Browsersuchleiste greift in firefox auf yahoo zurück

Waffelprinz · 13.04.2016, 00:42

Hallo an alle,

ich habe win8.1 und surfe mit firefox. Seit neuestem sucht firefox mit yahoo wenn ich etwas in die browsersuchleiste oder das suchfeld daneben eingebe.
Weder unter Systemsteuerung noch Addons im firefox findet sich etwas von yahoo.

AntiMalewarebytes habe ich laufen lassen, es hatte auch ziemlich viel gefunden, obwohl mein PC noch ein paar Tage davor per Scan vollkommen in Ordnung war. Auch den Adw Cleaner hatte ich laufen, er hat auch ein paar Dinge gefunden. Ich habe alles löschen lassen. Leider habe ich glaube ich die Logfiles nicht mehr, das war dumm, aber ich dachte ja, das Problem wäre gelöst.

Kann mir jemand helfen? Bis dahin war mein PC immer super sauber, echt ärgerlich.

Vielen lieben Dank

Prinz

M-K-D-B · 13.04.2016, 15:31

Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.

Bitte beachte folgende Hinweise:

Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort als Administrator zu starten!

Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!

Wieso löscht ihr alle immer die Logdateien? Diese helfen uns enorm.... ich kapier das einfach nicht...

Zur ersten Analyse bitte FRST und TDSS-Killer ausführen:

Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Schritt 2
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Bitte poste mit deiner nächsten Antwort

die Logdatei von TDSS-Killer,
die beiden neuen Logdateien von FRST.

Waffelprinz · 13.04.2016, 22:01

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:13-04-2016
durchgeführt von Evan (Administrator) auf EVANSPC (13-04-2016 22:57:13)
Gestartet von C:\Users\Evan\Desktop
Geladene Profile: Evan (Verfügbare Profile: Evan)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\mcafee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Dolby Laboratories Inc.) C:\Program Files\Dolby Digital Plus\ddp.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.8.267.0\McCSPServiceHost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Corporation) C:\Windows\System32\logagent.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(McAfee, Inc.) C:\Program Files\McAfee.com\Agent\mcupdate.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-05-26] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387376 2014-05-13] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2685072 2015-05-01] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM-x32\...\Run: [BacKGround Agent] => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [62208 2014-12-19] (Acer Incorporated)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2011-03-09] (CyberLink)
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [136488 2012-06-14] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe [234000 2012-06-14] (CyberLink Corp.)
HKLM-x32\...\Run: [LGODDFU] => C:\Program Files (x86)\lg_fwupdate\lgfw.exe [27760 2012-07-12] (Bitleader)
HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [90880 2014-12-19] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595480 2016-03-20] (Oracle Corporation)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [220704 2016-04-05] (Geek Software GmbH)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2014-04-29] (Atheros Communications)
HKU\S-1-5-21-3016204580-1220623134-1212562069-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3013712 2015-12-14] (Valve Corporation)
HKU\S-1-5-21-3016204580-1220623134-1212562069-1001\...\Run: [AcerPortal] => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2480384 2014-12-19] (Acer)
HKU\S-1-5-21-3016204580-1220623134-1212562069-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50599552 2016-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-3016204580-1220623134-1212562069-1001\...\MountPoints2: {161cc7c0-a4ea-11e5-82fe-206a8ade63c7} - "E:\Startme.exe" 
HKU\S-1-5-21-3016204580-1220623134-1212562069-1001\...\MountPoints2: {238b1480-e510-11e4-8281-206a8ade63c7} - "E:\Startme.exe" 
HKU\S-1-5-21-3016204580-1220623134-1212562069-1001\...\MountPoints2: {7649c2b4-11a9-11e5-8286-206a8ade63c7} - "E:\Startme.exe" 
HKU\S-1-5-21-3016204580-1220623134-1212562069-1001\...\MountPoints2: {794acad2-9530-11e4-8274-3010b3063411} - "F:\Startme.exe" 
ShellIconOverlayIdentifiers: [ACloudSyncedRF] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll [2014-12-19] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ACloudSyncedSF] -> {5D5F18B7-D59B-4B18-A3E9-0A4BDCCCB699} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll [2014-12-19] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll [2014-12-19] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll [2014-12-19] (Acer Incorporated)
Startup: C:\Users\Evan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk [2014-10-29]
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog5 01 C:\Windows\SysWOW64\napinsp.dll [55296 2014-10-29] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\system32\napinsp.dll"
Winsock: Catalog5 02 C:\Windows\SysWOW64\pnrpnsp.dll [70144 2014-10-29] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\system32\pnrpnsp.dll"
Winsock: Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [70144 2014-10-29] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\system32\pnrpnsp.dll"
Winsock: Catalog5 04 C:\Windows\SysWOW64\NLAapi.dll [65536 2014-10-29] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [286208 2014-10-29] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [23040 2014-10-29] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\System32\winrnr.dll"
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{95491AA6-1613-4636-9E91-37E128AD2C1D}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{D6FBC128-646D-4B1B-8334-D7C9A6BB9864}: [DhcpNameServer] 10.57.1.1
Tcpip\..\Interfaces\{F757B5CF-AD94-48D2-ABC6-7FE01E11C386}: [DhcpNameServer] 134.99.128.5

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3016204580-1220623134-1212562069-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3016204580-1220623134-1212562069-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3016204580-1220623134-1212562069-1001 -> DefaultScope {3F2B611F-5109-4879-B3FD-0315455AAE2D} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=C011DE0D20141025&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3016204580-1220623134-1212562069-1001 -> {3F2B611F-5109-4879-B3FD-0315455AAE2D} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=C011DE0D20141025&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3016204580-1220623134-1212562069-1001 -> {77CC7B76-B91B-4C13-8068-EC9B1F6BEB9E} URL = 
BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-03-28] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-03-28] (Oracle Corporation)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-03-28] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-03-28] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-03-28] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-03-28] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\MSC\McSnIePl64.dll [2016-03-03] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2016-03-03] (McAfee, Inc.)

FireFox:
========
FF ProfilePath: C:\Users\Evan\AppData\Roaming\Mozilla\Firefox\Profiles\dl78uy9u.default
FF DefaultSearchEngine: Sichere Suche
FF SearchEngineOrder.1: Sichere Suche
FF SelectedSearchEngine: Sichere Suche
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-07] ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2016-03-03] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-07] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-13] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-13] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-08-26] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-02-19] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-02-19] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-03-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-03-28] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2016-03-03] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3016204580-1220623134-1212562069-1001: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2015-05-29] (Sony Network Entertainment International LLC)
FF SearchPlugin: C:\Users\Evan\AppData\Roaming\Mozilla\Firefox\Profiles\dl78uy9u.default\searchplugins\google-images.xml [2014-12-06]
FF SearchPlugin: C:\Users\Evan\AppData\Roaming\Mozilla\Firefox\Profiles\dl78uy9u.default\searchplugins\google-maps.xml [2014-12-06]
FF SearchPlugin: C:\Users\Evan\AppData\Roaming\Mozilla\Firefox\Profiles\dl78uy9u.default\searchplugins\McSiteAdvisor.xml [2016-03-19]
FF Extension: McAfee WebAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2015-12-29]
FF Extension: Adblock Plus - C:\Users\Evan\AppData\Roaming\Mozilla\Firefox\Profiles\dl78uy9u.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-24]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2016-02-19] [ist nicht signiert]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-03-30]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-03-30]
CHR HKLM-x32\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files (x86)\Sony\Media Go\MediaGoDetector.crx" <nicht gefunden>

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [319104 2014-04-29] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert]
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2713856 2014-12-19] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-06-12] (Acer Incorporated)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-01] (NVIDIA Corporation)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315352 2014-06-16] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-02-19] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-02-19] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [466664 2014-06-10] (Acer Incorporate)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [163592 2016-03-28] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [863448 2016-03-03] (McAfee, Inc.)
R2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.8.267.0\McCSPServiceHost.exe [1696712 2016-02-23] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [681680 2016-02-26] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [234192 2015-11-18] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [380896 2016-01-21] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [275368 2015-11-18] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1884304 2015-05-01] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22997648 2015-05-01] (NVIDIA Corporation)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [157487 2015-09-04] (The OpenVPN Project) [Datei ist nicht signiert]
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [896456 2016-03-02] (Intel Security, Inc.)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-06-26] (Acer Incorporate)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [233216 2014-06-23] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3893248 2014-04-02] (Qualcomm Atheros Communications, Inc.)
S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-04-29] (Qualcomm Atheros)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [79248 2015-11-25] (McAfee, Inc.)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 dsNcAdpt; C:\Windows\system32\DRIVERS\dsNcAdpt.sys [36816 2014-04-10] (Juniper Networks) [Datei ist nicht signiert]
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 ggsomc; C:\Windows\System32\drivers\ggsomc.sys [30424 2015-07-09] (Sony Mobile Communications)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [207208 2015-05-19] (McAfee, Inc.)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [116736 2014-02-19] (Intel Corporation)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [419624 2015-11-25] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [351144 2015-11-25] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [83096 2015-11-25] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [496368 2015-11-25] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [846080 2015-11-25] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [539496 2015-11-20] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [109480 2015-11-20] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [36968 2016-01-19] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [245096 2015-11-25] (McAfee, Inc.)
S1 ndisrd; C:\Windows\system32\DRIVERS\ndisrfl.sys [41688 2014-10-30] (Intel Corporation)
S3 NetTap630; C:\Windows\system32\DRIVERS\nettap630.sys [67800 2014-10-30] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-01] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 mfeaack01; \Device\mfeaack01.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-13 22:57 - 2016-04-13 22:57 - 00025917 _____ C:\Users\Evan\Desktop\FRST.txt
2016-04-13 22:56 - 2016-04-13 22:57 - 00000000 ____D C:\FRST
2016-04-13 22:56 - 2016-04-13 22:56 - 02375168 _____ (Farbar) C:\Users\Evan\Desktop\FRST64.exe
2016-04-13 12:03 - 2016-02-02 20:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys
2016-04-13 12:02 - 2016-04-04 08:35 - 00046768 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-04-13 12:02 - 2016-04-02 15:26 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-04-13 12:02 - 2016-04-02 15:26 - 01169408 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-04-13 12:02 - 2016-03-31 02:54 - 25817600 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-04-13 12:02 - 2016-03-31 02:31 - 02892800 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-04-13 12:02 - 2016-03-31 02:28 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-04-13 12:02 - 2016-03-31 02:25 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-04-13 12:02 - 2016-03-31 02:17 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-04-13 12:02 - 2016-03-31 02:03 - 20352512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-04-13 12:02 - 2016-03-31 01:56 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2016-04-13 12:02 - 2016-03-31 01:56 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-04-13 12:02 - 2016-03-31 01:55 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-04-13 12:02 - 2016-03-31 01:53 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-04-13 12:02 - 2016-03-31 01:51 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-04-13 12:02 - 2016-03-31 01:50 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-04-13 12:02 - 2016-03-31 01:45 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-04-13 12:02 - 2016-03-31 01:45 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-04-13 12:02 - 2016-03-31 01:43 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-04-13 12:02 - 2016-03-31 01:43 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-04-13 12:02 - 2016-03-31 01:43 - 00379392 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-04-13 12:02 - 2016-03-31 01:42 - 02131968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-04-13 12:02 - 2016-03-31 01:39 - 15415808 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-04-13 12:02 - 2016-03-31 01:30 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-04-13 12:02 - 2016-03-31 01:30 - 02596864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-04-13 12:02 - 2016-03-31 01:30 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-04-13 12:02 - 2016-03-31 01:30 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2016-04-13 12:02 - 2016-03-31 01:27 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-04-13 12:02 - 2016-03-31 01:24 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-04-13 12:02 - 2016-03-31 01:23 - 02056192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-04-13 12:02 - 2016-03-31 01:23 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-04-13 12:02 - 2016-03-31 01:23 - 00330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-04-13 12:02 - 2016-03-31 01:21 - 13811712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-04-13 12:02 - 2016-03-31 01:18 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-04-13 12:02 - 2016-03-31 01:06 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-04-13 12:02 - 2016-03-31 01:05 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-04-13 12:02 - 2016-03-31 01:02 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-04-13 12:02 - 2016-03-31 01:00 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-04-13 12:02 - 2016-03-29 16:05 - 04175872 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-04-13 12:02 - 2016-03-28 15:21 - 00698368 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-04-13 12:02 - 2016-03-28 15:21 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-04-13 12:02 - 2016-03-28 15:21 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-04-13 12:02 - 2016-03-28 15:21 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-04-13 12:02 - 2016-03-28 15:21 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-04-13 12:02 - 2016-03-16 01:00 - 00561952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-04-13 12:02 - 2016-03-15 16:14 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-04-13 12:02 - 2016-03-11 16:48 - 00833024 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2016-04-13 12:02 - 2016-03-10 21:19 - 07452512 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-04-13 12:02 - 2016-03-10 21:17 - 01663192 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-04-13 12:02 - 2016-03-10 21:17 - 01523216 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-04-13 12:02 - 2016-03-10 21:17 - 01490128 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-04-13 12:02 - 2016-03-10 21:17 - 01358960 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2016-04-13 12:02 - 2016-03-10 21:17 - 01133752 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-04-13 12:02 - 2016-03-10 20:22 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-04-13 12:02 - 2016-03-10 20:21 - 00401920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-04-13 12:02 - 2016-03-10 20:20 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-04-13 12:02 - 2016-03-10 19:48 - 00862720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-04-13 12:02 - 2016-03-10 19:44 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-04-13 12:02 - 2016-03-10 19:43 - 00161280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-04-13 12:02 - 2016-03-10 19:16 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-04-13 12:02 - 2016-03-10 19:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2016-04-13 12:02 - 2016-03-10 18:55 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-04-13 12:02 - 2016-03-10 18:48 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2016-04-13 12:02 - 2016-03-10 18:42 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-04-13 12:02 - 2016-03-03 18:47 - 02345472 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2016-04-13 12:02 - 2016-03-03 18:33 - 01556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2016-04-13 12:02 - 2016-03-03 18:13 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2016-04-13 12:02 - 2016-03-03 03:39 - 01661576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-04-13 12:02 - 2016-03-03 03:39 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-04-13 12:02 - 2016-02-09 03:31 - 22365472 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-04-13 12:02 - 2016-02-09 03:31 - 19794896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-04-13 12:02 - 2016-02-09 03:31 - 02757616 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-04-13 12:02 - 2016-02-09 03:31 - 02412576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-04-13 12:02 - 2016-02-09 03:31 - 00273264 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2016-04-13 12:02 - 2016-02-08 22:55 - 02712576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-04-13 12:02 - 2016-02-08 22:15 - 02551808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themecpl.dll
2016-04-13 12:02 - 2016-02-08 22:02 - 01197056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2016-04-13 12:02 - 2016-02-08 21:48 - 12879360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2016-04-13 12:02 - 2016-02-08 21:43 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2016-04-13 12:02 - 2016-02-08 21:40 - 00539648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hgcpl.dll
2016-04-13 12:02 - 2016-02-08 21:39 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2016-04-13 12:02 - 2016-02-08 21:37 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingMonitor.dll
2016-04-13 12:02 - 2016-02-08 21:35 - 00954880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2016-04-13 12:02 - 2016-02-08 21:34 - 00667648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
2016-04-13 12:02 - 2016-02-08 21:33 - 00520192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2016-04-13 12:02 - 2016-02-08 20:50 - 03120640 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-04-13 12:02 - 2016-02-08 19:55 - 02592256 _____ (Microsoft Corporation) C:\Windows\system32\themecpl.dll
2016-04-13 12:02 - 2016-02-08 19:33 - 01278464 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2016-04-13 12:02 - 2016-02-08 19:12 - 14466560 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2016-04-13 12:02 - 2016-02-08 19:02 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2016-04-13 12:02 - 2016-02-08 19:00 - 00599552 _____ (Microsoft Corporation) C:\Windows\system32\hgcpl.dll
2016-04-13 12:02 - 2016-02-08 18:58 - 00336384 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2016-04-13 12:02 - 2016-02-08 18:55 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\SettingMonitor.dll
2016-04-13 12:02 - 2016-02-08 18:53 - 02171904 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll
2016-04-13 12:02 - 2016-02-08 18:53 - 01348096 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2016-04-13 12:02 - 2016-02-08 18:50 - 01220096 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2016-04-13 12:02 - 2016-02-08 18:50 - 00841728 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll
2016-04-13 12:02 - 2016-02-08 18:48 - 00655872 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2016-04-13 12:02 - 2016-02-08 18:47 - 02819584 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2016-04-13 12:02 - 2016-02-08 18:44 - 00955392 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2016-04-13 12:02 - 2016-02-07 01:05 - 00551256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2016-04-13 12:02 - 2016-02-07 00:41 - 00316760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2016-04-13 12:02 - 2016-02-05 21:07 - 00378712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2016-04-13 12:02 - 2016-02-05 17:11 - 00845312 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2016-04-13 12:02 - 2016-02-05 17:11 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2016-04-13 12:02 - 2016-02-05 17:07 - 00272384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2016-04-13 12:02 - 2016-02-05 17:02 - 01083904 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2016-04-13 12:02 - 2016-02-05 16:46 - 01455104 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2016-04-13 12:02 - 2016-02-04 20:07 - 00222720 _____ (Microsoft Corporation) C:\Windows\system32\dhcpsapi.dll
2016-04-13 12:02 - 2016-02-04 19:35 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpsapi.dll
2016-04-13 12:02 - 2016-02-04 18:23 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2016-04-13 12:02 - 2016-02-04 18:22 - 00561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2016-04-13 12:02 - 2016-02-03 17:14 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2016-04-13 12:02 - 2016-02-03 17:11 - 01673728 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2016-04-13 12:02 - 2016-02-02 19:51 - 00162304 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2016-04-13 12:02 - 2016-02-02 19:19 - 00144384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2016-04-13 12:02 - 2016-02-02 19:18 - 01574912 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe
2016-04-13 12:02 - 2016-02-02 19:15 - 00787456 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
2016-04-13 12:02 - 2016-02-02 19:01 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\WsmAgent.dll
2016-04-13 12:02 - 2016-02-02 18:51 - 02609152 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2016-04-13 12:02 - 2016-02-02 18:48 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2016-04-13 12:02 - 2016-02-02 18:46 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAgent.dll
2016-04-13 12:02 - 2016-02-02 18:41 - 02170880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2016-04-13 12:02 - 2016-02-02 18:39 - 00236032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2016-04-13 12:02 - 2016-01-31 19:17 - 00779264 _____ (Microsoft Corporation) C:\Windows\system32\WindowsAnytimeUpgradeui.exe
2016-04-13 12:02 - 2016-01-27 17:18 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2016-04-13 12:02 - 2016-01-26 21:15 - 00072024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vpci.sys
2016-04-13 12:02 - 2016-01-22 07:22 - 02487296 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2016-04-13 12:02 - 2016-01-22 07:11 - 01482240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2016-04-13 12:02 - 2016-01-21 21:35 - 00952928 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2016-04-13 12:02 - 2016-01-21 20:42 - 00786152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2016-04-13 12:02 - 2016-01-21 00:40 - 00099672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2016-04-13 12:02 - 2014-11-08 04:38 - 00166912 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2016-04-13 12:02 - 2014-11-08 04:17 - 00143360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2016-04-12 10:10 - 2016-04-12 10:10 - 48271149 _____ C:\Users\Evan\Desktop\bok%3A978-3-322-90755-4.pdf
2016-04-12 10:10 - 2016-04-12 10:10 - 00266088 _____ C:\Users\Evan\Desktop\20070914_Rossa-Sladek_Markenerfolg.pdf
2016-04-12 10:04 - 2016-04-12 10:06 - 00426261 _____ C:\Users\Evan\Desktop\LiM-AP-17-Markenprofilierung-durch-Branchen.pdf
2016-04-12 10:01 - 2016-04-12 10:01 - 27081437 _____ C:\Users\Evan\Desktop\Viele Untmarken werden kombiniert - Branchenimages.pdf
2016-04-12 09:48 - 2016-04-12 14:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-04-12 09:26 - 2016-04-12 09:26 - 00150761 _____ C:\Users\Evan\Desktop\0fcfd50c059b6ed8c6000000.pdf
2016-04-11 19:16 - 2016-04-13 01:02 - 00003846 _____ C:\Windows\System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse
2016-04-07 00:11 - 2016-04-07 00:11 - 00016896 ___SH C:\Users\Evan\Thumbs.db
2016-04-07 00:06 - 2016-04-07 00:11 - 26443214 _____ C:\Users\Evan\Desktop\Evan A. Horst CV+Arbeitszeugnisse.pdf
2016-04-06 17:06 - 2016-04-06 17:06 - 00001064 _____ C:\Users\Public\Desktop\PDF24.lnk
2016-04-06 17:06 - 2016-04-06 17:06 - 00000000 ____D C:\Users\Evan\AppData\Local\PDF24
2016-04-06 17:06 - 2016-04-06 17:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2016-04-06 17:06 - 2016-04-06 17:06 - 00000000 ____D C:\Program Files (x86)\PDF24
2016-04-06 17:02 - 2016-04-06 17:02 - 00000000 ____D C:\Program Files\PDFCreator
2016-04-01 11:10 - 2016-04-01 11:10 - 00000000 ____D C:\ProgramData\pdfforge
2016-04-01 10:46 - 2016-04-01 11:09 - 00000000 ____D C:\Users\Evan\AppData\Roaming\PDF Architect 4
2016-04-01 10:45 - 2016-04-01 11:10 - 00000000 ____D C:\Program Files\PDF Architect 4
2016-04-01 10:44 - 2016-04-01 11:16 - 00000000 ____D C:\ProgramData\PDF Architect 4
2016-03-31 18:44 - 2016-03-31 18:44 - 35242143 _____ C:\Users\Evan\Desktop\Masterarbeit Literatur.zip
2016-03-31 18:36 - 2016-04-07 00:13 - 00000000 ____D C:\Users\Evan\Desktop\Scanbot
2016-03-30 15:59 - 2016-04-01 10:40 - 00036633 _____ C:\Users\Evan\Desktop\Lebenslauf Evan A. Horst.pdf

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-13 22:56 - 2014-08-25 18:17 - 00765582 _____ C:\Windows\system32\perfh007.dat
2016-04-13 22:56 - 2014-08-25 18:17 - 00159366 _____ C:\Windows\system32\perfc007.dat
2016-04-13 22:56 - 2014-03-18 12:03 - 01776918 _____ C:\Windows\system32\PerfStringBackup.INI
2016-04-13 22:56 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2016-04-13 22:53 - 2014-10-25 17:09 - 00000000 ____D C:\Users\Evan\AppData\Roaming\ClassicShell
2016-04-13 22:52 - 2014-10-25 05:43 - 00000000 ____D C:\Users\Evan\AppData\Local\CrashDumps
2016-04-13 22:50 - 2014-11-02 13:23 - 00000000 __RDO C:\Users\Evan\OneDrive
2016-04-13 22:50 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-13 22:50 - 2013-08-22 16:44 - 00387328 _____ C:\Windows\system32\FNTCACHE.DAT
2016-04-13 16:29 - 2015-04-16 23:55 - 00000000 ____D C:\Windows\system32\appraiser
2016-04-13 16:29 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData
2016-04-13 16:29 - 2013-08-22 15:25 - 00524288 ___SH C:\Windows\system32\config\BBI
2016-04-13 16:17 - 2014-10-24 23:54 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-04-13 16:03 - 2015-01-10 22:58 - 00000000 ____D C:\Users\Evan\AppData\Local\Battle.net
2016-04-13 15:54 - 2016-03-07 23:07 - 00010653 _____ C:\Users\Evan\Desktop\Notendurchschnitt.xlsx
2016-04-13 12:16 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2016-04-13 12:15 - 2014-10-28 01:15 - 00000000 ____D C:\Windows\system32\MRT
2016-04-13 12:12 - 2014-10-28 01:15 - 135176864 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-04-13 12:09 - 2014-10-25 03:55 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3016204580-1220623134-1212562069-1001
2016-04-13 12:01 - 2016-01-14 10:59 - 00177488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-04-13 12:00 - 2016-03-10 00:11 - 01737080 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-04-13 12:00 - 2016-03-10 00:11 - 01501488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-04-13 12:00 - 2016-03-10 00:11 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2016-04-13 01:05 - 2014-10-25 04:20 - 00000000 ____D C:\Program Files (x86)\McAfee
2016-04-12 17:51 - 2014-10-25 03:49 - 00000000 ____D C:\Users\Evan
2016-04-12 14:54 - 2015-04-14 19:34 - 00000000 ____D C:\Users\Evan\AppData\Roaming\vlc
2016-04-12 14:45 - 2014-10-25 05:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-04-12 10:10 - 2015-05-19 22:53 - 11579904 ___SH C:\Users\Evan\Desktop\Thumbs.db
2016-04-10 16:19 - 2015-06-21 20:54 - 00000000 ____D C:\Windows\System32\Tasks\McAfee
2016-04-09 10:19 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2016-04-07 23:17 - 2014-10-24 23:54 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-04-07 12:47 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2016-04-07 09:05 - 2014-07-14 19:58 - 00000000 ____D C:\ProgramData\McAfee
2016-04-05 23:53 - 2015-03-13 10:25 - 00829944 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-04-05 23:53 - 2015-03-13 10:25 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-04-03 13:16 - 2015-11-03 22:01 - 00000000 ____D C:\Users\Evan\Documents\Youcam
2016-04-03 13:16 - 2015-05-13 20:19 - 00000000 ____D C:\Users\Evan\AppData\Roaming\Skype
2016-04-01 10:44 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\FxsTmp
2016-03-29 19:14 - 2016-02-16 23:59 - 00000000 ____D C:\Users\Evan\Desktop\Aunahmen von smartvpic
2016-03-28 15:11 - 2014-10-25 03:49 - 00000000 ____D C:\Users\Evan\AppData\Local\Packages
2016-03-28 10:43 - 2014-11-03 21:59 - 00000000 ____D C:\ProgramData\Oracle
2016-03-28 10:41 - 2015-08-21 19:59 - 00000000 ____D C:\Users\Evan\.oracle_jre_usage
2016-03-28 10:41 - 2015-07-10 00:54 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-03-28 10:41 - 2015-07-10 00:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-03-28 10:41 - 2015-07-10 00:54 - 00000000 ____D C:\Program Files (x86)\Java
2016-03-27 15:39 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-03-24 13:34 - 2014-11-04 00:48 - 00000000 ____D C:\Program Files (x86)\Steam
2016-03-23 20:39 - 2015-04-04 23:38 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-03-23 20:39 - 2015-04-04 23:38 - 00000000 ___SD C:\Windows\system32\GWX

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-11-18 18:51 - 2004-01-26 18:15 - 0233472 ____R () C:\Users\Evan\AppData\Roaming\MafiaSetup.exe
2015-11-11 17:39 - 2015-11-11 17:39 - 0003398 _____ () C:\Users\Evan\AppData\Local\HWVendorDetection.log
2014-08-25 08:42 - 2014-08-25 08:42 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
C:\Users\Evan\AppData\Local\Temp\dsNCInst64.exe
C:\Users\Evan\AppData\Local\Temp\Foxit PhantomPDF Updater.exe
C:\Users\Evan\AppData\Local\Temp\Intel_Technology_Access_Software.exe
C:\Users\Evan\AppData\Local\Temp\jre-8u65-windows-au.exe
C:\Users\Evan\AppData\Local\Temp\jre-8u66-windows-au.exe
C:\Users\Evan\AppData\Local\Temp\jre-8u71-windows-au.exe
C:\Users\Evan\AppData\Local\Temp\jre-8u73-windows-au.exe
C:\Users\Evan\AppData\Local\Temp\jre-8u77-windows-au.exe
C:\Users\Evan\AppData\Local\Temp\oct1AB8.tmp.exe
C:\Users\Evan\AppData\Local\Temp\oct1DA1.tmp.exe
C:\Users\Evan\AppData\Local\Temp\oct1DDF.tmp.exe
C:\Users\Evan\AppData\Local\Temp\oct2083.tmp.exe
C:\Users\Evan\AppData\Local\Temp\oct284B.tmp.exe
C:\Users\Evan\AppData\Local\Temp\oct2A1A.tmp.exe
C:\Users\Evan\AppData\Local\Temp\oct409F.tmp.exe
C:\Users\Evan\AppData\Local\Temp\oct4AB3.tmp.exe
C:\Users\Evan\AppData\Local\Temp\oct5070.tmp.exe
C:\Users\Evan\AppData\Local\Temp\oct5C8F.tmp.exe
C:\Users\Evan\AppData\Local\Temp\oct5F1E.tmp.exe
C:\Users\Evan\AppData\Local\Temp\oct635A.tmp.exe
C:\Users\Evan\AppData\Local\Temp\oct660B.tmp.exe
C:\Users\Evan\AppData\Local\Temp\oct720A.tmp.exe
C:\Users\Evan\AppData\Local\Temp\oct74BB.tmp.exe
C:\Users\Evan\AppData\Local\Temp\oct807.tmp.exe
C:\Users\Evan\AppData\Local\Temp\oct8F66.tmp.exe
C:\Users\Evan\AppData\Local\Temp\oct9282.tmp.exe
C:\Users\Evan\AppData\Local\Temp\oct95DE.tmp.exe
C:\Users\Evan\AppData\Local\Temp\oct98A.tmp.exe
C:\Users\Evan\AppData\Local\Temp\octA12B.tmp.exe
C:\Users\Evan\AppData\Local\Temp\octB623.tmp.exe
C:\Users\Evan\AppData\Local\Temp\octC0D8.tmp.exe
C:\Users\Evan\AppData\Local\Temp\octC743.tmp.exe
C:\Users\Evan\AppData\Local\Temp\octDB2D.tmp.exe
C:\Users\Evan\AppData\Local\Temp\octE219.tmp.exe
C:\Users\Evan\AppData\Local\Temp\octE4EC.tmp.exe
C:\Users\Evan\AppData\Local\Temp\octF4BB.tmp.exe
C:\Users\Evan\AppData\Local\Temp\octF5CC.tmp.exe
C:\Users\Evan\AppData\Local\Temp\ose00000.exe
C:\Users\Evan\AppData\Local\Temp\SIntf16.dll
C:\Users\Evan\AppData\Local\Temp\SIntf32.dll
C:\Users\Evan\AppData\Local\Temp\SIntfNT.dll
C:\Users\Evan\AppData\Local\Temp\ytb.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-04-10 12:28

