 13:18 - 2015-12-20 17:02 - 00003976 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-08-04 13:41 - 2015-08-04 13:41 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
C:\Users\Nina\AppData\Local\Temp\i4jdel0.exe
C:\Users\Nina\AppData\Local\Temp\oct16B3.tmp.exe
C:\Users\Nina\AppData\Local\Temp\oct3152.tmp.exe
C:\Users\Nina\AppData\Local\Temp\oct61F2.tmp.exe
C:\Users\Nina\AppData\Local\Temp\oct6AF6.tmp.exe
C:\Users\Nina\AppData\Local\Temp\octDFD9.tmp.exe
C:\Users\Nina\AppData\Local\Temp\proxy_vole2700381967827039359.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-05-26 22:18

==================== Ende von FRST.txt ============================

--- --- ---

FRST Additions Logfile:

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:01-06-2016
durchgeführt von Nina (2016-06-02 20:56:55)
Gestartet von C:\Users\Nina\Downloads
Windows 10 Home (X64) (2015-12-16 17:05:02)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2042935925-1608211190-3008143175-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2042935925-1608211190-3008143175-503 - Limited - Disabled)
Gast (S-1-5-21-2042935925-1608211190-3008143175-501 - Limited - Disabled)
Nina (S-1-5-21-2042935925-1608211190-3008143175-1001 - Administrator - Enabled) => C:\Users\Nina

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

12 Labours of Hercules III: Girl Power (x32 Version: 3.0.2.118 - WildTangent) Hidden
abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.09.2001 - Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.02.2001 - Acer Incorporated)
abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.03.2003 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.07.2001.5 - Acer Incorporated)
Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3016 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3001 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.10.2001 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8109 - Acer Incorporated)
Acer Quick Access (HKLM\...\{E3678E72-78E3-4F91-A9FB-913876FF6DA2}) (Version: 2.00.3005 - Acer Incorporated)
Acer UEIP Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 2.01.3002 - Acer Incorporated)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated)
Amazon 1Button App (HKLM-x32\...\{B6DCCCD3-520D-4485-B642-FCC136CE12C3}) (Version: 2.3.4 - Amazon) <==== ACHTUNG
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.17.2002.1 - Acer Incorporated)
App Explorer (HKU\S-1-5-21-2042935925-1608211190-3008143175-1001\...\Host App Service) (Version: 0.271.1.403 - SweetLabs)
Avast SecureLine (HKLM\...\{2CD3C92F-EDC5-4B02-9B0A-9C1D37C58EF5}_is1) (Version: 1.0.239.4 - AVAST Software)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.4609.02 - CyberLink Corp.)
Dino Storm (x32 Version: 13.0.0.6 - WildTangent) Hidden
DriverSetupUtility (HKLM\...\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}) (Version: 1.00.3011 - Acer Incorporated)
eBay Worldwide (HKLM-x32\...\{3DC26EA7-03E3-4353-9424-EEB7A34A7504}) (Version: 2.5.0427 - OEM)
ELAN HIDI2C Filter Driver X64 13.6.3.1_WHQL (HKLM\...\Elantech) (Version: 13.6.3.1 - ELAN Microelectronic Corp.)
Foxit PhantomPDF (HKLM-x32\...\{A4023BDF-82D5-412D-9D58-8C2819EBFE2E}) (Version: 7.0.410.326 - Foxit Software Inc.)
Game Explorer Categories - genres (HKLM-x32\...\WildTangentGameProvider-acer-genres) (Version: 13.0.0.6 - WildTangent, Inc.)
Game Explorer Categories - main (HKLM-x32\...\WildTangentGameProvider-acer-main) (Version: 13.0.0.6 - WildTangent, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.102 - Google Inc.)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Home Makeover (x32 Version: 3.0.2.59 - WildTangent) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4248 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 2.0.0.1067 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.1.1.8 - Intel(R) Corporation) Hidden
Intel® Security Assist (HKLM-x32\...\{84DB01CB-7EB7-4261-9249-99A32768D991}) (Version: 1.0.0.523 - Intel Corporation)
Jewel Match 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Jewel Match Snowscapes (x32 Version: 3.0.2.118 - WildTangent) Hidden
Magic Academy (x32 Version: 2.2.0.97 - WildTangent) Hidden
McAfee LiveSafe (HKLM-x32\...\MSC) (Version: 14.0.9029 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.192 - McAfee, Inc.)
Microsoft Office Home and Student 2016 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 16.0.6868.2067 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 38.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 en-US)) (Version: 38.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0.1 - Mozilla)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6828.1019 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6828.1019 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6828.1019 - Microsoft Corporation) Hidden
Online Games Manager v1.40 (HKLM-x32\...\Online Games Manager) (Version: 1.40.2 - Real Networks, Inc.)
Polar Bowler 1st Frame (x32 Version: 3.0.2.59 - WildTangent) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 10.0.1.0 - Qualcomm Atheros)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.65 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.31213 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7503 - Realtek Semiconductor Corp.)
Rory's Restaurant (x32 Version: 3.0.2.126 - WildTangent) Hidden
Runefall (x32 Version: 3.0.2.126 - WildTangent) Hidden
tiptoi® Manager 3.0.9 (HKLM-x32\...\9978-5763-2995-5228) (Version: 3.0.9 - Ravensburger AG)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Vegas World (x32 Version: 13.0.0.6 - WildTangent) Hidden
Villagers and Heroes (x32 Version: 13.0.0.6 - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.11.16 - WildTangent) Hidden
Windows-Treiberpaket - Intel Corporation (iagpioe) System  (05/21/2015 604.10120.2652.361) (HKLM\...\AF9226384B030787C4D0F761A23F48F7649D6D17) (Version: 05/21/2015 604.10120.2652.361 - Intel Corporation)
Windows-Treiberpaket - Intel Corporation (iai2ce) System  (05/21/2015 604.10120.2654.367) (HKLM\...\B37036F6A0766DAC3E418F6CAE67005C5F3A8C40) (Version: 05/21/2015 604.10120.2654.367 - Intel Corporation)
Windows-Treiberpaket - Intel Corporation (iauarte) System  (05/21/2015 604.10120.2653.391) (HKLM\...\1D4FF76A05A14FF5BA3636A41E0AB237F3A55E14) (Version: 05/21/2015 604.10120.2653.391 - Intel Corporation)
WPS Office (9.1.0.5113) (HKLM-x32\...\Kingsoft Office) (Version: 9.1.0.5113 - Kingsoft Corp.)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2042935925-1608211190-3008143175-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Nina\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {05DEE9A5-B686-46AA-939B-1AFA80A7733F} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2016-04-20] (Acer)
Task: {09F67DAB-7A00-4D16-B8A7-C47663819438} - System32\Tasks\FUBTrackingByPLD => C:\OEM\Preload\FubTracking\FubTracking.exe [2015-05-14] ()
Task: {11769887-13FF-4CEC-A407-18E265B1DA7D} - System32\Tasks\App Explorer => C:\Users\Nina\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [2016-03-11] (SweetLabs, Inc)
Task: {18584463-F417-40B3-90BD-0C4B4C3C1A57} - System32\Tasks\WpsNotifyTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5113\wtoolex\wpsnotify.exe [2015-08-04] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {24C07961-425C-48AC-99EE-A12707B39828} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {3AE5A618-E976-423B-A609-9731E49AF28C} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-05-16] (Microsoft Corporation)
Task: {3B288F65-9505-4E3F-A522-7F30D76489F1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {3B3B0D22-F0BD-44B4-AF70-77195BE5A064} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-13] (TODO: <Company name>)
Task: {48CF48AA-2BC8-4E94-98EA-EB8AE744E0CF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-20] (Google Inc.)
Task: {611BC3DA-0887-4061-B933-B0034BDD2755} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2016-04-18] (Acer Incorporated)
Task: {644DD111-74F2-41F9-91D1-0DBF73397DF9} - System32\Tasks\avast! SL Update => C:\Program Files\AVAST Software\SecureLine\SLUpdate.exe [2016-03-07] (AVAST Software)
Task: {6E63723B-4981-42D5-8804-FF6CBA537DBD} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\platform\McUICnt.exe [2016-04-23] (McAfee, Inc.)
Task: {748C56D9-D949-423A-BAD8-FA08023868C5} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2015-07-10] (Acer Incorporated)
Task: {9032CAC5-325D-4451-B913-5099560CE84B} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2015-07-09] (Acer Incorporated)
Task: {91F9D2B6-9405-4B55-8297-BF24C7AD5C78} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2015-07-10] ()
Task: {963D0548-1350-439C-91DB-3B3E394E6CEE} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2015-11-25] ()
Task: {990840B6-1D29-4796-8B6E-5633AB46887E} - System32\Tasks\Avast SecureLine => C:\Program Files\AVAST Software\SecureLine\SecureLine.exe [2016-05-27] (AVAST Software)
Task: {9A029FFA-A846-4A28-B125-F07D860F1EF5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-05-15] (Microsoft Corporation)
Task: {A10C25B6-9816-42D8-A9DB-907598257057} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {ACE21CCF-707F-42A6-81B7-D1A5EBFE3354} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-05-15] (Microsoft Corporation)
Task: {CB58CE4E-F66C-4A58-9F84-AA2EB5AB9A83} - System32\Tasks\WpsUpdateTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5113\wtoolex\wpsupdate.exe [2015-08-04] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {CD6F702C-470B-4241-8589-E1071B89BA8F} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [2015-11-25] ()
Task: {D19A80C4-AC56-4DAA-9E9C-2C1DA66E1001} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-20] (Google Inc.)
Task: {D9702B8C-FCE4-4A82-AD58-3F6039394C12} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2015-05-14] (Acer Incorporated)
Task: {F25E0554-D7B2-43D4-BFFA-0FC55EF400F0} - System32\Tasks\abDocsDllLoader => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe [2015-11-23] ()

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\WpsNotifyTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5113\wtoolex\wpsnotify.exe
Task: C:\Windows\Tasks\WpsUpdateTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5113\wtoolex\wpsupdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-08-04 22:46 - 2015-08-04 22:46 - 00032768 _____ () C:\Windows\SYSTEM32\licensemanagerapi.dll
2016-05-27 21:52 - 2016-05-27 21:52 - 00592392 _____ () C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
2015-12-16 19:37 - 2016-05-15 11:51 - 00417480 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2015-02-26 10:12 - 2015-02-26 10:12 - 00330240 _____ () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
2015-12-17 22:01 - 2015-08-11 11:14 - 00404480 _____ () C:\Windows\System32\diagtrack_wininternal.dll
2016-04-25 16:17 - 2016-03-16 06:55 - 02495768 _____ () C:\Windows\system32\CoreUIComponents.dll
2015-07-14 07:36 - 2015-12-16 19:10 - 00415128 _____ () C:\Windows\system32\igfxTray.exe
2016-04-25 16:17 - 2016-03-16 06:55 - 02495768 _____ () C:\Windows\System32\CoreUIComponents.dll
2016-05-20 20:00 - 2016-05-20 20:00 - 00959168 _____ () C:\Users\Nina\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2015-12-17 22:01 - 2015-09-17 07:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-04-25 16:16 - 2016-03-16 06:03 - 00957952 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickConnectUI.dll
2015-12-17 22:03 - 2015-09-17 08:04 - 00642048 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\MtcUvc.dll
2015-12-17 22:03 - 2015-11-25 06:20 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-12-17 22:04 - 2015-11-25 06:17 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-12-17 22:03 - 2015-11-25 06:17 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-12-17 22:03 - 2015-09-17 07:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 13:00 - 2015-07-10 15:14 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2015-11-23 19:44 - 2015-11-23 19:44 - 00091488 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
2015-08-04 14:31 - 2015-05-14 09:10 - 00030976 _____ () C:\OEM\Preload\FubTracking\FubTracking.exe
2015-11-23 19:44 - 2015-11-23 19:44 - 01769312 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
2015-11-25 12:03 - 2015-11-25 12:03 - 04644256 _____ () C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
2016-04-20 14:57 - 2016-04-20 14:57 - 00194048 _____ () C:\Program Files (x86)\Acer\Acer Portal\curllib.dll
2016-04-20 14:57 - 2016-04-20 14:57 - 00110592 _____ () C:\Program Files (x86)\Acer\Acer Portal\OpenLDAP.dll
2016-05-20 20:00 - 2016-05-20 20:00 - 00679624 _____ () C:\Users\Nina\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll
2015-11-23 19:44 - 2015-11-23 19:44 - 00277856 _____ () C:\Program Files (x86)\Acer\abDocs\libcurl.dll
2016-04-22 11:56 - 2016-04-22 11:56 - 00202456 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll
2016-04-22 11:59 - 2016-04-22 11:59 - 00654000 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll
2016-04-22 11:59 - 2016-04-22 11:59 - 00641240 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll
2016-04-22 11:57 - 2016-04-22 11:57 - 00119000 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll
2016-05-16 10:53 - 2016-05-16 10:53 - 00015064 _____ () C:\Windows\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2016-04-18 16:13 - 2016-04-18 16:13 - 00013016 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
2016-04-18 16:11 - 2016-04-18 16:11 - 00277856 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll
2016-05-27 21:52 - 2016-05-27 21:52 - 38907672 _____ () C:\Program Files\AVAST Software\SecureLine\libcef.dll
2016-04-22 11:57 - 2016-04-22 11:57 - 02291416 _____ () C:\Program Files (x86)\Acer\abPhoto\QtCore4.dll
2016-04-22 11:59 - 2016-04-22 11:59 - 00198872 _____ () C:\Program Files (x86)\Acer\abPhoto\QtSql4.dll
2016-04-22 11:59 - 2016-04-22 11:59 - 08175320 _____ () C:\Program Files (x86)\Acer\abPhoto\QtGui4.dll
2016-04-22 11:59 - 2016-04-22 11:59 - 00922840 _____ () C:\Program Files (x86)\Acer\abPhoto\QtNetwork4.dll
2016-05-13 22:24 - 2016-05-11 13:48 - 01738904 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\libglesv2.dll
2016-05-13 22:24 - 2016-05-11 13:48 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2ce.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\.DEFAULT\...\amazon.com -> amazon.com
IE trusted site: HKU\.DEFAULT\...\amazon.de -> amazon.de
IE trusted site: HKU\.DEFAULT\...\amazon.de -> hxxps://amazon.de

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2015-07-10 13:04 - 2015-07-10 13:02 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2042935925-1608211190-3008143175-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img2.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{79335C2F-97B2-40AA-8478-EC22FE191C2F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{77047FE5-5BE3-46C4-9880-2EDCA9AD130E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CA2AC588-909A-4DB7-A04C-58731F058E52}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{90DCACF2-AD29-4E57-BC3B-9517855EA057}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{8A51B2ED-B3C9-491A-9BE7-0BF196CCC4FB}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{AC4F09D0-A1A1-491B-A6C8-7B850DA5B4AB}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{030AD213-B01A-4478-8883-98ACC90362D1}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{EC3208F3-2858-4033-948B-9FC0C05D4036}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{7456B177-F3A4-4680-BA3F-C029A641E7C8}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{E002F717-BAC7-4F8C-8C18-DB7D59E76756}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{10262B3E-324E-4BD0-A55B-55C852CE8712}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{A44E9331-7473-494C-93A9-B6382CA23281}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{F6D56653-1325-4F55-8DCE-7380BBAC1F34}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{8D2AD2E6-BBF2-4B87-BDF4-F178BBDCF1C0}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{921F0734-5E3B-4E7C-B517-2FB4B5D1D7D8}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{6784B679-F060-4DBE-91B2-C03368E23BF7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

25-04-2016 17:48:16 Windows Update
25-04-2016 17:52:20 Windows Update
26-04-2016 15:55:56 Wiederherstellungsvorgang
16-05-2016 20:46:44 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (06/02/2016 07:53:04 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-U1BDH09N)
Description: Bei der Aktivierung der App „Microsoft.Windows.Photos_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (06/02/2016 07:34:02 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-U1BDH09N)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (06/02/2016 06:53:01 PM) (Source: AVLogEvent) (EventID: 5003) (User: NT-AUTORITÄT)
Description: McShield encountered error while stopping.
Error Code:a7f40610

Error: (06/02/2016 07:43:48 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-U1BDH09N)
Description: Bei der Aktivierung der App „Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (06/02/2016 07:40:45 AM) (Source: AVLogEvent) (EventID: 5003) (User: NT-AUTORITÄT)
Description: McShield encountered error while stopping.
Error Code:a7f40610

Error: (06/01/2016 01:32:39 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-U1BDH09N)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (05/31/2016 02:57:11 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-U1BDH09N)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (05/31/2016 01:21:20 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-U1BDH09N)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (05/30/2016 08:49:38 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-U1BDH09N)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (05/30/2016 04:56:23 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-U1BDH09N)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.


Systemfehler:
=============
Error: (06/02/2016 07:34:02 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-U1BDH09N)
Description: CortanaUI.AppXtpp90jhw9p0njjb85kvhxpppgrqfp117.mca

Error: (06/02/2016 07:33:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/02/2016 07:33:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/02/2016 07:33:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/02/2016 07:33:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/02/2016 07:12:31 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x8024200d fehlgeschlagen: Upgrade auf Windows 10 Home, Version 1511, 10586

Error: (06/02/2016 06:57:56 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "McAfee Personal Firewall Service" ist vom Dienst "McAfee Firewall Core Service" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (06/02/2016 06:55:55 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "McAfee Personal Firewall Service" ist vom Dienst "McAfee Firewall Core Service" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (06/02/2016 06:55:47 PM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: 1053mcpltsvcNicht verfügbar{20966775-18A4-4299-B8E3-772C336B52A7}

Error: (06/02/2016 06:55:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee Platform Services" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Celeron(R) CPU N3150 @ 1.60GHz
Prozentuale Nutzung des RAM: 71%
Installierter physikalischer RAM: 3919.27 MB
Verfügbarer physikalischer RAM: 1125.38 MB
Summe virtueller Speicher: 4623.27 MB
Verfügbarer virtueller Speicher: 1877.75 MB

==================== Laufwerke ================================

Drive c: (Acer) (Fixed) (Total:930.91 GB) (Free:884.57 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 45BB3D7B)

Partition: GPT.

==================== Ende von Addition.txt ============================

--- --- ---

FRST Additions Logfile:

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:01-06-2016
durchgeführt von Nina (2016-06-02 20:56:55)
Gestartet von C:\Users\Nina\Downloads
Windows 10 Home (X64) (2015-12-16 17:05:02)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2042935925-1608211190-3008143175-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2042935925-1608211190-3008143175-503 - Limited - Disabled)
Gast (S-1-5-21-2042935925-1608211190-3008143175-501 - Limited - Disabled)
Nina (S-1-5-21-2042935925-1608211190-3008143175-1001 - Administrator - Enabled) => C:\Users\Nina

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

12 Labours of Hercules III: Girl Power (x32 Version: 3.0.2.118 - WildTangent) Hidden
abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.09.2001 - Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.02.2001 - Acer Incorporated)
abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.03.2003 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.07.2001.5 - Acer Incorporated)
Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3016 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3001 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.10.2001 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8109 - Acer Incorporated)
Acer Quick Access (HKLM\...\{E3678E72-78E3-4F91-A9FB-913876FF6DA2}) (Version: 2.00.3005 - Acer Incorporated)
Acer UEIP Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 2.01.3002 - Acer Incorporated)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated)
Amazon 1Button App (HKLM-x32\...\{B6DCCCD3-520D-4485-B642-FCC136CE12C3}) (Version: 2.3.4 - Amazon) <==== ACHTUNG
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.17.2002.1 - Acer Incorporated)
App Explorer (HKU\S-1-5-21-2042935925-1608211190-3008143175-1001\...\Host App Service) (Version: 0.271.1.403 - SweetLabs)
Avast SecureLine (HKLM\...\{2CD3C92F-EDC5-4B02-9B0A-9C1D37C58EF5}_is1) (Version: 1.0.239.4 - AVAST Software)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.4609.02 - CyberLink Corp.)
Dino Storm (x32 Version: 13.0.0.6 - WildTangent) Hidden
DriverSetupUtility (HKLM\...\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}) (Version: 1.00.3011 - Acer Incorporated)
eBay Worldwide (HKLM-x32\...\{3DC26EA7-03E3-4353-9424-EEB7A34A7504}) (Version: 2.5.0427 - OEM)
ELAN HIDI2C Filter Driver X64 13.6.3.1_WHQL (HKLM\...\Elantech) (Version: 13.6.3.1 - ELAN Microelectronic Corp.)
Foxit PhantomPDF (HKLM-x32\...\{A4023BDF-82D5-412D-9D58-8C2819EBFE2E}) (Version: 7.0.410.326 - Foxit Software Inc.)
Game Explorer Categories - genres (HKLM-x32\...\WildTangentGameProvider-acer-genres) (Version: 13.0.0.6 - WildTangent, Inc.)
Game Explorer Categories - main (HKLM-x32\...\WildTangentGameProvider-acer-main) (Version: 13.0.0.6 - WildTangent, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.102 - Google Inc.)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Home Makeover (x32 Version: 3.0.2.59 - WildTangent) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4248 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 2.0.0.1067 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.1.1.8 - Intel(R) Corporation) Hidden
Intel® Security Assist (HKLM-x32\...\{84DB01CB-7EB7-4261-9249-99A32768D991}) (Version: 1.0.0.523 - Intel Corporation)
Jewel Match 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Jewel Match Snowscapes (x32 Version: 3.0.2.118 - WildTangent) Hidden
Magic Academy (x32 Version: 2.2.0.97 - WildTangent) Hidden
McAfee LiveSafe (HKLM-x32\...\MSC) (Version: 14.0.9029 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.192 - McAfee, Inc.)
Microsoft Office Home and Student 2016 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 16.0.6868.2067 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 38.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 en-US)) (Version: 38.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0.1 - Mozilla)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6828.1019 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6828.1019 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6828.1019 - Microsoft Corporation) Hidden
Online Games Manager v1.40 (HKLM-x32\...\Online Games Manager) (Version: 1.40.2 - Real Networks, Inc.)
Polar Bowler 1st Frame (x32 Version: 3.0.2.59 - WildTangent) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 10.0.1.0 - Qualcomm Atheros)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.65 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.31213 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7503 - Realtek Semiconductor Corp.)
Rory's Restaurant (x32 Version: 3.0.2.126 - WildTangent) Hidden
Runefall (x32 Version: 3.0.2.126 - WildTangent) Hidden
tiptoi® Manager 3.0.9 (HKLM-x32\...\9978-5763-2995-5228) (Version: 3.0.9 - Ravensburger AG)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Vegas World (x32 Version: 13.0.0.6 - WildTangent) Hidden
Villagers and Heroes (x32 Version: 13.0.0.6 - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.11.16 - WildTangent) Hidden
Windows-Treiberpaket - Intel Corporation (iagpioe) System  (05/21/2015 604.10120.2652.361) (HKLM\...\AF9226384B030787C4D0F761A23F48F7649D6D17) (Version: 05/21/2015 604.10120.2652.361 - Intel Corporation)
Windows-Treiberpaket - Intel Corporation (iai2ce) System  (05/21/2015 604.10120.2654.367) (HKLM\...\B37036F6A0766DAC3E418F6CAE67005C5F3A8C40) (Version: 05/21/2015 604.10120.2654.367 - Intel Corporation)
Windows-Treiberpaket - Intel Corporation (iauarte) System  (05/21/2015 604.10120.2653.391) (HKLM\...\1D4FF76A05A14FF5BA3636A41E0AB237F3A55E14) (Version: 05/21/2015 604.10120.2653.391 - Intel Corporation)
WPS Office (9.1.0.5113) (HKLM-x32\...\Kingsoft Office) (Version: 9.1.0.5113 - Kingsoft Corp.)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2042935925-1608211190-3008143175-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Nina\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {05DEE9A5-B686-46AA-939B-1AFA80A7733F} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2016-04-20] (Acer)
Task: {09F67DAB-7A00-4D16-B8A7-C47663819438} - System32\Tasks\FUBTrackingByPLD => C:\OEM\Preload\FubTracking\FubTracking.exe [2015-05-14] ()
Task: {11769887-13FF-4CEC-A407-18E265B1DA7D} - System32\Tasks\App Explorer => C:\Users\Nina\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [2016-03-11] (SweetLabs, Inc)
Task: {18584463-F417-40B3-90BD-0C4B4C3C1A57} - System32\Tasks\WpsNotifyTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5113\wtoolex\wpsnotify.exe [2015-08-04] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {24C07961-425C-48AC-99EE-A12707B39828} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {3AE5A618-E976-423B-A609-9731E49AF28C} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-05-16] (Microsoft Corporation)
Task: {3B288F65-9505-4E3F-A522-7F30D76489F1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {3B3B0D22-F0BD-44B4-AF70-77195BE5A064} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-13] (TODO: <Company name>)
Task: {48CF48AA-2BC8-4E94-98EA-EB8AE744E0CF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-20] (Google Inc.)
Task: {611BC3DA-0887-4061-B933-B0034BDD2755} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2016-04-18] (Acer Incorporated)
Task: {644DD111-74F2-41F9-91D1-0DBF73397DF9} - System32\Tasks\avast! SL Update => C:\Program Files\AVAST Software\SecureLine\SLUpdate.exe [2016-03-07] (AVAST Software)
Task: {6E63723B-4981-42D5-8804-FF6CBA537DBD} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\platform\McUICnt.exe [2016-04-23] (McAfee, Inc.)
Task: {748C56D9-D949-423A-BAD8-FA08023868C5} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2015-07-10] (Acer Incorporated)
Task: {9032CAC5-325D-4451-B913-5099560CE84B} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2015-07-09] (Acer Incorporated)
Task: {91F9D2B6-9405-4B55-8297-BF24C7AD5C78} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2015-07-10] ()
Task: {963D0548-1350-439C-91DB-3B3E394E6CEE} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2015-11-25] ()
Task: {990840B6-1D29-4796-8B6E-5633AB46887E} - System32\Tasks\Avast SecureLine => C:\Program Files\AVAST Software\SecureLine\SecureLine.exe [2016-05-27] (AVAST Software)
Task: {9A029FFA-A846-4A28-B125-F07D860F1EF5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-05-15] (Microsoft Corporation)
Task: {A10C25B6-9816-42D8-A9DB-907598257057} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {ACE21CCF-707F-42A6-81B7-D1A5EBFE3354} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-05-15] (Microsoft Corporation)
Task: {CB58CE4E-F66C-4A58-9F84-AA2EB5AB9A83} - System32\Tasks\WpsUpdateTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5113\wtoolex\wpsupdate.exe [2015-08-04] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {CD6F702C-470B-4241-8589-E1071B89BA8F} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [2015-11-25] ()
Task: {D19A80C4-AC56-4DAA-9E9C-2C1DA66E1001} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-20] (Google Inc.)
Task: {D9702B8C-FCE4-4A82-AD58-3F6039394C12} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2015-05-14] (Acer Incorporated)
Task: {F25E0554-D7B2-43D4-BFFA-0FC55EF400F0} - System32\Tasks\abDocsDllLoader => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe [2015-11-23] ()

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\WpsNotifyTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5113\wtoolex\wpsnotify.exe
Task: C:\Windows\Tasks\WpsUpdateTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5113\wtoolex\wpsupdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-08-04 22:46 - 2015-08-04 22:46 - 00032768 _____ () C:\Windows\SYSTEM32\licensemanagerapi.dll
2016-05-27 21:52 - 2016-05-27 21:52 - 00592392 _____ () C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
2015-12-16 19:37 - 2016-05-15 11:51 - 00417480 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2015-02-26 10:12 - 2015-02-26 10:12 - 00330240 _____ () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
2015-12-17 22:01 - 2015-08-11 11:14 - 00404480 _____ () C:\Windows\System32\diagtrack_wininternal.dll
2016-04-25 16:17 - 2016-03-16 06:55 - 02495768 _____ () C:\Windows\system32\CoreUIComponents.dll
2015-07-14 07:36 - 2015-12-16 19:10 - 00415128 _____ () C:\Windows\system32\igfxTray.exe
2016-04-25 16:17 - 2016-03-16 06:55 - 02495768 _____ () C:\Windows\System32\CoreUIComponents.dll
2016-05-20 20:00 - 2016-05-20 20:00 - 00959168 _____ () C:\Users\Nina\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2015-12-17 22:01 - 2015-09-17 07:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-04-25 16:16 - 2016-03-16 06:03 - 00957952 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickConnectUI.dll
2015-12-17 22:03 - 2015-09-17 08:04 - 00642048 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\MtcUvc.dll
2015-12-17 22:03 - 2015-11-25 06:20 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-12-17 22:04 - 2015-11-25 06:17 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-12-17 22:03 - 2015-11-25 06:17 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-12-17 22:03 - 2015-09-17 07:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 13:00 - 2015-07-10 15:14 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2015-11-23 19:44 - 2015-11-23 19:44 - 00091488 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
2015-08-04 14:31 - 2015-05-14 09:10 - 00030976 _____ () C:\OEM\Preload\FubTracking\FubTracking.exe
2015-11-23 19:44 - 2015-11-23 19:44 - 01769312 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
2015-11-25 12:03 - 2015-11-25 12:03 - 04644256 _____ () C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
2016-04-20 14:57 - 2016-04-20 14:57 - 00194048 _____ () C:\Program Files (x86)\Acer\Acer Portal\curllib.dll
2016-04-20 14:57 - 2016-04-20 14:57 - 00110592 _____ () C:\Program Files (x86)\Acer\Acer Portal\OpenLDAP.dll
2016-05-20 20:00 - 2016-05-20 20:00 - 00679624 _____ () C:\Users\Nina\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll
2015-11-23 19:44 - 2015-11-23 19:44 - 00277856 _____ () C:\Program Files (x86)\Acer\abDocs\libcurl.dll
2016-04-22 11:56 - 2016-04-22 11:56 - 00202456 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll
2016-04-22 11:59 - 2016-04-22 11:59 - 00654000 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll
2016-04-22 11:59 - 2016-04-22 11:59 - 00641240 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll
2016-04-22 11:57 - 2016-04-22 11:57 - 00119000 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll
2016-05-16 10:53 - 2016-05-16 10:53 - 00015064 _____ () C:\Windows\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2016-04-18 16:13 - 2016-04-18 16:13 - 00013016 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
2016-04-18 16:11 - 2016-04-18 16:11 - 00277856 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll
2016-05-27 21:52 - 2016-05-27 21:52 - 38907672 _____ () C:\Program Files\AVAST Software\SecureLine\libcef.dll
2016-04-22 11:57 - 2016-04-22 11:57 - 02291416 _____ () C:\Program Files (x86)\Acer\abPhoto\QtCore4.dll
2016-04-22 11:59 - 2016-04-22 11:59 - 00198872 _____ () C:\Program Files (x86)\Acer\abPhoto\QtSql4.dll
2016-04-22 11:59 - 2016-04-22 11:59 - 08175320 _____ () C:\Program Files (x86)\Acer\abPhoto\QtGui4.dll
2016-04-22 11:59 - 2016-04-22 11:59 - 00922840 _____ () C:\Program Files (x86)\Acer\abPhoto\QtNetwork4.dll
2016-05-13 22:24 - 2016-05-11 13:48 - 01738904 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\libglesv2.dll
2016-05-13 22:24 - 2016-05-11 13:48 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2ce.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\.DEFAULT\...\amazon.com -> amazon.com
IE trusted site: HKU\.DEFAULT\...\amazon.de -> amazon.de
IE trusted site: HKU\.DEFAULT\...\amazon.de -> hxxps://amazon.de

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2015-07-10 13:04 - 2015-07-10 13:02 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2042935925-1608211190-3008143175-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img2.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{79335C2F-97B2-40AA-8478-EC22FE191C2F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{77047FE5-5BE3-46C4-9880-2EDCA9AD130E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CA2AC588-909A-4DB7-A04C-58731F058E52}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{90DCACF2-AD29-4E57-BC3B-9517855EA057}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{8A51B2ED-B3C9-491A-9BE7-0BF196CCC4FB}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{AC4F09D0-A1A1-491B-A6C8-7B850DA5B4AB}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{030AD213-B01A-4478-8883-98ACC90362D1}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{EC3208F3-2858-4033-948B-9FC0C05D4036}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{7456B177-F3A4-4680-BA3F-C029A641E7C8}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{E002F717-BAC7-4F8C-8C18-DB7D59E76756}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{10262B3E-324E-4BD0-A55B-55C852CE8712}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{A44E9331-7473-494C-93A9-B6382CA23281}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{F6D56653-1325-4F55-8DCE-7380BBAC1F34}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{8D2AD2E6-BBF2-4B87-BDF4-F178BBDCF1C0}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{921F0734-5E3B-4E7C-B517-2FB4B5D1D7D8}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{6784B679-F060-4DBE-91B2-C03368E23BF7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

25-04-2016 17:48:16 Windows Update
25-04-2016 17:52:20 Windows Update
26-04-2016 15:55:56 Wiederherstellungsvorgang
16-05-2016 20:46:44 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (06/02/2016 07:53:04 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-U1BDH09N)
Description: Bei der Aktivierung der App „Microsoft.Windows.Photos_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (06/02/2016 07:34:02 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-U1BDH09N)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (06/02/2016 06:53:01 PM) (Source: AVLogEvent) (EventID: 5003) (User: NT-AUTORITÄT)
Description: McShield encountered error while stopping.
Error Code:a7f40610

Error: (06/02/2016 07:43:48 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-U1BDH09N)
Description: Bei der Aktivierung der App „Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (06/02/2016 07:40:45 AM) (Source: AVLogEvent) (EventID: 5003) (User: NT-AUTORITÄT)
Description: McShield encountered error while stopping.
Error Code:a7f40610

Error: (06/01/2016 01:32:39 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-U1BDH09N)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (05/31/2016 02:57:11 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-U1BDH09N)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (05/31/2016 01:21:20 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-U1BDH09N)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (05/30/2016 08:49:38 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-U1BDH09N)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (05/30/2016 04:56:23 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-U1BDH09N)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.


