Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Chrome öffnet Werbefenster vermutlich cloudfront

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 29.01.2017, 01:03   #1
karstellos
 
Chrome öffnet Werbefenster vermutlich cloudfront - Standard

Chrome öffnet Werbefenster vermutlich cloudfront



Hallo,

ich habe wie oben geschrieben das Problem, dass nach Installieren einer Chip Software etwas mitinstalliert hat, wodurch Werbefenster geöffnet werden. Ich habe cloudfront und reimageplus ausgemacht.

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 28.01.2017
Suchlaufzeit: 23:28
Protokolldatei: mamb.txt
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2017.01.28.10
Rootkit-Datenbank: v2016.11.20.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Manfred G

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 457770
Abgelaufene Zeit: 1 Std., 4 Min., 55 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 4
PUP.Optional.DownloadSponsor, C:\Users\Manfred G\AppData\Local\Temp\DMR\dmr_72.exe, , [86c46b16b4f4f73f125a37a12ed2bb45], 
PUP.Optional.SysTweak, C:\Users\Karsten\Downloads\radarsync.exe, , [5deddfa2e6c2cc6a2b3477d88a761fe1], 
PUP.Optional.OpenCandy, C:\Users\Karsten\Downloads\SetupImgBurn_2.5.8.0.exe, , [6bdf89f82781b97d5dff25e18a7a55ab], 
PUP.Optional.Reimage, C:\Users\Manfred G\Downloads\ReimageRepair.exe, , [dc6e8bf6307800365052f463659be41c], 

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 28-01-2017 01
durchgeführt von Manfred G (Administrator) auf MANFRED-LAPTOP (29-01-2017 00:42:29)
Gestartet von C:\Users\Manfred G\Downloads
Geladene Profile: Manfred G & UpdatusUser (Verfügbare Profile: Manfred G & UpdatusUser & Karsten)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: IE)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\VirusScan Enterprise\mfeann.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\Common Framework\naPrdMgr.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Spotify Ltd) C:\Users\Manfred G\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dolby Laboratories Inc.) C:\DOLBY PCEE4\pcee4.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\Common Framework\UdaterUI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\Common Framework\McTray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\VirusScan Enterprise\shstat.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [IntelPAN] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-05-02] (Intel(R) Corporation)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2589992 2011-04-05] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe [499304 2011-03-28] (Acer Incorporated)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [377640 2009-05-15] (Acronis)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-11-01] (Apple Inc.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-06-21] (Egis Technology Inc.)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-04-24] (NTI Corporation)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc.)
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Dolby PCEE4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [ArcadeMovieService] => C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [177448 2011-08-26] (CyberLink Corp.)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [4393112 2009-05-15] (Acronis)
HKLM-x32\...\Run: [AcronisTimounterMonitor] => C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe [962640 2009-05-15] (Acronis)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2016-10-05] (Apple Inc.)
HKLM-x32\...\Run: [McAfeeUpdaterUI] => C:\Program Files (x86)\McAfee\Common Framework\udaterui.exe [161088 2011-01-12] (McAfee, Inc.)
HKLM-x32\...\Run: [ShStatEXE] => C:\Program Files (x86)\McAfee\VirusScan Enterprise\SHSTAT.EXE [215360 2011-01-12] (McAfee, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-3921616589-2122781770-2851317462-1000\...\Run: [Spotify Web Helper] => C:\Users\Manfred G\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1524848 2016-03-07] (Spotify Ltd)
HKU\S-1-5-21-3921616589-2122781770-2851317462-1004\...\RunOnce: [ScrSav] => C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162408 2011-09-13] ()
HKU\S-1-5-21-3921616589-2122781770-2851317462-1004\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Acer.scr [450048 2011-09-13] ()
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer VCM.lnk [2011-09-06]
ShortcutTarget: Acer VCM.lnk -> C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2011-11-22]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{4BD03B0F-C581-472F-88E5-730EA1A3C3FC}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{DB06B308-87FA-405A-8FC7-7067AF443E88}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3921616589-2122781770-2851317462-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.gmx.net/
HKU\S-1-5-21-3921616589-2122781770-2851317462-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3921616589-2122781770-2851317462-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3921616589-2122781770-2851317462-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20131003183756.dll [2013-10-03] (McAfee, Inc.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-02-25] (Eyeo GmbH)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20131003183756.dll [2013-10-03] (McAfee, Inc.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-02-25] (Eyeo GmbH)

FireFox:
========
FF ProfilePath: C:\Users\Manfred G\AppData\Roaming\TomTom\HOME\Profiles\1t30w7lu.default [2015-05-14]
FF Extension: (Map status indicator) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [2015-05-14] [ist nicht signiert]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-06-26] (Adobe Systems Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Manfred G\AppData\Local\Google\Chrome\User Data\Default [2017-01-29]
CHR Extension: (Google Präsentationen) - C:\Users\Manfred G\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-19]
CHR Extension: (Google Docs) - C:\Users\Manfred G\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-19]
CHR Extension: (Google Drive) - C:\Users\Manfred G\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-25]
CHR Extension: (YouTube) - C:\Users\Manfred G\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27]
CHR Extension: (Adblock Plus) - C:\Users\Manfred G\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-11-11]
CHR Extension: (Google-Suche) - C:\Users\Manfred G\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-03-25]
CHR Extension: (Google Tabellen) - C:\Users\Manfred G\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-19]
CHR Extension: (Google Docs Offline) - C:\Users\Manfred G\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-13]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Manfred G\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-19]
CHR Extension: (Google Mail) - C:\Users\Manfred G\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-19]
CHR Extension: (Chrome Media Router) - C:\Users\Manfred G\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-17]

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 ePowerSvc; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [799848 2011-03-28] (Acer Incorporated)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
R2 EPSON_PM_RPCV4_06; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [152640 2013-04-15] (SEIKO EPSON CORPORATION)
R2 McAfeeFramework; C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe [120128 2011-01-12] (McAfee, Inc.)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [190256 2013-10-03] (McAfee, Inc.)
R2 McTaskManager; C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe [209760 2011-01-12] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [156248 2013-10-03] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-05-02] ()
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation)
R2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [260640 2010-01-30] (Acer Incorporated)
S3 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [651776 2009-09-17] (Nokia) [Datei ist nicht signiert]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 BTWDPAN; C:\Windows\System32\DRIVERS\btwdpan.sys [89640 2011-08-30] (Broadcom Corporation.)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [153952 2013-10-03] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [217696 2013-10-03] (McAfee, Inc.)
U3 mfeavfk01; kein ImagePath
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [607152 2013-10-03] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [97960 2013-10-03] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [281544 2013-10-03] (McAfee, Inc.)
R0 tdrpman228; C:\Windows\System32\DRIVERS\tdrpm228.sys [1462304 2012-01-21] (Acronis)
R3 WinDriver6; C:\Windows\System32\drivers\windrvr6.sys [268800 2014-01-28] (Jungo Connectivity)
S3 nmwcd; system32\drivers\ccdcmbx64.sys [X]
S3 nmwcdc; system32\drivers\ccdcmbox64.sys [X]
S3 upperdev; system32\DRIVERS\usbser_lowerfltx64.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-01-29 00:42 - 2017-01-29 00:45 - 00020772 _____ C:\Users\Manfred G\Downloads\FRST.txt
2017-01-29 00:34 - 2017-01-29 00:34 - 00001664 _____ C:\Users\Manfred G\Desktop\mamb.txt
2017-01-28 23:53 - 2017-01-29 00:42 - 00000000 ____D C:\FRST
2017-01-28 23:25 - 2017-01-28 23:25 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-01-28 23:22 - 2017-01-28 23:22 - 00001070 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2017-01-28 23:22 - 2017-01-28 23:22 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-01-28 23:22 - 2017-01-28 23:22 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2017-01-28 23:22 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2017-01-28 23:22 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2017-01-28 23:22 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-01-28 23:19 - 2017-01-28 23:19 - 22851472 _____ (Malwarebytes ) C:\Users\Manfred G\Downloads\mbam-setup-2.2.1.1043.exe
2017-01-28 23:14 - 2017-01-28 23:14 - 02420736 _____ (Farbar) C:\Users\Manfred G\Downloads\FRST64.exe
2017-01-28 23:09 - 2017-01-28 23:09 - 01762816 _____ (Farbar) C:\Users\Manfred G\Downloads\FRST.exe
2017-01-26 16:12 - 2017-01-26 17:16 - 01333343 _____ C:\Users\Manfred G\Documents\Wohnzimmerplanung.sh3d
2017-01-26 15:52 - 2017-01-26 15:52 - 00000000 ____D C:\Users\Manfred G\eTeks
2017-01-26 15:42 - 2017-01-26 15:42 - 00000938 _____ C:\Users\Manfred G\Desktop\Sweet Home 3D.lnk
2017-01-26 15:42 - 2017-01-26 15:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eTeks Sweet Home 3D
2017-01-26 15:41 - 2017-01-26 15:42 - 00000000 ____D C:\Program Files\Sweet Home 3D
2017-01-26 15:37 - 2017-01-26 15:37 - 01496584 _____ C:\Users\Manfred G\Downloads\Sweet Home 3D - CHIP-Installer.exe
2017-01-25 15:59 - 2017-01-25 15:59 - 00965154 _____ C:\Users\Manfred G\Downloads\v_schwb_aenderungsantrag.pdf
2017-01-24 11:46 - 2017-01-24 11:46 - 00023605 _____ C:\Users\Manfred G\Downloads\DEI0000464652 (1).pdf
2017-01-24 11:44 - 2017-01-24 11:44 - 00023605 _____ C:\Users\Manfred G\Downloads\DEI0000464652.pdf
2017-01-14 23:03 - 2017-01-14 23:07 - 00010783 _____ C:\Users\Manfred G\Documents\Passwortverwaltung 14.1.2017.xlsx
2017-01-14 21:11 - 2017-01-14 21:11 - 00270518 _____ C:\Users\Manfred G\Downloads\Extra_Konto_5547402805_Kontoauszug_20170105.pdf
2017-01-14 21:06 - 2017-01-14 21:06 - 00071799 _____ C:\Users\Manfred G\Downloads\Steuerbescheinigung-2016.pdf
2017-01-14 20:56 - 2017-01-14 20:56 - 00009941 _____ C:\Users\Manfred G\Documents\Auslieferung 2017.xlsx
2017-01-13 22:45 - 2017-01-13 22:45 - 00612570 _____ C:\Users\Manfred G\Downloads\Gehaltstarifvertrag.pdf
2017-01-13 22:45 - 2017-01-13 22:45 - 00612570 _____ C:\Users\Manfred G\Downloads\Gehaltstarifvertrag (1).pdf
2017-01-12 22:52 - 2017-01-12 22:52 - 00209745 _____ C:\Users\Manfred G\Downloads\Kontoauszug-1501214371-2017-01.pdf
2017-01-12 22:52 - 2017-01-12 22:52 - 00205682 _____ C:\Users\Manfred G\Downloads\Kontoauszug-1509790885-2017-01.pdf
2017-01-10 19:43 - 2017-01-05 19:55 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-01-10 19:43 - 2017-01-05 19:55 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-01-10 19:43 - 2017-01-05 19:52 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-01-10 19:43 - 2017-01-05 19:52 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-01-10 19:43 - 2017-01-05 19:52 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-01-10 19:43 - 2017-01-05 19:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-01-10 19:43 - 2017-01-05 19:52 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-01-10 19:43 - 2017-01-05 19:52 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-01-10 19:43 - 2017-01-05 19:52 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-01-10 19:43 - 2017-01-05 19:52 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-01-10 19:43 - 2017-01-05 19:52 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-01-10 19:43 - 2017-01-05 19:52 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-01-10 19:43 - 2017-01-05 19:52 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-01-10 19:43 - 2017-01-05 19:52 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-01-10 19:43 - 2017-01-05 19:52 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-01-10 19:43 - 2017-01-05 19:52 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-01-10 19:43 - 2017-01-05 19:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-01-10 19:43 - 2017-01-05 19:52 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-01-10 19:43 - 2017-01-05 19:52 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-01-10 19:43 - 2017-01-05 19:52 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-01-10 19:43 - 2017-01-05 19:52 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-01-10 19:43 - 2017-01-05 18:43 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-01-10 19:43 - 2017-01-05 18:43 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-01-10 19:43 - 2017-01-05 18:43 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-01-10 19:43 - 2017-01-05 18:43 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-01-10 19:43 - 2017-01-05 18:43 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-01-10 19:43 - 2017-01-05 18:43 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-01-10 19:43 - 2017-01-05 18:43 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-01-10 19:43 - 2017-01-05 18:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-01-10 19:43 - 2017-01-05 18:43 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-01-10 19:43 - 2017-01-05 18:43 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-01-10 19:43 - 2017-01-05 18:43 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-01-10 19:43 - 2017-01-05 18:43 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-01-10 19:43 - 2017-01-05 18:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-01-10 19:43 - 2017-01-05 18:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-01-10 19:43 - 2017-01-05 18:43 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-01-10 19:43 - 2017-01-05 18:42 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-01-10 19:43 - 2017-01-05 18:32 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-01-10 19:43 - 2017-01-05 18:25 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-01-10 19:43 - 2017-01-05 18:24 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-01-10 19:43 - 2017-01-05 18:24 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-01-10 19:43 - 2017-01-05 18:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-01-10 19:43 - 2017-01-05 18:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-01-10 19:43 - 2017-01-05 18:19 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-01-29 00:38 - 2012-01-19 18:14 - 00000000 ____D C:\ProgramData\clear.fi
2017-01-29 00:37 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-01-29 00:37 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2017-01-29 00:18 - 2014-01-14 20:18 - 00000911 _____ C:\Windows\Tasks\EPSON XP-215 217 Series Update {9F247DB0-7006-49DA-AD93-9D99068E0F1A}.job
2017-01-29 00:18 - 2014-01-14 20:18 - 00000725 _____ C:\Windows\Tasks\EPSON XP-215 217 Series Invitation {9F247DB0-7006-49DA-AD93-9D99068E0F1A}.job
2017-01-28 23:52 - 2013-03-31 20:16 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-01-28 22:31 - 2009-07-14 05:45 - 00024400 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-01-28 22:31 - 2009-07-14 05:45 - 00024400 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-01-28 13:42 - 2015-02-26 20:59 - 00000000 ____D C:\Users\Manfred G\AppData\LocalLow\Adblock Plus for IE
2017-01-27 11:10 - 2013-03-31 20:16 - 00000000 ____D C:\Windows\system32\Macromed
2017-01-26 15:52 - 2012-01-19 18:05 - 00000000 ____D C:\Users\Manfred G
2017-01-24 20:31 - 2013-03-16 21:48 - 00000000 ____D C:\Users\UpdatusUser
2017-01-24 18:14 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2017-01-14 20:42 - 2013-01-02 22:37 - 00023979 _____ C:\Users\Manfred G\Documents\Provision 2017.xlsx
2017-01-14 20:09 - 2012-01-25 21:40 - 00000000 ____D C:\Users\Manfred G\Documents\OneNote-Notizbücher
2017-01-14 20:08 - 2014-01-09 19:32 - 00000000 ____D C:\Users\Manfred G\Documents\Bank-ING-DiBa
2017-01-12 19:52 - 2013-03-31 20:16 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-01-12 19:52 - 2013-03-31 20:16 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-01-12 19:52 - 2011-09-06 08:32 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-01-12 19:52 - 2011-09-06 08:32 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-01-11 14:13 - 2013-08-05 21:23 - 00000000 ____D C:\Windows\system32\MRT
2017-01-11 14:06 - 2012-01-22 00:54 - 135657872 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-01-07 23:41 - 2012-08-10 22:03 - 00000000 ____D C:\Users\Manfred G\AppData\Roaming\Skype
2017-01-02 20:16 - 2012-02-06 22:15 - 00000000 ____D C:\Users\Manfred G\Documents\Telefonrechnungen

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-07-19 12:49 - 2014-07-19 12:50 - 0008704 ___SH () C:\Users\Manfred G\AppData\Roaming\Thumbs.db
2013-01-13 17:33 - 2013-01-13 17:33 - 0033134 _____ () C:\Users\Manfred G\AppData\Roaming\UserTile.png
2012-01-19 18:28 - 2012-01-19 18:28 - 0001526 _____ () C:\Users\Manfred G\AppData\Local\PDLSetup.20120119.182825.txt
2015-01-29 17:17 - 2015-01-29 17:17 - 0000000 _____ () C:\Users\Manfred G\AppData\Local\{D8B72E42-AFDC-43AC-B2A7-988F44429B5E}
2011-11-22 03:55 - 2011-11-22 03:58 - 0015230 _____ () C:\ProgramData\ArcadeDeluxe5.log

Einige Dateien in TEMP:
====================
2015-10-17 16:19 - 2015-10-17 16:19 - 36403960 _____ (AppWork GmbH) C:\Users\Karsten\AppData\Local\Temp\13089568753813370998.exe
2015-10-17 16:19 - 2015-10-17 16:19 - 0079736 _____ (AppWork GmbH) C:\Users\Karsten\AppData\Local\Temp\JDSetup130895687492763012.exe
2015-10-17 16:25 - 2015-10-17 16:25 - 0040448 ____N () C:\Users\Karsten\AppData\Local\Temp\proxy_vole2424655815273323973.dll
2015-10-17 16:20 - 2015-10-17 16:20 - 0040448 ____N () C:\Users\Karsten\AppData\Local\Temp\proxy_vole3647123271954594509.dll
2012-02-23 22:39 - 2012-02-23 22:39 - 0001536 _____ () C:\Users\Manfred G\AppData\Local\Temp\NEventMessages.dll
2006-10-31 00:00 - 2006-10-31 00:00 - 0145184 ____R (Microsoft Corporation) C:\Users\Manfred G\AppData\Local\Temp\ose00000.exe
2006-10-31 00:00 - 2006-10-31 00:00 - 0145184 ____R (Microsoft Corporation) C:\Users\Manfred G\AppData\Local\Temp\ose00001.exe
2006-10-31 00:00 - 2006-10-31 00:00 - 0145184 ____R (Microsoft Corporation) C:\Users\Manfred G\AppData\Local\Temp\ose00002.exe
2006-10-31 00:00 - 2006-10-31 00:00 - 0145184 ____R (Microsoft Corporation) C:\Users\Manfred G\AppData\Local\Temp\ose00003.exe
2013-07-15 21:17 - 2014-09-16 20:18 - 36005480 _____ (Skype Technologies S.A.) C:\Users\Manfred G\AppData\Local\Temp\SkypeSetup.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-01-24 18:06