==================== Ende von FRST.txt ============================

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:13-04-2016
durchgeführt von Evan (2016-04-13 22:57:42)
Gestartet von C:\Users\Evan\Desktop
Windows 8.1 (X64) (2014-10-25 01:49:25)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3016204580-1220623134-1212562069-500 - Administrator - Disabled)
Evan (S-1-5-21-3016204580-1220623134-1212562069-1001 - Administrator - Enabled) => C:\Users\Evan
Gast (S-1-5-21-3016204580-1220623134-1212562069-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3016204580-1220623134-1212562069-1003 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.34 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0934-000001000000}) (Version: 9.34.00.0 - Igor Pavlov)
abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.05.2005 - Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.01.2006 - Acer Incorporated)
abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.00.3002 - Acer Incorporated)
abMedia (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.06.2001.3 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.01.2005.1 - Acer Incorporated)
Acer Care Center (HKLM\...\{A424844F-CDB3-45E2-BB77-1DDE4A091E76}) (Version: 1.00.3013 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8107 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.04.2002 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8105 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3016.0 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8108 - Acer Incorporated)
Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.02.3004 - Acer Incorporated)
Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.02.3004 - Acer Incorporated)
Acer Video Player (HKLM-x32\...\{B6846F20-4821-11E3-8F96-0800200C9A66}) (Version: 1.00.2005.0 - Acer Incorporated)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.04.2001.2 - Acer Incorporated)
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Chaos on Deponia (HKLM-x32\...\Steam App 220740) (Version:  - Daedalic Entertainment)
Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version:  - Colossal Order Ltd.)
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4917 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.4220 - CyberLink Corp.)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.6.3.1 - Dolby Laboratories Inc)
EAX Unified (HKLM-x32\...\EAX Unified) (Version:  - )
Foxit PhantomPDF (HKLM-x32\...\{F74C595C-BEF2-4AF9-9C4E-68F3CD509C4D}) (Version: 6.0.122.807 - Foxit Corporation)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.0.1168 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3643 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.20 - Intel(R) Corporation) Hidden
Java 8 Update 77 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation)
LG ODD Auto Firmware Update (HKLM-x32\...\{6179550A-3E7C-499E-BCC9-9E8113E0A285}) (Version: 10.01.0712.01 - )
McAfee Internet Security (HKLM-x32\...\MSC) (Version: 14.0.7086 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.186 - McAfee, Inc.)
Media Go (HKLM-x32\...\{1CBCA994-0290-49AD-98D3-9013A0F102E6}) (Version: 2.9.406 - Sony)
Media Go Network Downloader (HKLM-x32\...\{C52148B9-19E0-433A-9422-3451B1BEE20F}) (Version: 1.6.01.0 - Sony)
Media Go Video Playback Engine 2.16.108.12020 (HKLM-x32\...\{D4E76014-8D95-87D9-991F-287823C60736}) (Version: 2.16.108.12020 - Sony)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d491dd9d-2eda-4d75-b504-1a201436e7fd}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 45.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 45.0.2 (x86 de)) (Version: 45.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.2.5941 - Mozilla)
MSI Afterburner 4.1.0 (HKLM-x32\...\Afterburner) (Version: 4.1.0 - MSI Co., LTD)
NVIDIA GeForce Experience 2.4.3.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.3.22 - NVIDIA Corporation)
NVIDIA Grafiktreiber 355.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 355.82 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Oddworld: New 'n' Tasty (HKLM-x32\...\Steam App 314660) (Version:  - Just Add Water (Developments), Ltd.)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenVPN 2.3.8-I001 (HKLM\...\OpenVPN) (Version: 2.3.8-I001 - )
PDF24 Creator 7.7.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.140.248 - Google, Inc.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.322 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.33 - Qualcomm Atheros)
R for Windows 3.1.1 (HKLM\...\R for Windows 3.1.1_is1) (Version: 3.1.1 - R Core Team)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.39059 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.32.508.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7260 - Realtek Semiconductor Corp.)
Risen 3 - Titan Lords (HKLM-x32\...\{383CAA4A-9B72-4DE9-9B0F-780C49682780}) (Version: 1.00 - Deep Silver)
RivaTuner Statistics Server 6.3.0 (HKLM-x32\...\RTSS) (Version: 6.3.0 - Unwinder)
RStudio (HKLM-x32\...\RStudio) (Version: 0.98.1083 - RStudio)
SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.3.22 - NVIDIA Corporation) Hidden
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
Sony Mobile Update Engine (HKLM-x32\...\Update Engine) (Version: 2.15.9.201506301709 - Sony Mobile Communications Inc.)
Sony PC Companion 2.10.303 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.303 - Sony)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TAP-Windows 9.21.1 (HKLM\...\TAP-Windows) (Version: 9.21.1 - )
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Witcher 2 Enhanced Edition Version 3.0 (HKLM-x32\...\The Witcher 2 Enhanced Edition_is1) (Version: 3.0 - CD Projekt RED)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
YouCam (x32 Version: 3.1.5324 - CyberLink Corp.) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0438DFF0-087E-4496-9B88-67D380E0F6CE} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe [2014-04-07] (Dolby Laboratories Inc.)
Task: {07DEE563-5E50-4148-9BC8-55988743C300} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2014-06-12] (Acer Incorporated)
Task: {1FEFC4E0-B7B2-425D-BCEF-76E5C3560E8D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {36D7D685-B157-4744-9710-3EDF83312862} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2014-12-19] (Acer)
Task: {42D56C32-96DF-4A0A-BF74-A54D2CB05AE8} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2014-06-17] (Acer Incorporated)
Task: {48E68EA8-BE1C-4642-8A1D-91FA659962D2} - System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\54.0\mcdatrep.exe [2016-02-17] (McAfee, Inc.)
Task: {5D252230-B5E3-4B3B-95ED-9FDAF6CC0299} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-04-13] (Microsoft Corporation)
Task: {72391D67-EAD5-4D09-9EF5-CEB535ADC0E3} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {82ACFCD7-B393-4BE3-9DB2-19497D6BD98F} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {8DCEB907-538B-41A2-9C19-A1D03B399A10} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-12] (TODO: <Company name>)
Task: {8EA9FAED-585E-44C9-A704-1E3BDD4EEA40} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {9A0330DC-EC17-464C-AE13-44A5AA332DC5} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2014-06-09] (Acer Incorporated)
Task: {9BB1D16C-2C31-48CA-9586-9818EF4E017C} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-06-14] (CyberLink)
Task: {B71F48CE-4B2F-4A18-8BBF-D0D62470F356} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {C5D87C08-83ED-42A3-A3F9-766658EABB44} - System32\Tasks\{94946F91-F176-4403-A8FA-4FAC39AE0EE0} => pcalua.exe -a D:\Mafia\Game.exe -d D:\Mafia\
Task: {D6516972-5F11-4F87-A9A2-20357952739A} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {DF01C272-D0A3-49FB-B4E8-EF171DE25346} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {EEF607C6-130D-4846-ABE6-E28493E41F67} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2014-08-29] ()
Task: {F2009D4F-13DC-490D-BEBC-26506D69C0C8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-07] (Adobe Systems Incorporated)
Task: {FA7CC1C1-21C4-4C41-8926-88EC274D1C2F} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2014-06-10] (Acer Incorporate)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-09-09 13:53 - 2015-08-25 16:24 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-08-25 09:03 - 2012-04-24 12:43 - 00254512 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2014-04-07 16:13 - 2014-04-07 16:13 - 00052096 _____ () C:\Program Files\Dolby Digital Plus\Dolby.DDP.Controls_Desktop.dll
2014-04-29 02:38 - 2014-04-29 02:38 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2014-04-29 02:35 - 2014-04-29 02:35 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2014-04-29 02:42 - 2014-04-29 02:42 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2014-12-19 22:59 - 2014-12-19 22:59 - 00090880 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
2014-12-19 22:59 - 2014-12-19 22:59 - 00089344 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
2015-05-18 16:38 - 2015-05-01 18:52 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2014-12-19 22:48 - 2014-12-19 22:48 - 00203008 _____ () C:\Program Files (x86)\Acer\Acer Portal\curllib.dll
2014-12-19 22:48 - 2014-12-19 22:48 - 00119552 _____ () C:\Program Files (x86)\Acer\Acer Portal\OpenLDAP.dll
2011-03-09 15:21 - 2011-03-09 15:21 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2011-03-09 15:21 - 2011-03-09 15:21 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2014-12-19 23:00 - 2014-12-19 23:00 - 00279296 _____ () C:\Program Files (x86)\Acer\abDocs\libcurl.dll
2016-04-06 17:06 - 2016-04-05 09:55 - 00074272 _____ () C:\Program Files (x86)\PDF24\zlib.dll
2016-04-06 17:06 - 2016-04-05 09:55 - 00052256 _____ () C:\Program Files (x86)\PDF24\OperationUI.dll
2014-02-19 18:51 - 2014-02-19 18:51 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2015-12-14 18:57 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3016204580-1220623134-1212562069-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Evan\AppData\Roaming\Microsoft\Windows Photo Viewer\Hintergrundbild der Windows-Fotoanzeige.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\Run32: => "YouCam Tray"
HKLM\...\StartupApproved\Run32: => "YouCam Mirage"
HKU\S-1-5-21-3016204580-1220623134-1212562069-1001\...\StartupApproved\StartupFolder: => "OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk"
HKU\S-1-5-21-3016204580-1220623134-1212562069-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3016204580-1220623134-1212562069-1001\...\StartupApproved\Run: => "Skype"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{2966FB4D-C583-476B-89B4-A4AFEAC95935}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{55D1DB7B-D233-4FE1-BC3A-F577037AA8D8}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{52F77EAA-F3FE-4A09-833B-85BF8C9563BB}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{DBF690CD-1CF1-4EA8-BD09-9687FE515801}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{BACDEDB1-CB5C-4686-A0DF-FF137418CC34}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{E0303806-E35D-4BBC-A376-53C96721794F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{72923A2B-27F1-4F37-9EC1-C55F56AB2F8D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{1BD9A3AE-16B6-4941-B4F5-579BA6A7540E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8858D2EA-2A7C-4A90-AA3D-F205E93C4D1C}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{8BBE60A9-2891-43C3-A8DA-BD378A089F79}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{D98FB3C7-4F2C-4D08-A912-71208322D714}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{0FA90734-EF71-460C-BA28-AF3B9EDDFC77}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{6840477D-578D-4383-AB62-D634E1A757B4}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{55B076CC-22F5-4593-9553-55EE2E672F45}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{0CE5AD16-4FB5-4E73-8D64-5EC79E9B4964}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{3CB2D5F3-B5F9-42BE-B43A-5CD56DACA4D3}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{B7C1612A-26C3-4334-B5CF-D380E25A0D3D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{B2B0E6E4-5FAE-48B9-8008-BBF0EA9D1BF6}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{1130A686-561F-4DBD-8D06-58566D4D4D63}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{09D4FE92-82F6-4C4B-A402-35B0339B4388}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{92668C8E-3B52-43E3-BAC5-B415AB97524E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{CD10CE44-CF5D-47B1-83CD-E1BDA8317477}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{3A06F4E8-A97C-47B4-84E3-4B329D2C9EE2}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{B73F9DFE-3AA7-4040-B344-E235D06CB737}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{97E8DEF3-7510-45A2-A464-65A3A942FE80}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{898DCBC9-925E-4F15-8B8F-CCCE864491AA}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{D767FBC7-F001-4CC1-92B9-3CF26609C104}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{3A7E9868-35FC-4F4B-8111-107CD193FD22}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{B4AD301F-F413-4374-8A7D-D700DB5597AC}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{CED97A2E-740F-4ABA-9E98-8499F7209658}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{2C129A10-DD75-4275-9A07-5693CEE2920E}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{E0619D53-282D-428A-A8E6-D36B0AAB8F77}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{7DC1F2AF-BC6E-4D2B-A0D2-715F2E1FC644}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{C2F6C388-FE92-4BB1-BDFD-91EF8FC41C07}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{31140215-45ED-40D6-BF4F-1DF8EAF2807D}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{6213171F-DC6C-4808-855F-CC249A3B5D25}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{37D2C8D2-0FD1-4570-B2AB-060BCF4C68EF}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{27C8D863-5DE2-42D0-BC0C-B2DF703219DB}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{5550231F-F2D5-4973-B228-2B64FAC1D2D4}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{C095390D-F95F-433B-906F-8269CBD8FC1A}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{826B1BF8-521F-491D-9BDD-F0EDE575CAAA}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{79B67E20-4C49-4CAD-962E-70868CF5DC62}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{58D7FC7B-96DD-4168-A869-00C1110E8B99}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{9A31EF61-8070-4520-8B8B-F209A65C4108}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{EED79EB5-FDC0-4ADB-B33B-6636F76CF08B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{CAF39AFC-0747-4FFD-B81F-0EB4978513A5}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{0983FE4E-741C-48DC-B617-2EF4D65A14A3}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{DB7BB829-C696-4C53-B7F5-E67C4641D2A3}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{B24D7978-6CFD-46E0-896C-39DDB15D0EC4}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{53FC2207-F4D3-4F74-A2E3-3D6E06055831}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{501A251D-AFE8-4490-8320-DCD3BE60B2C9}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{BC1C2CD4-E9AC-4A63-B1F4-FE3DD2854975}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{4F3A6447-2392-4A4C-A646-AC03E36EB0CE}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{01C00909-1A76-476A-9C16-9A820D0854D4}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{56A8348C-7770-4692-BDD0-C536D608C4F9}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{CE53B88F-0FBC-48C7-8D7D-3D33030F7FB6}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{FD341979-A0FD-432D-B0C1-DD36AC6C9322}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{BB0AC2A2-3069-4AB4-922B-7182F859D654}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{B5B05E8E-FB4A-421A-B85C-CAB8401F0B03}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{E465B0F1-CFB6-44B7-AE0C-2083BE5A4D8A}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{B2A19B95-5420-4FCF-B766-3C4D4FEE4D1A}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{261F26CF-2D83-4B74-A032-A3D79751B5E8}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{69260419-26B4-4DDD-BF1D-F469A03AFBC5}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{390DE55B-FDE4-4B31-BCD6-A27DD4FF9745}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F747BDC2-6B6D-45DB-A844-BBC8F791AB84}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{4EC725B5-6A63-4BA0-8D6C-A40084229AA5}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{1D6409B1-249B-460D-9093-2AE5C3487104}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{7A325B55-3EE2-411A-9CCB-A776E345E83A}] => (Allow) D:\SteamLibrary\SteamApps\common\Chaos on Deponia\deponia2.exe
FirewallRules: [{5C82374D-27FA-4068-A202-5907FD4C508C}] => (Allow) D:\SteamLibrary\SteamApps\common\Chaos on Deponia\deponia2.exe
FirewallRules: [{2FC5EFA4-C48F-469F-AB87-EABA118AD758}] => (Allow) D:\SteamLibrary\SteamApps\common\Chaos on Deponia\VisionaireConfigurationTool.exe
FirewallRules: [{507DE4A5-46F4-4F2C-996F-7C951872E6E5}] => (Allow) D:\SteamLibrary\SteamApps\common\Chaos on Deponia\VisionaireConfigurationTool.exe
FirewallRules: [{B755D13F-3AB0-4280-9E03-1D719627CFE0}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{C1A69C26-1242-4FAF-B619-C63DEADEB4A2}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{D763EE58-BA1D-447C-B729-742BA4FD3644}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{9A1E18A9-E7B8-40C0-88D0-5CB10133FC6B}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{E8E75747-4782-41D0-A491-89C330EA5F98}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{3BB2BD74-D59F-4358-B405-6890BF2CE2BB}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{96161B9A-E582-495D-A908-1F3E4A21AEAB}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{C16C34E3-3EBC-45E0-B341-7E0A323FD486}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{74B6045A-4DD9-4A26-AB91-3E330B975112}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{433C8295-8217-44D8-945B-F3938CA58B83}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{F4E0685A-BCD3-4BBF-ACA4-33F5D5B9BC7E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{8AF7FB5D-F04C-440D-BE1F-10502E9BF25B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{BE98D70F-5041-432B-A1B6-DE53C1135C68}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{0C7948D9-D031-4DFD-9FF6-49870619E20A}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{782FDBF0-6290-4DB0-94F8-637756DCF48D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{E10CE0E0-7C71-4C49-9FC4-4BE6DB1FD306}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{C004AC70-A70B-4E01-B6A0-DDF25C7510AB}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{91EF9F2C-EB5B-4C48-AAFF-7B19F87B9202}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{A664105B-DB4C-4572-9FA7-F1016D66F368}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{2CCDAB98-8939-4F50-B9CE-2321C2D16109}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{CB220BBE-4A4B-4D8A-8A0E-FA04ECCD59E5}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{36773FAB-6576-4D75-A144-30AF025431D1}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{D142FB79-004B-4402-AE7F-23C946995440}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{788AEAFF-67CA-4634-8EF4-9CB0FFD9B9F2}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{94C197FE-54B3-4F5A-8071-A0247EBCEC58}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{BE153F6A-E381-4D67-A7BD-B0BC547727D8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{C3636CA7-7DEF-4D87-8CA4-00B473E633C0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{01C0F763-7C16-4AF5-8292-3D2D03EEABA9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4185D03B-70CB-4928-9C11-A701FCC43993}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{2F6FEBB6-4A75-4DAD-AFF0-18ED8D6BCFDB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{86CDD454-0A3C-4566-8583-7DF5794CE043}] => (Allow) D:\Games\Hearthstone\Battle.net\Battle.net.exe
FirewallRules: [{BCB73C98-052F-47E9-B413-571B6B65B19F}] => (Allow) D:\Games\Hearthstone\Battle.net\Battle.net.exe
FirewallRules: [{E115148E-C055-42C8-8D28-E2DBBAAC0BA0}] => (Allow) D:\Games\Hearthstone\Hearthstone\Hearthstone.exe
FirewallRules: [{C769E317-1D68-4DE1-898D-97BC9B15E4A4}] => (Allow) D:\Games\Hearthstone\Hearthstone\Hearthstone.exe
FirewallRules: [{7BC76A29-6A6B-4D37-B1CB-5705FC12390B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{C9F58FF4-868F-47FA-900D-CEB38FDC6D7A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{9FDF4711-9B8F-48C5-AE01-BA853F9C074F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{23181098-1793-405E-8AE8-9744849B1B9E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{A9AE47C0-B61F-4C61-89D6-E0B71FF7D283}] => (Allow) D:\SteamLibrary\SteamApps\common\Oddworld New n Tasty\NNT.exe
FirewallRules: [{F33373BF-E370-4DA1-9984-6D66F4C99FF7}] => (Allow) D:\SteamLibrary\SteamApps\common\Oddworld New n Tasty\NNT.exe
FirewallRules: [{4BC700DB-A58C-4BF4-9FC5-5552108B3618}] => (Allow) D:\SteamLibrary\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{AA5AAB93-303C-4A76-83EB-A08AB6546078}] => (Allow) D:\SteamLibrary\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{93554606-F44B-442F-83B7-86F3CF26D6D6}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{EC0FFDD4-F1F7-4E86-A22D-40DEAEC4F326}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{509351F1-5487-4C5B-94A7-5A5E592E7727}] => (Allow) D:\SteamLibrary\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{1628B84B-A3F4-4DA3-8AEF-9C859D23FF06}] => (Allow) D:\SteamLibrary\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{2512A4FC-BFA0-4FD3-85CA-31C7CEAC32B7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{33919CCB-33FE-4407-9AFD-971B9AF1F24C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Wiederherstellungspunkte =========================

24-03-2016 21:00:45 McAfee  Vulnerability Scanner
01-04-2016 10:45:07 Installed PDF Architect 4 View Module
01-04-2016 10:45:55 Installed PDF Architect 4 Edit Module
08-04-2016 11:30:52 Geplanter Prüfpunkt
13-04-2016 12:09:58 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (04/13/2016 10:52:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AcerPortal.exe, Version: 3.0.4.2002, Zeitstempel: 0x54942c87
Name des fehlerhaften Moduls: SHELL32.dll, Version: 6.3.9600.18231, Zeitstempel: 0x56b8f1ef
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00218d0b
ID des fehlerhaften Prozesses: 0x588
Startzeit der fehlerhaften Anwendung: 0xAcerPortal.exe0
Pfad der fehlerhaften Anwendung: AcerPortal.exe1
Pfad des fehlerhaften Moduls: AcerPortal.exe2
Berichtskennung: AcerPortal.exe3
Vollständiger Name des fehlerhaften Pakets: AcerPortal.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AcerPortal.exe5

Error: (04/13/2016 11:56:48 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AcerPortal.exe, Version: 3.0.4.2002, Zeitstempel: 0x54942c87
Name des fehlerhaften Moduls: SHELL32.dll, Version: 6.3.9600.18205, Zeitstempel: 0x56a1baf3
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0022a54b
ID des fehlerhaften Prozesses: 0x970
Startzeit der fehlerhaften Anwendung: 0xAcerPortal.exe0
Pfad der fehlerhaften Anwendung: AcerPortal.exe1
Pfad des fehlerhaften Moduls: AcerPortal.exe2
Berichtskennung: AcerPortal.exe3
Vollständiger Name des fehlerhaften Pakets: AcerPortal.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AcerPortal.exe5

Error: (04/13/2016 01:07:38 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AcerPortal.exe, Version: 3.0.4.2002, Zeitstempel: 0x54942c87
Name des fehlerhaften Moduls: SHELL32.dll, Version: 6.3.9600.18205, Zeitstempel: 0x56a1baf3
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0022a54b
ID des fehlerhaften Prozesses: 0x2208
Startzeit der fehlerhaften Anwendung: 0xAcerPortal.exe0
Pfad der fehlerhaften Anwendung: AcerPortal.exe1
Pfad des fehlerhaften Moduls: AcerPortal.exe2
Berichtskennung: AcerPortal.exe3
Vollständiger Name des fehlerhaften Pakets: AcerPortal.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AcerPortal.exe5

Error: (04/12/2016 05:53:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AcerPortal.exe, Version: 3.0.4.2002, Zeitstempel: 0x54942c87
Name des fehlerhaften Moduls: SHELL32.dll, Version: 6.3.9600.18205, Zeitstempel: 0x56a1baf3
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0022a54b
ID des fehlerhaften Prozesses: 0xf08
Startzeit der fehlerhaften Anwendung: 0xAcerPortal.exe0
Pfad der fehlerhaften Anwendung: AcerPortal.exe1
Pfad des fehlerhaften Moduls: AcerPortal.exe2
Berichtskennung: AcerPortal.exe3
Vollständiger Name des fehlerhaften Pakets: AcerPortal.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AcerPortal.exe5

Error: (04/12/2016 02:47:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AcerPortal.exe, Version: 3.0.4.2002, Zeitstempel: 0x54942c87
Name des fehlerhaften Moduls: SHELL32.dll, Version: 6.3.9600.18205, Zeitstempel: 0x56a1baf3
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0022a54b
ID des fehlerhaften Prozesses: 0x2334
Startzeit der fehlerhaften Anwendung: 0xAcerPortal.exe0
Pfad der fehlerhaften Anwendung: AcerPortal.exe1
Pfad des fehlerhaften Moduls: AcerPortal.exe2
Berichtskennung: AcerPortal.exe3
Vollständiger Name des fehlerhaften Pakets: AcerPortal.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AcerPortal.exe5

Error: (04/12/2016 02:46:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.2.1.0, Zeitstempel: 0x00000004
Name des fehlerhaften Moduls: libqt4_plugin.dll, Version: 2.2.1.0, Zeitstempel: 0x00020002
Ausnahmecode: 0x40000015
Fehleroffset: 0x007ca10a
ID des fehlerhaften Prozesses: 0x2308
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3
Vollständiger Name des fehlerhaften Pakets: vlc.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: vlc.exe5

Error: (04/12/2016 02:37:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AcerPortal.exe, Version: 3.0.4.2002, Zeitstempel: 0x54942c87
Name des fehlerhaften Moduls: SHELL32.dll, Version: 6.3.9600.18205, Zeitstempel: 0x56a1baf3
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0022a54b
ID des fehlerhaften Prozesses: 0x22ac
Startzeit der fehlerhaften Anwendung: 0xAcerPortal.exe0
Pfad der fehlerhaften Anwendung: AcerPortal.exe1
Pfad des fehlerhaften Moduls: AcerPortal.exe2
Berichtskennung: AcerPortal.exe3
Vollständiger Name des fehlerhaften Pakets: AcerPortal.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AcerPortal.exe5

Error: (04/12/2016 09:23:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AcerPortal.exe, Version: 3.0.4.2002, Zeitstempel: 0x54942c87
Name des fehlerhaften Moduls: SHELL32.dll, Version: 6.3.9600.18205, Zeitstempel: 0x56a1baf3
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0022a54b
ID des fehlerhaften Prozesses: 0x169c
Startzeit der fehlerhaften Anwendung: 0xAcerPortal.exe0
Pfad der fehlerhaften Anwendung: AcerPortal.exe1
Pfad des fehlerhaften Moduls: AcerPortal.exe2
Berichtskennung: AcerPortal.exe3
Vollständiger Name des fehlerhaften Pakets: AcerPortal.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AcerPortal.exe5

Error: (04/11/2016 07:04:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AcerPortal.exe, Version: 3.0.4.2002, Zeitstempel: 0x54942c87
Name des fehlerhaften Moduls: SHELL32.dll, Version: 6.3.9600.18205, Zeitstempel: 0x56a1baf3
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0022a54b
ID des fehlerhaften Prozesses: 0x21b4
Startzeit der fehlerhaften Anwendung: 0xAcerPortal.exe0
Pfad der fehlerhaften Anwendung: AcerPortal.exe1
Pfad des fehlerhaften Moduls: AcerPortal.exe2
Berichtskennung: AcerPortal.exe3
Vollständiger Name des fehlerhaften Pakets: AcerPortal.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AcerPortal.exe5

Error: (04/11/2016 06:47:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AcerPortal.exe, Version: 3.0.4.2002, Zeitstempel: 0x54942c87
Name des fehlerhaften Moduls: SHELL32.dll, Version: 6.3.9600.18205, Zeitstempel: 0x56a1baf3
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0022a54b
ID des fehlerhaften Prozesses: 0x2018
Startzeit der fehlerhaften Anwendung: 0xAcerPortal.exe0
Pfad der fehlerhaften Anwendung: AcerPortal.exe1
Pfad des fehlerhaften Moduls: AcerPortal.exe2
Berichtskennung: AcerPortal.exe3
Vollständiger Name des fehlerhaften Pakets: AcerPortal.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AcerPortal.exe5


Systemfehler:
=============
Error: (04/13/2016 12:00:37 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Erkennung interaktiver Dienste" wurde mit folgendem Fehler beendet: 
%%1

Error: (04/13/2016 11:54:29 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎13.‎04.‎2016 um 01:44:43 unerwartet heruntergefahren.

Error: (04/13/2016 01:05:30 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎12.‎04.‎2016 um 23:23:09 unerwartet heruntergefahren.

Error: (04/12/2016 10:23:09 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎12.‎04.‎2016 um 18:22:46 unerwartet heruntergefahren.

Error: (04/12/2016 05:51:24 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎12.‎04.‎2016 um 15:01:24 unerwartet heruntergefahren.

Error: (04/12/2016 02:45:23 PM) (Source: DCOM) (EventID: 10010) (User: EVANSPC)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (04/12/2016 02:45:23 PM) (Source: DCOM) (EventID: 10010) (User: EVANSPC)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (04/12/2016 02:35:11 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎12.‎04.‎2016 um 10:41:15 unerwartet heruntergefahren.

Error: (04/12/2016 09:31:18 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Erkennung interaktiver Dienste" wurde mit folgendem Fehler beendet: 
%%1

Error: (04/12/2016 09:21:15 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎12.‎04.‎2016 um 01:53:29 unerwartet heruntergefahren.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4710HQ CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 27%
Installierter physikalischer RAM: 8115.27 MB
Verfügbarer physikalischer RAM: 5866.48 MB
Summe virtueller Speicher: 9395.27 MB
Verfügbarer virtueller Speicher: 7121.2 MB

==================== Laufwerke ================================

Drive c: (Acer) (Fixed) (Total:118.43 GB) (Free:42.68 GB) NTFS
Drive d: (DATA) (Fixed) (Total:915.93 GB) (Free:879.3 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: FD2DE1CF)

Partition: GPT.

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: FD2DE1DE)

Partition: GPT.

==================== Ende von Addition.txt ============================

Hallo Matthias,

vielen lieben Dank schon einmal an dich. Oben siehst du die beiden Logdateien.
Was die vorigen Logdatein von Antimalewarebytes und Adwcleaner angeht: die habe ich nicht gelöscht, nur weiß ich leider nicht wo sie gespeichert wurden, da ich nicht vor hatte sie zu verschicken, dachte eben, das Problem löst sich so. Das nächste Mal achte ich darauf, danke dir

Beste Grüße und erst einmal eine gute Nacht

Waffelprinz · 13.04.2016, 22:10

Code:

ATTFilter

23:02:57.0641 0x19dc  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
23:02:57.0642 0x19dc  UEFI system
23:03:03.0737 0x19dc  ============================================================
23:03:03.0737 0x19dc  Current date / time: 2016/04/13 23:03:03.0737
23:03:03.0737 0x19dc  SystemInfo:
23:03:03.0738 0x19dc  
23:03:03.0738 0x19dc  OS Version: 6.3.9600 ServicePack: 0.0
23:03:03.0738 0x19dc  Product type: Workstation
23:03:03.0738 0x19dc  ComputerName: EVANSPC
23:03:03.0738 0x19dc  UserName: Evan
23:03:03.0738 0x19dc  Windows directory: C:\Windows
23:03:03.0738 0x19dc  System windows directory: C:\Windows
23:03:03.0738 0x19dc  Running under WOW64
23:03:03.0738 0x19dc  Processor architecture: Intel x64
23:03:03.0738 0x19dc  Number of processors: 8
23:03:03.0738 0x19dc  Page size: 0x1000
23:03:03.0738 0x19dc  Boot type: Normal boot
23:03:03.0738 0x19dc  ============================================================
23:03:03.0800 0x19dc  KLMD registered as C:\Windows\system32\drivers\73074318.sys
23:03:03.0976 0x19dc  System UUID: {1ED53D77-1EBC-3FA7-03B1-0C2615B83E51}
23:03:04.0574 0x19dc  Drive \Device\Harddisk0\DR0 - Size: 0x1DCF856000 ( 119.24 Gb ), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:03:06.0977 0x19dc  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:03:06.0980 0x19dc  ============================================================
23:03:06.0980 0x19dc  \Device\Harddisk0\DR0:
23:03:06.0981 0x19dc  GPT partitions:
23:03:06.0982 0x19dc  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {BD2BDF03-28FA-4D74-86E4-E34FB588AB42}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x12C000
23:03:06.0982 0x19dc  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {4A0B0A72-BAA6-4255-8425-C0801C602E97}, Name: EFI system partition, StartLBA 0x12C800, BlocksNum 0x32000
23:03:06.0982 0x19dc  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {42DE14F8-5042-4DB6-BB38-CD0314DA3142}, Name: Microsoft reserved partition, StartLBA 0x15E800, BlocksNum 0x40000
23:03:06.0982 0x19dc  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {728B5A9D-6358-4D9C-8410-2A03F4F74D0F}, Name: Basic data partition, StartLBA 0x19E800, BlocksNum 0xECDD800
23:03:06.0983 0x19dc  MBR partitions:
23:03:06.0983 0x19dc  \Device\Harddisk1\DR1:
23:03:06.0983 0x19dc  GPT partitions:
23:03:06.0993 0x19dc  \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {AF4DEB2E-151B-407E-ADF7-8C395A0FD88B}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x727DB800
23:03:06.0993 0x19dc  \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {29565B6A-C825-4DBF-9E15-5528C584C382}, Name: Basic data partition, StartLBA 0x727DC000, BlocksNum 0x1F2A800
23:03:06.0993 0x19dc  MBR partitions:
23:03:06.0993 0x19dc  ============================================================
23:03:06.0994 0x19dc  C: <-> \Device\Harddisk0\DR0\Partition4
23:03:07.0209 0x19dc  D: <-> \Device\Harddisk1\DR1\Partition1
23:03:07.0209 0x19dc  ============================================================
23:03:07.0209 0x19dc  Initialize success
23:03:07.0209 0x19dc  ============================================================
23:04:34.0556 0x12cc  ============================================================
23:04:34.0556 0x12cc  Scan started
23:04:34.0556 0x12cc  Mode: Manual; SigCheck; TDLFS; 
23:04:34.0556 0x12cc  ============================================================
23:04:34.0556 0x12cc  KSN ping started
23:04:36.0943 0x12cc  KSN ping finished: true
23:04:39.0932 0x12cc  ================ Scan system memory ========================
23:04:39.0932 0x12cc  System memory - ok
23:04:39.0932 0x12cc  ================ Scan services =============================
23:04:39.0958 0x12cc  0315211460581089mcinstcleanup - ok
23:04:40.0005 0x12cc  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys
23:04:40.0033 0x12cc  1394ohci - ok
23:04:40.0040 0x12cc  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\Windows\system32\drivers\3ware.sys
23:04:40.0049 0x12cc  3ware - ok
23:04:40.0064 0x12cc  [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
23:04:40.0082 0x12cc  ACPI - ok
23:04:40.0086 0x12cc  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\Windows\system32\Drivers\acpiex.sys
23:04:40.0096 0x12cc  acpiex - ok
23:04:40.0099 0x12cc  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\Windows\System32\drivers\acpipagr.sys
23:04:40.0107 0x12cc  acpipagr - ok
23:04:40.0110 0x12cc  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\Windows\System32\drivers\acpipmi.sys
23:04:40.0118 0x12cc  AcpiPmi - ok
23:04:40.0121 0x12cc  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\Windows\System32\drivers\acpitime.sys
23:04:40.0129 0x12cc  acpitime - ok
23:04:40.0134 0x12cc  [ F2CEEE9ABBCEF207ACB103215AC28BC2, F8F8B8AF6317926D7AC0CA2CA23628B2C69327A2792D58D3328443C5ED9514E9 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
23:04:40.0141 0x12cc  AdobeARMservice - ok
23:04:40.0177 0x12cc  [ 28FFB14117CCEDD7D2F124596AA9B785, 8FC482C6444C904B5536979B3354597FD714634EC7372B464118C42AA9DCB58A ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
23:04:40.0186 0x12cc  AdobeFlashPlayerUpdateSvc - ok
23:04:40.0203 0x12cc  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\Windows\system32\drivers\ADP80XX.SYS
23:04:40.0223 0x12cc  ADP80XX - ok
23:04:40.0230 0x12cc  [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
23:04:40.0243 0x12cc  AeLookupSvc - ok
23:04:40.0254 0x12cc  [ A460C3AF3755A2A79A3C8EFE72E147B5, 62CEA85DA53D86D3E7B5D79F94095C6126FFF3DEE1427BBF3DEF5EA366B4513B ] AFD             C:\Windows\system32\drivers\afd.sys
23:04:40.0271 0x12cc  AFD - ok
23:04:40.0275 0x12cc  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\Windows\system32\drivers\agp440.sys
23:04:40.0282 0x12cc  agp440 - ok
23:04:40.0286 0x12cc  [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache         C:\Windows\system32\DRIVERS\ahcache.sys
23:04:40.0295 0x12cc  ahcache - ok
23:04:40.0299 0x12cc  [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG             C:\Windows\System32\alg.exe
23:04:40.0308 0x12cc  ALG - ok
23:04:40.0313 0x12cc  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\Windows\System32\drivers\amdk8.sys
23:04:40.0322 0x12cc  AmdK8 - ok
23:04:40.0326 0x12cc  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\Windows\System32\drivers\amdppm.sys
23:04:40.0335 0x12cc  AmdPPM - ok
23:04:40.0339 0x12cc  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
23:04:40.0347 0x12cc  amdsata - ok
23:04:40.0354 0x12cc  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
23:04:40.0365 0x12cc  amdsbs - ok
23:04:40.0368 0x12cc  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
23:04:40.0376 0x12cc  amdxata - ok
23:04:40.0380 0x12cc  [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID           C:\Windows\system32\drivers\appid.sys
23:04:40.0389 0x12cc  AppID - ok
23:04:40.0392 0x12cc  [ 88358135810B9DFD830A9D3A8C3D149A, DF914DA3828EE2310895D156342E3B3DF5E8C6F6F9B851C359E82A1F48180D4B ] AppIDSvc        C:\Windows\System32\appidsvc.dll
23:04:40.0400 0x12cc  AppIDSvc - ok
23:04:40.0406 0x12cc  [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo         C:\Windows\System32\appinfo.dll
23:04:40.0416 0x12cc  Appinfo - ok
23:04:40.0428 0x12cc  [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness    C:\Windows\system32\AppReadiness.dll
23:04:40.0445 0x12cc  AppReadiness - ok
23:04:40.0471 0x12cc  [ E0F846ADE7DED88981D0908DE56FF160, D8F536438091878724A5004849306ADFB96A2778A9D958ED3DCC0CD9E35160BB ] AppXSvc         C:\Windows\system32\appxdeploymentserver.dll
23:04:40.0499 0x12cc  AppXSvc - ok
23:04:40.0506 0x12cc  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\Windows\system32\drivers\arcsas.sys
23:04:40.0515 0x12cc  arcsas - ok
23:04:40.0518 0x12cc  [ 3DB7721F06BC2FEDB25029EA23AB27DA, 221861148C66FE53E4D6EE49C6E656479AB5804A2D348A280A1CD8093E8AB788 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
23:04:40.0528 0x12cc  AsyncMac - ok
23:04:40.0532 0x12cc  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\Windows\system32\drivers\atapi.sys
23:04:40.0539 0x12cc  atapi - ok
23:04:40.0544 0x12cc  [ 8302D313DCC5536FE6BFB85165D9BB1E, CD9101D9CFE34F0D6CF5A6AD5C997CC5D32CCF5135B78604D0C3CD7252117C2D ] AthBTPort       C:\Windows\system32\DRIVERS\btath_flt.sys
23:04:40.0555 0x12cc  AthBTPort - ok
23:04:40.0566 0x12cc  [ 23C3686D98C650878602066093BAFDCA, 8D5B6D5ADB7A8706D84A4F16915290B50FCF76330954387D0964CD67C3BD1727 ] AtherosSvc      C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe
23:04:40.0576 0x12cc  AtherosSvc - detected UnsignedFile.Multi.Generic ( 1 )
23:04:42.0863 0x1e18  Object required for P2P: [ CEA5F4F27CFC08E3A44D576811B35F50 ] amdxata
23:04:42.0935 0x12cc  Detect skipped due to KSN trusted
23:04:42.0935 0x12cc  AtherosSvc - ok
23:04:43.0004 0x12cc  [ 60EFDC0EE93A51C63C159C3BD06D25F3, 7108F32496E935FEB0C030A0BFCECC1A8D6BEF5BB8129E5B7D9309321E96C3EB ] athr            C:\Windows\system32\DRIVERS\athwbx.sys
23:04:43.0069 0x12cc  athr - ok
23:04:43.0079 0x12cc  [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
23:04:43.0090 0x12cc  AudioEndpointBuilder - ok
23:04:43.0108 0x12cc  [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
23:04:43.0129 0x12cc  Audiosrv - ok
23:04:43.0134 0x12cc  [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
23:04:43.0143 0x12cc  AxInstSV - ok
23:04:43.0155 0x12cc  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
23:04:43.0171 0x12cc  b06bdrv - ok
23:04:43.0175 0x12cc  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\Windows\System32\drivers\BasicDisplay.sys
23:04:43.0182 0x12cc  BasicDisplay - ok
23:04:43.0186 0x12cc  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender     C:\Windows\System32\drivers\BasicRender.sys
23:04:43.0194 0x12cc  BasicRender - ok
23:04:43.0338 0x12cc  [ 9A4EF701A4FC835F7DDD8956D930010F, 28A555B98098ECE47912C40A74CA92AFA76F51A711F2DEFF1A498FF212505F23 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl63a.sys
23:04:43.0466 0x12cc  BCM43XX - ok
23:04:43.0476 0x12cc  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\Windows\System32\drivers\bcmfn2.sys
23:04:43.0481 0x12cc  bcmfn2 - ok
23:04:43.0490 0x12cc  [ 4B6F61BD394DCEDA9B06D702836531C2, 83C739467BD9A00FE09BCE83BB9409EA2DA62FCDD2384F9EE98626226223E918 ] BDESVC          C:\Windows\System32\bdesvc.dll
23:04:43.0502 0x12cc  BDESVC - ok
23:04:43.0505 0x12cc  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\Windows\system32\drivers\Beep.sys
23:04:43.0513 0x12cc  Beep - ok
23:04:43.0530 0x12cc  [ 5059D93764340D4EAEDF49C47133118F, 26C5779469E04BEAFD290B619CA355648F3911C66D41B22D2C3DCA909FCA0F6E ] BFE             C:\Windows\System32\bfe.dll
23:04:43.0550 0x12cc  BFE - ok
23:04:43.0569 0x12cc  [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS            C:\Windows\System32\qmgr.dll
23:04:43.0592 0x12cc  BITS - ok
23:04:43.0596 0x12cc  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
23:04:43.0606 0x12cc  bowser - ok
23:04:43.0613 0x12cc  [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
23:04:43.0623 0x12cc  BrokerInfrastructure - ok
23:04:43.0628 0x12cc  [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser         C:\Windows\System32\browser.dll
23:04:43.0639 0x12cc  Browser - ok
23:04:43.0646 0x12cc  [ 4882F0042EE18681D26294535DE4E1BD, F9AEE1AC1621FA8F0B50DC96B46F34FFD39969FB8F1B5412154275C122350EAF ] BrSerId         C:\Windows\system32\DRIVERS\BrSerId.sys
23:04:43.0656 0x12cc  BrSerId - ok
23:04:43.0659 0x12cc  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\system32\DRIVERS\BrUsbSer.sys
23:04:43.0665 0x12cc  BrUsbSer - ok
23:04:43.0673 0x12cc  [ 15BE0FCECAE5BC00FB3D339D3D1CF4E4, 7F77C73404044270AA0A4C9D6BD838564B5356ACA935982390A6EA11FA653AE0 ] BTATH_A2DP      C:\Windows\system32\drivers\btath_a2dp.sys
23:04:43.0683 0x12cc  BTATH_A2DP - ok
23:04:43.0687 0x12cc  [ 1FFA5E05F2DE32D9E65CFDA4B33D50FD, 9EC578F563A90C60F893817548195781893405AC8ED7F87C3B5F94F9842161A5 ] btath_avdt      C:\Windows\system32\drivers\btath_avdt.sys
23:04:43.0694 0x12cc  btath_avdt - ok
23:04:43.0697 0x12cc  [ AF7DEA6A0E93AF8517A310D189B656BE, 008FE5102EE6B73A8D9AFC2B0E563C6A3567167380FCEDC538278240D2AE1FD4 ] BTATH_BUS       C:\Windows\system32\drivers\btath_bus.sys
23:04:43.0703 0x12cc  BTATH_BUS - ok
23:04:43.0707 0x12cc  [ 785C38070043BEEE9E9D591DE4067244, 1C8D15B8A9E80A2799E7094C4AE111FEA9FBC6EAA4A61B13EFE59314C9794949 ] BTATH_LWFLT     C:\Windows\system32\DRIVERS\btath_lwflt.sys
23:04:43.0713 0x12cc  BTATH_LWFLT - ok
23:04:43.0718 0x12cc  [ 859A116D748FBA603AF94C251DC5CF97, D64061721BE01F86386C4B0168B166C6AD076630B2229036E1D368D877389D46 ] BTATH_RCP       C:\Windows\System32\drivers\btath_rcp.sys
23:04:43.0725 0x12cc  BTATH_RCP - ok
23:04:43.0738 0x12cc  [ 6BAA2BD613DB6440C8D2C864CA0EA5D7, 0B0C268BA443FFBB07A3ADC215669F911839A665F5DD3E4C7C21760B6365F5F2 ] BtFilter        C:\Windows\system32\DRIVERS\btfilter.sys
23:04:43.0752 0x12cc  BtFilter - ok
23:04:43.0756 0x12cc  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\Windows\System32\drivers\BthAvrcpTg.sys
23:04:43.0763 0x12cc  BthAvrcpTg - ok
23:04:43.0767 0x12cc  [ 1104A31260CCF4318C884E0AE6C513BF, A8F83B558944DEF0F84414A11DC3CB90C3A92377B46760EC0A9B8BC22FB0D5C7 ] BthEnum         C:\Windows\System32\drivers\BthEnum.sys
23:04:43.0775 0x12cc  BthEnum - ok
23:04:43.0779 0x12cc  [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum       C:\Windows\System32\drivers\bthhfenum.sys
23:04:43.0787 0x12cc  BthHFEnum - ok
23:04:43.0790 0x12cc  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\Windows\System32\drivers\BthHFHid.sys
23:04:43.0798 0x12cc  bthhfhid - ok
23:04:43.0808 0x12cc  [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv        C:\Windows\System32\BthHFSrv.dll
23:04:43.0820 0x12cc  BthHFSrv - ok
23:04:43.0828 0x12cc  [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum       C:\Windows\system32\DRIVERS\BthLEEnum.sys
23:04:43.0838 0x12cc  BthLEEnum - ok
23:04:43.0842 0x12cc  [ 66B791F6B11DC4303DD18A224A501542, 502AE4D6FFC6B0FCED081B0E0F61F699F96F20DFEE737B53828F5DEE3BD0FCB1 ] BTHMODEM        C:\Windows\System32\drivers\bthmodem.sys
23:04:43.0850 0x12cc  BTHMODEM - ok
23:04:43.0855 0x12cc  [ FEA8FC81431AD93F44D5FBFBBF096AA7, C0581DF6B2AD24836604B083F4866F93A3F4D9091D382029948A5E6221EDF788 ] BthPan          C:\Windows\System32\drivers\bthpan.sys
23:04:43.0864 0x12cc  BthPan - ok
23:04:43.0893 0x12cc  [ 0CC00ADC1B84C93FB46E1A0974E956E1, 64C759244651B916901F4D0C82C3D6034532A20714A72FD26FC9D050B99E230B ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
23:04:43.0919 0x12cc  BTHPORT - ok
23:04:43.0923 0x12cc  [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv         C:\Windows\system32\bthserv.dll
23:04:43.0932 0x12cc  bthserv - ok
23:04:43.0936 0x12cc  [ 08EA90955AED2D959EE67DF6EDF0E2B6, 0A70AA67E5DD24C473C66A570C0FEBA9D398A0F0AD8386FE05D01C4D16346968 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
23:04:43.0945 0x12cc  BTHUSB - ok
23:04:43.0992 0x12cc  [ 1F8F20C36E7619152FF46F7703077922, 8DCD92259C75CAE3665A08221821A1B935A17B2223CF95F3521B7A28BDE97E3E ] CCDMonitorService C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
23:04:44.0038 0x12cc  CCDMonitorService - ok
23:04:44.0044 0x12cc  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
23:04:44.0053 0x12cc  cdfs - ok
23:04:44.0059 0x12cc  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\Windows\System32\drivers\cdrom.sys
23:04:44.0068 0x12cc  cdrom - ok
23:04:44.0074 0x12cc  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc     C:\Windows\System32\certprop.dll
23:04:44.0084 0x12cc  CertPropSvc - ok
23:04:44.0088 0x12cc  [ 74DCBD4FC3ADEA87315281D8D17A62B2, 2FB47558C23929F44ABF34CAB5B07C882997447D8EA09661E3B4F023059E2C31 ] cfwids          C:\Windows\system32\drivers\cfwids.sys
23:04:44.0095 0x12cc  cfwids - ok
23:04:44.0098 0x12cc  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\Windows\System32\drivers\circlass.sys
23:04:44.0106 0x12cc  circlass - ok
23:04:44.0115 0x12cc  [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS            C:\Windows\system32\drivers\CLFS.sys
23:04:44.0128 0x12cc  CLFS - ok
23:04:44.0135 0x12cc  [ E13A438F9E51DD034730678E33B73290, 3BB111DFDAEAB8DA6124600C7F6E080C2950A0BB420803FC12560343E1A9280A ] clwvd           C:\Windows\system32\DRIVERS\clwvd.sys
23:04:44.0140 0x12cc  clwvd - ok
23:04:44.0144 0x12cc  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\Windows\System32\drivers\CmBatt.sys
23:04:44.0151 0x12cc  CmBatt - ok
23:04:44.0163 0x12cc  [ DD795DADD9366C13001E980B334C2ED4, 88B1A8B3D1A33CEDD42E0AB274E71A382C2FDA1176FE11021AFF686CB008A5D2 ] CNG             C:\Windows\system32\Drivers\cng.sys
23:04:44.0181 0x12cc  CNG - ok
23:04:44.0186 0x12cc  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\Windows\System32\drivers\CompositeBus.sys
23:04:44.0194 0x12cc  CompositeBus - ok
23:04:44.0196 0x12cc  COMSysApp - ok
23:04:44.0199 0x12cc  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\Windows\system32\drivers\condrv.sys
23:04:44.0208 0x12cc  condrv - ok
23:04:44.0245 0x12cc  [ 306B31B977BC3477953B2A6277F4052B, 4DB1DEA0A782A85755347C1F42722336690C01E584E4E846FD2065F7DEBC9364 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
23:04:44.0254 0x12cc  cphs - ok
23:04:44.0260 0x12cc  [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
23:04:44.0270 0x12cc  CryptSvc - ok
23:04:44.0273 0x12cc  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\Windows\system32\drivers\dam.sys
23:04:44.0281 0x12cc  dam - ok
23:04:44.0298 0x12cc  [ E4220FD9C7F1579D9C5F9DFB00427841, 77740122A01A08F18CC82A4BB3F00EC59F29EE10779092F872572C264F6728D0 ] DcomLaunch      C:\Windows\system32\rpcss.dll
23:04:44.0318 0x12cc  DcomLaunch - ok
23:04:44.0330 0x12cc  [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc       C:\Windows\System32\defragsvc.dll
23:04:44.0345 0x12cc  defragsvc - ok
23:04:44.0355 0x12cc  [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\Windows\system32\das.dll
23:04:44.0369 0x12cc  DeviceAssociationService - ok
23:04:44.0373 0x12cc  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall   C:\Windows\system32\umpnpmgr.dll
23:04:44.0383 0x12cc  DeviceInstall - ok
23:04:44.0387 0x12cc  [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc            C:\Windows\system32\Drivers\dfsc.sys
23:04:44.0396 0x12cc  Dfsc - ok
23:04:44.0405 0x12cc  [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp            C:\Windows\system32\dhcpcore.dll
23:04:44.0417 0x12cc  Dhcp - ok
23:04:44.0447 0x12cc  [ 21EDAD8188372C912B7BB9B1C6CB0D38, 4A102745DE8A2A82D2C069B30503BF9FF2312A035A82854F84EF9C27E3533CEE ] DiagTrack       C:\Windows\system32\diagtrack.dll
23:04:44.0479 0x12cc  DiagTrack - ok
23:04:44.0484 0x12cc  [ 8B1E62881D5AC68E673CD94B136B34AC, A0C50F17041E43AC07B67A74F2C408820316201439F47CDEA37A4F5891CC0E6F ] disk            C:\Windows\system32\drivers\disk.sys
23:04:44.0493 0x12cc  disk - ok
23:04:44.0496 0x12cc  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\Windows\System32\drivers\dmvsc.sys
23:04:44.0503 0x12cc  dmvsc - ok
23:04:44.0509 0x12cc  [ 33ADFB7453BF3271463712C4BCE61AD1, A1DB30F874BA7B2C4C653494D70B46B94BF7D39D0DD8559F6CA7A14B676FD617 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
23:04:44.0521 0x12cc  Dnscache - ok
23:04:44.0528 0x12cc  [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc         C:\Windows\System32\dot3svc.dll
23:04:44.0539 0x12cc  dot3svc - ok
23:04:44.0544 0x12cc  [ 27069CFFF29B7F04F4B1BB10154BE52B, 6869626F9A1D3F64224883C5E661638CEE893A3E29651C7B9302A03E52180415 ] dot4            C:\Windows\system32\DRIVERS\Dot4.sys
23:04:44.0551 0x12cc  dot4 - ok
23:04:44.0554 0x12cc  [ 0BD906A79F9CE3013F7D9D0AC45F9F9D, 2F7D5082E7E226D5EBEA164A8ACEE0A447C96EB1829224A6EFA3E7B4EFEE1D14 ] Dot4Print       C:\Windows\System32\drivers\Dot4Prt.sys
23:04:44.0559 0x12cc  Dot4Print - ok
23:04:44.0563 0x12cc  [ B7D595F2F464F7B628AD53F06547792C, F5D06A91EF54FBF56305FCC882B854350B266B2A005D80CC77AEBC2929440729 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
23:04:44.0568 0x12cc  dot4usb - ok
23:04:44.0573 0x12cc  [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS             C:\Windows\system32\dps.dll
23:04:44.0584 0x12cc  DPS - ok
23:04:44.0587 0x12cc  [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
23:04:44.0593 0x12cc  drmkaud - ok
23:04:44.0599 0x12cc  [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc          C:\Windows\System32\DeviceSetupManager.dll
23:04:44.0610 0x12cc  DsmSvc - ok
23:04:44.0613 0x12cc  [ F2D97A85F4F6E0942BC17C4EECEEE6B7, 3583D00634C36B16880766F7635BFF48D04CECA4F2489E2720EBE33007CA0B9B ] dsNcAdpt        C:\Windows\system32\DRIVERS\dsNcAdpt.sys
23:04:44.0618 0x12cc  dsNcAdpt - detected UnsignedFile.Multi.Generic ( 1 )
23:04:45.0365 0x1e18  Object send P2P result: true
23:04:46.0985 0x12cc  Detect skipped due to KSN trusted
23:04:46.0985 0x12cc  dsNcAdpt - ok
23:04:47.0014 0x12cc  [ E1BB0B6F00F470B451AB45EA13EBA0B3, 3A2FC2175B69A5EB98D6C2D563DBFDCB320647AB87A14E47FAE800423DCACDAB ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
23:04:47.0048 0x12cc  DXGKrnl - ok
23:04:47.0053 0x12cc  [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost         C:\Windows\System32\eapsvc.dll
23:04:47.0063 0x12cc  Eaphost - ok
23:04:47.0122 0x12cc  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
23:04:47.0187 0x12cc  ebdrv - ok
23:04:47.0193 0x12cc  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS             C:\Windows\System32\lsass.exe
23:04:47.0202 0x12cc  EFS - ok
23:04:47.0205 0x12cc  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\Windows\system32\drivers\EhStorClass.sys
23:04:47.0213 0x12cc  EhStorClass - ok
23:04:47.0219 0x12cc  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\Windows\system32\drivers\EhStorTcgDrv.sys
23:04:47.0227 0x12cc  EhStorTcgDrv - ok
23:04:47.0274 0x12cc  [ F800FEA3F6865E506AC2B218F25F1E38, 25E8EE3D009D52EDEF9F67587EA8E9E0FFD6094F3971B9470B0A7AC018AD469D ] ePowerSvc       C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
23:04:47.0316 0x12cc  ePowerSvc - ok
23:04:47.0321 0x12cc  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\Windows\System32\drivers\errdev.sys
23:04:47.0328 0x12cc  ErrDev - ok
23:04:47.0342 0x12cc  [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem     C:\Windows\system32\es.dll
23:04:47.0358 0x12cc  EventSystem - ok
23:04:47.0364 0x12cc  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\Windows\system32\drivers\exfat.sys
23:04:47.0378 0x12cc  exfat - ok
23:04:47.0384 0x12cc  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
23:04:47.0394 0x12cc  fastfat - ok
23:04:47.0408 0x12cc  [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax             C:\Windows\system32\fxssvc.exe
23:04:47.0425 0x12cc  Fax - ok
23:04:47.0429 0x12cc  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\Windows\System32\drivers\fdc.sys
23:04:47.0437 0x12cc  fdc - ok
23:04:47.0441 0x12cc  [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost         C:\Windows\system32\fdPHost.dll
23:04:47.0449 0x12cc  fdPHost - ok
23:04:47.0453 0x12cc  [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub        C:\Windows\system32\fdrespub.dll
23:04:47.0462 0x12cc  FDResPub - ok
23:04:47.0466 0x12cc  [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc           C:\Windows\system32\fhsvc.dll
23:04:47.0476 0x12cc  fhsvc - ok
23:04:47.0480 0x12cc  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
23:04:47.0488 0x12cc  FileInfo - ok
23:04:47.0491 0x12cc  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
23:04:47.0503 0x12cc  Filetrace - ok
23:04:47.0507 0x12cc  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\Windows\System32\drivers\flpydisk.sys
23:04:47.0515 0x12cc  flpydisk - ok
23:04:47.0524 0x12cc  [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
23:04:47.0537 0x12cc  FltMgr - ok
23:04:47.0563 0x12cc  [ 2F225BC85B84C04EA01BAB8D8DACFA83, 1F6E20C8F0FFD3FA60BDF556FB8392FE014E6519C3F314D1D22D394DB2A040CA ] FontCache       C:\Windows\system32\FntCache.dll
23:04:47.0592 0x12cc  FontCache - ok
23:04:47.0597 0x12cc  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:04:47.0605 0x12cc  FontCache3.0.0.0 - ok
23:04:47.0608 0x12cc  [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
23:04:47.0616 0x12cc  FsDepends - ok
23:04:47.0620 0x12cc  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
23:04:47.0627 0x12cc  Fs_Rec - ok
23:04:47.0640 0x12cc  [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
23:04:47.0658 0x12cc  fvevol - ok
23:04:47.0661 0x12cc  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\Windows\System32\drivers\fxppm.sys
23:04:47.0669 0x12cc  FxPPM - ok
23:04:47.0673 0x12cc  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
23:04:47.0680 0x12cc  gagp30kx - ok
23:04:47.0685 0x12cc  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\Windows\System32\drivers\vmgencounter.sys
23:04:47.0692 0x12cc  gencounter - ok
23:04:47.0714 0x12cc  [ C2730FE9713C1C474257A7085386B11E, 7D35D00D2B455841C8C9A87CE92885CD22F4B8B6690CB21443ED1B515117EF95 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
23:04:47.0737 0x12cc  GfExperienceService - ok
23:04:47.0741 0x12cc  [ A1F556318931B9EA276F4E2DA2C1791C, 1E5564A9B213689C56BFBBEC1A7BBFAD78DF1FB55422171C0680935338C5DE57 ] ggflt           C:\Windows\System32\drivers\ggflt.sys
23:04:47.0746 0x12cc  ggflt - ok
23:04:47.0750 0x12cc  [ 7F56A3E09A6AD40B07E4EFAD34A40A18, E0EC4293035162E9EFA89A45FFF26B5BC829F7BB7F4D2D5A2CAA5E88AC6DC0C9 ] ggsomc          C:\Windows\System32\drivers\ggsomc.sys
23:04:47.0755 0x12cc  ggsomc - ok
23:04:47.0760 0x12cc  [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101     C:\Windows\system32\Drivers\msgpioclx.sys
23:04:47.0769 0x12cc  GPIOClx0101 - ok
23:04:47.0794 0x12cc  [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc           C:\Windows\System32\gpsvc.dll
23:04:47.0823 0x12cc  gpsvc - ok
23:04:47.0829 0x12cc  [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
23:04:47.0837 0x12cc  gusvc - ok
23:04:47.0849 0x12cc  [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:04:47.0863 0x12cc  HdAudAddService - ok
23:04:47.0868 0x12cc  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\Windows\System32\drivers\HDAudBus.sys
23:04:47.0876 0x12cc  HDAudBus - ok
23:04:47.0880 0x12cc  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\Windows\System32\drivers\HidBatt.sys
23:04:47.0887 0x12cc  HidBatt - ok
23:04:47.0892 0x12cc  [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth          C:\Windows\System32\drivers\hidbth.sys
23:04:47.0901 0x12cc  HidBth - ok
23:04:47.0904 0x12cc  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\Windows\System32\drivers\hidi2c.sys
23:04:47.0913 0x12cc  hidi2c - ok
23:04:47.0916 0x12cc  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\Windows\System32\drivers\hidir.sys
23:04:47.0924 0x12cc  HidIr - ok
23:04:47.0927 0x12cc  [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv         C:\Windows\system32\hidserv.dll
23:04:47.0935 0x12cc  hidserv - ok
23:04:47.0938 0x12cc  [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb          C:\Windows\System32\drivers\hidusb.sys
23:04:47.0946 0x12cc  HidUsb - ok
23:04:47.0952 0x12cc  [ E7AF59F1E0352F5EBEC4ECD32103D405, 0E02E031799F407A1BCE926D46471E7EFB8820359CBDE73759219B86C1882EB8 ] HipShieldK      C:\Windows\system32\drivers\HipShieldK.sys
23:04:47.0961 0x12cc  HipShieldK - ok
23:04:47.0965 0x12cc  [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc          C:\Windows\system32\kmsvc.dll
23:04:47.0975 0x12cc  hkmsvc - ok
23:04:47.0982 0x12cc  [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
23:04:47.0994 0x12cc  HomeGroupListener - ok
23:04:48.0004 0x12cc  [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
23:04:48.0019 0x12cc  HomeGroupProvider - ok
23:04:48.0030 0x12cc  [ 15E0B18784B5655D4E0666BEC840EEFF, 45D124F753CCB93845523324B07635715A2D8816826075FD2CC3789F5285CF2A ] HomeNetSvc      C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
23:04:48.0041 0x12cc  HomeNetSvc - ok
23:04:48.0045 0x12cc  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
23:04:48.0053 0x12cc  HpSAMD - ok
23:04:48.0072 0x12cc  [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
23:04:48.0096 0x12cc  HTTP - ok
23:04:48.0101 0x12cc  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
23:04:48.0108 0x12cc  hwpolicy - ok
23:04:48.0111 0x12cc  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\Windows\System32\drivers\hyperkbd.sys
23:04:48.0119 0x12cc  hyperkbd - ok
23:04:48.0122 0x12cc  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\Windows\system32\DRIVERS\HyperVideo.sys
23:04:48.0130 0x12cc  HyperVideo - ok
23:04:48.0136 0x12cc  [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt        C:\Windows\System32\drivers\i8042prt.sys
23:04:48.0145 0x12cc  i8042prt - ok
23:04:48.0150 0x12cc  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
23:04:48.0156 0x12cc  iaLPSSi_GPIO - ok
23:04:48.0160 0x12cc  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\Windows\System32\drivers\iaLPSSi_I2C.sys
23:04:48.0167 0x12cc  iaLPSSi_I2C - ok
23:04:48.0181 0x12cc  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\Windows\system32\drivers\iaStorAV.sys
23:04:48.0197 0x12cc  iaStorAV - ok
23:04:48.0208 0x12cc  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
23:04:48.0222 0x12cc  iaStorV - ok