Systemfehler:
=============
Error: (06/02/2016 07:34:02 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-U1BDH09N)
Description: CortanaUI.AppXtpp90jhw9p0njjb85kvhxpppgrqfp117.mca

Error: (06/02/2016 07:33:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/02/2016 07:33:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/02/2016 07:33:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/02/2016 07:33:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/02/2016 07:12:31 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x8024200d fehlgeschlagen: Upgrade auf Windows 10 Home, Version 1511, 10586

Error: (06/02/2016 06:57:56 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "McAfee Personal Firewall Service" ist vom Dienst "McAfee Firewall Core Service" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (06/02/2016 06:55:55 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "McAfee Personal Firewall Service" ist vom Dienst "McAfee Firewall Core Service" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (06/02/2016 06:55:47 PM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: 1053mcpltsvcNicht verfügbar{20966775-18A4-4299-B8E3-772C336B52A7}

Error: (06/02/2016 06:55:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee Platform Services" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Celeron(R) CPU N3150 @ 1.60GHz
Prozentuale Nutzung des RAM: 71%
Installierter physikalischer RAM: 3919.27 MB
Verfügbarer physikalischer RAM: 1125.38 MB
Summe virtueller Speicher: 4623.27 MB
Verfügbarer virtueller Speicher: 1877.75 MB

==================== Laufwerke ================================

Drive c: (Acer) (Fixed) (Total:930.91 GB) (Free:884.57 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 45BB3D7B)

Partition: GPT.

==================== Ende von Addition.txt ============================

--- --- ---

Rose1982 · 02.06.2016, 20:23

FRST Additions Logfile:

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:01-06-2016
durchgeführt von Nina (2016-06-02 21:05:46)
Gestartet von C:\Users\Nina\Downloads
Windows 10 Home (X64) (2015-12-16 17:05:02)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2042935925-1608211190-3008143175-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2042935925-1608211190-3008143175-503 - Limited - Disabled)
Gast (S-1-5-21-2042935925-1608211190-3008143175-501 - Limited - Disabled)
Nina (S-1-5-21-2042935925-1608211190-3008143175-1001 - Administrator - Enabled) => C:\Users\Nina

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

12 Labours of Hercules III: Girl Power (x32 Version: 3.0.2.118 - WildTangent) Hidden
abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.09.2001 - Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.02.2001 - Acer Incorporated)
abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.03.2003 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.07.2001.5 - Acer Incorporated)
Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3016 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3001 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.10.2001 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8109 - Acer Incorporated)
Acer Quick Access (HKLM\...\{E3678E72-78E3-4F91-A9FB-913876FF6DA2}) (Version: 2.00.3005 - Acer Incorporated)
Acer UEIP Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 2.01.3002 - Acer Incorporated)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated)
Amazon 1Button App (HKLM-x32\...\{B6DCCCD3-520D-4485-B642-FCC136CE12C3}) (Version: 2.3.4 - Amazon) <==== ACHTUNG
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.17.2002.1 - Acer Incorporated)
App Explorer (HKU\S-1-5-21-2042935925-1608211190-3008143175-1001\...\Host App Service) (Version: 0.271.1.403 - SweetLabs)
App Explorer (HKU\S-1-5-21-2042935925-1608211190-3008143175-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Host App Service) (Version: 0.271.1.403 - SweetLabs)
Avast SecureLine (HKLM\...\{2CD3C92F-EDC5-4B02-9B0A-9C1D37C58EF5}_is1) (Version: 1.0.239.4 - AVAST Software)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.4609.02 - CyberLink Corp.)
Dino Storm (x32 Version: 13.0.0.6 - WildTangent) Hidden
DriverSetupUtility (HKLM\...\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}) (Version: 1.00.3011 - Acer Incorporated)
eBay Worldwide (HKLM-x32\...\{3DC26EA7-03E3-4353-9424-EEB7A34A7504}) (Version: 2.5.0427 - OEM)
ELAN HIDI2C Filter Driver X64 13.6.3.1_WHQL (HKLM\...\Elantech) (Version: 13.6.3.1 - ELAN Microelectronic Corp.)
Foxit PhantomPDF (HKLM-x32\...\{A4023BDF-82D5-412D-9D58-8C2819EBFE2E}) (Version: 7.0.410.326 - Foxit Software Inc.)
Game Explorer Categories - genres (HKLM-x32\...\WildTangentGameProvider-acer-genres) (Version: 13.0.0.6 - WildTangent, Inc.)
Game Explorer Categories - main (HKLM-x32\...\WildTangentGameProvider-acer-main) (Version: 13.0.0.6 - WildTangent, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.102 - Google Inc.)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Home Makeover (x32 Version: 3.0.2.59 - WildTangent) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4248 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 2.0.0.1067 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.1.1.8 - Intel(R) Corporation) Hidden
Intel® Security Assist (HKLM-x32\...\{84DB01CB-7EB7-4261-9249-99A32768D991}) (Version: 1.0.0.523 - Intel Corporation)
Jewel Match 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Jewel Match Snowscapes (x32 Version: 3.0.2.118 - WildTangent) Hidden
Magic Academy (x32 Version: 2.2.0.97 - WildTangent) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
McAfee LiveSafe (HKLM-x32\...\MSC) (Version: 14.0.9029 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.192 - McAfee, Inc.)
Microsoft Office Home and Student 2016 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 16.0.6868.2067 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 38.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 en-US)) (Version: 38.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0.1 - Mozilla)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6828.1019 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6828.1019 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6828.1019 - Microsoft Corporation) Hidden
Online Games Manager v1.40 (HKLM-x32\...\Online Games Manager) (Version: 1.40.2 - Real Networks, Inc.)
Polar Bowler 1st Frame (x32 Version: 3.0.2.59 - WildTangent) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 10.0.1.0 - Qualcomm Atheros)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.65 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.31213 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7503 - Realtek Semiconductor Corp.)
Rory's Restaurant (x32 Version: 3.0.2.126 - WildTangent) Hidden
Runefall (x32 Version: 3.0.2.126 - WildTangent) Hidden
tiptoi® Manager 3.0.9 (HKLM-x32\...\9978-5763-2995-5228) (Version: 3.0.9 - Ravensburger AG)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Vegas World (x32 Version: 13.0.0.6 - WildTangent) Hidden
Villagers and Heroes (x32 Version: 13.0.0.6 - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.11.16 - WildTangent) Hidden
Windows-Treiberpaket - Intel Corporation (iagpioe) System  (05/21/2015 604.10120.2652.361) (HKLM\...\AF9226384B030787C4D0F761A23F48F7649D6D17) (Version: 05/21/2015 604.10120.2652.361 - Intel Corporation)
Windows-Treiberpaket - Intel Corporation (iai2ce) System  (05/21/2015 604.10120.2654.367) (HKLM\...\B37036F6A0766DAC3E418F6CAE67005C5F3A8C40) (Version: 05/21/2015 604.10120.2654.367 - Intel Corporation)
Windows-Treiberpaket - Intel Corporation (iauarte) System  (05/21/2015 604.10120.2653.391) (HKLM\...\1D4FF76A05A14FF5BA3636A41E0AB237F3A55E14) (Version: 05/21/2015 604.10120.2653.391 - Intel Corporation)
WPS Office (9.1.0.5113) (HKLM-x32\...\Kingsoft Office) (Version: 9.1.0.5113 - Kingsoft Corp.)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2042935925-1608211190-3008143175-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Nina\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2042935925-1608211190-3008143175-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Nina\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {05DEE9A5-B686-46AA-939B-1AFA80A7733F} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2016-04-20] (Acer)
Task: {09F67DAB-7A00-4D16-B8A7-C47663819438} - System32\Tasks\FUBTrackingByPLD => C:\OEM\Preload\FubTracking\FubTracking.exe [2015-05-14] ()
Task: {11769887-13FF-4CEC-A407-18E265B1DA7D} - System32\Tasks\App Explorer => C:\Users\Nina\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [2016-03-11] (SweetLabs, Inc)
Task: {18584463-F417-40B3-90BD-0C4B4C3C1A57} - System32\Tasks\WpsNotifyTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5113\wtoolex\wpsnotify.exe [2015-08-04] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {24C07961-425C-48AC-99EE-A12707B39828} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {3AE5A618-E976-423B-A609-9731E49AF28C} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-05-16] (Microsoft Corporation)
Task: {3B288F65-9505-4E3F-A522-7F30D76489F1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {3B3B0D22-F0BD-44B4-AF70-77195BE5A064} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-13] (TODO: <Company name>)
Task: {48CF48AA-2BC8-4E94-98EA-EB8AE744E0CF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-20] (Google Inc.)
Task: {611BC3DA-0887-4061-B933-B0034BDD2755} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2016-04-18] (Acer Incorporated)
Task: {644DD111-74F2-41F9-91D1-0DBF73397DF9} - System32\Tasks\avast! SL Update => C:\Program Files\AVAST Software\SecureLine\SLUpdate.exe [2016-03-07] (AVAST Software)
Task: {6E63723B-4981-42D5-8804-FF6CBA537DBD} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\platform\McUICnt.exe [2016-04-23] (McAfee, Inc.)
Task: {748C56D9-D949-423A-BAD8-FA08023868C5} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2015-07-10] (Acer Incorporated)
Task: {9032CAC5-325D-4451-B913-5099560CE84B} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2015-07-09] (Acer Incorporated)
Task: {91F9D2B6-9405-4B55-8297-BF24C7AD5C78} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2015-07-10] ()
Task: {963D0548-1350-439C-91DB-3B3E394E6CEE} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2015-11-25] ()
Task: {990840B6-1D29-4796-8B6E-5633AB46887E} - System32\Tasks\Avast SecureLine => C:\Program Files\AVAST Software\SecureLine\SecureLine.exe [2016-05-27] (AVAST Software)
Task: {9A029FFA-A846-4A28-B125-F07D860F1EF5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-05-15] (Microsoft Corporation)
Task: {A10C25B6-9816-42D8-A9DB-907598257057} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {ACE21CCF-707F-42A6-81B7-D1A5EBFE3354} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-05-15] (Microsoft Corporation)
Task: {CB58CE4E-F66C-4A58-9F84-AA2EB5AB9A83} - System32\Tasks\WpsUpdateTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5113\wtoolex\wpsupdate.exe [2015-08-04] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {CD6F702C-470B-4241-8589-E1071B89BA8F} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [2015-11-25] ()
Task: {D19A80C4-AC56-4DAA-9E9C-2C1DA66E1001} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-20] (Google Inc.)
Task: {D9702B8C-FCE4-4A82-AD58-3F6039394C12} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2015-05-14] (Acer Incorporated)
Task: {F25E0554-D7B2-43D4-BFFA-0FC55EF400F0} - System32\Tasks\abDocsDllLoader => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe [2015-11-23] ()

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\WpsNotifyTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5113\wtoolex\wpsnotify.exe
Task: C:\Windows\Tasks\WpsUpdateTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5113\wtoolex\wpsupdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-08-04 22:46 - 2015-08-04 22:46 - 00032768 _____ () C:\Windows\SYSTEM32\licensemanagerapi.dll
2016-05-27 21:52 - 2016-05-27 21:52 - 00592392 _____ () C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
2015-12-16 19:37 - 2016-05-15 11:51 - 00417480 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2015-02-26 10:12 - 2015-02-26 10:12 - 00330240 _____ () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
2015-12-17 22:01 - 2015-08-11 11:14 - 00404480 _____ () C:\Windows\System32\diagtrack_wininternal.dll
2016-04-25 16:17 - 2016-03-16 06:55 - 02495768 _____ () C:\Windows\system32\CoreUIComponents.dll
2015-07-14 07:36 - 2015-12-16 19:10 - 00415128 _____ () C:\Windows\system32\igfxTray.exe
2016-04-25 16:17 - 2016-03-16 06:55 - 02495768 _____ () C:\Windows\System32\CoreUIComponents.dll
2016-05-20 20:00 - 2016-05-20 20:00 - 00959168 _____ () C:\Users\Nina\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2015-12-17 22:01 - 2015-09-17 07:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-04-25 16:16 - 2016-03-16 06:03 - 00957952 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickConnectUI.dll
2015-12-17 22:03 - 2015-09-17 08:04 - 00642048 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\MtcUvc.dll
2015-12-17 22:03 - 2015-11-25 06:20 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-12-17 22:04 - 2015-11-25 06:17 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-12-17 22:03 - 2015-11-25 06:17 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-12-17 22:03 - 2015-09-17 07:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 13:00 - 2015-07-10 15:14 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2015-11-23 19:44 - 2015-11-23 19:44 - 00091488 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
2015-11-23 19:44 - 2015-11-23 19:44 - 01769312 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
2015-11-25 12:03 - 2015-11-25 12:03 - 04644256 _____ () C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
2016-04-20 14:57 - 2016-04-20 14:57 - 00194048 _____ () C:\Program Files (x86)\Acer\Acer Portal\curllib.dll
2016-04-20 14:57 - 2016-04-20 14:57 - 00110592 _____ () C:\Program Files (x86)\Acer\Acer Portal\OpenLDAP.dll
2016-05-20 20:00 - 2016-05-20 20:00 - 00679624 _____ () C:\Users\Nina\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll
2015-11-23 19:44 - 2015-11-23 19:44 - 00277856 _____ () C:\Program Files (x86)\Acer\abDocs\libcurl.dll
2016-04-22 11:56 - 2016-04-22 11:56 - 00202456 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll
2016-04-22 11:59 - 2016-04-22 11:59 - 00654000 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll
2016-04-22 11:59 - 2016-04-22 11:59 - 00641240 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll
2016-04-22 11:57 - 2016-04-22 11:57 - 00119000 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll
2016-05-16 10:53 - 2016-05-16 10:53 - 00015064 _____ () C:\Windows\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2016-04-18 16:13 - 2016-04-18 16:13 - 00013016 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
2016-04-18 16:11 - 2016-04-18 16:11 - 00277856 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll
2016-05-27 21:52 - 2016-05-27 21:52 - 38907672 _____ () C:\Program Files\AVAST Software\SecureLine\libcef.dll
2016-04-22 11:57 - 2016-04-22 11:57 - 02291416 _____ () C:\Program Files (x86)\Acer\abPhoto\QtCore4.dll
2016-04-22 11:59 - 2016-04-22 11:59 - 00198872 _____ () C:\Program Files (x86)\Acer\abPhoto\QtSql4.dll
2016-04-22 11:59 - 2016-04-22 11:59 - 08175320 _____ () C:\Program Files (x86)\Acer\abPhoto\QtGui4.dll
2016-04-22 11:59 - 2016-04-22 11:59 - 00922840 _____ () C:\Program Files (x86)\Acer\abPhoto\QtNetwork4.dll
2016-05-13 22:24 - 2016-05-11 13:48 - 01738904 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\libglesv2.dll
2016-05-13 22:24 - 2016-05-11 13:48 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2ce.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\.DEFAULT\...\amazon.com -> amazon.com
IE trusted site: HKU\.DEFAULT\...\amazon.de -> amazon.de
IE trusted site: HKU\.DEFAULT\...\amazon.de -> hxxps://amazon.de

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2015-07-10 13:04 - 2015-07-10 13:02 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2042935925-1608211190-3008143175-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img2.jpg
HKU\S-1-5-21-2042935925-1608211190-3008143175-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img2.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{79335C2F-97B2-40AA-8478-EC22FE191C2F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{77047FE5-5BE3-46C4-9880-2EDCA9AD130E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CA2AC588-909A-4DB7-A04C-58731F058E52}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{90DCACF2-AD29-4E57-BC3B-9517855EA057}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{8A51B2ED-B3C9-491A-9BE7-0BF196CCC4FB}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{AC4F09D0-A1A1-491B-A6C8-7B850DA5B4AB}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{030AD213-B01A-4478-8883-98ACC90362D1}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{EC3208F3-2858-4033-948B-9FC0C05D4036}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{7456B177-F3A4-4680-BA3F-C029A641E7C8}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{E002F717-BAC7-4F8C-8C18-DB7D59E76756}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{10262B3E-324E-4BD0-A55B-55C852CE8712}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{A44E9331-7473-494C-93A9-B6382CA23281}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{F6D56653-1325-4F55-8DCE-7380BBAC1F34}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{8D2AD2E6-BBF2-4B87-BDF4-F178BBDCF1C0}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{921F0734-5E3B-4E7C-B517-2FB4B5D1D7D8}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{6784B679-F060-4DBE-91B2-C03368E23BF7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

25-04-2016 17:48:16 Windows Update
25-04-2016 17:52:20 Windows Update
26-04-2016 15:55:56 Wiederherstellungsvorgang
16-05-2016 20:46:44 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (06/02/2016 07:53:04 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-U1BDH09N)
Description: Bei der Aktivierung der App „Microsoft.Windows.Photos_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (06/02/2016 07:34:02 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-U1BDH09N)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (06/02/2016 06:53:01 PM) (Source: AVLogEvent) (EventID: 5003) (User: NT-AUTORITÄT)
Description: McShield encountered error while stopping.
Error Code:a7f40610

Error: (06/02/2016 07:43:48 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-U1BDH09N)
Description: Bei der Aktivierung der App „Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (06/02/2016 07:40:45 AM) (Source: AVLogEvent) (EventID: 5003) (User: NT-AUTORITÄT)
Description: McShield encountered error while stopping.
Error Code:a7f40610

Error: (06/01/2016 01:32:39 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-U1BDH09N)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (05/31/2016 02:57:11 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-U1BDH09N)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (05/31/2016 01:21:20 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-U1BDH09N)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (05/30/2016 08:49:38 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-U1BDH09N)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (05/30/2016 04:56:23 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-U1BDH09N)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.


Systemfehler:
=============
Error: (06/02/2016 07:34:02 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-U1BDH09N)
Description: CortanaUI.AppXtpp90jhw9p0njjb85kvhxpppgrqfp117.mca

Error: (06/02/2016 07:33:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/02/2016 07:33:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/02/2016 07:33:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/02/2016 07:33:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/02/2016 07:12:31 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x8024200d fehlgeschlagen: Upgrade auf Windows 10 Home, Version 1511, 10586

Error: (06/02/2016 06:57:56 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "McAfee Personal Firewall Service" ist vom Dienst "McAfee Firewall Core Service" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (06/02/2016 06:55:55 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "McAfee Personal Firewall Service" ist vom Dienst "McAfee Firewall Core Service" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (06/02/2016 06:55:47 PM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: 1053mcpltsvcNicht verfügbar{20966775-18A4-4299-B8E3-772C336B52A7}

Error: (06/02/2016 06:55:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee Platform Services" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Celeron(R) CPU N3150 @ 1.60GHz
Prozentuale Nutzung des RAM: 81%
Installierter physikalischer RAM: 3919.27 MB
Verfügbarer physikalischer RAM: 744.19 MB
Summe virtueller Speicher: 4623.27 MB
Verfügbarer virtueller Speicher: 1366.03 MB

==================== Laufwerke ================================

Drive c: (Acer) (Fixed) (Total:930.91 GB) (Free:884.47 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 45BB3D7B)

Partition: GPT.

==================== Ende von Addition.txt ============================

--- --- ---

deeprybka · 02.06.2016, 20:51

Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...

Bitte arbeite alle Schritte der Reihe nach ab.
Lies die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
Führe bitte nur Scans durch, zu denen Du von mir aufgefordert wurdest.
Bitte kein Crossposting (posten in mehreren Foren).
Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
Speichere alle unsere Tools auf dem Desktop ab. Link: So ladet Ihr unsere Tools richtig
Poste die Logfiles direkt in Deinen Thread in Code-Tags.
Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 24 Stunden nichts von mir liest, dann schreibe mir bitte eine PM.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden.
Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert.
Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean bekommst.

Los geht's:

Der PC hat erstmal Online-Shopping-Pause...

Alle sensiblen Passwörter von einem sauberen PC aus ändern...

Schritt 1
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Rose1982 · 02.06.2016, 21:08

Hallo Jürgen! Danke für deine Antwort. Ich hab echt Angst,deshalb (ich hoffe das ist jetzt nicht schlimm) hab ich schon bevor du mir geantwortet hast, einen Scan mit Malewarebytes durchgeführt, die gefundenen Sachen in Quarantäne gesetzt und anschließend gelöscht.
Hab jetzt aber auch TDSSKiller runtergeladen und einen Scan gefunden mit dem Ergebnis "No threats found".

Kann ich davon ausgehen, dass alles ok ist?
Soll ich trotzdem alle Passwörter ändern?

deeprybka · 02.06.2016, 21:12

Bitte befolge die Anweisungen, poste das Log von TDSS-Killer wie beschrieben. Ob Funde oder nicht, ich kann damit mehr anfangen. Und ja, Passwörter ändern ist sinnvoll.

Dann ein frisches FRST-Log...

Schritt 1

Bitte starte FRST erneut, und drücke auf Untersuchen.
Bitte poste mir den Inhalt des Logs.

Rose1982 · 02.06.2016, 21:29

FRST Logfile:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:01-06-2016
durchgeführt von Nina (Administrator) auf LAPTOP-U1BDH09N (02-06-2016 22:20:46)
Gestartet von C:\Users\Nina\Downloads
Geladene Profile: Nina (Verfügbare Profile: Nina)
Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Amazon Inc.) C:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonService64.Exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Zhuhai Kingsoft Office Software Co.,Ltd) C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5113\wtoolex\wpsupdatesvr.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Online Games Manager\ogmservice.exe
() C:\Program Files\AVAST Software\SecureLine\vpnsvc.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(SweetLabs, Inc) C:\Users\Nina\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe
() C:\OEM\Preload\FubTracking\FubTracking.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McUICnt.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
() C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(acer) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.9.741.0\McCSPServiceHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(AVAST Software) C:\Program Files\AVAST Software\SecureLine\secureline.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
(Kaspersky Lab ZAO) C:\Users\Nina\Downloads\tdsskiller.exe
(Kaspersky Lab ZAO) C:\Users\Nina\AppData\Local\Temp\{4B15057A-95C7-494F-8C0E-8B908C0B121B}\{5CEB7190-A36C-4C75-B919-AE762DC4EF8B}.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6568.46361.0_x64__8wekyb3d8bbwe\HxMail.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6568.46361.0_x64__8wekyb3d8bbwe\HxTsr.exe
() C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13876952 2015-04-13] (Realtek Semiconductor)
HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [91488 2015-11-23] ()
HKLM-x32\...\Run: [isa] => C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [330240 2015-02-26] ()
HKU\S-1-5-21-2042935925-1608211190-3008143175-1001\...\Run: [AcerPortal] => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2740440 2016-04-20] (Acer)
HKU\S-1-5-21-2042935925-1608211190-3008143175-1001\...\Run: [eia232-89] => C:\ProgramData\eia232-80\eia232-29.exe [656896 2016-06-02] (the VideoLAN Team)
HKU\S-1-5-21-2042935925-1608211190-3008143175-1001\...\RunOnce: [hsdpa-1] => C:\Users\Nina\AppData\Roaming\hsdpa-2\hsdpa-7.exe [494080 2016-06-02] ()
HKU\S-1-5-21-2042935925-1608211190-3008143175-1001\...\Winlogon: [Shell] C:\ProgramData\lithium-7\lithium-81.exe -43,explorer.exe <==== ACHTUNG
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-04-20] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-04-20] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2016-04-20] (Acer Incorporated)
Startup: C:\Users\Nina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\centroid-7.lnk [2016-06-02]
ShortcutTarget: centroid-7.lnk -> C:\Users\Nina\AppData\Roaming\centroid-61\centroid-81.exe (XemiComputers ltd.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{32b05ac3-8cd9-4651-a343-52b1f977f102}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{bad8cf67-bb2b-4ce4-97c0-2c8d231e1097}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-2042935925-1608211190-3008143175-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer15.msn.com/?pc=ACTE
HKU\S-1-5-21-2042935925-1608211190-3008143175-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://homepage-web.com/?s=acer&m=start
SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2042935925-1608211190-3008143175-1001 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-05-15] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-05-15] (Microsoft Corporation)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-05-30] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-05-30] (McAfee, Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-15] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-15] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-15] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-05-15] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-05-30] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-05-30] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2016-04-28] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2016-04-28] (McAfee, Inc.)

FireFox:
========
FF ProfilePath: C:\Users\Nina\AppData\Roaming\Mozilla\Firefox\Profiles\nd8ajx4c.default
FF DefaultSearchEngine: Web Search
FF SelectedSearchEngine: Web Search
FF Homepage: hxxps://www.malwarebytes.org/restorebrowser//?s=acer&m=start
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2016-04-28] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll [2014-07-01] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll [2014-07-01] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2016-04-28] ()
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-05-15] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll [2016-04-17] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Extension: McAfee WebAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2015-12-29]
FF Extension: Deutsch (DE) Language Pack - C:\Users\Nina\AppData\Roaming\Mozilla\Firefox\Profiles\nd8ajx4c.default\Extensions\langpack-de@firefox.mozilla.org [2015-12-16] [ist nicht signiert]
FF Extension: PAYBACK Internet Assistent fuer Firefox - C:\Users\Nina\AppData\Roaming\Mozilla\Firefox\Profiles\nd8ajx4c.default\Extensions\toolbar-ff@payback.de.xpi [2015-12-19] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2016-06-02] [ist nicht signiert]

Chrome: 
=======
CHR HomePage: Default -> hxxp://homepage-web.com/?s=acer&m=home
CHR DefaultSearchURL: Default -> hxxps://de.search.yahoo.com/search?fr=mcafee&type=C211DE662D20151220&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR Profile: C:\Users\Nina\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Nina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-12-20]
CHR Extension: (Google Docs) - C:\Users\Nina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-12-20]
CHR Extension: (Google Drive) - C:\Users\Nina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-20]
CHR Extension: (YouTube) - C:\Users\Nina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-20]
CHR Extension: (Google-Suche) - C:\Users\Nina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-20]
CHR Extension: (SiteAdvisor) - C:\Users\Nina\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2015-12-21]
CHR Extension: (Google Docs Offline) - C:\Users\Nina\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-19]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Nina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-06]
CHR Extension: (Google Mail) - C:\Users\Nina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-20]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-06-02]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-06-02]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 0238311461682514mcinstcleanup; C:\Windows\TEMP\023831~1.EXE [962400 2016-04-12] (McAfee, Inc.)
R2 Amazon 1Button App Service; c:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonService64.Exe [436032 2016-02-17] (Amazon Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [323152 2015-05-29] (Windows (R) Win 7 DDK provider)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2860760 2016-04-18] (Acer Incorporated)
S2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2911472 2016-05-15] (Microsoft Corporation)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573568 2015-05-14] (Acer Incorporated)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [350064 2016-04-17] (WildTangent)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [599864 2016-04-23] (McAfee, Inc.)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [368552 2015-12-16] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [330240 2015-02-26] () [Datei ist nicht signiert]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-02-26] () [Datei ist nicht signiert]
R2 jhi_service; C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe [174368 2015-04-21] (Intel Corporation)
R2 Kingsoft_WPS_UpdateService; C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5113\wtoolex\wpsupdatesvr.exe [133480 2015-08-04] (Zhuhai Kingsoft Office Software Co.,Ltd)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [163592 2016-05-30] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [989192 2016-04-28] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [338208 2015-03-20] (McAfee, Inc.)
R2 mcbootdelaystartsvc; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [599864 2016-04-23] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.9.741.0\\McCSPServiceHost.exe [1903320 2016-04-18] (McAfee, Inc.)
S2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [599864 2016-04-23] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [599864 2016-04-23] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [795528 2016-04-20] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [599864 2016-04-23] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [599864 2016-04-23] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [599864 2016-04-23] (McAfee, Inc.)
S4 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232688 2016-03-07] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [382456 2016-04-01] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [277744 2016-03-07] (McAfee, Inc.)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1424352 2016-04-21] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [599864 2016-04-23] (McAfee, Inc.)
R2 ogmservice; C:\Program Files (x86)\Online Games Manager\ogmservice.exe [581568 2016-04-25] (RealNetworks, Inc.)
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1029856 2016-04-21] (Intel Security, Inc.)
R3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [398176 2015-07-09] (Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [450400 2015-07-09] (Acer Incorporated)
R2 SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [592392 2016-05-27] ()
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [247040 2015-05-27] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 athr; C:\Windows\System32\drivers\athw10x.sys [4301304 2015-05-17] (Qualcomm Atheros Communications, Inc.)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [78632 2016-03-11] (McAfee, Inc.)
R3 ETDI2C; C:\Windows\system32\DRIVERS\ETDI2C.sys [175152 2015-06-09] (ELAN Microelectronic Corp.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [207968 2016-02-24] (McAfee, Inc.)
R3 iagpioe; C:\Windows\System32\drivers\iagpioe.sys [41984 2015-06-02] (Intel(R) Corporation)
R3 iai2ce; C:\Windows\System32\drivers\iai2ce.sys [89592 2015-06-02] (Intel(R) Corporation)
R3 igfxLP; C:\Windows\system32\DRIVERS\igdkmd64lp.sys [5759240 2015-12-16] (Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21344 2015-07-09] (Acer Incorporated)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-06-02] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [419624 2016-03-11] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [349480 2016-03-11] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [83608 2016-03-11] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [493352 2016-03-11] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [842536 2016-03-11] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [543488 2016-02-10] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [109480 2016-02-10] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [45728 2016-03-15] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [243496 2016-03-11] (McAfee, Inc.)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14688 2015-07-09] (Acer Incorporated)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [895256 2015-06-18] (Realtek                                            )
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [411712 2015-05-19] (Realsil Semiconductor Corporation)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [146232 2015-06-26] (Intel Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-06-02 22:02 - 2016-06-02 22:03 - 00263142 _____ C:\TDSSKiller.3.1.0.9_02.06.2016_22.02.10_log.txt
2016-06-02 22:02 - 2016-06-02 22:02 - 00246848 ____N (Kaspersky Lab, Yury Parshin) C:\Windows\system32\Drivers\86385204.sys
2016-06-02 22:01 - 2016-06-02 22:02 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Nina\Downloads\tdsskiller.exe
2016-06-02 21:48 - 2016-06-02 21:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2016-06-02 21:45 - 2016-06-02 21:45 - 00016148 _____ C:\Windows\system32\LAPTOP-U1BDH09N_Nina_HistoryPrediction.bin
2016-06-02 21:03 - 2016-06-02 21:47 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-06-02 21:02 - 2016-06-02 21:02 - 00001179 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-06-02 21:02 - 2016-06-02 21:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-06-02 21:02 - 2016-06-02 21:02 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-06-02 21:02 - 2016-06-02 21:02 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-06-02 21:02 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-06-02 21:02 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-06-02 21:02 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-06-02 21:00 - 2016-06-02 21:02 - 22851472 _____ (Malwarebytes ) C:\Users\Nina\Downloads\mbam-setup-2.2.1.1043.exe
2016-06-02 20:58 - 2016-06-02 20:58 - 00000000 ____D C:\Users\Nina\AppData\Roaming\hsdpa-2
2016-06-02 20:56 - 2016-06-02 21:20 - 00033337 _____ C:\Users\Nina\Downloads\Addition.txt
2016-06-02 20:52 - 2016-06-02 20:52 - 08808696 _____ (SparkTrust) C:\Users\Nina\Downloads\SparkTrust PC Cleaner Plus Setup_26A2E207-047D-4D57-94E1-C1987A14A691_.exe
2016-06-02 20:49 - 2016-06-02 22:20 - 00024688 _____ C:\Users\Nina\Downloads\FRST.txt
2016-06-02 20:49 - 2016-06-02 22:20 - 00000000 ____D C:\FRST
2016-06-02 20:48 - 2016-06-02 20:49 - 02383872 _____ (Farbar) C:\Users\Nina\Downloads\FRST64.exe
2016-06-02 20:47 - 2016-06-02 20:47 - 01734656 _____ (Farbar) C:\Users\Nina\Downloads\FRST (2).exe
2016-06-02 20:46 - 2016-06-02 20:46 - 01734656 _____ (Farbar) C:\Users\Nina\Downloads\FRST.exe
2016-06-02 20:46 - 2016-06-02 20:46 - 01734656 _____ (Farbar) C:\Users\Nina\Downloads\FRST (1).exe
2016-06-02 20:35 - 2016-06-02 20:35 - 00000000 ____D C:\ProgramData\eia232-80
2016-06-02 20:10 - 2016-06-02 20:10 - 00000000 ____D C:\Users\Nina\AppData\Roaming\centroid-61
2016-06-02 20:08 - 2016-06-02 21:40 - 00000000 ____D C:\ProgramData\lithium-7
2016-06-02 20:07 - 2016-06-02 20:25 - 00000000 ____D C:\ProgramData\ckt
2016-06-02 19:08 - 2016-06-02 19:09 - 00000000 ___HD C:\$WINDOWS.~BT
2016-06-02 18:53 - 2016-06-02 18:53 - 00003388 _____ C:\Windows\System32\Tasks\AcerCloud
2016-06-01 13:32 - 2016-06-01 13:32 - 00003126 _____ C:\Windows\System32\Tasks\McAfeeLogon
2016-05-24 18:48 - 2016-05-24 18:48 - 00067013 _____ C:\Users\Nina\Downloads\Konto_660274655-Auszug_2016_002.PDF
2016-05-24 18:48 - 2016-05-24 18:48 - 00067013 _____ C:\Users\Nina\Downloads\Konto_660274655-Auszug_2016_002 (1).PDF
2016-05-22 21:13 - 2016-05-27 19:02 - 00000000 ____D C:\Users\Nina\AppData\Roaming\PlayFirst
2016-05-22 21:13 - 2016-05-27 19:02 - 00000000 ____D C:\ProgramData\PlayFirst
2016-05-22 20:09 - 2016-05-22 20:09 - 00000000 ____D C:\ProgramData\Sandlot Games
2016-05-22 15:00 - 2016-05-27 20:03 - 00000000 ____D C:\Zylom Games
2016-05-20 21:48 - 2016-05-20 21:53 - 00000000 ____D C:\Users\Nina\AppData\Roaming\FamilyVacation2
2016-05-19 21:17 - 2016-05-19 21:17 - 00000000 ____D C:\Users\Nina\AppData\Roaming\GameHouse
2016-05-18 18:57 - 2016-05-18 18:57 - 00126728 _____ C:\Users\Nina\Downloads\Yello Strom Rechnung 802255587_6166131458 - 09.08.2015 (1).pdf
2016-05-18 18:56 - 2016-05-18 18:57 - 00126728 _____ C:\Users\Nina\Downloads\Yello Strom Rechnung 802255587_6166131458 - 09.08.2015.pdf
2016-05-17 20:53 - 2016-05-17 20:53 - 00000000 ____D C:\Users\Nina\AppData\Roaming\8floor
2016-05-16 13:08 - 2016-05-16 13:08 - 00164619 _____ C:\Users\Nina\Downloads\PDF_Rechnung_M211160146964220_03-2016.pdf
2016-05-16 13:07 - 2016-05-16 13:07 - 00158496 _____ C:\Users\Nina\Downloads\PDF_Rechnung_M211160149079510_04-2016.pdf
2016-05-16 12:41 - 2016-04-15 09:21 - 01085776 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-05-16 12:41 - 2016-04-15 08:43 - 00916800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-05-16 12:41 - 2016-04-15 08:18 - 24593408 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-05-16 12:41 - 2016-04-15 08:06 - 00602624 _____ (Microsoft Corporation) C:\Windows\system32\LogonController.dll
2016-05-16 12:41 - 2016-04-15 08:01 - 03586560 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2016-05-16 12:41 - 2016-04-15 08:01 - 01381376 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2016-05-16 12:41 - 2016-04-15 07:59 - 04791808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-05-16 12:41 - 2016-04-15 07:55 - 19325952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-05-16 12:41 - 2016-04-15 07:42 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LogonController.dll
2016-05-16 12:41 - 2016-04-15 07:39 - 03580416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-05-16 12:41 - 2016-04-09 12:58 - 01365584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-05-16 12:41 - 2016-04-09 12:52 - 00502504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2016-05-16 12:41 - 2016-04-09 12:12 - 08021856 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-05-16 12:41 - 2016-04-09 12:10 - 00609976 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2016-05-16 12:41 - 2016-04-09 12:06 - 01981280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-05-16 12:41 - 2016-04-09 12:05 - 01199368 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-05-16 12:41 - 2016-04-09 12:04 - 02430304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2016-05-16 12:41 - 2016-04-09 12:04 - 01592360 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-05-16 12:41 - 2016-04-09 11:50 - 01515936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2016-05-16 12:41 - 2016-04-09 11:04 - 01780352 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2016-05-16 12:41 - 2016-04-09 10:13 - 05160960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-05-16 12:41 - 2016-04-09 10:09 - 00650240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-05-16 12:41 - 2016-04-09 09:54 - 00768000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-05-16 12:41 - 2016-04-09 09:52 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2016-05-16 12:41 - 2016-04-09 09:22 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
2016-05-16 12:41 - 2016-04-09 09:18 - 11264000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-05-16 12:41 - 2016-04-09 09:18 - 05454848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2016-05-16 12:41 - 2016-04-09 09:14 - 18798080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2016-05-16 12:41 - 2016-04-09 09:10 - 12504576 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-05-16 12:41 - 2016-04-09 09:09 - 06788608 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2016-05-16 12:41 - 2016-04-09 08:42 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-05-16 12:41 - 2016-04-09 08:41 - 00253952 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2016-05-16 12:41 - 2016-04-09 08:27 - 00627712 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll
2016-05-16 12:41 - 2016-04-09 08:13 - 21859328 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2016-05-16 12:41 - 2016-04-09 08:02 - 07521280 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2016-05-16 12:40 - 2016-04-22 07:52 - 00572928 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-05-16 12:40 - 2016-04-22 07:44 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-05-16 12:40 - 2016-04-15 08:14 - 00349184 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2016-05-16 12:40 - 2016-04-15 08:05 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\CloudDomainJoinDataModelServer.dll
2016-05-16 12:40 - 2016-04-09 12:53 - 01535032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-05-16 12:40 - 2016-04-09 12:52 - 00705520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-05-16 12:40 - 2016-04-09 12:10 - 01824872 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-05-16 12:40 - 2016-04-09 12:05 - 00331616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2016-05-16 12:40 - 2016-04-09 10:09 - 01380864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-05-16 12:40 - 2016-04-09 10:09 - 00574464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2016-05-16 12:40 - 2016-04-09 09:55 - 00373248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-05-16 12:40 - 2016-04-09 09:38 - 00464384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.dll
2016-05-16 12:40 - 2016-04-09 09:06 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-05-16 12:40 - 2016-04-09 09:05 - 01602560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-05-16 12:40 - 2016-04-09 09:05 - 00771072 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2016-05-16 12:40 - 2016-04-09 08:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-05-16 10:53 - 2016-05-16 10:53 - 00002062 _____ C:\Users\Public\Desktop\abPhoto.lnk