==================== Ende von FRST.txt ============================
         

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 28-01-2017 01
durchgeführt von Manfred G (29-01-2017 00:46:10)
Gestartet von C:\Users\Manfred G\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2012-01-19 17:05:25)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3921616589-2122781770-2851317462-500 - Administrator - Disabled)
Gast (S-1-5-21-3921616589-2122781770-2851317462-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3921616589-2122781770-2851317462-1003 - Limited - Enabled)
Karsten (S-1-5-21-3921616589-2122781770-2851317462-1005 - Administrator - Enabled) => C:\Users\Karsten
Manfred G (S-1-5-21-3921616589-2122781770-2851317462-1000 - Administrator - Enabled) => C:\Users\Manfred G
UpdatusUser (S-1-5-21-3921616589-2122781770-2851317462-1004 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: McAfee VirusScan Enterprise (Enabled - Up to date) {86355677-4064-3EA7-ABB3-1B136EB04637}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee VirusScan Enterprise Antispyware Module (Enabled - Up to date) {3D54B793-665E-3129-9103-206115370C8A}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Acer Backup Manager (HKLM-x32\...\InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.99 - NTI Corporation)
Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1904 - CyberLink Corp.)
Acer Crystal Eye Webcam (x32 Version: 1.0.1904 - CyberLink Corp.) Hidden
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3504 - Acer Incorporated)
Acer PowerSmart Manager (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.01.3002 - Acer Incorporated)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.04.3503 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 20.11.0921.1957 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3500 - Acer Incorporated)
Acer USB Charge Manager (HKLM-x32\...\{F53A49E6-9FB1-4A5A-B1D9-82BA116196B7}) (Version: 1.00.3001 - Acer Incorporated)
Acer VCM (HKLM-x32\...\{047F790A-7A2A-4B6A-AD02-38092BA63DAC}) (Version: 4.05.3501 - Acer Incorporated)
AcronisÂ*TrueÂ*ImageÂ*Home (HKLM-x32\...\{D1E0E859-F46D-4708-A41D-ED90C0C1822A}) (Version: 12.0.9769.15 - Acronis)
Adblock Plus für IE (32-Bit- und 64-Bit) (HKLM\...\{C27EF409-FB69-451F-B996-DC853C25FCA2}) (Version: 1.4 - Eyeo GmbH)
Adobe Flash Player 24 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Adobe Reader X (10.1.15) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.15 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{F2871C89-C8A5-42EE-8D45-0F02506385A6}) (Version: 5.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{9BC93467-75D1-4AA4-BD58-D9C51D88DFAB}) (Version: 5.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Aquamarin Haushaltsbuch 2.9.2 b (HKLM-x32\...\{1E517C0C-8542-4F8C-DA23-98BCA13CD1F4}_is1) (Version:  - makasy.com)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.36 - Atheros Communications Inc.)
Atmel ARM GNU Toolchain (HKLM-x32\...\{736745FA-6A66-4654-9397-1321B2B4D196}) (Version: 4.8.1443 - Atmel)
Atmel AVR (32 bit) GNU Toolchain (HKLM-x32\...\{C342B5D0-D95A-4B39-9262-2CC3CE3F39B2}) (Version: 3.4.1067 - Atmel)
Atmel AVR (8 bit) GNU Toolchain (HKLM-x32\...\{6E3D61B8-F3EC-462D-91F9-49D03A97053E}) (Version: 3.4.1061 - Atmel)
Atmel Driver Files (x32 Version: 7.0.928 - Atmel Corporation) Hidden
Atmel Jungo USB Driver (x32 Version: 7.0.120 - Atmel) Hidden
Atmel Kits (HKLM-x32\...\{3C85CFF3-91DE-4520-B836-5F4C2F247FF5}) (Version: 6.2.338 - Atmel)
Atmel LibUSB0 Driver (x32 Version: 7.0.73 - Atmel) Hidden
Atmel Segger USB Drivers (497f) (x32 Version: 7.0.140 - Atmel) Hidden
Atmel Studio 6.2 (HKLM-x32\...\{C179E170-07D6-4D8D-A34D-FDB3FCC79FEC}) (Version: 6.2.1563 - Atmel)
Atmel Studio Backend (HKLM-x32\...\{1B2C7C63-4659-49A1-8BC9-F845FE0F0D35}) (Version: 1.12.4144 - Atmel Corporation)
Atmel Studio Memory Logger (HKLM-x32\...\{053538A7-0B52-4CA9-9728-D506BFAA42BD}) (Version: 6.2.171 - Atmel)
Atmel USB Driver Package (HKLM-x32\...\{88a482c9-18e3-43d5-b426-3d1cdf85b391}) (Version: 7.0.666 - Atmel)
Atmel WinUSB (x32 Version: 6.2.30 - Atmel) Hidden
AtmelSoftwareFramework (HKLM-x32\...\{35BD89A1-47F3-4E42-B393-B8DB123F5215}) (Version: 3.21.0.1310 - Atmel)
AVR macro Assembler (HKLM-x32\...\{251D9F73-6297-4941-9016-EA787F708FDF}) (Version: 2.1.1175 - Atmel)
Backup Manager V3 (x32 Version: 3.0.0.99 - NTI Corporation) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
clear.fi (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 1.0.2024.00 - CyberLink Corp.)
clear.fi (x32 Version: 1.0.1517_36458 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 1.0.2024.00 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 9.0.8026 - CyberLink Corp.) Hidden
clear.fi Client (HKLM-x32\...\{43AAE145-83CF-4C96-9A5E-756CEFCE879F}) (Version: 1.00.3500 - Acer Incorporated)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.17.51 - Conexant)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON XP-215 217 Series Printer Uninstall (HKLM\...\EPSON XP-215 217 Series) (Version:  - SEIKO EPSON Corporation)
Epson-Handbücher (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.0.0.0 - SEIKO EPSON CORPORATION)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
ETDWare PS/2-X64 8.0.6.3_WHQL (HKLM\...\Elantech) (Version: 8.0.6.3 - ELAN Microelectronic Corp.)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GalerÃ*a fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogrÃ*fica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated)
Intel PROSet Wireless (x32 Version:  - ) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2418 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{3C41721F-AF0F-4086-AA1C-4C7F29076228}) (Version: 14.01.1000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.6.0.1002 - Intel Corporation)
Intel(R) WiDi (HKLM-x32\...\{781A93CD-1608-427D-B7F0-D05C07795B25}) (Version: 2.1.41.0 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version:  - )
iTunes (HKLM\...\{554C62C7-E6BB-40F1-892B-F0AE02D3C135}) (Version: 12.5.3.17 - Apple Inc.)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.7 - Acer Inc.)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
McAfee Agent (HKLM-x32\...\{2AAB21C2-4CDA-4189-A0EC-5ED666113F84}) (Version: 4.5.0.1810 - McAfee, Inc.)
McAfee VirusScan Enterprise (HKLM-x32\...\{CE15D1B6-19B6-4D4D-8F43-CF5D2C3356FF}) (Version: 8.8.00000 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{4E968D9C-21A7-4915-B698-F7AEB913541D}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{2A2F3AE8-246A-4252-BB26-1BEB45627074}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.30319 (HKLM-x32\...\{6A86554B-8928-30E4-A53C-D7337689134D}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Shell (Isolated) - ENU (HKLM-x32\...\{D64B6984-242F-32BC-B008-752806E5FC44}) (Version: 10.0.30319 - Microsoft Corporation)
MoneyManagerEX 0.9.9.0 (HKLM-x32\...\{2C48DC11-E113-4912-8AFC-366D1918101E}_is1) (Version: 0.9.9.0 - CodeLathe, LLC)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyWinLocker (Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.18 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.18 - Egis Technology Inc.) Hidden
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.9002 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.9002 - NTI Corporation) Hidden
NVIDIA Grafiktreiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}) (Version: 9.10.0514 - NVIDIA Corporation)
NVIDIA Update 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation)
PC Connectivity Solution (HKLM-x32\...\{9D6B740F-D9A2-45A6-BDC4-0A453D499FE6}) (Version: 9.39.0.0 - Nokia)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.85 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.34.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.34.0 - Renesas Electronics Corporation) Hidden
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Skype™ 7.17 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.105 - Skype Technologies S.A.)
Software Updater (HKLM-x32\...\{A3B308B9-BE96-4334-816F-3D82B19A7DE2}) (Version: 4.1.7 - SEIKO EPSON CORPORATION)
Spotify (HKU\S-1-5-21-3921616589-2122781770-2851317462-1000\...\Spotify) (Version: 1.0.24.104.g92a22684 - Spotify AB)
Sweet Home 3D version 5.3 (HKLM\...\Sweet Home 3D_is1) (Version: 5.3 - eTeks)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.29480 - TeamViewer)
TomTom HOME (HKLM-x32\...\{0E09BE17-EDEA-42CA-8974-42A587F51510}) (Version: 2.9.8 - Ihr Firmenname)
TomTom HOME (HKLM-x32\...\{7A2BB1C8-903D-4585-9F3B-CADD67D07D37}) (Version: 2.9.8 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WIDCOMM Bluetooth Software (HKLM\...\{6E7F4CA3-B2DE-413C-A7A1-43AA5BE19EA1}) (Version: 6.5.0.2200 - Broadcom Corporation)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמו×*ות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {094AFE37-6048-44D2-BC6E-E86C3260E7BC} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2011-03-29] (Egis Technology Inc.)
Task: {2F28EFE9-7F6B-4067-B83D-FCB332D4AE07} - System32\Tasks\EPSON XP-215 217 Series Update {9F247DB0-7006-49DA-AD93-9D99068E0F1A} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {35C1DE87-6809-4DFE-9E64-4AC2A02EA920} - System32\Tasks\DMREngine => C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [2011-08-24] (CyberLink)
Task: {389D776A-B28B-430D-A0AC-1B236A244744} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {42251CB3-C518-4611-B947-FC6302F22357} - System32\Tasks\EPSON XP-215 217 Series Invitation {9F247DB0-7006-49DA-AD93-9D99068E0F1A} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {584D647F-4341-450B-ABFC-DE31214B6C3A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {658BC063-8439-4CFA-93B8-0F5974DBE83B} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2011-03-29] (Egis Technology Inc.)
Task: {7C4289BD-7F6F-47A7-ABFE-0A8F2511EC1A} - System32\Tasks\clear.fi => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [2011-08-24] (Acer Incorporated)
Task: {8F47ED39-A584-42AD-BFBE-DD1DC8D59C43} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {C5314810-7CCA-4C94-A77F-C75B445F9BF6} - System32\Tasks\{D388CCD6-91BD-4E86-B489-6CF4224EB645} => pcalua.exe -a F:\SETUP.EXE -d F:\
Task: {C8307B04-E4F7-4777-AC48-BB008A679F9F} - System32\Tasks\clear.fiAgent => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [2011-08-24] (CyberLink Corp.)
Task: {EA1DB5DF-4D1C-42A7-B2A6-1DFBA1F2693B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-12] (Adobe Systems Incorporated)
Task: {F8A8E6CE-B2E9-4C8F-A117-CE0C63E20062} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\EPSON XP-215 217 Series Invitation {9F247DB0-7006-49DA-AD93-9D99068E0F1A}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE
Task: C:\Windows\Tasks\EPSON XP-215 217 Series Update {9F247DB0-7006-49DA-AD93-9D99068E0F1A}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE :/EXE:{9F247DB0-7006-49DA-AD93-9D99068E0F1A} /F:Update  SYSTEM ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2011-05-02 13:41 - 2011-05-02 13:41 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2013-03-16 21:47 - 2013-08-29 23:43 - 00097568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-09-01 17:12 - 2016-09-01 17:12 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-10-05 18:17 - 2016-10-05 18:17 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-05 01:36 - 2013-09-05 01:36 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2011-06-22 04:36 - 2011-06-10 18:36 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-05-02 13:41 - 2011-05-02 13:41 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2007-04-18 18:30 - 2007-04-18 18:30 - 00393216 _____ () C:\Program Files (x86)\McAfee\Common Framework\cryptocme2.dll
2007-04-18 18:30 - 2007-04-18 18:30 - 00471040 _____ () C:\Program Files (x86)\McAfee\Common Framework\ccme_base.dll
2011-01-12 15:05 - 2011-01-12 15:05 - 00065536 _____ () C:\Program Files (x86)\McAfee\Common Framework\boost_thread-vc80-mt-1_32.dll
2011-01-12 19:46 - 2011-01-12 19:46 - 00150032 _____ () C:\Program Files (x86)\McAfee\VirusScan Enterprise\WscAv.dll
2011-04-24 02:29 - 2011-04-24 02:29 - 00465640 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2011-04-24 02:29 - 2011-04-24 02:29 - 01081664 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2011-04-24 02:29 - 2011-04-24 02:29 - 00125760 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2011-08-24 18:03 - 2011-08-24 18:03 - 00206216 _____ () C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll
2011-09-06 07:50 - 2011-05-20 18:05 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2016-12-15 19:45 - 2016-12-08 08:29 - 01829208 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll
2016-12-15 19:45 - 2016-12-08 08:29 - 00085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3921616589-2122781770-2851317462-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Manfred G\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{83026738-D136-4370-9498-D1224EEB7BD8}] => C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{EBF09B2B-E26A-431E-99E4-BA58AD43F81C}] => C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{880A1959-662D-4A71-BD28-BD5747D2AC7A}] => C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{55C86C9F-B790-4CC2-9433-AA6ED98668F8}] => C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{CA106C9B-CA8E-4085-9884-905234800FC2}] => LPort=2869
FirewallRules: [{26DF612B-72CD-442E-95EE-1FF85336879B}] => LPort=1900
FirewallRules: [{25ACF4C0-F8F3-4E8C-9810-CBB998ED961F}] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{23936801-2C8B-44FF-BBBC-E398DEB77531}] => C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{67D65601-1424-4733-8166-8BB62BAE6BFE}] => C:\Program Files (x86)\Acer\Acer VCM\VC.exe
FirewallRules: [{5E5E219B-254A-4E20-80EB-EEC333C54BF0}] => C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
FirewallRules: [{611128FA-D3AE-416F-BD40-B6553605A166}] => C:\Program Files (x86)\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{357E67FA-5B0C-4736-B02B-49C6F4A87FEF}] => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe
FirewallRules: [{04D5BEF0-55F2-47A7-8566-8C30022F319D}] => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
FirewallRules: [{936907B1-35F0-4BD4-AA50-1BF9FB3B647C}] => C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{51A794B9-00C9-4F0A-A450-F55D8192F50E}] => C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
FirewallRules: [{F812DB42-1D1B-4887-B760-1E95B7409714}] => C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
FirewallRules: [{16234A6F-62CF-4E31-A939-F9499BDC1647}] => C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
FirewallRules: [{A78035E9-5F5B-4497-AA78-FBE6DD040D02}] => C:\Program Files (x86)\Acer\clear.fi\Movie\TouchMovie.exe
FirewallRules: [{B5874D56-2FAA-4557-8E84-5A5BB1ADEDCE}] => C:\Program Files (x86)\Acer\clear.fi\Movie\TouchMovieService.exe
FirewallRules: [{D746CB64-C450-4E14-8C3D-6CEB3D9FD17D}] => C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [{76AD0C8F-B46C-48E3-AAD2-3D645C552436}] => C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [TCP Query User{9ED3915B-C613-4FE6-B6AD-4D48BDF03177}C:\program files (x86)\microsoft office\office12\groove.exe] => C:\program files (x86)\microsoft office\office12\groove.exe
FirewallRules: [UDP Query User{EBD8A2AB-47D3-44EA-9FD7-BB1736F0873D}C:\program files (x86)\microsoft office\office12\groove.exe] => C:\program files (x86)\microsoft office\office12\groove.exe
FirewallRules: [TCP Query User{2EA441FC-79CD-459B-928D-C6BCF2EC07E6}C:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe] => C:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe
FirewallRules: [UDP Query User{415BDE12-B1EA-432E-8120-072F449CCCC1}C:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe] => C:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe
FirewallRules: [TCP Query User{42589FB1-1414-47F1-90E5-D50A19C690F2}C:\program files (x86)\nokia\nokia ovi suite\nokiaovisuite.exe] => C:\program files (x86)\nokia\nokia ovi suite\nokiaovisuite.exe
FirewallRules: [UDP Query User{4CB39761-7756-4AEB-9734-681F829933F4}C:\program files (x86)\nokia\nokia ovi suite\nokiaovisuite.exe] => C:\program files (x86)\nokia\nokia ovi suite\nokiaovisuite.exe
FirewallRules: [{42947F19-9F14-4F84-AC29-D197492ECAFE}] => C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [{195163DF-92E5-4300-8776-488B707C54ED}] => C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [{468E39B6-B71C-4B11-B2C6-F83C7A4D3615}] => C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [{6724D8F1-99B5-495E-A0C9-7743E67CBF29}] => C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [{26BA0A77-B3A7-4E8D-8F32-F28DBFAA2CBF}] => C:\Users\Manfred G\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\EpsonNetSetup3_6_1_2200\ENEasyApp.exe
FirewallRules: [{943D3A2E-1143-4DB3-93DF-998456DF7E20}] => C:\Users\Manfred G\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\EpsonNetSetup3_6_1_2200\ENEasyApp.exe
FirewallRules: [{5899AE7E-710F-4949-8B35-64CEBC2D9DA3}] => C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{B1510C5F-5391-424D-A0CD-2BF9BE4A096D}] => C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{8C652783-0939-4A98-8CAE-910D880F2F68}] => C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{4E27C4E7-D98F-4E3F-A427-D25D2E40E9D0}] => C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [TCP Query User{5A897702-F3C8-4678-AF04-A3D0B8A093A2}C:\users\manfred G\appdata\roaming\spotify\spotify.exe] => C:\users\manfred G\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{ED21481F-C761-45D4-AD40-4F94ED3B6661}C:\users\manfred G\appdata\roaming\spotify\spotify.exe] => C:\users\manfred G\appdata\roaming\spotify\spotify.exe
FirewallRules: [{9D8C744E-CD22-4932-9855-48E2883C16EE}] => C:\users\manfred G\appdata\roaming\spotify\spotify.exe
FirewallRules: [{869A5B1F-15C6-4993-93A4-BFE6D8F3B7B9}] => C:\users\manfred G\appdata\roaming\spotify\spotify.exe
FirewallRules: [{CAABCF82-C0C8-411C-BE2A-14DC4643CE1A}] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{03FBB5EC-041D-46D4-929E-4F101A7EC921}] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [TCP Query User{A251D5C1-1E20-4DAD-BEBD-AFD944F8DE70}C:\program files (x86)\atmel\atmel studio 6.2\atmelstudio.exe] => C:\program files (x86)\atmel\atmel studio 6.2\atmelstudio.exe
FirewallRules: [UDP Query User{E1F214C5-91BC-4F13-987C-F9352434E560}C:\program files (x86)\atmel\atmel studio 6.2\atmelstudio.exe] => C:\program files (x86)\atmel\atmel studio 6.2\atmelstudio.exe
FirewallRules: [{2109CA59-460F-4E81-80C0-B8F3D5454289}] => C:\program files (x86)\atmel\atmel studio 6.2\atmelstudio.exe
FirewallRules: [{EC96294A-676A-4C20-AB8D-1A62B1245BB6}] => C:\program files (x86)\atmel\atmel studio 6.2\atmelstudio.exe
FirewallRules: [{E2322E38-227F-4504-BC6B-BD808159CA93}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{73FD43D4-F7FC-4D98-AD2F-B2896435FBB6}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{3783848A-8784-41B2-80F1-8AC61DC414BA}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{65FFD163-AAF2-4702-829B-27A467BD2C91}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{255F23CD-9570-46D9-9CFE-5C30F459F0DF}] => C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{944BFA14-4A5C-40FB-9004-6B73E5DEAB24}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{3F3610DA-46C0-4FA9-862A-9F6116B86E79}] => C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe

==================== Wiederherstellungspunkte =========================

28-12-2016 22:28:44 Geplanter Prüfpunkt
07-01-2017 18:58:21 Geplanter Prüfpunkt
11-01-2017 14:04:17 Windows Update
24-01-2017 18:13:38 Geplanter Prüfpunkt

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (01/29/2017 12:37:59 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (01/28/2017 10:23:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (01/28/2017 01:31:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (01/27/2017 08:45:21 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (01/27/2017 10:00:06 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (01/26/2017 07:07:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (01/26/2017 05:31:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2215

Error: (01/26/2017 05:31:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2215

Error: (01/26/2017 05:31:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/26/2017 05:31:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1045


Systemfehler:
=============
Error: (01/24/2017 08:27:46 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎24.‎01.‎2017 um 20:21:50 unerwartet heruntergefahren.

Error: (01/24/2017 11:18:45 AM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 70.

Error: (01/22/2017 10:11:40 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Der Dienst Gruppenrichtlinienclient konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.

Error: (01/22/2017 10:10:51 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Der Server "{F9717507-6651-4EDB-BFF7-AE615179BCCF}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (01/22/2017 08:17:00 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 70.

Error: (01/15/2017 08:43:05 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "KARSTEN-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{4BD03B0F-C581-472F-88E5-730EA1A3C3FC}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (01/14/2017 05:56:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "TeamViewer 9" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (01/14/2017 05:56:54 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst TeamViewer 9 erreicht.

Error: (01/13/2017 08:19:15 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 70.

Error: (01/12/2017 04:46:50 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Der Server "{F9717507-6651-4EDB-BFF7-AE615179BCCF}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 66%
Installierter physikalischer RAM: 3947.86 MB
Verfügbarer physikalischer RAM: 1320.79 MB
Summe virtueller Speicher: 7893.9 MB
Verfügbarer virtueller Speicher: 5171.61 MB

==================== Laufwerke ================================

Drive c: (Acer) (Fixed) (Total:683.54 GB) (Free:342.08 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 0934C5AB)
Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=683.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         
Danke!

Alt 29.01.2017, 13:55   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Chrome öffnet Werbefenster vermutlich cloudfront - Standard

Chrome öffnet Werbefenster vermutlich cloudfront



Zitat:
McAfee VirusScan Enterprise
Microsoft Office Enterprise 2007
Was hat denn derartige ENTERPRISE Software auf deinem Recher zu suchen?
Gewerblich genutztes System? Oder bist/warst du damit in einer Uni?
__________________

__________________

Alt 29.01.2017, 14:28   #3
karstellos
 
Chrome öffnet Werbefenster vermutlich cloudfront - Standard

Chrome öffnet Werbefenster vermutlich cloudfront



Ist der Rechner vom Schwiegervater. Ist nicht gewerblich genutzt. Die Programme hat er meine ich von einem Bekannten aufgespielt bekommen.
__________________

Alt 29.01.2017, 15:04   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Chrome öffnet Werbefenster vermutlich cloudfront - Standard

Chrome öffnet Werbefenster vermutlich cloudfront



Ahja, das wird dann gecrackte bzw nicht lizenzierte Software sein. Bitte beides deinstallieren wenn du Hilfe haben willst.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 29.01.2017, 16:10   #5
karstellos
 
Chrome öffnet Werbefenster vermutlich cloudfront - Standard

Chrome öffnet Werbefenster vermutlich cloudfront



selbstverständlich!

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 28-01-2017 01
durchgeführt von Manfred G (Administrator) auf MANFRED-LAPTOP (29-01-2017 16:04:19)
Gestartet von C:\Users\Manfred G\Downloads
Geladene Profile: Manfred G & UpdatusUser (Verfügbare Profile: Manfred G & UpdatusUser & Karsten)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: IE)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Spotify Ltd) C:\Users\Manfred G\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Dolby Laboratories Inc.) C:\DOLBY PCEE4\pcee4.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
(CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [IntelPAN] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-05-02] (Intel(R) Corporation)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2589992 2011-04-05] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe [499304 2011-03-28] (Acer Incorporated)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [377640 2009-05-15] (Acronis)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-11-01] (Apple Inc.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-06-21] (Egis Technology Inc.)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-04-24] (NTI Corporation)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc.)
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Dolby PCEE4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [ArcadeMovieService] => C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [177448 2011-08-26] (CyberLink Corp.)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [4393112 2009-05-15] (Acronis)
HKLM-x32\...\Run: [AcronisTimounterMonitor] => C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe [962640 2009-05-15] (Acronis)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2016-10-05] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-3921616589-2122781770-2851317462-1000\...\Run: [Spotify Web Helper] => C:\Users\Manfred G\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1524848 2016-03-07] (Spotify Ltd)
HKU\S-1-5-21-3921616589-2122781770-2851317462-1004\...\RunOnce: [ScrSav] => C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162408 2011-09-13] ()
HKU\S-1-5-21-3921616589-2122781770-2851317462-1004\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Acer.scr [450048 2011-09-13] ()
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation)
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer VCM.lnk [2011-09-06]
ShortcutTarget: Acer VCM.lnk -> C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2011-11-22]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{4BD03B0F-C581-472F-88E5-730EA1A3C3FC}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{DB06B308-87FA-405A-8FC7-7067AF443E88}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3921616589-2122781770-2851317462-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.gmx.net/
HKU\S-1-5-21-3921616589-2122781770-2851317462-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3921616589-2122781770-2851317462-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3921616589-2122781770-2851317462-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-02-25] (Eyeo GmbH)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-02-25] (Eyeo GmbH)

FireFox:
========
FF ProfilePath: C:\Users\Manfred G\AppData\Roaming\TomTom\HOME\Profiles\1t30w7lu.default [2015-05-14]
FF Extension: (Map status indicator) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [2015-05-14] [ist nicht signiert]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-06-26] (Adobe Systems Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Manfred G\AppData\Local\Google\Chrome\User Data\Default [2017-01-29]
CHR Extension: (Google Präsentationen) - C:\Users\Manfred G\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-19]
CHR Extension: (Google Docs) - C:\Users\Manfred G\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-19]
CHR Extension: (Google Drive) - C:\Users\Manfred G\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-25]
CHR Extension: (YouTube) - C:\Users\Manfred G\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27]
CHR Extension: (Adblock Plus) - C:\Users\Manfred G\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-11-11]
CHR Extension: (Google-Suche) - C:\Users\Manfred G\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-03-25]
CHR Extension: (Google Tabellen) - C:\Users\Manfred G\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-19]
CHR Extension: (Google Docs Offline) - C:\Users\Manfred G\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-13]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Manfred G\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-19]
CHR Extension: (Google Mail) - C:\Users\Manfred G\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-19]
CHR Extension: (Chrome Media Router) - C:\Users\Manfred G\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-17]

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 ePowerSvc; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [799848 2011-03-28] (Acer Incorporated)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
R2 EPSON_PM_RPCV4_06; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [152640 2013-04-15] (SEIKO EPSON CORPORATION)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-05-02] ()
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation)
R2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [260640 2010-01-30] (Acer Incorporated)
S3 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [651776 2009-09-17] (Nokia) [Datei ist nicht signiert]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 BTWDPAN; C:\Windows\System32\DRIVERS\btwdpan.sys [89640 2011-08-30] (Broadcom Corporation.)
R0 tdrpman228; C:\Windows\System32\DRIVERS\tdrpm228.sys [1462304 2012-01-21] (Acronis)
R3 WinDriver6; C:\Windows\System32\drivers\windrvr6.sys [268800 2014-01-28] (Jungo Connectivity)
S3 nmwcd; system32\drivers\ccdcmbx64.sys [X]
S3 nmwcdc; system32\drivers\ccdcmbox64.sys [X]
S3 upperdev; system32\DRIVERS\usbser_lowerfltx64.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-01-29 00:51 - 2017-01-29 00:50 - 00040343 _____ C:\Users\Manfred G\Desktop\Addition.txt
2017-01-29 00:51 - 2017-01-29 00:50 - 00034700 _____ C:\Users\Manfred G\Desktop\FRST.txt
2017-01-29 00:46 - 2017-01-29 00:50 - 00040343 _____ C:\Users\Manfred G\Downloads\Addition.txt
2017-01-29 00:42 - 2017-01-29 16:04 - 00017605 _____ C:\Users\Manfred G\Downloads\FRST.txt
2017-01-29 00:34 - 2017-01-29 00:46 - 00001640 _____ C:\Users\Manfred G\Desktop\mamb.txt
2017-01-28 23:53 - 2017-01-29 16:04 - 00000000 ____D C:\FRST
2017-01-28 23:25 - 2017-01-28 23:25 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-01-28 23:22 - 2017-01-28 23:22 - 00001070 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2017-01-28 23:22 - 2017-01-28 23:22 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-01-28 23:22 - 2017-01-28 23:22 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2017-01-28 23:22 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2017-01-28 23:22 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2017-01-28 23:22 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-01-28 23:19 - 2017-01-28 23:19 - 22851472 _____ (Malwarebytes ) C:\Users\Manfred G\Downloads\mbam-setup-2.2.1.1043.exe
2017-01-28 23:14 - 2017-01-28 23:14 - 02420736 _____ (Farbar) C:\Users\Manfred G\Downloads\FRST64.exe
2017-01-26 16:12 - 2017-01-26 17:16 - 01333343 _____ C:\Users\Manfred G\Documents\Wohnzimmerplanung.sh3d
2017-01-26 15:52 - 2017-01-26 15:52 - 00000000 ____D C:\Users\Manfred G\eTeks
2017-01-26 15:42 - 2017-01-26 15:42 - 00000938 _____ C:\Users\Manfred G\Desktop\Sweet Home 3D.lnk
2017-01-26 15:42 - 2017-01-26 15:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eTeks Sweet Home 3D
2017-01-26 15:41 - 2017-01-26 15:42 - 00000000 ____D C:\Program Files\Sweet Home 3D
2017-01-26 15:37 - 2017-01-26 15:37 - 01496584 _____ C:\Users\Manfred G\Downloads\Sweet Home 3D - CHIP-Installer.exe
2017-01-25 15:59 - 2017-01-25 15:59 - 00965154 _____ C:\Users\Manfred G\Downloads\v_schwb_aenderungsantrag.pdf
2017-01-24 11:46 - 2017-01-24 11:46 - 00023605 _____ C:\Users\Manfred G\Downloads\DEI0000464652 (1).pdf
2017-01-24 11:44 - 2017-01-24 11:44 - 00023605 _____ C:\Users\Manfred G\Downloads\DEI0000464652.pdf
2017-01-14 23:03 - 2017-01-14 23:07 - 00010783 _____ C:\Users\Manfred G\Documents\Passwortverwaltung 14.1.2017.xlsx
2017-01-14 21:11 - 2017-01-14 21:11 - 00270518 _____ C:\Users\Manfred G\Downloads\Extra_Konto_5547402805_Kontoauszug_20170105.pdf
2017-01-14 21:06 - 2017-01-14 21:06 - 00071799 _____ C:\Users\Manfred G\Downloads\Steuerbescheinigung-2016.pdf
2017-01-14 20:56 - 2017-01-14 20:56 - 00009941 _____ C:\Users\Manfred G\Documents\Auslieferung 2017.xlsx
2017-01-13 22:45 - 2017-01-13 22:45 - 00612570 _____ C:\Users\Manfred G\Downloads\Gehaltstarifvertrag.pdf
2017-01-13 22:45 - 2017-01-13 22:45 - 00612570 _____ C:\Users\Manfred G\Downloads\Gehaltstarifvertrag (1).pdf
2017-01-12 22:52 - 2017-01-12 22:52 - 00209745 _____ C:\Users\Manfred G\Downloads\Kontoauszug-1501214371-2017-01.pdf
2017-01-12 22:52 - 2017-01-12 22:52 - 00205682 _____ C:\Users\Manfred G\Downloads\Kontoauszug-1509790885-2017-01.pdf
2017-01-10 19:43 - 2017-01-05 19:55 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-01-10 19:43 - 2017-01-05 19:55 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-01-10 19:43 - 2017-01-05 19:52 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-01-10 19:43 - 2017-01-05 19:52 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-01-10 19:43 - 2017-01-05 19:52 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-01-10 19:43 - 2017-01-05 19:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-01-10 19:43 - 2017-01-05 19:52 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-01-10 19:43 - 2017-01-05 19:52 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-01-10 19:43 - 2017-01-05 19:52 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-01-10 19:43 - 2017-01-05 19:52 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-01-10 19:43 - 2017-01-05 19:52 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-01-10 19:43 - 2017-01-05 19:52 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-01-10 19:43 - 2017-01-05 19:52 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-01-10 19:43 - 2017-01-05 19:52 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-01-10 19:43 - 2017-01-05 19:52 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-01-10 19:43 - 2017-01-05 19:52 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-01-10 19:43 - 2017-01-05 19:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-01-10 19:43 - 2017-01-05 19:52 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-01-10 19:43 - 2017-01-05 19:52 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-01-10 19:43 - 2017-01-05 19:52 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-01-10 19:43 - 2017-01-05 19:52 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-01-10 19:43 - 2017-01-05 18:43 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-01-10 19:43 - 2017-01-05 18:43 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-01-10 19:43 - 2017-01-05 18:43 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-01-10 19:43 - 2017-01-05 18:43 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-01-10 19:43 - 2017-01-05 18:43 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-01-10 19:43 - 2017-01-05 18:43 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-01-10 19:43 - 2017-01-05 18:43 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-01-10 19:43 - 2017-01-05 18:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-01-10 19:43 - 2017-01-05 18:43 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-01-10 19:43 - 2017-01-05 18:43 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-01-10 19:43 - 2017-01-05 18:43 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-01-10 19:43 - 2017-01-05 18:43 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-01-10 19:43 - 2017-01-05 18:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-01-10 19:43 - 2017-01-05 18:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-01-10 19:43 - 2017-01-05 18:43 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-01-10 19:43 - 2017-01-05 18:42 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-01-10 19:43 - 2017-01-05 18:32 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-01-10 19:43 - 2017-01-05 18:25 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-01-10 19:43 - 2017-01-05 18:24 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-01-10 19:43 - 2017-01-05 18:24 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-01-10 19:43 - 2017-01-05 18:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-01-10 19:43 - 2017-01-05 18:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-01-10 19:43 - 2017-01-05 18:19 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-01-29 16:04 - 2009-07-14 05:45 - 00024400 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-01-29 16:04 - 2009-07-14 05:45 - 00024400 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-01-29 15:58 - 2012-01-19 18:14 - 00000000 ____D C:\ProgramData\clear.fi
2017-01-29 15:55 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-01-29 15:52 - 2013-03-31 20:16 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-01-29 15:47 - 2011-09-06 08:12 - 00000000 ____D C:\ProgramData\McAfee
2017-01-29 15:43 - 2012-01-19 18:06 - 00109672 _____ C:\Users\Manfred G\AppData\Local\GDIPFONTCACHEV1.DAT
2017-01-29 15:42 - 2009-07-14 05:45 - 00415080 _____ C:\Windows\system32\FNTCACHE.DAT
2017-01-29 15:41 - 2013-10-03 17:37 - 00000000 ____D C:\Program Files\Common Files\McAfee
2017-01-29 15:39 - 2015-10-17 16:21 - 00000000 ____D C:\Users\Karsten\AppData\Local\JDownloader 2.0
2017-01-29 15:37 - 2012-01-22 01:05 - 00000000 ____D C:\Program Files (x86)\McAfee
2017-01-29 15:35 - 2012-01-22 11:42 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-01-29 15:34 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2017-01-29 15:33 - 2010-11-21 08:16 - 00000000 ____D C:\Windows\ShellNew
2017-01-29 15:33 - 2009-07-14 03:34 - 00000419 _____ C:\Windows\win.ini
2017-01-29 15:31 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2017-01-29 00:37 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2017-01-29 00:18 - 2014-01-14 20:18 - 00000911 _____ C:\Windows\Tasks\EPSON XP-215 217 Series Update {9F247DB0-7006-49DA-AD93-9D99068E0F1A}.job
2017-01-29 00:18 - 2014-01-14 20:18 - 00000725 _____ C:\Windows\Tasks\EPSON XP-215 217 Series Invitation {9F247DB0-7006-49DA-AD93-9D99068E0F1A}.job
2017-01-28 13:42 - 2015-02-26 20:59 - 00000000 ____D C:\Users\Manfred G\AppData\LocalLow\Adblock Plus for IE
2017-01-27 11:10 - 2013-03-31 20:16 - 00000000 ____D C:\Windows\system32\Macromed
2017-01-26 15:52 - 2012-01-19 18:05 - 00000000 ____D C:\Users\Manfred G
2017-01-24 20:31 - 2013-03-16 21:48 - 00000000 ____D C:\Users\UpdatusUser
2017-01-24 18:14 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2017-01-14 20:42 - 2013-01-02 22:37 - 00023979 _____ C:\Users\Manfred G\Documents\Provision 2017.xlsx
2017-01-14 20:09 - 2012-01-25 21:40 - 00000000 ____D C:\Users\Manfred G\Documents\OneNote-Notizbücher
2017-01-14 20:08 - 2014-01-09 19:32 - 00000000 ____D C:\Users\Manfred G\Documents\Bank-ING-DiBa
2017-01-12 19:52 - 2013-03-31 20:16 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-01-12 19:52 - 2013-03-31 20:16 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-01-12 19:52 - 2011-09-06 08:32 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-01-12 19:52 - 2011-09-06 08:32 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-01-11 14:13 - 2013-08-05 21:23 - 00000000 ____D C:\Windows\system32\MRT
2017-01-11 14:06 - 2012-01-22 00:54 - 135657872 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-01-07 23:41 - 2012-08-10 22:03 - 00000000 ____D C:\Users\Manfred G\AppData\Roaming\Skype
2017-01-02 20:16 - 2012-02-06 22:15 - 00000000 ____D C:\Users\Manfred G\Documents\Telefonrechnungen