23:04:48.0225 0x12cc  IEEtwCollectorService - ok
23:04:48.0294 0x12cc  [ 712B795D0920264F2B166D2313FFC43D, 3B9CE043D170B6CFA43573916D293F5E6EE8A8372C72F48F428702D5E36BF0CA ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
23:04:48.0359 0x12cc  igfx - ok
23:04:48.0369 0x12cc  [ 201700DCB9CF3D72B9CCA09532774DD2, 45E4489C1703D6A324E46C8314211B2FD2C76C6EB44E8CAD868FF2BC202E7122 ] igfxCUIService1.0.0.0 C:\Windows\system32\igfxCUIService.exe
23:04:48.0379 0x12cc  igfxCUIService1.0.0.0 - ok
23:04:48.0400 0x12cc  [ 2530D33CE2F5F30D08A039EC33E91F17, DE1669A9F67C9CA3EEF6D0D0A56167318E4DB50965D87BF94A2795A21EBEE979 ] IKEEXT          C:\Windows\System32\ikeext.dll
23:04:48.0423 0x12cc  IKEEXT - ok
23:04:48.0428 0x12cc  [ FC7C456AF9B9811499EDBD10616832EE, CA2D8B0E672D3AE449C2FF0B9E142D74E8C72FD877D11162A9F7CC51AF58220F ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
23:04:48.0434 0x12cc  intaud_WaveExtensible - ok
23:04:48.0505 0x12cc  [ C0A462BA7E9A07EFBD3571740F8D0145, 79AA2136EEBD07F5B66F177C64CA9B887A11DC777EDF5D1797C64611129FD32F ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
23:04:48.0569 0x12cc  IntcAzAudAddService - ok
23:04:48.0582 0x12cc  [ 890144FA6AB42F2B54EE633BF96A019A, 8741904C66170BA11C78D31681E3759537C0BF2338538678BC64234DB8FDE93F ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
23:04:48.0593 0x12cc  IntcDAud - ok
23:04:48.0611 0x12cc  [ 4C17F57E43645E75800E9E84787E34E5, 6A1531D97462BA3B3DBDAD472AF15B717C958AA8C5CE2373DE0B2A41C35BE33E ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
23:04:48.0629 0x12cc  Intel(R) Capability Licensing Service TCP IP Interface - ok
23:04:48.0635 0x12cc  [ 2390C395882F7773AB7D6CC2547B41DE, 220EBA14BC4A686ED9879D27900AD66ACD937899759A4319297E0F15DFAB247C ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
23:04:48.0642 0x12cc  Intel(R) ME Service - ok
23:04:48.0645 0x12cc  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\Windows\system32\drivers\intelide.sys
23:04:48.0652 0x12cc  intelide - ok
23:04:48.0655 0x12cc  [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep        C:\Windows\system32\drivers\intelpep.sys
23:04:48.0664 0x12cc  intelpep - ok
23:04:48.0669 0x12cc  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\Windows\System32\drivers\intelppm.sys
23:04:48.0678 0x12cc  intelppm - ok
23:04:48.0682 0x12cc  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:04:48.0692 0x12cc  IpFilterDriver - ok
23:04:48.0710 0x12cc  [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
23:04:48.0732 0x12cc  iphlpsvc - ok
23:04:48.0736 0x12cc  [ C800DCD904016B2BF6AB541083770A3A, 95A8FB9AB2818A4F44AFCBF2715B0B3024DCE38E1406EA639F2A5ECA105D2290 ] IPMIDRV         C:\Windows\System32\drivers\IPMIDrv.sys
23:04:48.0745 0x12cc  IPMIDRV - ok
23:04:48.0750 0x12cc  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
23:04:48.0759 0x12cc  IPNAT - ok
23:04:48.0762 0x12cc  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\Windows\system32\drivers\irenum.sys
23:04:48.0771 0x12cc  IRENUM - ok
23:04:48.0775 0x12cc  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\Windows\system32\drivers\isapnp.sys
23:04:48.0782 0x12cc  isapnp - ok
23:04:48.0791 0x12cc  [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt        C:\Windows\System32\drivers\msiscsi.sys
23:04:48.0802 0x12cc  iScsiPrt - ok
23:04:48.0809 0x12cc  [ 16B5B394028D8ED80A569123A38DC4F7, 19839364B7A48584615F0ED56D94AB6E6F8159EAD826605F74C73845CE2C5C12 ] iumsvc          C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
23:04:48.0818 0x12cc  iumsvc - ok
23:04:48.0822 0x12cc  [ A90C843F4FDD7A07129BA73C6BE13976, A76DEA9F09E3B2F18D3B646A0DD39E2773EC62E2F3C55421BA61C12190D78C1C ] iwdbus          C:\Windows\System32\drivers\iwdbus.sys
23:04:48.0828 0x12cc  iwdbus - ok
23:04:48.0832 0x12cc  [ BDC9C7931DB723CB1AF9F7075EA06645, EEBD5DC9C4656F14F8F0A0A5E84657B6B2BA35283E0E571119DA82F131D5C21B ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
23:04:48.0839 0x12cc  jhi_service - ok
23:04:48.0843 0x12cc  [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass        C:\Windows\System32\drivers\kbdclass.sys
23:04:48.0851 0x12cc  kbdclass - ok
23:04:48.0855 0x12cc  [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid          C:\Windows\System32\drivers\kbdhid.sys
23:04:48.0863 0x12cc  kbdhid - ok
23:04:48.0865 0x12cc  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\Windows\system32\DRIVERS\kdnic.sys
23:04:48.0873 0x12cc  kdnic - ok
23:04:48.0877 0x12cc  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso          C:\Windows\system32\lsass.exe
23:04:48.0885 0x12cc  KeyIso - ok
23:04:48.0889 0x12cc  [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
23:04:48.0897 0x12cc  KSecDD - ok
23:04:48.0903 0x12cc  [ A950AB512ED2BD847789FAAD3E967AFA, 005340965B30C5A14E4E081E2CDF7214D2C00BAF05C62DA9ED63EA3026E70C8A ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
23:04:48.0913 0x12cc  KSecPkg - ok
23:04:48.0916 0x12cc  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
23:04:48.0924 0x12cc  ksthunk - ok
23:04:48.0933 0x12cc  [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm           C:\Windows\system32\msdtckrm.dll
23:04:48.0946 0x12cc  KtmRm - ok
23:04:48.0954 0x12cc  [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer    C:\Windows\system32\srvsvc.dll
23:04:48.0967 0x12cc  LanmanServer - ok
23:04:48.0975 0x12cc  [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:04:48.0988 0x12cc  LanmanWorkstation - ok
23:04:49.0000 0x12cc  [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc           C:\Windows\System32\GeofenceMonitorService.dll
23:04:49.0016 0x12cc  lfsvc - ok
23:04:49.0020 0x12cc  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
23:04:49.0030 0x12cc  lltdio - ok
23:04:49.0038 0x12cc  [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc         C:\Windows\System32\lltdsvc.dll
23:04:49.0050 0x12cc  lltdsvc - ok
23:04:49.0053 0x12cc  [ 4ACC60B4CBC911F3F34A1D66213BBBF5, C09A87ACAE0D41FD425BAF076FFE9B601DB89BB66199E5BD72FC59C6A8E449DB ] LMDriver        C:\Windows\System32\drivers\LMDriver.sys
23:04:49.0058 0x12cc  LMDriver - ok
23:04:49.0061 0x12cc  [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts         C:\Windows\System32\lmhsvc.dll
23:04:49.0069 0x12cc  lmhosts - ok
23:04:49.0078 0x12cc  [ A7D2A96187E5C5F4F7650900A15788AA, F131C3E8206A89A9244ECF2507F4FC1A8550E594A58F75338939A54C973078AF ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
23:04:49.0089 0x12cc  LMS - ok
23:04:49.0099 0x12cc  [ 5059A4211317A8272F53B6179BB6A631, A2EB1BE89520A34597373635503A751B37B8EFD95820B4CAA1CE9A68A471AF73 ] LMSvc           C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
23:04:49.0111 0x12cc  LMSvc - ok
23:04:49.0117 0x12cc  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
23:04:49.0125 0x12cc  LSI_SAS - ok
23:04:49.0130 0x12cc  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
23:04:49.0138 0x12cc  LSI_SAS2 - ok
23:04:49.0142 0x12cc  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\Windows\system32\drivers\lsi_sas3.sys
23:04:49.0150 0x12cc  LSI_SAS3 - ok
23:04:49.0154 0x12cc  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\Windows\system32\drivers\lsi_sss.sys
23:04:49.0163 0x12cc  LSI_SSS - ok
23:04:49.0179 0x12cc  [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM             C:\Windows\System32\lsm.dll
23:04:49.0199 0x12cc  LSM - ok
23:04:49.0204 0x12cc  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\Windows\system32\drivers\luafv.sys
23:04:49.0213 0x12cc  luafv - ok
23:04:49.0219 0x12cc  [ CBAE88F578B673D6644EA57982B594F8, 02D012D01D9C01725D07BC2FEE9E5C694AFCCF99B37E09D4DC6FB104AC4B531C ] McAfee SiteAdvisor Service C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
23:04:49.0227 0x12cc  McAfee SiteAdvisor Service - ok
23:04:49.0245 0x12cc  [ BD07107E5E46AC111D094701EAB2555C, EB4F719E0DE4CCF8C13A825EB25CAF1358E020B6761174AD199A2079CA77B6B3 ] McAPExe         C:\Program Files\McAfee\MSC\McAPExe.exe
23:04:49.0263 0x12cc  McAPExe - ok
23:04:49.0273 0x12cc  [ 15E0B18784B5655D4E0666BEC840EEFF, 45D124F753CCB93845523324B07635715A2D8816826075FD2CC3789F5285CF2A ] McBootDelayStartSvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
23:04:49.0285 0x12cc  McBootDelayStartSvc - ok
23:04:49.0316 0x12cc  [ 5660057DD2849F798434123891F612F2, 7F421A3A74BD6D1A32D8F4858D7DF456352AEF1EF7D17160BD8F4B49C0AFDCF4 ] mccspsvc        C:\Program Files\Common Files\McAfee\CSP\1.8.267.0\McCSPServiceHost.exe
23:04:49.0347 0x12cc  mccspsvc - ok
23:04:49.0357 0x12cc  [ 15E0B18784B5655D4E0666BEC840EEFF, 45D124F753CCB93845523324B07635715A2D8816826075FD2CC3789F5285CF2A ] McMPFSvc        C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
23:04:49.0369 0x12cc  McMPFSvc - ok
23:04:49.0378 0x12cc  [ 15E0B18784B5655D4E0666BEC840EEFF, 45D124F753CCB93845523324B07635715A2D8816826075FD2CC3789F5285CF2A ] McNaiAnn        C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
23:04:49.0390 0x12cc  McNaiAnn - ok
23:04:49.0404 0x12cc  [ 57F95C311ED4BF5BC7FA19FD75AD9803, 65044E1E98F0CA7E4A3AD04E64D3A77F6B283A0ECF5D15B6435C822E34EC6F4E ] McODS           C:\Program Files\mcafee\VirusScan\mcods.exe
23:04:49.0420 0x12cc  McODS - ok
23:04:49.0429 0x12cc  [ 15E0B18784B5655D4E0666BEC840EEFF, 45D124F753CCB93845523324B07635715A2D8816826075FD2CC3789F5285CF2A ] mcpltsvc        C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
23:04:49.0441 0x12cc  mcpltsvc - ok
23:04:49.0450 0x12cc  [ 15E0B18784B5655D4E0666BEC840EEFF, 45D124F753CCB93845523324B07635715A2D8816826075FD2CC3789F5285CF2A ] McProxy         C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
23:04:49.0462 0x12cc  McProxy - ok
23:04:49.0466 0x12cc  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\Windows\system32\drivers\megasas.sys
23:04:49.0473 0x12cc  megasas - ok
23:04:49.0485 0x12cc  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\Windows\system32\drivers\megasr.sys
23:04:49.0502 0x12cc  megasr - ok
23:04:49.0507 0x12cc  [ AFEA4FAABCE6F0C299E9231FF4F466BE, BCF0C50F02C4AC2784139935F3756F5C4D24FCAF07ACD9567B87991A9D1F16DB ] MEIx64          C:\Windows\system32\DRIVERS\TeeDriverx64.sys
23:04:49.0514 0x12cc  MEIx64 - ok
23:04:49.0524 0x12cc  [ 0AD2A3FFE438E5F7E9F0C16E6917B5BA, 57416AB3389D8E464DDB00230A0A2F1C12BC22F51FB0730DACE54ADFAA7AAAEE ] mfeaack         C:\Windows\system32\drivers\mfeaack.sys
23:04:49.0536 0x12cc  mfeaack - ok
23:04:49.0538 0x12cc  mfeaack01 - ok
23:04:49.0546 0x12cc  [ F280FF5882EC38F996AECE08045F3CC2, 2750B509C84FBE3F756310C331A84614F079D2BD67747694A1EFD611AFD6CCAC ] mfeavfk         C:\Windows\system32\drivers\mfeavfk.sys
23:04:49.0557 0x12cc  mfeavfk - ok
23:04:49.0561 0x12cc  [ 24AEBF843F88CF0A5B455F483F8F0100, 5E29549F6074997910271B838A77EDF2878D2D3B4B751813592F1C6EEA8112E7 ] mfeelamk        C:\Windows\system32\drivers\mfeelamk.sys
23:04:49.0571 0x12cc  mfeelamk - ok
23:04:49.0577 0x12cc  [ 376838F824FD863753D397BAE2937657, D8EC7323ECAC24EF51BEA57A8CE570BBC9FA5457F03582102404BE5EB7BCC677 ] mfefire         C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
23:04:49.0585 0x12cc  mfefire - ok
23:04:49.0596 0x12cc  [ B9E87313F2AECFFCD6ABCB364A8DB44D, 7A630ADAC5637E2597336AC229FB5276CCCBAE25E5B5EE85B6CD9FCEF7155EA4 ] mfefirek        C:\Windows\system32\drivers\mfefirek.sys
23:04:49.0609 0x12cc  mfefirek - ok
23:04:49.0626 0x12cc  [ AC1394617F8537EBDEBF2F6B3BEAA547, 8A024E19934361A0C8B1EAA9994C312DD9AB4220037126BF6063F04BCB3A5DAE ] mfehidk         C:\Windows\system32\drivers\mfehidk.sys
23:04:49.0645 0x12cc  mfehidk - ok
23:04:49.0653 0x12cc  [ F47F31A8C537075A72A231D7E9B40173, 1DA2F0E801AA43099923A20D0C3F24D5EA71220FDBD87BC3BE7FD4609CC19EE1 ] mfemms          C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe
23:04:49.0664 0x12cc  mfemms - ok
23:04:49.0677 0x12cc  [ EF6CF3FF9402D7DA6212DC9BC710B2E0, A71A5AA41EA6C0AF1A6D5256493791C5568D8A4B74961F1A1CF77BBFCEFD4FE8 ] mfencbdc        C:\Windows\system32\DRIVERS\mfencbdc.sys
23:04:49.0691 0x12cc  mfencbdc - ok
23:04:49.0696 0x12cc  [ 367E9C097D1A1615159A084AE2BB2DA8, EE5B018C5229818CC3A516594F2F873D4E801FB155D68B26C258FB98BB323743 ] mfencrk         C:\Windows\system32\DRIVERS\mfencrk.sys
23:04:49.0704 0x12cc  mfencrk - ok
23:04:49.0706 0x12cc  [ 3DAB795016D323756804111C7EF2D3C2, 442AE21463109D0866ABD5423B2B5FE672934D76B3940F3DA1FBC48EDBE218EC ] mfesapsn        C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys
23:04:49.0712 0x12cc  mfesapsn - ok
23:04:49.0719 0x12cc  [ CCBD7980E8617C364B9A1AE022FF4603, 81FE07F7459E90A90584702EC20FB472A8800F6FAFA886BAA5D9CBA6C2869460 ] mfevtp          C:\Windows\system32\mfevtps.exe
23:04:49.0729 0x12cc  mfevtp - ok
23:04:49.0735 0x12cc  [ F8B33D091747D746550BC05CC9DEF609, 21FF366AB4C56C71A36B243B72596B702AA4284BD7D860F4B2D39B1912184150 ] mfewfpk         C:\Windows\system32\drivers\mfewfpk.sys
23:04:49.0745 0x12cc  mfewfpk - ok
23:04:49.0749 0x12cc  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS           C:\Windows\system32\mmcss.dll
23:04:49.0758 0x12cc  MMCSS - ok
23:04:49.0761 0x12cc  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\Windows\system32\drivers\modem.sys
23:04:49.0771 0x12cc  Modem - ok
23:04:49.0774 0x12cc  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\Windows\System32\drivers\monitor.sys
23:04:49.0782 0x12cc  monitor - ok
23:04:49.0785 0x12cc  [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass        C:\Windows\System32\drivers\mouclass.sys
23:04:49.0793 0x12cc  mouclass - ok
23:04:49.0796 0x12cc  [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid          C:\Windows\System32\drivers\mouhid.sys
23:04:49.0804 0x12cc  mouhid - ok
23:04:49.0808 0x12cc  [ 9A788037D768809DFD677F4BA08A224A, E0686B3318F924E440ADA439D6671D44D3FF97C13D45C2E0A3A7B9E23DA38350 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
23:04:49.0817 0x12cc  mountmgr - ok
23:04:49.0821 0x12cc  [ 63282F5EB7E5BFB58FD1EC93C6ADB457, 25096C4AE319E854153C75DCEC0A67A63F6B05FDD0B49D4D373724B3BF55D665 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
23:04:49.0829 0x12cc  MozillaMaintenance - ok
23:04:49.0833 0x12cc  [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
23:04:49.0841 0x12cc  mpsdrv - ok
23:04:49.0858 0x12cc  [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc          C:\Windows\system32\mpssvc.dll
23:04:49.0879 0x12cc  MpsSvc - ok
23:04:49.0885 0x12cc  [ D2AC8F07995CE6CD18848C129435B481, 839B04116B49A757950E049150F6AADE41335914CC699ED73BE886BECAC39D36 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
23:04:49.0895 0x12cc  MRxDAV - ok
23:04:49.0904 0x12cc  [ 5F2BB54E0223E46646789E90BB4CCD81, 44D5983512688D3C36D66C1D9EFFEED91A2CA5FDB3B106E313015082C72E344D ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
23:04:49.0918 0x12cc  mrxsmb - ok
23:04:49.0925 0x12cc  [ C83AF14432DF58324FBC2E80A5E42AB5, 63281C114CD9F4BDC80ED5DEE0578C0084DBE10D34DD2103F3BDEB2AF9AB757E ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:04:49.0937 0x12cc  mrxsmb10 - ok
23:04:49.0943 0x12cc  [ 9EFBEC37E87DB6C9E791075987AAB413, 9533F54C494FBD8868A2A973EA956C22E3C1AD9FA79C4F6A2C43F2CAB14DB9D4 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:04:49.0953 0x12cc  mrxsmb20 - ok
23:04:49.0958 0x12cc  [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge        C:\Windows\system32\DRIVERS\bridge.sys
23:04:49.0967 0x12cc  MsBridge - ok
23:04:49.0972 0x12cc  [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC           C:\Windows\System32\msdtc.exe
23:04:49.0982 0x12cc  MSDTC - ok
23:04:49.0987 0x12cc  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\Windows\system32\drivers\Msfs.sys
23:04:49.0995 0x12cc  Msfs - ok
23:04:49.0999 0x12cc  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\Windows\System32\drivers\msgpiowin32.sys
23:04:50.0006 0x12cc  msgpiowin32 - ok
23:04:50.0009 0x12cc  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
23:04:50.0017 0x12cc  mshidkmdf - ok
23:04:50.0019 0x12cc  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\Windows\System32\drivers\mshidumdf.sys
23:04:50.0027 0x12cc  mshidumdf - ok
23:04:50.0030 0x12cc  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
23:04:50.0038 0x12cc  msisadrv - ok
23:04:50.0043 0x12cc  [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
23:04:50.0053 0x12cc  MSiSCSI - ok
23:04:50.0055 0x12cc  msiserver - ok
23:04:50.0064 0x12cc  [ 15E0B18784B5655D4E0666BEC840EEFF, 45D124F753CCB93845523324B07635715A2D8816826075FD2CC3789F5285CF2A ] MSK80Service    C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
23:04:50.0075 0x12cc  MSK80Service - ok
23:04:50.0078 0x12cc  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
23:04:50.0086 0x12cc  MSKSSRV - ok
23:04:50.0090 0x12cc  [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp          C:\Windows\system32\DRIVERS\mslldp.sys
23:04:50.0098 0x12cc  MsLldp - ok
23:04:50.0100 0x12cc  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
23:04:50.0108 0x12cc  MSPCLOCK - ok
23:04:50.0110 0x12cc  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
23:04:50.0118 0x12cc  MSPQM - ok
23:04:50.0126 0x12cc  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
23:04:50.0140 0x12cc  MsRPC - ok
23:04:50.0145 0x12cc  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\Windows\System32\drivers\mssmbios.sys
23:04:50.0152 0x12cc  mssmbios - ok
23:04:50.0155 0x12cc  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
23:04:50.0162 0x12cc  MSTEE - ok
23:04:50.0165 0x12cc  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\Windows\System32\drivers\MTConfig.sys
23:04:50.0173 0x12cc  MTConfig - ok
23:04:50.0177 0x12cc  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup             C:\Windows\system32\Drivers\mup.sys
23:04:50.0184 0x12cc  Mup - ok
23:04:50.0188 0x12cc  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\Windows\system32\drivers\mvumis.sys
23:04:50.0195 0x12cc  mvumis - ok
23:04:50.0205 0x12cc  [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent        C:\Windows\system32\qagentRT.dll
23:04:50.0220 0x12cc  napagent - ok
23:04:50.0230 0x12cc  [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
23:04:50.0244 0x12cc  NativeWifiP - ok
23:04:50.0250 0x12cc  [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc          C:\Windows\System32\ncasvc.dll
23:04:50.0260 0x12cc  NcaSvc - ok
23:04:50.0265 0x12cc  [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService      C:\Windows\System32\ncbservice.dll
23:04:50.0274 0x12cc  NcbService - ok
23:04:50.0278 0x12cc  [ 0813B71EAF097208DC76CE0605B48AF0, A93A2E6A8FB77B58AC4D580E6F8BF307A25BADC9493994F9BE235EBFB0E1DB22 ] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll
23:04:50.0287 0x12cc  NcdAutoSetup - ok
23:04:50.0308 0x12cc  [ 97DC5967F65503213FD1F1B3E4A6F983, 3EC515856C7CE9B30032F963DC04190F66EE62402A819781DC45B7D088C84229 ] NDIS            C:\Windows\system32\drivers\ndis.sys
23:04:50.0334 0x12cc  NDIS - ok
23:04:50.0338 0x12cc  [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
23:04:50.0346 0x12cc  NdisCap - ok
23:04:50.0351 0x12cc  [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform  C:\Windows\system32\DRIVERS\NdisImPlatform.sys
23:04:50.0360 0x12cc  NdisImPlatform - ok
23:04:50.0364 0x12cc  [ 6AA7FB95A2E80428601438E83E2C2C70, 28FB4464FAA2371419FA38F484EFB9A05C28F99D554E321198BD4B9AD764B7F7 ] ndisrd          C:\Windows\system32\DRIVERS\ndisrfl.sys
23:04:50.0370 0x12cc  ndisrd - ok
23:04:50.0373 0x12cc  [ 82821F4EEC776B4CF11695A38F3ABA46, 23184F9D31E662855DC4D23EFE7C2FE00E5487D3762B6024704A5D8C87762E1C ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
23:04:50.0381 0x12cc  NdisTapi - ok
23:04:50.0384 0x12cc  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
23:04:50.0393 0x12cc  Ndisuio - ok
23:04:50.0395 0x12cc  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\Windows\System32\drivers\NdisVirtualBus.sys
23:04:50.0405 0x12cc  NdisVirtualBus - ok
23:04:50.0411 0x12cc  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
23:04:50.0424 0x12cc  NdisWan - ok
23:04:50.0429 0x12cc  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy   C:\Windows\system32\DRIVERS\ndiswan.sys
23:04:50.0441 0x12cc  NdisWanLegacy - ok
23:04:50.0445 0x12cc  [ DDD7F92A83F74D1476B71FBA9530A8DC, D3F94FC9F48854E09B0B77CE5E1C1DB948D54EAC63C5583437051BB893B5A386 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
23:04:50.0453 0x12cc  NDProxy - ok
23:04:50.0458 0x12cc  [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu             C:\Windows\system32\drivers\Ndu.sys
23:04:50.0466 0x12cc  Ndu - ok
23:04:50.0470 0x12cc  [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
23:04:50.0478 0x12cc  NetBIOS - ok
23:04:50.0485 0x12cc  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
23:04:50.0497 0x12cc  NetBT - ok
23:04:50.0500 0x12cc  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon        C:\Windows\system32\lsass.exe
23:04:50.0508 0x12cc  Netlogon - ok
23:04:50.0515 0x12cc  [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman          C:\Windows\System32\netman.dll
23:04:50.0527 0x12cc  Netman - ok
23:04:50.0538 0x12cc  [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm        C:\Windows\System32\netprofmsvc.dll
23:04:50.0555 0x12cc  netprofm - ok
23:04:50.0559 0x12cc  [ 6D93008DAB18953F2BD3B7186385A511, 4AFD8126944F725C5D8AB93DCEA554515D944F5F34D5CADA6B22366DE55EA1FF ] NetTap630       C:\Windows\system32\DRIVERS\nettap630.sys
23:04:50.0566 0x12cc  NetTap630 - ok
23:04:50.0574 0x12cc  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:04:50.0583 0x12cc  NetTcpPortSharing - ok
23:04:50.0587 0x12cc  [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc          C:\Windows\System32\drivers\netvsc63.sys
23:04:50.0596 0x12cc  netvsc - ok
23:04:50.0605 0x12cc  [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc          C:\Windows\System32\nlasvc.dll
23:04:50.0619 0x12cc  NlaSvc - ok
23:04:50.0622 0x12cc  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
23:04:50.0631 0x12cc  Npfs - ok
23:04:50.0634 0x12cc  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\Windows\System32\drivers\npsvctrig.sys
23:04:50.0642 0x12cc  npsvctrig - ok
23:04:50.0645 0x12cc  [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi             C:\Windows\system32\nsisvc.dll
23:04:50.0653 0x12cc  nsi - ok
23:04:50.0657 0x12cc  [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
23:04:50.0665 0x12cc  nsiproxy - ok
23:04:50.0700 0x12cc  [ 9980B262DBE439AE6BDC91AA985F19EE, E998E4CAE9CD103ADA9CA3C737C4DAD017D056828BFA42A41C7B4E4E108FB13C ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
23:04:50.0749 0x12cc  Ntfs - ok
23:04:50.0753 0x12cc  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\Windows\system32\drivers\Null.sys
23:04:50.0761 0x12cc  Null - ok
23:04:50.0945 0x12cc  [ DF2213CF2DD81B790B85541D138D93C7, F00AC7991770C22C89C891009CFDCA3A445279235389F67B6412DBE468D70F5F ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
23:04:51.0115 0x12cc  nvlddmkm - ok
23:04:51.0159 0x12cc  [ F9CF3FB8DD81B390783532B3C98D6976, 8C94638136CFAEB3ED6DD7CE2059E98B64B15918DDB0796CC0B88474EE99F5BF ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
23:04:51.0193 0x12cc  NvNetworkService - ok
23:04:51.0200 0x12cc  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
23:04:51.0209 0x12cc  nvraid - ok
23:04:51.0214 0x12cc  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
23:04:51.0224 0x12cc  nvstor - ok
23:04:51.0227 0x12cc  [ 3A7B0570D896602E37EAF80EC3D1615A, 1F5A71432F96731115ADA2A50E605923666188D08F9FD748424AB6588D0E1482 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
23:04:51.0233 0x12cc  NvStreamKms - ok
23:04:51.0235 0x12cc  NvStreamSvc - ok
23:04:51.0255 0x12cc  [ F029A2C032B4A50DEBB21312CFF76189, F47F0FC39AF6DFC8A9A3F0A486357BE76B8BD0753135B567FDB6E213D11893FD ] nvsvc           C:\Windows\system32\nvvsvc.exe
23:04:51.0275 0x12cc  nvsvc - ok
23:04:51.0279 0x12cc  [ DBFE7B2DF103F74AE51840B3C5F25FE9, 436CAA417FD24BA870F117FA4BABA2AB694825795508BCFCC8C927CC2D5BBC5E ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
23:04:51.0285 0x12cc  nvvad_WaveExtensible - ok
23:04:51.0289 0x12cc  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
23:04:51.0298 0x12cc  nv_agp - ok
23:04:51.0309 0x12cc  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
23:04:51.0322 0x12cc  odserv - ok
23:04:51.0327 0x12cc  [ F72A296B163FA0CCB7E50127594C8C14, 74BF0112D7AB8F6C68C6F73FC7A4127AA8B70A3B34002E2621499AE3B947A5C0 ] OpenVPNService  C:\Program Files\OpenVPN\bin\openvpnserv.exe
23:04:51.0333 0x12cc  OpenVPNService - detected UnsignedFile.Multi.Generic ( 1 )
23:04:54.0309 0x12cc  OpenVPNService ( UnsignedFile.Multi.Generic ) - warning
23:04:56.0464 0x0d60  Object required for P2P: [ CCBD7980E8617C364B9A1AE022FF4603 ] mfevtp
23:04:56.0734 0x12cc  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:04:56.0741 0x12cc  ose - ok
23:04:56.0750 0x12cc  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
23:04:56.0763 0x12cc  p2pimsvc - ok
23:04:56.0774 0x12cc  [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc          C:\Windows\system32\p2psvc.dll
23:04:56.0788 0x12cc  p2psvc - ok
23:04:56.0793 0x12cc  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\Windows\System32\drivers\parport.sys
23:04:56.0802 0x12cc  Parport - ok
23:04:56.0806 0x12cc  [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
23:04:56.0814 0x12cc  partmgr - ok
23:04:56.0824 0x12cc  [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc          C:\Windows\System32\pcasvc.dll
23:04:56.0839 0x12cc  PcaSvc - ok
23:04:56.0849 0x12cc  [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci             C:\Windows\system32\drivers\pci.sys
23:04:56.0860 0x12cc  pci - ok
23:04:56.0864 0x12cc  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\Windows\system32\drivers\pciide.sys
23:04:56.0871 0x12cc  pciide - ok
23:04:56.0876 0x12cc  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
23:04:56.0884 0x12cc  pcmcia - ok
23:04:56.0887 0x12cc  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\Windows\system32\drivers\pcw.sys
23:04:56.0894 0x12cc  pcw - ok
23:04:56.0899 0x12cc  [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc             C:\Windows\system32\drivers\pdc.sys
23:04:56.0906 0x12cc  pdc - ok
23:04:56.0920 0x12cc  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
23:04:56.0937 0x12cc  PEAUTH - ok
23:04:56.0955 0x12cc  [ E0CCC1196CB78C13CC5F6FCEEEA0FCBE, 3992B4F1490B94C2EEF7AA8B60FA69A05B14D8B199444D3E99260593337E653B ] PEFService      C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
23:04:56.0974 0x12cc  PEFService - ok
23:04:57.0009 0x12cc  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\Windows\SysWow64\perfhost.exe
23:04:57.0017 0x12cc  PerfHost - ok
23:04:57.0048 0x12cc  [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla             C:\Windows\system32\pla.dll
23:04:57.0079 0x12cc  pla - ok
23:04:57.0085 0x12cc  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
23:04:57.0095 0x12cc  PlugPlay - ok
23:04:57.0098 0x12cc  [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
23:04:57.0106 0x12cc  PNRPAutoReg - ok
23:04:57.0115 0x12cc  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
23:04:57.0128 0x12cc  PNRPsvc - ok
23:04:57.0137 0x12cc  [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
23:04:57.0151 0x12cc  PolicyAgent - ok
23:04:57.0156 0x12cc  [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power           C:\Windows\system32\umpo.dll
23:04:57.0165 0x12cc  Power - ok
23:04:57.0169 0x12cc  [ E075CC071022BD4E9BE7C024717C0E0A, BE65A8C1082AE8DF8C37CA06B2BCC521478AC153EA7388B03F7FAE3913920E75 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
23:04:57.0180 0x12cc  PptpMiniport - ok
23:04:57.0232 0x12cc  [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ] PrintNotify     C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
23:04:57.0282 0x12cc  PrintNotify - ok
23:04:57.0289 0x12cc  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\Windows\System32\drivers\processr.sys
23:04:57.0298 0x12cc  Processor - ok
23:04:57.0304 0x12cc  [ 6E409D818C6B342544EAE741B1422B85, B4ADFB7809FC42C432C984C3AC13FAFD1B7AD53BCC7FB16E86371DE4C829DD1A ] ProfSvc         C:\Windows\system32\profsvc.dll
23:04:57.0316 0x12cc  ProfSvc - ok
23:04:57.0321 0x12cc  [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
23:04:57.0330 0x12cc  Psched - ok
23:04:57.0341 0x12cc  [ 2ACAB8C99FFCB2555A5979944D26EB50, BA0543FEBFCB50A7A379D695F110DB0C6CB5AA299D3C517FE270635044F00BFA ] QASvc           C:\Program Files\Acer\Acer Quick Access\QASvc.exe
23:04:57.0352 0x12cc  QASvc - ok
23:04:57.0360 0x12cc  [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE           C:\Windows\system32\qwave.dll
23:04:57.0363 0x12cc  QWAVE - ok
23:04:57.0363 0x12cc  [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
23:04:57.0378 0x12cc  QWAVEdrv - ok
23:04:57.0378 0x12cc  [ 6A52182919E25FB56D253D389F92CE98, AE6497D5CF324CB813248ADECB0F53E5CB3D6C326774E2257319E4CE7782C591 ] RadioShim       C:\Windows\System32\drivers\RadioShim.sys
23:04:57.0378 0x12cc  RadioShim - ok
23:04:57.0378 0x12cc  [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
23:04:57.0394 0x12cc  RasAcd - ok
23:04:57.0394 0x12cc  [ E8FFD8BE3C50E7A71C5FBB87BDD1128E, 3E3EB906CC9A1CCA09580DA9F94DD0E1162CABD343874B76718DC4F2E9069C4E ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
23:04:57.0410 0x12cc  RasAgileVpn - ok