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-06-02 21:51 - 2015-12-17 22:59 - 00000000 ____D C:\Users\Nina\AppData\Local\CrashDumps
2016-06-02 21:48 - 2015-08-04 22:34 - 00772342 _____ C:\Windows\system32\perfh007.dat
2016-06-02 21:48 - 2015-08-04 22:34 - 00154170 _____ C:\Windows\system32\perfc007.dat
2016-06-02 21:48 - 2015-07-16 05:31 - 01790124 _____ C:\Windows\system32\PerfStringBackup.INI
2016-06-02 21:48 - 2015-07-10 13:02 - 00000000 ____D C:\Windows\INF
2016-06-02 21:45 - 2015-12-20 17:02 - 00001146 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-02 21:45 - 2015-12-16 19:09 - 00000000 __SHD C:\Users\Nina\IntelGraphicsProfiles
2016-06-02 21:45 - 2015-12-16 19:05 - 00000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-06-02 21:43 - 2015-07-10 14:21 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-02 21:43 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\Resources
2016-06-02 21:42 - 2015-07-10 11:05 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-06-02 21:37 - 2015-08-04 14:03 - 00000424 _____ C:\Windows\Tasks\WpsNotifyTask_Administrator.job
2016-06-02 21:34 - 2015-08-04 14:03 - 00000424 _____ C:\Windows\Tasks\WpsUpdateTask_Administrator.job
2016-06-02 21:23 - 2015-12-20 17:02 - 00001150 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-02 19:54 - 2015-12-16 19:09 - 00000000 ____D C:\Users\Nina\AppData\Local\Host App Service
2016-06-02 19:13 - 2015-07-10 13:04 - 00000000 ___HD C:\Program Files\WindowsApps
2016-06-02 19:13 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\AppReadiness
2016-06-02 19:12 - 2015-07-16 06:18 - 00000000 ____D C:\Windows\Panther
2016-06-02 19:07 - 2015-07-10 13:04 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-06-02 19:04 - 2015-08-04 13:26 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-06-02 18:56 - 2015-12-20 17:02 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-06-02 18:52 - 2015-07-16 05:34 - 00000000 ____D C:\Program Files\Common Files\McAfee
2016-06-02 18:52 - 2015-07-16 05:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2016-06-02 18:52 - 2015-07-16 05:31 - 00000000 ____D C:\Program Files (x86)\Acer
2016-06-02 18:44 - 2015-12-16 19:14 - 00000000 ____D C:\Users\Nina\AppData\Local\clear.fi
2016-06-02 07:44 - 2015-07-10 13:04 - 00000000 ___HD C:\Windows\ELAMBKUP
2016-06-01 13:32 - 2015-12-19 19:45 - 00000000 ____D C:\Windows\System32\Tasks\McAfee
2016-05-31 14:50 - 2015-07-10 11:05 - 00032768 ___SH C:\Windows\system32\config\ELAM
2016-05-30 15:55 - 2015-12-16 19:18 - 00000000 ____D C:\Users\Nina\AppData\Local\Comms
2016-05-28 10:30 - 2015-12-28 12:38 - 00000000 ____D C:\Users\Nina\Documents\Haushaltsbuch
2016-05-27 20:03 - 2016-04-14 22:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zylom
2016-05-27 20:03 - 2016-04-14 22:04 - 00000000 ____D C:\Users\Nina\AppData\Local\com.gamehouse.acid
2016-05-27 19:01 - 2016-04-14 22:05 - 00000000 ____D C:\ProgramData\Trymedia
2016-05-25 17:24 - 2015-07-16 05:34 - 00000000 ____D C:\ProgramData\McAfee
2016-05-22 15:00 - 2016-04-17 11:52 - 00000000 ____D C:\Users\Nina\AppData\Local\JollyBear
2016-05-22 15:00 - 2016-04-17 11:52 - 00000000 ____D C:\ProgramData\JollyBear
2016-05-20 21:19 - 2016-04-15 18:32 - 00000000 ____D C:\Users\Nina\AppData\Roaming\ERS Game Studios
2016-05-20 20:01 - 2015-12-16 19:17 - 00002388 _____ C:\Users\Nina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-05-20 20:01 - 2015-12-16 19:17 - 00000000 ___RD C:\Users\Nina\OneDrive
2016-05-19 21:26 - 2015-12-20 17:02 - 00003972 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-05-18 22:13 - 2015-07-10 15:14 - 00000000 ____D C:\Program Files\Windows Journal
2016-05-17 21:03 - 2016-04-15 19:35 - 00000000 ____D C:\ProgramData\Playrix Entertainment
2016-05-16 22:11 - 2015-07-10 12:55 - 00000000 ____D C:\Windows\CbsTemp
2016-05-16 22:10 - 2015-12-17 22:20 - 00000000 ____D C:\Windows\system32\MRT
2016-05-16 20:51 - 2015-12-17 22:20 - 139319312 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-05-16 12:43 - 2015-12-16 19:09 - 00000000 ____D C:\Users\Nina\AppData\Local\Packages
2016-05-16 10:53 - 2015-12-16 19:18 - 00003508 _____ C:\Windows\System32\Tasks\BacKGroundAgent
2016-05-16 10:53 - 2015-07-16 06:13 - 00000000 ___HD C:\OEM
2016-05-15 22:35 - 2015-12-16 19:09 - 00000000 ____D C:\Users\Nina
2016-05-13 22:24 - 2015-12-20 17:03 - 00002268 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-05-13 22:24 - 2015-12-20 17:03 - 00002256 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-05-11 21:50 - 2015-07-10 13:06 - 00829944 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-05-11 21:50 - 2015-07-10 13:06 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-05-11 13:18 - 2015-12-20 17:02 - 00004208 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-05-11 13:18 - 2015-12-20 17:02 - 00003976 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-08-04 13:41 - 2015-08-04 13:41 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
C:\Users\Nina\AppData\Local\Temp\i4jdel0.exe
C:\Users\Nina\AppData\Local\Temp\oct16B3.tmp.exe
C:\Users\Nina\AppData\Local\Temp\oct3152.tmp.exe
C:\Users\Nina\AppData\Local\Temp\oct61F2.tmp.exe
C:\Users\Nina\AppData\Local\Temp\oct6AF6.tmp.exe
C:\Users\Nina\AppData\Local\Temp\octDFD9.tmp.exe
C:\Users\Nina\AppData\Local\Temp\proxy_vole2700381967827039359.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-05-26 22:18

==================== Ende von FRST.txt ============================

--- --- ---

22:02:10.0816 0x0928 TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
22:02:10.0816 0x0928 UEFI system
22:02:16.0122 0x0928 ============================================================
22:02:16.0122 0x0928 Current date / time: 2016/06/02 22:02:16.0122
22:02:16.0122 0x0928 SystemInfo:
22:02:16.0123 0x0928
22:02:16.0123 0x0928 OS Version: 10.0.10240 ServicePack: 0.0
22:02:16.0123 0x0928 Product type: Workstation
22:02:16.0123 0x0928 ComputerName: LAPTOP-U1BDH09N
22:02:16.0123 0x0928 UserName: Nina
22:02:16.0123 0x0928 Windows directory: C:\Windows
22:02:16.0123 0x0928 System windows directory: C:\Windows
22:02:16.0123 0x0928 Running under WOW64
22:02:16.0123 0x0928 Processor architecture: Intel x64
22:02:16.0123 0x0928 Number of processors: 4
22:02:16.0124 0x0928 Page size: 0x1000
22:02:16.0124 0x0928 Boot type: Normal boot
22:02:16.0124 0x0928 ============================================================
22:02:17.0180 0x0928 KLMD registered as C:\Windows\system32\drivers\86385204.sys
22:02:18.0022 0x0928 System UUID: {66776402-8358-75E4-1262-CD8F74510975}
22:02:19.0995 0x0928 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:02:20.0025 0x0928 ============================================================
22:02:20.0025 0x0928 \Device\Harddisk0\DR0:
22:02:20.0029 0x0928 GPT partitions:
22:02:20.0041 0x0928 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {CA245E85-9204-40C1-9C33-060CD8CD6D63}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x32000
22:02:20.0041 0x0928 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {9DBBC982-DBF7-4056-9917-3DC05F3DAD3D}, Name: Microsoft reserved partition, StartLBA 0x32800, BlocksNum 0x8000
22:02:20.0041 0x0928 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {ADCF21DD-3097-48DA-BE93-366CCA4CD13C}, Name: Basic data partition, StartLBA 0x3A800, BlocksNum 0x745D2000
22:02:20.0042 0x0928 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {FF33A36B-8BFA-422D-8284-19EE9AC605E3}, Name: Basic data partition, StartLBA 0x7460C800, BlocksNum 0xFA000
22:02:20.0042 0x0928 MBR partitions:
22:02:20.0042 0x0928 ============================================================
22:02:20.0060 0x0928 C: <-> \Device\Harddisk0\DR0\Partition3
22:02:20.0069 0x0928 ============================================================
22:02:20.0069 0x0928 Initialize success
22:02:20.0069 0x0928 ============================================================
22:02:38.0790 0x2440 ============================================================
22:02:38.0790 0x2440 Scan started
22:02:38.0790 0x2440 Mode: Manual;
22:02:38.0790 0x2440 ============================================================
22:02:38.0790 0x2440 KSN ping started
22:03:01.0198 0x2440 KSN ping finished: false
22:03:05.0497 0x2440 ================ Scan system memory ========================
22:03:05.0497 0x2440 System memory - ok
22:03:05.0498 0x2440 ================ Scan services =============================
22:03:05.0639 0x2440 0238311461682514mcinstcleanup - ok
22:03:05.0764 0x2440 [ 22CE801AD25C51E2553F41A076BB0CB2, 0520216417F1619FB642734EC937C59D5E79A24306C1E9B793C82FAE077851E6 ] 1394ohci C:\Windows\System32\drivers\1394ohci.sys
22:03:05.0787 0x2440 1394ohci - ok
22:03:05.0853 0x2440 [ 2C49A2441EBB24C6ACFB524C1459115F, 0ABACB6F21C41C0297994E61F1BFABB3905AF6B569D0446FE8E174EB9225B8EF ] 3ware C:\Windows\system32\drivers\3ware.sys
22:03:05.0859 0x2440 3ware - ok
22:03:05.0920 0x2440 [ B87D3D07FE6F15328C6860D542F0E2BD, 46CF069EDD7DBFB4DB800BABA3081DAB363DD2CFD724AFF5916D3419F62A3574 ] ACPI C:\Windows\system32\drivers\ACPI.sys
22:03:05.0942 0x2440 ACPI - ok
22:03:05.0976 0x2440 [ 1E3C4EDBB7F3F668B7205E351010BB79, A3CA12F72836C4F77B671264828B370B9EBA9CD71110E2C0514994760B6B12FF ] acpiex C:\Windows\system32\Drivers\acpiex.sys
22:03:05.0982 0x2440 acpiex - ok
22:03:06.0000 0x2440 [ 13B1C26AEDCB40082CDD97506F968129, 883442206B4C60AA493E84CC3037B6C1568441E1F43D2B1FCBFD8D87D135D511 ] acpipagr C:\Windows\System32\drivers\acpipagr.sys
22:03:06.0002 0x2440 acpipagr - ok
22:03:06.0019 0x2440 [ B3D64FF927D611721DA73A61BF3A18B3, 96B51AFDC3078B5088AAF66F0CF3E07D2FCBBC84A19D309A25DF0A5C6CECB958 ] AcpiPmi C:\Windows\System32\drivers\acpipmi.sys
22:03:06.0022 0x2440 AcpiPmi - ok
22:03:06.0036 0x2440 [ 19F793B2203D94AC1F8AEDB08B494E2E, DC98CCF9935E1F1C32FA88575A9A678B74916EFF48E39A64CF1FF92232F64A52 ] acpitime C:\Windows\System32\drivers\acpitime.sys
22:03:06.0039 0x2440 acpitime - ok
22:03:06.0161 0x2440 [ 36114214BF8D7C464D1E92E4EB6B2DD3, 8E7CB266D4ABCDF332A3D4D341753811D51B72985E36F24A7E757DCA11A65A2A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:03:06.0165 0x2440 AdobeARMservice - ok
22:03:06.0319 0x2440 [ 2A24E10C1A1DE0E0035E353EED494A1C, CBBFA86578BE74CAADDCA923D65E3BFFC57BC17B887936ADE5C6952530546A22 ] ADP80XX C:\Windows\system32\drivers\ADP80XX.SYS
22:03:06.0362 0x2440 ADP80XX - ok
22:03:06.0427 0x2440 [ A3D96563BF46FC8A0E5756B796127D14, BAD3C30714F6514D2AF725077A79FF671CC022E415786E1666C0B7C24CE3670A ] AFD C:\Windows\system32\drivers\afd.sys
22:03:06.0450 0x2440 AFD - ok
22:03:06.0468 0x2440 [ EF09D07626820F7F89519514C17FE768, C3EC1DC163CD5946270ED876CD414889BBF2C586A8AF5DC7825FA5D77001E827 ] agp440 C:\Windows\system32\drivers\agp440.sys
22:03:06.0472 0x2440 agp440 - ok
22:03:06.0496 0x2440 [ 8A289EF0721F95267BF2404BABEE146D, E263D258F03DF3BB405D49AE7230C37E7EB8F392FDEE48059C7C1E3709520D35 ] ahcache C:\Windows\system32\DRIVERS\ahcache.sys
22:03:06.0506 0x2440 ahcache - ok
22:03:06.0537 0x2440 [ C301499987AF909258774AE9DC5778BB, 3ED539C999847116AE9DB9C8C5A34AB09703BAE3018E1EAF6DBC779BB6736F32 ] AJRouter C:\Windows\System32\AJRouter.dll
22:03:06.0540 0x2440 AJRouter - ok
22:03:06.0562 0x2440 [ DD69535D379F9E40AD0D6002887AAA99, 579DD18CE2B264B4058C6069B8AEE6FD9FE6A882B7DA19E300DFE40B37A4E5BE ] ALG C:\Windows\System32\alg.exe
22:03:06.0567 0x2440 ALG - ok
22:03:06.0637 0x2440 [ 976966A13B587E2FEB883B516D868B6B, 8E95476EAFF9F75DE2DA85BD791AD8F5BE6EAC933C59DCC41B9F71860CA80868 ] Amazon 1Button App Service c:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonService64.Exe
22:03:06.0655 0x2440 Amazon 1Button App Service - ok
22:03:06.0691 0x2440 [ 6763084E8322A4876D1613854640F914, 89EEEB47517A9964FA799821E5E45BDD6009EBDC628D6DADE6A7F03DE7CDA6CD ] AmdK8 C:\Windows\System32\drivers\amdk8.sys
22:03:06.0697 0x2440 AmdK8 - ok
22:03:06.0725 0x2440 [ DE29D8AB57AD67D4940CAB4A48B3E230, 4E92AFCD9107573DAB8E65AC6318E4B8851DCCBE17E135DFF8CF5733210B52E6 ] AmdPPM C:\Windows\System32\drivers\amdppm.sys
22:03:06.0730 0x2440 AmdPPM - ok
22:03:06.0756 0x2440 [ 4C1F9BBAF5CCD76D4642F3B92B97B454, 514CCAA8B586B1019658BE101046386EB727AD48D7913AEF9A168763E91F0DE5 ] amdsata C:\Windows\system32\drivers\amdsata.sys
22:03:06.0761 0x2440 amdsata - ok
22:03:06.0804 0x2440 [ F8195C1A15955180DD663E7FF4C2F6DD, F3C0C6B38FB9478217EE25EBDBDF7A18F01B97655BC38373E70E71171705D5E9 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
22:03:06.0815 0x2440 amdsbs - ok
22:03:06.0829 0x2440 [ DD2F5BBCFAC4D8E48DB1A95A7EEBFF08, 619E3106072C6F785144D785C4AFB4C607CAF7ED29AAA4A1411BE262E62B7ADE ] amdxata C:\Windows\system32\drivers\amdxata.sys
22:03:06.0832 0x2440 amdxata - ok
22:03:06.0864 0x2440 [ 46AAF119090573A80D603745582229ED, 8D7C4AED66DD32A104965DC23D17C0815CD1BE2E3D52375C1A63863664EE174F ] AppID C:\Windows\system32\drivers\appid.sys
22:03:06.0871 0x2440 AppID - ok
22:03:06.0907 0x2440 [ 24315B385F515D6D5476757EAFD62633, CE645397BF43CC54B864A0E4FCB86F76C10B9C2D2482E85DBBE15EF7BF045F17 ] AppIDSvc C:\Windows\System32\appidsvc.dll
22:03:06.0910 0x2440 AppIDSvc - ok
22:03:06.0932 0x2440 [ 2CE396457D5C18F034D243EC7E159010, DDF588A568DF5EAE058DF315535BD746760363E2242EF8C705F8DCBA2D5DA4A7 ] Appinfo C:\Windows\System32\appinfo.dll
22:03:06.0937 0x2440 Appinfo - ok
22:03:06.0983 0x2440 [ A8AC0B8ED134888731D1A1BCEF930FA1, 917D2C99CB28C5F20BA386148B6A93541AEF900A9A99D310D732B501322945E5 ] AppReadiness C:\Windows\system32\AppReadiness.dll
22:03:07.0007 0x2440 AppReadiness - ok
22:03:07.0139 0x2440 [ DD613F1BD0559E50B8022C429D638DE8, 38939994ACDD6B3E58378194189848B33DF02AF1DB3566236B195979698B77F1 ] AppXSvc C:\Windows\system32\appxdeploymentserver.dll
22:03:07.0230 0x2440 AppXSvc - ok
22:03:07.0259 0x2440 [ 0756EECAC010BE449D07502DF27E7701, 6A895CA80050D021DB5E130102F626027339A22673B7C15C51A375C0401F03D2 ] arcsas C:\Windows\system32\drivers\arcsas.sys
22:03:07.0265 0x2440 arcsas - ok
22:03:07.0295 0x2440 [ A5792F971EFE86B7F56EE7299ED1082B, 82DCD15E2C9D8A3EA663941C9CE73020FEEF2F91354D0BB51E8A142AA1E30217 ] AsyncMac C:\Windows\System32\drivers\asyncmac.sys
22:03:07.0297 0x2440 AsyncMac - ok
22:03:07.0307 0x2440 [ 8921DF6060DB5C7700AA48CB12E9EA08, 8F18841B454CDE4926C50B23F818D00ECE0AE884DB198E396445CB44CB39B2C4 ] atapi C:\Windows\system32\drivers\atapi.sys
22:03:07.0310 0x2440 atapi - ok
22:03:07.0384 0x2440 [ A93AEF7D49E8D008258174E473FD184F, 7A7A38B5821FEA0CE2F379E5B6F53E444BA0EFAB12707FA75A7F369204775848 ] AtherosSvc C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe
22:03:07.0398 0x2440 AtherosSvc - ok
22:03:07.0609 0x2440 [ 477906D31E1A5FDA0E5CD8D189DAD61F, C3A425D1167B6E0F15F9F8F084A3FE71F49CA7EB4ACB1CADB5F87DC2DB7B9039 ] athr C:\Windows\System32\drivers\athw10x.sys
22:03:07.0763 0x2440 athr - ok
22:03:07.0819 0x2440 [ 240FF83DD79546B26F187FAB20F83864, C4DC0159016B4A4630357131E614814C068D07BEA94AAF6393E882A78C9FCA1E ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
22:03:07.0831 0x2440 AudioEndpointBuilder - ok
22:03:07.0907 0x2440 [ 6300722E8527EC54D426FD00EE5196B2, 71376BE797E8F3E2E671167DA400239D5289DE7EE56CF29564C98715B9DB1D09 ] Audiosrv C:\Windows\System32\Audiosrv.dll
22:03:07.0948 0x2440 Audiosrv - ok
22:03:07.0985 0x2440 [ 2F7F80543129210CA75995D0DCA488E8, 353E598FF26FA363C02A2B44BA8D7D1ED97B8AC8C69F1B5C5D521BD0D5D5AB94 ] AxInstSV C:\Windows\System32\AxInstSV.dll
22:03:07.0991 0x2440 AxInstSV - ok
22:03:08.0041 0x2440 [ 00D64E82900E4EC9062805ED87C2D75A, 577110F9A7C6C2C4CF86FFF4F60E23F61623ED325FC950033900A5102754A677 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
22:03:08.0062 0x2440 b06bdrv - ok
22:03:08.0083 0x2440 [ 5164A66EC1565711A7B4CF2F143B4979, DA29F0FB63F3EB2BF92D51FEB4BB7D2B964553D2F634556325953927464CB3A5 ] BasicDisplay C:\Windows\System32\drivers\BasicDisplay.sys
22:03:08.0087 0x2440 BasicDisplay - ok
22:03:08.0100 0x2440 [ F4C58BBF2972BD84C73F6A14CA35AC4E, B7A226EB861B63ACF4BF9B5A331ACA6FFC9B787DCCAA7697EEFC4F634508A6D5 ] BasicRender C:\Windows\System32\drivers\BasicRender.sys
22:03:08.0103 0x2440 BasicRender - ok
22:03:08.0126 0x2440 [ 25349D0B334E528667980948ED107D89, 70EF9D3B8DCAC6E9720C6F3EBC77392FADC182A6925F9024FE30A21321E0137F ] bcmfn2 C:\Windows\System32\drivers\bcmfn2.sys
22:03:08.0129 0x2440 bcmfn2 - ok
22:03:08.0151 0x2440 [ DF78B56EEE6004DEE8CE57763128075E, 5758CAF4B0182F3F2E2508B3BB58B0271F2689808D09675B2753FE373D1D77D2 ] BDESVC C:\Windows\System32\bdesvc.dll
22:03:08.0166 0x2440 BDESVC - ok
22:03:08.0181 0x2440 [ 1E8A9267F8886803AAE02982FC1B5BC4, 655DF84E037BD6E582A6BA89737A4388956219171AF7253D126E54A23F16BE59 ] Beep C:\Windows\system32\drivers\Beep.sys
22:03:08.0183 0x2440 Beep - ok
22:03:08.0240 0x2440 [ 7FAFFFC4C59F5010D6E7CEA152076B92, 945FD6C04E109D4E5A4164BAA9A8120EC85AB809555AAD83E61B9F179F976FD7 ] BFE C:\Windows\System32\bfe.dll
22:03:08.0271 0x2440 BFE - ok
22:03:08.0370 0x2440 [ BD60F5633F6BD617D9ECCA3FFDC0D37E, 2F0DECAEB7096CD628387263381E123C883F483BD87F7F2BA6DEFBB5A184BAA3 ] BITS C:\Windows\System32\qmgr.dll
22:03:08.0427 0x2440 BITS - ok
22:03:08.0462 0x2440 [ C9FD65687EF89715999C582D3E568812, 42BA59A78A47C510CB2AFDC6C6080B33F9F611F84FEE5262DFF16D7633C50EB1 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
22:03:08.0468 0x2440 bowser - ok
22:03:08.0526 0x2440 [ 3A4A543F135DE9A06ABA9DF982D79DD7, ABA165435C27BE15D7EBD3E7D023E295CB7AE2A099DF9E253C78EC45EADD75EA ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
22:03:08.0547 0x2440 BrokerInfrastructure - ok
22:03:08.0588 0x2440 [ B88731761FF66380303BEE550C5ED5B9, 8DB89CEDA511E199527CC7682262D80C7EEE77F92C76A6F9291BC24D1DC31318 ] Browser C:\Windows\System32\browser.dll
22:03:08.0595 0x2440 Browser - ok
22:03:08.0654 0x2440 [ 85E89F02B70B408C959F0616F3AE13B7, 2683DC02EDB228275BAAC157A835C31B74AAD20699340E2ADBF9F6CA39590E97 ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys
22:03:08.0678 0x2440 BtFilter - ok