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-07-19 12:49 - 2014-07-19 12:50 - 0008704 ___SH () C:\Users\Manfred G\AppData\Roaming\Thumbs.db
2013-01-13 17:33 - 2013-01-13 17:33 - 0033134 _____ () C:\Users\Manfred G\AppData\Roaming\UserTile.png
2012-01-19 18:28 - 2012-01-19 18:28 - 0001526 _____ () C:\Users\Manfred G\AppData\Local\PDLSetup.20120119.182825.txt
2015-01-29 17:17 - 2015-01-29 17:17 - 0000000 _____ () C:\Users\Manfred G\AppData\Local\{D8B72E42-AFDC-43AC-B2A7-988F44429B5E}
2011-11-22 03:55 - 2011-11-22 03:58 - 0015230 _____ () C:\ProgramData\ArcadeDeluxe5.log

Einige Dateien in TEMP:
====================
2015-10-17 16:19 - 2015-10-17 16:19 - 36403960 _____ (AppWork GmbH) C:\Users\Karsten\AppData\Local\Temp\13089568753813370998.exe
2015-10-17 16:19 - 2015-10-17 16:19 - 0079736 _____ (AppWork GmbH) C:\Users\Karsten\AppData\Local\Temp\JDSetup130895687492763012.exe
2015-10-17 16:25 - 2015-10-17 16:25 - 0040448 ____N () C:\Users\Karsten\AppData\Local\Temp\proxy_vole2424655815273323973.dll
2015-10-17 16:20 - 2015-10-17 16:20 - 0040448 ____N () C:\Users\Karsten\AppData\Local\Temp\proxy_vole3647123271954594509.dll
2012-02-23 22:39 - 2012-02-23 22:39 - 0001536 _____ () C:\Users\Manfred G\AppData\Local\Temp\NEventMessages.dll
2006-10-31 00:00 - 2006-10-31 00:00 - 0145184 ____R (Microsoft Corporation) C:\Users\Manfred G\AppData\Local\Temp\ose00000.exe
2006-10-31 00:00 - 2006-10-31 00:00 - 0145184 ____R (Microsoft Corporation) C:\Users\Manfred G\AppData\Local\Temp\ose00001.exe
2006-10-31 00:00 - 2006-10-31 00:00 - 0145184 ____R (Microsoft Corporation) C:\Users\Manfred G\AppData\Local\Temp\ose00002.exe
2006-10-31 00:00 - 2006-10-31 00:00 - 0145184 ____R (Microsoft Corporation) C:\Users\Manfred G\AppData\Local\Temp\ose00003.exe
2017-01-29 15:38 - 2017-01-29 15:38 - 0040448 ____N () C:\Users\Manfred G\AppData\Local\Temp\proxy_vole7772226942415486329.dll
2013-07-15 21:17 - 2014-09-16 20:18 - 36005480 _____ (Skype Technologies S.A.) C:\Users\Manfred G\AppData\Local\Temp\SkypeSetup.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-01-24 18:06

==================== Ende von FRST.txt ============================
         

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 28-01-2017 01
durchgeführt von Manfred G (29-01-2017 16:05:12)
Gestartet von C:\Users\Manfred G\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2012-01-19 17:05:25)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3921616589-2122781770-2851317462-500 - Administrator - Disabled)
Gast (S-1-5-21-3921616589-2122781770-2851317462-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3921616589-2122781770-2851317462-1003 - Limited - Enabled)
Karsten (S-1-5-21-3921616589-2122781770-2851317462-1005 - Administrator - Enabled) => C:\Users\Karsten
Manfred G (S-1-5-21-3921616589-2122781770-2851317462-1000 - Administrator - Enabled) => C:\Users\Manfred G
UpdatusUser (S-1-5-21-3921616589-2122781770-2851317462-1004 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Acer Backup Manager (HKLM-x32\...\InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.99 - NTI Corporation)
Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1904 - CyberLink Corp.)
Acer Crystal Eye Webcam (x32 Version: 1.0.1904 - CyberLink Corp.) Hidden
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3504 - Acer Incorporated)
Acer PowerSmart Manager (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.01.3002 - Acer Incorporated)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.04.3503 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 20.11.0921.1957 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3500 - Acer Incorporated)
Acer USB Charge Manager (HKLM-x32\...\{F53A49E6-9FB1-4A5A-B1D9-82BA116196B7}) (Version: 1.00.3001 - Acer Incorporated)
Acer VCM (HKLM-x32\...\{047F790A-7A2A-4B6A-AD02-38092BA63DAC}) (Version: 4.05.3501 - Acer Incorporated)
AcronisÂ*TrueÂ*ImageÂ*Home (HKLM-x32\...\{D1E0E859-F46D-4708-A41D-ED90C0C1822A}) (Version: 12.0.9769.15 - Acronis)
Adblock Plus für IE (32-Bit- und 64-Bit) (HKLM\...\{C27EF409-FB69-451F-B996-DC853C25FCA2}) (Version: 1.4 - Eyeo GmbH)
Adobe Flash Player 24 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Adobe Reader X (10.1.15) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.15 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{F2871C89-C8A5-42EE-8D45-0F02506385A6}) (Version: 5.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{9BC93467-75D1-4AA4-BD58-D9C51D88DFAB}) (Version: 5.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Aquamarin Haushaltsbuch 2.9.2 b (HKLM-x32\...\{1E517C0C-8542-4F8C-DA23-98BCA13CD1F4}_is1) (Version:  - makasy.com)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.36 - Atheros Communications Inc.)
Atmel ARM GNU Toolchain (HKLM-x32\...\{736745FA-6A66-4654-9397-1321B2B4D196}) (Version: 4.8.1443 - Atmel)
Atmel AVR (32 bit) GNU Toolchain (HKLM-x32\...\{C342B5D0-D95A-4B39-9262-2CC3CE3F39B2}) (Version: 3.4.1067 - Atmel)
Atmel AVR (8 bit) GNU Toolchain (HKLM-x32\...\{6E3D61B8-F3EC-462D-91F9-49D03A97053E}) (Version: 3.4.1061 - Atmel)
Atmel Driver Files (x32 Version: 7.0.928 - Atmel Corporation) Hidden
Atmel Jungo USB Driver (x32 Version: 7.0.120 - Atmel) Hidden
Atmel Kits (HKLM-x32\...\{3C85CFF3-91DE-4520-B836-5F4C2F247FF5}) (Version: 6.2.338 - Atmel)
Atmel LibUSB0 Driver (x32 Version: 7.0.73 - Atmel) Hidden
Atmel Segger USB Drivers (497f) (x32 Version: 7.0.140 - Atmel) Hidden
Atmel Studio 6.2 (HKLM-x32\...\{C179E170-07D6-4D8D-A34D-FDB3FCC79FEC}) (Version: 6.2.1563 - Atmel)
Atmel Studio Backend (HKLM-x32\...\{1B2C7C63-4659-49A1-8BC9-F845FE0F0D35}) (Version: 1.12.4144 - Atmel Corporation)
Atmel Studio Memory Logger (HKLM-x32\...\{053538A7-0B52-4CA9-9728-D506BFAA42BD}) (Version: 6.2.171 - Atmel)
Atmel USB Driver Package (HKLM-x32\...\{88a482c9-18e3-43d5-b426-3d1cdf85b391}) (Version: 7.0.666 - Atmel)
Atmel WinUSB (x32 Version: 6.2.30 - Atmel) Hidden
AtmelSoftwareFramework (HKLM-x32\...\{35BD89A1-47F3-4E42-B393-B8DB123F5215}) (Version: 3.21.0.1310 - Atmel)
AVR macro Assembler (HKLM-x32\...\{251D9F73-6297-4941-9016-EA787F708FDF}) (Version: 2.1.1175 - Atmel)
Backup Manager V3 (x32 Version: 3.0.0.99 - NTI Corporation) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
clear.fi (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 1.0.2024.00 - CyberLink Corp.)
clear.fi (x32 Version: 1.0.1517_36458 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 1.0.2024.00 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 9.0.8026 - CyberLink Corp.) Hidden
clear.fi Client (HKLM-x32\...\{43AAE145-83CF-4C96-9A5E-756CEFCE879F}) (Version: 1.00.3500 - Acer Incorporated)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.17.51 - Conexant)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON XP-215 217 Series Printer Uninstall (HKLM\...\EPSON XP-215 217 Series) (Version:  - SEIKO EPSON Corporation)
Epson-Handbücher (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.0.0.0 - SEIKO EPSON CORPORATION)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
ETDWare PS/2-X64 8.0.6.3_WHQL (HKLM\...\Elantech) (Version: 8.0.6.3 - ELAN Microelectronic Corp.)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GalerÃ*a fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogrÃ*fica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated)
Intel PROSet Wireless (x32 Version:  - ) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2418 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{3C41721F-AF0F-4086-AA1C-4C7F29076228}) (Version: 14.01.1000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.6.0.1002 - Intel Corporation)
Intel(R) WiDi (HKLM-x32\...\{781A93CD-1608-427D-B7F0-D05C07795B25}) (Version: 2.1.41.0 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version:  - )
iTunes (HKLM\...\{554C62C7-E6BB-40F1-892B-F0AE02D3C135}) (Version: 12.5.3.17 - Apple Inc.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.7 - Acer Inc.)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{4E968D9C-21A7-4915-B698-F7AEB913541D}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{2A2F3AE8-246A-4252-BB26-1BEB45627074}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.30319 (HKLM-x32\...\{6A86554B-8928-30E4-A53C-D7337689134D}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Shell (Isolated) - ENU (HKLM-x32\...\{D64B6984-242F-32BC-B008-752806E5FC44}) (Version: 10.0.30319 - Microsoft Corporation)
MoneyManagerEX 0.9.9.0 (HKLM-x32\...\{2C48DC11-E113-4912-8AFC-366D1918101E}_is1) (Version: 0.9.9.0 - CodeLathe, LLC)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyWinLocker (Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.18 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.18 - Egis Technology Inc.) Hidden
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.9002 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.9002 - NTI Corporation) Hidden
NVIDIA Grafiktreiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}) (Version: 9.10.0514 - NVIDIA Corporation)
NVIDIA Update 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation)
PC Connectivity Solution (HKLM-x32\...\{9D6B740F-D9A2-45A6-BDC4-0A453D499FE6}) (Version: 9.39.0.0 - Nokia)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.85 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.34.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.34.0 - Renesas Electronics Corporation) Hidden
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Skypeâ„¢ 7.17 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.105 - Skype Technologies S.A.)
Software Updater (HKLM-x32\...\{A3B308B9-BE96-4334-816F-3D82B19A7DE2}) (Version: 4.1.7 - SEIKO EPSON CORPORATION)
Spotify (HKU\S-1-5-21-3921616589-2122781770-2851317462-1000\...\Spotify) (Version: 1.0.24.104.g92a22684 - Spotify AB)
Sweet Home 3D version 5.3 (HKLM\...\Sweet Home 3D_is1) (Version: 5.3 - eTeks)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.29480 - TeamViewer)
TomTom HOME (HKLM-x32\...\{0E09BE17-EDEA-42CA-8974-42A587F51510}) (Version: 2.9.8 - Ihr Firmenname)
TomTom HOME (HKLM-x32\...\{7A2BB1C8-903D-4585-9F3B-CADD67D07D37}) (Version: 2.9.8 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WIDCOMM Bluetooth Software (HKLM\...\{6E7F4CA3-B2DE-413C-A7A1-43AA5BE19EA1}) (Version: 6.5.0.2200 - Broadcom Corporation)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמו×*ות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {094AFE37-6048-44D2-BC6E-E86C3260E7BC} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2011-03-29] (Egis Technology Inc.)
Task: {2F28EFE9-7F6B-4067-B83D-FCB332D4AE07} - System32\Tasks\EPSON XP-215 217 Series Update {9F247DB0-7006-49DA-AD93-9D99068E0F1A} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {35C1DE87-6809-4DFE-9E64-4AC2A02EA920} - System32\Tasks\DMREngine => C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [2011-08-24] (CyberLink)
Task: {389D776A-B28B-430D-A0AC-1B236A244744} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {42251CB3-C518-4611-B947-FC6302F22357} - System32\Tasks\EPSON XP-215 217 Series Invitation {9F247DB0-7006-49DA-AD93-9D99068E0F1A} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {584D647F-4341-450B-ABFC-DE31214B6C3A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {658BC063-8439-4CFA-93B8-0F5974DBE83B} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2011-03-29] (Egis Technology Inc.)
Task: {7C4289BD-7F6F-47A7-ABFE-0A8F2511EC1A} - System32\Tasks\clear.fi => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [2011-08-24] (Acer Incorporated)
Task: {8F47ED39-A584-42AD-BFBE-DD1DC8D59C43} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {C5314810-7CCA-4C94-A77F-C75B445F9BF6} - System32\Tasks\{D388CCD6-91BD-4E86-B489-6CF4224EB645} => pcalua.exe -a F:\SETUP.EXE -d F:\
Task: {C8307B04-E4F7-4777-AC48-BB008A679F9F} - System32\Tasks\clear.fiAgent => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [2011-08-24] (CyberLink Corp.)
Task: {EA1DB5DF-4D1C-42A7-B2A6-1DFBA1F2693B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-12] (Adobe Systems Incorporated)
Task: {F8A8E6CE-B2E9-4C8F-A117-CE0C63E20062} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\EPSON XP-215 217 Series Invitation {9F247DB0-7006-49DA-AD93-9D99068E0F1A}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE
Task: C:\Windows\Tasks\EPSON XP-215 217 Series Update {9F247DB0-7006-49DA-AD93-9D99068E0F1A}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE :/EXE:{9F247DB0-7006-49DA-AD93-9D99068E0F1A} /F:Update  SYSTEM ÄŠSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2013-03-16 21:47 - 2013-08-29 23:43 - 00097568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2011-05-02 13:41 - 2011-05-02 13:41 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2016-09-01 17:12 - 2016-09-01 17:12 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-10-05 18:17 - 2016-10-05 18:17 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-05 01:36 - 2013-09-05 01:36 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2011-06-22 04:36 - 2011-06-10 18:36 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-05-02 13:41 - 2011-05-02 13:41 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2011-04-24 02:29 - 2011-04-24 02:29 - 00465640 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2011-04-24 02:29 - 2011-04-24 02:29 - 01081664 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2011-04-24 02:29 - 2011-04-24 02:29 - 00125760 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2011-08-24 18:03 - 2011-08-24 18:03 - 00206216 _____ () C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll
2011-09-06 07:50 - 2011-05-20 18:05 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2016-12-15 19:45 - 2016-12-08 08:29 - 01829208 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll
2016-12-15 19:45 - 2016-12-08 08:29 - 00085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3921616589-2122781770-2851317462-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Manfred G\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{83026738-D136-4370-9498-D1224EEB7BD8}] => C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{EBF09B2B-E26A-431E-99E4-BA58AD43F81C}] => C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{880A1959-662D-4A71-BD28-BD5747D2AC7A}] => C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{55C86C9F-B790-4CC2-9433-AA6ED98668F8}] => C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{CA106C9B-CA8E-4085-9884-905234800FC2}] => LPort=2869
FirewallRules: [{26DF612B-72CD-442E-95EE-1FF85336879B}] => LPort=1900
FirewallRules: [{25ACF4C0-F8F3-4E8C-9810-CBB998ED961F}] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{23936801-2C8B-44FF-BBBC-E398DEB77531}] => C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{67D65601-1424-4733-8166-8BB62BAE6BFE}] => C:\Program Files (x86)\Acer\Acer VCM\VC.exe
FirewallRules: [{5E5E219B-254A-4E20-80EB-EEC333C54BF0}] => C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
FirewallRules: [{611128FA-D3AE-416F-BD40-B6553605A166}] => C:\Program Files (x86)\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{357E67FA-5B0C-4736-B02B-49C6F4A87FEF}] => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe
FirewallRules: [{04D5BEF0-55F2-47A7-8566-8C30022F319D}] => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
FirewallRules: [{936907B1-35F0-4BD4-AA50-1BF9FB3B647C}] => C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{51A794B9-00C9-4F0A-A450-F55D8192F50E}] => C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
FirewallRules: [{F812DB42-1D1B-4887-B760-1E95B7409714}] => C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
FirewallRules: [{16234A6F-62CF-4E31-A939-F9499BDC1647}] => C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
FirewallRules: [{A78035E9-5F5B-4497-AA78-FBE6DD040D02}] => C:\Program Files (x86)\Acer\clear.fi\Movie\TouchMovie.exe
FirewallRules: [{B5874D56-2FAA-4557-8E84-5A5BB1ADEDCE}] => C:\Program Files (x86)\Acer\clear.fi\Movie\TouchMovieService.exe
FirewallRules: [{D746CB64-C450-4E14-8C3D-6CEB3D9FD17D}] => C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [{76AD0C8F-B46C-48E3-AAD2-3D645C552436}] => C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [TCP Query User{9ED3915B-C613-4FE6-B6AD-4D48BDF03177}C:\program files (x86)\microsoft office\office12\groove.exe] => C:\program files (x86)\microsoft office\office12\groove.exe
FirewallRules: [UDP Query User{EBD8A2AB-47D3-44EA-9FD7-BB1736F0873D}C:\program files (x86)\microsoft office\office12\groove.exe] => C:\program files (x86)\microsoft office\office12\groove.exe
FirewallRules: [TCP Query User{2EA441FC-79CD-459B-928D-C6BCF2EC07E6}C:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe] => C:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe
FirewallRules: [UDP Query User{415BDE12-B1EA-432E-8120-072F449CCCC1}C:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe] => C:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe
FirewallRules: [TCP Query User{42589FB1-1414-47F1-90E5-D50A19C690F2}C:\program files (x86)\nokia\nokia ovi suite\nokiaovisuite.exe] => C:\program files (x86)\nokia\nokia ovi suite\nokiaovisuite.exe
FirewallRules: [UDP Query User{4CB39761-7756-4AEB-9734-681F829933F4}C:\program files (x86)\nokia\nokia ovi suite\nokiaovisuite.exe] => C:\program files (x86)\nokia\nokia ovi suite\nokiaovisuite.exe
FirewallRules: [{42947F19-9F14-4F84-AC29-D197492ECAFE}] => C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [{195163DF-92E5-4300-8776-488B707C54ED}] => C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [{468E39B6-B71C-4B11-B2C6-F83C7A4D3615}] => C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [{6724D8F1-99B5-495E-A0C9-7743E67CBF29}] => C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [{26BA0A77-B3A7-4E8D-8F32-F28DBFAA2CBF}] => C:\Users\Manfred G\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\EpsonNetSetup3_6_1_2200\ENEasyApp.exe
FirewallRules: [{943D3A2E-1143-4DB3-93DF-998456DF7E20}] => C:\Users\Manfred G\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\EpsonNetSetup3_6_1_2200\ENEasyApp.exe
FirewallRules: [{5899AE7E-710F-4949-8B35-64CEBC2D9DA3}] => C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{B1510C5F-5391-424D-A0CD-2BF9BE4A096D}] => C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{8C652783-0939-4A98-8CAE-910D880F2F68}] => C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{4E27C4E7-D98F-4E3F-A427-D25D2E40E9D0}] => C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [TCP Query User{5A897702-F3C8-4678-AF04-A3D0B8A093A2}C:\users\Manfred G\appdata\roaming\spotify\spotify.exe] => C:\users\Manfred G\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{ED21481F-C761-45D4-AD40-4F94ED3B6661}C:\users\Manfred G\appdata\roaming\spotify\spotify.exe] => C:\users\Manfred G\appdata\roaming\spotify\spotify.exe
FirewallRules: [{9D8C744E-CD22-4932-9855-48E2883C16EE}] => C:\users\Manfred G\appdata\roaming\spotify\spotify.exe
FirewallRules: [{869A5B1F-15C6-4993-93A4-BFE6D8F3B7B9}] => C:\users\Manfred G\appdata\roaming\spotify\spotify.exe
FirewallRules: [{CAABCF82-C0C8-411C-BE2A-14DC4643CE1A}] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{03FBB5EC-041D-46D4-929E-4F101A7EC921}] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [TCP Query User{A251D5C1-1E20-4DAD-BEBD-AFD944F8DE70}C:\program files (x86)\atmel\atmel studio 6.2\atmelstudio.exe] => C:\program files (x86)\atmel\atmel studio 6.2\atmelstudio.exe
FirewallRules: [UDP Query User{E1F214C5-91BC-4F13-987C-F9352434E560}C:\program files (x86)\atmel\atmel studio 6.2\atmelstudio.exe] => C:\program files (x86)\atmel\atmel studio 6.2\atmelstudio.exe
FirewallRules: [{2109CA59-460F-4E81-80C0-B8F3D5454289}] => C:\program files (x86)\atmel\atmel studio 6.2\atmelstudio.exe
FirewallRules: [{EC96294A-676A-4C20-AB8D-1A62B1245BB6}] => C:\program files (x86)\atmel\atmel studio 6.2\atmelstudio.exe
FirewallRules: [{E2322E38-227F-4504-BC6B-BD808159CA93}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{73FD43D4-F7FC-4D98-AD2F-B2896435FBB6}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{3783848A-8784-41B2-80F1-8AC61DC414BA}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{65FFD163-AAF2-4702-829B-27A467BD2C91}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{255F23CD-9570-46D9-9CFE-5C30F459F0DF}] => C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{944BFA14-4A5C-40FB-9004-6B73E5DEAB24}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{3F3610DA-46C0-4FA9-862A-9F6116B86E79}] => C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe

==================== Wiederherstellungspunkte =========================

28-12-2016 22:28:44 Geplanter Prüfpunkt
07-01-2017 18:58:21 Geplanter Prüfpunkt
11-01-2017 14:04:17 Windows Update
24-01-2017 18:13:38 Geplanter Prüfpunkt
29-01-2017 15:29:57 Removed Microsoft Office Enterprise 2007
29-01-2017 15:36:29 McAfee VirusScan Enterprise wurde entfernt.
29-01-2017 15:46:11 Removed McAfee Agent.

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (01/29/2017 03:56:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (01/29/2017 03:42:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (01/29/2017 03:24:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (01/29/2017 12:37:59 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (01/28/2017 10:23:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (01/28/2017 01:31:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (01/27/2017 08:45:21 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (01/27/2017 10:00:06 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (01/26/2017 07:07:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (01/26/2017 05:31:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2215


Systemfehler:
=============
Error: (01/29/2017 03:32:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (01/29/2017 03:32:04 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Search erreicht.

Error: (01/24/2017 08:27:46 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎24.‎01.‎2017 um 20:21:50 unerwartet heruntergefahren.

Error: (01/24/2017 11:18:45 AM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 70.

Error: (01/22/2017 10:11:40 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Der Dienst Gruppenrichtlinienclient konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.

Error: (01/22/2017 10:10:51 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Der Server "{F9717507-6651-4EDB-BFF7-AE615179BCCF}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (01/22/2017 08:17:00 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 70.

Error: (01/15/2017 08:43:05 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "KARSTEN-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{4BD03B0F-C581-472F-88E5-730EA1A3C3FC}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (01/14/2017 05:56:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "TeamViewer 9" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (01/14/2017 05:56:54 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst TeamViewer 9 erreicht.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 46%
Installierter physikalischer RAM: 3947.86 MB
Verfügbarer physikalischer RAM: 2105.67 MB
Summe virtueller Speicher: 7893.9 MB
Verfügbarer virtueller Speicher: 5967.83 MB

==================== Laufwerke ================================

Drive c: (Acer) (Fixed) (Total:683.54 GB) (Free:347.42 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 0934C5AB)
Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=683.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         


Alt 29.01.2017, 18:52   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Chrome öffnet Werbefenster vermutlich cloudfront - Standard

Chrome öffnet Werbefenster vermutlich cloudfront



1. Schritt: Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers




2. Schritt: Kaspersky TDSS-Killer

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.




Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________
--> Chrome öffnet Werbefenster vermutlich cloudfront

Alt 29.01.2017, 21:00   #7
karstellos
 
Chrome öffnet Werbefenster vermutlich cloudfront - Standard

Chrome öffnet Werbefenster vermutlich cloudfront



Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2017.01.29.04
  rootkit: v2016.11.20.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.18537
Manfred G :: MANFRED-LAPTOP [administrator]

29.01.2017 19:14:28
mbar-log-2017-01-29 (19-14-28).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 453718
Time elapsed: 1 hour(s), 12 minute(s), 47 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         
Code:
ATTFilter
20:52:51.0894 0x1350  TDSS rootkit removing tool 3.1.0.12 Nov  7 2016 07:10:01
20:52:56.0288 0x1350  ============================================================
20:52:56.0288 0x1350  Current date / time: 2017/01/29 20:52:56.0287
20:52:56.0288 0x1350  SystemInfo:
20:52:56.0288 0x1350  
20:52:56.0288 0x1350  OS Version: 6.1.7601 ServicePack: 1.0
20:52:56.0288 0x1350  Product type: Workstation
20:52:56.0288 0x1350  ComputerName: MANFRED-LAPTOP
20:52:56.0288 0x1350  UserName: Manfred Grossardt
20:52:56.0288 0x1350  Windows directory: C:\Windows
20:52:56.0288 0x1350  System windows directory: C:\Windows
20:52:56.0288 0x1350  Running under WOW64
20:52:56.0288 0x1350  Processor architecture: Intel x64
20:52:56.0288 0x1350  Number of processors: 4
20:52:56.0288 0x1350  Page size: 0x1000
20:52:56.0288 0x1350  Boot type: Normal boot
20:52:56.0289 0x1350  CodeIntegrityOptions = 0x00000001
20:52:56.0289 0x1350  ============================================================
20:52:56.0889 0x1350  KLMD registered as C:\Windows\system32\drivers\67359319.sys
20:52:56.0889 0x1350  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.23572, osProperties = 0x1
20:52:57.0348 0x1350  System UUID: {A5834F9B-2B09-3066-F4CF-20E55F952F4F}
20:52:57.0907 0x1350  Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 ( 698.64 Gb ), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:52:57.0929 0x1350  ============================================================
20:52:57.0929 0x1350  \Device\Harddisk0\DR0:
20:52:57.0929 0x1350  MBR partitions:
20:52:57.0929 0x1350  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E00800, BlocksNum 0x32000
20:52:57.0929 0x1350  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1E32800, BlocksNum 0x55713000
20:52:57.0929 0x1350  ============================================================
20:52:57.0954 0x1350  C: <-> \Device\Harddisk0\DR0\Partition2
20:52:57.0954 0x1350  ============================================================
20:52:57.0954 0x1350  Initialize success
20:52:57.0955 0x1350  ============================================================
20:53:41.0296 0x13c0  ============================================================
20:53:41.0296 0x13c0  Scan started
20:53:41.0296 0x13c0  Mode: Manual; SigCheck; TDLFS; 
20:53:41.0296 0x13c0  ============================================================
20:53:41.0296 0x13c0  KSN ping started
20:53:41.0476 0x13c0  KSN ping finished: true
20:53:42.0200 0x13c0  ================ Scan system memory ========================
20:53:42.0200 0x13c0  System memory - ok
20:53:42.0201 0x13c0  ================ Scan services =============================
20:53:42.0386 0x13c0  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
20:53:42.0449 0x13c0  1394ohci - ok
20:53:42.0517 0x13c0  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
20:53:42.0564 0x13c0  ACPI - ok
20:53:42.0594 0x13c0  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
20:53:42.0605 0x13c0  AcpiPmi - ok
20:53:42.0758 0x13c0  [ A964C2D1F4C6AE9B0F74C551D333D456, B58F9F14443C27B59BCC81F68E7970AD67619D2B83756D3C4D6C4CFBFD1411A4 ] AcrSch2Svc      C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
20:53:42.0788 0x13c0  AcrSch2Svc - ok
20:53:42.0889 0x13c0  [ 013697369EAFFA675D0671607F036020, 65611C775AC4681E46A6565E5A7A4FF3363C66EBDC98C4C58AFB365D40BE23B6 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:53:42.0911 0x13c0  AdobeARMservice - ok
20:53:43.0056 0x13c0  [ CA363F172E1978FD155764F2840B0BE8, CB14E2C94ABB8C8809F4E96472F6D1A9A3A0860217631F592E0F62F043165575 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:53:43.0088 0x13c0  AdobeFlashPlayerUpdateSvc - ok
20:53:43.0167 0x13c0  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
20:53:43.0207 0x13c0  adp94xx - ok
20:53:43.0219 0x13c0  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
20:53:43.0245 0x13c0  adpahci - ok
20:53:43.0264 0x13c0  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
20:53:43.0276 0x13c0  adpu320 - ok
20:53:43.0312 0x13c0  [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
20:53:43.0323 0x13c0  AeLookupSvc - ok
20:53:43.0387 0x13c0  [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD             C:\Windows\system32\drivers\afd.sys
20:53:43.0437 0x13c0  AFD - ok
20:53:43.0454 0x13c0  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
20:53:43.0463 0x13c0  agp440 - ok
20:53:43.0494 0x13c0  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
20:53:43.0507 0x13c0  ALG - ok
20:53:43.0547 0x13c0  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
20:53:43.0557 0x13c0  aliide - ok
20:53:43.0571 0x13c0  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
20:53:43.0580 0x13c0  amdide - ok
20:53:43.0599 0x13c0  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
20:53:43.0613 0x13c0  AmdK8 - ok
20:53:43.0619 0x13c0  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
20:53:43.0631 0x13c0  AmdPPM - ok
20:53:43.0647 0x13c0  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
20:53:43.0659 0x13c0  amdsata - ok
20:53:43.0674 0x13c0  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
20:53:43.0689 0x13c0  amdsbs - ok
20:53:43.0706 0x13c0  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
20:53:43.0716 0x13c0  amdxata - ok
20:53:43.0772 0x13c0  [ FCE5C79717A487BDC71F3DEC78A684CA, F5520F112A4EBDD10444AA5E9FDB9125219FCF768FEB95AB608BC84D60136816 ] AppID           C:\Windows\system32\drivers\appid.sys
20:53:43.0786 0x13c0  AppID - ok
20:53:43.0805 0x13c0  [ 8921E1D8AE5171691F186A7C5B98B630, 4A37313BB94D4B49D0294C9439AD0793DE328F9F4DA1C47E34E6ACEA46AF6E14 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
20:53:43.0816 0x13c0  AppIDSvc - ok
20:53:43.0855 0x13c0  [ DE23E052E557580674785CDF45B613F3, A955ADC6CC7D816BA7CE1065F911E7A3295A1908C22BE0A3C506C38CFEE8DE0D ] Appinfo         C:\Windows\System32\appinfo.dll
20:53:43.0866 0x13c0  Appinfo - ok
20:53:44.0023 0x13c0  [ 7D811EA7A2AAA49B0446D42CBC1CD338, AFECE5E44E48F756C7EB81D95C9237552AF8A9C02CBE756E0F3D3C6524DE49AD ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:53:44.0047 0x13c0  Apple Mobile Device Service - ok
20:53:44.0073 0x13c0  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
20:53:44.0086 0x13c0  arc - ok
20:53:44.0092 0x13c0  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
20:53:44.0105 0x13c0  arcsas - ok
20:53:44.0195 0x13c0  [ EE424A5CE56E3923D59BB7DE2E15036D, 8B8196870EFE74D43EDA72674021A46846D370E97A6A058134D84A721AECD091 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
20:53:44.0226 0x13c0  aspnet_state - ok
20:53:44.0266 0x13c0  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
20:53:44.0317 0x13c0  AsyncMac - ok
20:53:44.0381 0x13c0  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
20:53:44.0391 0x13c0  atapi - ok
20:53:44.0521 0x13c0  [ E642491F64E58CD5BC8FB8B347DCF65F, D457175EF3A0552CEA3DA78E7116D54BC2BF157857A8B764597B51FB4E29C033 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
20:53:44.0627 0x13c0  athr - ok
20:53:44.0717 0x13c0  [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:53:44.0771 0x13c0  AudioEndpointBuilder - ok
20:53:44.0802 0x13c0  [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
20:53:44.0826 0x13c0  AudioSrv - ok
20:53:44.0869 0x13c0  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
20:53:44.0884 0x13c0  AxInstSV - ok
20:53:44.0923 0x13c0  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
20:53:44.0944 0x13c0  b06bdrv - ok
20:53:44.0992 0x13c0  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
20:53:45.0008 0x13c0  b57nd60a - ok
20:53:45.0035 0x13c0  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
20:53:45.0046 0x13c0  BDESVC - ok
20:53:45.0065 0x13c0  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
20:53:45.0090 0x13c0  Beep - ok
20:53:45.0150 0x13c0  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
20:53:45.0188 0x13c0  BFE - ok
20:53:45.0237 0x13c0  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
20:53:45.0315 0x13c0  BITS - ok
20:53:45.0346 0x13c0  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
20:53:45.0355 0x13c0  blbdrive - ok
20:53:45.0422 0x13c0  [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:53:45.0437 0x13c0  Bonjour Service - ok
20:53:45.0470 0x13c0  [ ABA3984C822E4D3F889699912D85D6C5, 2251FA135CC290DA13DAE4743F393C7CC9E6A737C054707CB8D72C369D1FFACB ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
20:53:45.0488 0x13c0  bowser - ok
20:53:45.0513 0x13c0  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
20:53:45.0525 0x13c0  BrFiltLo - ok
20:53:45.0532 0x13c0  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
20:53:45.0544 0x13c0  BrFiltUp - ok
20:53:45.0582 0x13c0  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
20:53:45.0597 0x13c0  Browser - ok
20:53:45.0622 0x13c0  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
20:53:45.0640 0x13c0  Brserid - ok
20:53:45.0656 0x13c0  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
20:53:45.0671 0x13c0  BrSerWdm - ok
20:53:45.0674 0x13c0  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
20:53:45.0689 0x13c0  BrUsbMdm - ok
20:53:45.0694 0x13c0  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
20:53:45.0705 0x13c0  BrUsbSer - ok
20:53:45.0772 0x13c0  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
20:53:45.0801 0x13c0  BthEnum - ok
20:53:45.0824 0x13c0  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
20:53:45.0843 0x13c0  BTHMODEM - ok
20:53:45.0876 0x13c0  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
20:53:45.0889 0x13c0  BthPan - ok
20:53:45.0937 0x13c0  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
20:53:45.0960 0x13c0  BTHPORT - ok
20:53:45.0992 0x13c0  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
20:53:46.0041 0x13c0  bthserv - ok
20:53:46.0103 0x13c0  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
20:53:46.0114 0x13c0  BTHUSB - ok
20:53:46.0144 0x13c0  [ 4E4F563F17A6D75D4CBD677470DAFAEE, 657F9D782161ABD8DD7E5E24C3FBCCF2020DA667906519A6BA6CF439BD38A662 ] btwampfl        C:\Windows\system32\drivers\btwampfl.sys
20:53:46.0181 0x13c0  btwampfl - ok
20:53:46.0221 0x13c0  [ 409C4117E6027672EF41E68ACE1468AD, 8FB0A11E5147EEB245527E68FCD8FEC4BF5DC820BA1F99F983CDA10829DB4F5D ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys
20:53:46.0234 0x13c0  btwaudio - ok
20:53:46.0253 0x13c0  [ 8CA7CABD13316ABACE386D9F380B4CF3, 6BB8142760E3440543991A6C2A2B5CB7450E7936C9A9F9038622AAC0D79C7667 ] btwavdt         C:\Windows\system32\DRIVERS\btwavdt.sys
20:53:46.0266 0x13c0  btwavdt - ok
20:53:46.0336 0x13c0  [ E17A930E8803F0260300B88AF22F5607, DD7E1DE914C3238B70AE8F8D96CA18CDF432BACB12E800BE6689A8AF62676D54 ] btwdins         C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
20:53:46.0363 0x13c0  btwdins - ok
20:53:46.0401 0x13c0  [ 41933521A618475644B6E8D8487AF326, A50D6CF096E45E4EA2491D61CFE165C8C8A8956E699519C4314918DE1FD31056 ] BTWDPAN         C:\Windows\system32\DRIVERS\btwdpan.sys
20:53:46.0409 0x13c0  BTWDPAN - ok
20:53:46.0427 0x13c0  [ B9354F9F111C64F2495B60F1E24CB453, 67B3F5867B00F84832EF5AD649D817D27B3F200351C7C53579A63D30F8E2BFDD ] btwl2cap        C:\Windows\system32\DRIVERS\btwl2cap.sys
20:53:46.0437 0x13c0  btwl2cap - ok
20:53:46.0454 0x13c0  [ 71A04F2D9DEB21B162561EB574D7D629, C4E477F38CA3C76A966DA9145ABA55EE316BDEC84FE647DB06BCB1604EFE1A94 ] btwrchid        C:\Windows\system32\DRIVERS\btwrchid.sys
20:53:46.0460 0x13c0  btwrchid - ok
20:53:46.0485 0x13c0  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
20:53:46.0513 0x13c0  cdfs - ok
20:53:46.0560 0x13c0  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
20:53:46.0572 0x13c0  cdrom - ok
20:53:46.0617 0x13c0  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
20:53:46.0643 0x13c0  CertPropSvc - ok
20:53:46.0662 0x13c0  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
20:53:46.0677 0x13c0  circlass - ok
20:53:46.0734 0x13c0  [ 3D67C27DD17B254D7915FA16A5AE3573, 5B3A6C6A7F940C06362775DAF13CEADA37C7AA84A509458A57C23B4369970A90 ] CLFS            C:\Windows\system32\CLFS.sys
20:53:46.0764 0x13c0  CLFS - ok
20:53:46.0843 0x13c0  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:53:46.0873 0x13c0  clr_optimization_v2.0.50727_32 - ok
20:53:46.0929 0x13c0  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:53:46.0956 0x13c0  clr_optimization_v2.0.50727_64 - ok
20:53:47.0030 0x13c0  [ 5BAF4F1296D4D91FC28560CDB4C37C4B, ACA4BC57ED1F8432F18F0F215EC7FF956BAEF6E02760779E264E4008A979E9DD ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:53:47.0057 0x13c0  clr_optimization_v4.0.30319_32 - ok
20:53:47.0076 0x13c0  [ 569B54004A7E85A74FD92841DE6058E2, 58949313D0F6B1C06359B2F3C68E29940B1655A17E93FFC3718F6D2EAE1633E4 ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:53:47.0088 0x13c0  clr_optimization_v4.0.30319_64 - ok
20:53:47.0123 0x13c0  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
20:53:47.0132 0x13c0  CmBatt - ok
20:53:47.0175 0x13c0  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
20:53:47.0197 0x13c0  cmdide - ok
20:53:47.0252 0x13c0  [ A98CED39AD91B445E2E442A9BD67E8B4, B4189DEEF1C0EE22AE983119047B1A40FFDD8F3E163DFFABD7C2706231B0B1B0 ] CNG             C:\Windows\system32\Drivers\cng.sys
20:53:47.0297 0x13c0  CNG - ok
20:53:47.0406 0x13c0  [ F25CC829AE04E64326B0772D8D1CC27C, CFA98417AA80FAEE938A94432ECA308BE1AC4248344931FDA474CCD27B156D83 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
20:53:47.0529 0x13c0  CnxtHdAudService - ok
20:53:47.0584 0x13c0  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
20:53:47.0595 0x13c0  Compbatt - ok
20:53:47.0630 0x13c0  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
20:53:47.0646 0x13c0  CompositeBus - ok
20:53:47.0661 0x13c0  COMSysApp - ok
20:53:47.0682 0x13c0  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
20:53:47.0692 0x13c0  crcdisk - ok
20:53:47.0747 0x13c0  [ 2C6632CECFDBBE793FDA8AF9CA55A9CC, 335188515F798483660E529204A13012E4D21B0ECA489224A11C26F91A5B3CCE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
20:53:47.0767 0x13c0  CryptSvc - ok
20:53:47.0789 0x13c0  [ 9D0D050170D47E778B624A28C90F23DE, 48528AA9EB0C9FB5086D992EF1F9556C8249D267C2E3D4E681D5C8B6BC316C71 ] CxAudMsg        C:\Windows\system32\CxAudMsg64.exe
20:53:47.0802 0x13c0  CxAudMsg - ok
20:53:47.0844 0x13c0  [ 7AF9DAC504FBD047CBC3E64AE52C92BF, CA8F9564733DED4C3895CF7150BB254995D66889E6BE08D6654E4F897E4FF7A4 ] dc3d            C:\Windows\system32\DRIVERS\dc3d.sys
20:53:47.0871 0x13c0  dc3d - ok
20:53:47.0920 0x13c0  [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] DcomLaunch      C:\Windows\system32\rpcss.dll
20:53:47.0946 0x13c0  DcomLaunch - ok
20:53:47.0971 0x13c0  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
20:53:48.0004 0x13c0  defragsvc - ok
20:53:48.0059 0x13c0  [ 9B38580063D281A99E68EF5813022A5F, D91676B0E0A8E2A090E3E5DD340ABCFC20AE0F55B4C82869D6CFB34239BD27DA ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
20:53:48.0081 0x13c0  DfsC - ok
20:53:48.0116 0x13c0  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
20:53:48.0139 0x13c0  Dhcp - ok
20:53:48.0288 0x13c0  [ EE9954237F15BE4DD9304D12E4D305ED, F295C9BAF20F0E669B673AFCC16B4969EE31B6A3808980DAB93D9B0F167DA3C0 ] DiagTrack       C:\Windows\system32\diagtrack.dll
20:53:48.0385 0x13c0  DiagTrack - ok
20:53:48.0421 0x13c0  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
20:53:48.0468 0x13c0  discache - ok
20:53:48.0528 0x13c0  [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk            C:\Windows\system32\drivers\disk.sys
20:53:48.0552 0x13c0  Disk - ok
20:53:48.0599 0x13c0  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
20:53:48.0621 0x13c0  Dnscache - ok
20:53:48.0645 0x13c0  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
20:53:48.0682 0x13c0  dot3svc - ok
20:53:48.0699 0x13c0  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
20:53:48.0729 0x13c0  DPS - ok
20:53:48.0788 0x13c0  [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
20:53:48.0824 0x13c0  drmkaud - ok
20:53:48.0941 0x13c0  [ 9DD3A22F804697606C2B7FF9E912FF6B, BBE2FC0D554030BA9E3A96CC4A360D61DBCCAA1D81BD7547809F29A3AF0B3A25 ] DsiWMIService   C:\Program Files (x86)\Launch Manager\dsiwmis.exe
20:53:48.0971 0x13c0  DsiWMIService - ok
20:53:49.0045 0x13c0  [ 3A9D7D464BDB3B70D7ECF689ADABBD4D, B4F5B23705EA1BA453FE30791CA245E1A5F7FBEABAD026E4A8A15A9FC44E8C9C ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
20:53:49.0098 0x13c0  DXGKrnl - ok
20:53:49.0152 0x13c0  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
20:53:49.0210 0x13c0  EapHost - ok
20:53:49.0354 0x13c0  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
20:53:49.0520 0x13c0  ebdrv - ok
20:53:49.0675 0x13c0  [ 1F9335A2C68B65E7D95985FA50968EA0, A0918C943F9CF5C6DB9440222B8E3B0DD645068B44E18253F275509550C0DF4D ] EFS             C:\Windows\System32\lsass.exe
20:53:49.0729 0x13c0  EFS - ok
20:53:49.0798 0x13c0  [ 5332EC2BA1C112BD4BB1F38127848FEF, 156585CE4011546B20EDD20D04E639A0788B1DE6455B23B94E2CD31BA725FE3C ] EgisTec Ticket Service C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
20:53:49.0818 0x13c0  EgisTec Ticket Service - ok
20:53:49.0900 0x13c0  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
20:53:49.0951 0x13c0  ehRecvr - ok
20:53:49.0958 0x13c0  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
20:53:49.0970 0x13c0  ehSched - ok
20:53:50.0029 0x13c0  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
20:53:50.0050 0x13c0  elxstor - ok
20:53:50.0141 0x13c0  [ FBD1E925964E3EDA858DA89F77B2E796, A463221A39AA8ECA5A996FB2EEC8D4D34548D105AE53EFC03C3245359DA07B53 ] ePowerSvc       C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
20:53:50.0165 0x13c0  ePowerSvc - ok
20:53:50.0258 0x13c0  [ D315FF43E23DF424ECEC2F6C930203E4, 68940EDA34DC4945CDD0D8018D96A0DA8F99F16A930946D14E4FECEE033FCB80 ] EpsonScanSvc    C:\Windows\system32\EscSvc64.exe
20:53:50.0285 0x13c0  EpsonScanSvc - ok
20:53:50.0333 0x13c0  [ 86032A47AD0105130FE7808C903E2086, ACCCA35483B7E8F9FC72A65031E024C469DF94FCCF2C5CC37C9B3BED4F1C676E ] EPSON_PM_RPCV4_06 C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE
20:53:50.0343 0x13c0  EPSON_PM_RPCV4_06 - ok
20:53:50.0362 0x13c0  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
20:53:50.0372 0x13c0  ErrDev - ok
20:53:50.0428 0x13c0  [ DBAA0C650C9549DC5C599D1E81DEDAAD, C8DF68CDACEF27C91CFD1FE8032A8DAF830D9E77C573C25DE5D41FC3DB824ABA ] ETD             C:\Windows\system32\DRIVERS\ETD.sys
20:53:50.0439 0x13c0  ETD - ok
20:53:50.0492 0x13c0  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
20:53:50.0532 0x13c0  EventSystem - ok
20:53:50.0671 0x13c0  [ 54FC81B0162478A72A93DBBEAFB35671, 1C0FA242E81105E2BB839ED32119DAF012FA4A3DB5D0E079350449CBB0CBF033 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
20:53:50.0707 0x13c0  EvtEng - ok
20:53:50.0736 0x13c0  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
20:53:50.0767 0x13c0  exfat - ok
20:53:50.0784 0x13c0  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
20:53:50.0815 0x13c0  fastfat - ok
20:53:50.0874 0x13c0  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
20:53:50.0921 0x13c0  Fax - ok
20:53:50.0936 0x13c0  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
20:53:50.0945 0x13c0  fdc - ok
20:53:50.0986 0x13c0  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
20:53:51.0043 0x13c0  fdPHost - ok
20:53:51.0058 0x13c0  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
20:53:51.0090 0x13c0  FDResPub - ok
20:53:51.0102 0x13c0  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
20:53:51.0112 0x13c0  FileInfo - ok
20:53:51.0128 0x13c0  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
20:53:51.0155 0x13c0  Filetrace - ok
20:53:51.0208 0x13c0  [ BB0667B0171B632B97EA759515476F07, 07A123B2182D5813D2898928C231638353CF086606E9D5A5AF4A2A73E17CEC27 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
20:53:51.0232 0x13c0  FLEXnet Licensing Service - ok
20:53:51.0247 0x13c0  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
20:53:51.0256 0x13c0  flpydisk - ok
20:53:51.0278 0x13c0  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
20:53:51.0290 0x13c0  FltMgr - ok
20:53:51.0403 0x13c0  [ 700A5373FA66F1DAAECBD2CFB88C73ED, D6C1C4C846BC24EB6539ECC701A456FA53BB6679C79391F5B70580D47B6CE395 ] FontCache       C:\Windows\system32\FntCache.dll
20:53:51.0462 0x13c0  FontCache - ok
20:53:51.0513 0x13c0  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:53:51.0536 0x13c0  FontCache3.0.0.0 - ok
20:53:51.0558 0x13c0  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
20:53:51.0573 0x13c0  FsDepends - ok
20:53:51.0610 0x13c0  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
20:53:51.0623 0x13c0  Fs_Rec - ok
20:53:51.0684 0x13c0  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
20:53:51.0707 0x13c0  fvevol - ok
20:53:51.0738 0x13c0  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
20:53:51.0753 0x13c0  gagp30kx - ok
20:53:51.0796 0x13c0  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:53:51.0806 0x13c0  GEARAspiWDM - ok
20:53:51.0880 0x13c0  [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] gpsvc           C:\Windows\System32\gpsvc.dll
20:53:51.0925 0x13c0  gpsvc - ok
20:53:52.0001 0x13c0  [ C9B2D1D3F86FD3673EF847DEF73B6F9E, 9D3822A6464F685F770F8D02A8AE623A676888F135E8425C3BAF1CC077429A7F ] GREGService     C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
20:53:52.0020 0x13c0  GREGService - ok
20:53:52.0150 0x13c0  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:53:52.0176 0x13c0  gupdate - ok
20:53:52.0184 0x13c0  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:53:52.0195 0x13c0  gupdatem - ok
20:53:52.0243 0x13c0  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
20:53:52.0268 0x13c0  hcw85cir - ok
20:53:52.0301 0x13c0  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:53:52.0331 0x13c0  HdAudAddService - ok
20:53:52.0370 0x13c0  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
20:53:52.0384 0x13c0  HDAudBus - ok
20:53:52.0396 0x13c0  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
20:53:52.0406 0x13c0  HidBatt - ok
20:53:52.0421 0x13c0  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
20:53:52.0437 0x13c0  HidBth - ok
20:53:52.0446 0x13c0  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
20:53:52.0460 0x13c0  HidIr - ok
20:53:52.0487 0x13c0  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
20:53:52.0518 0x13c0  hidserv - ok
20:53:52.0563 0x13c0  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
20:53:52.0594 0x13c0  HidUsb - ok
20:53:52.0615 0x13c0  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
20:53:52.0659 0x13c0  hkmsvc - ok
20:53:52.0679 0x13c0  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:53:52.0698 0x13c0  HomeGroupListener - ok
20:53:52.0726 0x13c0  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:53:52.0740 0x13c0  HomeGroupProvider - ok
20:53:52.0757 0x13c0  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
20:53:52.0766 0x13c0  HpSAMD - ok
20:53:52.0843 0x13c0  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
20:53:52.0912 0x13c0  HTTP - ok
20:53:52.0931 0x13c0  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
20:53:52.0938 0x13c0  hwpolicy - ok
20:53:52.0950 0x13c0  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
20:53:52.0962 0x13c0  i8042prt - ok
20:53:53.0015 0x13c0  [ 2FDAEC4B02729C48C0FD1B0B4695995B, 87331D91FA3A23257B9913067B7B16D08710408070795B638058DBF728BBB288 ] iaStor          C:\Windows\system32\drivers\iaStor.sys
20:53:53.0032 0x13c0  iaStor - ok
20:53:53.0101 0x13c0  [ D41861E56E7552C13674D7F147A02464, A361AE723FEEFD8D34D259F667ED14EEEC3B8ED6458522AC5D50C08E281B298B ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
20:53:53.0113 0x13c0  IAStorDataMgrSvc - ok