Waffelprinz · 13.04.2016, 22:12

Code:

ATTFilter

23:04:57.0410 0x12cc  [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto         C:\Windows\System32\rasauto.dll
23:04:57.0425 0x12cc  RasAuto - ok
23:04:57.0425 0x12cc  [ 235624C147E3CB4C288D5D3D8E8D64A2, B3F182019DBAD9C761FE9F62EAED34AD5902B41A13A766D814FC3E2EA29D8D92 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
23:04:57.0425 0x12cc  Rasl2tp - ok
23:04:57.0441 0x12cc  [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan          C:\Windows\System32\rasmans.dll
23:04:57.0457 0x12cc  RasMan - ok
23:04:57.0457 0x12cc  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
23:04:57.0472 0x12cc  RasPppoe - ok
23:04:57.0472 0x12cc  [ 41F631007A158FEBB67F0E2AD1601BBA, EB5EA7277F4178BC27E55BF850AEBCD84B6BED80B2383CFB29548824AAFED135 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
23:04:57.0488 0x12cc  RasSstp - ok
23:04:57.0503 0x12cc  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
23:04:57.0503 0x12cc  rdbss - ok
23:04:57.0519 0x12cc  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\Windows\System32\drivers\rdpbus.sys
23:04:57.0519 0x12cc  rdpbus - ok
23:04:57.0519 0x12cc  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
23:04:57.0535 0x12cc  RDPDR - ok
23:04:57.0535 0x12cc  [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
23:04:57.0550 0x12cc  RdpVideoMiniport - ok
23:04:57.0550 0x12cc  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
23:04:57.0566 0x12cc  rdyboost - ok
23:04:57.0582 0x12cc  [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS            C:\Windows\system32\drivers\ReFS.sys
23:04:57.0613 0x12cc  ReFS - ok
23:04:57.0613 0x12cc  [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess    C:\Windows\System32\mprdim.dll
23:04:57.0628 0x12cc  RemoteAccess - ok
23:04:57.0628 0x12cc  [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
23:04:57.0644 0x12cc  RemoteRegistry - ok
23:04:57.0644 0x12cc  [ DC66AE45816614D2999DCD3834DCCC4E, 1C26225135E851DDD1307F52401DD7055B26B3F3B8FDD693B21042C2896E235A ] RFCOMM          C:\Windows\System32\drivers\rfcomm.sys
23:04:57.0660 0x12cc  RFCOMM - ok
23:04:57.0660 0x12cc  [ 41DDCF1ADD1FB7DE23DCF671740DDBE6, 87ECB5C883CEFF76D126A5B4D92E069C9298FA5B62CC981870F9ECCA13C074F1 ] RichVideo       C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
23:04:57.0675 0x12cc  RichVideo - ok
23:04:57.0675 0x12cc  [ 858DB87C457D2B44DDEF876B170AAACE, E59D06DCBD94573A89D98B58C46A3DA0AD115831D2A0FBD2F7940A6694504A28 ] RMSvc           C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
23:04:57.0691 0x12cc  RMSvc - ok
23:04:57.0691 0x12cc  [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
23:04:57.0707 0x12cc  RpcEptMapper - ok
23:04:57.0707 0x12cc  [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator      C:\Windows\system32\locator.exe
23:04:57.0722 0x12cc  RpcLocator - ok
23:04:57.0738 0x12cc  [ E4220FD9C7F1579D9C5F9DFB00427841, 77740122A01A08F18CC82A4BB3F00EC59F29EE10779092F872572C264F6728D0 ] RpcSs           C:\Windows\system32\rpcss.dll
23:04:57.0753 0x12cc  RpcSs - ok
23:04:57.0753 0x12cc  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
23:04:57.0769 0x12cc  rspndr - ok
23:04:57.0769 0x12cc  [ BCDE27DA663D2F1BE1EA262F2BFDA8D0, 07744F83C41503D8C948E8D8569628C7C9D283EBA3C20CB63BC81123812A0A25 ] RSUSBVSTOR      C:\Windows\System32\Drivers\RtsUVStor.sys
23:04:57.0785 0x12cc  RSUSBVSTOR - ok
23:04:57.0800 0x12cc  [ 48E042D6AAB285409AF06200966EA655, 64FD4305C4EBEC25AA7BC2058952BCB79DB0A054CF46F2413CC54FB1E550D5F4 ] RTL8168         C:\Windows\system32\DRIVERS\Rt630x64.sys
23:04:57.0816 0x12cc  RTL8168 - ok
23:04:57.0816 0x12cc  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\Windows\System32\drivers\vms3cap.sys
23:04:57.0832 0x12cc  s3cap - ok
23:04:57.0832 0x12cc  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs           C:\Windows\system32\lsass.exe
23:04:57.0847 0x12cc  SamSs - ok
23:04:57.0847 0x12cc  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
23:04:57.0847 0x12cc  sbp2port - ok
23:04:57.0863 0x12cc  [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
23:04:57.0878 0x12cc  SCardSvr - ok
23:04:57.0878 0x12cc  [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum    C:\Windows\System32\ScDeviceEnum.dll
23:04:57.0878 0x12cc  ScDeviceEnum - ok
23:04:57.0894 0x12cc  [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
23:04:57.0894 0x12cc  scfilter - ok
23:04:57.0925 0x12cc  [ 3151A020E03DDE31AAC49F35C5EFB4DB, 5ABB1103009979F86C862357E28F37C2744979F2C99F7CF6ABB4EB1B8416B3F6 ] Schedule        C:\Windows\system32\schedsvc.dll
23:04:57.0941 0x12cc  Schedule - ok
23:04:57.0957 0x12cc  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc     C:\Windows\System32\certprop.dll
23:04:57.0957 0x12cc  SCPolicySvc - ok
23:04:57.0972 0x12cc  [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus           C:\Windows\System32\drivers\sdbus.sys
23:04:57.0988 0x12cc  sdbus - ok
23:04:57.0988 0x12cc  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\Windows\System32\drivers\sdstor.sys
23:04:57.0988 0x12cc  sdstor - ok
23:04:58.0003 0x12cc  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
23:04:58.0003 0x12cc  secdrv - ok
23:04:58.0003 0x12cc  [ 6627154693B6C2B8A59727F5B38728E8, F08251EE3436400295F120D48F3763E6F11BBF4132D674AD3E8112B6B3538455 ] seclogon        C:\Windows\system32\seclogon.dll
23:04:58.0019 0x12cc  seclogon - ok
23:04:58.0019 0x12cc  [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS            C:\Windows\System32\sens.dll
23:04:58.0035 0x12cc  SENS - ok
23:04:58.0035 0x12cc  [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
23:04:58.0050 0x12cc  SensrSvc - ok
23:04:58.0050 0x12cc  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\Windows\system32\drivers\SerCx.sys
23:04:58.0066 0x12cc  SerCx - ok
23:04:58.0066 0x12cc  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\Windows\system32\drivers\SerCx2.sys
23:04:58.0082 0x12cc  SerCx2 - ok
23:04:58.0082 0x12cc  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\Windows\System32\drivers\serenum.sys
23:04:58.0082 0x12cc  Serenum - ok
23:04:58.0097 0x12cc  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\Windows\System32\drivers\serial.sys
23:04:58.0097 0x12cc  Serial - ok
23:04:58.0113 0x12cc  [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse        C:\Windows\System32\drivers\sermouse.sys
23:04:58.0113 0x12cc  sermouse - ok
23:04:58.0128 0x12cc  [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv      C:\Windows\system32\sessenv.dll
23:04:58.0144 0x12cc  SessionEnv - ok
23:04:58.0144 0x12cc  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\Windows\System32\drivers\sfloppy.sys
23:04:58.0144 0x12cc  sfloppy - ok
23:04:58.0160 0x12cc  [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess    C:\Windows\System32\ipnathlp.dll
23:04:58.0175 0x12cc  SharedAccess - ok
23:04:58.0191 0x12cc  [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:04:58.0207 0x12cc  ShellHWDetection - ok
23:04:58.0207 0x12cc  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
23:04:58.0222 0x12cc  SiSRaid2 - ok
23:04:58.0222 0x12cc  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
23:04:58.0238 0x12cc  SiSRaid4 - ok
23:04:58.0238 0x12cc  [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
23:04:58.0253 0x12cc  SkypeUpdate - ok
23:04:58.0253 0x12cc  [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost         C:\Windows\System32\smphost.dll
23:04:58.0269 0x12cc  smphost - ok
23:04:58.0269 0x12cc  [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
23:04:58.0285 0x12cc  SNMPTRAP - ok
23:04:58.0285 0x12cc  [ 21FF393512F51F5A98620C794B4488A3, 8A35923D3D6993FC014D86F0F7BD5C106586824DB8D26C04DC2AD0B8ED13ED20 ] Sony PC Companion C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
23:04:58.0300 0x12cc  Sony PC Companion - ok
23:04:58.0300 0x12cc  [ B45AE0970B2D66CCE756DE6989E23EEC, 8393CF2DC4F65CD48D4D7B3C8C2D29E26728593B652D6CEAB65B50AEDA0884B7 ] spaceport       C:\Windows\system32\drivers\spaceport.sys
23:04:58.0316 0x12cc  spaceport - ok
23:04:58.0332 0x12cc  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\Windows\system32\drivers\SpbCx.sys
23:04:58.0332 0x12cc  SpbCx - ok
23:04:58.0347 0x12cc  [ FCB156A6745631A67DEA61827061D483, 9275ABFA1E1E595969A71C0DA228D18D1B868BF46E097E1276142BD80F8A32C9 ] Spooler         C:\Windows\System32\spoolsv.exe
23:04:58.0363 0x12cc  Spooler - ok
23:04:58.0472 0x12cc  [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc          C:\Windows\system32\sppsvc.exe
23:04:58.0597 0x12cc  sppsvc - ok
23:04:58.0613 0x12cc  [ 8003E034E3EA0E29DA54215A770FC27C, 28AB1FDEA372D33540A26DAE413A10336409D33B91F51DC0AE144D451022A2A7 ] srv             C:\Windows\system32\DRIVERS\srv.sys
23:04:58.0628 0x12cc  srv - ok
23:04:58.0644 0x12cc  [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
23:04:58.0660 0x12cc  srv2 - ok
23:04:58.0660 0x12cc  [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
23:04:58.0675 0x12cc  srvnet - ok
23:04:58.0675 0x12cc  [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
23:04:58.0691 0x12cc  SSDPSRV - ok
23:04:58.0691 0x12cc  [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
23:04:58.0707 0x12cc  SstpSvc - ok
23:04:58.0722 0x12cc  [ A831D5A4D2F5138E332AC1B98315EBB1, 2FF5C256A83ACFB5CEC17B9FA7875048F770B793C37657D6D4E37C70B2F857A8 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
23:04:58.0738 0x12cc  Steam Client Service - ok
23:04:58.0738 0x12cc  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
23:04:58.0753 0x12cc  stexstor - ok
23:04:58.0769 0x12cc  [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc          C:\Windows\System32\wiaservc.dll
23:04:58.0785 0x12cc  stisvc - ok
23:04:58.0785 0x12cc  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\Windows\system32\drivers\storahci.sys
23:04:58.0800 0x12cc  storahci - ok
23:04:58.0800 0x12cc  [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
23:04:58.0800 0x12cc  storflt - ok
23:04:58.0816 0x12cc  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\Windows\system32\drivers\stornvme.sys
23:04:58.0816 0x12cc  stornvme - ok
23:04:58.0816 0x12cc  [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc         C:\Windows\system32\storsvc.dll
23:04:58.0832 0x12cc  StorSvc - ok
23:04:58.0832 0x12cc  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\Windows\system32\drivers\storvsc.sys
23:04:58.0832 0x12cc  storvsc - ok
23:04:58.0847 0x12cc  [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc           C:\Windows\system32\svsvc.dll
23:04:58.0847 0x12cc  svsvc - ok
23:04:58.0847 0x12cc  [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum          C:\Windows\System32\drivers\swenum.sys
23:04:58.0863 0x12cc  swenum - ok
23:04:58.0878 0x12cc  [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv           C:\Windows\System32\swprv.dll
23:04:58.0894 0x12cc  swprv - ok
23:04:58.0894 0x0d60  Object send P2P result: true
23:04:58.0894 0x0d60  Object required for P2P: [ 63282F5EB7E5BFB58FD1EC93C6ADB457 ] MozillaMaintenance
23:04:58.0910 0x12cc  [ 7E85DB0463AD2403AE84AD162B162279, 996C42ECAFC6E24C623068AFAFCC0A2612526333AF9315F7536C6D40C2570632 ] SysMain         C:\Windows\system32\sysmain.dll
23:04:58.0941 0x12cc  SysMain - ok
23:04:58.0957 0x12cc  [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
23:04:58.0957 0x12cc  SystemEventsBroker - ok
23:04:58.0972 0x12cc  [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:04:58.0972 0x12cc  TabletInputService - ok
23:04:58.0972 0x12cc  [ 134B275751051C5D03F9ACCDC4F8CAAB, D50F96485AF6F26EA9A5A3A2ADEACC2DFD3B2ABCDAB88195B75CC72EAC543BE2 ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
23:04:58.0988 0x12cc  tap0901 - ok
23:04:58.0988 0x12cc  [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv         C:\Windows\System32\tapisrv.dll
23:04:59.0003 0x12cc  TapiSrv - ok
23:04:59.0050 0x12cc  [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
23:04:59.0097 0x12cc  Tcpip - ok
23:04:59.0144 0x12cc  [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
23:04:59.0191 0x12cc  TCPIP6 - ok
23:04:59.0191 0x12cc  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
23:04:59.0207 0x12cc  tcpipreg - ok
23:04:59.0207 0x12cc  [ E0BD2D83875464FEEEB242CBA8B7E073, A3067165128F36035FA9F3CBA55CFED736E180C495497FA7332B3D97908C3D90 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
23:04:59.0222 0x12cc  tdx - ok
23:04:59.0222 0x12cc  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\Windows\System32\drivers\terminpt.sys
23:04:59.0238 0x12cc  terminpt - ok
23:04:59.0253 0x12cc  [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService     C:\Windows\System32\termsrv.dll
23:04:59.0269 0x12cc  TermService - ok
23:04:59.0285 0x12cc  [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes          C:\Windows\system32\themeservice.dll
23:04:59.0285 0x12cc  Themes - ok
23:04:59.0300 0x12cc  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER     C:\Windows\system32\mmcss.dll
23:04:59.0300 0x12cc  THREADORDER - ok
23:04:59.0316 0x12cc  [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker      C:\Windows\System32\TimeBrokerServer.dll
23:04:59.0316 0x12cc  TimeBroker - ok
23:04:59.0332 0x12cc  [ 80A2FC1A089A71F2DBE5D8394FFB009F, DEA30E751F6EA42E43E16869713FC7E37832B15DAFA0062B1798DFA476981385 ] TPM             C:\Windows\system32\drivers\tpm.sys
23:04:59.0332 0x12cc  TPM - ok
23:04:59.0347 0x12cc  [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks          C:\Windows\System32\trkwks.dll
23:04:59.0347 0x12cc  TrkWks - ok
23:04:59.0347 0x12cc  [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:04:59.0363 0x12cc  TrustedInstaller - ok
23:04:59.0363 0x12cc  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
23:04:59.0378 0x12cc  TsUsbFlt - ok
23:04:59.0378 0x12cc  [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD         C:\Windows\System32\drivers\TsUsbGD.sys
23:04:59.0394 0x12cc  TsUsbGD - ok
23:04:59.0394 0x12cc  [ E85916632CD3B9E9B546968DB950BF42, DECE3852C763CC6293C7D1B772296C43A0AE1E47BBCC4979C96B3B2AD70413F3 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
23:04:59.0410 0x12cc  tunnel - ok
23:04:59.0410 0x12cc  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
23:04:59.0410 0x12cc  uagp35 - ok
23:04:59.0425 0x12cc  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\Windows\System32\drivers\uaspstor.sys
23:04:59.0425 0x12cc  UASPStor - ok
23:04:59.0441 0x12cc  [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000        C:\Windows\System32\drivers\ucx01000.sys
23:04:59.0441 0x12cc  UCX01000 - ok
23:04:59.0457 0x12cc  [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
23:04:59.0457 0x12cc  udfs - ok
23:04:59.0472 0x12cc  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\Windows\System32\drivers\UEFI.sys
23:04:59.0472 0x12cc  UEFI - ok
23:04:59.0472 0x12cc  [ EE33325429532937D51AC3F54DC93589, D861B541E42F41EDC69A2A3B44860E40164D797D11B4343495DE6281D33F718C ] UEIPSvc         C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
23:04:59.0488 0x12cc  UEIPSvc - ok
23:04:59.0488 0x12cc  [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
23:04:59.0503 0x12cc  UI0Detect - ok
23:04:59.0503 0x12cc  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
23:04:59.0519 0x12cc  uliagpkx - ok
23:04:59.0519 0x12cc  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\Windows\System32\drivers\umbus.sys
23:04:59.0519 0x12cc  umbus - ok
23:04:59.0535 0x12cc  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\Windows\System32\drivers\umpass.sys
23:04:59.0535 0x12cc  UmPass - ok
23:04:59.0550 0x12cc  [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService    C:\Windows\System32\umrdp.dll
23:04:59.0550 0x12cc  UmRdpService - ok
23:04:59.0566 0x12cc  [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost        C:\Windows\System32\upnphost.dll
23:04:59.0582 0x12cc  upnphost - ok
23:04:59.0582 0x12cc  [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp         C:\Windows\System32\drivers\usbccgp.sys
23:04:59.0597 0x12cc  usbccgp - ok
23:04:59.0597 0x12cc  [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir          C:\Windows\System32\drivers\usbcir.sys
23:04:59.0613 0x12cc  usbcir - ok
23:04:59.0613 0x12cc  [ C996CBEF922B5653A01E3F50DDCE2F86, 231EB5A36E7EE242197E796D3B4AB12F945D2C8570587BC8D57D45530A0C59B4 ] usbehci         C:\Windows\System32\drivers\usbehci.sys
23:04:59.0628 0x12cc  usbehci - ok
23:04:59.0628 0x12cc  [ CD81683F4553677B9BF5163A922153EB, 6B304B0D68B9BFF0245EC755CDAAF9DF59DF3A081727E32CB66672929F0DBC50 ] usbhub          C:\Windows\System32\drivers\usbhub.sys
23:04:59.0644 0x12cc  usbhub - ok
23:04:59.0660 0x12cc  [ 5C90D5379B53590FBB24BBAD4FA682EE, DC036340510C1C0999AB1CB845F8E6EB8B7696BAC9BBE6E936454C0000D1E9D4 ] USBHUB3         C:\Windows\System32\drivers\UsbHub3.sys
23:04:59.0675 0x12cc  USBHUB3 - ok
23:04:59.0675 0x12cc  [ A0F0484C97D6441ED6A75D7426ECCC9E, FF928ADE1C5464E581BF929F7383D5762D110EA6C7E31A6F0887EA7357ADBEFE ] usbohci         C:\Windows\System32\drivers\usbohci.sys
23:04:59.0691 0x12cc  usbohci - ok
23:04:59.0691 0x12cc  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\Windows\System32\drivers\usbprint.sys
23:04:59.0707 0x12cc  usbprint - ok
23:04:59.0707 0x12cc  [ 0F030491BA4A27BD46F8B8ACEEE83F1A, 7063855611BEF94D4D229BA1BE507ECBDD89F5861641A407EB3E2919A352F9D4 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
23:04:59.0707 0x12cc  usbscan - ok
23:04:59.0722 0x12cc  [ 9D168BFA334D47BE404367EB58D4E130, 23279CBE6ACBD074E7B268BA2EDA14E2255C41F8117173B2BBE653D8259ECFA2 ] USBSTOR         C:\Windows\System32\drivers\USBSTOR.SYS
23:04:59.0722 0x12cc  USBSTOR - ok
23:04:59.0738 0x12cc  [ FC974B03C8B87455F44F734C8F31A3C8, D69F6EE8030F7DF96FF151D9EAA6AE65417ACAC5A267C7DB96E9611D5BC42D2C ] usbuhci         C:\Windows\System32\drivers\usbuhci.sys
23:04:59.0738 0x12cc  usbuhci - ok
23:04:59.0753 0x12cc  [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
23:04:59.0753 0x12cc  usbvideo - ok
23:04:59.0769 0x12cc  [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI         C:\Windows\System32\drivers\USBXHCI.SYS
23:04:59.0785 0x12cc  USBXHCI - ok
23:04:59.0785 0x12cc  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc        C:\Windows\system32\lsass.exe
23:04:59.0785 0x12cc  VaultSvc - ok
23:04:59.0800 0x12cc  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
23:04:59.0800 0x12cc  vdrvroot - ok
23:04:59.0832 0x12cc  [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds             C:\Windows\System32\vds.exe
23:04:59.0847 0x12cc  vds - ok
23:04:59.0863 0x12cc  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\Windows\system32\drivers\VerifierExt.sys
23:04:59.0863 0x12cc  VerifierExt - ok
23:04:59.0878 0x12cc  [ 34CAF69BF4166AB40BFF0ED068FF6F91, BF5DA4F85A2C537DD76A3271956EC5BDB9ABC495FAA9371037F608152BE2725D ] vhdmp           C:\Windows\System32\drivers\vhdmp.sys
23:04:59.0894 0x12cc  vhdmp - ok
23:04:59.0894 0x12cc  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\Windows\system32\drivers\viaide.sys
23:04:59.0910 0x12cc  viaide - ok
23:04:59.0910 0x12cc  [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
23:04:59.0925 0x12cc  vmbus - ok
23:04:59.0925 0x12cc  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\Windows\System32\drivers\VMBusHID.sys
23:04:59.0925 0x12cc  VMBusHID - ok
23:04:59.0941 0x12cc  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\Windows\System32\ICSvc.dll
23:04:59.0957 0x12cc  vmicguestinterface - ok
23:04:59.0972 0x12cc  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat   C:\Windows\System32\ICSvc.dll
23:04:59.0988 0x12cc  vmicheartbeat - ok
23:04:59.0988 0x12cc  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
23:05:00.0003 0x12cc  vmickvpexchange - ok
23:05:00.0019 0x12cc  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv         C:\Windows\System32\ICSvc.dll
23:05:00.0035 0x12cc  vmicrdv - ok
23:05:00.0050 0x12cc  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown    C:\Windows\System32\ICSvc.dll
23:05:00.0066 0x12cc  vmicshutdown - ok
23:05:00.0066 0x12cc  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync    C:\Windows\System32\ICSvc.dll
23:05:00.0082 0x12cc  vmictimesync - ok
23:05:00.0097 0x12cc  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss         C:\Windows\System32\ICSvc.dll
23:05:00.0113 0x12cc  vmicvss - ok
23:05:00.0113 0x12cc  [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr          C:\Windows\system32\drivers\volmgr.sys
23:05:00.0128 0x12cc  volmgr - ok
23:05:00.0144 0x12cc  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
23:05:00.0144 0x12cc  volmgrx - ok
23:05:00.0160 0x12cc  [ D537962695CAFEC1301F3EB7C8C3A1D2, 76FBEE866C4191E43B232B7ED34CB1FC1603C15F930EBBC5EFC6EA4B4500E1E8 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
23:05:00.0175 0x12cc  volsnap - ok
23:05:00.0175 0x12cc  [ DAC438FB5FF85A9E72806E2341D5D732, B1D1EFCA8C588A6BF53CEC941CC59702C366F15C7D5943431736EC857E57C0A2 ] vpci            C:\Windows\System32\drivers\vpci.sys
23:05:00.0175 0x12cc  vpci - ok
23:05:00.0191 0x12cc  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
23:05:00.0191 0x12cc  vsmraid - ok
23:05:00.0222 0x12cc  [ D0CBA7B3531CCF2ADB985856D5F92434, 7FCBBCAF1AA85DCE8D75FB38DC4848AE12E8DD913CEBBC37BCD3D0123F0A3CAB ] VSS             C:\Windows\system32\vssvc.exe
23:05:00.0253 0x12cc  VSS - ok
23:05:00.0253 0x12cc  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\Windows\system32\drivers\vstxraid.sys
23:05:00.0269 0x12cc  VSTXRAID - ok
23:05:00.0269 0x12cc  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
23:05:00.0285 0x12cc  vwifibus - ok
23:05:00.0285 0x12cc  [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
23:05:00.0285 0x12cc  vwififlt - ok
23:05:00.0300 0x12cc  [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
23:05:00.0300 0x12cc  vwifimp - ok
23:05:00.0316 0x12cc  [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time         C:\Windows\system32\w32time.dll
23:05:00.0332 0x12cc  W32Time - ok
23:05:00.0332 0x12cc  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\Windows\System32\drivers\wacompen.sys
23:05:00.0332 0x12cc  WacomPen - ok
23:05:00.0347 0x12cc  [ 6505C9E72910F91D4C317EECF22D1DE6, 838BAEA6F0BBA916B3291EB165F65DA2F4EC35395678D450EEEB1E540A123FC4 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
23:05:00.0347 0x12cc  Wanarp - ok
23:05:00.0347 0x12cc  [ 6505C9E72910F91D4C317EECF22D1DE6, 838BAEA6F0BBA916B3291EB165F65DA2F4EC35395678D450EEEB1E540A123FC4 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
23:05:00.0363 0x12cc  Wanarpv6 - ok
23:05:00.0394 0x12cc  [ 139D842E5FB75A1E2F0212FBD7B0E457, F29F73B56865C5EBBE89B8F92AEFE2DB19E5C29A94D2E006A23243C23A41AE79 ] wbengine        C:\Windows\system32\wbengine.exe
23:05:00.0425 0x12cc  wbengine - ok
23:05:00.0425 0x12cc  [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
23:05:00.0441 0x12cc  WbioSrvc - ok
23:05:00.0457 0x12cc  [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc          C:\Windows\System32\wcmsvc.dll
23:05:00.0472 0x12cc  Wcmsvc - ok
23:05:00.0472 0x12cc  [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
23:05:00.0488 0x12cc  wcncsvc - ok
23:05:00.0488 0x12cc  [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:05:00.0503 0x12cc  WcsPlugInService - ok
23:05:00.0503 0x12cc  [ 81285DDC994F03379DB46419300B2DCB, 98D3622E11F375718AEA1DE3B5F0104DDAB4F96B6D4C19788C14F7B338A6F235 ] WdBoot          C:\Windows\system32\drivers\WdBoot.sys
23:05:00.0519 0x12cc  WdBoot - ok
23:05:00.0535 0x12cc  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
23:05:00.0550 0x12cc  Wdf01000 - ok
23:05:00.0550 0x12cc  [ 26B8FED3F3B85F5F0C4BD03FD00B9941, 7F94FE7954498223B33C025258DB588A3AC9FF25C58EEAD204514FD20652FE40 ] WdFilter        C:\Windows\system32\drivers\WdFilter.sys
23:05:00.0566 0x12cc  WdFilter - ok
23:05:00.0566 0x12cc  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost  C:\Windows\system32\wdi.dll
23:05:00.0582 0x12cc  WdiServiceHost - ok
23:05:00.0582 0x12cc  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost   C:\Windows\system32\wdi.dll
23:05:00.0597 0x12cc  WdiSystemHost - ok
23:05:00.0597 0x12cc  [ CE67080F00E0AF32755096CEA6430ABA, 0E5D626F9F76C0BC63B2D246AD66D9CBF7D92F34B56398417BCFD0C331DBD282 ] WdNisDrv        C:\Windows\system32\Drivers\WdNisDrv.sys
23:05:00.0613 0x12cc  WdNisDrv - ok
23:05:00.0613 0x12cc  WdNisSvc - ok
23:05:00.0613 0x12cc  [ 40F83492DB9ABBA59773A45FB487C8B2, 0D0DE0B0C9B929FEFD2674CCF17F5F2FC4B16EAB8E1981BBCE51B0305FD7D75E ] WebClient       C:\Windows\System32\webclnt.dll
23:05:00.0628 0x12cc  WebClient - ok
23:05:00.0628 0x12cc  [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc          C:\Windows\system32\wecsvc.dll
23:05:00.0644 0x12cc  Wecsvc - ok
23:05:00.0644 0x12cc  [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC      C:\Windows\system32\wephostsvc.dll
23:05:00.0660 0x12cc  WEPHOSTSVC - ok
23:05:00.0660 0x12cc  [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
23:05:00.0675 0x12cc  wercplsupport - ok
23:05:00.0675 0x12cc  [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc          C:\Windows\System32\WerSvc.dll
23:05:00.0691 0x12cc  WerSvc - ok
23:05:00.0691 0x12cc  [ 715ABA3DD164D06457A2A3C92F6EA9D5, E6F8269D2FFC4A548B65724C0A3F53756ED15E47229861FBD40B656EE40FE166 ] WFPLWFS         C:\Windows\system32\DRIVERS\wfplwfs.sys
23:05:00.0707 0x12cc  WFPLWFS - ok
23:05:00.0707 0x12cc  [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc          C:\Windows\System32\wiarpc.dll
23:05:00.0722 0x12cc  WiaRpc - ok
23:05:00.0722 0x12cc  [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
23:05:00.0722 0x12cc  WIMMount - ok
23:05:00.0722 0x12cc  WinDefend - ok
23:05:00.0738 0x12cc  [ 10DAD6A7FC617A221313BD584E3C3A00, F139B878668ECF38FE59831E8595A207D5CEEE76C6FFDA8C9F735435E601A763 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
23:05:00.0769 0x12cc  WinHttpAutoProxySvc - ok
23:05:00.0769 0x12cc  [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
23:05:00.0785 0x12cc  Winmgmt - ok
23:05:00.0832 0x12cc  [ 427873F889F2F508BE8BE982219CE578, CA8DCFB774BF0F747295A7A0CB46A6177DE12AD6BD58266182206C41A3C9001E ] WinRM           C:\Windows\system32\WsmSvc.dll
23:05:00.0878 0x12cc  WinRM - ok
23:05:00.0878 0x12cc  [ 3AF1FA17F1C4ACBDB660D8F98B1A9C13, 99B0851410B462685F6705EBF832D10943FB9634030B02D15BF5D0C66F26F2C2 ] WinUsb          C:\Windows\System32\drivers\WinUsb.sys
23:05:00.0894 0x12cc  WinUsb - ok
23:05:00.0925 0x12cc  [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc         C:\Windows\System32\wlansvc.dll
23:05:00.0957 0x12cc  WlanSvc - ok
23:05:00.0988 0x12cc  [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc         C:\Windows\system32\wlidsvc.dll
23:05:01.0019 0x12cc  wlidsvc - ok
23:05:01.0019 0x12cc  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\Windows\System32\drivers\wmiacpi.sys
23:05:01.0019 0x12cc  WmiAcpi - ok
23:05:01.0035 0x12cc  [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
23:05:01.0035 0x12cc  wmiApSrv - ok
23:05:01.0050 0x12cc  WMPNetworkSvc - ok
23:05:01.0050 0x12cc  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\Windows\system32\drivers\Wof.sys
23:05:01.0050 0x12cc  Wof - ok
23:05:01.0097 0x12cc  [ EDFA5CEDBE174FAAA4A09A6B297AEA42, 5998FE15462E4AD9C7B1444E5E2C17BD470DA3A5D474A0A118E02E47DADC678A ] workfolderssvc  C:\Windows\system32\workfolderssvc.dll
23:05:01.0128 0x12cc  workfolderssvc - ok
23:05:01.0128 0x12cc  [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr         C:\Windows\system32\DRIVERS\wpcfltr.sys
23:05:01.0128 0x12cc  wpcfltr - ok
23:05:01.0144 0x12cc  [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
23:05:01.0144 0x12cc  WPCSvc - ok
23:05:01.0144 0x12cc  [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
23:05:01.0160 0x12cc  WPDBusEnum - ok
23:05:01.0160 0x12cc  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\Windows\system32\drivers\WpdUpFltr.sys
23:05:01.0175 0x12cc  WpdUpFltr - ok
23:05:01.0175 0x12cc  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
23:05:01.0175 0x12cc  ws2ifsl - ok
23:05:01.0191 0x12cc  [ 501D5EFAB9711039479AE48401386D2B, C8C1184DE93E9D2C4E8A60E4E9980745C4E5470E5DA9B59165D18705330ADEFE ] wscsvc          C:\Windows\System32\wscsvc.dll
23:05:01.0191 0x12cc  wscsvc - ok
23:05:01.0207 0x12cc  [ F586F3F1BF962FE9AE4316E0D896B22F, 8D0AD48D79294567123D943D0F5B6D5A32D7A82B129A24DC821D3095AFAA100B ] WSDPrintDevice  C:\Windows\System32\drivers\WSDPrint.sys
23:05:01.0207 0x12cc  WSDPrintDevice - ok
23:05:01.0207 0x12cc  WSearch - ok
23:05:01.0269 0x12cc  [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService       C:\Windows\System32\WSService.dll
23:05:01.0316 0x0d60  Object send P2P result: true
23:05:01.0316 0x0d60  Object required for P2P: [ 51B3AC0560848CD6D65AC2033E293113 ] MsLldp
23:05:01.0347 0x12cc  WSService - ok
23:05:01.0410 0x12cc  [ 020F47C655ED1F63BBA834AA53575D5C, 7E36BB83B937CEA8B5D1EAF1DF63D32D64CA8045DA377DF5237D2F4DC16574CC ] wuauserv        C:\Windows\system32\wuaueng.dll
23:05:01.0472 0x12cc  wuauserv - ok
23:05:01.0472 0x12cc  [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
23:05:01.0488 0x12cc  WudfPf - ok
23:05:01.0488 0x12cc  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd          C:\Windows\System32\drivers\WUDFRd.sys
23:05:01.0503 0x12cc  WUDFRd - ok
23:05:01.0503 0x12cc  [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
23:05:01.0519 0x12cc  wudfsvc - ok
23:05:01.0519 0x12cc  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs       C:\Windows\System32\drivers\WUDFRd.sys
23:05:01.0535 0x12cc  WUDFWpdFs - ok
23:05:01.0535 0x12cc  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp      C:\Windows\System32\drivers\WUDFRd.sys
23:05:01.0550 0x12cc  WUDFWpdMtp - ok
23:05:01.0566 0x12cc  [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc         C:\Windows\System32\wwansvc.dll
23:05:01.0582 0x12cc  WwanSvc - ok
23:05:01.0582 0x12cc  ================ Scan global ===============================
23:05:01.0582 0x12cc  [ 3500AF0BA2EF095BF313EEB75D2366C6, C755E57B02BFA82151A182DF964349859575570EA5C3FBA81F747B8D2134A4D0 ] C:\Windows\system32\basesrv.dll
23:05:01.0597 0x12cc  [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\Windows\system32\winsrv.dll
23:05:01.0597 0x12cc  [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\Windows\system32\sxssrv.dll
23:05:01.0613 0x12cc  [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\Windows\system32\services.exe
23:05:01.0613 0x12cc  [ Global ] - ok
23:05:01.0613 0x12cc  ================ Scan MBR ==================================
23:05:01.0613 0x12cc  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
23:05:01.0644 0x12cc  \Device\Harddisk0\DR0 - ok
23:05:03.0566 0x12cc  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
23:05:03.0675 0x12cc  \Device\Harddisk1\DR1 - ok
23:05:03.0691 0x12cc  ================ Scan VBR ==================================
23:05:03.0691 0x12cc  [ 40FD72536052AD71500250E5EECFC9E5 ] \Device\Harddisk0\DR0\Partition1
23:05:03.0691 0x12cc  \Device\Harddisk0\DR0\Partition1 - ok
23:05:03.0691 0x12cc  [ B3A1E46EB4E4D210EBB9740BF888C478 ] \Device\Harddisk0\DR0\Partition2
23:05:03.0691 0x12cc  \Device\Harddisk0\DR0\Partition2 - ok
23:05:03.0691 0x12cc  [ 2B97C6ED32253AE89C72F74EC2CA498B ] \Device\Harddisk0\DR0\Partition3
23:05:03.0691 0x12cc  \Device\Harddisk0\DR0\Partition3 - ok
23:05:03.0691 0x12cc  [ DD1FB581E91A0B11476CEC191AD3018D ] \Device\Harddisk0\DR0\Partition4
23:05:03.0691 0x12cc  \Device\Harddisk0\DR0\Partition4 - ok
23:05:03.0691 0x12cc  [ 9660D0EF975A36250FDB4A53AE889CD4 ] \Device\Harddisk1\DR1\Partition1
23:05:03.0722 0x0d60  Object send P2P result: true
23:05:03.0722 0x0d60  Object required for P2P: [ DF2213CF2DD81B790B85541D138D93C7 ] nvlddmkm
23:05:03.0754 0x12cc  \Device\Harddisk1\DR1\Partition1 - ok
23:05:03.0785 0x12cc  [ C67F0C65C032612906E9DE11FEE2D01F ] \Device\Harddisk1\DR1\Partition2
23:05:03.0800 0x12cc  \Device\Harddisk1\DR1\Partition2 - ok
23:05:03.0800 0x12cc  ================ Scan generic autorun ======================
23:05:04.0019 0x12cc  [ 92894CE1B4DBBB9BB55EA0A1E6E7DF99, 06E575611BEF01D75789DD92AFE33A6CE9BA18831AD97E7C096BE6C2B0BFE64A ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
23:05:04.0269 0x12cc  RtHDVCpl - ok
23:05:04.0300 0x12cc  [ 01F0FC06366F80BF8964708042E0D9F5, 7DEA61576AC17C902B6041EE168BEF2AF2A43401829D2FF7E19747ED8D43B16D ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
23:05:04.0332 0x12cc  RtHDVBg_Dolby - ok
23:05:04.0379 0x12cc  [ 046DDF9B31BEC14D03CCC97DD728A4D1, D29F49F870B27553E13F9C1486D9B27A27C41FBEC7ACEC77EDFD5552C941E710 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
23:05:04.0441 0x12cc  NvBackend - ok
23:05:04.0441 0x12cc  [ 6C308D32AFA41D26CE2A0EA8F7B79565, 5CC2C563D89257964C4B446F54AFE1E57BBEE49315A9FC001FF5A6BCB6650393 ] C:\Windows\system32\rundll32.exe
23:05:04.0457 0x12cc  ShadowPlay - ok
23:05:04.0457 0x12cc  [ 690EB331346D7ADFDA18E50042DEA4B4, 0C219D7A5FCD4E0252C815373E67F843DBD7356FAE7AB836C451068B51438FE7 ] C:\Program Files\Classic Shell\ClassicStartMenu.exe
23:05:04.0457 0x12cc  Classic Start Menu - detected UnsignedFile.Multi.Generic ( 1 )
23:05:06.0160 0x0d60  Object send P2P result: true
23:05:06.0457 0x0438  Object required for P2P: [ BF8F54CA37E9C9D6582C31C5761F8C93 ] TsUsbFlt
23:05:06.0800 0x12cc  Detect skipped due to KSN trusted
23:05:06.0800 0x12cc  Classic Start Menu - ok
23:05:06.0800 0x12cc  [ 66EB26B4A0C2146ADD7828A5A4EC81E0, 4EAE3E7EAD67DB5E69EA8305F7ED9F606C322BC61E2DD486AB58E6586D5DD87F ] C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
23:05:06.0816 0x12cc  BacKGround Agent - ok
23:05:06.0816 0x12cc  [ 35048D8E8A0BF7A797CD5757ACD7EED0, 890FCF24869614B3990B575A588ECB35C25A5B896F21BF9C66D43C93787FDD7A ] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
23:05:06.0816 0x12cc  CLMLServer - ok
23:05:06.0832 0x12cc  [ B00F98FF6FE8682FF941BEB2559BF191, EB443E294C5609F426BF6EE388F3A4B71EFE2C6A8216C0F6DE7AE6DB382BF620 ] C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
23:05:06.0832 0x12cc  YouCam Mirage - ok
23:05:06.0832 0x12cc  [ 324285C053CB9C894431559F962B101C, 81858C33EA53B0B06A684E10465FA44BB050832BC2F35544F8FD24CB8473EA1F ] C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe
23:05:06.0847 0x12cc  YouCam Tray - ok
23:05:06.0847 0x12cc  [ 9D56299FA5C9B3D9E67FF3ACB301139F, 202A0542BEA33C5F78A406EF9479EB7BD42FCBEAC9F49F38F6ECC48554117811 ] C:\Program Files (x86)\lg_fwupdate\lgfw.exe
23:05:06.0863 0x12cc  LGODDFU - ok
23:05:06.0863 0x12cc  [ 35B8CDACB318EEC3C7B33AD7A99F1BC3, 5C0CA919D54F2857C913CBCE01DFBDA94CFFCBFCEC342871104598850A50F6DB ] C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
23:05:06.0863 0x12cc  abDocsDllLoader - ok
23:05:06.0879 0x12cc  [ C9B67BCB8E384064A8C2263740B0C437, F2609406A84F3A8E256DD250F84A774EF43F92C9F8B373E297A99ACF95B3CCE4 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
23:05:06.0894 0x12cc  SunJavaUpdateSched - ok
23:05:06.0910 0x12cc  [ 5F2FD7A71EBBCE7C439490E9921A56EE, 98530FE6EEC7BDCE271D8C86F8C3B438D8A54A19743440E59B19040822387CBF ] C:\Program Files (x86)\PDF24\pdf24.exe
23:05:06.0910 0x12cc  PDFPrint - ok
23:05:06.0972 0x12cc  [ 7AB06BB56EA5AAB7340CDCED56A0486F, 2992F9DD854ADE90EA734F01B41FEE12C4080A82B564BF3D20B08ED54380AFB9 ] C:\Program Files (x86)\Steam\steam.exe
23:05:07.0019 0x12cc  Steam - ok
23:05:07.0050 0x12cc  [ EE591DAC311022DD8E6A2E6345962F5D, 83D2F3621A7728E5F506A4A02B362A0B090450F62392B8FD640A70C6D52F2CC6 ] C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
23:05:07.0097 0x12cc  AcerPortal - ok
23:05:07.0097 0x12cc  Skype - ok
23:05:07.0097 0x12cc  Waiting for KSN requests completion. In queue: 113
23:05:08.0113 0x12cc  Waiting for KSN requests completion. In queue: 113
23:05:08.0863 0x0438  Object send P2P result: true
23:05:09.0129 0x12cc  Waiting for KSN requests completion. In queue: 14
23:05:09.0425 0x1860  Object required for P2P: [ 7AB06BB56EA5AAB7340CDCED56A0486F ] C:\Program Files (x86)\Steam\steam.exe
23:05:10.0144 0x12cc  Waiting for KSN requests completion. In queue: 2
23:05:11.0160 0x12cc  Waiting for KSN requests completion. In queue: 2
23:05:11.0847 0x1860  Object send P2P result: true
23:05:12.0176 0x12cc  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.207.0 ), 0x60100 ( disabled : updated )
23:05:12.0176 0x12cc  AV detected via SS2: McAfee Anti-Virus und Anti-Spyware, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 14.0.0.0 ), 0x51000 ( enabled : updated )
23:05:12.0176 0x12cc  FW detected via SS2: McAfee Firewall, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 14.0.0.0 ), 0x51010 ( enabled )
23:05:14.0551 0x12cc  ============================================================
23:05:14.0551 0x12cc  Scan finished
23:05:14.0551 0x12cc  ============================================================
23:05:14.0551 0x0f20  Detected object count: 1
23:05:14.0551 0x0f20  Actual detected object count: 1
23:06:10.0723 0x0f20  OpenVPNService ( UnsignedFile.Multi.Generic ) - skipped by user
23:06:10.0723 0x0f20  OpenVPNService ( UnsignedFile.Multi.Generic ) - User select action: Skip