22:03:08.0708 0x2440 [ F8DD3B0EAC1EF1D087AE47E5819540AC, 866C951B52E3202AC89552AEA72A45123367199335578F03815E2ED55DA2FDAE ] BthAvrcpTg C:\Windows\System32\drivers\BthAvrcpTg.sys
22:03:08.0711 0x2440 BthAvrcpTg - ok
22:03:08.0781 0x2440 [ 74C9D52F3F594529465E18B2BFF80487, F1ECD8B730AD8B90673735FD6D2D9F6F0754F8BAB7135B16A41128145D5F9377 ] BthEnum C:\Windows\System32\drivers\BthEnum.sys
22:03:08.0787 0x2440 BthEnum - ok
22:03:08.0824 0x2440 [ 647E2A425AD43637EAA01096A58B7089, 8F76D024FEBCBA1AC54363133DE1E0DD5B9D696E5E688EFEBC3B79F7F1B9C568 ] BthHFEnum C:\Windows\System32\drivers\bthhfenum.sys
22:03:08.0828 0x2440 BthHFEnum - ok
22:03:08.0848 0x2440 [ B95040CAD3434D9EE003065363A0FAFF, D441E0676EA1AE1ABC305732024311CA59715E6763B3D7ADB728DEEFC403E182 ] bthhfhid C:\Windows\System32\drivers\BthHFHid.sys
22:03:08.0851 0x2440 bthhfhid - ok
22:03:08.0983 0x2440 [ F334BF7B0737CEB3B6822631EAD55A87, 4E5AEB1F8E109BA01A5D1CDE2E3C677FF07F2AFE8B195CB5F82AA28816D2060E ] BthHFSrv C:\Windows\System32\BthHFSrv.dll
22:03:09.0010 0x2440 BthHFSrv - ok
22:03:09.0081 0x2440 [ 10C7E03E6DF231F26136C5C7BADEF3FC, F1712E1D95C7443613482451564C91D333D3F9B772F8954939E23247CAE65C35 ] BthLEEnum C:\Windows\System32\drivers\BthLEEnum.sys
22:03:09.0107 0x2440 BthLEEnum - ok
22:03:09.0130 0x2440 [ 29AEE352AED4FCD2191436D263D75347, 3D21262EA26BF423BFA4A9146E53F8B036B2A1157DBE91A11C5603AF7A670B6F ] BTHMODEM C:\Windows\System32\drivers\bthmodem.sys
22:03:09.0134 0x2440 BTHMODEM - ok
22:03:09.0171 0x2440 [ 38C97371F058E889F730BF35530732F4, 7CD16DF9C51D40CF80392E6DF444D6F5546B0E8B6A6DAC6DFD70BB45E014FA27 ] BthPan C:\Windows\System32\drivers\bthpan.sys
22:03:09.0178 0x2440 BthPan - ok
22:03:09.0244 0x2440 [ FCC211B0F46D831506D0D76539203899, A2609658AE36EB0FE4CFAA00684986193FEACED7BA8D869A9DF8D03312E53169 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
22:03:09.0279 0x2440 BTHPORT - ok
22:03:09.0314 0x2440 [ 26DD0127A05B333E36316E6EA9A6AAE2, A2DC4483FF5639EE8DD315AB2989865CA6A6992C578FD7F7D31698A015355941 ] bthserv C:\Windows\system32\bthserv.dll
22:03:09.0319 0x2440 bthserv - ok
22:03:09.0353 0x2440 [ 5866AE46EEF644E6DE5C95942AE419D7, 0726C0845D2BA4247AB26ACF05006F6FA96015158CD49795801BB906DA80C007 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
22:03:09.0357 0x2440 BTHUSB - ok
22:03:09.0383 0x2440 [ 854AF190F55E6D70EC65A85798F896E2, 6D39F9131BE93F934502BA1DB109E7AD35D3987B636F7B32F9C34823DF25746B ] buttonconverter C:\Windows\System32\drivers\buttonconverter.sys
22:03:09.0386 0x2440 buttonconverter - ok
22:03:09.0408 0x2440 [ A10A1E05A943B10ECE5D57D131B7404D, 71BB816B6841001A4305DF1814926B639265E91895CA5D06284B0970E40CE386 ] CapImg C:\Windows\System32\drivers\capimg.sys
22:03:09.0413 0x2440 CapImg - ok
22:03:09.0613 0x2440 [ 41D709EB4211F6F6411F6105FA39518F, C8C95242BDD88B3FA5CBD1F235A80083B025B59FDAF2BA9040E21A8377BA6FA3 ] CCDMonitorService C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
22:03:09.0716 0x2440 CCDMonitorService - ok
22:03:09.0736 0x2440 [ F2829DC6D292DCAC5029893BB2E9FEE3, AF2A25722D3BE37BABD1F6668786AAF39E9D6CA18CE8E845E63266E218C64526 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
22:03:09.0742 0x2440 cdfs - ok
22:03:09.0772 0x2440 [ F3A9E38AE23AD4015764AF89E4AE3519, 57ED6AC834177E128720FEC5B5793F35C7C36474E2D787F182B6730933222CC9 ] CDPSvc C:\Windows\System32\CDPSvc.dll
22:03:09.0779 0x2440 CDPSvc - ok
22:03:09.0832 0x2440 [ CA160E02F35A61C6F5C681FB4669C519, E6BC66156EE226F16804C4FDC8A60EB15CE6212EAFB9FB841FAC899979E140E2 ] cdrom C:\Windows\System32\drivers\cdrom.sys
22:03:09.0846 0x2440 cdrom - ok
22:03:09.0879 0x2440 [ 320E7A02D81A468E8C1FEEFDB856AFAE, E65127D3D6B628F9D19EA509FEBD9E4DC1BF20D0C62C3C9E1D7087DF972B2AA7 ] CertPropSvc C:\Windows\System32\certprop.dll
22:03:09.0895 0x2440 CertPropSvc - ok
22:03:09.0989 0x2440 [ 8030844CFB108E9E26385FC0CC3A8340, 74DE72D76510D3C5290B03FB90AED134A42A35176A1F080405FCBDAB0CD493B7 ] cfwids C:\Windows\system32\drivers\cfwids.sys
22:03:10.0005 0x2440 cfwids - ok
22:03:10.0021 0x2440 [ 60D7D304DF75DFF6A46CF633F583B592, 4141D8D1C6FE829C02053DA91AC6B0628BDEB3322CAAD4AD958190F9D173340E ] circlass C:\Windows\System32\drivers\circlass.sys
22:03:10.0036 0x2440 circlass - ok
22:03:10.0120 0x2440 [ FF9D4BCE19E5D36CB3A845A3286DA6C3, A0E2C38D629359EEC6F8EEC6F92A3E571AEF018BAF259F395DC497ED4827460B ] CLFS C:\Windows\system32\drivers\CLFS.sys
22:03:10.0149 0x2440 CLFS - ok
22:03:10.0762 0x2440 [ B005FACC39CF5345F7040CFFBA321150, D86A465759733E6710DD19A8DA353FD80AC09F794E13F40911D6942E2638ED8D ] ClickToRunSvc C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
22:03:10.0895 0x2440 ClickToRunSvc - ok
22:03:11.0064 0x2440 [ 282BF6B5AB1F4A24AFAAB8FED0FD7731, 413B903B7799DB746D20E8CC643C80E83362EB27F8A7A45ACCAA84E6FD64252F ] ClipSVC C:\Windows\System32\ClipSVC.dll
22:03:11.0091 0x2440 ClipSVC - ok
22:03:11.0141 0x2440 [ 8EBA63416EC166EBA6EF6D34A505D8C8, 5EB0236ABEA2277B71D9F009DA71934C618606B20BBEC07B8595195E40C12A2B ] CmBatt C:\Windows\System32\drivers\CmBatt.sys
22:03:11.0153 0x2440 CmBatt - ok
22:03:11.0224 0x2440 [ 9281116A817FE051AAA8BA2711FC2507, 18F51171C87D628C3CA1A4A236744CB465E9F6062882C064B5BCF249E0EB259E ] CNG C:\Windows\system32\Drivers\cng.sys
22:03:11.0248 0x2440 CNG - ok
22:03:11.0287 0x2440 [ 5EEA0856000F81B3D709BC81B3AA1EF2, C04E4E31D3FC38102BA410D312F58AF848920EE37004A5C306D79229C9B6079A ] cnghwassist C:\Windows\system32\DRIVERS\cnghwassist.sys
22:03:11.0301 0x2440 cnghwassist - ok
22:03:11.0550 0x2440 [ 74CD3BF688E2B408227FE012A2F2D8ED, CC01AC79CEB9DC94FA5675D66F048928C9968B8944E34F5482A73C14B70EE8A8 ] CompositeBus C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_98334ba6e76853ba\CompositeBus.sys
22:03:11.0553 0x2440 CompositeBus - ok
22:03:11.0563 0x2440 COMSysApp - ok
22:03:11.0581 0x2440 [ D38774D1D383A2CDB9A4F64B7206913B, 6CDDC46D1D431342F00CA537FC327B23B8AA4D513CEEEE61F3E19C77975DF9C8 ] condrv C:\Windows\system32\drivers\condrv.sys
22:03:11.0584 0x2440 condrv - ok
22:03:11.0648 0x2440 [ 8AFDD74F2DC5BAD9B2215FB19DB65240, A2BDDA4C77C63D3D8E9F1D397D7B41EC1BF093A6399C14D311D4D230B5F1E093 ] CoreMessagingRegistrar C:\Windows\system32\coremessaging.dll
22:03:11.0680 0x2440 CoreMessagingRegistrar - ok
22:03:11.0759 0x2440 [ 58B2271F2FDB0BB7DC5F68FA9886EE40, 7383DAD86429471AF346B514872017565E4518BA78E86349E3EDC2DDECF4CE23 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
22:03:11.0786 0x2440 cphs - ok
22:03:11.0816 0x2440 [ 35DB06AACD8AD5999161DA71FF0E16F0, 22AD27811AAD14666ACEF4115447B0CFAA70D1E73923059FB2A9B4C3CBE500A6 ] CryptSvc C:\Windows\system32\cryptsvc.dll
22:03:11.0821 0x2440 CryptSvc - ok
22:03:11.0853 0x2440 [ F038EAF73AAB72A4A89185A5A7B9FD75, 8213A60B3BEAFC1C554C5D049DFE3C6E44CEFE639EDD6A335AC18A9DAEDA2D4B ] dam C:\Windows\system32\drivers\dam.sys
22:03:11.0856 0x2440 dam - ok
22:03:11.0926 0x2440 [ 5E57B9FBB4E9C43EE5B69BEE01A1819F, A1F8D1E52AF446CEA2EB50064E3A24B713B19197D61C3EAECB81B3CCD80558E7 ] DcomLaunch C:\Windows\system32\rpcss.dll
22:03:11.0962 0x2440 DcomLaunch - ok
22:03:11.0995 0x2440 [ 0605AB12BF1856DF21AB708F28EA91CF, 3A6A7F8F84044DC1EA490A007E6DBC52203BA237ECF1B845961D9BB95E9BF8C8 ] DcpSvc C:\Windows\system32\dcpsvc.dll
22:03:12.0005 0x2440 DcpSvc - ok
22:03:12.0039 0x2440 [ BABB7BB5AD3CECFF466E6080F43CFC58, 1B8FF66557EC4C749156ED6DACC4D61D5DC4E25DD58F6DB3713C356214B80FDA ] defragsvc C:\Windows\System32\defragsvc.dll
22:03:12.0059 0x2440 defragsvc - ok
22:03:12.0204 0x2440 [ 63C9464B165D31ACC46B6B089AB36B41, DE38DE4E6331D07630B63224F8014C27368C29791EDB58CC5DAE7CBACD37160A ] DeviceAssociationService C:\Windows\system32\das.dll
22:03:12.0230 0x2440 DeviceAssociationService - ok
22:03:12.0269 0x2440 [ 7B3DA16FAA498838BB457E0B7E380EDF, B73DCFFA60886F10765E4B76A58CFF18C08CAFEE620700361FC8FEC7E80B5958 ] DeviceInstall C:\Windows\system32\umpnpmgr.dll
22:03:12.0284 0x2440 DeviceInstall - ok
22:03:12.0305 0x2440 [ CF3895DD260ADE05BC91D8FBE0A82907, D7D8A29E873BE5C3832C9264F0165F6CD50D42ED0E04B0FCF07F054793092334 ] DevQueryBroker C:\Windows\system32\DevQueryBroker.dll
22:03:12.0309 0x2440 DevQueryBroker - ok
22:03:12.0357 0x2440 [ 55D5C5B0B9F9B65BD452136A384E6EAC, A50530EDF3B7BAF39686E97379E9148D8678FE105207A0B5BD437C32E18E030A ] Dfsc C:\Windows\system32\Drivers\dfsc.sys
22:03:12.0364 0x2440 Dfsc - ok
22:03:12.0397 0x2440 [ E59C209F1F633C1AEAF151B2CA46BBAA, 6A4DA927418B56A228CC8D9DFA3351B2B53A9328F5C56C10F0C7B19974B2ED89 ] Dhcp C:\Windows\system32\dhcpcore.dll
22:03:12.0413 0x2440 Dhcp - ok
22:03:12.0488 0x2440 [ 95AA7877FD4161BFBC8493F9279B1901, F6B7DF75D763A89901BD12454BEF92D161B392F721B8568505073929D9F419BD ] diagnosticshub.standardcollector.service C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
22:03:12.0500 0x2440 diagnosticshub.standardcollector.service - ok
22:03:12.0593 0x2440 [ 28257B48DCBE3A193FFC41CF59CE293F, 89EA2E2F4A3D0238750C97FEBEF27B5DCD896127A20C5FE859B1705BDCC1F6A6 ] DiagTrack C:\Windows\system32\diagtrack.dll
22:03:12.0656 0x2440 DiagTrack - ok
22:03:12.0710 0x2440 [ FDCD449AE9E75D7690593D16ADAF4DB4, 3366C4BDB031EB525F85850E903C46802A2AC762C0772C6F6E543DDA4AF1E9D5 ] disk C:\Windows\system32\drivers\disk.sys
22:03:12.0715 0x2440 disk - ok
22:03:12.0756 0x2440 [ 43A1B8B43CA4E213E0FD920F2FD6BCBA, 839C6047FD6EA951538209C30C9D8AE68F9B47A58DA151D071C03408250B0ECD ] DmEnrollmentSvc C:\Windows\system32\Windows.Internal.Management.dll
22:03:12.0772 0x2440 DmEnrollmentSvc - ok
22:03:12.0796 0x2440 [ F10A8F6D036CEDD14A5471782C52F041, E0DA3C4F76DBBEAED549375E57819F8825B33A118F7674D417D294054863F648 ] dmvsc C:\Windows\System32\drivers\dmvsc.sys
22:03:12.0799 0x2440 dmvsc - ok
22:03:12.0834 0x2440 [ 7228733177F673B4D51BD1AA082D47C1, DBE155CDCFAA7C32407A207F637F252FA0CE30F1DE7E7DBEC42DB37FADB5BFA7 ] dmwappushservice C:\Windows\system32\dmwappushsvc.dll
22:03:12.0839 0x2440 dmwappushservice - ok
22:03:12.0858 0x2440 [ 592E41B3C11CA12203D3708AD8FC3D37, 6C69D5D603FBF038C069EDDCE29F7C6A60CAAE58B985AB218E1497F2BA934D42 ] Dnscache C:\Windows\System32\dnsrslvr.dll
22:03:12.0871 0x2440 Dnscache - ok
22:03:12.0908 0x2440 [ 6184C7A2F12625C108AEFD3A43429967, 689153F319BB1013FF60F71317E8380A6945EEE8141EDBDD6B185A966E23BB93 ] dot3svc C:\Windows\System32\dot3svc.dll
22:03:12.0920 0x2440 dot3svc - ok
22:03:12.0936 0x2440 [ A616D8297C1BEA690BBC796736A7A78D, 9365470F4609606410AD79D98E1E77D815DC7C5AA924FB639FCF713EE8EDEA76 ] DPS C:\Windows\system32\dps.dll
22:03:12.0945 0x2440 DPS - ok
22:03:12.0977 0x2440 [ 45771610FF181434073B5A0A00F20F8D, 6A17DB09AA6D021F000F7315317235E1FCF41FD58EA7DF81A7C9F5A6DE999984 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
22:03:12.0993 0x2440 drmkaud - ok
22:03:13.0043 0x2440 [ 00D9A948FB7344C62CEBED88E50EE39A, EF33FE7FB34DE571F3956C1F7AC8EFAA25BFD9F3AFA3ECD25DD34C5890873245 ] DsmSvc C:\Windows\System32\DeviceSetupManager.dll
22:03:13.0055 0x2440 DsmSvc - ok
22:03:13.0330 0x2440 [ 5E649D3A3A6F72B1EF062E023308D08E, FF6EFA58AD293707CC0394B747EA059F24D35A85987BBC68BABBD84DF1B3FD3A ] DsSvc C:\Windows\System32\DsSvc.dll
22:03:13.0340 0x2440 DsSvc - ok
22:03:13.0470 0x2440 [ 6E99FB1F0F10CC9BDA27CA1626C0E4AD, 09DA2AB3E0B1E8E6EA68115DBCA7BE110DDEA8722673D95A6DCA690A7EE18127 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
22:03:13.0544 0x2440 DXGKrnl - ok
22:03:13.0595 0x2440 [ 6E36BDBB46DF7F865D0DD30663AE3891, 98967B01EA450AD4D5FE8085F710359C022D783B839A51BD4A266718156B01EB ] Eaphost C:\Windows\System32\eapsvc.dll
22:03:13.0602 0x2440 Eaphost - ok
22:03:13.0776 0x2440 [ 3070013B01EDA42C7EB67D731340C396, C083CA05650750876E70CB6AB51D5C047C06098C2ED86B083A74C97830247BFC ] ebdrv C:\Windows\system32\drivers\evbda.sys
22:03:13.0901 0x2440 ebdrv - ok
22:03:13.0935 0x2440 [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] EFS C:\Windows\System32\lsass.exe
22:03:13.0941 0x2440 EFS - ok
22:03:13.0975 0x2440 [ 59EE187E333EE9914DD9BEA5F4E0D85D, E34BB8075E38FC6AEC056323C6E3B5B4E7041EE6F4D51699B706DEEA18BDB911 ] EhStorClass C:\Windows\system32\drivers\EhStorClass.sys
22:03:13.0980 0x2440 EhStorClass - ok
22:03:14.0009 0x2440 [ 9297F1CC486F24BDFD2874156AC5430F, 1AF8689ADE4E658FC9418F7886B6C19F7D005EAB2AEF9B0E14FC81C61A74CECF ] EhStorTcgDrv C:\Windows\system32\drivers\EhStorTcgDrv.sys
22:03:14.0016 0x2440 EhStorTcgDrv - ok
22:03:14.0044 0x2440 [ 9E8FF6B95FD420FA9E40BE548E5C8D92, 8825B81418335D03CFAADB792C1466023C459BE489ACACBD6686FFB544F22D30 ] embeddedmode C:\Windows\System32\embeddedmodesvc.dll
22:03:14.0051 0x2440 embeddedmode - ok
22:03:14.0077 0x2440 [ DC2F91EAE9A28FA8C6610A9B7701B70D, 480DB509BF944AAC3617594F1245B4603069DE39186BC1FA7EDB8E0536B05E79 ] EntAppSvc C:\Windows\system32\EnterpriseAppMgmtSvc.dll
22:03:14.0090 0x2440 EntAppSvc - ok
22:03:14.0294 0x2440 [ B17FB7318D7CB8E315309F7484461369, 5D9E6464EDF3D8DA6D9CB2649E923B9DB1B0AA4EBF48A7E9CD64F8C9EAF9E56F ] ePowerSvc C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
22:03:14.0387 0x2440 ePowerSvc - ok
22:03:14.0411 0x2440 [ F7FCCA6300485EF60CEA6D991D6C8C78, 24080D80CF1FD678DF4C9CAE70F65F8D9232F5F6A6F2B73A77B5E3C91E6505F3 ] ErrDev C:\Windows\System32\drivers\errdev.sys
22:03:14.0413 0x2440 ErrDev - ok
22:03:14.0450 0x2440 [ DE746B8A003484E68ACF0F0FD9E177A1, 2FF895EF39FD923A390E851E4C34D10A4C067318C2D67CDA253C8BD440DCA0C8 ] ETDI2C C:\Windows\system32\DRIVERS\ETDI2C.sys
22:03:14.0457 0x2440 ETDI2C - ok
22:03:14.0518 0x2440 [ 2093F65AA84478E28C8E9D05BC413845, 086D4E0D4B993F4041AA8A9DCBEEDB53BD05B88E2BEFB218837FB10FACDF4233 ] EventSystem C:\Windows\system32\es.dll
22:03:14.0536 0x2440 EventSystem - ok
22:03:14.0584 0x2440 [ DCCDC3F35F0618692117DF90800A4284, B636B2A39AE89A9C2CDE17EC52DA669DA8AA9E2B04CA5CA19926DA8009655244 ] exfat C:\Windows\system32\drivers\exfat.sys
22:03:14.0595 0x2440 exfat - ok
22:03:14.0650 0x2440 [ A85D2E507558ADBCD4668E3D842409D2, 2D5A270D996AD420DA41090EFEEFCFDD9B8D7B39665D8BF77EEA0E14479A6C7C ] fastfat C:\Windows\system32\drivers\fastfat.sys
22:03:14.0662 0x2440 fastfat - ok
22:03:14.0708 0x2440 [ 046FC9CF53A91E2FBA498CA7B0C3B028, BCFB06DF53065706DD6287E8C47BF5047F8A1E33981E1881E6ED7510337F5BC8 ] Fax C:\Windows\system32\fxssvc.exe
22:03:14.0734 0x2440 Fax - ok
22:03:14.0760 0x2440 [ 4E4B7D935DBF522B2F23D3573596181D, 9D0EC9F65920EE0FFFB2D49C58E4D5151C8CEEB7AA82543D226E4B84EEE4B3F0 ] fcvsc C:\Windows\System32\drivers\fcvsc.sys
22:03:14.0763 0x2440 fcvsc - ok
22:03:14.0778 0x2440 [ 583EB1C7690E361213BBD0472155128B, 5F5871490A6DAC4A824F4428941AC86FBFA9AA349B99B5D9544E5D62EB459FA8 ] fdc C:\Windows\System32\drivers\fdc.sys
22:03:14.0781 0x2440 fdc - ok
22:03:14.0810 0x2440 [ 94B1A46EDD335F0C54C7BDAFC43348E6, 58073D58D0BE7389C2A4736AFE108835E5AE9C9950FF630644F585C99B964043 ] fdPHost C:\Windows\system32\fdPHost.dll
22:03:14.0814 0x2440 fdPHost - ok
22:03:14.0839 0x2440 [ BC855BB7DFE06F27F78E0EB2A8CCB70D, D16C3DAB99C16B077BA5DA5E9E0646B0B9237B00ABAE867D9F81A2D072D583B1 ] FDResPub C:\Windows\system32\fdrespub.dll
22:03:14.0844 0x2440 FDResPub - ok
22:03:14.0866 0x2440 [ F1125F20D56F28DDCD1A6F3E81EB4F5F, A6620ECCB15FAA70E4A43ADA4CE82CF97D708B6FA07F3FAED276359E7F92FD0F ] fhsvc C:\Windows\system32\fhsvc.dll
22:03:14.0873 0x2440 fhsvc - ok
22:03:14.0896 0x2440 [ CDFD81CACE0E11596A3BB61EC4CF6467, 569FA86A215B054131AA9AFEECFEE7FD7143DCFFE275B84196004AEA538B2476 ] FileCrypt C:\Windows\system32\drivers\filecrypt.sys
22:03:14.0901 0x2440 FileCrypt - ok
22:03:14.0929 0x2440 [ 3F02FEDAE894CBF4BAADDF8C8E1D53A8, DA32ABB1CDA867B8456C46F8581FA7F3A8D8B89D9F6E7422F51941D5FFA15B13 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
22:03:14.0933 0x2440 FileInfo - ok
22:03:14.0949 0x2440 [ 2824933386E30DE5BA089DF539CE19A3, 7B33E514576C68B444AE99CBA1360EBFAE8A46EEE5C01F4EE4CF471A712AB148 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
22:03:14.0952 0x2440 Filetrace - ok
22:03:14.0971 0x2440 [ 6A598249640F8BEDD79EC73917E1664F, A675238EA19E6632CDEB4EEFF7CF509EAAEF76AD8DFD247664E5607555D9CEE1 ] flpydisk C:\Windows\System32\drivers\flpydisk.sys
22:03:14.0974 0x2440 flpydisk - ok
22:03:14.0996 0x2440 [ 44B6A6832134DF651E887E941478CA35, FCF4EB726D00F5A17DD66C81CFDA49427281C94CF9CA2008397D591AEA61AE05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
22:03:15.0011 0x2440 FltMgr - ok
22:03:15.0111 0x2440 [ C197284A9D565A38497733AF2BDFA111, C6615AF0D366C2DD6D431B073901EED02D49AA3F252230735DBB52A90BCFA833 ] FontCache C:\Windows\system32\FntCache.dll
22:03:15.0173 0x2440 FontCache - ok
22:03:15.0266 0x2440 [ 109AACC7FB0170535F71491F673AFD38, 212B6761ABBAC29993DA0A47C3DDE8074EA9E5A8FFA8FF6EAB95AC69D8FDD5A0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:03:15.0269 0x2440 FontCache3.0.0.0 - ok
22:03:15.0291 0x2440 [ 3F3B9E8CECD5604BC7746EF3A852EB67, 51AF62A9563379266C0C873E82F55427900032DFD7AC3EBDCDF77F8F8DE91A5D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
22:03:15.0294 0x2440 FsDepends - ok
22:03:15.0311 0x2440 [ A60583221C7BB7CEC35C63285A297BE1, 3C842FBEAD1FA2BD8D37B2B0E8EDF77F4F50508C56FB25DFA81DE9679090D51D ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
22:03:15.0313 0x2440 Fs_Rec - ok
22:03:15.0381 0x2440 [ F7101D3B4E00800E6CEE69F9795B7B62, FB6F7119D3977D4E8C4D2C5BA87CBE9F56F54AF5622DC0D07E042449C17C959F ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
22:03:15.0406 0x2440 fvevol - ok
22:03:15.0426 0x2440 [ 0DAAE3EFCE00133AB3E383A36C47CDAF, 9145665F4F0575F951803AAFAA1A7DC0FAA35430CAE7D90E902074D60D6F4C62 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
22:03:15.0430 0x2440 gagp30kx - ok
22:03:15.0533 0x2440 [ 722C18CC8C7F5E2A2FDF35F7892C91C0, C430879056F600CAF14624E65AC7BBEBE65409386D240BDE1E1A0273AF021EE3 ] GamesAppIntegrationService C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
22:03:15.0547 0x2440 GamesAppIntegrationService - ok
22:03:15.0574 0x2440 [ 90B0152134BC8C5679FA8022B8731B93, B7C8874C5AAA0D9E7D367B8A4CF83686646CFB072E603DAA919A664E775C98FE ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
22:03:15.0583 0x2440 GamesAppService - ok
22:03:15.0610 0x2440 [ F59155B95D01C08F9ED774B626B504A1, EF0FCF35AD9CD5E5D695F0C064244D2B327E7FB10FD7CBB0586253EC75562918 ] gencounter C:\Windows\System32\drivers\vmgencounter.sys
22:03:15.0613 0x2440 gencounter - ok
22:03:15.0636 0x2440 [ AE24452F55C6F1784CBD7489D0CDDB02, 4E13C51CBF30A8662B1180AC74E968CFC428B6EA7931F09357E7D120063D4823 ] genericusbfn C:\Windows\System32\drivers\genericusbfn.sys
22:03:15.0639 0x2440 genericusbfn - ok
22:03:15.0674 0x2440 [ 96F0D3A583A91B634EE2AC2507356EDC, 43D2575F33D28F61C13D2DCF358BFA9DCEAE276C83152DBE7AE2020A66929CD9 ] GPIOClx0101 C:\Windows\system32\Drivers\msgpioclx.sys
22:03:15.0681 0x2440 GPIOClx0101 - ok
22:03:15.0768 0x2440 [ E50CE978F571B900D9A7E2F1C5BCC070, EA14873A5F1B700D7CDBE55B9D214DC457262866A90D80B3E8325A8EB7932CE7 ] gpsvc C:\Windows\System32\gpsvc.dll
22:03:15.0819 0x2440 gpsvc - ok
22:03:15.0849 0x2440 [ 7BF844D362EB746BC7A6DC3F57FA3E32, C07007CF6A0A2BA953FC40A5031931131CC953A8CF3B5AFA86C8811F9C4D43C4 ] GpuEnergyDrv C:\Windows\system32\drivers\gpuenergydrv.sys
22:03:15.0851 0x2440 GpuEnergyDrv - ok
22:03:15.0939 0x2440 [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:03:15.0943 0x2440 gupdate - ok
22:03:15.0954 0x2440 [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:03:15.0959 0x2440 gupdatem - ok
22:03:16.0079 0x2440 [ FE85E924C86D6D313D61C28A451EA4DE, 22422CECDAB8EBAED6120E6CFDD57BAFC61EA12B1E3563E8605B9700DFE71EBC ] HdAudAddService C:\Windows\system32\DRIVERS\HdAudio.sys
22:03:16.0096 0x2440 HdAudAddService - ok
22:03:16.0152 0x2440 [ 27E248CD861AFED4DF0C48F4C853E7F0, 37BEA5E9D8ACAA871A441766B5FDD32A1091C0CB8B34DFA15596AD827C5EF1A4 ] HDAudBus C:\Windows\System32\drivers\HDAudBus.sys
22:03:16.0164 0x2440 HDAudBus - ok
22:03:16.0180 0x2440 [ D5A57EF4822A0388352FFF9F5CD53495, 509F365386859157E9078821FAA56D2A3C0BA296CA129E0D42453428A14687A5 ] HidBatt C:\Windows\System32\drivers\HidBatt.sys
22:03:16.0182 0x2440 HidBatt - ok
22:03:16.0204 0x2440 [ 39575B53EB80C77FF2A3F1449D00B7F5, 37E66B38BACE00AFEF7093F990A234399D8451A9D2C2C8CBECAB69C664E63EA6 ] HidBth C:\Windows\System32\drivers\hidbth.sys
22:03:16.0209 0x2440 HidBth - ok
22:03:16.0229 0x2440 [ 35C3B602664116E737FF729F9A7156AD, 7A3C5CAD716E819CC53405971F3ACD135BCF023EC2228C1095E2116BCC384E62 ] hidi2c C:\Windows\System32\drivers\hidi2c.sys
22:03:16.0233 0x2440 hidi2c - ok
22:03:16.0269 0x2440 [ C4ABE526BBF2A18E8AF70177FBAD9C6E, 4DA06B563A08AC15D949F4599F73F172B3BFCB5D23B34240D1E2114438A11929 ] hidinterrupt C:\Windows\System32\drivers\hidinterrupt.sys
22:03:16.0273 0x2440 hidinterrupt - ok
22:03:16.0287 0x2440 [ 348416C7D7EB05BC3099FE2F2B27985C, F30E8682E9DD731A1AD7328FB8A48A2BB7D6E52780AE1FDE839D26E84B4FA7B5 ] HidIr C:\Windows\System32\drivers\hidir.sys
22:03:16.0290 0x2440 HidIr - ok
22:03:16.0321 0x2440 [ 5576DF399CF2D3B63608F7F282151249, 04939E79B8B8035547CE6FFE9001252CA810BAD46D8DB75FF5C13EB10EEB5C57 ] hidserv C:\Windows\system32\hidserv.dll
22:03:16.0325 0x2440 hidserv - ok
22:03:16.0341 0x2440 [ 01F732724AF6EFE69886DA95A4E51820, E048A480F9396418BDE9659596E7EDA5FF97D3CE029D186048609B47575BEAE1 ] HidUsb C:\Windows\System32\drivers\hidusb.sys
22:03:16.0344 0x2440 HidUsb - ok
22:03:16.0390 0x2440 [ 7829E439EBDDDB0FEFD6DEBCEE6B09AD, FF6BB82CE0C21513E407FF465C768805CF202A7B4040140A944A0413875BEC37 ] HipShieldK C:\Windows\system32\drivers\HipShieldK.sys
22:03:16.0399 0x2440 HipShieldK - ok
22:03:16.0500 0x2440 [ 7433A8D28EE11A661C7A45AF28BA7987, 8A73DB423924E84CD3629BF6C7298CD093D2437B73B3F4520D39330923DDA2D6 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:03:16.0520 0x2440 HomeGroupListener - ok
22:03:16.0727 0x2440 [ 3FDBFBE5AE639996EB8D482C16BA7EA9, 7E48304818AABB4C5B0CB7FD32D96D6F90F4180AB0F668A2FE653A7097A40673 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:03:16.0796 0x2440 HomeGroupProvider - ok
22:03:16.0936 0x2440 [ 5D6AFA07EEFB03E6838F2AA373D54A70, 7E51BB988C59868170DC061B743DF4A115DC859237B1FB28A8F2DE669E349543 ] HomeNetSvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
22:03:16.0960 0x2440 HomeNetSvc - ok
22:03:16.0987 0x2440 [ 3844CE7DD23530CAD59D8CABA57CCB05, A44BB60686A0E98FF370D9DED5B32C3F34F0352ACFA3B3052BA4023922B53DB7 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
22:03:16.0991 0x2440 HpSAMD - ok
22:03:17.0085 0x2440 [ 870DB31C41E4D04BCDDFC297F64D63D7, 1ACA966DB568E13F17E38D1F904B3FE9ED36EAAA85E0243C8B817083D7D85903 ] HTTP C:\Windows\system32\drivers\HTTP.sys
22:03:17.0122 0x2440 HTTP - ok
22:03:17.0142 0x2440 [ 8841D927EB1F7FFC8B1805BC0CF190ED, B063E686380EEF582CF736E33751812F0041C593C7F30EE97D13DEDC9B246AB5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
22:03:17.0145 0x2440 hwpolicy - ok
22:03:17.0177 0x2440 [ 53436C3835E80F4421652A67F44D6313, 8731091945A839713348DF3060A4C96033874E2B3DC7E099BEEC8C65B07F98CF ] hyperkbd C:\Windows\System32\drivers\hyperkbd.sys
22:03:17.0179 0x2440 hyperkbd - ok
22:03:17.0200 0x2440 [ B2DC6C2F313EBB967B556B4E73A75451, B1816A0AE15705F0325F167EA76166779607D6086EC36A4A960E3BA47B4EBC4B ] HyperVideo C:\Windows\system32\DRIVERS\HyperVideo.sys
22:03:17.0202 0x2440 HyperVideo - ok
22:03:17.0243 0x2440 [ D4CDEE4A62BDFFF6E8558A9552148EA7, 55306786CB45082AE374937EBA256FF9CD640BB2E8C19DC6C704489D4743F5CC ] i8042prt C:\Windows\System32\drivers\i8042prt.sys
22:03:17.0248 0x2440 i8042prt - ok
22:03:17.0365 0x2440 [ 45BC5C74016A9F8B4CDFB974CFA2DFD0, FBF72E3CB3829E2A648117A6B09765BA670C8884D2AB1E2D15C7CAC9C131C6D1 ] iagpioe C:\Windows\System32\drivers\iagpioe.sys
22:03:17.0368 0x2440 iagpioe - ok
22:03:17.0407 0x2440 [ 810CE0871C5566A8761093F83A78AC28, F98063BD5C657A1C4C5C444E6954FFF6FB3419B53C3273D879FEBD541CFBA766 ] iai2ce C:\Windows\System32\drivers\iai2ce.sys
22:03:17.0412 0x2440 iai2ce - ok
22:03:17.0435 0x2440 [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
22:03:17.0439 0x2440 iaLPSSi_GPIO - ok
22:03:17.0465 0x2440 [ F1DF87463AC308047B089E9F0456B4C8, DFFF3C63D3124C2B879B888104042406FE326D4E7C8C1881A269BD4287B9CD33 ] iaLPSSi_I2C C:\Windows\System32\drivers\iaLPSSi_I2C.sys
22:03:17.0472 0x2440 iaLPSSi_I2C - ok
22:03:17.0525 0x2440 [ 9FDD4763A115D04F565C38183DE4646F, A8B0653E7C5F5B3CB2A1B642F502269FB1BB1E35DBB1CBABDBDADF92C9815727 ] iaStorAV C:\Windows\system32\drivers\iaStorAV.sys
22:03:17.0552 0x2440 iaStorAV - ok
22:03:17.0592 0x2440 [ 4E69EE8F8E5DA036535D433C544AF9E2, 2ADE9B97CE1C19FF984D8BB99CF31415872C2D9628864BD78C0E44D21CC94EE3 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
22:03:17.0610 0x2440 iaStorV - ok
22:03:17.0642 0x2440 [ 15C59DF20F74A0C2C764B991FED7F4A5, 6E9804775E815F32A4D73C346E627D64A3096525E78FAE3B6E43CFECAE270428 ] ibbus C:\Windows\