20:53:53.0153 0x13c0  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
20:53:53.0177 0x13c0  iaStorV - ok
20:53:53.0314 0x13c0  [ D3090576412EC63E0C6271D8B0974D73, 0E7EB7818FE248DCA5FE6CDFBD540A862B39E0A88609141FB3D7D1F82E0521D6 ] IconMan_R       C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
20:53:53.0421 0x13c0  IconMan_R - ok
20:53:53.0511 0x13c0  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:53:53.0557 0x13c0  idsvc - ok
20:53:53.0586 0x13c0  IEEtwCollectorService - ok
20:53:53.0981 0x13c0  [ 9937600A1584FF00565D5379EB4C9EDB, CF03333E9E7BD940B27194A9CF21ED8A6A10B698B545A898291976F650FC2675 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
20:53:54.0406 0x13c0  igfx - ok
20:53:54.0458 0x13c0  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
20:53:54.0468 0x13c0  iirsp - ok
20:53:54.0520 0x13c0  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
20:53:54.0580 0x13c0  IKEEXT - ok
20:53:54.0621 0x13c0  [ CADDF0927DAC63EDAE48F5C35A61D87D, C46006461311B1563C1D149B9D60B202F30147265B9D93069B084D03A09D2BEC ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
20:53:54.0630 0x13c0  intaud_WaveExtensible - ok
20:53:54.0676 0x13c0  [ FC727061C0F47C8059E88E05D5C8E381, C7A3782F5D86C7FDE57AA1F2EE81638C5FC3072ACC6E572BA2EC7B3CFF389800 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
20:53:54.0695 0x13c0  IntcDAud - ok
20:53:54.0739 0x13c0  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
20:53:54.0748 0x13c0  intelide - ok
20:53:54.0784 0x13c0  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
20:53:54.0797 0x13c0  intelppm - ok
20:53:54.0839 0x13c0  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
20:53:54.0873 0x13c0  IPBusEnum - ok
20:53:54.0890 0x13c0  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:53:54.0917 0x13c0  IpFilterDriver - ok
20:53:54.0987 0x13c0  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
20:53:55.0040 0x13c0  iphlpsvc - ok
20:53:55.0046 0x13c0  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
20:53:55.0058 0x13c0  IPMIDRV - ok
20:53:55.0064 0x13c0  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
20:53:55.0095 0x13c0  IPNAT - ok
20:53:55.0201 0x13c0  [ C37FAF1F0CE458D124A326FC8A7FF08D, 0147897CDF6DC2AB7113672D2B62CB258303FB0482B084C23C2E7EFCDE0065B4 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
20:53:55.0231 0x13c0  iPod Service - ok
20:53:55.0253 0x13c0  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
20:53:55.0268 0x13c0  IRENUM - ok
20:53:55.0277 0x13c0  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
20:53:55.0285 0x13c0  isapnp - ok
20:53:55.0329 0x13c0  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
20:53:55.0346 0x13c0  iScsiPrt - ok
20:53:55.0389 0x13c0  [ 716F66336F10885D935B08174DC54242, 1992708956A2A45A8870CFCB532F3ABF24B1143B75EF32AB1F59D5D86E65F493 ] iwdbus          C:\Windows\system32\DRIVERS\iwdbus.sys
20:53:55.0398 0x13c0  iwdbus - ok
20:53:55.0422 0x13c0  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
20:53:55.0432 0x13c0  kbdclass - ok
20:53:55.0463 0x13c0  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
20:53:55.0474 0x13c0  kbdhid - ok
20:53:55.0491 0x13c0  [ 1F9335A2C68B65E7D95985FA50968EA0, A0918C943F9CF5C6DB9440222B8E3B0DD645068B44E18253F275509550C0DF4D ] KeyIso          C:\Windows\system32\lsass.exe
20:53:55.0502 0x13c0  KeyIso - ok
20:53:55.0539 0x13c0  [ 6F5F0C6160EF237F0243C1E416EEBA98, 8BA8AA0D71350A74E294A731226B1638C6059013D645ABDE7188F7733E320FBD ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
20:53:55.0551 0x13c0  KSecDD - ok
20:53:55.0571 0x13c0  [ 05529E53B286FD60E7EF04EF138CABFD, 6C045750DCD3EE76F748582513AD4FA99C0E8E56B616725CD48DCA1068FF8923 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
20:53:55.0585 0x13c0  KSecPkg - ok
20:53:55.0601 0x13c0  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
20:53:55.0634 0x13c0  ksthunk - ok
20:53:55.0673 0x13c0  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
20:53:55.0714 0x13c0  KtmRm - ok
20:53:55.0756 0x13c0  [ EBED8B3FF4A823C1A6EEBEED7B29353F, 0942200EEDEDA1FF4E634CDC5182D8EDC9BC9F66E89A5DAB8DF82C3FBB2F0D59 ] L1C             C:\Windows\system32\DRIVERS\L1C62x64.sys
20:53:55.0765 0x13c0  L1C - ok
20:53:55.0812 0x13c0  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
20:53:55.0849 0x13c0  LanmanServer - ok
20:53:55.0880 0x13c0  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:53:55.0910 0x13c0  LanmanWorkstation - ok
20:53:55.0972 0x13c0  [ B705C7097F9A0EC941D02DCE7C7D426C, 1A137BEA25BF7BA1EF190212CD6E556B53293D6388E9F7E790BF53F641F3CF89 ] Live Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
20:53:55.0993 0x13c0  Live Updater Service - ok
20:53:56.0031 0x13c0  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
20:53:56.0063 0x13c0  lltdio - ok
20:53:56.0091 0x13c0  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
20:53:56.0125 0x13c0  lltdsvc - ok
20:53:56.0144 0x13c0  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
20:53:56.0171 0x13c0  lmhosts - ok
20:53:56.0249 0x13c0  [ D75C4B4A8FE6D7FD74A7EECDBAEC729F, 9BB0A3BE7CCDF62CF0A67CB67019364965F6567BE29BA6D153B8E36F88058302 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
20:53:56.0265 0x13c0  LMS - ok
20:53:56.0306 0x13c0  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
20:53:56.0316 0x13c0  LSI_FC - ok
20:53:56.0332 0x13c0  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
20:53:56.0342 0x13c0  LSI_SAS - ok
20:53:56.0352 0x13c0  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
20:53:56.0361 0x13c0  LSI_SAS2 - ok
20:53:56.0379 0x13c0  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
20:53:56.0390 0x13c0  LSI_SCSI - ok
20:53:56.0414 0x13c0  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
20:53:56.0442 0x13c0  luafv - ok
20:53:56.0464 0x13c0  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
20:53:56.0475 0x13c0  Mcx2Svc - ok
20:53:56.0485 0x13c0  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
20:53:56.0493 0x13c0  megasas - ok
20:53:56.0523 0x13c0  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
20:53:56.0538 0x13c0  MegaSR - ok
20:53:56.0572 0x13c0  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\Windows\system32\drivers\HECIx64.sys
20:53:56.0578 0x13c0  MEIx64 - ok
20:53:56.0595 0x13c0  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
20:53:56.0623 0x13c0  MMCSS - ok
20:53:56.0642 0x13c0  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
20:53:56.0666 0x13c0  Modem - ok
20:53:56.0685 0x13c0  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
20:53:56.0694 0x13c0  monitor - ok
20:53:56.0707 0x13c0  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
20:53:56.0716 0x13c0  mouclass - ok
20:53:56.0740 0x13c0  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
20:53:56.0750 0x13c0  mouhid - ok
20:53:56.0792 0x13c0  [ 8ADB5445B29941CB41AF2846FD5C93C7, 689582430FE29EC0845B1DB841D3CC49D5D09DE264586E3999EEFE616986D12B ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
20:53:56.0800 0x13c0  mountmgr - ok
20:53:56.0814 0x13c0  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
20:53:56.0826 0x13c0  mpio - ok
20:53:56.0838 0x13c0  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
20:53:56.0866 0x13c0  mpsdrv - ok
20:53:56.0912 0x13c0  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
20:53:56.0952 0x13c0  MpsSvc - ok
20:53:56.0992 0x13c0  [ 98DB1790F0A584E0A2528B92B052417F, 9AA04CA73AFE599810CD233B9CEC212E16D44DCEDF5C7D0181C7257F498068B5 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
20:53:57.0021 0x13c0  MRxDAV - ok
20:53:57.0054 0x13c0  [ 632E8A00090E4F85F304E152C92C7F2C, A3098941251A8327C95E6B1122384D54FB0ED705A9215577D968EA5B5FD88C87 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
20:53:57.0067 0x13c0  mrxsmb - ok
20:53:57.0108 0x13c0  [ 0D9C05484F2F4BD9D33A615D5DBE67EA, 1E164B631B1CD85DD5B205284CB547B189609946490AAABD22741743BFB413DF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:53:57.0125 0x13c0  mrxsmb10 - ok
20:53:57.0142 0x13c0  [ 6123E6FECC1C164022868FB1982271BE, 417E6C7AFF8B014B31AFCC202B0DCEECBDBB73205DF8C3EFC7E313664E284178 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:53:57.0154 0x13c0  mrxsmb20 - ok
20:53:57.0190 0x13c0  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
20:53:57.0199 0x13c0  msahci - ok
20:53:57.0229 0x13c0  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
20:53:57.0240 0x13c0  msdsm - ok
20:53:57.0256 0x13c0  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
20:53:57.0270 0x13c0  MSDTC - ok
20:53:57.0291 0x13c0  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
20:53:57.0355 0x13c0  Msfs - ok
20:53:57.0402 0x13c0  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
20:53:57.0459 0x13c0  mshidkmdf - ok
20:53:57.0482 0x13c0  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
20:53:57.0491 0x13c0  msisadrv - ok
20:53:57.0520 0x13c0  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
20:53:57.0554 0x13c0  MSiSCSI - ok
20:53:57.0558 0x13c0  msiserver - ok
20:53:57.0582 0x13c0  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
20:53:57.0610 0x13c0  MSKSSRV - ok
20:53:57.0637 0x13c0  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
20:53:57.0663 0x13c0  MSPCLOCK - ok
20:53:57.0671 0x13c0  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
20:53:57.0696 0x13c0  MSPQM - ok
20:53:57.0723 0x13c0  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
20:53:57.0740 0x13c0  MsRPC - ok
20:53:57.0749 0x13c0  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
20:53:57.0757 0x13c0  mssmbios - ok
20:53:57.0784 0x13c0  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
20:53:57.0809 0x13c0  MSTEE - ok
20:53:57.0821 0x13c0  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
20:53:57.0830 0x13c0  MTConfig - ok
20:53:57.0848 0x13c0  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
20:53:57.0858 0x13c0  Mup - ok
20:53:57.0872 0x13c0  [ C009123B206C56854F4E88596035231D, 670403A40B425F77C90ECB048A0C8BC11FB19E40A8CECC2C3DCF79175B745863 ] mwlPSDFilter    C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
20:53:57.0879 0x13c0  mwlPSDFilter - ok
20:53:57.0908 0x13c0  [ BF3739EEB9F008B1DEBAC115089A53F8, 8546AB69087656259BBE17D6F80F4AB164B04171673CE2BF9FFD1B5C9584E9A4 ] mwlPSDNServ     C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
20:53:57.0915 0x13c0  mwlPSDNServ - ok
20:53:57.0927 0x13c0  [ 38DD143D95E7A01B86F219DDA9C28779, 5FA8C0595CCF835DBCE1CC5322E8FD4BFB6DFB6CF869BB7CB73F919445D469AA ] mwlPSDVDisk     C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
20:53:57.0935 0x13c0  mwlPSDVDisk - ok
20:53:57.0982 0x13c0  [ 4BBB9D9C4DF259FAE2D172C5BB25DDD0, 165EE2AB6F989E8D48AA52121B608510E932106835DA43071CC6476630C012FE ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
20:53:58.0005 0x13c0  MyWiFiDHCPDNS - ok
20:53:58.0038 0x13c0  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
20:53:58.0078 0x13c0  napagent - ok
20:53:58.0127 0x13c0  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
20:53:58.0147 0x13c0  NativeWifiP - ok
20:53:58.0240 0x13c0  [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS            C:\Windows\system32\drivers\ndis.sys
20:53:58.0302 0x13c0  NDIS - ok
20:53:58.0333 0x13c0  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
20:53:58.0360 0x13c0  NdisCap - ok
20:53:58.0388 0x13c0  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
20:53:58.0415 0x13c0  NdisTapi - ok
20:53:58.0424 0x13c0  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
20:53:58.0449 0x13c0  Ndisuio - ok
20:53:58.0467 0x13c0  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
20:53:58.0496 0x13c0  NdisWan - ok
20:53:58.0507 0x13c0  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
20:53:58.0533 0x13c0  NDProxy - ok
20:53:58.0549 0x13c0  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
20:53:58.0576 0x13c0  NetBIOS - ok
20:53:58.0631 0x13c0  [ E47D571FEC2C76E867935109AB2A770C, F349D25890B6F476B106FD75BFB081DB737CA9B224D95E44927942FFF2DF82CD ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
20:53:58.0663 0x13c0  NetBT - ok
20:53:58.0675 0x13c0  [ 1F9335A2C68B65E7D95985FA50968EA0, A0918C943F9CF5C6DB9440222B8E3B0DD645068B44E18253F275509550C0DF4D ] Netlogon        C:\Windows\system32\lsass.exe
20:53:58.0686 0x13c0  Netlogon - ok
20:53:58.0725 0x13c0  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
20:53:58.0760 0x13c0  Netman - ok
20:53:58.0833 0x13c0  [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:53:58.0852 0x13c0  NetMsmqActivator - ok
20:53:58.0860 0x13c0  [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:53:58.0872 0x13c0  NetPipeActivator - ok
20:53:58.0885 0x13c0  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
20:53:58.0923 0x13c0  netprofm - ok
20:53:58.0929 0x13c0  [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:53:58.0939 0x13c0  NetTcpActivator - ok
20:53:58.0944 0x13c0  [ 0BEF1F19F32C9F3DBE9A503F2E66CC22, 4F4812CDDB675C5D655B5B90375F188A3A5AA52A2BC2CED383B03449CF8210C8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:53:58.0955 0x13c0  NetTcpPortSharing - ok
20:53:59.0317 0x13c0  [ AC69618DE5BCCE8747C9AB0AAE1003C1, D975963FA338AB58684BE0556633F3A846D5360FAD1A5E11BB7A273474DFB64D ] NETwNs64        C:\Windows\system32\DRIVERS\NETwNs64.sys
20:53:59.0640 0x13c0  NETwNs64 - ok
20:53:59.0681 0x13c0  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
20:53:59.0690 0x13c0  nfrd960 - ok
20:53:59.0737 0x13c0  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
20:53:59.0766 0x13c0  NlaSvc - ok
20:53:59.0783 0x13c0  nmwcd - ok
20:53:59.0792 0x13c0  nmwcdc - ok
20:53:59.0807 0x13c0  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
20:53:59.0851 0x13c0  Npfs - ok
20:53:59.0885 0x13c0  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
20:53:59.0914 0x13c0  nsi - ok
20:53:59.0928 0x13c0  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
20:53:59.0958 0x13c0  nsiproxy - ok
20:54:00.0050 0x13c0  [ 47B2D0B31BDC3EBE6090228E2BA3764D, 984A4B38300954164BCBF57EC1A09C18B53779E60A26E9618B50E26016735787 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
20:54:00.0124 0x13c0  Ntfs - ok
20:54:00.0174 0x13c0  [ 1873214666F6F0A883742DF91FBC48C9, DCF5382CE338D4B5B0C3A3B722A19B6C7BAB59EB7B266FEF04698B79070E2C4B ] NTI IScheduleSvc C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
20:54:00.0183 0x13c0  NTI IScheduleSvc - ok
20:54:00.0214 0x13c0  [ EE3BA1024594D5D09E314F206B94069E, 34C8EC3DF1C3088D8A0442CAA4F5506665AFB2DF016709457ED2AB7DA45F53A6 ] NTIDrvr         C:\Windows\system32\drivers\NTIDrvr.sys
20:54:00.0222 0x13c0  NTIDrvr - ok
20:54:00.0233 0x13c0  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
20:54:00.0264 0x13c0  Null - ok
20:54:00.0305 0x13c0  [ 0EBC9D13CD96C15B1B18D8678A609E4B, B10896DE16B0C102DFB3E73A6C11A1982C5B428015DAE1F8776BCEF94A0F75C6 ] nusb3hub        C:\Windows\system32\drivers\nusb3hub.sys
20:54:00.0314 0x13c0  nusb3hub - ok
20:54:00.0344 0x13c0  [ 7BDEC000D56D485021D9C1E63C2F81CA, 7F1303FD0371AF8715BFC38433B730C797170AEF10C7DB845B7B547DA8DBB5D5 ] nusb3xhc        C:\Windows\system32\drivers\nusb3xhc.sys
20:54:00.0369 0x13c0  nusb3xhc - ok
20:54:00.0723 0x13c0  [ 9B93CC9C70EDE60A9C486E7719DB9E8D, 8E31BE72797D3308D8AF136E9F4C6199BCF4592F88E9FEB361752FF768225EC9 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:54:01.0125 0x13c0  nvlddmkm - ok
20:54:01.0165 0x13c0  [ F76296368BB813E0C6996501A3271C7C, FA1C127F881C09C5066CB83A686AFD7A40D731922185EA4001A52ABA230FD812 ] nvpciflt        C:\Windows\system32\DRIVERS\nvpciflt.sys
20:54:01.0172 0x13c0  nvpciflt - ok
20:54:01.0210 0x13c0  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
20:54:01.0236 0x13c0  nvraid - ok
20:54:01.0266 0x13c0  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
20:54:01.0280 0x13c0  nvstor - ok
20:54:01.0372 0x13c0  [ FB50E60564ED30DDC855F0CE435C8467, C9A56D74F58739B8A069336FF5456FC5F3CE89371B8CFE8144B8D06A9C79C6AB ] NVSvc           C:\Windows\system32\nvvsvc.exe
20:54:01.0402 0x13c0  NVSvc - ok
20:54:01.0548 0x13c0  [ C63E582366EAD77978BFFD959A66DBB8, BBAC11300AFED29291A08EEC8A740DA67C8C003AF89D06F9E0671CCF0E7908A0 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
20:54:01.0586 0x13c0  nvUpdatusService - ok
20:54:01.0620 0x13c0  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
20:54:01.0631 0x13c0  nv_agp - ok
20:54:01.0657 0x13c0  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
20:54:01.0669 0x13c0  ohci1394 - ok
20:54:01.0708 0x13c0  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
20:54:01.0740 0x13c0  p2pimsvc - ok
20:54:01.0801 0x13c0  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
20:54:01.0864 0x13c0  p2psvc - ok
20:54:01.0889 0x13c0  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
20:54:01.0918 0x13c0  Parport - ok
20:54:01.0959 0x13c0  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
20:54:01.0986 0x13c0  partmgr - ok
20:54:02.0030 0x13c0  [ 3CD83692C43D87088E85E3C916146FFB, 9E812535E8FBA045FDA30F68E9EB2031132C37721D542A2DC9D4C33E2B137FCF ] PcaSvc          C:\Windows\System32\pcasvc.dll
20:54:02.0068 0x13c0  PcaSvc - ok
20:54:02.0138 0x13c0  [ BC0018C2D29F655188A0ED3FA94FDB24, BCF7F2CA5E30F569AEB69049BA3C196982C72EA7264CFBA59D7123041BA96E5A ] pccsmcfd        C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
20:54:02.0172 0x13c0  pccsmcfd - ok
20:54:02.0215 0x13c0  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
20:54:02.0241 0x13c0  pci - ok
20:54:02.0278 0x13c0  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
20:54:02.0295 0x13c0  pciide - ok
20:54:02.0326 0x13c0  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
20:54:02.0348 0x13c0  pcmcia - ok
20:54:02.0365 0x13c0  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
20:54:02.0379 0x13c0  pcw - ok
20:54:02.0442 0x13c0  [ EA4D67448BE493D543F1730D6CD04694, 24717C5E41B7CA522F3330EF2228B6685E710A5259396E9887A1C1E7A413F8CA ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
20:54:02.0499 0x13c0  PEAUTH - ok
20:54:02.0574 0x13c0  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
20:54:02.0603 0x13c0  PerfHost - ok
20:54:02.0689 0x13c0  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
20:54:02.0781 0x13c0  pla - ok
20:54:02.0826 0x13c0  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
20:54:02.0843 0x13c0  PlugPlay - ok
20:54:02.0855 0x13c0  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
20:54:02.0865 0x13c0  PNRPAutoReg - ok
20:54:02.0883 0x13c0  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
20:54:02.0897 0x13c0  PNRPsvc - ok
20:54:02.0945 0x13c0  [ 80D6B0563ED2BF10656B1D4748331082, B7E6B5E1148B7EE537E8D5C3A65450876B61CD45A395267D08699746E98AD574 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
20:54:02.0980 0x13c0  PolicyAgent - ok
20:54:02.0997 0x13c0  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
20:54:03.0027 0x13c0  Power - ok
20:54:03.0059 0x13c0  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
20:54:03.0086 0x13c0  PptpMiniport - ok
20:54:03.0121 0x13c0  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
20:54:03.0144 0x13c0  Processor - ok
20:54:03.0191 0x13c0  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
20:54:03.0233 0x13c0  ProfSvc - ok
20:54:03.0251 0x13c0  [ 1F9335A2C68B65E7D95985FA50968EA0, A0918C943F9CF5C6DB9440222B8E3B0DD645068B44E18253F275509550C0DF4D ] ProtectedStorage C:\Windows\system32\lsass.exe
20:54:03.0264 0x13c0  ProtectedStorage - ok
20:54:03.0282 0x13c0  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
20:54:03.0308 0x13c0  Psched - ok
20:54:03.0376 0x13c0  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
20:54:03.0443 0x13c0  ql2300 - ok
20:54:03.0469 0x13c0  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
20:54:03.0479 0x13c0  ql40xx - ok
20:54:03.0513 0x13c0  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
20:54:03.0532 0x13c0  QWAVE - ok
20:54:03.0537 0x13c0  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
20:54:03.0549 0x13c0  QWAVEdrv - ok
20:54:03.0564 0x13c0  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
20:54:03.0589 0x13c0  RasAcd - ok
20:54:03.0621 0x13c0  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
20:54:03.0648 0x13c0  RasAgileVpn - ok
20:54:03.0665 0x13c0  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
20:54:03.0694 0x13c0  RasAuto - ok
20:54:03.0710 0x13c0  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
20:54:03.0737 0x13c0  Rasl2tp - ok
20:54:03.0763 0x13c0  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
20:54:03.0799 0x13c0  RasMan - ok
20:54:03.0815 0x13c0  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
20:54:03.0844 0x13c0  RasPppoe - ok
20:54:03.0874 0x13c0  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
20:54:03.0901 0x13c0  RasSstp - ok
20:54:03.0921 0x13c0  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
20:54:03.0953 0x13c0  rdbss - ok
20:54:03.0965 0x13c0  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
20:54:03.0976 0x13c0  rdpbus - ok
20:54:03.0990 0x13c0  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
20:54:04.0015 0x13c0  RDPCDD - ok
20:54:04.0041 0x13c0  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
20:54:04.0066 0x13c0  RDPENCDD - ok
20:54:04.0080 0x13c0  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
20:54:04.0104 0x13c0  RDPREFMP - ok
20:54:04.0194 0x13c0  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
20:54:04.0231 0x13c0  RdpVideoMiniport - ok
20:54:04.0275 0x13c0  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
20:54:04.0300 0x13c0  RDPWD - ok
20:54:04.0323 0x13c0  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
20:54:04.0340 0x13c0  rdyboost - ok
20:54:04.0452 0x13c0  [ A436F5E7D80BBDBB0826D0F176D5BEA8, 7862CE61F182C7613E34415C01AC1C228F79A45470CFD1D316DF2BD24EE09E3C ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
20:54:04.0480 0x13c0  RegSrvc - ok
20:54:04.0528 0x13c0  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
20:54:04.0559 0x13c0  RemoteAccess - ok
20:54:04.0579 0x13c0  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
20:54:04.0611 0x13c0  RemoteRegistry - ok
20:54:04.0652 0x13c0  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
20:54:04.0688 0x13c0  RFCOMM - ok
20:54:04.0702 0x13c0  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
20:54:04.0732 0x13c0  RpcEptMapper - ok
20:54:04.0750 0x13c0  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
20:54:04.0760 0x13c0  RpcLocator - ok
20:54:04.0818 0x13c0  [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] RpcSs           C:\Windows\system32\rpcss.dll
20:54:04.0856 0x13c0  RpcSs - ok
20:54:04.0895 0x13c0  [ 6E5C3D18C3BCC72AA527DBC5FA61AB8F, DED50163906A86A55E299AAEE127B00EFCCEA7DF26AC962568C91935A13A1562 ] RSPCIESTOR      C:\Windows\system32\DRIVERS\RtsPStor.sys
20:54:04.0910 0x13c0  RSPCIESTOR - ok
20:54:04.0947 0x13c0  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
20:54:04.0974 0x13c0  rspndr - ok
20:54:05.0036 0x13c0  [ 7CB9F0FDD730F4A4ECF6CDE15EA12E8A, A6810A901620119E1809297A568DC903729471F4F4F813F1C60378E122D2358E ] RS_Service      C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
20:54:05.0052 0x13c0  RS_Service - ok
20:54:05.0062 0x13c0  [ 1F9335A2C68B65E7D95985FA50968EA0, A0918C943F9CF5C6DB9440222B8E3B0DD645068B44E18253F275509550C0DF4D ] SamSs           C:\Windows\system32\lsass.exe
20:54:05.0071 0x13c0  SamSs - ok
20:54:05.0088 0x13c0  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
20:54:05.0097 0x13c0  sbp2port - ok
20:54:05.0141 0x13c0  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
20:54:05.0196 0x13c0  SCardSvr - ok
20:54:05.0212 0x13c0  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
20:54:05.0237 0x13c0  scfilter - ok
20:54:05.0327 0x13c0  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
20:54:05.0407 0x13c0  Schedule - ok
20:54:05.0442 0x13c0  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
20:54:05.0474 0x13c0  SCPolicySvc - ok
20:54:05.0495 0x13c0  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
20:54:05.0510 0x13c0  SDRSVC - ok
20:54:05.0551 0x13c0  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
20:54:05.0582 0x13c0  secdrv - ok
20:54:05.0614 0x13c0  [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon        C:\Windows\system32\seclogon.dll
20:54:05.0653 0x13c0  seclogon - ok
20:54:05.0678 0x13c0  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
20:54:05.0737 0x13c0  SENS - ok