Der TDSS Killer hat ein Objekt gefunden, dies war allerdings mein VPN Service, den ich nutze um von zu Hause ins Uninetz zu gehen, daher nehme ich nicht an, dass er ein Problem darstellt? Ich habe "skip" ausgewählt und habe dann den Report siehe oben aufgerufen und in zwei Teilen gepostet, da er zu lang war.

M-K-D-B · 14.04.2016, 15:33

Servus,

AdwCleaner Logdateien finden sich hier:
C:\AdwCleaner\AdwCleanerC[x].txt (x = fortlaufende Zahl)

MBAM Logdateien finden sich hier:

Lesestoff
MBAM-Funde posten: So gehts...
Manchmal ist es wichtig zu wissen, welche Schadprogramme im Vorfeld ohne Anweisung der Helfer schon gelöscht wurden.
Daher benötige ich den Inhalt der Logdatei, in welcher der Suchlauf protokolliert wurde.

Starte MBAM.
Klicke auf Verlauf.
Klicke auf Anwendungsprotokolle.
Klicke auf das letzte Scan-Protokoll mit Funden.
Klicke auf Export und dann auf "In Zwischenablage kopieren".
Poste den Inhalt in Code-Tags [CODE] [/CODE] durch Einfügen mit Strg+V als Antwort in Deinen Thread.

Waffelprinz · 14.04.2016, 16:25

Den AdwCleaner-Bericht kann ich leider nicht mehr rückwirkend finden, da ich ihn schon deinstalliert hatte.
Bei MBAM hat der Rückgriff aber mit Neuinstallation geklappt:

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 11.04.2016
Suchlaufzeit: 18:50
Protokolldatei: 
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2016.04.11.04
Rootkit-Datenbank: v2016.04.09.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Evan

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 371104
Abgelaufene Zeit: 4 Min., 52 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 2
PUP.Optional.OfferScreen, C:\Users\Evan\AppData\Local\Temp\nsgC6FB.tmp, In Quarantäne, [1b75c3ea5346dd59ebc1acf18d7741bf], 
PUP.Optional.OfferScreen, C:\Users\Evan\AppData\Local\Temp\nsrA6A2.tmp, In Quarantäne, [167a2a839702f73fcddfbde03aca19e7], 

Dateien: 41
PUP.Optional.Monetizer, C:\Users\Evan\AppData\Local\Temp\is-RMNC7.tmp\CBStub.exe, In Quarantäne, [c3cd6845b8e1cc6a74bf8ad55ca6db25], 
PUP.Optional.Monetizer, C:\Users\Evan\AppData\Local\Temp\is-UF5OP.tmp\CBStub.exe, In Quarantäne, [d5bbaeffa2f767cf83b0263939c9dd23], 
PUP.Optional.CheckOffer, C:\Users\Evan\AppData\Local\Temp\nsgC6FB.tmp\nsCBHTML5.dll, In Quarantäne, [e3ad931acacf70c6c0b5f035b74aa15f], 
PUP.Optional.OfferScreen, C:\Users\Evan\AppData\Local\Temp\nsgC6FB.tmp\OfferScreen_383.html, In Quarantäne, [1b75c3ea5346dd59ebc1acf18d7741bf], 
PUP.Optional.OfferScreen, C:\Users\Evan\AppData\Local\Temp\nsgC6FB.tmp\blowfish.dll, In Quarantäne, [1b75c3ea5346dd59ebc1acf18d7741bf], 
PUP.Optional.OfferScreen, C:\Users\Evan\AppData\Local\Temp\nsgC6FB.tmp\FirstResult.txt, In Quarantäne, [1b75c3ea5346dd59ebc1acf18d7741bf], 
PUP.Optional.OfferScreen, C:\Users\Evan\AppData\Local\Temp\nsgC6FB.tmp\GetVersion.dll, In Quarantäne, [1b75c3ea5346dd59ebc1acf18d7741bf], 
PUP.Optional.OfferScreen, C:\Users\Evan\AppData\Local\Temp\nsgC6FB.tmp\header.bmp, In Quarantäne, [1b75c3ea5346dd59ebc1acf18d7741bf], 
PUP.Optional.OfferScreen, C:\Users\Evan\AppData\Local\Temp\nsgC6FB.tmp\inner.png, In Quarantäne, [1b75c3ea5346dd59ebc1acf18d7741bf], 
PUP.Optional.OfferScreen, C:\Users\Evan\AppData\Local\Temp\nsgC6FB.tmp\manlib.dll, In Quarantäne, [1b75c3ea5346dd59ebc1acf18d7741bf], 
PUP.Optional.OfferScreen, C:\Users\Evan\AppData\Local\Temp\nsgC6FB.tmp\Math.dll, In Quarantäne, [1b75c3ea5346dd59ebc1acf18d7741bf], 
PUP.Optional.OfferScreen, C:\Users\Evan\AppData\Local\Temp\nsgC6FB.tmp\nsDialogs.dll, In Quarantäne, [1b75c3ea5346dd59ebc1acf18d7741bf], 
PUP.Optional.OfferScreen, C:\Users\Evan\AppData\Local\Temp\nsgC6FB.tmp\nsExec.dll, In Quarantäne, [1b75c3ea5346dd59ebc1acf18d7741bf], 
PUP.Optional.OfferScreen, C:\Users\Evan\AppData\Local\Temp\nsgC6FB.tmp\nsisunz.dll, In Quarantäne, [1b75c3ea5346dd59ebc1acf18d7741bf], 
PUP.Optional.OfferScreen, C:\Users\Evan\AppData\Local\Temp\nsgC6FB.tmp\Offer1.zip, In Quarantäne, [1b75c3ea5346dd59ebc1acf18d7741bf], 
PUP.Optional.OfferScreen, C:\Users\Evan\AppData\Local\Temp\nsgC6FB.tmp\pdf.png, In Quarantäne, [1b75c3ea5346dd59ebc1acf18d7741bf], 
PUP.Optional.OfferScreen, C:\Users\Evan\AppData\Local\Temp\nsgC6FB.tmp\registry.dll, In Quarantäne, [1b75c3ea5346dd59ebc1acf18d7741bf], 
PUP.Optional.OfferScreen, C:\Users\Evan\AppData\Local\Temp\nsgC6FB.tmp\SecondResult.txt, In Quarantäne, [1b75c3ea5346dd59ebc1acf18d7741bf], 
PUP.Optional.OfferScreen, C:\Users\Evan\AppData\Local\Temp\nsgC6FB.tmp\serlib.dll, In Quarantäne, [1b75c3ea5346dd59ebc1acf18d7741bf], 
PUP.Optional.OfferScreen, C:\Users\Evan\AppData\Local\Temp\nsgC6FB.tmp\System.dll, In Quarantäne, [1b75c3ea5346dd59ebc1acf18d7741bf], 
PUP.Optional.OfferScreen, C:\Users\Evan\AppData\Local\Temp\nsgC6FB.tmp\UserInfo.dll, In Quarantäne, [1b75c3ea5346dd59ebc1acf18d7741bf], 
PUP.Optional.OfferScreen, C:\Users\Evan\AppData\Local\Temp\nsgC6FB.tmp\Webcompanion.png, In Quarantäne, [1b75c3ea5346dd59ebc1acf18d7741bf], 
PUP.Optional.OfferScreen, C:\Users\Evan\AppData\Local\Temp\nsrA6A2.tmp\OfferScreen_383.html, In Quarantäne, [167a2a839702f73fcddfbde03aca19e7], 
PUP.Optional.OfferScreen, C:\Users\Evan\AppData\Local\Temp\nsrA6A2.tmp\blowfish.dll, In Quarantäne, [167a2a839702f73fcddfbde03aca19e7], 
PUP.Optional.OfferScreen, C:\Users\Evan\AppData\Local\Temp\nsrA6A2.tmp\FirstResult.txt, In Quarantäne, [167a2a839702f73fcddfbde03aca19e7], 
PUP.Optional.OfferScreen, C:\Users\Evan\AppData\Local\Temp\nsrA6A2.tmp\GetVersion.dll, In Quarantäne, [167a2a839702f73fcddfbde03aca19e7], 
PUP.Optional.OfferScreen, C:\Users\Evan\AppData\Local\Temp\nsrA6A2.tmp\header.bmp, In Quarantäne, [167a2a839702f73fcddfbde03aca19e7], 
PUP.Optional.OfferScreen, C:\Users\Evan\AppData\Local\Temp\nsrA6A2.tmp\inner.png, In Quarantäne, [167a2a839702f73fcddfbde03aca19e7], 
PUP.Optional.OfferScreen, C:\Users\Evan\AppData\Local\Temp\nsrA6A2.tmp\manlib.dll, In Quarantäne, [167a2a839702f73fcddfbde03aca19e7], 
PUP.Optional.OfferScreen, C:\Users\Evan\AppData\Local\Temp\nsrA6A2.tmp\Math.dll, In Quarantäne, [167a2a839702f73fcddfbde03aca19e7], 
PUP.Optional.OfferScreen, C:\Users\Evan\AppData\Local\Temp\nsrA6A2.tmp\nsDialogs.dll, In Quarantäne, [167a2a839702f73fcddfbde03aca19e7], 
PUP.Optional.OfferScreen, C:\Users\Evan\AppData\Local\Temp\nsrA6A2.tmp\nsExec.dll, In Quarantäne, [167a2a839702f73fcddfbde03aca19e7], 
PUP.Optional.OfferScreen, C:\Users\Evan\AppData\Local\Temp\nsrA6A2.tmp\nsisunz.dll, In Quarantäne, [167a2a839702f73fcddfbde03aca19e7], 
PUP.Optional.OfferScreen, C:\Users\Evan\AppData\Local\Temp\nsrA6A2.tmp\Offer1.zip, In Quarantäne, [167a2a839702f73fcddfbde03aca19e7], 
PUP.Optional.OfferScreen, C:\Users\Evan\AppData\Local\Temp\nsrA6A2.tmp\pdf.png, In Quarantäne, [167a2a839702f73fcddfbde03aca19e7], 
PUP.Optional.OfferScreen, C:\Users\Evan\AppData\Local\Temp\nsrA6A2.tmp\registry.dll, In Quarantäne, [167a2a839702f73fcddfbde03aca19e7], 
PUP.Optional.OfferScreen, C:\Users\Evan\AppData\Local\Temp\nsrA6A2.tmp\SecondResult.txt, In Quarantäne, [167a2a839702f73fcddfbde03aca19e7], 
PUP.Optional.OfferScreen, C:\Users\Evan\AppData\Local\Temp\nsrA6A2.tmp\serlib.dll, In Quarantäne, [167a2a839702f73fcddfbde03aca19e7], 
PUP.Optional.OfferScreen, C:\Users\Evan\AppData\Local\Temp\nsrA6A2.tmp\System.dll, In Quarantäne, [167a2a839702f73fcddfbde03aca19e7], 
PUP.Optional.OfferScreen, C:\Users\Evan\AppData\Local\Temp\nsrA6A2.tmp\UserInfo.dll, In Quarantäne, [167a2a839702f73fcddfbde03aca19e7], 
PUP.Optional.OfferScreen, C:\Users\Evan\AppData\Local\Temp\nsrA6A2.tmp\Webcompanion.png, In Quarantäne, [167a2a839702f73fcddfbde03aca19e7], 

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

M-K-D-B · 15.04.2016, 19:31

Servus,

wir lassen die Tools nochmal laufen, evtl. wird noch was durch die aktuellsten Versionen enternt.
In welchem Browser hast du das Problem?

Schritt 1
Downloade Dir bitte AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. (Bebilderte Anleitung zu AdwCleaner)
Starte die adwcleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- "Prefetch" Dateien löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Chrome Einstellungen zurücksetzen
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 2
Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 3

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

Schritt 4

Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Bitte poste mit deiner nächsten Antwort

die Logdatei von AdwCleaner,
die Logdatei von MBAM,
die Logdatei von JRT,
die beiden neuen Logdateien von FRST.

Waffelprinz · 15.04.2016, 21:56

Das Problem besteht in Firefox und im Internet Explorer. Ich benutze aber eigentlich nur Firefox.

1. Schritt: der Adw Cleaner hat nichts gefunden.
2. Schritt: MBAM hat nichts gefunden.

3. Junkware Removal hat etwas gefunden:

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.4 (03.14.2016)
Operating System: Windows 8.1 x64 
Ran by Evan (Administrator) on 15.04.2016 at 23:20:33,78
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 1 

Successfully deleted: C:\ProgramData\pdfforge (Folder) 



Registry: 3 

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77CC7B76-B91B-4C13-8068-EC9B1F6BEB9E} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 15.04.2016 at 23:21:14,92
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