Rose1982 · 02.06.2016, 21:33

System32\drivers\ibbus.sys
22:03:17.0659 0x2440 ibbus - ok
22:03:17.0699 0x2440 [ 88E6A429944544346EC3AE1FD7D24BCC, B6B8D51E5491C91D2FCDC77C1D82A5168B0C860252208E1B4612D8D5C19401AD ] icssvc C:\Windows\System32\tetheringservice.dll
22:03:17.0709 0x2440 icssvc - ok
22:03:17.0718 0x2440 IEEtwCollectorService - ok
22:03:17.0771 0x2440 [ 6ABFDD2BA74DFA3C909FDF6746EB77B1, 3F067F55E173A5102855B92E723F6A8457198DB08325A974FF2BBF94800960D1 ] igfxCUIService2.0.0.0 C:\Windows\system32\igfxCUIService.exe
22:03:17.0787 0x2440 igfxCUIService2.0.0.0 - ok
22:03:18.0199 0x2440 [ 89E5BF77855A7B1689F602035A5C695A, 876F5C4B1ACD29DA7E3D1EF6B69866FC0BDB5230232324D54AA3D951AD3BC80C ] igfxLP C:\Windows\system32\DRIVERS\igdkmd64lp.sys
22:03:18.0409 0x2440 igfxLP - ok
22:03:18.0494 0x2440 [ 6F9C31435DD3E3D3BC247212EA144EBF, 05C4A0BD4BABD27783CEFEE6108C1A05911A212189233F09AF1A56BDC60F60F8 ] IKEEXT C:\Windows\System32\ikeext.dll
22:03:18.0532 0x2440 IKEEXT - ok
22:03:18.0754 0x2440 [ FEE5C21569883B2BDC655FC875CCBA21, 273C017155DB92AC3408E9A1DF5D8A4BCFFED6C3C6C2474E883E6905DFABDCFC ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
22:03:18.0914 0x2440 IntcAzAudAddService - ok
22:03:18.0974 0x2440 [ 907C8FE6894710604AD1F1F92324A7D6, F210D74B94BA55E0222C497F5C91EF4F95E346A46A1BF968404B62BEA8EA3035 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
22:03:18.0992 0x2440 IntcDAud - ok
22:03:19.0086 0x2440 [ B63CF22D1AD2ABDC39D85851B2BEAA6D, 37E9043BABB5895BFD2B59AFB60C438B992C6EAA1B5FDE5B3445314343F4C406 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
22:03:19.0120 0x2440 Intel(R) Capability Licensing Service TCP IP Interface - ok
22:03:19.0173 0x2440 [ DF8DBBD8F5342C7BA598C606602B6352, FAF603820007A97898A56E62423B137E743A8A9CED0099532514E2F15BAAE334 ] Intel(R) Security Assist C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
22:03:19.0186 0x2440 Intel(R) Security Assist - ok
22:03:19.0208 0x2440 [ 498759139F71142888CF7EFA1ABE18C8, 9CD0CD748B143F947B4DEDE39344A8C284717CC8AC97E25827EB73CF10831419 ] intelide C:\Windows\system32\drivers\intelide.sys
22:03:19.0210 0x2440 intelide - ok
22:03:19.0234 0x2440 [ DC270DDCDDC2EF65D484A65CC5166222, A88BEAD819ABEFE28B6F9A10586ADCB0EE2A5ED9273F176E9313750609C7892F ] intelpep C:\Windows\system32\drivers\intelpep.sys
22:03:19.0237 0x2440 intelpep - ok
22:03:19.0259 0x2440 [ B4D9C777762B1F7356958B9C0AA93BEB, F11B07FE939A107AB4EED4857854DF269C2D86A80C8507C8B1E95F7805975EDB ] intelppm C:\Windows\System32\drivers\intelppm.sys
22:03:19.0265 0x2440 intelppm - ok
22:03:19.0285 0x2440 [ 22BD83268B80A8C89AAC0BDF46E4EB5D, E7DC0C2E4104B51EA545BA8D0CFF11FD6A15BFD8EE16E546E8FC220853402CB3 ] IoQos C:\Windows\system32\drivers\ioqos.sys
22:03:19.0287 0x2440 IoQos - ok
22:03:19.0305 0x2440 [ A49E47A6E1429123F46A7CA9C05AEFC1, FFD68CA46DFAA4954FD76145808E2C74BDC34FFD6979BB3FB6A3EE4DC33CDC78 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:03:19.0309 0x2440 IpFilterDriver - ok
22:03:19.0382 0x2440 [ 8FBA61B7CB44F136226BE3B346FC6D19, 2190A523AC948B18C2C7B6DC96ABB654DAB471AD5E5E13F79899416E91777AED ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
22:03:19.0421 0x2440 iphlpsvc - ok
22:03:19.0450 0x2440 [ E0C276985AF968CE295B8E09C121321F, 07B54165E80D4254C29A6CF00CC634E70F190EF0EB8EEF73EC14F38B841087A5 ] IPMIDRV C:\Windows\System32\drivers\IPMIDrv.sys
22:03:19.0455 0x2440 IPMIDRV - ok
22:03:19.0483 0x2440 [ 5D3744E6FDEC1A6FB3FA9B1DD4AF0694, 209BE9FC25C8BF8CE058B7E993B6A902B881380DADC69F5208733077DA7F4382 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
22:03:19.0490 0x2440 IPNAT - ok
22:03:19.0510 0x2440 [ B18202D72C0EF4B53CEC6F59E3E1B955, 6DA244E6485372C16CF0B38838DC90B48079A85F5D22B0F2F197C8DA37F0A293 ] IRENUM C:\Windows\system32\drivers\irenum.sys
22:03:19.0512 0x2440 IRENUM - ok
22:03:19.0531 0x2440 [ D5FE3C0671B4A73F928FBA3F76559DD8, 0F32C522F97866A0BC2C24D951E58B4F78C90598498AE262896EB1DD441BCCD0 ] isaHelperSvc C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
22:03:19.0533 0x2440 isaHelperSvc - ok
22:03:19.0551 0x2440 [ CD04CBCCCB4C0E4BB06B98E0F45C888A, 106B3E823C188BD14328F2BEA28559D2F637C270064B2FD214522FAC4E616F4C ] isapnp C:\Windows\system32\drivers\isapnp.sys
22:03:19.0554 0x2440 isapnp - ok
22:03:19.0584 0x2440 [ 5D90E942C94B20E0F321015C0ABF3EEA, 4110551B172D4A5524DD857D7CB65FAF2594310BE7883D5641BC0DF5EF49C82C ] iScsiPrt C:\Windows\System32\drivers\msiscsi.sys
22:03:19.0596 0x2440 iScsiPrt - ok
22:03:19.0663 0x2440 [ DCEABCDB2EAF57CEDEF5FD5D017ABE1D, 49F3B46BB5F2C5626D07F8F83CF8A9409F473398EB6ED2D11A894C6D6D395A74 ] jhi_service C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
22:03:19.0671 0x2440 jhi_service - ok
22:03:19.0690 0x2440 [ 4192DFE6CA143C0AD8AF42C51A82BECA, 31FB3A261D0D5241CC87EF7DFF8BFC1A1EACE8CEC42138918EC5958DAEE100CD ] kbdclass C:\Windows\System32\drivers\kbdclass.sys
22:03:19.0694 0x2440 kbdclass - ok
22:03:19.0710 0x2440 [ B63C0DB341DCB46CF7AA259333A737DD, F1B43BA68707F3F99CD31AB2035F5E86CD967AE4E5393928C69861785E960872 ] kbdhid C:\Windows\System32\drivers\kbdhid.sys
22:03:19.0713 0x2440 kbdhid - ok
22:03:19.0739 0x2440 [ 53C79A7FABDAAFD11EAB31963FB2CED7, 357418645DDCEFA5546AE78EDCAE86D50928710CA7A3F65F01CF721AADA36623 ] kdnic C:\Windows\System32\drivers\kdnic.sys
22:03:19.0742 0x2440 kdnic - ok
22:03:19.0760 0x2440 [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] KeyIso C:\Windows\system32\lsass.exe
22:03:19.0765 0x2440 KeyIso - ok
22:03:19.0805 0x2440 [ 2D7738743AA0FC7256FD348057390C4D, 16AF4C9D1F5405305169002D9B45F5D0D02D8503CAFDD0A149517C50F7EE1530 ] Kingsoft_WPS_UpdateService C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5113\wtoolex\wpsupdatesvr.exe
22:03:19.0812 0x2440 Kingsoft_WPS_UpdateService - ok
22:03:19.0842 0x2440 [ 1E99B26BDB9B9C9BC775ED4543558560, 890870A6737B4910735D1B23F714AA73FCCD1C131D135FACBA6909F06D31B3FF ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
22:03:19.0848 0x2440 KSecDD - ok
22:03:19.0863 0x2440 [ 6198A79011C67497B324798B3D4272CE, C587F7D86837550D07918F6AACF26BF65EBAF7FF57475DC9196B4D011E83AE47 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
22:03:19.0871 0x2440 KSecPkg - ok
22:03:19.0891 0x2440 [ 503597D9B72DBD9998F722F12A51ACFC, 9B3585282191163AA70243BAD921ED8725A98454E0D3879E0F671E0E4F56AB4F ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
22:03:19.0893 0x2440 ksthunk - ok
22:03:19.0941 0x2440 [ ED5AE20C27F27F293C6C61AEC9881054, 4D5BE394D129BD559B0A9D237F3F59CB3D24C15ABDD97AE2E64931D6B9D14FF1 ] KtmRm C:\Windows\system32\msdtckrm.dll
22:03:19.0959 0x2440 KtmRm - ok
22:03:20.0006 0x2440 [ C529DA0AD5A21878E318801B024AF8E7, A14E8ADCA33C37B1D256CB4926A19F56D2D19B94EDF314A4ED34A8B5AB62CA5A ] LanmanServer C:\Windows\system32\srvsvc.dll
22:03:20.0021 0x2440 LanmanServer - ok
22:03:20.0063 0x2440 [ D6D9F4CAFD3F1A7E30AD02E508552CD2, F0D225E5951CFE1D8349F634CC91BDD5B3F9DCF6233CCB965E99BFEAFE642265 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:03:20.0079 0x2440 LanmanWorkstation - ok
22:03:20.0103 0x2440 [ 24881F16D2829764681F5FAE7B86D7D3, 290348CFAF3165847E4B53965D22E9D417EE20FFD23293B5C1855C57E6328599 ] lfsvc C:\Windows\System32\lfsvc.dll
22:03:20.0107 0x2440 lfsvc - ok
22:03:20.0125 0x2440 [ 6ED675774BDC3735AB6DA12D29F825CF, 4317C7CF491F4E806975E7A973CFF11CFEE9E94730DDABCC67C3D693691DDDE5 ] LicenseManager C:\Windows\system32\LicenseManagerSvc.dll
22:03:20.0129 0x2440 LicenseManager - ok
22:03:20.0148 0x2440 [ DB789F57CE94C827FBFF709CA5ABD29E, 4CA4DD079A63649C36F76A31C4081F11F5CF6574AC573B63EF930DB19B1D1C95 ] lltdio C:\Windows\system32\drivers\lltdio.sys
22:03:20.0152 0x2440 lltdio - ok
22:03:20.0188 0x2440 [ FECBC6C4981772E5D0F517B34A5496EE, 15DB097BFB221B91E580E5CD1DD6B34A9A2C78A1A6FCE4162A855BB4AFE673E9 ] lltdsvc C:\Windows\System32\lltdsvc.dll
22:03:20.0202 0x2440 lltdsvc - ok
22:03:20.0233 0x2440 [ 595FBB84D5E62AE8629ED0F6179818A7, 6BF747A759425BDC1080888B6D9C4611B55020A64B67AC1486DB8C4E70B16A9D ] LMDriver C:\Windows\System32\drivers\LMDriver.sys
22:03:20.0235 0x2440 LMDriver - ok
22:03:20.0252 0x2440 [ 24C87BDC66AB192FEB273BEE5FD5AA38, BFAAE1F2450DEBD1A14877C046C6EBA91014DB0B5D0FB95EC14CB714B773B3C0 ] lmhosts C:\Windows\System32\lmhsvc.dll
22:03:20.0257 0x2440 lmhosts - ok
22:03:20.0302 0x2440 [ 3BB39166E446D456C277C17DFEA3DAC6, 1A08E1D017BBCE91E508D876835FA7AD2DA0859A8CFE8F8F31B4F12B48E2573D ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
22:03:20.0308 0x2440 LSI_SAS - ok
22:03:20.0320 0x2440 [ 25CF625E46307A5D6674C8DFA1A289AA, 1D00EB70B6B0157013A7C15EF194F51B8596612066EF31B337D8134D6BD0BBBE ] LSI_SAS2i C:\Windows\system32\drivers\lsi_sas2i.sys
22:03:20.0326 0x2440 LSI_SAS2i - ok
22:03:20.0345 0x2440 [ 722C52B12EA4C198D56994934C9DDAB6, 5F4AB818251C770821BAF41C19B1C483A31CCC28EB96F2084D4092E33EAF906B ] LSI_SAS3i C:\Windows\system32\drivers\lsi_sas3i.sys
22:03:20.0350 0x2440 LSI_SAS3i - ok
22:03:20.0364 0x2440 [ 3371FF1D5D745C3306C6A2C4E99C25A9, DD6F0099001501BAEDDF8411FBCD930BD6472662D209199249203CB2FDAA23FB ] LSI_SSS C:\Windows\system32\drivers\lsi_sss.sys
22:03:20.0369 0x2440 LSI_SSS - ok
22:03:20.0420 0x2440 [ E2EEF074F5260378F9AAFBCD592319A3, DC56674A08FA03FA7AF7DD8B3CC55D8324D1CB51546092A990A935FF9AB48A3C ] LSM C:\Windows\System32\lsm.dll
22:03:20.0452 0x2440 LSM - ok
22:03:20.0476 0x2440 [ C692B9C0352315417CF49FFA664957A3, C2D4F9A936B809889F7C51FE48214A1923175913A6C5D0B72D3BA469214B5174 ] luafv C:\Windows\system32\drivers\luafv.sys
22:03:20.0483 0x2440 luafv - ok
22:03:20.0514 0x2440 [ 6A4C75FD28F60062FEA3DF3B15D956C0, 4FC58F3320D33BDACCF759A50C623A3E58E4320749E6691B397DF0C8EAAA8A6F ] MapsBroker C:\Windows\System32\moshost.dll
22:03:20.0520 0x2440 MapsBroker - ok
22:03:20.0576 0x2440 [ 78BFF5425E044086E74E78650A359FBB, 294738C10F3ED933D4EC40EA0659372FCF19A3C6D45D356917438CA495F2CB45 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
22:03:20.0578 0x2440 MBAMProtector - ok
22:03:20.0684 0x2440 [ 9611577752E293259C7DCE19E9026362, 8CB5DFD63FA15603BB6FA6B501E09ED7F4DE0E8F68CB28B78CECAC3711BEFD24 ] MBAMScheduler C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
22:03:20.0740 0x2440 MBAMScheduler - ok
22:03:20.0818 0x2440 [ F1A89A34388B5626F1548D393B23ECB1, EA00AC76C4C8C9340753B58A3313C9177A9B98F9F1BDE08F184CD0F53D0C186F ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
22:03:20.0860 0x2440 MBAMService - ok
22:03:20.0897 0x2440 [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys
22:03:20.0905 0x2440 MBAMSwissArmy - ok
22:03:20.0925 0x2440 [ 898415AC0B5F1D2A9A48ABCB68A6DC4B, E1FD9AE5E22E3E5A18288E66A6184E92A4B63A1274DCE147A7728BB09C6A225E ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
22:03:20.0929 0x2440 MBAMWebAccessControl - ok
22:03:21.0023 0x2440 [ 0C1D0F24747B6F16F47F567F8E34C52E, A2B4FD2B873AC6BA7FC467B9AADF14CDC9B0772FA97E0BC88B2050E43688A602 ] McAfee SiteAdvisor Service C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
22:03:21.0030 0x2440 McAfee SiteAdvisor Service - ok
22:03:21.0133 0x2440 [ AF6B3D73557FC5AC91BE334D6EF5C541, 2A7D4CC40A86CD48D785D16B01EF87777E5C99FAF083047378412A73B26EDC92 ] McAPExe C:\Program Files\McAfee\MSC\McAPExe.exe
22:03:21.0170 0x2440 McAPExe - ok
22:03:21.0242 0x2440 [ 78A4ACEE5E42C9F04A59D769B1F545DB, FD03A09A98E1ED6D1D9979C2FAA145577329FB5D10457D5950648F755747AD2F ] McAWFwk c:\PROGRA~1\COMMON~1\mcafee\actwiz\mcawfwk.exe
22:03:21.0257 0x2440 McAWFwk - ok
22:03:21.0307 0x2440 [ 5D6AFA07EEFB03E6838F2AA373D54A70, 7E51BB988C59868170DC061B743DF4A115DC859237B1FB28A8F2DE669E349543 ] mcbootdelaystartsvc C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe
22:03:21.0331 0x2440 mcbootdelaystartsvc - ok
22:03:21.0536 0x2440 [ 0D419BED403A4D7CEE4C27E2F52ED5DF, 8DF218BD1FC0F8FAA38BCC49EE1137B08A96A66510CFB32D966930E6AC2663AB ] mccspsvc C:\Program Files\Common Files\McAfee\CSP\1.9.741.0\\McCSPServiceHost.exe
22:03:21.0611 0x2440 mccspsvc - ok
22:03:21.0662 0x2440 [ 5D6AFA07EEFB03E6838F2AA373D54A70, 7E51BB988C59868170DC061B743DF4A115DC859237B1FB28A8F2DE669E349543 ] McMPFSvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
22:03:21.0683 0x2440 McMPFSvc - ok
22:03:21.0713 0x2440 [ 5D6AFA07EEFB03E6838F2AA373D54A70, 7E51BB988C59868170DC061B743DF4A115DC859237B1FB28A8F2DE669E349543 ] McNaiAnn C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe
22:03:21.0735 0x2440 McNaiAnn - ok
22:03:21.0836 0x2440 [ B965A97568ABE07B43CFB84E089461E3, 7671F0907BBCBD538CB6F1D3D155425A50D11C5CBA909823400A0CAE243ECD5E ] McODS C:\Program Files\mcafee\VirusScan\mcods.exe
22:03:21.0867 0x2440 McODS - ok
22:03:21.0898 0x2440 [ 5D6AFA07EEFB03E6838F2AA373D54A70, 7E51BB988C59868170DC061B743DF4A115DC859237B1FB28A8F2DE669E349543 ] McOobeSv2 C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe
22:03:21.0919 0x2440 McOobeSv2 - ok
22:03:21.0949 0x2440 [ 5D6AFA07EEFB03E6838F2AA373D54A70, 7E51BB988C59868170DC061B743DF4A115DC859237B1FB28A8F2DE669E349543 ] mcpltsvc C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe
22:03:21.0970 0x2440 mcpltsvc - ok
22:03:22.0001 0x2440 [ 5D6AFA07EEFB03E6838F2AA373D54A70, 7E51BB988C59868170DC061B743DF4A115DC859237B1FB28A8F2DE669E349543 ] McProxy C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe
22:03:22.0023 0x2440 McProxy - ok
22:03:22.0049 0x2440 [ B2ED9A7A5587A128A0EFD0DBE7662E95, 63070AAFD44E3CD2A4B262DF27222B103455A4D8C2E45914502BFA03D84D32C9 ] megasas C:\Windows\system32\drivers\megasas.sys
22:03:22.0053 0x2440 megasas - ok
22:03:22.0111 0x2440 [ 083F71488E6780A67290273180256EA5, 5F43CE66F5A48850BABB70F4D219FDD002F9BC2B2F0E58E66FE2C492AA335E50 ] megasr C:\Windows\system32\drivers\megasr.sys
22:03:22.0134 0x2440 megasr - ok
22:03:22.0197 0x2440 [ B235528D48B67CCA29454C28071048DF, CBAD7449C4F471CB5F9AF5C35C70233A0937A722174D5252D6104C39F83D4F93 ] mfeaack C:\Windows\system32\drivers\mfeaack.sys
22:03:22.0214 0x2440 mfeaack - ok
22:03:22.0307 0x2440 [ 8F736C2F4E5C42BB57F5F7A5506FF5F3, 8CC813AD04FFAFBF729EC88147C29BC6EA5F10C0E813DB6F249AB1879E9F30EB ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
22:03:22.0321 0x2440 mfeavfk - ok
22:03:22.0366 0x2440 [ 91F6C485F22E653C6C43ED4194B68B6F, 98A0ECD9D0E6D1E1ECB0E34C15695B00C33059FC858541DB445A9264AF1F1F6C ] mfeelamk C:\Windows\system32\drivers\mfeelamk.sys
22:03:22.0370 0x2440 mfeelamk - ok
22:03:22.0423 0x2440 [ FF8A2CC149A42A2CE6A600DE6EF9CB1E, BD4EE5AAE0637D0AFBD35FF35BB46C2E519652E50CC787EA7812C3D0436FFEB2 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
22:03:22.0433 0x2440 mfefire - ok
22:03:22.0487 0x2440 [ 324167EB03FA753C04F8DB69A2413DD9, AC40C5654B2AED44E9EDE135715F9D831279DDC5435AFBED2789D971E1C402FC ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
22:03:22.0507 0x2440 mfefirek - ok
22:03:22.0575 0x2440 [ 7A1C9D04DD7A0EFEB6ED26FBA10F86ED, C1335A8E60EFB110214297E9977AF436D44B705561FEED30954D57EBDF3D2A9C ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
22:03:22.0607 0x2440 mfehidk - ok
22:03:22.0655 0x2440 [ ADDC6C846D95A2D2E60C5213B6FD6A2E, 8FFFD7E5F24D74D105F3D1C5120B66D4AFDDAE07EA59DD70B616F035AB77F252 ] mfemms C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe
22:03:22.0671 0x2440 mfemms - ok
22:03:22.0743 0x2440 [ 0B03533634318BA4905C7F8964B9AEA6, 0338722CA84FDBB44A218C331911B2476A0D5F1E19EFCA3A887FE843379A3026 ] mfencbdc C:\Windows\system32\DRIVERS\mfencbdc.sys
22:03:22.0765 0x2440 mfencbdc - ok
22:03:22.0819 0x2440 [ 8175800CA2B36BDA004E78ECE568011A, 6D137D83706D049BD9EB7BF26B87948A9F5C36ED7E6E07AB65C2C0AC83AEB916 ] mfencrk C:\Windows\system32\DRIVERS\mfencrk.sys
22:03:22.0825 0x2440 mfencrk - ok
22:03:22.0884 0x2440 [ B8487AB1E90E38BF428216D2772F450F, 5416951B35F7A5B63434D371C9FA81DA2656852A82D2613191AC2056FB8F895A ] mfesapsn C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys
22:03:22.0887 0x2440 mfesapsn - ok
22:03:22.0926 0x2440 [ 8A6784EE831673A404B5A9ADB927D3BB, B60F62087FEE4F44BD933F4A634B65FEEEF3D946A124BCE295A04248B758306F ] mfevtp C:\Windows\system32\mfevtps.exe
22:03:22.0940 0x2440 mfevtp - ok
22:03:22.0976 0x2440 [ 957611C32C6A0D8225E41D0BD07BF35B, F4D8C1727382F4B0744D92D77D02CE381E03DA4ECFCF601D5E70F3C40B6513E9 ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
22:03:22.0987 0x2440 mfewfpk - ok
22:03:23.0044 0x2440 [ 5907A10D46747A2B6DBFD6A198254DC2, 6C283E9DC75C7ABFD270D6FABBF4F54628A1786E7CE2F603BF664CBB9E4FE583 ] mlx4_bus C:\Windows\System32\drivers\mlx4_bus.sys
22:03:23.0071 0x2440 mlx4_bus - ok
22:03:23.0095 0x2440 [ 91ED6F0EDF4158D63C52194F17D4F42E, ACF543978E253650C167C6C370699AEA7340EBCECF7CAB904CBDD334D1BD6928 ] MMCSS C:\Windows\system32\drivers\mmcss.sys
22:03:23.0098 0x2440 MMCSS - ok
22:03:23.0114 0x2440 [ 2C4CC9F6ADBED5A6D131FDB97A78FF68, 04DC76E3F0959C0A9B00DF2133B075194FB7DCBD76832B9D25B0E37223D300DC ] Modem C:\Windows\system32\drivers\modem.sys
22:03:23.0117 0x2440 Modem - ok
22:03:23.0296 0x2440 [ 2A46C025C19A29E5CD954BA4EF888F65, 5E51C5668AF825BF51FB58CCBA97D9EB5FC96E4CD2477F24DBDF7C576047C500 ] ModuleCoreService C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
22:03:23.0351 0x2440 ModuleCoreService - ok
22:03:23.0381 0x2440 [ D8DB13529C8AD6FBAF8E2F382024374F, 13025035C479E2EF76EDCB90D83BE65B4ADD9F7000AD31FEAD628D5DDFE69158 ] monitor C:\Windows\System32\drivers\monitor.sys
22:03:23.0384 0x2440 monitor - ok
22:03:23.0404 0x2440 [ 2DAAF1EE1C30F2FCF59851A64ADA0422, 08CD801E63E2862DE058CD732C3DB3D87B1A2898732365440E3F8919932E96FC ] mouclass C:\Windows\System32\drivers\mouclass.sys
22:03:23.0407 0x2440 mouclass - ok
22:03:23.0425 0x2440 [ D30FE074503283829ED194BCAE6239C3, A3A127381ECC798417D01F6B8A1894EED7D71989047BC4D1D74D0E7C8394AD65 ] mouhid C:\Windows\System32\drivers\mouhid.sys
22:03:23.0428 0x2440 mouhid - ok
22:03:23.0461 0x2440 [ D5EC9413527B286CFEEB0294C53ABB95, B094C611F5A7E33D2F8667B2A4D6260E1D57BD135867F984EE5B674C7EE72B95 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
22:03:23.0466 0x2440 mountmgr - ok
22:03:23.0511 0x2440 [ DD370A8148862150BA81A3F5C56A1E40, F56B84297BDC32266CB69D10FB2D66B8B332D60CAB7E64E4E3AC2BB749BBD31B ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:03:23.0518 0x2440 MozillaMaintenance - ok
22:03:23.0547 0x2440 [ 989A1BBD9C49B107B4A47D06E6827A69, 62D90B22AE13AC84324DFD5FEBA595813AD07469B7FEC41380CE223D93020CCA ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
22:03:23.0551 0x2440 mpsdrv - ok
22:03:23.0717 0x2440 [ 749EE0008489244EB05C3283A105EFF8, D692708C975DD8BA13597AD0056C3F10760257F4EB144EB0B5C8D9CFF1754F62 ] MpsSvc C:\Windows\system32\mpssvc.dll
22:03:23.0901 0x2440 MpsSvc - ok
22:03:23.0956 0x2440 [ 8E3F4C3A8EA2E787E6089618675501D0, 8A9FE21C5CBB1D770B58BFA241AA5A4428079EF901C28433FE94DB93DC14B6FB ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
22:03:23.0963 0x2440 MRxDAV - ok
22:03:24.0008 0x2440 [ 1DF2C5FD2710A13B07E663A12F0E0EEA, 8EBCA9269F52A5CF602F5DE2B0C2AB2BFD82F415465DBB74C73D43F321D9FD46 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
22:03:24.0026 0x2440 mrxsmb - ok
22:03:24.0057 0x2440 [ 185932B1149BD707F8A13174CDAB365B, BC26CB10DD6E81A94477564444E91F76D47E685E897BD77B9C1393F0D31AB718 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:03:24.0069 0x2440 mrxsmb10 - ok
22:03:24.0089 0x2440 [ 99E24D4DBACBC569833B9A67710D65E7, 93BC765E7B6E19E83AFF783DE8080A80A1D69A406B496F1E36C47AE6E86AFB76 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:03:24.0099 0x2440 mrxsmb20 - ok
22:03:24.0148 0x2440 [ E94821F71F63033F78D8A6284A820890, 360C7976D1C4803709BA3245BE59F3CE7FC84EC48A6E12C63AD3100696F96444 ] MsBridge C:\Windows\system32\drivers\bridge.sys
22:03:24.0154 0x2440 MsBridge - ok
22:03:24.0179 0x2440 [ 283BDF3602F442336DAF242BDD07FB98, 185F046B6AA24FFD1567F00AA70357C82002FF627E329CEF9B926645A6DDB172 ] MSDTC C:\Windows\System32\msdtc.exe
22:03:24.0188 0x2440 MSDTC - ok
22:03:24.0208 0x2440 [ 7C55F1751CAC199680D4489D1EE46544, 967EC8137D321F6139C3382D19A338FD97A3023EB654747AC57C2008BE4AF677 ] Msfs C:\Windows\system32\drivers\Msfs.sys
22:03:24.0210 0x2440 Msfs - ok
22:03:24.0239 0x2440 [ 988588C16A53C2581488C15FF18934BF, F021FD31163CB5C7012CF96EF642C5E551708C835039075268F4CBED002D441D ] msgpiowin32 C:\Windows\System32\drivers\msgpiowin32.sys
22:03:24.0242 0x2440 msgpiowin32 - ok
22:03:24.0264 0x2440 [ 09622DBC24D0178F15DB8461BB6970DF, C0B3F9B2219AAF87E417EE9FF54C64B8AD9944E101EA79B5DC81D99E8C2ECF30 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
22:03:24.0266 0x2440 mshidkmdf - ok
22:03:24.0282 0x2440 [ 34BB07495C0159BE4189841E16F3BC2F, 264B5735D9A68C85BEDE363D4C0AE1FCC381B39EA884B4BAEE185EB8A873184A ] mshidumdf C:\Windows\System32\drivers\mshidumdf.sys
22:03:24.0284 0x2440 mshidumdf - ok
22:03:24.0294 0x2440 [ 7BF3F0DA362C053918F5F2EC43CE39E2, AA773FA3F83C0C572160D3D0286A697DC628FF4F3655EF21D01C6D1B7BE5DF1C ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
22:03:24.0297 0x2440 msisadrv - ok
22:03:24.0336 0x2440 [ 669DA2006C0B9D882D2014617E1E88F5, 090F558818806CAEF6C81D369F8BFFE4A8240295EF37CAA7102A18F4CD20D868 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
22:03:24.0345 0x2440 MSiSCSI - ok
22:03:24.0354 0x2440 msiserver - ok
22:03:24.0424 0x2440 [ 5D6AFA07EEFB03E6838F2AA373D54A70, 7E51BB988C59868170DC061B743DF4A115DC859237B1FB28A8F2DE669E349543 ] MSK80Service C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
22:03:24.0448 0x2440 MSK80Service - ok
22:03:24.0474 0x2440 [ B2D0FD21FE67D6434769CC6F7A7883CA, B2368BD72952C6EE6DAF1AA006DF575A3019E4721BEFB108D3DF1B9E07B2BC5D ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
22:03:24.0476 0x2440 MSKSSRV - ok
22:03:24.0503 0x2440 [ FB3801F176376286A3F8F20FFB8CDC53, EEF89081665B9BBA93AE9F5912C40C1698E8BA8DBBCCC3BBE0BAB5A86B7E05D4 ] MsLldp C:\Windows\system32\drivers\mslldp.sys
22:03:24.0508 0x2440 MsLldp - ok
22:03:24.0533 0x2440 [ 8CBDF0E7A6CD824352F37A682A33DF7E, 4567FF4C73648FF26EA68EAE2B524B767099789086C158875C97768C77B81359 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
22:03:24.0535 0x2440 MSPCLOCK - ok
22:03:24.0549 0x2440 [ 33E5B6261D69ACD4948A5C64B9D8F29F, 1D32340640312372E52E59AFB5DB872E6F9DFE3AC16B56F9D928AE230DA02B8A ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
22:03:24.0552 0x2440 MSPQM - ok
22:03:24.0590 0x2440 [ 557DF8C0DBBBF518AC395C6EB1B179AE, B294B5A7882C0C60D91FB853FC87505B6E7638D25E360FDAE002AEBB714ED471 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
22:03:24.0603 0x2440 MsRPC - ok
22:03:24.0652 0x2440 [ 0A29AFA668F5DD50482A98ECE70C77A7, 4C1F23B062361D97B1C8D864AB227E5F398F774A99B5E60A1149A4F78D5BEC20 ] mssmbios C:\Windows\System32\drivers\mssmbios.sys
22:03:24.0655 0x2440 mssmbios - ok
22:03:24.0678 0x2440 [ 30CE30877FD5BFADE74FA27D7829BF89, B5EA1F8C91E75722DB1E3E2172C8607FEDBF35BDC4141258A3E6D29D8B0E193B ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
22:03:24.0680 0x2440 MSTEE - ok
22:03:24.0704 0x2440 [ 13D88C0B8A2FA001CD72D454955A6974, 19DD5C8BBD07B64F355737436BF702FFC209D84A8855D2224D3377E233D4BB34 ] MTConfig C:\Windows\System32\drivers\MTConfig.sys
22:03:24.0707 0x2440 MTConfig - ok
22:03:24.0721 0x2440 [ 00C7F0F06A0A48B9CDB6B3AC3BE288F0, BF469A2DDF495ACB9FEE9063C6680C95BCC8686682C9EDAE6D1893D4058E8AA6 ] Mup C:\Windows\system32\Drivers\mup.sys
22:03:24.0727 0x2440 Mup - ok
22:03:24.0751 0x2440 [ 8E237527CA260C71D39ED4081BDF3419, CA52DD174C756A404B1FAD3F2A70E50085C2820BF12369259F61DA649101A179 ] mvumis C:\Windows\system32\drivers\mvumis.sys
22:03:24.0755 0x2440 mvumis - ok
22:03:24.0790 0x2440 [ 48D0587A8302FD3302CFE6F59F7345B0, 26D48AF3F7FF4867E179347CD635055DEA9A751C6C61CE2C391A7F74FC0DC1DE ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
22:03:24.0811 0x2440 NativeWifiP - ok
22:03:24.0842 0x2440 [ 11BE8117653C542D264788A700AC5BFE, 87EAAC2DF62BB26619DA72950F5EE41DCA1DBDF93F098647F9D200D588F14003 ] NcaSvc C:\Windows\System32\ncasvc.dll
22:03:24.0852 0x2440 NcaSvc - ok
22:03:24.0882 0x2440 [ 286C6276B2BA86F29A0F687D05466277, AC8551536F37717A0ACE4A260F5696D1276F7AC62F669E8F12AA158DD86F71A5 ] NcbService C:\Windows\System32\ncbservice.dll
22:03:24.0898 0x2440 NcbService - ok
22:03:24.0923 0x2440 [ C55DA734ED2A831E0BACAAFA01CEB7FF, 9D989B03D07BBAD287B317D238691664B0694331D6A69B7A1AA3D8AB7D1323FC ] NcdAutoSetup C:\Windows\System32\NcdAutoSetup.dll
22:03:24.0930 0x2440 NcdAutoSetup - ok
22:03:24.0948 0x2440 [ CF8296427834CF8BBB3EE1444C17362D, 6EFBE1F015DFFA0704C66DF5C88089DD5771E1542018E4AE98389CFF3D0B2309 ] ndfltr C:\Windows\System32\drivers\ndfltr.sys
22:03:24.0952 0x2440 ndfltr - ok
22:03:25.0030 0x2440 [ 616F40B897DA651221F86A1741E9609B, 22D66029726313D92FC8E074BCC51C1E1560CB5FE36DCB735E7E063EA53E299A ] NDIS C:\Windows\system32\drivers\ndis.sys
22:03:25.0073 0x2440 NDIS - ok
22:03:25.0097 0x2440 [ A0719D1EBA971DFC5DF5F7CC010385F8, A982487D3A74E66F3C29AAA5B46CE9A0969F07F267DDEFE58C58573573AB0024 ] NdisCap C:\Windows\system32\drivers\ndiscap.sys
22:03:25.0101 0x2440 NdisCap - ok
22:03:25.0126 0x2440 [ 0C557932CCCC65AEB37326DD36504527, C0AF3066DEE4BCC32DB30CCC16B7A91442A8383BB36C7C4E3CC0A5EFE0FAAA9B ] NdisImPlatform C:\Windows\system32\drivers\NdisImPlatform.sys
22:03:25.0132 0x2440 NdisImPlatform - ok
22:03:25.0153 0x2440 [ 56F9345D1945826135FBAB7589592B1F, 6BC2A5900076B917823C7392C582A2648D0C8000F2F65D309D5B48E36D4FB4D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
22:03:25.0156 0x2440 NdisTapi - ok
22:03:25.0179 0x2440 [ AADFC340939D99E5D756E713E1D452EB, EFEFDBB2188DE82C2C5E67929861B269FD4C127D34D1DE6D0596ABC33E2C2B51 ] Ndisuio C:\Windows\system32\drivers\ndisuio.sys
22:03:25.0183 0x2440 Ndisuio - ok
22:03:25.0205 0x2440 [ 312DFD787D99D3BF1427B0388BC04F71, C082CA1F332AD57FF2100748518D3D7B3D0F1B042F69BD7401C44B77AFE97462 ] NdisVirtualBus C:\Windows\System32\drivers\NdisVirtualBus.sys
22:03:25.0207 0x2440 NdisVirtualBus - ok
22:03:25.0229 0x2440 [ 2103F43E0A1ECFB14B7E1B889F5F24D7, 6A86E854C89E132DBC9183DE2B9464DC592E7492BE267BA02FE4DAFE6FA87528 ] NdisWan C:\Windows\System32\drivers\ndiswan.sys
22:03:25.0238 0x2440 NdisWan - ok
22:03:25.0254 0x2440 [ 2103F43E0A1ECFB14B7E1B889F5F24D7, 6A86E854C89E132DBC9183DE2B9464DC592E7492BE267BA02FE4DAFE6FA87528 ] ndiswanlegacy C:\Windows\system32\DRIVERS\ndiswan.sys
22:03:25.0261 0x2440 ndiswanlegacy - ok
22:03:25.0289 0x2440 [ 6E98F16983C4AE8703FF9F90AB4B31DD, BB8BD5DB4B5FB31F3A257747C27CBEFA4B7837EC5C0CF3D4F408E626E4003F4C ] ndproxy C:\Windows\system32\DRIVERS\NDProxy.sys
22:03:25.0292 0x2440 ndproxy - ok
22:03:25.0305 0x2440 [ F1B7CC77F412C8D45B2DDCF76EDA4F9D, 25F2AA76E675D9BCC0B1FD47AFEC6DF2D0B47E7B1C8AF6FB27C1ED2FB902961A ] Ndu C:\Windows\system32\drivers\Ndu.sys
22:03:25.0311 0x2440 Ndu - ok
22:03:25.0336 0x2440 [ 824FDC990A3F79069BE468A132EB6888, D09F7A9EC04E37DA504CE54EEC25C312B407B6A8B214CBB074BEB50DE420F52A ] NetBIOS C:\Windows\system32\drivers\netbios.sys
22:03:25.0340 0x2440 NetBIOS - ok
22:03:25.0365 0x2440 [ F0D791348AD254360CC3C3E501CCB745, E4CAB4D3C2CD3169731283B00DEBFE26438BB66A3F0D78BDB68E876A14FC7070 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
22:03:25.0377 0x2440 NetBT - ok
22:03:25.0395 0x2440 [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] Netlogon C:\Windows\system32\lsass.exe
22:03:25.0400 0x2440 Netlogon - ok
22:03:25.0435 0x2440 [ 7C8A7380CBE45DFD3DF118D8601499A7, C137280B7696F8CF4258BDC8B241C66BB3AA5708C5410D85255E46C7E8284826 ] Netman C:\Windows\System32\netman.dll
22:03:25.0449 0x2440 Netman - ok
22:03:25.0478 0x2440 [ BBE9D72EFC7BD66B28309C3607683DBA, FC372EFBC650CE0BDB117858D840A1FB361947B1C67D1DD16BABA95D0286856A ] netprofm C:\Windows\System32\netprofmsvc.dll
22:03:25.0502 0x2440 netprofm - ok
22:03:25.0543 0x2440 [ B50C003F86EFEDAB844AC808C6A6CB6C, DE27531037129830FD537114B0299B80A0C87C3515411EC95001BC6334ADA5C7 ] NetSetupSvc C:\Windows\System32\NetSetupSvc.dll
22:03:25.0554 0x2440 NetSetupSvc - ok
22:03:25.0615 0x2440 [ FBF2ACE9B10DDE0B4108930D78370E86, 2A4910F071747B786EA49A638B3AAB698DCD0AD7FE702078BA83F85C533A227E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:03:25.0650 0x2440 NetTcpPortSharing - ok
22:03:25.0681 0x2440 [ 46E862DA2CF8F351375EF537276B69B5, AC0FE0977E56380849DCE668AC0F5AF183AAB115ED84ADD964E390CC0BEDF6D3 ] netvsc C:\Windows\System32\drivers\netvsc.sys
22:03:25.0687 0x2440 netvsc - ok
22:03:25.0736 0x2440 [ 88CE4AC85F36B6347C1D820FA373B998, E10B5DF8883928A2062FC6180DE4CF0DE33C68622C2E3E4E1AFC56A0682F8E75 ] NgcCtnrSvc C:\Windows\System32\NgcCtnrSvc.dll
22:03:25.0750 0x2440 NgcCtnrSvc - ok
22:03:25.0772 0x2440 [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] NgcSvc C:\Windows\system32\lsass.exe
22:03:25.0777 0x2440 NgcSvc - ok
22:03:25.0828 0x2440 [ EA1C2DAB8A63712B94897A58557B086C, 98DD7E5C84F3CDF2DAA89484892D6B439F5D14297B5243436925BEEAA0C02EE1 ] NlaSvc C:\Windows\System32\nlasvc.dll
22:03:25.0846 0x2440 NlaSvc - ok
22:03:25.0860 0x2440 [ 41557BE174E9EC6AC703A8A4ADBC6650, 8CF6DF3FDC3C7C44B32851538A67BF86A54AB6444A424D7A20B7A9A94B4158D8 ] Npfs C:\Windows\system32\drivers\Npfs.sys
22:03:25.0863 0x2440 Npfs - ok
22:03:25.0873 0x2440 [ AC3F70FCFBCE97AA2F12BA43EE13B86E, D0AC50FB022C0F3031531CEE210D47FC3244C6FB55FAAD4AAB04081F0A21DAE4 ] npsvctrig C:\Windows\System32\drivers\npsvctrig.sys
22:03:25.0876 0x2440 npsvctrig - ok
22:03:25.0894 0x2440 [ 0AF4872D3D6FD3A030E836DAC2B3EF2D, 03EE7B6FAFC0BB5C26793BC5FF8BD1019AC96B3104688009C1E062C3F4F34D6D ] nsi C:\Windows\system32\nsisvc.dll
22:03:25.0899 0x2440 nsi - ok
22:03:25.0920 0x2440 [ 66A98C407085B8920DF1E6D722F1ADB8, 3FE307E4A9E41B08E0453507E50D6D0C67FA6F4245A863D90181463C749C83B5 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
22:03:25.0923 0x2440 nsiproxy - ok
22:03:26.0039 0x2440 [ BA8DC96D1DD7785EB0589CB1777208B7, 09B486A20D9F22FE50CB4FBC0C801609F522FA99F5FBC43107336B7D98457D91 ] NTFS C:\Windows\system32\drivers\NTFS.sys
22:03:26.0111 0x2440 NTFS - ok
22:03:26.0160 0x2440 [ 383E546EF4982262A0EF6CC2B6E9D525, 3C6C90B62E8EB094E6928C388E5081A3F73DF87B0F34F716B72EA7B6EF71FBB7 ] Null C:\Windows\system32\drivers\Null.sys
22:03:26.0162 0x2440 Null - ok
22:03:26.0192 0x2440 [ 466F875F1D4C6ABB46AF28007009237C, 26F5A5579737A7CF2267F79DDE5A551149C682D5FD24663B53FCEC5AA6B448CE ] nvraid C:\Windows\system32\drivers\nvraid.sys
22:03:26.0200 0x2440 nvraid - ok
22:03:26.0223 0x2440 [ 76F19EAE7A52CBAF7B8EC428BE6E0DA0, CF1E55D92FA32744A20AB75D466A3E05E6FACF4694F9265C41F5C27C1E7243DC ] nvstor C:\Windows\system32\drivers\nvstor.sys
22:03:26.0231 0x2440 nvstor - ok
22:03:26.0256 0x2440 [ 0D0CB77D74B38E0EC62341C19E469D8D, A05D3CC67FEEB2FD219BFAA34BF98CB3F3718042124AF28F0E9FDFB9F132DD76 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
22:03:26.0263 0x2440 nv_agp - ok
22:03:26.0372 0x2440 [ 7BFE62DB1686979F929073D444A7B1EB, 8342F614AAFC3292F9949F7B38982611C41491B62F1FCAFDF00BB8DD9E1D87CA ] ogmservice C:\Program Files (x86)\Online Games Manager\ogmservice.exe
22:03:26.0395 0x2440 ogmservice - ok
22:03:26.0440 0x2440 [ EA3FFE8617B9FCA1620AD9876E92F4F1, 68D5143CA71D10A2BB44E29B3C76580596669D0624076BCF6CCBA7AF3140538E ] OneSyncSvc C:\Windows\System32\APHostService.dll
22:03:26.0453 0x2440 OneSyncSvc - ok
22:03:26.0555 0x2440 [ 9693776C2617F69E7F120B0EDC6603C7, 8085D7745CC06708352D34628DAB4E2E0AFFC2B35EBFA1FD0F11CAD38415FE14 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:03:26.0565 0x2440 ose - ok
22:03:26.0609 0x2440 [ CAFB5A95883158A0579DED2ED5CB0627, B23F7D19142DD3544F96ADB36F152F4EA7F6C524A1281EC26A2B95D7D044822C ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
22:03:26.0626 0x2440 p2pimsvc - ok
22:03:26.0678 0x2440 [ 3612CE3432E0A2BE0081E6B488ACF84C, F1A641735FD374CA293FB98FADA2C41E2033B17FECCA3B6D225D0E591AFFF413 ] p2psvc C:\Windows\system32\p2psvc.dll
22:03:26.0698 0x2440 p2psvc - ok
22:03:26.0753 0x2440 [ 38F1AE32339731F6E5A7281AE8042545, 308954518C45D29FC199525F0CC7FE4EA805322EC0B871DDDCBEEC15355514C8 ] Parport C:\Windows\System32\drivers\parport.sys
22:03:26.0759 0x2440 Parport - ok
22:03:26.0786 0x2440 [ 707889D2F95AAE8C9DD254D8767AD908, BE7BD94728D7629F8B7567523FFB42B8979941CEA2EA03E11BFCD51CF119FC27 ] partmgr C:\Windows\system32\drivers\partmgr.sys
22:03:26.0792 0x2440 partmgr - ok
22:03:26.0841 0x2440 [ A09B0D8F9F0FC17EBCE6481AC9FD5CDF, 8E8D68992D98CF3DBC4B70C7902B3EC28A1E2DA8D4DB38F0AD9D52B1A5A1D40F ] PcaSvc C:\Windows\System32\pcasvc.dll
22:03:26.0863 0x2440 PcaSvc - ok
22:03:26.0900 0x2440 [ 2834089EA4E550FF3B96E61FB4AA34ED, D25DAB47F9778675E984E0738D2014024C2758D52D7E071167A12FF466B7898E ] pci C:\Windows\system32\drivers\pci.sys
22:03:26.0914 0x2440 pci - ok
22:03:26.0932 0x2440 [ 3D587E4295B11B8480F7ACB09A89D718, 8C3BD62B3451E1B2E7197EDAE381785406DF86C03BEEC486602C642FDD37DBC1 ] pciide C:\Windows\system32\drivers\pciide.sys
22:03:26.0934 0x2440 pciide - ok
22:03:26.0963 0x2440 [ B8F07002B5F1DA23CFF979C2806B09F3, AD5C589A02BB8185AA070420BF30E78BC8BE3C6F9B0F66319A8CA05B70A5ED32 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
22:03:26.0969 0x2440 pcmcia - ok
22:03:26.0990 0x2440 [ FF588077D0C6AC2EA3FCBF1903CE08D0, 64BE1646FB6D8CC902B6F386255F7C0420E3C334E14DECD527DD541B43A1DCD6 ] pcw C:\Windows\system32\drivers\pcw.sys
22:03:26.0994 0x2440 pcw - ok
22:03:27.0027 0x2440 [ 70469C8AC4AD367295E70CFDD81B754C, 3EC6FD742C7C60363939E5343477810D751D91D32A2F24285976C08A7C4477AB ] pdc C:\Windows\system32\drivers\pdc.sys
22:03:27.0033 0x2440 pdc - ok
22:03:27.0069 0x2440 [ 688F47C342E1BBC87A48AB71D316233E, CE99AB67C7E7A11AC69C2F4513AEBDACA385BA7F8CC49BE6313CE04ED404A0E7 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
22:03:27.0096 0x2440 PEAUTH - ok
22:03:27.0212 0x2440 [ 2B9E298DE8A8186967A400F445039A51, 7B10E5BF5DCC1926D858C565615F1613D3AA2A3183C801818CD2004AF9D3FBC4 ] PEFService C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
22:03:27.0251 0x2440 PEFService - ok
22:03:27.0287 0x2440 [ 189265498945593D5256CFF7FEBB9665, 9CB88CC3C726BFE6EDCE8D9E4544306AACD3FB9E969E3A438D9FD533F25C1281 ] percsas2i C:\Windows\system32\drivers\percsas2i.sys
22:03:27.0291 0x2440 percsas2i - ok
22:03:27.0320 0x2440 [ 9B86965114F6831A5130EFE6657B17D9, 4C5B657DB9A9F96BFD3EAFA756ED60D911EB58857C439F5FA6E495A473ED1145 ] percsas3i C:\Windows\system32\drivers\percsas3i.sys
22:03:27.0333 0x2440 percsas3i - ok
22:03:27.0414 0x2440 [ 8A5A52C855FB5BFEF019AE9938AEA8AE, 77CB8A09B209DB5895319BA9D073A67148926E22C47836343050DFC178AFAEEE ] PerfHost C:\Windows\SysWow64\perfhost.exe
22:03:27.0441 0x2440 PerfHost - ok
22:03:27.0556 0x2440 [ B0BACDC36CF5D615E8DB4FF8DC269F1E, 10AC96254BD103B55656D1BAF9841615C60A6175B339F8A079F8C2743D09A03A ] PimIndexMaintenanceSvc C:\Windows\System32\PimIndexMaintenance.dll
22:03:27.0575 0x2440 PimIndexMaintenanceSvc - ok
22:03:27.0891 0x2440 [ 82FDEC2A262728F62F2111A84CC04B16, A1FCE38D4F55F10BB9B3BFB7D9E3EF7C27D499D9C8882218C8A9A73487798188 ] pla C:\Windows\system32\pla.dll
22:03:27.0951 0x2440 pla - ok
22:03:27.0989 0x2440 [ 7B3DA16FAA498838BB457E0B7E380EDF, B73DCFFA60886F10765E4B76A58CFF18C08CAFEE620700361FC8FEC7E80B5958 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
22:03:27.0999 0x2440 PlugPlay - ok
22:03:28.0031 0x2440 [ F1E9C35A8DFD4D64382CFB9019A950F9, 24E0381C6909F9876D6DC4697DC6405FE18DF91531891B2CCA6DB0191B9C6DF4 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
22:03:28.0037 0x2440 PNRPAutoReg - ok
22:03:28.0073 0x2440 [ CAFB5A95883158A0579DED2ED5CB0627, B23F7D19142DD3544F96ADB36F152F4EA7F6C524A1281EC26A2B95D7D044822C ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
22:03:28.0089 0x2440 PNRPsvc - ok
22:03:28.0156 0x2440 [ 62C0BD179961132EF2C5B952210C11F5, 2473FBB3619D0DDA229D4BEC30CEFE7497C27ED3844A5B7655F6F2D328FEAF61 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
22:03:28.0181 0x2440 PolicyAgent - ok
22:03:28.0222 0x2440 [ 6390391EDFC43DD11CE9E6AADCAC20EA, C8BC222FFBB9E47489D16BB5248E0E2E594011C46CFF71F5DBCC4D5CC6788098 ] Power C:\Windows\system32\umpo.dll
22:03:28.0235 0x2440 Power - ok
22:03:28.0260 0x2440 [ 1433EB7908E5E1E20FFD50E4126C3484, 34D81680C8F2F2C5892FC0E0A6DFCBB241AFF493267A1FE182ED28AE9F712456 ] PptpMiniport C:\Windows\System32\drivers\raspptp.sys
22:03:28.0265 0x2440 PptpMiniport - ok
22:03:28.0562 0x2440 [ 12E2582F69ACA40A6BAE91DA578CBF34, 648C6394763906AA4163976DA2C3308F8B706486D9D8F16258CB1D61C2929930 ] PrintNotify C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
22:03:28.0684 0x2440 PrintNotify - ok
22:03:28.0715 0x2440 [ 22DE54C3974E4FD98F61D095C22C59B7, 64E78D6DEC4A28ABB0A23F2CF078459D81796EC79235AE45976ABB4F72B1D1E6 ] Processor C:\Windows\System32\drivers\processr.sys
22:03:28.0726 0x2440 Processor - ok
22:03:28.0779 0x2440 [ 44406AB6CDCA5BD1195273F07F656D9A, 7DB13FC6512C732DC39DEE52EF6A5257268309F818609E999DEC360BA4277AD4 ] ProfSvc C:\Windows\system32\profsvc.dll
22:03:28.0800 0x2440 ProfSvc - ok
22:03:28.0824 0x2440 [ EDD52C352CBAAAD13FD7BD5DCEA309B3, EC7D294B23FD5C309E5C4C455896937B85DC615E1B36C9F8F3BDC90E75EBF9CF ] Psched C:\Windows\system32\drivers\pacer.sys
22:03:28.0832 0x2440 Psched - ok
22:03:28.0918 0x2440 [ 605750DA0741F2B28906BD27EFCB78D8, 91AD3952B4FA19FA28FC4C3151BAD2EDE94D250A87EBC4B2EE3A534A2D41C456 ] QALSvc C:\Program Files\Acer\Acer Quick Access\QALSvc.exe
22:03:28.0934 0x2440 QALSvc - ok
22:03:29.0017 0x2440 [ D232A1F1DD250F9B9944F0D98045FA9B, 330719FED4D4A53A3A75263560B4A32D06AC1E3F00F0AD6A45C4F504A1C1AB6D ] QASvc C:\Program Files\Acer\Acer Quick Access\QASvc.exe
22:03:29.0036 0x2440 QASvc - ok
22:03:29.0130 0x2440 [ DD3FF2053356D11C785999BBC633F3E0, E9A5B7C657F4523E5DEF7AEE7ECFCC94E911FC65F1D491BEF01239F357B8D8E0 ] QWAVE C:\Windows\system32\qwave.dll
22:03:29.0148 0x2440 QWAVE - ok
22:03:29.0187 0x2440 [ 51590F442C6E5D43244BA30DDB0CE79D, 9C7FD0A19753C13FD4A27EBFD60703A2414D5A2F6F451F0B32769C8D7C953980 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
22:03:29.0217 0x2440 QWAVEdrv - ok
22:03:29.0285 0x2440 [ 29EF474475CA406FF5B14D6B434F1ECE, A09ABDCE77FF45E0FEB826E96C9F54A5BC6699BF644C8816BAF4CA5630C9D44E ] RadioShim C:\Windows\System32\drivers\RadioShim.sys
22:03:29.0288 0x2440 RadioShim - ok
22:03:29.0312 0x2440 [ E951E70019865B06126AF850BCCA2026, C590DE38C7603149AFA0271D57EEBAF956F18F50584FCF04BC2C8D8CEC5C5932 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
22:03:29.0315 0x2440 RasAcd - ok
22:03:29.0346 0x2440 [ 0BF8607133AE264BC3C41A5BAA5FFB7B, 9A4F6AC6013AB5C2A99BCFC2CCF161DD225DE8D85D61579655ADBF04A4383A61 ] RasAgileVpn C:\Windows\System32\drivers\AgileVpn.sys
22:03:29.0351 0x2440 RasAgileVpn - ok
22:03:29.0376 0x2440 [ FE0976379F9E7DB6F7945FCEB88C7E29, BA331CE55C02E86478714DA87FAC547B50D53BC7D02BCA5A64D484DED44BFAA5 ] RasAuto C:\Windows\System32\rasauto.dll
22:03:29.0385 0x2440 RasAuto - ok
22:03:29.0436 0x2440 [ 2521520142F7853E39028AE6BD66E072, 7A7E18E886781B4984826C1FC4BEDABEC62D906063EE2781FD799B0097616B9F ] Rasl2tp C:\Windows\System32\drivers\rasl2tp.sys
22:03:29.0448 0x2440 Rasl2tp - ok
22:03:29.0575 0x2440 [ 9AD8FCCC95B68BC3129AA2318CE55717, 57227EBF2C1D42063B95AC92F380BAA95E0C6F2E6556F887AACBF63A0482FD24 ] RasMan C:\Windows\System32\rasmans.dll
22:03:29.0605 0x2440 RasMan - ok
22:03:29.0631 0x2440 [ E5FA41160F5A3D78D8F7765E5C5F6BB0, 31BA423FFFC3206717DC34B482149421EE28B27A4A3BA2DC78C3B3A9EE0C1365 ] RasPppoe C:\Windows\System32\drivers\raspppoe.sys
22:03:29.0639 0x2440 RasPppoe - ok
22:03:29.0658 0x2440 [ DF0834AE921E633E05D1FDC55C318957, 851A00961224DACBEF9DA427122F6B4B73BB99849D5ECB55DBBD311B2EA84C33 ] RasSstp C:\Windows\System32\drivers\rassstp.sys
22:03:29.0662 0x2440 RasSstp - ok
22:03:29.0787 0x2440 [ FC9B7AC6E2B837EF7CD6C64F7068D41D, 9B0DD842033E82BC7EE80416A62B084BF5200923EB7A6C80415BB28004E9B5E3 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
22:03:29.0804 0x2440 rdbss - ok
22:03:29.0827 0x2440 [ FB7375657F8A5932C35EAA45E9B4B416, 99594708BFD6DC9F8CECBF092058D4D0D4F1BC3204E86F9FDAD5207ED5ECF194 ] rdpbus C:\Windows\System32\drivers\rdpbus.sys
22:03:29.0829 0x2440 rdpbus - ok
22:03:29.0852 0x2440 [ A32AED8C644734B283A7C9D08D76064D, A12F67C57E43B6A2FE6449EA3822B1108FE70C66AF9911798777F85D760E384C ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
22:03:29.0860 0x2440 RDPDR - ok
22:03:29.0909 0x2440 [ 37CC7E41243EFBB4FBC0510E5CA32A02, 634E2F81D61F937F30E5ECE01FB581E090C6DA073EF7B1A3F6083ECAF363CB46 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
22:03:29.0920 0x2440 RdpVideoMiniport - ok
22:03:29.0965 0x2440 [ DAF957B25A35757E9D814611FAE8FE3B, 5244A427B2DEB5349B9F336A4A39A6834A6E8118A8EDA00738C6CE09F2452C24 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
22:03:29.0988 0x2440 rdyboost - ok
22:03:30.0054 0x2440 [ 2C72E029C153D25325CA182A669E4ADE, 5CE0E04A6B53A1F11E8159DFD1E59F2AE6631E3B5BD27BAAEC4A35BC02A55722 ] ReFSv1 C:\Windows\s