20:54:05.0741 0x13c0  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
20:54:05.0750 0x13c0  SensrSvc - ok
20:54:05.0759 0x13c0  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
20:54:05.0768 0x13c0  Serenum - ok
20:54:05.0795 0x13c0  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
20:54:05.0807 0x13c0  Serial - ok
20:54:05.0821 0x13c0  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
20:54:05.0830 0x13c0  sermouse - ok
20:54:05.0921 0x13c0  [ C2644DC3CAC06AFF97A9359632C9C175, F309745FFF84681315D87D4DA7DA8EF9BC6C54E154DA615B318B70E09A245B83 ] ServiceLayer    C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
20:54:05.0962 0x13c0  ServiceLayer - detected UnsignedFile.Multi.Generic ( 1 )
20:54:06.0094 0x13c0  Detect skipped due to KSN trusted
20:54:06.0094 0x13c0  ServiceLayer - ok
20:54:06.0144 0x13c0  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
20:54:06.0191 0x13c0  SessionEnv - ok
20:54:06.0209 0x13c0  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
20:54:06.0219 0x13c0  sffdisk - ok
20:54:06.0236 0x13c0  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
20:54:06.0247 0x13c0  sffp_mmc - ok
20:54:06.0257 0x13c0  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
20:54:06.0268 0x13c0  sffp_sd - ok
20:54:06.0277 0x13c0  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
20:54:06.0286 0x13c0  sfloppy - ok
20:54:06.0319 0x13c0  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
20:54:06.0354 0x13c0  SharedAccess - ok
20:54:06.0376 0x13c0  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:54:06.0411 0x13c0  ShellHWDetection - ok
20:54:06.0430 0x13c0  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
20:54:06.0438 0x13c0  SiSRaid2 - ok
20:54:06.0456 0x13c0  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
20:54:06.0466 0x13c0  SiSRaid4 - ok
20:54:06.0552 0x13c0  [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
20:54:06.0580 0x13c0  SkypeUpdate - ok
20:54:06.0609 0x13c0  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
20:54:06.0640 0x13c0  Smb - ok
20:54:06.0675 0x13c0  [ CFF741C18A4BD95824A19ED5E8DF4EF4, 968E5D290A11D886F3592AE3C90E9185384142EEC07BBC6033A1FD259FBAD409 ] snapman         C:\Windows\system32\DRIVERS\snapman.sys
20:54:06.0687 0x13c0  snapman - ok
20:54:06.0722 0x13c0  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
20:54:06.0732 0x13c0  SNMPTRAP - ok
20:54:06.0759 0x13c0  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
20:54:06.0767 0x13c0  spldr - ok
20:54:06.0814 0x13c0  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
20:54:06.0838 0x13c0  Spooler - ok
20:54:06.0972 0x13c0  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
20:54:07.0157 0x13c0  sppsvc - ok
20:54:07.0171 0x13c0  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
20:54:07.0200 0x13c0  sppuinotify - ok
20:54:07.0264 0x13c0  [ EC666682FE8344CF7E6ED69E74FA9F4F, DCD2A1C046425630689E2C9A6A6E356FE5A2A6664D12C20CFE236FCB32240DF9 ] srv             C:\Windows\system32\DRIVERS\srv.sys
20:54:07.0322 0x13c0  srv - ok
20:54:07.0351 0x13c0  [ E450C0318DCE8ED28ED272C8806B8495, D2FD459F8C5E42103EF2F71421FA175A4F0821F8C2A3763093122D433D1C50FB ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
20:54:07.0380 0x13c0  srv2 - ok
20:54:07.0395 0x13c0  [ 9C12C78AD36C23D925711A4640228225, FF72C23F2A08EDF0C41BAF1EB0245AB44FF91365C5466F09C47A8F0928D20994 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
20:54:07.0407 0x13c0  srvnet - ok
20:54:07.0428 0x13c0  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
20:54:07.0460 0x13c0  SSDPSRV - ok
20:54:07.0479 0x13c0  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
20:54:07.0507 0x13c0  SstpSvc - ok
20:54:07.0529 0x13c0  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
20:54:07.0537 0x13c0  stexstor - ok
20:54:07.0587 0x13c0  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
20:54:07.0618 0x13c0  stisvc - ok
20:54:07.0654 0x13c0  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
20:54:07.0679 0x13c0  swenum - ok
20:54:07.0712 0x13c0  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
20:54:07.0759 0x13c0  swprv - ok
20:54:07.0898 0x13c0  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
20:54:07.0985 0x13c0  SysMain - ok
20:54:08.0005 0x13c0  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:54:08.0038 0x13c0  TabletInputService - ok
20:54:08.0062 0x13c0  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
20:54:08.0097 0x13c0  TapiSrv - ok
20:54:08.0207 0x13c0  [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
20:54:08.0283 0x13c0  Tcpip - ok
20:54:08.0357 0x13c0  [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
20:54:08.0401 0x13c0  TCPIP6 - ok
20:54:08.0485 0x13c0  [ 7FE5586314EE7D6AA8483264A089E5AF, 4E3EA68713A45C22F1B9A1AA125E15D06D0C5E637B815537431ADFB6D7563879 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
20:54:08.0535 0x13c0  tcpipreg - ok
20:54:08.0570 0x13c0  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
20:54:08.0602 0x13c0  TDPIPE - ok
20:54:08.0689 0x13c0  [ C9F35A3DE54D220D936588F8270DD45F, E41D319BD95C87657686CB54D4D4556D0474CDBF71540B0672AF218A88E3DBBE ] tdrpman228      C:\Windows\system32\DRIVERS\tdrpm228.sys
20:54:08.0759 0x13c0  tdrpman228 - ok
20:54:08.0798 0x13c0  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
20:54:08.0825 0x13c0  TDTCP - ok
20:54:08.0862 0x13c0  [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
20:54:08.0876 0x13c0  tdx - ok
20:54:09.0116 0x13c0  [ 9A019ABD9CEAA6EA528E5438402907F7, E1B58B376D142B4472C64D020800AE0AC868C8F4EC18EA45D236E0EB8C3CB6F4 ] TeamViewer9     C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
20:54:09.0222 0x13c0  TeamViewer9 - ok
20:54:09.0249 0x13c0  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
20:54:09.0258 0x13c0  TermDD - ok
20:54:09.0306 0x13c0  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
20:54:09.0328 0x13c0  TermService - ok
20:54:09.0359 0x13c0  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
20:54:09.0387 0x13c0  Themes - ok
20:54:09.0416 0x13c0  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
20:54:09.0461 0x13c0  THREADORDER - ok
20:54:09.0501 0x13c0  [ 156EF5E1164BBA862EEE84400C7BA034, 60543C57A8C8E90FEE514899417520B0A24E73A0230527A4D7AFE9675D8D54E2 ] tifsfilter      C:\Windows\system32\DRIVERS\tifsfilt.sys
20:54:09.0510 0x13c0  tifsfilter - ok
20:54:09.0545 0x13c0  [ 8A474022C0465797B13A4EA7535D4C5B, 424EF4ED079FFC6AF1FF97A8696D5545E582530B7E88D1F5861C6BBFA6057523 ] timounter       C:\Windows\system32\DRIVERS\timntr.sys
20:54:09.0621 0x13c0  timounter - ok
20:54:09.0704 0x13c0  [ 0A62A2153A8D8C6EB00AB969764A90D6, 3A620DCCD237700162B03BA2E0F57BBF29A020B70FADFBF13CCF37EEFD358313 ] TomTomHOMEService C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
20:54:09.0729 0x13c0  TomTomHOMEService - ok
20:54:09.0756 0x13c0  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
20:54:09.0795 0x13c0  TrkWks - ok
20:54:09.0838 0x13c0  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:54:09.0868 0x13c0  TrustedInstaller - ok
20:54:09.0909 0x13c0  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
20:54:09.0936 0x13c0  tssecsrv - ok
20:54:09.0977 0x13c0  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
20:54:09.0992 0x13c0  TsUsbFlt - ok
20:54:10.0028 0x13c0  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
20:54:10.0041 0x13c0  TsUsbGD - ok
20:54:10.0074 0x13c0  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
20:54:10.0104 0x13c0  tunnel - ok
20:54:10.0148 0x13c0  [ FD24F98D2898BE093FE926604BE7DB99, F9851C57A2ED838AC76BB19FE2F62BB81C57DBBE2A2555F738B5D6725D39AD61 ] TurboB          C:\Windows\system32\DRIVERS\TurboB.sys
20:54:10.0163 0x13c0  TurboB - ok
20:54:10.0199 0x13c0  [ 600B406A04D90F577FEA8A88D7379F08, 77CC8E8AFB6F571A42D916C0B2FEFFD3A7A32A455C78228B407C6C9B6DED8CAD ] TurboBoost      C:\Program Files\Intel\TurboBoost\TurboBoost.exe
20:54:10.0219 0x13c0  TurboBoost - ok
20:54:10.0237 0x13c0  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
20:54:10.0254 0x13c0  uagp35 - ok
20:54:10.0274 0x13c0  [ A17D5E1A6DF4EAB0A480F2C490DE4C9D, 1EA835F172B6BF3D7F496E079DF1CDF00122B2110C08D61427582BC9405D2B7B ] UBHelper        C:\Windows\system32\drivers\UBHelper.sys
20:54:10.0282 0x13c0  UBHelper - ok
20:54:10.0312 0x13c0  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
20:54:10.0350 0x13c0  udfs - ok
20:54:10.0376 0x13c0  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
20:54:10.0388 0x13c0  UI0Detect - ok
20:54:10.0411 0x13c0  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
20:54:10.0421 0x13c0  uliagpkx - ok
20:54:10.0443 0x13c0  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
20:54:10.0454 0x13c0  umbus - ok
20:54:10.0465 0x13c0  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
20:54:10.0475 0x13c0  UmPass - ok
20:54:10.0629 0x13c0  [ 758C2CE427C343F780A205E28555C98D, E3413BA433CD26DD61D3257B08B8354478A049A972EFAC53C303690BC71DD7E1 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
20:54:10.0691 0x13c0  UNS - ok
20:54:10.0772 0x13c0  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
20:54:10.0828 0x13c0  upnphost - ok
20:54:10.0841 0x13c0  upperdev - ok
20:54:10.0883 0x13c0  [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
20:54:10.0894 0x13c0  USBAAPL64 - ok
20:54:10.0929 0x13c0  [ 28B81917A195B67617AF7DCF4DFE5736, 40A4D2AAE1BDE5ABA8708ED150396E913C566ECD5CDA40D6C6DB256F1B9FD4A9 ] usbccgp         C:\Windows\system32\drivers\usbccgp.sys
20:54:10.0950 0x13c0  usbccgp - ok
20:54:10.0983 0x13c0  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
20:54:11.0033 0x13c0  usbcir - ok
20:54:11.0084 0x13c0  [ B626F048318DAE65A3317F0592BE592C, 284D8FFE1D35F852EFDA182A72288AC3A10D6ED825FE2CC5812497D3FE291AF1 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
20:54:11.0127 0x13c0  usbehci - ok
20:54:11.0161 0x13c0  [ 390109E8E05BA00375DCB1ED64DC60AF, B8628502590B423BEFB6F7C8C69FAD0667AD0746FF6B444EE02016E8E1052B78 ] usbhub          C:\Windows\system32\drivers\usbhub.sys
20:54:11.0187 0x13c0  usbhub - ok
20:54:11.0217 0x13c0  [ B4DF0F4C1D9D25DFE1DAD1D8670F1D4F, 4317C2DEDC639527B53864BAEC46CBE022D298C0503E29E1072DD1C851D92BFC ] usbohci         C:\Windows\system32\drivers\usbohci.sys
20:54:11.0226 0x13c0  usbohci - ok
20:54:11.0252 0x13c0  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
20:54:11.0281 0x13c0  usbprint - ok
20:54:11.0324 0x13c0  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
20:54:11.0364 0x13c0  usbscan - ok
20:54:11.0403 0x13c0  [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:54:11.0445 0x13c0  USBSTOR - ok
20:54:11.0467 0x13c0  [ CFEAAF96E666E3DCBD8F6DFF516784AE, 006218A3DB5851790CC0A7F3DCD7B3AF82F624DA679296DE507AFD36C5468317 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
20:54:11.0490 0x13c0  usbuhci - ok
20:54:11.0556 0x13c0  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
20:54:11.0605 0x13c0  usbvideo - ok
20:54:11.0629 0x13c0  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
20:54:11.0677 0x13c0  UxSms - ok
20:54:11.0692 0x13c0  [ 1F9335A2C68B65E7D95985FA50968EA0, A0918C943F9CF5C6DB9440222B8E3B0DD645068B44E18253F275509550C0DF4D ] VaultSvc        C:\Windows\system32\lsass.exe
20:54:11.0700 0x13c0  VaultSvc - ok
20:54:11.0721 0x13c0  [ 84BB306B7863883018D7F3EB0C453BD5, 0602C6987E42ADB3F98D200BA078363F80389941938E0611C3CCA6AD6A183DD0 ] VClone          C:\Windows\system32\DRIVERS\VClone.sys
20:54:11.0738 0x13c0  VClone - ok
20:54:11.0778 0x13c0  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
20:54:11.0786 0x13c0  vdrvroot - ok
20:54:11.0818 0x13c0  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
20:54:11.0857 0x13c0  vds - ok
20:54:11.0869 0x13c0  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
20:54:11.0880 0x13c0  vga - ok
20:54:11.0891 0x13c0  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
20:54:11.0917 0x13c0  VgaSave - ok
20:54:11.0934 0x13c0  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
20:54:11.0948 0x13c0  vhdmp - ok
20:54:11.0979 0x13c0  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
20:54:11.0987 0x13c0  viaide - ok
20:54:12.0004 0x13c0  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
20:54:12.0014 0x13c0  volmgr - ok
20:54:12.0034 0x13c0  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
20:54:12.0047 0x13c0  volmgrx - ok
20:54:12.0065 0x13c0  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
20:54:12.0077 0x13c0  volsnap - ok
20:54:12.0113 0x13c0  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
20:54:12.0126 0x13c0  vsmraid - ok
20:54:12.0187 0x13c0  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
20:54:12.0301 0x13c0  VSS - ok
20:54:12.0316 0x13c0  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
20:54:12.0326 0x13c0  vwifibus - ok
20:54:12.0341 0x13c0  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
20:54:12.0355 0x13c0  vwififlt - ok
20:54:12.0375 0x13c0  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
20:54:12.0387 0x13c0  vwifimp - ok
20:54:12.0412 0x13c0  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
20:54:12.0445 0x13c0  W32Time - ok
20:54:12.0460 0x13c0  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
20:54:12.0470 0x13c0  WacomPen - ok
20:54:12.0495 0x13c0  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
20:54:12.0523 0x13c0  WANARP - ok
20:54:12.0534 0x13c0  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
20:54:12.0559 0x13c0  Wanarpv6 - ok
20:54:12.0612 0x13c0  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
20:54:12.0689 0x13c0  wbengine - ok
20:54:12.0711 0x13c0  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
20:54:12.0730 0x13c0  WbioSrvc - ok
20:54:12.0758 0x13c0  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
20:54:12.0781 0x13c0  wcncsvc - ok
20:54:12.0794 0x13c0  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:54:12.0804 0x13c0  WcsPlugInService - ok
20:54:12.0814 0x13c0  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
20:54:12.0822 0x13c0  Wd - ok
20:54:12.0882 0x13c0  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
20:54:12.0925 0x13c0  Wdf01000 - ok
20:54:12.0968 0x13c0  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
20:54:13.0007 0x13c0  WdiServiceHost - ok
20:54:13.0015 0x13c0  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
20:54:13.0030 0x13c0  WdiSystemHost - ok
20:54:13.0072 0x13c0  [ EE841B6D1F2B9508D3ABAE52AC05A94F, F1AE981FCDBFC4672A4EABABD41382E93762EFC2EDAD96E75530E7ACA5AF1FD8 ] WebClient       C:\Windows\System32\webclnt.dll
20:54:13.0091 0x13c0  WebClient - ok
20:54:13.0112 0x13c0  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
20:54:13.0149 0x13c0  Wecsvc - ok
20:54:13.0170 0x13c0  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
20:54:13.0200 0x13c0  wercplsupport - ok
20:54:13.0223 0x13c0  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
20:54:13.0258 0x13c0  WerSvc - ok
20:54:13.0279 0x13c0  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
20:54:13.0307 0x13c0  WfpLwf - ok
20:54:13.0338 0x13c0  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
20:54:13.0346 0x13c0  WIMMount - ok
20:54:13.0372 0x13c0  WinDefend - ok
20:54:13.0433 0x13c0  [ 82597A56652EB73A95484ADA65EB532B, 8DAFA715B9192CB37422DD6DDAC9B358B12CFE6B52A53240BF980C7559FE9371 ] WinDriver6      C:\Windows\system32\drivers\windrvr6.sys
20:54:13.0454 0x13c0  WinDriver6 - ok
20:54:13.0456 0x13c0  WinHttpAutoProxySvc - ok
20:54:13.0504 0x13c0  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
20:54:13.0536 0x13c0  Winmgmt - ok
20:54:13.0620 0x13c0  [ EBDA1B0F15CB9B2CBCC6C94824E4E054, C51314F7D611E4903DA00EFA8EB99365414436324D256083CE0B5A8E055E8E06 ] WinRM           C:\Windows\system32\WsmSvc.dll
20:54:13.0728 0x13c0  WinRM - ok
20:54:13.0809 0x13c0  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
20:54:13.0837 0x13c0  WinUsb - ok
20:54:13.0886 0x13c0  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
20:54:13.0935 0x13c0  Wlansvc - ok
20:54:13.0994 0x13c0  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
20:54:14.0017 0x13c0  wlcrasvc - ok
20:54:14.0212 0x13c0  [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:54:14.0326 0x13c0  wlidsvc - ok
20:54:14.0375 0x13c0  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
20:54:14.0400 0x13c0  WmiAcpi - ok
20:54:14.0433 0x13c0  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
20:54:14.0449 0x13c0  wmiApSrv - ok
20:54:14.0466 0x13c0  WMPNetworkSvc - ok
20:54:14.0484 0x13c0  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
20:54:14.0500 0x13c0  WPCSvc - ok
20:54:14.0514 0x13c0  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
20:54:14.0529 0x13c0  WPDBusEnum - ok
20:54:14.0554 0x13c0  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
20:54:14.0585 0x13c0  ws2ifsl - ok
20:54:14.0600 0x13c0  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
20:54:14.0614 0x13c0  wscsvc - ok
20:54:14.0661 0x13c0  [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
20:54:14.0672 0x13c0  WSDPrintDevice - ok
20:54:14.0689 0x13c0  [ 4A2A5C50DD1A63577D3ACA94269FBC7F, F75C1906D431CF871AD954218DF32A0F206E45FF49332DEF9F13C0A36A407047 ] WSDScan         C:\Windows\system32\DRIVERS\WSDScan.sys
20:54:14.0698 0x13c0  WSDScan - ok
20:54:14.0700 0x13c0  WSearch - ok
20:54:14.0830 0x13c0  [ 31F32E0C1A8BA9A37EEC23DE5F27F847, 0180832BC6172C9A4C32B5B222BB3F91EA615A5EBDA98DB79ED4FED258C2D257 ] wuauserv        C:\Windows\system32\wuaueng.dll
20:54:14.0992 0x13c0  wuauserv - ok
20:54:15.0027 0x13c0  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
20:54:15.0038 0x13c0  WudfPf - ok
20:54:15.0057 0x13c0  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
20:54:15.0070 0x13c0  WUDFRd - ok
20:54:15.0084 0x13c0  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
20:54:15.0095 0x13c0  wudfsvc - ok
20:54:15.0137 0x13c0  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
20:54:15.0164 0x13c0  WwanSvc - ok
20:54:15.0202 0x13c0  ================ Scan global ===============================
20:54:15.0241 0x13c0  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
20:54:15.0285 0x13c0  [ 93E5D2B763374F484918A0909724B3EB, 900F1CCAEFCF77AB678C74D542ABDDA7134CD33D7811537E2829FC69E99F2B3E ] C:\Windows\system32\winsrv.dll
20:54:15.0320 0x13c0  [ 93E5D2B763374F484918A0909724B3EB, 900F1CCAEFCF77AB678C74D542ABDDA7134CD33D7811537E2829FC69E99F2B3E ] C:\Windows\system32\winsrv.dll
20:54:15.0348 0x13c0  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
20:54:15.0398 0x13c0  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
20:54:15.0409 0x13c0  [ Global ] - ok
20:54:15.0410 0x13c0  ================ Scan MBR ==================================
20:54:15.0422 0x13c0  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:54:15.0752 0x13c0  \Device\Harddisk0\DR0 - ok
20:54:15.0753 0x13c0  ================ Scan VBR ==================================
20:54:15.0758 0x13c0  [ 03F438784D00DC0C6EEB5306589C52CF ] \Device\Harddisk0\DR0\Partition1
20:54:15.0762 0x13c0  \Device\Harddisk0\DR0\Partition1 - ok
20:54:15.0767 0x13c0  [ E3FC77EA3533E5E46E27A27DF95673B8 ] \Device\Harddisk0\DR0\Partition2
20:54:15.0773 0x13c0  \Device\Harddisk0\DR0\Partition2 - ok
20:54:15.0774 0x13c0  ================ Scan generic autorun ======================
20:54:15.0812 0x13c0  [ BA9E8BF3E91C14DE99FDB1FA946D07AF, 9C3F5F52EE5B8D02B15EE18AA492FB110547A8DCDA3F8284A614F4E1A30F9BB1 ] C:\Windows\system32\igfxtray.exe
20:54:15.0828 0x13c0  IgfxTray - ok
20:54:15.0844 0x13c0  [ B20857C91A3E992A5AC93D8625C53CAE, ECB89856B267E2F4930CB7B404B51425C6375A47F864577C1A7B8B255278EC12 ] C:\Windows\system32\hkcmd.exe
20:54:15.0860 0x13c0  HotKeysCmds - ok
20:54:15.0882 0x13c0  [ 29E120E36791B2E620CC398847C28E12, 7C2904FEDD50F49447FD091D33BB3BFA5A2A684101ADB123BC2C08699320B912 ] C:\Windows\system32\igfxpers.exe
20:54:15.0896 0x13c0  Persistence - ok
20:54:15.0898 0x13c0  IntelTBRunOnce - ok
20:54:15.0960 0x13c0  [ 6A94CD69E9C2BD1864096AB0B16660E6, E22F3C432F104AD25512D1F97526D772D50BE0FC7910FFF12335F4ECC0EEE184 ] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
20:54:16.0002 0x13c0  IntelPAN - ok
20:54:16.0004 0x13c0  ETDCtrl - ok
20:54:16.0082 0x13c0  [ 6928C60FD715435746976E763ACC1505, 882F0EAFE4A4D49092166B8EEE8998388C7F76E669D16C3801706A129B76BDC2 ] C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe
20:54:16.0119 0x13c0  Power Management - ok
20:54:16.0194 0x13c0  [ 8172713E65127D7DFED43BB59E493058, BC310682EFBF3D221FD6389FBF4F8A61665DEF6EB3CA195A5D65660823B07918 ] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
20:54:16.0219 0x13c0  Acronis Scheduler2 Service - ok
20:54:16.0313 0x13c0  [ D91AB5CCE502F95726AC1E035C867BC6, A27B2AAB26C844454A0CEA97F861623C518A837B9DF41778AC7F4E9184E6BC8C ] C:\Program Files\iTunes\iTunesHelper.exe
20:54:16.0340 0x13c0  iTunesHelper - ok
20:54:16.0380 0x13c0  [ 9D51EA92A612B37E76E5E4621650C50A, 00BD61C8527A80C0F684882379A0AC2E5A54E8BBECC797087B960CDC8454C373 ] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
20:54:16.0395 0x13c0  NUSB3MON - ok
20:54:16.0443 0x13c0  [ 4A80B3C030178E65CF0BECFF1BB20905, EBBB74B0597D1884D279C77248A818A6D9300DDE06BCE498945B82715ABE0196 ] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
20:54:16.0467 0x13c0  SuiteTray - ok
20:54:16.0516 0x13c0  [ 0D360F06B168A6F37ACA9D9F958245DA, 0F37D510AE0A31503A359F65D5C04CD798B178A3A3E2601DFBAB6534B3C7C23C ] C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
20:54:16.0542 0x13c0  BackupManagerTray - ok
20:54:16.0617 0x13c0  [ 9ABC4E3B00CFA3A47D5569F5B49FE42F, 5D33CCE770BC9BC3AFA544A21F100A7F1E5A36577FDB30884160AC4BFE6A1838 ] C:\Program Files (x86)\Launch Manager\LManager.exe
20:54:16.0647 0x13c0  LManager - ok
20:54:16.0732 0x13c0  [ 613166769A21CC231605F88A147B27C2, A48EB76D8B49C309B58F8ABC0C19A81379EEC95896D301B8EE8CE8BDB0DE4019 ] C:\Dolby PCEE4\pcee4.exe
20:54:16.0756 0x13c0  Dolby Home Theater v4 - ok
20:54:16.0817 0x13c0  [ D474767D4805CEF801AF6D4AEED1F9E3, 4645EABB554ED97737D9375826EFB06BF43E3DC4C33095FDCCC530B51DEC6145 ] C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
20:54:16.0840 0x13c0  ArcadeMovieService - ok
20:54:17.0040 0x13c0  [ FAC619BBD2448B988B4CFC28011F66B9, 62726590977AF37CC93E4015B7231B400E401B0F8AF22BC03E22D67D425A6C96 ] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
20:54:17.0129 0x13c0  TrueImageMonitor.exe - ok
20:54:17.0164 0x13c0  [ BD359930F87EBE61FE510309E2397A5C, F2B9B2D27A7574E0D75B337EDDABC12AC8FCA7E7B95C013EE0C75E8184AB6D7C ] C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe
20:54:17.0186 0x13c0  AcronisTimounterMonitor - ok
20:54:17.0262 0x13c0  [ AF905BC023A0018F7325FD4B0019B5C0, 9F65DE0C3D8B90295B70528ADD2411CC1771AC089B70ABEC426D6F2D5D7A104A ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
20:54:17.0287 0x13c0  APSDaemon - ok
20:54:17.0378 0x13c0  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
20:54:17.0468 0x13c0  Sidebar - ok
20:54:17.0499 0x13c0  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
20:54:17.0533 0x13c0  mctadmin - ok
20:54:17.0535 0x13c0  IsMyWinLockerReboot - ok
20:54:17.0598 0x13c0  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
20:54:17.0636 0x13c0  Sidebar - ok
20:54:17.0641 0x13c0  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
20:54:17.0654 0x13c0  mctadmin - ok
20:54:17.0657 0x13c0  IsMyWinLockerReboot - ok
20:54:17.0859 0x13c0  [ 5400677699FBBBDFF1CB48D05AF55EEC, A3F3DC72CAB8FD57B5D7FB5BB2DFD67170BD43063F9AAE3EEAD5BC3CF22A0A0D ] C:\Users\Manfred Grossardt\AppData\Roaming\Spotify\SpotifyWebHelper.exe
20:54:17.0898 0x13c0  Spotify Web Helper - ok
20:54:17.0947 0x13c0  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
20:54:17.0978 0x13c0  Sidebar - ok
20:54:18.0001 0x13c0  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
20:54:18.0014 0x13c0  mctadmin - ok
20:54:18.0078 0x13c0  [ 8E27F731A1BDED1B13DEBA9E54FE0B20, 326F0CFC75AD7E552DA5DD64964C06AC0AD6E71BF0D5F568C2AEE9206C2FD0BE ] C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe
20:54:18.0105 0x13c0  ScrSav - ok
20:54:18.0106 0x13c0  Waiting for KSN requests completion. In queue: 138
20:54:19.0140 0x13c0  Win FW state via NFP2: enabled ( trusted )
20:54:19.0309 0x13c0  ============================================================
20:54:19.0309 0x13c0  Scan finished
20:54:19.0309 0x13c0  ============================================================
20:54:19.0329 0x15f0  Detected object count: 0
20:54:19.0329 0x15f0  Actual detected object count: 0
         