4. Schritt

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:13-04-2016
durchgeführt von Evan (2016-04-15 23:25:48)
Gestartet von C:\Users\Evan\Desktop
Windows 8.1 (X64) (2014-10-25 01:49:25)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3016204580-1220623134-1212562069-500 - Administrator - Disabled)
Evan (S-1-5-21-3016204580-1220623134-1212562069-1001 - Administrator - Enabled) => C:\Users\Evan
Gast (S-1-5-21-3016204580-1220623134-1212562069-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3016204580-1220623134-1212562069-1003 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.34 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0934-000001000000}) (Version: 9.34.00.0 - Igor Pavlov)
abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.05.2005 - Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.01.2006 - Acer Incorporated)
abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.00.3002 - Acer Incorporated)
abMedia (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.06.2001.3 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.01.2005.1 - Acer Incorporated)
Acer Care Center (HKLM\...\{A424844F-CDB3-45E2-BB77-1DDE4A091E76}) (Version: 1.00.3013 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8107 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.04.2002 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8105 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3016.0 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8108 - Acer Incorporated)
Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.02.3004 - Acer Incorporated)
Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.02.3004 - Acer Incorporated)
Acer Video Player (HKLM-x32\...\{B6846F20-4821-11E3-8F96-0800200C9A66}) (Version: 1.00.2005.0 - Acer Incorporated)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.04.2001.2 - Acer Incorporated)
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Chaos on Deponia (HKLM-x32\...\Steam App 220740) (Version:  - Daedalic Entertainment)
Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version:  - Colossal Order Ltd.)
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4917 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.4220 - CyberLink Corp.)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.6.3.1 - Dolby Laboratories Inc)
EAX Unified (HKLM-x32\...\EAX Unified) (Version:  - )
Foxit PhantomPDF (HKLM-x32\...\{F74C595C-BEF2-4AF9-9C4E-68F3CD509C4D}) (Version: 6.0.122.807 - Foxit Corporation)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.0.1168 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3643 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.20 - Intel(R) Corporation) Hidden
Java 8 Update 77 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation)
LG ODD Auto Firmware Update (HKLM-x32\...\{6179550A-3E7C-499E-BCC9-9E8113E0A285}) (Version: 10.01.0712.01 - )
McAfee Internet Security (HKLM-x32\...\MSC) (Version: 14.0.7086 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.187 - McAfee, Inc.)
Media Go (HKLM-x32\...\{1CBCA994-0290-49AD-98D3-9013A0F102E6}) (Version: 2.9.406 - Sony)
Media Go Network Downloader (HKLM-x32\...\{C52148B9-19E0-433A-9422-3451B1BEE20F}) (Version: 1.6.01.0 - Sony)
Media Go Video Playback Engine 2.16.108.12020 (HKLM-x32\...\{D4E76014-8D95-87D9-991F-287823C60736}) (Version: 2.16.108.12020 - Sony)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d491dd9d-2eda-4d75-b504-1a201436e7fd}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 45.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 45.0.2 (x86 de)) (Version: 45.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.2.5941 - Mozilla)
MSI Afterburner 4.1.0 (HKLM-x32\...\Afterburner) (Version: 4.1.0 - MSI Co., LTD)
NVIDIA GeForce Experience 2.4.3.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.3.22 - NVIDIA Corporation)
NVIDIA Grafiktreiber 355.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 355.82 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Oddworld: New 'n' Tasty (HKLM-x32\...\Steam App 314660) (Version:  - Just Add Water (Developments), Ltd.)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenVPN 2.3.8-I001 (HKLM\...\OpenVPN) (Version: 2.3.8-I001 - )
PDF24 Creator 7.7.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.140.248 - Google, Inc.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.322 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.33 - Qualcomm Atheros)
R for Windows 3.1.1 (HKLM\...\R for Windows 3.1.1_is1) (Version: 3.1.1 - R Core Team)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.39059 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.32.508.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7260 - Realtek Semiconductor Corp.)
Risen 3 - Titan Lords (HKLM-x32\...\{383CAA4A-9B72-4DE9-9B0F-780C49682780}) (Version: 1.00 - Deep Silver)
RivaTuner Statistics Server 6.3.0 (HKLM-x32\...\RTSS) (Version: 6.3.0 - Unwinder)
RStudio (HKLM-x32\...\RStudio) (Version: 0.98.1083 - RStudio)
SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.3.22 - NVIDIA Corporation) Hidden
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
Sony Mobile Update Engine (HKLM-x32\...\Update Engine) (Version: 2.15.9.201506301709 - Sony Mobile Communications Inc.)
Sony PC Companion 2.10.303 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.303 - Sony)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TAP-Windows 9.21.1 (HKLM\...\TAP-Windows) (Version: 9.21.1 - )
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Witcher 2 Enhanced Edition Version 3.0 (HKLM-x32\...\The Witcher 2 Enhanced Edition_is1) (Version: 3.0 - CD Projekt RED)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
YouCam (x32 Version: 3.1.5324 - CyberLink Corp.) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0438DFF0-087E-4496-9B88-67D380E0F6CE} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe [2014-04-07] (Dolby Laboratories Inc.)
Task: {07DEE563-5E50-4148-9BC8-55988743C300} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2014-06-12] (Acer Incorporated)
Task: {1FEFC4E0-B7B2-425D-BCEF-76E5C3560E8D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {36D7D685-B157-4744-9710-3EDF83312862} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2014-12-19] (Acer)
Task: {42D56C32-96DF-4A0A-BF74-A54D2CB05AE8} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2014-06-17] (Acer Incorporated)
Task: {5D252230-B5E3-4B3B-95ED-9FDAF6CC0299} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-04-13] (Microsoft Corporation)
Task: {72391D67-EAD5-4D09-9EF5-CEB535ADC0E3} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {82ACFCD7-B393-4BE3-9DB2-19497D6BD98F} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {88C285B0-440F-4718-9F30-7B3126767EA8} - System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\54.0\mcdatrep.exe [2016-02-17] (McAfee, Inc.)
Task: {8DCEB907-538B-41A2-9C19-A1D03B399A10} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-12] (TODO: <Company name>)
Task: {8EA9FAED-585E-44C9-A704-1E3BDD4EEA40} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {933E147E-9055-42AA-B205-42FBBAFB33A9} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {9A0330DC-EC17-464C-AE13-44A5AA332DC5} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2014-06-09] (Acer Incorporated)
Task: {9BB1D16C-2C31-48CA-9586-9818EF4E017C} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-06-14] (CyberLink)
Task: {C5D87C08-83ED-42A3-A3F9-766658EABB44} - System32\Tasks\{94946F91-F176-4403-A8FA-4FAC39AE0EE0} => pcalua.exe -a D:\Mafia\Game.exe -d D:\Mafia\
Task: {D6516972-5F11-4F87-A9A2-20357952739A} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {DF01C272-D0A3-49FB-B4E8-EF171DE25346} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {EEF607C6-130D-4846-ABE6-E28493E41F67} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2014-08-29] ()
Task: {F2009D4F-13DC-490D-BEBC-26506D69C0C8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-07] (Adobe Systems Incorporated)
Task: {F3BF824E-B9EE-4C2A-8092-0C0642CB8981} - System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\54.0\mcdatrep.exe [2016-02-17] (McAfee, Inc.)
Task: {FA7CC1C1-21C4-4C41-8926-88EC274D1C2F} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2014-06-10] (Acer Incorporate)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2014-08-25 09:03 - 2012-04-24 12:43 - 00254512 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2015-07-06 17:29 - 2015-07-06 17:29 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\ErrorReporting.dll
2014-02-19 18:51 - 2014-02-19 18:51 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2015-12-14 18:57 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3016204580-1220623134-1212562069-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Evan\AppData\Roaming\Microsoft\Windows Photo Viewer\Hintergrundbild der Windows-Fotoanzeige.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\Run32: => "YouCam Tray"
HKLM\...\StartupApproved\Run32: => "YouCam Mirage"
HKU\S-1-5-21-3016204580-1220623134-1212562069-1001\...\StartupApproved\StartupFolder: => "OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk"
HKU\S-1-5-21-3016204580-1220623134-1212562069-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3016204580-1220623134-1212562069-1001\...\StartupApproved\Run: => "Skype"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{2966FB4D-C583-476B-89B4-A4AFEAC95935}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{55D1DB7B-D233-4FE1-BC3A-F577037AA8D8}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{52F77EAA-F3FE-4A09-833B-85BF8C9563BB}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{DBF690CD-1CF1-4EA8-BD09-9687FE515801}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{BACDEDB1-CB5C-4686-A0DF-FF137418CC34}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{E0303806-E35D-4BBC-A376-53C96721794F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{72923A2B-27F1-4F37-9EC1-C55F56AB2F8D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{1BD9A3AE-16B6-4941-B4F5-579BA6A7540E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8858D2EA-2A7C-4A90-AA3D-F205E93C4D1C}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{8BBE60A9-2891-43C3-A8DA-BD378A089F79}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{D98FB3C7-4F2C-4D08-A912-71208322D714}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{0FA90734-EF71-460C-BA28-AF3B9EDDFC77}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{6840477D-578D-4383-AB62-D634E1A757B4}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{55B076CC-22F5-4593-9553-55EE2E672F45}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{0CE5AD16-4FB5-4E73-8D64-5EC79E9B4964}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{3CB2D5F3-B5F9-42BE-B43A-5CD56DACA4D3}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{B7C1612A-26C3-4334-B5CF-D380E25A0D3D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{B2B0E6E4-5FAE-48B9-8008-BBF0EA9D1BF6}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{1130A686-561F-4DBD-8D06-58566D4D4D63}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{09D4FE92-82F6-4C4B-A402-35B0339B4388}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{92668C8E-3B52-43E3-BAC5-B415AB97524E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{CD10CE44-CF5D-47B1-83CD-E1BDA8317477}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{3A06F4E8-A97C-47B4-84E3-4B329D2C9EE2}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{B73F9DFE-3AA7-4040-B344-E235D06CB737}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{97E8DEF3-7510-45A2-A464-65A3A942FE80}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{898DCBC9-925E-4F15-8B8F-CCCE864491AA}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{D767FBC7-F001-4CC1-92B9-3CF26609C104}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{3A7E9868-35FC-4F4B-8111-107CD193FD22}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{B4AD301F-F413-4374-8A7D-D700DB5597AC}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{CED97A2E-740F-4ABA-9E98-8499F7209658}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{2C129A10-DD75-4275-9A07-5693CEE2920E}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{E0619D53-282D-428A-A8E6-D36B0AAB8F77}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{7DC1F2AF-BC6E-4D2B-A0D2-715F2E1FC644}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{C2F6C388-FE92-4BB1-BDFD-91EF8FC41C07}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{31140215-45ED-40D6-BF4F-1DF8EAF2807D}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{6213171F-DC6C-4808-855F-CC249A3B5D25}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{37D2C8D2-0FD1-4570-B2AB-060BCF4C68EF}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{27C8D863-5DE2-42D0-BC0C-B2DF703219DB}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{5550231F-F2D5-4973-B228-2B64FAC1D2D4}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{C095390D-F95F-433B-906F-8269CBD8FC1A}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{826B1BF8-521F-491D-9BDD-F0EDE575CAAA}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{79B67E20-4C49-4CAD-962E-70868CF5DC62}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{58D7FC7B-96DD-4168-A869-00C1110E8B99}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{9A31EF61-8070-4520-8B8B-F209A65C4108}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{EED79EB5-FDC0-4ADB-B33B-6636F76CF08B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{CAF39AFC-0747-4FFD-B81F-0EB4978513A5}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{0983FE4E-741C-48DC-B617-2EF4D65A14A3}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{DB7BB829-C696-4C53-B7F5-E67C4641D2A3}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{B24D7978-6CFD-46E0-896C-39DDB15D0EC4}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{53FC2207-F4D3-4F74-A2E3-3D6E06055831}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{501A251D-AFE8-4490-8320-DCD3BE60B2C9}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{BC1C2CD4-E9AC-4A63-B1F4-FE3DD2854975}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{4F3A6447-2392-4A4C-A646-AC03E36EB0CE}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{01C00909-1A76-476A-9C16-9A820D0854D4}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{56A8348C-7770-4692-BDD0-C536D608C4F9}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{CE53B88F-0FBC-48C7-8D7D-3D33030F7FB6}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{FD341979-A0FD-432D-B0C1-DD36AC6C9322}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{BB0AC2A2-3069-4AB4-922B-7182F859D654}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{B5B05E8E-FB4A-421A-B85C-CAB8401F0B03}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{E465B0F1-CFB6-44B7-AE0C-2083BE5A4D8A}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{B2A19B95-5420-4FCF-B766-3C4D4FEE4D1A}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{261F26CF-2D83-4B74-A032-A3D79751B5E8}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{69260419-26B4-4DDD-BF1D-F469A03AFBC5}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{390DE55B-FDE4-4B31-BCD6-A27DD4FF9745}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F747BDC2-6B6D-45DB-A844-BBC8F791AB84}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{4EC725B5-6A63-4BA0-8D6C-A40084229AA5}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{1D6409B1-249B-460D-9093-2AE5C3487104}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{7A325B55-3EE2-411A-9CCB-A776E345E83A}] => (Allow) D:\SteamLibrary\SteamApps\common\Chaos on Deponia\deponia2.exe
FirewallRules: [{5C82374D-27FA-4068-A202-5907FD4C508C}] => (Allow) D:\SteamLibrary\SteamApps\common\Chaos on Deponia\deponia2.exe
FirewallRules: [{2FC5EFA4-C48F-469F-AB87-EABA118AD758}] => (Allow) D:\SteamLibrary\SteamApps\common\Chaos on Deponia\VisionaireConfigurationTool.exe
FirewallRules: [{507DE4A5-46F4-4F2C-996F-7C951872E6E5}] => (Allow) D:\SteamLibrary\SteamApps\common\Chaos on Deponia\VisionaireConfigurationTool.exe
FirewallRules: [{B755D13F-3AB0-4280-9E03-1D719627CFE0}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{C1A69C26-1242-4FAF-B619-C63DEADEB4A2}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{D763EE58-BA1D-447C-B729-742BA4FD3644}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{9A1E18A9-E7B8-40C0-88D0-5CB10133FC6B}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{E8E75747-4782-41D0-A491-89C330EA5F98}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{3BB2BD74-D59F-4358-B405-6890BF2CE2BB}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{96161B9A-E582-495D-A908-1F3E4A21AEAB}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{C16C34E3-3EBC-45E0-B341-7E0A323FD486}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{74B6045A-4DD9-4A26-AB91-3E330B975112}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{433C8295-8217-44D8-945B-F3938CA58B83}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{F4E0685A-BCD3-4BBF-ACA4-33F5D5B9BC7E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{8AF7FB5D-F04C-440D-BE1F-10502E9BF25B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{BE98D70F-5041-432B-A1B6-DE53C1135C68}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{0C7948D9-D031-4DFD-9FF6-49870619E20A}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{782FDBF0-6290-4DB0-94F8-637756DCF48D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{E10CE0E0-7C71-4C49-9FC4-4BE6DB1FD306}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{C004AC70-A70B-4E01-B6A0-DDF25C7510AB}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{91EF9F2C-EB5B-4C48-AAFF-7B19F87B9202}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{A664105B-DB4C-4572-9FA7-F1016D66F368}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{2CCDAB98-8939-4F50-B9CE-2321C2D16109}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{CB220BBE-4A4B-4D8A-8A0E-FA04ECCD59E5}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{36773FAB-6576-4D75-A144-30AF025431D1}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{D142FB79-004B-4402-AE7F-23C946995440}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{788AEAFF-67CA-4634-8EF4-9CB0FFD9B9F2}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{94C197FE-54B3-4F5A-8071-A0247EBCEC58}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{BE153F6A-E381-4D67-A7BD-B0BC547727D8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{C3636CA7-7DEF-4D87-8CA4-00B473E633C0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{01C0F763-7C16-4AF5-8292-3D2D03EEABA9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4185D03B-70CB-4928-9C11-A701FCC43993}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{2F6FEBB6-4A75-4DAD-AFF0-18ED8D6BCFDB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{86CDD454-0A3C-4566-8583-7DF5794CE043}] => (Allow) D:\Games\Hearthstone\Battle.net\Battle.net.exe
FirewallRules: [{BCB73C98-052F-47E9-B413-571B6B65B19F}] => (Allow) D:\Games\Hearthstone\Battle.net\Battle.net.exe
FirewallRules: [{E115148E-C055-42C8-8D28-E2DBBAAC0BA0}] => (Allow) D:\Games\Hearthstone\Hearthstone\Hearthstone.exe
FirewallRules: [{C769E317-1D68-4DE1-898D-97BC9B15E4A4}] => (Allow) D:\Games\Hearthstone\Hearthstone\Hearthstone.exe
FirewallRules: [{7BC76A29-6A6B-4D37-B1CB-5705FC12390B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{C9F58FF4-868F-47FA-900D-CEB38FDC6D7A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{9FDF4711-9B8F-48C5-AE01-BA853F9C074F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{23181098-1793-405E-8AE8-9744849B1B9E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{A9AE47C0-B61F-4C61-89D6-E0B71FF7D283}] => (Allow) D:\SteamLibrary\SteamApps\common\Oddworld New n Tasty\NNT.exe
FirewallRules: [{F33373BF-E370-4DA1-9984-6D66F4C99FF7}] => (Allow) D:\SteamLibrary\SteamApps\common\Oddworld New n Tasty\NNT.exe
FirewallRules: [{4BC700DB-A58C-4BF4-9FC5-5552108B3618}] => (Allow) D:\SteamLibrary\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{AA5AAB93-303C-4A76-83EB-A08AB6546078}] => (Allow) D:\SteamLibrary\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{93554606-F44B-442F-83B7-86F3CF26D6D6}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{EC0FFDD4-F1F7-4E86-A22D-40DEAEC4F326}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{509351F1-5487-4C5B-94A7-5A5E592E7727}] => (Allow) D:\SteamLibrary\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{1628B84B-A3F4-4DA3-8AEF-9C859D23FF06}] => (Allow) D:\SteamLibrary\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{2512A4FC-BFA0-4FD3-85CA-31C7CEAC32B7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{33919CCB-33FE-4407-9AFD-971B9AF1F24C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Wiederherstellungspunkte =========================

24-03-2016 21:00:45 McAfee  Vulnerability Scanner
01-04-2016 10:45:07 Installed PDF Architect 4 View Module
01-04-2016 10:45:55 Installed PDF Architect 4 Edit Module
08-04-2016 11:30:52 Geplanter Prüfpunkt
13-04-2016 12:09:58 Windows Update
15-04-2016 23:20:37 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (04/15/2016 10:56:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AcerPortal.exe, Version: 3.0.4.2002, Zeitstempel: 0x54942c87
Name des fehlerhaften Moduls: SHELL32.dll, Version: 6.3.9600.18231, Zeitstempel: 0x56b8f1ef
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00218d0b
ID des fehlerhaften Prozesses: 0x15f4
Startzeit der fehlerhaften Anwendung: 0xAcerPortal.exe0
Pfad der fehlerhaften Anwendung: AcerPortal.exe1
Pfad des fehlerhaften Moduls: AcerPortal.exe2
Berichtskennung: AcerPortal.exe3
Vollständiger Name des fehlerhaften Pakets: AcerPortal.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AcerPortal.exe5

Error: (04/15/2016 04:00:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AcerPortal.exe, Version: 3.0.4.2002, Zeitstempel: 0x54942c87
Name des fehlerhaften Moduls: SHELL32.dll, Version: 6.3.9600.18231, Zeitstempel: 0x56b8f1ef
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00218d0b
ID des fehlerhaften Prozesses: 0xe3c
Startzeit der fehlerhaften Anwendung: 0xAcerPortal.exe0
Pfad der fehlerhaften Anwendung: AcerPortal.exe1
Pfad des fehlerhaften Moduls: AcerPortal.exe2
Berichtskennung: AcerPortal.exe3
Vollständiger Name des fehlerhaften Pakets: AcerPortal.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AcerPortal.exe5

Error: (04/15/2016 12:53:11 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]

Error: (04/15/2016 03:01:41 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]

Error: (04/15/2016 12:11:27 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "Recovery" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)

Error: (04/14/2016 05:30:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_PcaSvc, Version: 6.3.9600.17415, Zeitstempel: 0x54504177
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.18194, Zeitstempel: 0x56951674
Ausnahmecode: 0xc0000008
Fehleroffset: 0x00000000000925fa
ID des fehlerhaften Prozesses: 0x438
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_PcaSvc0
Pfad der fehlerhaften Anwendung: svchost.exe_PcaSvc1
Pfad des fehlerhaften Moduls: svchost.exe_PcaSvc2
Berichtskennung: svchost.exe_PcaSvc3
Vollständiger Name des fehlerhaften Pakets: svchost.exe_PcaSvc4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe_PcaSvc5

Error: (04/14/2016 05:14:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AcerPortal.exe, Version: 3.0.4.2002, Zeitstempel: 0x54942c87
Name des fehlerhaften Moduls: SHELL32.dll, Version: 6.3.9600.18231, Zeitstempel: 0x56b8f1ef
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00218d0b
ID des fehlerhaften Prozesses: 0xb24
Startzeit der fehlerhaften Anwendung: 0xAcerPortal.exe0
Pfad der fehlerhaften Anwendung: AcerPortal.exe1
Pfad des fehlerhaften Moduls: AcerPortal.exe2
Berichtskennung: AcerPortal.exe3
Vollständiger Name des fehlerhaften Pakets: AcerPortal.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AcerPortal.exe5

Error: (04/14/2016 02:13:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AcerPortal.exe, Version: 3.0.4.2002, Zeitstempel: 0x54942c87
Name des fehlerhaften Moduls: SHELL32.dll, Version: 6.3.9600.18231, Zeitstempel: 0x56b8f1ef
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00218d0b
ID des fehlerhaften Prozesses: 0xcc8
Startzeit der fehlerhaften Anwendung: 0xAcerPortal.exe0
Pfad der fehlerhaften Anwendung: AcerPortal.exe1
Pfad des fehlerhaften Moduls: AcerPortal.exe2
Berichtskennung: AcerPortal.exe3
Vollständiger Name des fehlerhaften Pakets: AcerPortal.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AcerPortal.exe5

Error: (04/14/2016 10:40:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AcerPortal.exe, Version: 3.0.4.2002, Zeitstempel: 0x54942c87
Name des fehlerhaften Moduls: SHELL32.dll, Version: 6.3.9600.18231, Zeitstempel: 0x56b8f1ef
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00218d0b
ID des fehlerhaften Prozesses: 0xc5c
Startzeit der fehlerhaften Anwendung: 0xAcerPortal.exe0
Pfad der fehlerhaften Anwendung: AcerPortal.exe1
Pfad des fehlerhaften Moduls: AcerPortal.exe2
Berichtskennung: AcerPortal.exe3
Vollständiger Name des fehlerhaften Pakets: AcerPortal.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AcerPortal.exe5

Error: (04/13/2016 10:52:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AcerPortal.exe, Version: 3.0.4.2002, Zeitstempel: 0x54942c87
Name des fehlerhaften Moduls: SHELL32.dll, Version: 6.3.9600.18231, Zeitstempel: 0x56b8f1ef
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00218d0b
ID des fehlerhaften Prozesses: 0x588
Startzeit der fehlerhaften Anwendung: 0xAcerPortal.exe0
Pfad der fehlerhaften Anwendung: AcerPortal.exe1
Pfad des fehlerhaften Moduls: AcerPortal.exe2
Berichtskennung: AcerPortal.exe3
Vollständiger Name des fehlerhaften Pakets: AcerPortal.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AcerPortal.exe5


Systemfehler:
=============
Error: (04/15/2016 11:20:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Streamer Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/15/2016 11:20:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/15/2016 10:54:05 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎15.‎04.‎2016 um 19:58:27 unerwartet heruntergefahren.

Error: (04/15/2016 06:59:09 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Erkennung interaktiver Dienste" wurde mit folgendem Fehler beendet: 
%%1

Error: (04/15/2016 06:58:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee Boot Delay Start Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (04/15/2016 06:58:12 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst McAfee Boot Delay Start Service erreicht.

Error: (04/15/2016 03:58:27 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎15.‎04.‎2016 um 14:15:10 unerwartet heruntergefahren.

Error: (04/15/2016 02:16:53 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Erkennung interaktiver Dienste" wurde mit folgendem Fehler beendet: 
%%1

Error: (04/14/2016 05:31:58 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Gerätezuordnungsdienst" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056

Error: (04/14/2016 05:31:03 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Netzwerkverbindungsbroker" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4710HQ CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 27%
Installierter physikalischer RAM: 8115.27 MB
Verfügbarer physikalischer RAM: 5912.18 MB
Summe virtueller Speicher: 9395.27 MB
Verfügbarer virtueller Speicher: 6912.5 MB

==================== Laufwerke ================================

Drive c: (Acer) (Fixed) (Total:118.43 GB) (Free:42.43 GB) NTFS
Drive d: (DATA) (Fixed) (Total:915.93 GB) (Free:879.1 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: FD2DE1CF)

Partition: GPT.

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: FD2DE1DE)

Partition: GPT.

==================== Ende von Addition.txt ============================

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:13-04-2016
durchgeführt von Evan (Administrator) auf EVANSPC (15-04-2016 23:25:14)
Gestartet von C:\Users\Evan\Desktop
Geladene Profile: Evan (Verfügbare Profile: Evan)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\mcafee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.8.267.0\McCSPServiceHost.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-05-26] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387376 2014-05-13] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2685072 2015-05-01] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM-x32\...\Run: [BacKGround Agent] => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [62208 2014-12-19] (Acer Incorporated)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2011-03-09] (CyberLink)
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [136488 2012-06-14] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe [234000 2012-06-14] (CyberLink Corp.)
HKLM-x32\...\Run: [LGODDFU] => C:\Program Files (x86)\lg_fwupdate\lgfw.exe [27760 2012-07-12] (Bitleader)
HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [90880 2014-12-19] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595480 2016-03-20] (Oracle Corporation)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [220704 2016-04-05] (Geek Software GmbH)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2014-04-29] (Atheros Communications)
HKU\S-1-5-21-3016204580-1220623134-1212562069-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3013712 2015-12-14] (Valve Corporation)
HKU\S-1-5-21-3016204580-1220623134-1212562069-1001\...\Run: [AcerPortal] => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2480384 2014-12-19] (Acer)
HKU\S-1-5-21-3016204580-1220623134-1212562069-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50599552 2016-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-3016204580-1220623134-1212562069-1001\...\MountPoints2: {161cc7c0-a4ea-11e5-82fe-206a8ade63c7} - "E:\Startme.exe" 
HKU\S-1-5-21-3016204580-1220623134-1212562069-1001\...\MountPoints2: {238b1480-e510-11e4-8281-206a8ade63c7} - "E:\Startme.exe" 
HKU\S-1-5-21-3016204580-1220623134-1212562069-1001\...\MountPoints2: {7649c2b4-11a9-11e5-8286-206a8ade63c7} - "E:\Startme.exe" 
HKU\S-1-5-21-3016204580-1220623134-1212562069-1001\...\MountPoints2: {794acad2-9530-11e4-8274-3010b3063411} - "F:\Startme.exe" 
ShellIconOverlayIdentifiers: [ACloudSyncedRF] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll [2014-12-19] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ACloudSyncedSF] -> {5D5F18B7-D59B-4B18-A3E9-0A4BDCCCB699} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll [2014-12-19] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll [2014-12-19] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll [2014-12-19] (Acer Incorporated)
Startup: C:\Users\Evan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk [2014-10-29]
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog5 01 C:\Windows\SysWOW64\napinsp.dll [55296 2014-10-29] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\system32\napinsp.dll"
Winsock: Catalog5 02 C:\Windows\SysWOW64\pnrpnsp.dll [70144 2014-10-29] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\system32\pnrpnsp.dll"
Winsock: Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [70144 2014-10-29] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\system32\pnrpnsp.dll"
Winsock: Catalog5 04 C:\Windows\SysWOW64\NLAapi.dll [65536 2014-10-29] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [286208 2014-10-29] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [23040 2014-10-29] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\System32\winrnr.dll"
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{95491AA6-1613-4636-9E91-37E128AD2C1D}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{D6FBC128-646D-4B1B-8334-D7C9A6BB9864}: [DhcpNameServer] 10.57.1.1
Tcpip\..\Interfaces\{F757B5CF-AD94-48D2-ABC6-7FE01E11C386}: [DhcpNameServer] 134.99.128.5

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3016204580-1220623134-1212562069-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3016204580-1220623134-1212562069-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3016204580-1220623134-1212562069-1001 -> DefaultScope {3F2B611F-5109-4879-B3FD-0315455AAE2D} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=C011DE0D20141025&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3016204580-1220623134-1212562069-1001 -> {3F2B611F-5109-4879-B3FD-0315455AAE2D} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=C011DE0D20141025&p={searchTerms}
BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-03-28] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-03-28] (Oracle Corporation)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-04-12] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-04-12] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-04-12] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-04-12] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\MSC\McSnIePl64.dll [2016-03-03] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2016-03-03] (McAfee, Inc.)

FireFox:
========
FF ProfilePath: C:\Users\Evan\AppData\Roaming\Mozilla\Firefox\Profiles\dl78uy9u.default
FF DefaultSearchEngine: Sichere Suche
FF SearchEngineOrder.1: Sichere Suche
FF SelectedSearchEngine: Sichere Suche
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-07] ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2016-03-03] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-07] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-13] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-13] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-08-26] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-02-19] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-02-19] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-03-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-03-28] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2016-03-03] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3016204580-1220623134-1212562069-1001: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2015-05-29] (Sony Network Entertainment International LLC)
FF SearchPlugin: C:\Users\Evan\AppData\Roaming\Mozilla\Firefox\Profiles\dl78uy9u.default\searchplugins\google-images.xml [2014-12-06]
FF SearchPlugin: C:\Users\Evan\AppData\Roaming\Mozilla\Firefox\Profiles\dl78uy9u.default\searchplugins\google-maps.xml [2014-12-06]
FF SearchPlugin: C:\Users\Evan\AppData\Roaming\Mozilla\Firefox\Profiles\dl78uy9u.default\searchplugins\McSiteAdvisor.xml [2016-03-19]
FF Extension: McAfee WebAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2015-12-29]
FF Extension: Adblock Plus - C:\Users\Evan\AppData\Roaming\Mozilla\Firefox\Profiles\dl78uy9u.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-24]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2016-02-19] [ist nicht signiert]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-04-13]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-04-13]
CHR HKLM-x32\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files (x86)\Sony\Media Go\MediaGoDetector.crx" <nicht gefunden>

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [319104 2014-04-29] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert]
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2713856 2014-12-19] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-06-12] (Acer Incorporated)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-01] (NVIDIA Corporation)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315352 2014-06-16] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-02-19] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-02-19] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [466664 2014-06-10] (Acer Incorporate)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [163592 2016-04-12] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [863448 2016-03-03] (McAfee, Inc.)
R2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.8.267.0\McCSPServiceHost.exe [1696712 2016-02-23] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [681680 2016-02-26] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [234192 2015-11-18] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [380896 2016-01-21] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [275368 2015-11-18] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1884304 2015-05-01] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22997648 2015-05-01] (NVIDIA Corporation)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [157487 2015-09-04] (The OpenVPN Project) [Datei ist nicht signiert]
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [896456 2016-03-02] (Intel Security, Inc.)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-06-26] (Acer Incorporate)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [233216 2014-06-23] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3893248 2014-04-02] (Qualcomm Atheros Communications, Inc.)
S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-04-29] (Qualcomm Atheros)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [79248 2015-11-25] (McAfee, Inc.)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 dsNcAdpt; C:\Windows\system32\DRIVERS\dsNcAdpt.sys [36816 2014-04-10] (Juniper Networks) [Datei ist nicht signiert]
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 ggsomc; C:\Windows\System32\drivers\ggsomc.sys [30424 2015-07-09] (Sony Mobile Communications)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [207208 2015-05-19] (McAfee, Inc.)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [116736 2014-02-19] (Intel Corporation)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [419624 2015-11-25] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [351144 2015-11-25] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [83096 2015-11-25] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [496368 2015-11-25] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [846080 2015-11-25] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [539496 2015-11-20] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [109480 2015-11-20] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [45728 2016-03-15] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [245096 2015-11-25] (McAfee, Inc.)
S1 ndisrd; C:\Windows\system32\DRIVERS\ndisrfl.sys [41688 2014-10-30] (Intel Corporation)
S3 NetTap630; C:\Windows\system32\DRIVERS\nettap630.sys [67800 2014-10-30] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-01] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 mfeaack01; \Device\mfeaack01.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-15 23:21 - 2016-04-15 23:21 - 00001007 _____ C:\Users\Evan\Desktop\JRT.txt
2016-04-15 23:19 - 2016-04-15 23:19 - 01610352 _____ (Malwarebytes) C:\Users\Evan\Desktop\JRT.exe
2016-04-15 18:58 - 2016-04-15 18:58 - 00004020 _____ C:\Windows\System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse
2016-04-14 01:31 - 2016-04-14 01:31 - 00039366 _____ C:\Users\Evan\Desktop\6000000239-Bildungskredit-173-Informationen-zum-Kreditvertrag.pdf
2016-04-14 01:31 - 2016-04-14 01:31 - 00038051 _____ C:\Users\Evan\Desktop\6000002670-Nutzungsbedingungen-für-das-KfW-Online-Banking.pdf
2016-04-14 01:31 - 2016-04-14 01:31 - 00030122 _____ C:\Users\Evan\Desktop\6000002174-Informationen-zur-Vermeidung-der-Überschuldung.pdf
2016-04-14 01:23 - 2016-04-14 01:23 - 01421822 _____ C:\Users\Evan\Desktop\6000001455-Vereinbarung-Online-Banking.pdf
2016-04-13 23:02 - 2016-04-13 23:13 - 00251776 _____ C:\TDSSKiller.3.1.0.9_13.04.2016_23.02.57_log.txt
2016-04-13 23:02 - 2016-04-13 23:02 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Evan\Desktop\tdsskiller.exe
2016-04-13 22:57 - 2016-04-15 23:25 - 00023411 _____ C:\Users\Evan\Desktop\FRST.txt
2016-04-13 22:57 - 2016-04-13 22:58 - 00048755 _____ C:\Users\Evan\Desktop\Addition.txt
2016-04-13 22:57 - 2016-04-13 22:58 - 00000000 ____D C:\Users\Evan\Desktop\Bewerbung
2016-04-13 22:56 - 2016-04-15 23:25 - 00000000 ____D C:\FRST
2016-04-13 22:56 - 2016-04-13 22:56 - 02375168 _____ (Farbar) C:\Users\Evan\Desktop\FRST64.exe
2016-04-13 12:03 - 2016-02-02 20:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys
2016-04-13 12:02 - 2016-04-04 08:35 - 00046768 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-04-13 12:02 - 2016-04-02 15:26 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-04-13 12:02 - 2016-04-02 15:26 - 01169408 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-04-13 12:02 - 2016-03-31 02:54 - 25817600 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-04-13 12:02 - 2016-03-31 02:31 - 02892800 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-04-13 12:02 - 2016-03-31 02:28 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-04-13 12:02 - 2016-03-31 02:25 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-04-13 12:02 - 2016-03-31 02:17 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-04-13 12:02 - 2016-03-31 02:03 - 20352512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-04-13 12:02 - 2016-03-31 01:56 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2016-04-13 12:02 - 2016-03-31 01:56 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-04-13 12:02 - 2016-03-31 01:55 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-04-13 12:02 - 2016-03-31 01:53 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-04-13 12:02 - 2016-03-31 01:51 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-04-13 12:02 - 2016-03-31 01:50 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-04-13 12:02 - 2016-03-31 01:45 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-04-13 12:02 - 2016-03-31 01:45 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-04-13 12:02 - 2016-03-31 01:43 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-04-13 12:02 - 2016-03-31 01:43 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-04-13 12:02 - 2016-03-31 01:43 - 00379392 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-04-13 12:02 - 2016-03-31 01:42 - 02131968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-04-13 12:02 - 2016-03-31 01:39 - 15415808 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-04-13 12:02 - 2016-03-31 01:30 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-04-13 12:02 - 2016-03-31 01:30 - 02596864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-04-13 12:02 - 2016-03-31 01:30 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-04-13 12:02 - 2016-03-31 01:30 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2016-04-13 12:02 - 2016-03-31 01:27 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-04-13 12:02 - 2016-03-31 01:24 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-04-13 12:02 - 2016-03-31 01:23 - 02056192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-04-13 12:02 - 2016-03-31 01:23 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-04-13 12:02 - 2016-03-31 01:23 - 00330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-04-13 12:02 - 2016-03-31 01:21 - 13811712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-04-13 12:02 - 2016-03-31 01:18 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-04-13 12:02 - 2016-03-31 01:06 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-04-13 12:02 - 2016-03-31 01:05 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-04-13 12:02 - 2016-03-31 01:02 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-04-13 12:02 - 2016-03-31 01:00 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-04-13 12:02 - 2016-03-29 16:05 - 04175872 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-04-13 12:02 - 2016-03-28 15:21 - 00698368 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-04-13 12:02 - 2016-03-28 15:21 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-04-13 12:02 - 2016-03-28 15:21 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-04-13 12:02 - 2016-03-28 15:21 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-04-13 12:02 - 2016-03-28 15:21 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-04-13 12:02 - 2016-03-16 01:00 - 00561952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-04-13 12:02 - 2016-03-15 16:14 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-04-13 12:02 - 2016-03-11 16:48 - 00833024 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2016-04-13 12:02 - 2016-03-10 21:19 - 07452512 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-04-13 12:02 - 2016-03-10 21:17 - 01663192 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-04-13 12:02 - 2016-03-10 21:17 - 01523216 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-04-13 12:02 - 2016-03-10 21:17 - 01490128 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-04-13 12:02 - 2016-03-10 21:17 - 01358960 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2016-04-13 12:02 - 2016-03-10 21:17 - 01133752 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-04-13 12:02 - 2016-03-10 20:22 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-04-13 12:02 - 2016-03-10 20:21 - 00401920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-04-13 12:02 - 2016-03-10 20:20 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-04-13 12:02 - 2016-03-10 19:48 - 00862720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-04-13 12:02 - 2016-03-10 19:44 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-04-13 12:02 - 2016-03-10 19:43 - 00161280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-04-13 12:02 - 2016-03-10 19:16 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-04-13 12:02 - 2016-03-10 19:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2016-04-13 12:02 - 2016-03-10 18:55 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-04-13 12:02 - 2016-03-10 18:48 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2016-04-13 12:02 - 2016-03-10 18:42 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-04-13 12:02 - 2016-03-03 18:47 - 02345472 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2016-04-13 12:02 - 2016-03-03 18:33 - 01556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2016-04-13 12:02 - 2016-03-03 18:13 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2016-04-13 12:02 - 2016-03-03 03:39 - 01661576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-04-13 12:02 - 2016-03-03 03:39 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-04-13 12:02 - 2016-02-09 03:31 - 22365472 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-04-13 12:02 - 2016-02-09 03:31 - 19794896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-04-13 12:02 - 2016-02-09 03:31 - 02757616 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-04-13 12:02 - 2016-02-09 03:31 - 02412576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-04-13 12:02 - 2016-02-09 03:31 - 00273264 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2016-04-13 12:02 - 2016-02-08 22:55 - 02712576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-04-13 12:02 - 2016-02-08 22:15 - 02551808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themecpl.dll
2016-04-13 12:02 - 2016-02-08 22:02 - 01197056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2016-04-13 12:02 - 2016-02-08 21:48 - 12879360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2016-04-13 12:02 - 2016-02-08 21:43 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2016-04-13 12:02 - 2016-02-08 21:40 - 00539648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hgcpl.dll
2016-04-13 12:02 - 2016-02-08 21:39 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2016-04-13 12:02 - 2016-02-08 21:37 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingMonitor.dll
2016-04-13 12:02 - 2016-02-08 21:35 - 00954880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2016-04-13 12:02 - 2016-02-08 21:34 - 00667648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
2016-04-13 12:02 - 2016-02-08 21:33 - 00520192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2016-04-13 12:02 - 2016-02-08 20:50 - 03120640 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-04-13 12:02 - 2016-02-08 19:55 - 02592256 _____ (Microsoft Corporation) C:\Windows\system32\themecpl.dll
2016-04-13 12:02 - 2016-02-08 19:33 - 01278464 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2016-04-13 12:02 - 2016-02-08 19:12 - 14466560 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2016-04-13 12:02 - 2016-02-08 19:02 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2016-04-13 12:02 - 2016-02-08 19:00 - 00599552 _____ (Microsoft Corporation) C:\Windows\system32\hgcpl.dll
2016-04-13 12:02 - 2016-02-08 18:58 - 00336384 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2016-04-13 12:02 - 2016-02-08 18:55 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\SettingMonitor.dll
2016-04-13 12:02 - 2016-02-08 18:53 - 02171904 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll
2016-04-13 12:02 - 2016-02-08 18:53 - 01348096 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2016-04-13 12:02 - 2016-02-08 18:50 - 01220096 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2016-04-13 12:02 - 2016-02-08 18:50 - 00841728 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll
2016-04-13 12:02 - 2016-02-08 18:48 - 00655872 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2016-04-13 12:02 - 2016-02-08 18:47 - 02819584 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2016-04-13 12:02 - 2016-02-08 18:44 - 00955392 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2016-04-13 12:02 - 2016-02-07 01:05 - 00551256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2016-04-13 12:02 - 2016-02-07 00:41 - 00316760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2016-04-13 12:02 - 2016-02-05 21:07 - 00378712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2016-04-13 12:02 - 2016-02-05 17:11 - 00845312 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2016-04-13 12:02 - 2016-02-05 17:11 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2016-04-13 12:02 - 2016-02-05 17:07 - 00272384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2016-04-13 12:02 - 2016-02-05 17:02 - 01083904 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2016-04-13 12:02 - 2016-02-05 16:46 - 01455104 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2016-04-13 12:02 - 2016-02-04 20:07 - 00222720 _____ (Microsoft Corporation) C:\Windows\system32\dhcpsapi.dll
2016-04-13 12:02 - 2016-02-04 19:35 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpsapi.dll
2016-04-13 12:02 - 2016-02-04 18:23 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2016-04-13 12:02 - 2016-02-04 18:22 - 00561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2016-04-13 12:02 - 2016-02-03 17:14 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2016-04-13 12:02 - 2016-02-03 17:11 - 01673728 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2016-04-13 12:02 - 2016-02-02 19:51 - 00162304 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2016-04-13 12:02 - 2016-02-02 19:19 - 00144384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2016-04-13 12:02 - 2016-02-02 19:18 - 01574912 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe
2016-04-13 12:02 - 2016-02-02 19:15 - 00787456 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
2016-04-13 12:02 - 2016-02-02 19:01 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\WsmAgent.dll
2016-04-13 12:02 - 2016-02-02 18:51 - 02609152 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2016-04-13 12:02 - 2016-02-02 18:48 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2016-04-13 12:02 - 2016-02-02 18:46 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAgent.dll
2016-04-13 12:02 - 2016-02-02 18:41 - 02170880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2016-04-13 12:02 - 2016-02-02 18:39 - 00236032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2016-04-13 12:02 - 2016-01-31 19:17 - 00779264 _____ (Microsoft Corporation) C:\Windows\system32\WindowsAnytimeUpgradeui.exe
2016-04-13 12:02 - 2016-01-27 17:18 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2016-04-13 12:02 - 2016-01-26 21:15 - 00072024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vpci.sys
2016-04-13 12:02 - 2016-01-22 07:22 - 02487296 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2016-04-13 12:02 - 2016-01-22 07:11 - 01482240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2016-04-13 12:02 - 2016-01-21 21:35 - 00952928 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2016-04-13 12:02 - 2016-01-21 20:42 - 00786152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2016-04-13 12:02 - 2016-01-21 00:40 - 00099672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2016-04-13 12:02 - 2014-11-08 04:38 - 00166912 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2016-04-13 12:02 - 2014-11-08 04:17 - 00143360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2016-04-12 10:10 - 2016-04-12 10:10 - 48271149 _____ C:\Users\Evan\Desktop\bok%3A978-3-322-90755-4.pdf
2016-04-12 10:10 - 2016-04-12 10:10 - 00266088 _____ C:\Users\Evan\Desktop\20070914_Rossa-Sladek_Markenerfolg.pdf
2016-04-12 10:04 - 2016-04-12 10:06 - 00426261 _____ C:\Users\Evan\Desktop\LiM-AP-17-Markenprofilierung-durch-Branchen.pdf
2016-04-12 10:01 - 2016-04-12 10:01 - 27081437 _____ C:\Users\Evan\Desktop\Viele Untmarken werden kombiniert - Branchenimages.pdf
2016-04-12 09:48 - 2016-04-12 14:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-04-12 09:26 - 2016-04-12 09:26 - 00150761 _____ C:\Users\Evan\Desktop\0fcfd50c059b6ed8c6000000.pdf
2016-04-11 19:16 - 2016-04-15 22:53 - 00003846 _____ C:\Windows\System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse
2016-04-07 00:11 - 2016-04-07 00:11 - 00016896 ___SH C:\Users\Evan\Thumbs.db
2016-04-06 17:06 - 2016-04-06 17:06 - 00001064 _____ C:\Users\Public\Desktop\PDF24.lnk
2016-04-06 17:06 - 2016-04-06 17:06 - 00000000 ____D C:\Users\Evan\AppData\Local\PDF24
2016-04-06 17:06 - 2016-04-06 17:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2016-04-06 17:06 - 2016-04-06 17:06 - 00000000 ____D C:\Program Files (x86)\PDF24
2016-04-06 17:02 - 2016-04-06 17:02 - 00000000 ____D C:\Program Files\PDFCreator
2016-04-01 10:46 - 2016-04-01 11:09 - 00000000 ____D C:\Users\Evan\AppData\Roaming\PDF Architect 4
2016-04-01 10:45 - 2016-04-01 11:10 - 00000000 ____D C:\Program Files\PDF Architect 4
2016-04-01 10:44 - 2016-04-01 11:16 - 00000000 ____D C:\ProgramData\PDF Architect 4
2016-03-31 18:44 - 2016-03-31 18:44 - 35242143 _____ C:\Users\Evan\Desktop\Masterarbeit Literatur.zip
2016-03-31 18:36 - 2016-04-07 00:13 - 00000000 ____D C:\Users\Evan\Desktop\Scanbot