22:03:30.0054 0x2440 [ 2C72E029C153D25325CA182A669E4ADE, 5CE0E04A6B53A1F11E8159DFD1E59F2AE6631E3B5BD27BAAEC4A35BC02A55722 ] ReFSv1 C:\Windows\system32\drivers\ReFSv1.sys
22:03:30.0086 0x2440 ReFSv1 - ok
22:03:30.0140 0x2440 [ BABEE4A896D005BD0D205F1C932DA25E, 269FDF65BE3A226FA2A5CA25085366E32ADAD30A020484FE844962E8C61CB1D2 ] RemoteAccess C:\Windows\System32\mprdim.dll
22:03:30.0162 0x2440 RemoteAccess - ok
22:03:30.0236 0x2440 [ 066062967A77867BDCF665960EFDAD32, 68143DBDFA7C68786C22F5CC4E80200255C663A844069C080E7816F423ABB1F4 ] RemoteRegistry C:\Windows\system32\regsvc.dll
22:03:30.0253 0x2440 RemoteRegistry - ok
22:03:30.0430 0x2440 [ 1FCB20B3A80FE573971343A5B64051A3, 3FDE55AE86DB8EAC9CFE66DF3F26C84CF927C8D1D32D4A35F9F9746BC72EF32C ] RetailDemo C:\Windows\system32\RDXService.dll
22:03:30.0477 0x2440 RetailDemo - ok
22:03:30.0513 0x2440 [ 67E83C0C9A2B5ACEE9EF690E6B7E9189, 63D2A73B2031B52C66EF0455393BF05C55F9F7B0B9E48C54A39E547D46E090F6 ] RFCOMM C:\Windows\System32\drivers\rfcomm.sys
22:03:30.0527 0x2440 RFCOMM - ok
22:03:30.0562 0x2440 [ 6451FE42C35FDE3862D99579444F4A8F, BD56A1120AACF6143E6EB739E12BEE86DF142F1159865608BDF1BBE54B66AFCE ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
22:03:30.0570 0x2440 RpcEptMapper - ok
22:03:30.0603 0x2440 [ F24131EAD1D0B73463052BB042A37B6C, 43B5772310B200DF1914C8E4D10401A0BCE9082BDEAC34736AFB2920B39D7956 ] RpcLocator C:\Windows\system32\locator.exe
22:03:30.0607 0x2440 RpcLocator - ok
22:03:30.0649 0x2440 [ 5E57B9FBB4E9C43EE5B69BEE01A1819F, A1F8D1E52AF446CEA2EB50064E3A24B713B19197D61C3EAECB81B3CCD80558E7 ] RpcSs C:\Windows\system32\rpcss.dll
22:03:30.0684 0x2440 RpcSs - ok
22:03:30.0741 0x2440 [ DC66C1D262D64E30A30B68E9F21AC74B, A5ED3D31BCD68DBC00A956787517ACA167C86F5FFDAF7C9A85505FA2B705C6CB ] rspndr C:\Windows\system32\drivers\rspndr.sys
22:03:30.0745 0x2440 rspndr - ok
22:03:30.0814 0x2440 [ 471929D729C7FBC284ABDE74D9CED9DF, 9E62B23EA0B9125F81AD65D38FB8B46063C86E92B2717B7D3321A01FBF062D4C ] rt640x64 C:\Windows\System32\drivers\rt640x64.sys
22:03:30.0851 0x2440 rt640x64 - ok
22:03:30.0939 0x2440 [ 02CB159500B40705BE8644F3B42C3992, B4F6238BF2D9E53DE3C43FC4A247700C94B9F0BEFA8D3F0AE043B1F3405A1D70 ] RTSUER C:\Windows\system32\Drivers\RtsUer.sys
22:03:30.0956 0x2440 RTSUER - ok
22:03:30.0996 0x2440 [ 88F7703F2A4677C828124AE2110D3EBC, 529F6A5815806F2EA2235802BD28AF8D7A40E7799356BD3EC337C9E71B6B53E6 ] s3cap C:\Windows\System32\drivers\vms3cap.sys
22:03:31.0014 0x2440 s3cap - ok
22:03:31.0064 0x2440 [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] SamSs C:\Windows\system32\lsass.exe
22:03:31.0070 0x2440 SamSs - ok
22:03:31.0107 0x2440 [ B467E932FE4E16E201DC7E56870CB559, 6FCE9A2DFC5D222BBEA4AA271A17B830FCF8EAE44B07BEE5FF34AE50CABCBB6A ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
22:03:31.0113 0x2440 sbp2port - ok
22:03:31.0162 0x2440 [ 3E115C63649402D321D396F8D606C9B0, F4BA7FE0E89D563A57B6865E4CF1334998987D11A0D70FF7491726A507B40DF4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
22:03:31.0202 0x2440 SCardSvr - ok
22:03:31.0242 0x2440 [ 67EFFD3D1BB6D2B67DF7F8FDCB1A51FC, DE41539FAC730F5CFF6C8754ECFF1253AFDC1C86743AE71B61D716B7A84E85FD ] ScDeviceEnum C:\Windows\System32\ScDeviceEnum.dll
22:03:31.0254 0x2440 ScDeviceEnum - ok
22:03:31.0279 0x2440 [ 31DDA0716EC265CA57DAF9D2295FD76F, E6F39C1B3CF81918277DB8C6E3DF9A82812E1C9063DEB1FB85FE433DC9A16CBA ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
22:03:31.0283 0x2440 scfilter - ok
22:03:31.0438 0x2440 [ 1BFAC03B6422E878EFCDA934BF4C4823, 0BA537A4B9E8020E6B709A44F1382DB3B41CEF631B847201F812152FEB303CD3 ] Schedule C:\Windows\system32\schedsvc.dll
22:03:31.0480 0x2440 Schedule - ok
22:03:31.0564 0x2440 [ 320E7A02D81A468E8C1FEEFDB856AFAE, E65127D3D6B628F9D19EA509FEBD9E4DC1BF20D0C62C3C9E1D7087DF972B2AA7 ] SCPolicySvc C:\Windows\System32\certprop.dll
22:03:31.0572 0x2440 SCPolicySvc - ok
22:03:31.0666 0x2440 [ 004C66464D8FE76D5DA78BE6777D61AF, 58B5C436798EEBBE7081D54B55B70DEB15331856802CD45E3FF8BDE794F06A27 ] sdbus C:\Windows\System32\drivers\sdbus.sys
22:03:31.0689 0x2440 sdbus - ok
22:03:31.0743 0x2440 [ A906C527B838A4922611C63EBD250F91, 6BB0054A9C2408138BDF49D834FF99B5B9764E7747ABC15016F54FBA1D28394F ] SDRSVC C:\Windows\System32\SDRSVC.dll
22:03:31.0768 0x2440 SDRSVC - ok
22:03:31.0801 0x2440 [ F4BF50A7D16A97A887BFA0F193693C42, EEBF5AAC149C72F490BAC954B25BB6882B10FC38F93CA4F4829A06702B1ECEF9 ] sdstor C:\Windows\System32\drivers\sdstor.sys
22:03:31.0814 0x2440 sdstor - ok
22:03:31.0847 0x2440 [ F2F1E2B5E253A91BD0A623A674A48CD2, EB5982DF138731BFA0411BC21279F35240DDCA2B3101213D99D2A0605ED1BDD0 ] seclogon C:\Windows\system32\seclogon.dll
22:03:31.0865 0x2440 seclogon - ok
22:03:32.0094 0x2440 [ EA160DB2589350DFF52C7ACCD7763187, 1EA4C33AE67EE0EC0748D892D402AD49832FE752F6864AF99AFCA52873D6F4A4 ] SecureLine C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
22:03:32.0117 0x2440 SecureLine - ok
22:03:32.0165 0x2440 [ 29452A9DA3E3482F0C2963312F979053, E1782D36C336C4B4C261AD665C1E9051905AA86020E08FC94069972AF4C4DB4B ] SENS C:\Windows\System32\sens.dll
22:03:32.0177 0x2440 SENS - ok
22:03:32.0307 0x2440 [ 919BA7E3054E4F1D61A3524ADCE6A970, 3C382673DF5AF2F38A5AE4A268F5856B0CC9E65D52213DE6D2C06E252753B73C ] SensorDataService C:\Windows\System32\SensorDataService.exe
22:03:32.0358 0x2440 SensorDataService - ok
22:03:32.0461 0x2440 [ 01C2EEA7870FE26A4A6CCBA5421CC7E5, 9E643AB6BCBECE4F2A5FD4C96547A4E3F2BDFEFC5FE24B802467718EC69929F8 ] SensorService C:\Windows\system32\SensorService.dll
22:03:32.0508 0x2440 SensorService - ok
22:03:32.0569 0x2440 [ D2FEE824B4AA0BE377F1353E5F915BF4, 00D754C62F3482BBD0EA72C896139C39D15192B2D9FCC7B755D1FB9DF9FCFD9B ] SensrSvc C:\Windows\system32\sensrsvc.dll
22:03:32.0598 0x2440 SensrSvc - ok
22:03:32.0627 0x2440 [ 9DB0BBE3ABE1F49651AE51EC5BCABE58, 0B46C1F231F41766AB73EE7E9834D3CDACA602D12E702D9277E28B47417D9CA4 ] SerCx C:\Windows\system32\drivers\SerCx.sys
22:03:32.0640 0x2440 SerCx - ok
22:03:32.0725 0x2440 [ C4AF79C37334D995D95C22C14FDBF7FD, 4D4985921261909F2123467A22EDB102B490710F60AB935624435E5BB808A0E9 ] SerCx2 C:\Windows\system32\drivers\SerCx2.sys
22:03:32.0738 0x2440 SerCx2 - ok
22:03:32.0818 0x2440 [ FC541A272F47BE03E67A9FCB87FA8C3E, 730A3616FD67E9F2832442144B2655A8EF78B9AFCB204113E73E257256491354 ] Serenum C:\Windows\System32\drivers\serenum.sys
22:03:32.0824 0x2440 Serenum - ok
22:03:32.0909 0x2440 [ 997B78F8E312450C6CF31FA58EDDC84F, BB03E85EB844C0F12CB15F8ACE70E6A0B17B49034484E0AF94335C481F6CE8A0 ] Serial C:\Windows\System32\drivers\serial.sys
22:03:32.0921 0x2440 Serial - ok
22:03:32.0942 0x2440 [ C8738887228B7BFA3B1A906816A8BB12, 328283569201791891D5E9FB3028DB5B9FD93A7BEFC00C7DEBC2CC5731DE64D5 ] sermouse C:\Windows\System32\drivers\sermouse.sys
22:03:32.0946 0x2440 sermouse - ok
22:03:33.0007 0x2440 [ B1CB58853153397DFFA2D13A81451D09, CC9B3B064711E9B5CB38DC1C84DC410033939848BD31BB0D12F990E8154F357E ] SessionEnv C:\Windows\system32\sessenv.dll
22:03:33.0031 0x2440 SessionEnv - ok
22:03:33.0056 0x2440 [ 67832B68752CDF7FDE56949E4A2E70BF, A72320EA8575A751DF86A1EE7969AD9D548D6185F2520197262E11B79FF8222B ] sfloppy C:\Windows\System32\drivers\sfloppy.sys
22:03:33.0059 0x2440 sfloppy - ok
22:03:33.0197 0x2440 [ F10E5536E1C753E01CF19FA4F466CE90, C9897F22B176D84CA233F864078895E3DAD4DAD090FACBB01BD6E59EE337B47C ] SharedAccess C:\Windows\System32\ipnathlp.dll
22:03:33.0238 0x2440 SharedAccess - ok
22:03:33.0308 0x2440 [ 4AC12D495B3CB4275F74C68A7A017561, DC53EBD606ECCD8BCF6D618C0EB58B03F5C20F09E0F0AEDE9B8082D6B208B19A ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:03:33.0356 0x2440 ShellHWDetection - ok
22:03:33.0375 0x2440 [ ED058030296CF9B79C8D48BF43724323, 01DC7C2590DF48116CD1A126F207FE5DE439A53286BAE3736E22EE3D1CA80BE3 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
22:03:33.0379 0x2440 SiSRaid2 - ok
22:03:33.0400 0x2440 [ 633D3D1581E9DCCD5A2D8F039104C9A5, C44B5097016C2AEC8B41F77425FE44413562F9DCF0C0C11CA69D8178970B4706 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
22:03:33.0408 0x2440 SiSRaid4 - ok
22:03:33.0430 0x2440 [ 35B8FC714C2E7F07F7DC7C64452153F8, 6D45EB01B5F972ED0E5520E771F007FFEE892054FABDB3DD00D3E9915D3A0A31 ] smphost C:\Windows\System32\smphost.dll
22:03:33.0436 0x2440 smphost - ok
22:03:33.0479 0x2440 [ DE3A5C27EC842A113F68A2705FF63B00, B134EF63708A892B673B539F544F7980FF72838D822E8E4CCDDB359B22CB8805 ] SmsRouter C:\Windows\system32\SmsRouterSvc.dll
22:03:33.0506 0x2440 SmsRouter - ok
22:03:33.0541 0x2440 [ CD1056818A6FCEF4D32BD1D6E34070D5, F5BFB61ACB220A73B0DC4487B049F52E9F9FA2D4188C001E7A5838D47CEA6343 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
22:03:33.0547 0x2440 SNMPTRAP - ok
22:03:33.0608 0x2440 [ 187B4AD4446C59F8FCC4A10F473EE3D1, 0AAD961B3D7B3484DC89CB86F3EC96CEBFABB7224A5BFB48083DE8F1805EA7B4 ] spaceport C:\Windows\system32\drivers\spaceport.sys
22:03:33.0628 0x2440 spaceport - ok
22:03:33.0648 0x2440 [ 2799FCA215919FDC9A87C5FCAB530828, BDE968BF26693AA4D70AB669896BCA49C6F533EA226386B35B0EA589A55227B5 ] SpbCx C:\Windows\system32\drivers\SpbCx.sys
22:03:33.0661 0x2440 SpbCx - ok
22:03:33.0717 0x2440 [ 58C17D92AD61EC7A98B05F4FAD0D205A, B881134A1BD9194145A9D18BDB34D57E2C167F06C2A9368459D0C33E6E0D6501 ] Spooler C:\Windows\System32\spoolsv.exe
22:03:33.0757 0x2440 Spooler - ok
22:03:34.0573 0x2440 [ 5C31E109943E67CFC801810C00AB63EE, 9A80D7CDA1135EBCE10E753986A59CFA3D8D49F9B0BE38FDF99880B1DD88C41D ] sppsvc C:\Windows\system32\sppsvc.exe
22:03:34.0871 0x2440 sppsvc - ok
22:03:34.0977 0x2440 [ AA1F23501511EFE9CF9771F6B20E8D45, E786852D9877CCFD35444F8FC694467132F868D87A8C344FD1016FFDE74695A5 ] srv C:\Windows\system32\DRIVERS\srv.sys
22:03:35.0021 0x2440 srv - ok
22:03:35.0215 0x2440 [ F5B169EDF9D5E3C7200D89D30E065D13, 12BAF3A3CB76F0900FA53681C9AD16F40308F493BA22C0F60E1E268D0D6AF825 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
22:03:35.0241 0x2440 srv2 - ok
22:03:35.0272 0x2440 [ 2E142E027F0AA698BA4DCE49CBDB43CD, A21027BBBC75A55A8B302D028113A0683016E4C72790A8C561DDB1AE7FDB4289 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
22:03:35.0282 0x2440 srvnet - ok
22:03:35.0327 0x2440 [ BF71B3FB5B7557CB740CDB09C5FB50D9, D6F9E65FDC9C4ADAFE82D94F71A1F5960DB3BEEBF4FE5B2D087515C4FAA5F287 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
22:03:35.0341 0x2440 SSDPSRV - ok
22:03:35.0379 0x2440 [ EF1BC04215C201ADA3F7F5A2F034EA21, E1A7A0FA2032B9E7D3951100E74C04D93CD848C88D23D57FBA0BFA2816B29C61 ] SstpSvc C:\Windows\system32\sstpsvc.dll
22:03:35.0397 0x2440 SstpSvc - ok
22:03:35.0672 0x2440 [ 78760751FBCB900F6F68CA1700DAE2DC, 356914797056B11745E18ECD033B8DC801C3C3DD6C5127FCD430A02C4FDD34A9 ] StateRepository C:\Windows\system32\windows.staterepository.dll
22:03:35.0783 0x2440 StateRepository - ok
22:03:35.0808 0x2440 [ DDE064A4298FD1FBF804D3ED691E7EDB, B0D117B1FC0DA2CB76F5F63699E2F108930B6C6721AC443111D48215ED624278 ] stexstor C:\Windows\system32\drivers\stexstor.sys
22:03:35.0812 0x2440 stexstor - ok
22:03:35.0889 0x2440 [ 60F04DF1AB55D6D4BDA02052DD20537E, 52996EDF2C06968DADC9BDF24E4039929B81643493C7193B8CC4A6BD1A3AE761 ] stisvc C:\Windows\System32\wiaservc.dll
22:03:35.0918 0x2440 stisvc - ok
22:03:35.0960 0x2440 [ 32C95F44108C3E7DB58F773346E3C9D0, F852D8ECA06080EA6DE1A90509071965A750D9CFC9627F0D4DB8ECC57133B0B5 ] storahci C:\Windows\system32\drivers\storahci.sys
22:03:35.0966 0x2440 storahci - ok
22:03:36.0000 0x2440 [ 8883C8CE4942A99B84E1CC6EFA19738E, 60C1CDA4382F8EE70D810DBB1BCAF5F389433563FF23EEB84859612F396D8CE6 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
22:03:36.0004 0x2440 storflt - ok
22:03:36.0064 0x2440 [ AE7B7E1E95BFB9340B1956C98CA52C81, 3E0214A0C486C1CD05D9BC57E58A998A3CEADDC1D24AE2A75098F56B37069160 ] stornvme C:\Windows\system32\drivers\stornvme.sys
22:03:36.0073 0x2440 stornvme - ok
22:03:36.0107 0x2440 [ 63513EF3121689B3A59BD217618A2E42, DE9B89732801DEC60BD116D58CFB427F7E37F093BE8A9F6E0CAC729B5346B314 ] storqosflt C:\Windows\system32\drivers\storqosflt.sys
22:03:36.0120 0x2440 storqosflt - ok
22:03:36.0180 0x2440 [ CC96FF061C772340F2ED89ABBA567ADC, 028CD44405B7FAFC7BF331DD729E44E0594A63386F48CF39D7725A58B3DE22D6 ] StorSvc C:\Windows\system32\storsvc.dll
22:03:36.0207 0x2440 StorSvc - ok
22:03:36.0237 0x2440 [ 000F5CFCEF0F06DC8FD1D2F568E48AE4, C1FE485E57A1B912CE79556E0EFF03CC11362E7966D250E3AA4962DCCB8F8EE6 ] storufs C:\Windows\system32\drivers\storufs.sys
22:03:36.0244 0x2440 storufs - ok
22:03:36.0265 0x2440 [ 7415087F9006D6818F85F3CBD79B1A50, C768EBB2263375D285D689FEEF546147D42D7376977424A4D6FD655CC78EA7CD ] storvsc C:\Windows\system32\drivers\storvsc.sys
22:03:36.0268 0x2440 storvsc - ok
22:03:36.0292 0x2440 [ E49858EA5865A015EB78B7F7C1C07DE2, 1ADBBAC2D2E2E3C40AB0BDDE068001E76A8DAB79C54F06479F7A4567DAD7A7A8 ] svsvc C:\Windows\system32\svsvc.dll
22:03:36.0303 0x2440 svsvc - ok
22:03:36.0383 0x2440 [ 802278EE4ACCE9EA1F1481DF20EB1667, E78F0DA2CA0B2C2DF3B7E3B2A22C03380FE649813EE6EB31067C5FB6727DB7BD ] swenum C:\Windows\System32\DriverStore\FileRepository\swenum.inf_amd64_2a699e44676b7781\swenum.sys
22:03:36.0387 0x2440 swenum - ok
22:03:36.0501 0x2440 [ 313D2C0DBA0B23A8302254FD317D2EC8, 20B98D6F33FEC7ACBCEED9757A3FEAD837FA7BA378BA25575A33EA45E076FC6B ] swprv C:\Windows\System32\swprv.dll
22:03:36.0524 0x2440 swprv - ok
22:03:36.0561 0x2440 [ 12D0CB1DCAE6725B6CA54CC2038C4C8C, 7D224298E440B8C5FDD99A52485A6245DE5109C9A02E65AD38F1EC6DBF4AEEF2 ] Synth3dVsc C:\Windows\System32\drivers\Synth3dVsc.sys
22:03:36.0566 0x2440 Synth3dVsc - ok
22:03:36.0655 0x2440 [ D5B31B2F14848015C211F1D674A82F3A, 58C18254C817693DB727090D1CC518032B3A67C5B3FC7F2F8CE4613A33790CFA ] SysMain C:\Windows\system32\sysmain.dll
22:03:36.0705 0x2440 SysMain - ok
22:03:36.0754 0x2440 [ D5AAA188C70146977CFEE8D128599F3F, 9ABC30982E552EAF41FE84397EEEE5A3187444062C662D7CF35A03E3B274AFB8 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
22:03:36.0773 0x2440 SystemEventsBroker - ok
22:03:36.0810 0x2440 [ 95875059929EF91B55EA612D7967DD3D, 5F734209C8C9725376F7C146ED84999CC6D019C4C10B1795F53E72BE8853E2DD ] TabletInputService C:\Windows\System32\TabSvc.dll
22:03:36.0821 0x2440 TabletInputService - ok
22:03:36.0864 0x2440 [ FE33F417DFD9847CB571D3C7EE5FA7E3, B3C7BE7998B9B093DD969A2588EE8CEBD9771331A63D4B1D86A188317B5EE71C ] TapiSrv C:\Windows\System32\tapisrv.dll
22:03:36.0881 0x2440 TapiSrv - ok
22:03:37.0024 0x1600 Object required for P2P: [ B005FACC39CF5345F7040CFFBA321150 ] ClickToRunSvc
22:03:37.0094 0x2440 [ 07B4CBB580AAA1DD1838F2344925D7C0, 49ECF0AA8E28CE5D578EA99A49009AC79B009C6F6675A5E5FB0FA62E351E0DA2 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
22:03:37.0182 0x2440 Tcpip - ok
22:03:37.0295 0x2440 [ 07B4CBB580AAA1DD1838F2344925D7C0, 49ECF0AA8E28CE5D578EA99A49009AC79B009C6F6675A5E5FB0FA62E351E0DA2 ] Tcpip6 C:\Windows\system32\drivers\tcpip.sys
22:03:37.0391 0x2440 Tcpip6 - ok
22:03:37.0462 0x2440 [ D378A1AF58AFA84BB6AC753F2C1BE9F4, 8BBA623193D51E6A8DD0627FA08C93B918EF1BA2EEBA46CDBB86FE6A1007FDEE ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
22:03:37.0465 0x2440 tcpipreg - ok
22:03:37.0494 0x2440 [ D42AC03ACF9CA67693D1D9BB4D2A0BC8, D39D5180F3CDB23B4551A8C98F3C92A960B4CC9FA48E0FE11A6D89B0C247783F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
22:03:37.0522 0x2440 tdx - ok
22:03:37.0546 0x2440 [ CCDBD2817C10A4F631280CBB3AE44FFB, A022DEF4D3CF75F41FA26275347F4BA38A513AD32FF18385C2E756DECB61D404 ] terminpt C:\Windows\System32\drivers\terminpt.sys
22:03:37.0559 0x2440 terminpt - ok
22:03:37.0716 0x2440 [ A0608264209A836821D6AB8C67B108AB, 7912C75F72BCAB7426A2E00C597C8D94C185B5DD31BD6C4BE5D56FECD5B0D9EA ] TermService C:\Windows\System32\termsrv.dll
22:03:37.0765 0x2440 TermService - ok
22:03:37.0795 0x2440 [ 261830B1E3650E4471E1F98850B929B7, D281B8A93315E64C7AF5002E5BFBE6AFF8B35FD6AA747AE07D7AA96F4AFAA613 ] Themes C:\Windows\system32\themeservice.dll
22:03:37.0802 0x2440 Themes - ok
22:03:37.0845 0x2440 [ 8D23F0819A00C547814409B734DD3747, 0E1B25A53C84486F8A57F309F3C016114F90F5AF5E576889BD230931F38594A5 ] tiledatamodelsvc C:\Windows\system32\tileobjserver.dll
22:03:37.0870 0x2440 tiledatamodelsvc - ok
22:03:37.0930 0x2440 [ 354DAA630928CD4DA2BC84A0DA4ADA9D, AFAE4948EA4F899267DC52DF9A06450FC3E77083B563E541581DA90685C7E98C ] TimeBroker C:\Windows\System32\TimeBrokerServer.dll
22:03:37.0971 0x2440 TimeBroker - ok
22:03:38.0056 0x2440 [ F4AEDABC8F3A9D632F8206D0C7F8CA09, 6E76749CD4B857B4D930267E3CF448AF4D14FAC851873C5E71572E62CAD2FA36 ] TPM C:\Windows\system32\drivers\tpm.sys
22:03:38.0099 0x2440 TPM - ok
22:03:38.0148 0x2440 [ 2D0338A3009075FCCB119CB7F3280F82, F42F3B8DA0F8B2C99892E66CDEF471A1CD30A30CF437ADFF464A2C786A6B87A6 ] TrkWks C:\Windows\System32\trkwks.dll
22:03:38.0157 0x2440 TrkWks - ok
22:03:38.0211 0x2440 [ 62D6A900C5DFF2ECF131384E5A5C85AB, 1AF1FB868C59DFF452E3351EE5070B2C746DE606B9E2F1834CE2256F41ABE7A9 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:03:38.0216 0x2440 TrustedInstaller - ok
22:03:38.0237 0x2440 [ 676C801CAA61AADD0C918CC536A74B78, DB5DEC9445272E46D32DC2A9A99A9AE45729E424E61C679ECFD973AA88457BE6 ] TsUsbFlt C:\Windows\system32\drivers\TsUsbFlt.sys
22:03:38.0245 0x2440 TsUsbFlt - ok
22:03:38.0267 0x2440 [ 2BB6CC0DD1CEE86330743B56FA9FE91F, EE71E3DEECA7599947AB09E8967FE8066348D82B4C17D8CBE800FCDE9CF4989D ] TsUsbGD C:\Windows\System32\drivers\TsUsbGD.sys
22:03:38.0319 0x2440 TsUsbGD - ok
22:03:38.0363 0x2440 [ 14B46248612DF1B1A695040FFFBCFAFC, 8C373A3C416FC9AB3872A187E64AC7A6E69FF605BD8784E8F2B1C28C293A0495 ] tunnel C:\Windows\System32\drivers\tunnel.sys
22:03:38.0370 0x2440 tunnel - ok
22:03:38.0399 0x2440 [ 6A606227DE13B850DCD28AD0F4112506, 6E65A79635BFD0F739479ED1C9C44075F774F9B4C9B98750A99E6FC780EE1000 ] TXEIx64 C:\Windows\System32\drivers\TXEIx64.sys
22:03:38.0406 0x2440 TXEIx64 - ok
22:03:38.0425 0x2440 [ D0BE5EA1652D55029C9A898FB8ACFCE0, 80C4BC30B967C79B3457F43EB9B530CA2571C6158958879AC55E5A81F71CFF15 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
22:03:38.0429 0x2440 uagp35 - ok
22:03:38.0465 0x2440 [ 13C15E4B238895FE4731DB1D612EEB5F, 211E4B05AA09F7FBE2487C3241A98D1F970FEE5B9B1BAED2788B57233BFC4104 ] UASPStor C:\Windows\System32\drivers\uaspstor.sys
22:03:38.0477 0x2440 UASPStor - ok
22:03:38.0489 0x2440 [ BEBB8B55C5F99B69EEE39A9D7BADB21E, 08A094EA38AB58CC70108A3BDFDD3251897DC4B13FDDAD54C1B063137836EF34 ] UcmCx0101 C:\Windows\system32\Drivers\UcmCx.sys
22:03:38.0493 0x2440 UcmCx0101 - ok
22:03:38.0530 0x2440 [ DE3EDAF609D00EA2E54986E6459796A6, 61A9AB51869F38300CC5CC5D302B962FB966F54CBB2E393954F36372B3A479FE ] UcmUcsi C:\Windows\System32\drivers\UcmUcsi.sys
22:03:38.0539 0x2440 UcmUcsi - ok
22:03:38.0573 0x2440 [ FB1C1D8B96A482F3581338D6752E1D6C, 0FFAEE3E088614B3483C459513BB9D78EB76B574696FD877A3CDF6A11378F46C ] Ucx01000 C:\Windows\system32\drivers\ucx01000.sys
22:03:38.0583 0x2440 Ucx01000 - ok
22:03:38.0615 0x2440 [ 4E1543ACE2F6E2846713E5123D9D4159, 1A6AFC525A80D1F19B14CDAD38790DF7293911C4D0E8301161D92201B934C3D4 ] UdeCx C:\Windows\system32\drivers\udecx.sys
22:03:38.0618 0x2440 UdeCx - ok
22:03:38.0656 0x2440 [ CDCA9CC1D8293E75218D8FF85F2337A4, 173086C08DDC7625E026E425F1E2B5D6C795771BEAE9BFF6093E3592FBEBD323 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
22:03:38.0680 0x2440 udfs - ok
22:03:38.0703 0x2440 [ BC683E19307C533C7161DB7A58051347, 5553BE3421986FDD9992EBFD883CDA151F7166C01BBFA3E9183A3C93E41D79B6 ] UEFI C:\Windows\System32\drivers\UEFI.sys
22:03:38.0713 0x2440 UEFI - ok
22:03:38.0778 0x2440 [ AD53262AFF486D28190439D3A59C80F7, 9A57AA4BD93392894110B344CAB884476A2F107442FAB6E840178BE544B5CC6E ] UEIPSvc C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
22:03:38.0796 0x2440 UEIPSvc - ok
22:03:38.0830 0x2440 [ D14B42C26DE402F316D49667D15446F0, 61CC9FF03EF78631C800EFD8D587975CB94D53DB80E6F60BD13BA52EC5690D3D ] Ufx01000 C:\Windows\system32\drivers\ufx01000.sys
22:03:38.0852 0x2440 Ufx01000 - ok
22:03:38.0878 0x2440 [ 192470BE4321791FBB25F379D0141D6F, AD120F8F98BD99014471CE60630B5FEE7555AB261C98B7D9819FE23C386655F7 ] UfxChipidea C:\Windows\System32\drivers\UfxChipidea.sys
22:03:38.0883 0x2440 UfxChipidea - ok
22:03:38.0924 0x2440 [ F7BD838E84E6B286DBCE068EFB8C0800, A55188C8F8BDC739A7ED7D29CDCB2A17468BBB158E13D804963B31ED73449520 ] ufxsynopsys C:\Windows\System32\drivers\ufxsynopsys.sys
22:03:38.0934 0x2440 ufxsynopsys - ok
22:03:39.0000 0x2440 [ C844E39B900FFA46CA8DD2BBA670A077, 0CB6232BCE47C59821DF25D6ED33E85C3E32DDAB101AA8A2C22B5401E73F5D5B ] UI0Detect C:\Windows\system32\UI0Detect.exe
22:03:39.0016 0x2440 UI0Detect - ok
22:03:39.0047 0x2440 [ A25842AC180F0E8B02380ECB8ADA1AF5, AF22E7559C5EF8DC22A2B9E27FFFFF075B1D1B68A8307266BD9473E0FAF36BEF ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
22:03:39.0052 0x2440 uliagpkx - ok
22:03:39.0069 0x2440 [ 21088F43172525C7E02D335A3327F46C, B04AD471A7DFE83AB557DB4540616B7DF4A1904F8BDDCB920D449FCEE6F36FD5 ] umbus C:\Windows\System32\drivers\umbus.sys
22:03:39.0073 0x2440 umbus - ok
22:03:39.0091 0x2440 [ 294A291B5D48FE8F38DD94B7272442C5, 66C9139636760C92C1E04FCF440C432FF6C5A94E1577CAFE1D61FCF2D30472ED ] UmPass C:\Windows\System32\drivers\umpass.sys
22:03:39.0097 0x2440 UmPass - ok
22:03:39.0135 0x2440 [ 3427889AECC3B6912A0A01D095E32B98, 322AE14B74295ACFC124719BBEF8809201150A184E262EC55E26D2B45787BF9D ] UmRdpService C:\Windows\System32\umrdp.dll
22:03:39.0151 0x2440 UmRdpService - ok
22:03:39.0264 0x2440 [ B21DEA1F5F1636B82B0DAED7D04222F6, A8A6F7FAA7432682CCE1EB99FED951B4F83C4D0997E5870E9775AB4B6A2B558E ] UnistoreSvc C:\Windows\System32\unistore.dll
22:03:39.0315 0x2440 UnistoreSvc - ok
22:03:39.0362 0x2440 [ BD693208673F40BA21AA70B69F1D439C, E324947C2DD34386A83B09E73668F1CCED127AC91194B8BF7EC4C8E36CF8203E ] upnphost C:\Windows\System32\upnphost.dll
22:03:39.0386 0x2440 upnphost - ok
22:03:39.0407 0x2440 [ A7A52EDDC3FAF183D6AC4774690ADF13, 630A0331F2EFA2DC7EFDACD08D8DF5C85BFDA30FF1525050FF54E069AFA45F6C ] UrsChipidea C:\Windows\System32\drivers\urschipidea.sys
22:03:39.0413 0x2440 UrsChipidea - ok
22:03:39.0454 0x2440 [ 2EEA0897DD9E30E958B508D557F0B5E4, BE051A3AA5DFF56310FAB67AD19AC0443A3580542886EF3554EBE18F1323596F ] UrsCx01000 C:\Windows\system32\drivers\urscx01000.sys
22:03:39.0458 0x2440 UrsCx01000 - ok
22:03:39.0485 0x2440 [ DC54D775A3A61E4CDE871B4E38A1459A, CC996A9D293201BBD285E7B629B12EE88574702B8AC7BB4149439D6A25A07F7E ] UrsSynopsys C:\Windows\System32\drivers\urssynopsys.sys
22:03:39.0498 0x2440 UrsSynopsys - ok
22:03:39.0501 0x1600 Object send P2P result: true
22:03:39.0542 0x2440 [ 18B63A0980F4AA1E6D7879B253980E37, 05F96DBE0A3DE2A685DEEBA8B6838A47AEB7CE2EBE8EB6BAD67B36DCF7E73589 ] usbccgp C:\Windows\System32\drivers\usbccgp.sys
22:03:39.0553 0x1600 Object required for P2P: [ 8A6784EE831673A404B5A9ADB927D3BB ] mfevtp
22:03:39.0555 0x2440 usbccgp - ok
22:03:39.0585 0x2440 [ 1C60A1A3C8E1E819E16F12BAEB1C83F8, E255BD173DBF091C5EA07381862E23C1FD761489EC396E312974FBC124E1F33A ] usbcir C:\Windows\System32\drivers\usbcir.sys
22:03:39.0591 0x2440 usbcir - ok
22:03:39.0635 0x2440 [ 9A3E39F85DC6E3B9F792F1095ACFF788, 66B8E137A5232E9F717907CFD49FE624AE101F4DE14E2960849DABF7A877E87A ] usbehci C:\Windows\System32\drivers\usbehci.sys
22:03:39.0640 0x2440 usbehci - ok
22:03:39.0701 0x2440 [ 0A368247A900656CC0678117DFC3A87C, 9BEAD14DA067439D913F609955E95CFA0B88ED4F1BC60B473E00F9D9CBC01B9C ] usbhub C:\Windows\System32\drivers\usbhub.sys
22:03:39.0721 0x2440 usbhub - ok
22:03:39.0769 0x2440 [ 1BDA1FD02783566F0B20EB0E2517F85C, 4C86DC962BBE4CA5AE466A37CF647D84CE2A34DA7F861751587841FC10CFA09D ] USBHUB3 C:\Windows\System32\drivers\UsbHub3.sys
22:03:39.0790 0x2440 USBHUB3 - ok
22:03:39.0836 0x2440 [ 72EA850B59F40C25A4FEDDA5FE84EFEB, FB4801AA1FB72FC1C41024916368823E88D53E338640E3BEA865B0F0E7B8EE91 ] usbohci C:\Windows\System32\drivers\usbohci.sys
22:03:39.0853 0x2440 usbohci - ok
22:03:39.0894 0x2440 [ 47B2B2DE152E25546944049CA1170BB1, DDA0A806D3108B2475AB13F584EA8CE6F0932C5E394C2C3FA691DFAB8A2BCAC0 ] usbprint C:\Windows\System32\drivers\usbprint.sys
22:03:39.0900 0x2440 usbprint - ok
22:03:39.0942 0x2440 [ 6D12FF8801832846542FD2B078B6E05F, 531AE5210012806A34698256EEF19A31329751198EA44FBB142244607D0CDE57 ] usbser C:\Windows\System32\drivers\usbser.sys
22:03:39.0946 0x2440 usbser - ok
22:03:39.0984 0x2440 [ 3EB26D5963844FFAE63A93024D502BAE, 383872A864DCE13BF08A841000640FA61DFCA21E431D3AE044DD05DADFF911E6 ] USBSTOR C:\Windows\System32\drivers\USBSTOR.SYS
22:03:39.0990 0x2440 USBSTOR - ok
22:03:40.0042 0x2440 [ DFA92EA105DD1073B43FB210EEB03DD4, D940432458F0A04F5013B48197CEA0412C8A909C50605AA21DD08271C90E2FE3 ] usbuhci C:\Windows\System32\drivers\usbuhci.sys
22:03:40.0056 0x2440 usbuhci - ok
22:03:40.0083 0x2440 [ B1484D4BBC6B7B424F1CD1554B0AFB84, C9432978603360182AAA983248FFA97576B3C59BE5DA45473DFA17E2940479C8 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
22:03:40.0094 0x2440 usbvideo - ok
22:03:40.0154 0x2440 [ C67A03F54A1EA683F4880A481EE5FF6C, 346185B378577FF14EFAD01ECB7DFC9AFC0D50F16DF081C3BA99AEFF710A0EE9 ] USBXHCI C:\Windows\System32\drivers\USBXHCI.SYS
22:03:40.0169 0x2440 USBXHCI - ok
22:03:40.0334 0x2440 [ AEB8DAB1630E05FBA1ADBB47701AE336, 67AAA8A3EAE46D43A7344749198C8991B4D71687EF9B8044806D0413580DE1DD ] UserDataSvc C:\Windows\System32\userdataservice.dll
22:03:40.0392 0x2440 UserDataSvc - ok
22:03:40.0476 0x2440 [ A2FD4588F579F8671E4AB1064633CB46, A2BBF6AF7D84F5AE01BFFF69F6CCBACFC0651A2DE2BBD226C6D90208298333D5 ] UserManager C:\Windows\System32\usermgr.dll
22:03:40.0507 0x2440 UserManager - ok
22:03:40.0721 0x2440 [ D7DD99C53188F4B0A33794169E78CFD2, B9BC2518CB979BF7234F9DE395361105446B5DB7DDACCCBF433E344536B79335 ] UsoSvc C:\Windows\system32\usocore.dll
22:03:40.0757 0x2440 UsoSvc - ok
22:03:40.0783 0x2440 [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] VaultSvc C:\Windows\system32\lsass.exe
22:03:40.0793 0x2440 VaultSvc - ok
22:03:40.0825 0x2440 [ 26223003DDFB347B5CF3EC0B56DB066B, 78848BE1334C05F28FA431B08225EAE8345B2C66E7D677F9936892FC941EA961 ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
22:03:40.0834 0x2440 vdrvroot - ok
22:03:40.0903 0x2440 [ 0C3F4E7684C1D72E85A98689E65A98A1, F7928D3EFC1A83125887ADA5F8E008022B58F0DBA8A711B4D60975D8CE82B595 ] vds C:\Windows\System32\vds.exe
22:03:40.0932 0x2440 vds - ok
22:03:41.0001 0x2440 [ A417284BC6B5C2EEF63F2C5154473530, 55146660CDDD829630C216038E6500CFAC906E67C82881047B665BFEEB286D10 ] VerifierExt C:\Windows\system32\drivers\VerifierExt.sys
22:03:41.0010 0x2440 VerifierExt - ok
22:03:41.0061 0x2440 [ 4C39C05A72EB14C0567501C7E087E564, D3DC122B7E4A5BD345517FE3A9E9E58CD3C78887F9F327AB782BADCAD0F8F2EB ] vhdmp C:\Windows\System32\drivers\vhdmp.sys
22:03:41.0093 0x2440 vhdmp - ok
22:03:41.0117 0x2440 [ C42206A15078596FDE8E89BB629DE342, B95F9EC2413ADE658A7CE4A9BB57A0E125C29205C24BBB120153DACAF4CF9482 ] vhf C:\Windows\System32\drivers\vhf.sys
22:03:41.0152 0x2440 vhf - ok
22:03:41.0182 0x2440 [ 248D9F911A5C94CF8477125DD0C3A291, 418C7285184BCC9DE4E56175960585867A5DB21FEF761C49FF6F1AF1C07D8088 ] vmbus C:\Windows\system32\drivers\vmbus.sys
22:03:41.0189 0x2440 vmbus - ok
22:03:41.0205 0x2440 [ 3E98DD4E0CBD6B4F9CBD0E9E0EDF541E, 2B5CF364F4D1D3359FBEA8BB2E72A1FCE1277E8D893977B751D9AC10A27DF018 ] VMBusHID C:\Windows\System32\drivers\VMBusHID.sys
22:03:41.0222 0x2440 VMBusHID - ok
22:03:41.0295 0x2440 [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicguestinterface C:\Windows\System32\ICSvc.dll
22:03:41.0318 0x2440 vmicguestinterface - ok
22:03:41.0347 0x2440 [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicheartbeat C:\Windows\System32\ICSvc.dll
22:03:41.0367 0x2440 vmicheartbeat - ok
22:03:41.0399 0x2440 [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
22:03:41.0419 0x2440 vmickvpexchange - ok
22:03:41.0452 0x2440 [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicrdv C:\Windows\System32\ICSvc.dll
22:03:41.0471 0x2440 vmicrdv - ok
22:03:41.0573 0x2440 [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicshutdown C:\Windows\System32\ICSvc.dll
22:03:41.0593 0x2440 vmicshutdown - ok
22:03:41.0700 0x2440 [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmictimesync C:\Windows\System32\ICSvc.dll
22:03:41.0726 0x2440 vmictimesync - ok
22:03:41.0799 0x2440 [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicvmsession C:\Windows\System32\ICSvc.dll
22:03:41.0818 0x2440 vmicvmsession - ok
22:03:41.0886 0x2440 [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicvss C:\Windows\System32\ICSvc.dll
22:03:41.0907 0x2440 vmicvss - ok
22:03:41.0926 0x2440 [ 91F165C5D71D9DCB18D4661CF10D1084, 1D55C1FF0F5D860E6DB60EEFE303C0797C98BB0B053ECC255F9B316872288818 ] volmgr C:\Windows\system32\drivers\volmgr.sys
22:03:41.0938 0x2440 volmgr - ok
22:03:41.0976 0x1600 Object send P2P result: true
22:03:42.0008 0x2440 [ 17042748AC05862A0283D32575220080, A85B480CB969CB7678545D2A9EE99CBD2ADFF210FA016A43E092D0711FBB633D ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
22:03:42.0025 0x2440 volmgrx - ok
22:03:42.0143 0x2440 [ 823A237D871CD652C6BFD47BECB6810A, 99310521451CB54C29A5DEA54C3A666F95E2A1FF0979D5F9792885A161E90C65 ] volsnap C:\Windows\system32\drivers\volsnap.sys
22:03:42.0178 0x2440 volsnap - ok
22:03:42.0212 0x2440 [ 78727FA284C2095EED660D71CD3C9AEF, 323F0BD5A624DF77973F28C7CF31EC6B3A525496EBF063666623A62B1DB0EA65 ] vpci C:\Windows\System32\drivers\vpci.sys
22:03:42.0224 0x2440 vpci - ok
22:03:42.0298 0x2440 [ 2415961D561E02F5E46B7C1C687A6788, 68A54B9595A0D15D410D5F1656B6EBE3B913A4BA5F71C658C9B99420E6ED327A ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
22:03:42.0314 0x2440 vsmraid - ok
22:03:42.0412 0x2440 [ 16419CBDB04DB9FF298169AA93413822, 743AD26F08AF5EFF5DD353E75C3D659B10C3FEC2FEDABB76387B87721B5B98F8 ] VSS C:\Windows\system32\vssvc.exe
22:03:42.0466 0x2440 VSS - ok
22:03:42.0575 0x2440 [ 6AE9A843AE979F2DCCA5A25C07C7A5F8, 3CEC26DE2EEC97929A0FBBD87FF75F8DC387C0988B2047074C8F069ACBEF2587 ] VSTXRAID C:\Windows\system32\drivers\vstxraid.sys
22:03:42.0600 0x2440 VSTXRAID - ok
22:03:42.0630 0x2440 [ BD232C761C59FA8D8EF626CA630E2D2E, E494EFDCE8F6343F49F33F1F03DCD5DEC9CB6F349B1AD302B4D3333B5F6BD8E5 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
22:03:42.0637 0x2440 vwifibus - ok
22:03:42.0670 0x2440 [ 3039687AB65CEE26CF478C1F42FFCD7D, 40E140C6F94B6203767A1493DF8CAE6BA1FB67FBD0C13789444F72410D0E6FF1 ] vwififlt C:\Windows\system32\drivers\vwififlt.sys
22:03:42.0675 0x2440 vwififlt - ok
22:03:42.0711 0x2440 [ 37C868DDE3103130B00AD1313DAB5ACB, BF9C30817A3502F5C0673FD462B18FE1BF37963B29DF09D84B66BDCBF8ECBA81 ] vwifimp C:\Windows\System32\drivers\vwifimp.sys
22:03:42.0716 0x2440 vwifimp - ok
22:03:42.0783 0x2440 [ EC9B6544C569E8D7FAB91772BD7D23F2, 06CC5F21E9A9DD35099CB3E44C3E2BF2F944CE5B71284E6A85E1B681F12BD31B ] W32Time C:\Windows\system32\w32time.dll
22:03:42.0808 0x2440 W32Time - ok
22:03:42.0834 0x2440 [ FC40A7527D39F06D032A6553D22E4BF6, F572FCB5EB3DE16FD6222A5B6A43C81E3A1F838890667D9F0453F82FFCA772FF ] WacomPen C:\Windows\System32\drivers\wacompen.sys
22:03:42.0850 0x2440 WacomPen - ok
22:03:43.0057 0x2440 [ 2CFE8CBE358CC4D5715E010E3B13559F, 54E9BFCE202FA123EB261C226094054950429AAFA304AA714F461B003E070BD9 ] WalletService C:\Windows\system32\WalletService.dll
22:03:43.0110 0x2440 WalletService - ok
22:03:43.0151 0x2440 [ E9E22E116F810DAC98C5EC207F24C916, C518DC57CECA5174E7695F5632555FA08571D5F3A7D6B0C295BA4221AEA67C04 ] wanarp C:\Windows\system32\DRIVERS\wanarp.sys
22:03:43.0183 0x2440 wanarp - ok
22:03:43.0198 0x2440 [ E9E22E116F810DAC98C5EC207F24C916, C518DC57CECA5174E7695F5632555FA08571D5F3A7D6B0C295BA4221AEA67C04 ] wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
22:03:43.0203 0x2440 wanarpv6 - ok
22:03:43.0308 0x2440 [ CF9EF65FA66B0F4982FD1FACAB3009B6, 681C1CD5DCAF87EF436B907534E98B0AB4F66BD62E46B8977A7880B854766A27 ] wbengine C:\Windows\system32\wbengine.exe
22:03:43.0371 0x2440 wbengine - ok
22:03:43.0426 0x2440 [ 8F2B0ED6FCA72B34BEEA37E32D0EE106, A86C641A13FDF056B7BA13641551582199DDB08E9490003C74D999518B097C00 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
22:03:43.0453 0x2440 WbioSrvc - ok
22:03:43.0529 0x2440 [ A40484AC27EE08DBE7F8DA5E1F6651ED, E3259694450C4F1DEC5E0EA5E23BF3A51F1819374DF47FECF70282AFD46114A1 ] Wcmsvc C:\Windows\System32\wcmsvc.dll
22:03:43.0556 0x2440 Wcmsvc - ok
22:03:43.0614 0x2440 [ 8E7FD07D2C82ACBCA52C4100C20F6542, FB2CD88557ABB5EBE6555CD4E41BF4BDC6FE6BCF26288338F2FB034B966FCBD3 ] wcncsvc C:\Windows\System32\wcncsvc.dll
22:03:43.0641 0x2440 wcncsvc - ok
22:03:43.0666 0x2440 [ 9C776ED423CD03F8ABD54C2557E34416, 282C1208977070EC0280D5ABA0E03A847AEAEE31F35CDAA3C7A02D8477614EB1 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:03:43.0673 0x2440 WcsPlugInService - ok
22:03:43.0713 0x2440 [ C8BA574B3BA6AE88741AC86B1FE3C1DC, B2422CDE3A6A27B52D270D24298FF69D91D389C68456EC1805BA30AA59BAB839 ] WdBoot C:\Windows\system32\drivers\WdBoot.sys
22:03:43.0729 0x2440 WdBoot - ok
22:03:43.0811 0x2440 [ 927AD29D7F91B9A0C5294932374DA15E, ABB2722EF4153771D15683B5CE603D2B7D8A585357F64A3DC26114F37BE2906E ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
22:03:43.0845 0x2440 Wdf01000 - ok
22:03:43.0896 0x2440 [ C5BB7C612B4C852836BEA39593BA5F46, 1E2B123F34500C2A8E983AAAF7F14E409B88DC396A655F19F3E7F15D0C51A762 ] WdFilter C:\Windows\system32\drivers\WdFilter.sys
22:03:43.0914 0x2440 WdFilter - ok
22:03:43.0945 0x2440 [ 9E0442D3880438D006D95C6F63C27274, DB1ED2BCF9986495EFA8A0B3B0156119F2E4F77AE9BDC6377ADF3A6B53C658F6 ] WdiServiceHost C:\Windows\system32\wdi.dll
22:03:43.0959 0x2440 WdiServiceHost - ok
22:03:43.0970 0x2440 [ 9E0442D3880438D006D95C6F63C27274, DB1ED2BCF9986495EFA8A0B3B0156119F2E4F77AE9BDC6377ADF3A6B53C658F6 ] WdiSystemHost C:\Windows\system32\wdi.dll
22:03:43.0979 0x2440 WdiSystemHost - ok
22:03:44.0038 0x2440 [ 9B2039C5673EEBF1D4E34ABC0AFB88C7, BBC85546BD86B9027426DAF148194CFE992B80FF89311B28BE0BD82C88630E8C ] wdiwifi C:\Windows\system32\DRIVERS\wdiwifi.sys
22:03:44.0065 0x2440 wdiwifi - ok
22:03:44.0094 0x2440 [ BD193A7BD34B2E829FAF56306FEE3B09, ADD746D198E21242CEFA01840952B792074EFC473113CD3E7F1ABBA6A4E26AF6 ] WdNisDrv C:\Windows\system32\Drivers\WdNisDrv.sys
22:03:44.0103 0x2440 WdNisDrv - ok
22:03:44.0163 0x2440 WdNisSvc - ok
22:03:44.0249 0x2440 [ 6A3B5013D5C7840E8CABD63DD021C112, 371CCEEAC7816CFE79ACA8A218CDA16469D9567CB63CC9D18C55FF047011EF25 ] WebClient C:\Windows\System32\webclnt.dll
22:03:44.0273 0x2440 WebClient - ok
22:03:44.0322 0x2440 [ EED4043BC3C2D00067411730EE118354, 5E268DA4DB78C06D8F181E9408B4769F8A12C38DA52C1E986EE0CEE1101E9485 ] Wecsvc C:\Windows\system32\wecsvc.dll
22:03:44.0349 0x2440 Wecsvc - ok
22:03:44.0378 0x2440 [ 6ECD7A49AFC6533821BEEA1876CEB21D, 2E972245F56F589EF1AB9DABB9214B9DE6E290878735476323A3357D8CDFC71F ] WEPHOSTSVC C:\Windows\system32\wephostsvc.dll
22:03:44.0386 0x2440 WEPHOSTSVC - ok
22:03:44.0414 0x2440 [ 09B434867028AF4895A87959EA668686, 26A7DB82E42DCBF3A77092D58AC6392754FD7C538B9EAAEFA88E9AF81DFE8E96 ] wercplsupport C:\Windows\System32\wercplsupport.dll
22:03:44.0428 0x2440 wercplsupport - ok
22:03:44.0453 0x2440 [ DE4E417B867841EE55114E588098B8D5, 878708C93FC1D919E2B9E1C5F94A0EAFC5F28BDAA58D3F29DEEDC8EC3F72D9ED ] WerSvc C:\Windows\System32\WerSvc.dll
22:03:44.0474 0x2440 WerSvc - ok
22:03:44.0483 0x2440 wfpcapture - ok
22:03:44.0561 0x2440 [ DBF5255B759212E5217A2748567A0B5C, 5E81A9289EC39702179038B686A35FADF9974651E74222F3354B4CBE919887B0 ] WFPLWFS C:\Windows\system32\drivers\wfplwfs.sys
22:03:44.0580 0x2440 WFPLWFS - ok
22:03:44.0604 0x2440 [ 4CD8826BB8320741842A9E53E48AF2BC, 97B22D9DCD0FD31D3A801946173369B0E70B1850576682C8A8180874A61CAD1A ] WiaRpc C:\Windows\System32\wiarpc.dll
22:03:44.0620 0x2440 WiaRpc - ok
22:03:44.0653 0x2440 [ 4375BCBA419D19695CF566082CEF27D3, 6F86FA14B41A03F2BA51B8702F3D59B85FD488405601FA177495E4B7C576850D ] WIMMount C:\Windows\system32\drivers\wimmount.sys
22:03:44.0656 0x2440 WIMMount - ok
22:03:44.0664 0x2440 WinDefend - ok
22:03:44.0694 0x2440 [ 037BC6DE5F58D4A74A5BB0C12DCECDCA, 92921A2615A41C434BADEB33594DABC166FC9418FBD311A3B2022410B14BFDAC ] WindowsTrustedRT C:\Windows\system32\drivers\WindowsTrustedRT.sys
22:03:44.0699 0x2440 WindowsTrustedRT - ok
22:03:44.0709 0x2440 [ 70BCD70BD53F2FE660ED94B025A043EB, B23B96DCAB30C62CB1651B3A2292155AEE8217CE3120574F5158D5E7DA09DE56 ] WindowsTrustedRTProxy C:\Windows\system32\drivers\WindowsTrustedRTProxy.sys
22:03:44.0712 0x2440 WindowsTrustedRTProxy - ok
22:03:44.0862 0x2440 [ 8921ECEC2C7D1B1333D77325C60D3AEA, 67C6B6A92B34D99165B5591D0730322C31E967E599BA44924249BF5AD505C132 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
22:03:44.0901 0x2440 WinHttpAutoProxySvc - ok
22:03:44.0959 0x2440 [ 7792AE5403BF8975B6460DFC3428D129, D88F77E973D58C2CA629CC9249877A34ABF31CA1DC2A570666921A8A0DC8DEC7 ] WinMad C:\Windows\System32\drivers\winmad.sys
22:03:44.0962 0x2440 WinMad - ok
22:03:45.0075 0x2440 [ 73B5230F03DC7002A70F11EA1B0BAA37, DFE8BBE52B58589686E402ACED51021E298A491F907EBA5689DF9DAFC3002BA5 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
22:03:45.0094 0x2440 Winmgmt - ok
22:03:45.0297 0x2440 [ 2FE85D6AFF90F56A78743CC93B9CA684, B515765C4EE64E7EC16BD6AF037C084CCA6E81180AEF59E18F260406ABE6DF58 ] WinRM C:\Windows\system32\WsmSvc.dll
22:03:45.0407 0x2440 WinRM - ok
22:03:45.0530 0x2440 [ 811F30EB6EE8318C4171CB95AE30B9BD, 765F6BEA3D35D523B5D7ED7356EC0C97A48066A5C4D77C1E6EDAC6F220153385 ] WINUSB C:\Windows\System32\drivers\WinUSB.SYS
22:03:45.0553 0x2440 WINUSB - ok
22:03:45.0599 0x2440 [ DF00381AB8665D48DE3FF794BC6760AB, 749AC7048601061A34BFF507B574AF028FC662C0A98692E7331E667D105EC09D ] WinVerbs C:\Windows\System32\drivers\winverbs.sys
22:03:45.0626 0x2440 WinVerbs - ok
22:03:46.0027 0x2440 [ 3C096082A9232B7CEE4653B9C9031769, CFD4C7D0874097ED70735FD99206F21C12749B7956C4B5D4287F160EC6A21DCC ] WlanSvc C:\Windows\System32\wlansvc.dll
22:03:46.0142 0x2440 WlanSvc - ok
22:03:46.0346 0x2440 [ 0968D575D9108497A6DC37749D4A6C4F, 8BFEDBE642DA0FD8AC1E60180C192527F3D36E43089090A7BB6D8B27AB6E4F7F ] wlidsvc C:\Windows\system32\wlidsvc.dll
22:03:46.0426 0x2440 wlidsvc - ok
22:03:46.0451 0x2440 [ 623ED8E10DFEEAB7AE2CD11A0451DB79, 7DDE15F22FD24556D4765F6CFD0F8E2F27370A89A962919646DE2613B33D43D6 ] WmiAcpi C:\Windows\System32\drivers\wmiacpi.sys
22:03:46.0457 0x2440 WmiAcpi - ok
22:03:46.0509 0x2440 [ B2BB87531C4127ED4120E9BF5566827F, 1DDC0F00F215D77D3698F81B56D4488F384E9D017267840EDFA4846742B99B6A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
22:03:46.0518 0x2440 wmiApSrv - ok
22:03:46.0546 0x2440 WMPNetworkSvc - ok
22:03:46.0598 0x2440 [ 78CA1FF6FE37EEFAFF99DD1C956AF60A, 883C7890C83BAB3B846A0C969D7B67031BD2EF65FA58A0620DD0CD1655C5B2C5 ] Wof C:\Windows\system32\drivers\Wof.sys
22:03:46.0606 0x2440 Wof - ok
22:03:46.0803 0x2440 [ C7503A49364DB2AF7A7DE177B233081F, 85DC6D8B5631E51FCF395A884F58571A96C8C55C38CA9ABEBD9C75BABAD21E38 ] workfolderssvc C:\Windows\system32\workfolderssvc.dll
22:03:46.0877 0x2440 workfolderssvc - ok
22:03:46.0926 0x2440 [ 388F2A3C771B8BEE76FD1AAF9614D08E, C064EC6136CC20C4EE19C86E91CA071974933BB52C9EF8521DF4AFD060FED4A2 ] wpcfltr C:\Windows\system32\DRIVERS\wpcfltr.sys
22:03:46.0936 0x2440 wpcfltr - ok
22:03:46.0975 0x2440 [ A6FCFE1F691B4A4D266F5D487FADB9FE, 2135D0C13C1295A2F76885E380CD72CB71CEB8E0D9F1C183A35935B27737D423 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
22:03:46.0991 0x2440 WPDBusEnum - ok
22:03:47.0022 0x2440 [ 37DCE976B3935380F2F6E39ABB6BF40D, B14E875F6D6503DF0DB6D9D2363316073AEEF394D830EA2270A0DCDA56E1CEC4 ] WpdUpFltr C:\Windows\system32\drivers\WpdUpFltr.sys
22:03:47.0025 0x2440 WpdUpFltr - ok
22:03:47.0092 0x2440 [ 80F0154FD4293E562D54E97811E03499, EDE920F7F95EFBE542FE3CE066B6F7CDE3B9A37DDF3411DC86EACE9EEF294C1D ] WpnService C:\Windows\system32\WpnService.dll
22:03:47.0118 0x2440 WpnService - ok