Alt 30.01.2017, 09:34   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Chrome öffnet Werbefenster vermutlich cloudfront - Standard

Chrome öffnet Werbefenster vermutlich cloudfront



Adware/Junkware/Toolbars entfernen

Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!
Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren!


1. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).




2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 30.01.2017, 18:58   #9
karstellos
 
Chrome öffnet Werbefenster vermutlich cloudfront - Standard

Chrome öffnet Werbefenster vermutlich cloudfront



Code:
ATTFilter
# AdwCleaner v6.043 - Bericht erstellt am 30/01/2017 um 18:40:11
# Aktualisiert am 27/01/2017 von Malwarebytes
# Datenbank : 2017-01-30.2 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (X64)
# Benutzername : Manfred G - MANFRED-LAPTOP
# Gestartet von : C:\Users\Manfred G\Downloads\adwcleaner_6.043.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support



***** [ Dienste ] *****



***** [ Ordner ] *****



***** [ Dateien ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Verknüpfungen ] *****



***** [ Aufgabenplanung ] *****



***** [ Registrierungsdatenbank ] *****

[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}


***** [ Browser ] *****



*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [1102 Bytes] - [30/01/2017 18:40:11]
C:\AdwCleaner\AdwCleaner[S0].txt - [1440 Bytes] - [30/01/2017 18:32:18]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1248 Bytes] ##########
         
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.0 (12.05.2016)
Operating System: Windows 7 Home Premium x64 
Ran by Manfred G (Administrator) on 30.01.2017 at 18:48:38,69
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 79 

Successfully deleted: C:\Users\Manfred G\AppData\Local\{22AE71F1-D0C5-4E3E-88F3-A5C8B71E1F87} (Empty Folder)
Successfully deleted: C:\Users\Manfred G\AppData\Local\{2B8D6DAF-14E1-4009-9874-6AC95DF74E01} (Empty Folder)
Successfully deleted: C:\Users\Manfred G\AppData\Local\{2F093FC5-498A-4BAC-89FD-40DC0157534C} (Empty Folder)
Successfully deleted: C:\Users\Manfred G\AppData\Local\{35CECB2E-F71D-426F-B4DF-A92DE50DB3EC} (Empty Folder)
Successfully deleted: C:\Users\Manfred G\AppData\Local\{45884513-4B3A-4CAB-9084-F539B08C4011} (Empty Folder)
Successfully deleted: C:\Users\Manfred G\AppData\Local\{4DD13CD3-6023-411C-8716-27A22B55C0D5} (Empty Folder)
Successfully deleted: C:\Users\Manfred G\AppData\Local\{51BB511B-7A66-48B6-A103-55323521BD7A} (Empty Folder)
Successfully deleted: C:\Users\Manfred G\AppData\Local\{5DB8F024-FC98-4742-9D2D-2F2A3A202EA6} (Empty Folder)
Successfully deleted: C:\Users\Manfred G\AppData\Local\{5E0E35F6-BB28-4086-96FD-DAA7BD49E3A0} (Empty Folder)
Successfully deleted: C:\Users\Manfred G\AppData\Local\{6292557B-79DF-42C4-92DA-A3716D0CC34E} (Empty Folder)
Successfully deleted: C:\Users\Manfred G\AppData\Local\{69DC6361-FA1F-41DF-A4C1-5C554E5F247F} (Empty Folder)
Successfully deleted: C:\Users\Manfred G\AppData\Local\{6AA2E76D-B063-4C59-984C-27C4502B719A} (Empty Folder)
Successfully deleted: C:\Users\Manfred G\AppData\Local\{70785252-5CBC-40DB-AE71-33C2BFBA89F2} (Empty Folder)
Successfully deleted: C:\Users\Manfred G\AppData\Local\{794E2AD0-A34D-489A-8F85-DF24C6B234C4} (Empty Folder)
Successfully deleted: C:\Users\Manfred G\AppData\Local\{8368EF8C-491E-4740-A592-BC3A2B51139A} (Empty Folder)
Successfully deleted: C:\Users\Manfred G\AppData\Local\{843AF9A4-5286-40A0-B72E-0C0EE38CFA19} (Empty Folder)
Successfully deleted: C:\Users\Manfred G\AppData\Local\{9DAE1C7A-BDED-4096-BDFE-2C3B10D67181} (Empty Folder)
Successfully deleted: C:\Users\Manfred G\AppData\Local\{A0432926-2A1B-4976-9981-5FFB81826B2B} (Empty Folder)
Successfully deleted: C:\Users\Manfred G\AppData\Local\{A4DEB0AC-0A29-4F83-9D03-5CFC2007D4A5} (Empty Folder)
Successfully deleted: C:\Users\Manfred G\AppData\Local\{A69C0DAC-2095-4FA4-82AE-8F4771A58A1E} (Empty Folder)
Successfully deleted: C:\Users\Manfred G\AppData\Local\{B108CE43-7305-470D-A461-794B698ED510} (Empty Folder)
Successfully deleted: C:\Users\Manfred G\AppData\Local\{BDFB4F75-70CA-47FA-8FC5-4FF72FCEBFC1} (Empty Folder)
Successfully deleted: C:\Users\Manfred G\AppData\Local\{C8A41B0B-F237-4F63-AC7D-2D9529CF18C5} (Empty Folder)
Successfully deleted: C:\Users\Manfred G\AppData\Local\{C8E10782-6CB0-4C74-8F17-12D86B1CE20F} (Empty Folder)
Successfully deleted: C:\Users\Manfred G\AppData\Local\{C9273A09-B215-4C88-98A4-04E5BD5F7B99} (Empty Folder)
Successfully deleted: C:\Users\Manfred G\AppData\Local\{D411FF15-A674-4615-8A94-EEBF44F4B49B} (Empty Folder)
Successfully deleted: C:\Users\Manfred G\AppData\Local\{D59A2C98-44B6-47F9-9428-817D8D6A6232} (Empty Folder)
Successfully deleted: C:\Users\Manfred G\AppData\Local\{E4B9269B-7886-40DC-92A8-1686A4C8E56A} (Empty Folder)
Successfully deleted: C:\Users\Manfred G\AppData\Local\{EACEE092-78F2-4513-BE31-A6E28B8329C0} (Empty Folder)
Successfully deleted: C:\Users\Manfred G\AppData\Local\{F809B63D-88C2-4FB1-A734-DF1E46E76EA7} (Empty Folder)
Successfully deleted: C:\Users\Manfred G\AppData\Local\{F8D412AD-0757-4A59-B077-AE7CF9F6A8E2} (Empty Folder)
Successfully deleted: C:\Users\Manfred G\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Manfred G\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\12VQUABI (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Manfred G\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3QB86SJP (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Manfred G\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Manfred G\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6DCGHWE9 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Manfred G\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8OGGTXWT (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Manfred G\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9PZLLGJH (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Manfred G\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ASCSW88V (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Manfred G\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BUOARKIQ (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Manfred G\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CRUDRJ4G (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Manfred G\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Manfred G\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G1SL43ZC (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Manfred G\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H166QW1P (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Manfred G\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HTMNHVD3 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Manfred G\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I012IVZO (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Manfred G\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IHT80K8G (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Manfred G\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K1RJKAV0 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Manfred G\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Manfred G\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PUOF7E5F (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Manfred G\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PZKMN0C3 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Manfred G\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RK4P4AXO (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Manfred G\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RNKDYEN3 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Manfred G\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SOB0SKQL (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Manfred G\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XHFQFT3L (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\12VQUABI (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3QB86SJP (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6DCGHWE9 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8OGGTXWT (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9PZLLGJH (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ASCSW88V (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BUOARKIQ (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CRUDRJ4G (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G1SL43ZC (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H166QW1P (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HTMNHVD3 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I012IVZO (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\IHT80K8G (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\K1RJKAV0 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PUOF7E5F (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PZKMN0C3 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RK4P4AXO (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RNKDYEN3 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SOB0SKQL (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XHFQFT3L (Temporary Internet Files Folder) 



Registry: 1 

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 30.01.2017 at 18:53:08,82
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

Alt 31.01.2017, 09:14   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Chrome öffnet Werbefenster vermutlich cloudfront - Standard

Chrome öffnet Werbefenster vermutlich cloudfront



Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Untersuchen klicken

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 31.01.2017, 21:47   #11
karstellos
 
Chrome öffnet Werbefenster vermutlich cloudfront - Standard

Chrome öffnet Werbefenster vermutlich cloudfront



Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 29-01-2017
durchgeführt von Manfred G (Administrator) auf MANFRED-LAPTOP (31-01-2017 21:38:28)
Gestartet von C:\Users\Manfred G\Downloads
Geladene Profile: Manfred G & UpdatusUser (Verfügbare Profile: Manfred G & UpdatusUser & Karsten)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: IE)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [IntelPAN] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-05-02] (Intel(R) Corporation)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2589992 2011-04-05] (ELAN Microelectronics Corp.)
HKLM\...\Run: [Power Management] => C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe [499304 2011-03-28] (Acer Incorporated)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [377640 2009-05-15] (Acronis)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-11-01] (Apple Inc.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-06-21] (Egis Technology Inc.)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [297280 2011-04-24] (NTI Corporation)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc.)
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Dolby PCEE4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [ArcadeMovieService] => C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [177448 2011-08-26] (CyberLink Corp.)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [4393112 2009-05-15] (Acronis)
HKLM-x32\...\Run: [AcronisTimounterMonitor] => C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe [962640 2009-05-15] (Acronis)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2016-10-05] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-19\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-20\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-3921616589-2122781770-2851317462-1000\...\Run: [Spotify Web Helper] => C:\Users\Manfred G\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1524848 2016-03-07] (Spotify Ltd)
HKU\S-1-5-21-3921616589-2122781770-2851317462-1004\...\RunOnce: [ScrSav] => C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162408 2011-09-13] ()
HKU\S-1-5-21-3921616589-2122781770-2851317462-1004\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Acer.scr [450048 2011-09-13] ()
HKU\S-1-5-18\...\RunOnce: [IsMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer VCM.lnk [2011-09-06]
ShortcutTarget: Acer VCM.lnk -> C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2011-11-22]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{4BD03B0F-C581-472F-88E5-730EA1A3C3FC}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{DB06B308-87FA-405A-8FC7-7067AF443E88}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3921616589-2122781770-2851317462-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.gmx.net/
HKU\S-1-5-21-3921616589-2122781770-2851317462-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3921616589-2122781770-2851317462-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-02-25] (Eyeo GmbH)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-02-25] (Eyeo GmbH)

FireFox:
========
FF ProfilePath: C:\Users\Manfred G\AppData\Roaming\TomTom\HOME\Profiles\1t30w7lu.default [2015-05-14]
FF Extension: (Map status indicator) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [2015-05-14] [ist nicht signiert]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-06-26] (Adobe Systems Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Manfred G\AppData\Local\Google\Chrome\User Data\Default [2017-01-30]
CHR Extension: (Google Präsentationen) - C:\Users\Manfred G\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-19]
CHR Extension: (Google Docs) - C:\Users\Manfred G\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-19]
CHR Extension: (Google Drive) - C:\Users\Manfred G\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-25]
CHR Extension: (YouTube) - C:\Users\Manfred G\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27]
CHR Extension: (Adblock Plus) - C:\Users\Manfred G\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-11-11]
CHR Extension: (Google-Suche) - C:\Users\Manfred G\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-03-25]
CHR Extension: (Google Tabellen) - C:\Users\Manfred G\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-19]
CHR Extension: (Google Docs Offline) - C:\Users\Manfred G\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-13]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Manfred G\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-19]
CHR Extension: (Google Mail) - C:\Users\Manfred G\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-19]
CHR Extension: (Chrome Media Router) - C:\Users\Manfred G\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-17]

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
R2 ePowerSvc; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [799848 2011-03-28] (Acer Incorporated)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
R2 EPSON_PM_RPCV4_06; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [152640 2013-04-15] (SEIKO EPSON CORPORATION)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-05-02] ()
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256832 2011-04-24] (NTI Corporation)
R2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [260640 2010-01-30] (Acer Incorporated)
S3 ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [651776 2009-09-17] (Nokia) [Datei ist nicht signiert]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 BTWDPAN; C:\Windows\System32\DRIVERS\btwdpan.sys [89640 2011-08-30] (Broadcom Corporation.)
R0 tdrpman228; C:\Windows\System32\DRIVERS\tdrpm228.sys [1462304 2012-01-21] (Acronis)
R3 WinDriver6; C:\Windows\System32\drivers\windrvr6.sys [268800 2014-01-28] (Jungo Connectivity)
S3 nmwcd; system32\drivers\ccdcmbx64.sys [X]
S3 nmwcdc; system32\drivers\ccdcmbox64.sys [X]
S3 upperdev; system32\DRIVERS\usbser_lowerfltx64.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-01-31 21:37 - 2017-01-31 21:37 - 00000000 ____D C:\Users\Manfred G\Downloads\FRST-OlderVersion
2017-01-30 18:53 - 2017-01-30 18:57 - 00012069 _____ C:\Users\Manfred G\Desktop\JRT.txt
2017-01-30 18:48 - 2017-01-30 18:47 - 01663040 _____ (Malwarebytes) C:\Users\Manfred G\Desktop\JRT.exe
2017-01-30 18:47 - 2017-01-30 18:47 - 01663040 _____ (Malwarebytes) C:\Users\Manfred G\Downloads\JRT.exe
2017-01-30 18:43 - 2017-01-30 18:43 - 00001314 _____ C:\Users\Manfred G\Desktop\AdwCleaner[C0].txt
2017-01-30 18:25 - 2017-01-30 18:26 - 04015056 _____ C:\Users\Manfred G\Downloads\adwcleaner_6.043.exe
2017-01-30 18:19 - 2017-01-30 18:40 - 00000000 ____D C:\AdwCleaner
2017-01-29 20:54 - 2017-01-29 20:55 - 00110200 _____ C:\Users\Manfred G\Desktop\Neues Textdokument.txt
2017-01-29 20:52 - 2017-01-29 20:55 - 00220490 _____ C:\TDSSKiller.3.1.0.12_29.01.2017_20.52.51_log.txt
2017-01-29 20:52 - 2017-01-29 20:52 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Manfred G\Downloads\tdsskiller.exe
2017-01-29 20:52 - 2017-01-29 20:52 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Manfred G\Desktop\tdsskiller.exe
2017-01-29 20:51 - 2017-01-29 20:51 - 00002182 _____ C:\Users\Manfred G\Desktop\mbar-log-2017-01-29 (19-14-28).txt
2017-01-29 19:14 - 2017-01-29 20:50 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-01-29 19:11 - 2017-01-29 20:50 - 00000000 ____D C:\Users\Manfred G\Desktop\mbar
2017-01-29 19:11 - 2017-01-29 19:11 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Manfred G\Downloads\mbar-1.09.3.1001.exe
2017-01-29 00:51 - 2017-01-29 00:50 - 00040343 _____ C:\Users\Manfred G\Desktop\Addition.txt
2017-01-29 00:51 - 2017-01-29 00:50 - 00034700 _____ C:\Users\Manfred G\Desktop\FRST.txt
2017-01-29 00:46 - 2017-01-29 16:09 - 00039031 _____ C:\Users\Manfred G\Downloads\Addition.txt
2017-01-29 00:42 - 2017-01-31 21:39 - 00014954 _____ C:\Users\Manfred G\Downloads\FRST.txt
2017-01-29 00:34 - 2017-01-29 00:46 - 00001640 _____ C:\Users\Manfred G\Desktop\mamb.txt
2017-01-28 23:53 - 2017-01-31 21:38 - 00000000 ____D C:\FRST
2017-01-28 23:25 - 2017-01-29 19:14 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-01-28 23:22 - 2017-01-29 19:13 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2017-01-28 23:22 - 2017-01-28 23:22 - 00001070 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2017-01-28 23:22 - 2017-01-28 23:22 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-01-28 23:22 - 2017-01-28 23:22 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2017-01-28 23:22 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2017-01-28 23:22 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-01-28 23:19 - 2017-01-28 23:19 - 22851472 _____ (Malwarebytes ) C:\Users\Manfred G\Downloads\mbam-setup-2.2.1.1043.exe
2017-01-28 23:14 - 2017-01-31 21:37 - 02420736 _____ (Farbar) C:\Users\Manfred G\Downloads\FRST64.exe
2017-01-26 16:12 - 2017-01-26 17:16 - 01333343 _____ C:\Users\Manfred G\Documents\Wohnzimmerplanung.sh3d
2017-01-26 15:52 - 2017-01-26 15:52 - 00000000 ____D C:\Users\Manfred G\eTeks
2017-01-26 15:42 - 2017-01-26 15:42 - 00000938 _____ C:\Users\Manfred G\Desktop\Sweet Home 3D.lnk
2017-01-26 15:42 - 2017-01-26 15:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eTeks Sweet Home 3D
2017-01-26 15:41 - 2017-01-26 15:42 - 00000000 ____D C:\Program Files\Sweet Home 3D
2017-01-26 15:37 - 2017-01-26 15:37 - 01496584 _____ C:\Users\Manfred G\Downloads\Sweet Home 3D - CHIP-Installer.exe
2017-01-25 15:59 - 2017-01-25 15:59 - 00965154 _____ C:\Users\Manfred G\Downloads\v_schwb_aenderungsantrag.pdf
2017-01-24 11:46 - 2017-01-24 11:46 - 00023605 _____ C:\Users\Manfred G\Downloads\DEI0000464652 (1).pdf
2017-01-24 11:44 - 2017-01-24 11:44 - 00023605 _____ C:\Users\Manfred G\Downloads\DEI0000464652.pdf
2017-01-14 23:03 - 2017-01-14 23:07 - 00010783 _____ C:\Users\Manfred G\Documents\Passwortverwaltung 14.1.2017.xlsx
2017-01-14 21:11 - 2017-01-14 21:11 - 00270518 _____ C:\Users\Manfred G\Downloads\Extra_Konto_5547402805_Kontoauszug_20170105.pdf
2017-01-14 21:06 - 2017-01-14 21:06 - 00071799 _____ C:\Users\Manfred G\Downloads\Steuerbescheinigung-2016.pdf
2017-01-14 20:56 - 2017-01-14 20:56 - 00009941 _____ C:\Users\Manfred G\Documents\Auslieferung 2017.xlsx
2017-01-13 22:45 - 2017-01-13 22:45 - 00612570 _____ C:\Users\Manfred G\Downloads\Gehaltstarifvertrag.pdf
2017-01-13 22:45 - 2017-01-13 22:45 - 00612570 _____ C:\Users\Manfred G\Downloads\Gehaltstarifvertrag (1).pdf
2017-01-12 22:52 - 2017-01-12 22:52 - 00209745 _____ C:\Users\Manfred G\Downloads\Kontoauszug-1501214371-2017-01.pdf
2017-01-12 22:52 - 2017-01-12 22:52 - 00205682 _____ C:\Users\Manfred G\Downloads\Kontoauszug-1509790885-2017-01.pdf
2017-01-10 19:43 - 2017-01-05 19:55 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-01-10 19:43 - 2017-01-05 19:55 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-01-10 19:43 - 2017-01-05 19:52 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-01-10 19:43 - 2017-01-05 19:52 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-01-10 19:43 - 2017-01-05 19:52 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-01-10 19:43 - 2017-01-05 19:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-01-10 19:43 - 2017-01-05 19:52 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-01-10 19:43 - 2017-01-05 19:52 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-01-10 19:43 - 2017-01-05 19:52 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-01-10 19:43 - 2017-01-05 19:52 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-01-10 19:43 - 2017-01-05 19:52 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-01-10 19:43 - 2017-01-05 19:52 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-01-10 19:43 - 2017-01-05 19:52 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-01-10 19:43 - 2017-01-05 19:52 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-01-10 19:43 - 2017-01-05 19:52 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-01-10 19:43 - 2017-01-05 19:52 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-01-10 19:43 - 2017-01-05 19:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-01-10 19:43 - 2017-01-05 19:52 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-01-10 19:43 - 2017-01-05 19:52 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-01-10 19:43 - 2017-01-05 19:52 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-01-10 19:43 - 2017-01-05 19:52 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-01-10 19:43 - 2017-01-05 18:43 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-01-10 19:43 - 2017-01-05 18:43 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-01-10 19:43 - 2017-01-05 18:43 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-01-10 19:43 - 2017-01-05 18:43 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-01-10 19:43 - 2017-01-05 18:43 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-01-10 19:43 - 2017-01-05 18:43 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-01-10 19:43 - 2017-01-05 18:43 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-01-10 19:43 - 2017-01-05 18:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-01-10 19:43 - 2017-01-05 18:43 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-01-10 19:43 - 2017-01-05 18:43 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-01-10 19:43 - 2017-01-05 18:43 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-01-10 19:43 - 2017-01-05 18:43 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-01-10 19:43 - 2017-01-05 18:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-01-10 19:43 - 2017-01-05 18:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-01-10 19:43 - 2017-01-05 18:43 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-01-10 19:43 - 2017-01-05 18:42 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-01-10 19:43 - 2017-01-05 18:32 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-01-10 19:43 - 2017-01-05 18:25 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-01-10 19:43 - 2017-01-05 18:24 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-01-10 19:43 - 2017-01-05 18:24 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-01-10 19:43 - 2017-01-05 18:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-01-10 19:43 - 2017-01-05 18:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-01-10 19:43 - 2017-01-05 18:19 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-01-31 21:34 - 2013-03-31 20:16 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-01-31 21:33 - 2014-01-14 20:18 - 00000911 _____ C:\Windows\Tasks\EPSON XP-215 217 Series Update {9F247DB0-7006-49DA-AD93-9D99068E0F1A}.job
2017-01-31 21:33 - 2014-01-14 20:18 - 00000725 _____ C:\Windows\Tasks\EPSON XP-215 217 Series Invitation {9F247DB0-7006-49DA-AD93-9D99068E0F1A}.job
2017-01-30 18:50 - 2009-07-14 05:45 - 00024400 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-01-30 18:50 - 2009-07-14 05:45 - 00024400 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-01-30 18:44 - 2013-03-16 21:48 - 00000000 ____D C:\Users\UpdatusUser
2017-01-30 18:44 - 2012-01-19 18:14 - 00000000 ____D C:\ProgramData\clear.fi
2017-01-30 18:41 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-01-29 15:47 - 2011-09-06 08:12 - 00000000 ____D C:\ProgramData\McAfee
2017-01-29 15:43 - 2012-01-19 18:06 - 00109672 _____ C:\Users\Manfred G\AppData\Local\GDIPFONTCACHEV1.DAT
2017-01-29 15:42 - 2009-07-14 05:45 - 00415080 _____ C:\Windows\system32\FNTCACHE.DAT
2017-01-29 15:41 - 2013-10-03 17:37 - 00000000 ____D C:\Program Files\Common Files\McAfee
2017-01-29 15:39 - 2015-10-17 16:21 - 00000000 ____D C:\Users\Karsten\AppData\Local\JDownloader 2.0
2017-01-29 15:37 - 2012-01-22 01:05 - 00000000 ____D C:\Program Files (x86)\McAfee
2017-01-29 15:35 - 2012-01-22 11:42 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-01-29 15:34 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2017-01-29 15:33 - 2010-11-21 08:16 - 00000000 ____D C:\Windows\ShellNew
2017-01-29 15:33 - 2009-07-14 03:34 - 00000419 _____ C:\Windows\win.ini
2017-01-29 15:31 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2017-01-29 00:37 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2017-01-28 13:42 - 2015-02-26 20:59 - 00000000 ____D C:\Users\Manfred G\AppData\LocalLow\Adblock Plus for IE
2017-01-27 11:10 - 2013-03-31 20:16 - 00000000 ____D C:\Windows\system32\Macromed
2017-01-26 15:52 - 2012-01-19 18:05 - 00000000 ____D C:\Users\Manfred G
2017-01-24 18:14 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2017-01-14 20:42 - 2013-01-02 22:37 - 00023979 _____ C:\Users\Manfred G\Documents\Provision 2017.xlsx
2017-01-14 20:09 - 2012-01-25 21:40 - 00000000 ____D C:\Users\Manfred G\Documents\OneNote-Notizbücher
2017-01-14 20:08 - 2014-01-09 19:32 - 00000000 ____D C:\Users\Manfred G\Documents\Bank-ING-DiBa
2017-01-12 19:52 - 2013-03-31 20:16 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-01-12 19:52 - 2013-03-31 20:16 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-01-12 19:52 - 2011-09-06 08:32 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-01-12 19:52 - 2011-09-06 08:32 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-01-11 14:13 - 2013-08-05 21:23 - 00000000 ____D C:\Windows\system32\MRT
2017-01-11 14:06 - 2012-01-22 00:54 - 135657872 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-01-07 23:41 - 2012-08-10 22:03 - 00000000 ____D C:\Users\Manfred G\AppData\Roaming\Skype
2017-01-02 20:16 - 2012-02-06 22:15 - 00000000 ____D C:\Users\Manfred G\Documents\Telefonrechnungen

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-07-19 12:49 - 2014-07-19 12:50 - 0008704 ___SH () C:\Users\Manfred G\AppData\Roaming\Thumbs.db
2013-01-13 17:33 - 2013-01-13 17:33 - 0033134 _____ () C:\Users\Manfred G\AppData\Roaming\UserTile.png
2012-01-19 18:28 - 2012-01-19 18:28 - 0001526 _____ () C:\Users\Manfred G\AppData\Local\PDLSetup.20120119.182825.txt
2015-01-29 17:17 - 2015-01-29 17:17 - 0000000 _____ () C:\Users\Manfred G\AppData\Local\{D8B72E42-AFDC-43AC-B2A7-988F44429B5E}
2011-11-22 03:55 - 2011-11-22 03:58 - 0015230 _____ () C:\ProgramData\ArcadeDeluxe5.log

Einige Dateien in TEMP:
====================
2015-10-17 16:19 - 2015-10-17 16:19 - 36403960 _____ (AppWork GmbH) C:\Users\Karsten\AppData\Local\Temp\13089568753813370998.exe
2015-10-17 16:19 - 2015-10-17 16:19 - 0079736 _____ (AppWork GmbH) C:\Users\Karsten\AppData\Local\Temp\JDSetup130895687492763012.exe
2015-10-17 16:25 - 2015-10-17 16:25 - 0040448 ____N () C:\Users\Karsten\AppData\Local\Temp\proxy_vole2424655815273323973.dll
2015-10-17 16:20 - 2015-10-17 16:20 - 0040448 ____N () C:\Users\Karsten\AppData\Local\Temp\proxy_vole3647123271954594509.dll
2012-02-23 22:39 - 2012-02-23 22:39 - 0001536 _____ () C:\Users\Manfred G\AppData\Local\Temp\NEventMessages.dll
2006-10-31 00:00 - 2006-10-31 00:00 - 0145184 ____R (Microsoft Corporation) C:\Users\Manfred G\AppData\Local\Temp\ose00000.exe
2006-10-31 00:00 - 2006-10-31 00:00 - 0145184 ____R (Microsoft Corporation) C:\Users\Manfred G\AppData\Local\Temp\ose00001.exe
2006-10-31 00:00 - 2006-10-31 00:00 - 0145184 ____R (Microsoft Corporation) C:\Users\Manfred G\AppData\Local\Temp\ose00002.exe
2006-10-31 00:00 - 2006-10-31 00:00 - 0145184 ____R (Microsoft Corporation) C:\Users\Manfred G\AppData\Local\Temp\ose00003.exe
2017-01-29 15:38 - 2017-01-29 15:38 - 0040448 ____N () C:\Users\Manfred G\AppData\Local\Temp\proxy_vole7772226942415486329.dll
2013-07-15 21:17 - 2014-09-16 20:18 - 36005480 _____ (Skype Technologies S.A.) C:\Users\Manfred G\AppData\Local\Temp\SkypeSetup.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-01-24 18:06

==================== Ende von FRST.txt ============================
         
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 29-01-2017
durchgeführt von Manfred G (31-01-2017 21:39:53)
Gestartet von C:\Users\Manfred G\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2012-01-19 17:05:25)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3921616589-2122781770-2851317462-500 - Administrator - Disabled)
Gast (S-1-5-21-3921616589-2122781770-2851317462-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3921616589-2122781770-2851317462-1003 - Limited - Enabled)
Karsten (S-1-5-21-3921616589-2122781770-2851317462-1005 - Administrator - Enabled) => C:\Users\Karsten
Manfred G (S-1-5-21-3921616589-2122781770-2851317462-1000 - Administrator - Enabled) => C:\Users\Manfred G
UpdatusUser (S-1-5-21-3921616589-2122781770-2851317462-1004 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Acer Backup Manager (HKLM-x32\...\InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}) (Version: 3.0.0.99 - NTI Corporation)
Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1904 - CyberLink Corp.)
Acer Crystal Eye Webcam (x32 Version: 1.0.1904 - CyberLink Corp.) Hidden
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3504 - Acer Incorporated)
Acer PowerSmart Manager (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.01.3002 - Acer Incorporated)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.04.3503 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 20.11.0921.1957 - Acer Incorporated)
Acer USB Charge Manager (HKLM-x32\...\{F53A49E6-9FB1-4A5A-B1D9-82BA116196B7}) (Version: 1.00.3001 - Acer Incorporated)
Acer VCM (HKLM-x32\...\{047F790A-7A2A-4B6A-AD02-38092BA63DAC}) (Version: 4.05.3501 - Acer Incorporated)
AcronisÂ*TrueÂ*ImageÂ*Home (HKLM-x32\...\{D1E0E859-F46D-4708-A41D-ED90C0C1822A}) (Version: 12.0.9769.15 - Acronis)
Adblock Plus für IE (32-Bit- und 64-Bit) (HKLM\...\{C27EF409-FB69-451F-B996-DC853C25FCA2}) (Version: 1.4 - Eyeo GmbH)
Adobe Flash Player 24 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Adobe Reader X (10.1.15) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.15 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{F2871C89-C8A5-42EE-8D45-0F02506385A6}) (Version: 5.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{9BC93467-75D1-4AA4-BD58-D9C51D88DFAB}) (Version: 5.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Aquamarin Haushaltsbuch 2.9.2 b (HKLM-x32\...\{1E517C0C-8542-4F8C-DA23-98BCA13CD1F4}_is1) (Version:  - makasy.com)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.36 - Atheros Communications Inc.)
Atmel ARM GNU Toolchain (HKLM-x32\...\{736745FA-6A66-4654-9397-1321B2B4D196}) (Version: 4.8.1443 - Atmel)
Atmel AVR (32 bit) GNU Toolchain (HKLM-x32\...\{C342B5D0-D95A-4B39-9262-2CC3CE3F39B2}) (Version: 3.4.1067 - Atmel)
Atmel AVR (8 bit) GNU Toolchain (HKLM-x32\...\{6E3D61B8-F3EC-462D-91F9-49D03A97053E}) (Version: 3.4.1061 - Atmel)
Atmel Driver Files (x32 Version: 7.0.928 - Atmel Corporation) Hidden
Atmel Jungo USB Driver (x32 Version: 7.0.120 - Atmel) Hidden
Atmel Kits (HKLM-x32\...\{3C85CFF3-91DE-4520-B836-5F4C2F247FF5}) (Version: 6.2.338 - Atmel)
Atmel LibUSB0 Driver (x32 Version: 7.0.73 - Atmel) Hidden
Atmel Segger USB Drivers (497f) (x32 Version: 7.0.140 - Atmel) Hidden
Atmel Studio 6.2 (HKLM-x32\...\{C179E170-07D6-4D8D-A34D-FDB3FCC79FEC}) (Version: 6.2.1563 - Atmel)
Atmel Studio Backend (HKLM-x32\...\{1B2C7C63-4659-49A1-8BC9-F845FE0F0D35}) (Version: 1.12.4144 - Atmel Corporation)
Atmel Studio Memory Logger (HKLM-x32\...\{053538A7-0B52-4CA9-9728-D506BFAA42BD}) (Version: 6.2.171 - Atmel)
Atmel USB Driver Package (HKLM-x32\...\{88a482c9-18e3-43d5-b426-3d1cdf85b391}) (Version: 7.0.666 - Atmel)
Atmel WinUSB (x32 Version: 6.2.30 - Atmel) Hidden
AtmelSoftwareFramework (HKLM-x32\...\{35BD89A1-47F3-4E42-B393-B8DB123F5215}) (Version: 3.21.0.1310 - Atmel)
AVR macro Assembler (HKLM-x32\...\{251D9F73-6297-4941-9016-EA787F708FDF}) (Version: 2.1.1175 - Atmel)
Backup Manager V3 (x32 Version: 3.0.0.99 - NTI Corporation) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
clear.fi (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 1.0.2024.00 - CyberLink Corp.)
clear.fi (x32 Version: 1.0.1517_36458 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 1.0.2024.00 - CyberLink Corp.) Hidden
clear.fi (x32 Version: 9.0.8026 - CyberLink Corp.) Hidden
clear.fi Client (HKLM-x32\...\{43AAE145-83CF-4C96-9A5E-756CEFCE879F}) (Version: 1.00.3500 - Acer Incorporated)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.17.51 - Conexant)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON XP-215 217 Series Printer Uninstall (HKLM\...\EPSON XP-215 217 Series) (Version:  - SEIKO EPSON Corporation)
Epson-Handbücher (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.0.0.0 - SEIKO EPSON CORPORATION)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
ETDWare PS/2-X64 8.0.6.3_WHQL (HKLM\...\Elantech) (Version: 8.0.6.3 - ELAN Microelectronic Corp.)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GalerÃ*a fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogrÃ*fica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated)
Intel PROSet Wireless (x32 Version:  - ) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2418 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{3C41721F-AF0F-4086-AA1C-4C7F29076228}) (Version: 14.01.1000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.6.0.1002 - Intel Corporation)
Intel(R) WiDi (HKLM-x32\...\{781A93CD-1608-427D-B7F0-D05C07795B25}) (Version: 2.1.41.0 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version:  - )
iTunes (HKLM\...\{554C62C7-E6BB-40F1-892B-F0AE02D3C135}) (Version: 12.5.3.17 - Apple Inc.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.7 - Acer Inc.)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{4E968D9C-21A7-4915-B698-F7AEB913541D}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{2A2F3AE8-246A-4252-BB26-1BEB45627074}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.30319 (HKLM-x32\...\{6A86554B-8928-30E4-A53C-D7337689134D}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Shell (Isolated) - ENU (HKLM-x32\...\{D64B6984-242F-32BC-B008-752806E5FC44}) (Version: 10.0.30319 - Microsoft Corporation)
MoneyManagerEX 0.9.9.0 (HKLM-x32\...\{2C48DC11-E113-4912-8AFC-366D1918101E}_is1) (Version: 0.9.9.0 - CodeLathe, LLC)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyWinLocker (Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker 4 (x32 Version: 4.0.14.27 - Egis Technology Inc.) Hidden
MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.18 - Egis Technology Inc.)
MyWinLocker Suite (x32 Version: 4.0.14.18 - Egis Technology Inc.) Hidden
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.9002 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.9002 - NTI Corporation) Hidden
NVIDIA Grafiktreiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}) (Version: 9.10.0514 - NVIDIA Corporation)
NVIDIA Update 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation)
PC Connectivity Solution (HKLM-x32\...\{9D6B740F-D9A2-45A6-BDC4-0A453D499FE6}) (Version: 9.39.0.0 - Nokia)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.85 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.34.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.34.0 - Renesas Electronics Corporation) Hidden
Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden
Skypeâ„¢ 7.17 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.105 - Skype Technologies S.A.)
Software Updater (HKLM-x32\...\{A3B308B9-BE96-4334-816F-3D82B19A7DE2}) (Version: 4.1.7 - SEIKO EPSON CORPORATION)
Spotify (HKU\S-1-5-21-3921616589-2122781770-2851317462-1000\...\Spotify) (Version: 1.0.24.104.g92a22684 - Spotify AB)
Sweet Home 3D version 5.3 (HKLM\...\Sweet Home 3D_is1) (Version: 5.3 - eTeks)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.29480 - TeamViewer)
TomTom HOME (HKLM-x32\...\{0E09BE17-EDEA-42CA-8974-42A587F51510}) (Version: 2.9.8 - Ihr Firmenname)
TomTom HOME (HKLM-x32\...\{7A2BB1C8-903D-4585-9F3B-CADD67D07D37}) (Version: 2.9.8 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WIDCOMM Bluetooth Software (HKLM\...\{6E7F4CA3-B2DE-413C-A7A1-43AA5BE19EA1}) (Version: 6.5.0.2200 - Broadcom Corporation)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמו×*ות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {094AFE37-6048-44D2-BC6E-E86C3260E7BC} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2011-03-29] (Egis Technology Inc.)
Task: {2F28EFE9-7F6B-4067-B83D-FCB332D4AE07} - System32\Tasks\EPSON XP-215 217 Series Update {9F247DB0-7006-49DA-AD93-9D99068E0F1A} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {35C1DE87-6809-4DFE-9E64-4AC2A02EA920} - System32\Tasks\DMREngine => C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [2011-08-24] (CyberLink)
Task: {389D776A-B28B-430D-A0AC-1B236A244744} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {42251CB3-C518-4611-B947-FC6302F22357} - System32\Tasks\EPSON XP-215 217 Series Invitation {9F247DB0-7006-49DA-AD93-9D99068E0F1A} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {584D647F-4341-450B-ABFC-DE31214B6C3A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {658BC063-8439-4CFA-93B8-0F5974DBE83B} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2011-03-29] (Egis Technology Inc.)
Task: {7C4289BD-7F6F-47A7-ABFE-0A8F2511EC1A} - System32\Tasks\clear.fi => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [2011-08-24] (Acer Incorporated)
Task: {8F47ED39-A584-42AD-BFBE-DD1DC8D59C43} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {C5314810-7CCA-4C94-A77F-C75B445F9BF6} - System32\Tasks\{D388CCD6-91BD-4E86-B489-6CF4224EB645} => pcalua.exe -a F:\SETUP.EXE -d F:\
Task: {C8307B04-E4F7-4777-AC48-BB008A679F9F} - System32\Tasks\clear.fiAgent => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [2011-08-24] (CyberLink Corp.)
Task: {EA1DB5DF-4D1C-42A7-B2A6-1DFBA1F2693B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-12] (Adobe Systems Incorporated)
Task: {F8A8E6CE-B2E9-4C8F-A117-CE0C63E20062} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\EPSON XP-215 217 Series Invitation {9F247DB0-7006-49DA-AD93-9D99068E0F1A}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE
Task: C:\Windows\Tasks\EPSON XP-215 217 Series Update {9F247DB0-7006-49DA-AD93-9D99068E0F1A}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE :/EXE:{9F247DB0-7006-49DA-AD93-9D99068E0F1A} /F:Update  SYSTEM ÄŠSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2011-05-02 13:41 - 2011-05-02 13:41 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2016-09-01 17:12 - 2016-09-01 17:12 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-10-05 18:17 - 2016-10-05 18:17 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2009-01-22 00:45 - 2009-01-22 00:45 - 01401856 _____ () C:\Program Files (x86)\EgisTec MyWinLocker\x64\LIBEAY32.dll
2011-04-24 02:29 - 2011-04-24 02:29 - 00465640 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2011-04-24 02:29 - 2011-04-24 02:29 - 01081664 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\ACE.dll
2011-04-24 02:29 - 2011-04-24 02:29 - 00125760 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\MailConverter32.dll
2011-09-06 07:50 - 2011-05-20 18:05 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3921616589-2122781770-2851317462-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Manfred G\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{83026738-D136-4370-9498-D1224EEB7BD8}] => C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{EBF09B2B-E26A-431E-99E4-BA58AD43F81C}] => C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{880A1959-662D-4A71-BD28-BD5747D2AC7A}] => C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{55C86C9F-B790-4CC2-9433-AA6ED98668F8}] => C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{CA106C9B-CA8E-4085-9884-905234800FC2}] => LPort=2869
FirewallRules: [{26DF612B-72CD-442E-95EE-1FF85336879B}] => LPort=1900
FirewallRules: [{25ACF4C0-F8F3-4E8C-9810-CBB998ED961F}] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{23936801-2C8B-44FF-BBBC-E398DEB77531}] => C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{67D65601-1424-4733-8166-8BB62BAE6BFE}] => C:\Program Files (x86)\Acer\Acer VCM\VC.exe
FirewallRules: [{5E5E219B-254A-4E20-80EB-EEC333C54BF0}] => C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
FirewallRules: [{611128FA-D3AE-416F-BD40-B6553605A166}] => C:\Program Files (x86)\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{357E67FA-5B0C-4736-B02B-49C6F4A87FEF}] => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe
FirewallRules: [{04D5BEF0-55F2-47A7-8566-8C30022F319D}] => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
FirewallRules: [{936907B1-35F0-4BD4-AA50-1BF9FB3B647C}] => C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{51A794B9-00C9-4F0A-A450-F55D8192F50E}] => C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
FirewallRules: [{F812DB42-1D1B-4887-B760-1E95B7409714}] => C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
FirewallRules: [{16234A6F-62CF-4E31-A939-F9499BDC1647}] => C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe
FirewallRules: [{A78035E9-5F5B-4497-AA78-FBE6DD040D02}] => C:\Program Files (x86)\Acer\clear.fi\Movie\TouchMovie.exe
FirewallRules: [{B5874D56-2FAA-4557-8E84-5A5BB1ADEDCE}] => C:\Program Files (x86)\Acer\clear.fi\Movie\TouchMovieService.exe
FirewallRules: [{D746CB64-C450-4E14-8C3D-6CEB3D9FD17D}] => C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [{76AD0C8F-B46C-48E3-AAD2-3D645C552436}] => C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [TCP Query User{9ED3915B-C613-4FE6-B6AD-4D48BDF03177}C:\program files (x86)\microsoft office\office12\groove.exe] => C:\program files (x86)\microsoft office\office12\groove.exe
FirewallRules: [UDP Query User{EBD8A2AB-47D3-44EA-9FD7-BB1736F0873D}C:\program files (x86)\microsoft office\office12\groove.exe] => C:\program files (x86)\microsoft office\office12\groove.exe
FirewallRules: [TCP Query User{2EA441FC-79CD-459B-928D-C6BCF2EC07E6}C:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe] => C:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe
FirewallRules: [UDP Query User{415BDE12-B1EA-432E-8120-072F449CCCC1}C:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe] => C:\program files (x86)\common files\nokia\service layer\a\nsl_host_process.exe
FirewallRules: [TCP Query User{42589FB1-1414-47F1-90E5-D50A19C690F2}C:\program files (x86)\nokia\nokia ovi suite\nokiaovisuite.exe] => C:\program files (x86)\nokia\nokia ovi suite\nokiaovisuite.exe
FirewallRules: [UDP Query User{4CB39761-7756-4AEB-9734-681F829933F4}C:\program files (x86)\nokia\nokia ovi suite\nokiaovisuite.exe] => C:\program files (x86)\nokia\nokia ovi suite\nokiaovisuite.exe
FirewallRules: [{42947F19-9F14-4F84-AC29-D197492ECAFE}] => C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [{195163DF-92E5-4300-8776-488B707C54ED}] => C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [{468E39B6-B71C-4B11-B2C6-F83C7A4D3615}] => C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [{6724D8F1-99B5-495E-A0C9-7743E67CBF29}] => C:\Program Files (x86)\McAfee\Common Framework\FrameworkService.exe
FirewallRules: [{26BA0A77-B3A7-4E8D-8F32-F28DBFAA2CBF}] => C:\Users\Manfred G\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\EpsonNetSetup3_6_1_2200\ENEasyApp.exe
FirewallRules: [{943D3A2E-1143-4DB3-93DF-998456DF7E20}] => C:\Users\Manfred G\AppData\Local\Temp\EpInsNav\DL\3013\Network\EpsonNetSetup\EpsonNetSetup3_6_1_2200\ENEasyApp.exe
FirewallRules: [{5899AE7E-710F-4949-8B35-64CEBC2D9DA3}] => C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{B1510C5F-5391-424D-A0CD-2BF9BE4A096D}] => C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{8C652783-0939-4A98-8CAE-910D880F2F68}] => C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{4E27C4E7-D98F-4E3F-A427-D25D2E40E9D0}] => C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [TCP Query User{5A897702-F3C8-4678-AF04-A3D0B8A093A2}C:\users\Manfred G\appdata\roaming\spotify\spotify.exe] => C:\users\Manfred G\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{ED21481F-C761-45D4-AD40-4F94ED3B6661}C:\users\Manfred G\appdata\roaming\spotify\spotify.exe] => C:\users\Manfred G\appdata\roaming\spotify\spotify.exe
FirewallRules: [{9D8C744E-CD22-4932-9855-48E2883C16EE}] => C:\users\Manfred G\appdata\roaming\spotify\spotify.exe
FirewallRules: [{869A5B1F-15C6-4993-93A4-BFE6D8F3B7B9}] => C:\users\Manfred G\appdata\roaming\spotify\spotify.exe
FirewallRules: [{CAABCF82-C0C8-411C-BE2A-14DC4643CE1A}] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{03FBB5EC-041D-46D4-929E-4F101A7EC921}] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [TCP Query User{A251D5C1-1E20-4DAD-BEBD-AFD944F8DE70}C:\program files (x86)\atmel\atmel studio 6.2\atmelstudio.exe] => C:\program files (x86)\atmel\atmel studio 6.2\atmelstudio.exe
FirewallRules: [UDP Query User{E1F214C5-91BC-4F13-987C-F9352434E560}C:\program files (x86)\atmel\atmel studio 6.2\atmelstudio.exe] => C:\program files (x86)\atmel\atmel studio 6.2\atmelstudio.exe
FirewallRules: [{2109CA59-460F-4E81-80C0-B8F3D5454289}] => C:\program files (x86)\atmel\atmel studio 6.2\atmelstudio.exe
FirewallRules: [{EC96294A-676A-4C20-AB8D-1A62B1245BB6}] => C:\program files (x86)\atmel\atmel studio 6.2\atmelstudio.exe
FirewallRules: [{E2322E38-227F-4504-BC6B-BD808159CA93}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{73FD43D4-F7FC-4D98-AD2F-B2896435FBB6}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{3783848A-8784-41B2-80F1-8AC61DC414BA}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{65FFD163-AAF2-4702-829B-27A467BD2C91}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{255F23CD-9570-46D9-9CFE-5C30F459F0DF}] => C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{944BFA14-4A5C-40FB-9004-6B73E5DEAB24}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{3F3610DA-46C0-4FA9-862A-9F6116B86E79}] => C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe

==================== Wiederherstellungspunkte =========================

07-01-2017 18:58:21 Geplanter Prüfpunkt
11-01-2017 14:04:17 Windows Update
24-01-2017 18:13:38 Geplanter Prüfpunkt
29-01-2017 15:29:57 Removed Microsoft Office Enterprise 2007
29-01-2017 15:36:29 McAfee VirusScan Enterprise wurde entfernt.
29-01-2017 15:46:11 Removed McAfee Agent.
30-01-2017 18:12:07 Windows Update
30-01-2017 18:48:47 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (01/30/2017 06:41:56 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.

Error: (01/29/2017 09:32:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3058

Error: (01/29/2017 09:32:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3058

Error: (01/29/2017 09:32:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/29/2017 09:32:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2044

Error: (01/29/2017 09:32:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2044

Error: (01/29/2017 09:32:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/29/2017 09:32:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1045

Error: (01/29/2017 09:32:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1045

Error: (01/29/2017 09:32:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


Systemfehler:
=============
Error: (01/30/2017 06:49:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (01/30/2017 06:40:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Druckwarteschlange" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann den angegebenen Pfad nicht finden.

Error: (01/30/2017 06:40:42 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\Windows\System32\IWMSSvc.dll

Error: (01/30/2017 06:40:42 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\Windows\System32\IWMSSvc.dll

Error: (01/30/2017 06:40:42 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\Windows\System32\IWMSSvc.dll

Error: (01/30/2017 06:40:28 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\Windows\System32\IWMSSvc.dll

Error: (01/30/2017 06:40:24 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
Es wird bereits eine Instanz des Dienstes ausgeführt.

Error: (01/30/2017 06:39:55 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Live ID Sign-in Assistant" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/30/2017 06:39:55 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Management and Security Application User Notification Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (01/30/2017 06:39:55 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 37%
Installierter physikalischer RAM: 3947.86 MB
Verfügbarer physikalischer RAM: 2450.29 MB
Summe virtueller Speicher: 7893.9 MB
Verfügbarer virtueller Speicher: 6283.51 MB

==================== Laufwerke ================================

Drive c: (Acer) (Fixed) (Total:683.54 GB) (Free:347.33 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 0934C5AB)
Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=683.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         

Alt 01.02.2017, 09:28   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Chrome öffnet Werbefenster vermutlich cloudfront - Standard

Chrome öffnet Werbefenster vermutlich cloudfront



Kontrollscans mit (1) MBAM, (2) ESET und (3) SecurityCheck bitte:


1. Schritt: MBAM

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.




2. Schritt: ESET

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset




3. Schritt: SecurityCheck

Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 02.02.2017, 21:06   #13
karstellos
 
Chrome öffnet Werbefenster vermutlich cloudfront - Standard

Chrome öffnet Werbefenster vermutlich cloudfront



Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 01.02.2017
Suchlaufzeit: 20:02
Protokolldatei: mamb.txt
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2017.02.01.09
Rootkit-Datenbank: v2016.11.20.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Manfred G

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 451649
Abgelaufene Zeit: 42 Min., 37 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         
Code:
ATTFilter
C:\Users\Manfred G\Downloads\Sweet Home 3D - CHIP-Installer.exe	Variante von Win32/DownloadSponsor.C eventuell unerwünschte Anwendung
         
Code:
ATTFilter
 Results of screen317's Security Check version 1.009  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Adobe Reader 10.1.15 Adobe Reader out of Date!  
 Google Chrome (55.0.2883.87) 
 Google Chrome (SetupMetrics...) 
````````Process Check: objlist.exe by Laurent````````  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         

Alt 03.02.2017, 11:44   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Chrome öffnet Werbefenster vermutlich cloudfront - Standard

Chrome öffnet Werbefenster vermutlich cloudfront



Zitat:
Adobe Reader 10.1.15 Adobe Reader out of Date!
deinstallieren.


Zitat:
Sweet Home 3D - CHIP-Installer.exe Variante von Win32/DownloadSponsor.C eventuell unerwünschte Anwendung

In Zukunft keine Downloads mehr von chip.de!

Von chip lädst du in Zukunft besser nix mehr. Die verarschen ihre Kunden aus reiner Profitgier. Siehe auch http://www.trojaner-board.de/168364-...mpfehlung.html und CHIP-Installer - was ist das? - Anleitungen
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 03.02.2017, 17:08   #15
karstellos
 
Chrome öffnet Werbefenster vermutlich cloudfront - Standard

Chrome öffnet Werbefenster vermutlich cloudfront



Adobe Reader habe ich deinstalliert und werde eine aktuelle Version installieren. Chip werde ich in Zukunft meiden. Ist sonst noch was zu tun, oder ist das System jetzt "sauber"?

Antwort

Themen zu Chrome öffnet Werbefenster vermutlich cloudfront
adobe, bonjour, computer, defender, desktop, excel, flash player, google, home, launch, object, problem, proxy, realtek, registry, rundll, scan, secur, services.exe, software, svchost.exe, udp, usb, warnung, werbefenster, windows



Ähnliche Themen: Chrome öffnet Werbefenster vermutlich cloudfront


  1. Werbefenster/Werbung im Google Chrome Browser trotz AdBlocker Plus
    Plagegeister aller Art und deren Bekämpfung - 12.01.2017 (16)
  2. Cloudfront.net redirect entfernen
    Anleitungen, FAQs & Links - 02.10.2016 (2)
  3. Werbefenster öffnen sich in Chrome ständig
    Plagegeister aller Art und deren Bekämpfung - 15.08.2016 (35)
  4. Firefox öffnet ständig neue Tabs mit Werbung, bzw. öffnet Werbefenster unten rechts
    Plagegeister aller Art und deren Bekämpfung - 01.02.2016 (1)
  5. Chrome öffnet Werbefenster, Links führen nicht immer ans richtige Ziel
    Plagegeister aller Art und deren Bekämpfung - 07.12.2015 (6)
  6. Unerwünschte Werbefenster in Chrome - Laptop so langsam, sodass kaum noch verwendbar!
    Plagegeister aller Art und deren Bekämpfung - 17.10.2015 (12)
  7. Chrome öffnet selbstständig neue Werbefenster
    Log-Analyse und Auswertung - 30.05.2015 (8)
  8. Massive Lagspikes, vermutlich verursacht durch Chrome
    Log-Analyse und Auswertung - 28.04.2015 (13)
  9. Windows 8, Google Chrome, Werbefenster öffnen sich alleine
    Log-Analyse und Auswertung - 13.04.2015 (11)
  10. Chrome öffnet sich von alleine und öffnet dann Popup Fenster
    Log-Analyse und Auswertung - 08.03.2015 (11)
  11. Google Chrome öffnet Werbefenster und komische Seiten
    Log-Analyse und Auswertung - 12.11.2014 (7)
  12. in Chrome öffen sich selbständig neue Werbefenster
    Alles rund um Windows - 31.03.2014 (1)
  13. cloudfront.net entfernen
    Anleitungen, FAQs & Links - 20.01.2014 (2)
  14. schon wieder öffnen sich eigenständig Werbefenster im Chrome -.-
    Plagegeister aller Art und deren Bekämpfung - 05.10.2013 (16)
  15. IE öffnet Werbefenster
    Log-Analyse und Auswertung - 13.05.2010 (3)
  16. Firefox öffnet Werbefenster !!
    Plagegeister aller Art und deren Bekämpfung - 22.02.2009 (8)
  17. FireFox öffnet Werbefenster
    Plagegeister aller Art und deren Bekämpfung - 24.05.2008 (20)

Zum Thema Chrome öffnet Werbefenster vermutlich cloudfront - Hallo, ich habe wie oben geschrieben das Problem, dass nach Installieren einer Chip Software etwas mitinstalliert hat, wodurch Werbefenster geöffnet werden. Ich habe cloudfront und reimageplus ausgemacht. Code: Alles auswählen - Chrome öffnet Werbefenster vermutlich cloudfront...
Archiv
Du betrachtest: Chrome öffnet Werbefenster vermutlich cloudfront auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.