22:03:47.0152 0x2440 [ 3CD22DD5A790CF7C24D65455E565EA83, 49DB06DF6F38940E7F8691C16586A78BB20E702FD48A34E50987C06B08BDF4DB ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
22:03:47.0165 0x2440 ws2ifsl - ok
22:03:47.0224 0x2440 [ EBA916109A176714E6A7BD152387F13C, 7B38B1708B83271ADA8D1CEC7F5F0A75C7F2572185C0961EFC749D5DF16A03F0 ] wscsvc C:\Windows\System32\wscsvc.dll
22:03:47.0258 0x2440 wscsvc - ok
22:03:47.0269 0x2440 WSearch - ok
22:03:47.0568 0x2440 [ 1E3F1D2EDDBC4A84326D52253FAF061E, 8C0D0C5F97100B5A4C22E1A43FDF5EEE581B48E7DCE1567BBE2269091A04BD82 ] WSService C:\Windows\System32\WSService.dll
22:03:47.0709 0x2440 WSService - ok
22:03:47.0872 0x2440 [ 4787FD0852F34388200A44CBCFA0CE1E, 0664DDC80C859D109B54AB856D1B323A4AE0C9652CCD43582663B1285D434B1F ] wuauserv C:\Windows\system32\wuaueng.dll
22:03:47.0986 0x2440 wuauserv - ok
22:03:48.0021 0x2440 [ 835F60262E7E310080EA05F6752BF248, 3010B731DF3D52B56EA16FD29B66F5D3AB9412E49CA4C547BAAECA3225C5DC40 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
22:03:48.0027 0x2440 WudfPf - ok
22:03:48.0050 0x2440 [ 4E848DE29E4279C7F25EF5B34ED94FDD, FD7B0673F4CFA6EB66D7212288223419BFFA02EBF1F1D85F155B5397C6FB21E9 ] WUDFRd C:\Windows\System32\drivers\WUDFRd.sys
22:03:48.0060 0x2440 WUDFRd - ok
22:03:48.0103 0x2440 [ 44CF3130AEC8914705487C4AEF756A19, 30B09E32DEC02141F9B99ED012E441056C1663A72E4130EF4221ECC0ED87BF4B ] wudfsvc C:\Windows\System32\WUDFSvc.dll
22:03:48.0114 0x2440 wudfsvc - ok
22:03:48.0130 0x2440 [ 4E848DE29E4279C7F25EF5B34ED94FDD, FD7B0673F4CFA6EB66D7212288223419BFFA02EBF1F1D85F155B5397C6FB21E9 ] WUDFWpdFs C:\Windows\system32\DRIVERS\WUDFRd.sys
22:03:48.0139 0x2440 WUDFWpdFs - ok
22:03:48.0153 0x2440 [ 4E848DE29E4279C7F25EF5B34ED94FDD, FD7B0673F4CFA6EB66D7212288223419BFFA02EBF1F1D85F155B5397C6FB21E9 ] WUDFWpdMtp C:\Windows\system32\DRIVERS\WUDFRd.sys
22:03:48.0162 0x2440 WUDFWpdMtp - ok
22:03:48.0245 0x2440 [ D23F211E1AA0787EFEC373D172D4A1C2, 6CCAB272D121C9946B2CF6B19F50E09946F0187713D54BFBD371B5C017367204 ] WwanSvc C:\Windows\System32\wwansvc.dll
22:03:48.0294 0x2440 WwanSvc - ok
22:03:48.0375 0x2440 [ 9BDC2AFCEF4CF1C630D728DE1DBD495A, 5CE19974380CCEC46C181315B349E9A7CE757E19118EC5978A2293D63268BA66 ] XblAuthManager C:\Windows\System32\XblAuthManager.dll
22:03:48.0414 0x2440 XblAuthManager - ok
22:03:48.0530 0x2440 [ 3EDB6162310EA223890C2DF44C68358B, 12053291809CA9C38A30EA4B2DE7115F535531F0925220C63B0312979F9CC707 ] XblGameSave C:\Windows\System32\XblGameSave.dll
22:03:48.0582 0x2440 XblGameSave - ok
22:03:48.0689 0x2440 [ 30021D1E0407B71E8D5D4F8DAE4E656A, EE2E366A1CC033C068176C7E9F876FFA0EF86A15A482B6964E170DE863CFF542 ] xboxgip C:\Windows\System32\drivers\xboxgip.sys
22:03:48.0710 0x2440 xboxgip - ok
22:03:48.0780 0x2440 [ 729B70C81F207541BC6A4ABAE3A8D594, 31F9BC41169D28B397C0D988C367C32FA9A95289E68AB8F38061DA478752A765 ] XboxNetApiSvc C:\Windows\system32\XboxNetApiSvc.dll
22:03:48.0834 0x2440 XboxNetApiSvc - ok
22:03:48.0854 0x2440 [ 6851673B90D8CB332439E0339F81A6B6, 4E95F1A63E6DD58BB5BD6FC1D9784837D5E6F5BCF870C7ECC92DCA1AF20B6A4C ] xinputhid C:\Windows\System32\drivers\xinputhid.sys
22:03:48.0857 0x2440 xinputhid - ok
22:03:48.0863 0x2440 ================ Scan global ===============================
22:03:48.0934 0x2440 [ 14627B8C27BBD16474846D289AFBD216, ADE75FF9F300B87804C3882C7E3EAA74ED58574EA8A390FF4AA4736B4E091547 ] C:\Windows\system32\basesrv.dll
22:03:49.0035 0x2440 [ 70EC9717DC3A1CDF79C703A145E0E5B7, D5ABF42063DFF799FD4099D8A347256CC79B89582B987B3DEE240AFA5BA421BE ] C:\Windows\system32\winsrv.dll
22:03:49.0090 0x2440 [ F435AFA375ACBAEE44324DD464EDCC11, 815DE470439AE5D96348BEBF971A14FBDCA1D36F31CA0D25F69E5F41817D43D5 ] C:\Windows\system32\sxssrv.dll
22:03:49.0141 0x2440 [ BB3D8E1C108F7244613FF3993291A922, 1642AF23F200D46F54239C3BA743F1D5ADDC6A32D5F6481264D0C1D7F3E9D533 ] C:\Windows\system32\services.exe
22:03:49.0162 0x2440 [ Global ] - ok
22:03:49.0163 0x2440 ================ Scan MBR ==================================
22:03:49.0180 0x2440 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
22:03:49.0216 0x2440 \Device\Harddisk0\DR0 - ok
22:03:49.0218 0x2440 ================ Scan VBR ==================================
22:03:49.0232 0x2440 [ B9F7A9223F6C71F7042A72AC27523B13 ] \Device\Harddisk0\DR0\Partition1
22:03:49.0287 0x2440 \Device\Harddisk0\DR0\Partition1 - ok
22:03:49.0303 0x2440 [ 29E7C40C43DC9D4D0AB2972A4D7C833D ] \Device\Harddisk0\DR0\Partition2
22:03:49.0303 0x2440 \Device\Harddisk0\DR0\Partition2 - ok
22:03:49.0327 0x2440 [ C5B4B9153D6595F6C8D559D11F5D0F40 ] \Device\Harddisk0\DR0\Partition3
22:03:49.0412 0x2440 \Device\Harddisk0\DR0\Partition3 - ok
22:03:49.0470 0x2440 [ 6112199CC38372D4C4167FA65752608D ] \Device\Harddisk0\DR0\Partition4
22:03:49.0474 0x2440 \Device\Harddisk0\DR0\Partition4 - ok
22:03:49.0475 0x2440 ================ Scan generic autorun ======================
22:03:50.0435 0x2440 [ 08D9600B273D85C4CC5E4D6116E1941A, CB6A3010873F1707165B0EC74BEBB8F39F4E06530319EF509ACB58D497E8F7AE ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
22:03:51.0023 0x2440 RTHDVCPL - ok
22:03:51.0091 0x2440 [ C91635CC2BF215F9D7A5A7FC2E385D1D, A77AC38D3ACF7C199C0C8A3DB5EF9610FF0E8ED68D6F5E08C75771D5A3659EEB ] C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
22:03:51.0096 0x2440 abDocsDllLoader - ok
22:03:51.0298 0x2440 [ DF8DBBD8F5342C7BA598C606602B6352, FAF603820007A97898A56E62423B137E743A8A9CED0099532514E2F15BAAE334 ] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
22:03:51.0317 0x2440 isa - ok
22:03:51.0872 0x2440 [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
22:03:52.0240 0x2440 OneDriveSetup - ok
22:03:52.0648 0x2440 [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
22:03:52.0899 0x2440 OneDriveSetup - ok
22:03:53.0178 0x2440 [ 0DAE22CD426F3B569124E1DD0046B379, F07BA910E3900B26FE3F2247B089418E95B4EFAA8CAD0D27241DEDB55F77BEE9 ] C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
22:03:53.0287 0x2440 AcerPortal - ok
22:03:53.0490 0x2440 [ 8F2EA5EE0695CCE2285D92C44108375C, 2C96A8E7E41E87C27B6A3325526F99A03333357EF2682C17A4892BE4A58D157E ] C:\Users\Nina\AppData\Local\Microsoft\OneDrive\OneDrive.exe
22:03:53.0511 0x2440 OneDrive - ok
22:03:53.0728 0x2440 [ B617C834C25EAE2E770F990AC32F5064, E2D3A4DBD19314032B60FDF0D8C7A94AE297AFE0AE05AF2E7A19952AFB30E8C1 ] C:\ProgramData\eia232-80\eia232-29.exe
22:03:53.0752 0x2440 eia232-89 - ok
22:03:53.0848 0x2440 [ DC52861C2024F7F1E8D32F6B0AF7BCD1, A7B93AFD4858F082A6278141549550D0E6A48C84242BF2D9814286469676DB5D ] C:\Users\Nina\AppData\Roaming\hsdpa-2\hsdpa-7.exe
22:03:53.0892 0x2440 hsdpa-1 - ok
22:03:54.0001 0x2440 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.10240.16384 ), 0x60100 ( disabled : updated )
22:03:54.0037 0x2440 AV detected via SS2: McAfee Anti-Virus und Anti-Spyware, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 14.0.0.0 ), 0x51000 ( enabled : updated )
22:03:54.0041 0x2440 FW detected via SS2: McAfee Firewall, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 14.0.0.0 ), 0x51010 ( enabled )
22:03:54.0043 0x2440 ============================================================
22:03:54.0043 0x2440 Scan finished
22:03:54.0043 0x2440 ============================================================
22:03:54.0065 0x0b98 Detected object count: 0
22:03:54.0065 0x0b98 Actual detected object count: 0
22:24:24.0080 0x1068 Deinitialize success

deeprybka · 02.06.2016, 21:38

Keine Funde, weil nicht nach der Anleitung ausgeführt...

Probieren wir es mal so, ansonsten machen wir es morgen über Teamviewer...

Schritt 1

Drücke bitte die

+ R Taste und schreibe notepad in das Ausführen Fenster.
Klicke auf OK und kopiere nun den Text aus der Codebox in das leere Textdokument:

Code:

ATTFilter

CloseProcesses:
HKU\S-1-5-21-2042935925-1608211190-3008143175-1001\...\Run: [eia232-89] => C:\ProgramData\eia232-80\eia232-29.exe [656896 2016-06-02] (the VideoLAN Team)
HKU\S-1-5-21-2042935925-1608211190-3008143175-1001\...\RunOnce: [hsdpa-1] => C:\Users\Nina\AppData\Roaming\hsdpa-2\hsdpa-7.exe [494080 2016-06-02] ()
HKU\S-1-5-21-2042935925-1608211190-3008143175-1001\...\Winlogon: [Shell] C:\ProgramData\lithium-7\lithium-81.exe -43,explorer.exe 
Startup: C:\Users\Nina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\centroid-7.lnk [2016-06-02]
ShortcutTarget: centroid-7.lnk -> C:\Users\Nina\AppData\Roaming\centroid-61\centroid-81.exe (XemiComputers ltd.)
C:\Users\Nina\AppData\Roaming\centroid-61
C:\ProgramData\lithium-7\
C:\Users\Nina\AppData\Roaming\hsdpa-2
C:\ProgramData\eia232-80\

Speichere dieses bitte als Fixlist.txt in das Verzeichnis ab, in dem sich auch die FRST-Anwendung befindet.

Starte FRST und drücke auf den Entfernen-Button.
Das Tool erstellt eine "Fixlog.txt" -Datei.
Poste mir bitte deren Inhalt.

Nach dem Reboot:

Schritt 2

Bitte starte FRST erneut, und drücke auf Untersuchen.
Bitte poste mir den Inhalt des Logs.

Rose1982 · 02.06.2016, 21:50

Sorry, ich krieg das glaub ich alleine nicht hin. Wie geht das denn dann über den TeamViewer?

deeprybka · 02.06.2016, 21:53

Siehe PN

02.06.2016, 21:53	#10
deeprybka /// TB-Ausbilder /// Anleitungs-Guru	Zip-datei DirectPay Siehe PN __________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Zip-datei DirectPay

Log-Analyse und Auswertung: Zip-datei DirectPay