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-15 23:24 - 2014-10-25 03:55 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3016204580-1220623134-1212562069-1001
2016-04-15 23:18 - 2014-10-25 17:09 - 00000000 ____D C:\Users\Evan\AppData\Roaming\ClassicShell
2016-04-15 23:17 - 2014-10-24 23:54 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-04-15 23:00 - 2014-08-25 18:17 - 00765582 _____ C:\Windows\system32\perfh007.dat
2016-04-15 23:00 - 2014-08-25 18:17 - 00159366 _____ C:\Windows\system32\perfc007.dat
2016-04-15 23:00 - 2014-03-18 12:03 - 01776918 _____ C:\Windows\system32\PerfStringBackup.INI
2016-04-15 23:00 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2016-04-15 22:56 - 2014-10-25 05:43 - 00000000 ____D C:\Users\Evan\AppData\Local\CrashDumps
2016-04-15 22:54 - 2014-11-02 13:23 - 00000000 __RDO C:\Users\Evan\OneDrive
2016-04-15 22:54 - 2014-10-25 04:20 - 00000000 ____D C:\Program Files (x86)\McAfee
2016-04-15 22:54 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-15 18:58 - 2015-06-21 20:54 - 00000000 ____D C:\Windows\System32\Tasks\McAfee
2016-04-14 17:12 - 2014-10-25 03:49 - 00000000 ____D C:\Users\Evan
2016-04-14 15:22 - 2015-01-10 22:58 - 00000000 ____D C:\Users\Evan\AppData\Local\Battle.net
2016-04-14 14:11 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2016-04-14 01:31 - 2015-05-19 22:53 - 11681792 ___SH C:\Users\Evan\Desktop\Thumbs.db
2016-04-13 22:50 - 2013-08-22 16:44 - 00387328 _____ C:\Windows\system32\FNTCACHE.DAT
2016-04-13 16:29 - 2015-04-16 23:55 - 00000000 ____D C:\Windows\system32\appraiser
2016-04-13 16:29 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData
2016-04-13 16:29 - 2013-08-22 15:25 - 00524288 ___SH C:\Windows\system32\config\BBI
2016-04-13 15:54 - 2016-03-07 23:07 - 00010653 _____ C:\Users\Evan\Desktop\Notendurchschnitt.xlsx
2016-04-13 12:16 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2016-04-13 12:15 - 2014-10-28 01:15 - 00000000 ____D C:\Windows\system32\MRT
2016-04-13 12:12 - 2014-10-28 01:15 - 135176864 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-04-13 12:01 - 2016-01-14 10:59 - 00177488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-04-13 12:00 - 2016-03-10 00:11 - 01737080 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-04-13 12:00 - 2016-03-10 00:11 - 01501488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-04-13 12:00 - 2016-03-10 00:11 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2016-04-12 14:54 - 2015-04-14 19:34 - 00000000 ____D C:\Users\Evan\AppData\Roaming\vlc
2016-04-12 14:45 - 2014-10-25 05:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-04-09 10:19 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2016-04-07 23:17 - 2014-10-24 23:54 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-04-07 09:05 - 2014-07-14 19:58 - 00000000 ____D C:\ProgramData\McAfee
2016-04-05 23:53 - 2015-03-13 10:25 - 00829944 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-04-05 23:53 - 2015-03-13 10:25 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-04-03 13:16 - 2015-11-03 22:01 - 00000000 ____D C:\Users\Evan\Documents\Youcam
2016-04-03 13:16 - 2015-05-13 20:19 - 00000000 ____D C:\Users\Evan\AppData\Roaming\Skype
2016-04-01 10:44 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\FxsTmp
2016-03-29 19:14 - 2016-02-16 23:59 - 00000000 ____D C:\Users\Evan\Desktop\Aunahmen von smartvpic
2016-03-28 15:11 - 2014-10-25 03:49 - 00000000 ____D C:\Users\Evan\AppData\Local\Packages
2016-03-28 10:43 - 2014-11-03 21:59 - 00000000 ____D C:\ProgramData\Oracle
2016-03-28 10:41 - 2015-08-21 19:59 - 00000000 ____D C:\Users\Evan\.oracle_jre_usage
2016-03-28 10:41 - 2015-07-10 00:54 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-03-28 10:41 - 2015-07-10 00:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-03-28 10:41 - 2015-07-10 00:54 - 00000000 ____D C:\Program Files (x86)\Java
2016-03-27 15:39 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-03-24 13:34 - 2014-11-04 00:48 - 00000000 ____D C:\Program Files (x86)\Steam
2016-03-23 20:39 - 2015-04-04 23:38 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-03-23 20:39 - 2015-04-04 23:38 - 00000000 ___SD C:\Windows\system32\GWX

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-11-18 18:51 - 2004-01-26 18:15 - 0233472 ____R () C:\Users\Evan\AppData\Roaming\MafiaSetup.exe
2015-11-11 17:39 - 2015-11-11 17:39 - 0003398 _____ () C:\Users\Evan\AppData\Local\HWVendorDetection.log
2014-08-25 08:42 - 2014-08-25 08:42 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
C:\Users\Evan\AppData\Local\Temp\dsNCInst64.exe
C:\Users\Evan\AppData\Local\Temp\Foxit PhantomPDF Updater.exe
C:\Users\Evan\AppData\Local\Temp\Intel_Technology_Access_Software.exe
C:\Users\Evan\AppData\Local\Temp\jre-8u65-windows-au.exe
C:\Users\Evan\AppData\Local\Temp\jre-8u66-windows-au.exe
C:\Users\Evan\AppData\Local\Temp\jre-8u71-windows-au.exe
C:\Users\Evan\AppData\Local\Temp\jre-8u73-windows-au.exe
C:\Users\Evan\AppData\Local\Temp\jre-8u77-windows-au.exe
C:\Users\Evan\AppData\Local\Temp\oct1AB8.tmp.exe
C:\Users\Evan\AppData\Local\Temp\oct1DA1.tmp.exe
C:\Users\Evan\AppData\Local\Temp\oct1DDF.tmp.exe
C:\Users\Evan\AppData\Local\Temp\oct2083.tmp.exe
C:\Users\Evan\AppData\Local\Temp\oct284B.tmp.exe
C:\Users\Evan\AppData\Local\Temp\oct2A1A.tmp.exe
C:\Users\Evan\AppData\Local\Temp\oct409F.tmp.exe
C:\Users\Evan\AppData\Local\Temp\oct4AB3.tmp.exe
C:\Users\Evan\AppData\Local\Temp\oct5070.tmp.exe
C:\Users\Evan\AppData\Local\Temp\oct5C8F.tmp.exe
C:\Users\Evan\AppData\Local\Temp\oct5F1E.tmp.exe
C:\Users\Evan\AppData\Local\Temp\oct635A.tmp.exe
C:\Users\Evan\AppData\Local\Temp\oct660B.tmp.exe
C:\Users\Evan\AppData\Local\Temp\oct720A.tmp.exe
C:\Users\Evan\AppData\Local\Temp\oct74BB.tmp.exe
C:\Users\Evan\AppData\Local\Temp\oct807.tmp.exe
C:\Users\Evan\AppData\Local\Temp\oct8F66.tmp.exe
C:\Users\Evan\AppData\Local\Temp\oct9282.tmp.exe
C:\Users\Evan\AppData\Local\Temp\oct95DE.tmp.exe
C:\Users\Evan\AppData\Local\Temp\oct98A.tmp.exe
C:\Users\Evan\AppData\Local\Temp\octA12B.tmp.exe
C:\Users\Evan\AppData\Local\Temp\octB623.tmp.exe
C:\Users\Evan\AppData\Local\Temp\octC0D8.tmp.exe
C:\Users\Evan\AppData\Local\Temp\octC743.tmp.exe
C:\Users\Evan\AppData\Local\Temp\octDB2D.tmp.exe
C:\Users\Evan\AppData\Local\Temp\octE219.tmp.exe
C:\Users\Evan\AppData\Local\Temp\octE4EC.tmp.exe
C:\Users\Evan\AppData\Local\Temp\octF4BB.tmp.exe
C:\Users\Evan\AppData\Local\Temp\octF5CC.tmp.exe
C:\Users\Evan\AppData\Local\Temp\ose00000.exe
C:\Users\Evan\AppData\Local\Temp\SIntf16.dll
C:\Users\Evan\AppData\Local\Temp\SIntf32.dll
C:\Users\Evan\AppData\Local\Temp\SIntfNT.dll
C:\Users\Evan\AppData\Local\Temp\ytb.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-04-10 12:28

==================== Ende von FRST.txt ============================

M-K-D-B · 16.04.2016, 15:54

Servus,

Schritt 2 kann länger dauern...

Schritt 1
Bitte setze deine Brower wie folgt zurück:
IE :::
Setze folgendermassen den Internet Explorer zurück:

Öffne den Internet Explorer und gehe zu Extras -> Internetoptionen.
Klicke in der Registerkarte Erweitert unter "Internet Explorer-Einstellungen zurücksetzen" auf Zurücksetzen...
Klicke im Dialogfeld "Internet Explorer-Einstellungen zurücksetzen" zum Bestätigen auf Zurücksetzen.

(Hier findest du die bebilderte Anleitung.)

FF :::
setze bitte Firefox wie folgt zurück:
Firefox zurücksetzen

Schritt 2

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Schritt 3
Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.

Starte die HitmanPro.exe
Klicke auf
Entferne den Haken bei
Klicke auf
und
Akzeptiere die Lizenzbedingungen und klicke auf
Klicke auf

und auf
Wenn der Scan beendet wurde, nichts löschen lassen etc. sondern wähle unten links auf der Button-Leiste
und speichere die Logdatei auf Deinem Desktop.
Schließe HitmanPro und poste mir das Log.

Schritt 4

Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Untersuchen.
FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Gibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?

Bitte poste mit deiner nächsten Antwort

die Logdatei von ESET,
die Logdatei von HitmanPro,
die beiden neuen Logdateien von FRST,
die Beantwortung der gestellten Fragen.

Waffelprinz · 16.04.2016, 22:02

2. Schritt Eset Online Scanner hat 5 mögliche Bedrohungen gefunden, daher werde ich ihn noch nicht deinstallieren:

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=7653c24bc205ce47a7f050cdb7158800
# end=init
# utc_time=2016-04-16 08:00:17
# local_time=2016-04-16 10:00:17 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT 
Update Init
Update Download
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=53251
Update Finalize
Updated modules version: 29101
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=7653c24bc205ce47a7f050cdb7158800
# end=updated
# utc_time=2016-04-16 08:02:54
# local_time=2016-04-16 10:02:54 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT 
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=7653c24bc205ce47a7f050cdb7158800
# engine=29101
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-04-16 08:51:43
# local_time=2016-04-16 10:51:43 (+0100, Mitteleuropäische Sommaerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1='*McAfee*'
# compatibility_mode=5133 16777214 100 100 2544094 53945615 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 21421542 65656671 0 0
# scanned=285169
# found=5
# cleaned=0
# scan_time=2928
sh=552464E3A61B57248E7ABBB9E78047923105E150 ft=1 fh=8e19f37ab9b5e3fe vn="Win32/InstallMonetizer.AQ evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\$Recycle.Bin\S-1-5-21-3016204580-1220623134-1212562069-1001\$R05YLF8.exe"
sh=552464E3A61B57248E7ABBB9E78047923105E150 ft=1 fh=8e19f37ab9b5e3fe vn="Win32/InstallMonetizer.AQ evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\$Recycle.Bin\S-1-5-21-3016204580-1220623134-1212562069-1001\$RK5C3QQ.exe"
sh=A987BEA490D1CEE43B5BFA002556E9F6008064CF ft=1 fh=fe02740a9b0d4829 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\$Recycle.Bin\S-1-5-21-3016204580-1220623134-1212562069-1001\$RUULTVA.exe"
sh=736456E1D3F5F9C9B32F04712F38E421F2CD5C2F ft=1 fh=0acb5580d2125f34 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\$Recycle.Bin\S-1-5-21-3016204580-1220623134-1212562069-1001\$RZAZP8M.exe"
sh=C1C66AA7FFD537DF1720DD63E3BE4E009B0793F2 ft=1 fh=c25b5c4dff3942af vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\Evan\AppData\Local\Temp\DMR\dmr_72.exe"

3. Schritt Hitman Pro hat nur FRST gefunden:

Code:

ATTFilter

HitmanPro 3.7.13.258
www.hitmanpro.com

   Computer name . . . . : EVANSPC
   Windows . . . . . . . : 6.3.0.9600.X64/8
   User name . . . . . . : EVANSPC\Evan
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free

   Scan date . . . . . . : 2016-04-16 23:04:44
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 1m 25s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 0
   Traces  . . . . . . . : 1

   Objects scanned . . . : 1.854.016
   Files scanned . . . . : 45.916
   Remnants scanned  . . : 514.190 files / 1.293.910 keys

Suspicious files ____________________________________________________________

   C:\Users\Evan\Desktop\FRST64.exe
      Size . . . . . . . : 2.375.168 bytes
      Age  . . . . . . . : 3.0 days (2016-04-13 22:56:06)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 8C35AA2C44A635477E241F015D971FF09BAC1A17C782CDCD303C592BB6993F17
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.

Schritt 4 FRST:

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:13-04-2016
durchgeführt von Evan (2016-04-16 23:09:54)
Gestartet von C:\Users\Evan\Desktop
Windows 8.1 (X64) (2014-10-25 01:49:25)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3016204580-1220623134-1212562069-500 - Administrator - Disabled)
Evan (S-1-5-21-3016204580-1220623134-1212562069-1001 - Administrator - Enabled) => C:\Users\Evan
Gast (S-1-5-21-3016204580-1220623134-1212562069-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3016204580-1220623134-1212562069-1003 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee Anti-Virus und Anti-Spyware (Disabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus und Anti-Spyware (Disabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.34 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0934-000001000000}) (Version: 9.34.00.0 - Igor Pavlov)
abDocs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.05.2005 - Acer Incorporated)
abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.01.2006 - Acer Incorporated)
abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.00.3002 - Acer Incorporated)
abMedia (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.06.2001.3 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.01.2005.1 - Acer Incorporated)
Acer Care Center (HKLM\...\{A424844F-CDB3-45E2-BB77-1DDE4A091E76}) (Version: 1.00.3013 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8107 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.04.2002 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8105 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3016.0 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8108 - Acer Incorporated)
Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.02.3004 - Acer Incorporated)
Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.02.3004 - Acer Incorporated)
Acer Video Player (HKLM-x32\...\{B6846F20-4821-11E3-8F96-0800200C9A66}) (Version: 1.00.2005.0 - Acer Incorporated)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.04.2001.2 - Acer Incorporated)
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Chaos on Deponia (HKLM-x32\...\Steam App 220740) (Version:  - Daedalic Entertainment)
Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version:  - Colossal Order Ltd.)
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4917 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.4220 - CyberLink Corp.)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.6.3.1 - Dolby Laboratories Inc)
EAX Unified (HKLM-x32\...\EAX Unified) (Version:  - )
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Foxit PhantomPDF (HKLM-x32\...\{F74C595C-BEF2-4AF9-9C4E-68F3CD509C4D}) (Version: 6.0.122.807 - Foxit Corporation)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.0.1168 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3643 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.20 - Intel(R) Corporation) Hidden
Java 8 Update 77 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation)
LG ODD Auto Firmware Update (HKLM-x32\...\{6179550A-3E7C-499E-BCC9-9E8113E0A285}) (Version: 10.01.0712.01 - )
McAfee Internet Security (HKLM-x32\...\MSC) (Version: 14.0.7086 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.187 - McAfee, Inc.)
Media Go (HKLM-x32\...\{1CBCA994-0290-49AD-98D3-9013A0F102E6}) (Version: 2.9.406 - Sony)
Media Go Network Downloader (HKLM-x32\...\{C52148B9-19E0-433A-9422-3451B1BEE20F}) (Version: 1.6.01.0 - Sony)
Media Go Video Playback Engine 2.16.108.12020 (HKLM-x32\...\{D4E76014-8D95-87D9-991F-287823C60736}) (Version: 2.16.108.12020 - Sony)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d491dd9d-2eda-4d75-b504-1a201436e7fd}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 45.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 45.0.2 (x86 de)) (Version: 45.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.2.5941 - Mozilla)
MSI Afterburner 4.1.0 (HKLM-x32\...\Afterburner) (Version: 4.1.0 - MSI Co., LTD)
NVIDIA GeForce Experience 2.4.3.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.3.22 - NVIDIA Corporation)
NVIDIA Grafiktreiber 355.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 355.82 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Oddworld: New 'n' Tasty (HKLM-x32\...\Steam App 314660) (Version:  - Just Add Water (Developments), Ltd.)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenVPN 2.3.8-I001 (HKLM\...\OpenVPN) (Version: 2.3.8-I001 - )
PDF24 Creator 7.7.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.140.248 - Google, Inc.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.322 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.33 - Qualcomm Atheros)
R for Windows 3.1.1 (HKLM\...\R for Windows 3.1.1_is1) (Version: 3.1.1 - R Core Team)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.39059 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.32.508.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7260 - Realtek Semiconductor Corp.)
Risen 3 - Titan Lords (HKLM-x32\...\{383CAA4A-9B72-4DE9-9B0F-780C49682780}) (Version: 1.00 - Deep Silver)
RivaTuner Statistics Server 6.3.0 (HKLM-x32\...\RTSS) (Version: 6.3.0 - Unwinder)
RStudio (HKLM-x32\...\RStudio) (Version: 0.98.1083 - RStudio)
SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.3.22 - NVIDIA Corporation) Hidden
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
Sony Mobile Update Engine (HKLM-x32\...\Update Engine) (Version: 2.15.9.201506301709 - Sony Mobile Communications Inc.)
Sony PC Companion 2.10.303 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.303 - Sony)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TAP-Windows 9.21.1 (HKLM\...\TAP-Windows) (Version: 9.21.1 - )
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Witcher 2 Enhanced Edition Version 3.0 (HKLM-x32\...\The Witcher 2 Enhanced Edition_is1) (Version: 3.0 - CD Projekt RED)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
YouCam (x32 Version: 3.1.5324 - CyberLink Corp.) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0438DFF0-087E-4496-9B88-67D380E0F6CE} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe [2014-04-07] (Dolby Laboratories Inc.)
Task: {07DEE563-5E50-4148-9BC8-55988743C300} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2014-06-12] (Acer Incorporated)
Task: {1FEFC4E0-B7B2-425D-BCEF-76E5C3560E8D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {347AD871-9362-41DB-91E0-3130B131103B} - System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\54.0\mcdatrep.exe [2016-02-17] (McAfee, Inc.)
Task: {36D7D685-B157-4744-9710-3EDF83312862} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2014-12-19] (Acer)
Task: {42D56C32-96DF-4A0A-BF74-A54D2CB05AE8} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2014-06-17] (Acer Incorporated)
Task: {47195450-19DF-4ED5-838C-16A2FD1815CC} - System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\54.0\mcdatrep.exe [2016-02-17] (McAfee, Inc.)
Task: {5D252230-B5E3-4B3B-95ED-9FDAF6CC0299} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-04-13] (Microsoft Corporation)
Task: {72391D67-EAD5-4D09-9EF5-CEB535ADC0E3} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {82ACFCD7-B393-4BE3-9DB2-19497D6BD98F} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {8DCEB907-538B-41A2-9C19-A1D03B399A10} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-12] (TODO: <Company name>)
Task: {8EA9FAED-585E-44C9-A704-1E3BDD4EEA40} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {933E147E-9055-42AA-B205-42FBBAFB33A9} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {9A0330DC-EC17-464C-AE13-44A5AA332DC5} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2014-06-09] (Acer Incorporated)
Task: {9BB1D16C-2C31-48CA-9586-9818EF4E017C} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-06-14] (CyberLink)
Task: {C5D87C08-83ED-42A3-A3F9-766658EABB44} - System32\Tasks\{94946F91-F176-4403-A8FA-4FAC39AE0EE0} => pcalua.exe -a D:\Mafia\Game.exe -d D:\Mafia\
Task: {D6516972-5F11-4F87-A9A2-20357952739A} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {DF01C272-D0A3-49FB-B4E8-EF171DE25346} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {EEF607C6-130D-4846-ABE6-E28493E41F67} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2014-08-29] ()
Task: {F2009D4F-13DC-490D-BEBC-26506D69C0C8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-07] (Adobe Systems Incorporated)
Task: {FA7CC1C1-21C4-4C41-8926-88EC274D1C2F} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2014-06-10] (Acer Incorporate)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-09-09 13:53 - 2015-08-25 16:24 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-08-25 09:03 - 2012-04-24 12:43 - 00254512 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2014-04-07 16:13 - 2014-04-07 16:13 - 00052096 _____ () C:\Program Files\Dolby Digital Plus\Dolby.DDP.Controls_Desktop.dll
2014-04-29 02:38 - 2014-04-29 02:38 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2014-04-29 02:35 - 2014-04-29 02:35 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2014-04-29 02:42 - 2014-04-29 02:42 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2014-12-19 22:59 - 2014-12-19 22:59 - 00090880 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
2014-12-19 22:59 - 2014-12-19 22:59 - 00089344 _____ () C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
2015-05-18 16:38 - 2015-05-01 18:52 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2014-12-19 22:48 - 2014-12-19 22:48 - 00203008 _____ () C:\Program Files (x86)\Acer\Acer Portal\curllib.dll
2014-12-19 22:48 - 2014-12-19 22:48 - 00119552 _____ () C:\Program Files (x86)\Acer\Acer Portal\OpenLDAP.dll
2011-03-09 15:21 - 2011-03-09 15:21 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2011-03-09 15:21 - 2011-03-09 15:21 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2014-12-19 23:00 - 2014-12-19 23:00 - 00279296 _____ () C:\Program Files (x86)\Acer\abDocs\libcurl.dll
2016-04-06 17:06 - 2016-04-05 09:55 - 00074272 _____ () C:\Program Files (x86)\PDF24\zlib.dll
2016-04-06 17:06 - 2016-04-05 09:55 - 00052256 _____ () C:\Program Files (x86)\PDF24\OperationUI.dll
2014-02-19 18:51 - 2014-02-19 18:51 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2015-12-14 18:57 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3016204580-1220623134-1212562069-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Evan\AppData\Roaming\Microsoft\Windows Photo Viewer\Hintergrundbild der Windows-Fotoanzeige.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\Run32: => "YouCam Tray"
HKLM\...\StartupApproved\Run32: => "YouCam Mirage"
HKU\S-1-5-21-3016204580-1220623134-1212562069-1001\...\StartupApproved\StartupFolder: => "OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk"
HKU\S-1-5-21-3016204580-1220623134-1212562069-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3016204580-1220623134-1212562069-1001\...\StartupApproved\Run: => "Skype"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{2966FB4D-C583-476B-89B4-A4AFEAC95935}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{55D1DB7B-D233-4FE1-BC3A-F577037AA8D8}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{52F77EAA-F3FE-4A09-833B-85BF8C9563BB}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{DBF690CD-1CF1-4EA8-BD09-9687FE515801}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{BACDEDB1-CB5C-4686-A0DF-FF137418CC34}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{E0303806-E35D-4BBC-A376-53C96721794F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{72923A2B-27F1-4F37-9EC1-C55F56AB2F8D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{1BD9A3AE-16B6-4941-B4F5-579BA6A7540E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8858D2EA-2A7C-4A90-AA3D-F205E93C4D1C}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{8BBE60A9-2891-43C3-A8DA-BD378A089F79}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{D98FB3C7-4F2C-4D08-A912-71208322D714}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{0FA90734-EF71-460C-BA28-AF3B9EDDFC77}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{6840477D-578D-4383-AB62-D634E1A757B4}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{55B076CC-22F5-4593-9553-55EE2E672F45}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{0CE5AD16-4FB5-4E73-8D64-5EC79E9B4964}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{3CB2D5F3-B5F9-42BE-B43A-5CD56DACA4D3}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{B7C1612A-26C3-4334-B5CF-D380E25A0D3D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{B2B0E6E4-5FAE-48B9-8008-BBF0EA9D1BF6}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{1130A686-561F-4DBD-8D06-58566D4D4D63}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{09D4FE92-82F6-4C4B-A402-35B0339B4388}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{92668C8E-3B52-43E3-BAC5-B415AB97524E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{CD10CE44-CF5D-47B1-83CD-E1BDA8317477}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{3A06F4E8-A97C-47B4-84E3-4B329D2C9EE2}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{B73F9DFE-3AA7-4040-B344-E235D06CB737}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{97E8DEF3-7510-45A2-A464-65A3A942FE80}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{898DCBC9-925E-4F15-8B8F-CCCE864491AA}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{D767FBC7-F001-4CC1-92B9-3CF26609C104}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{3A7E9868-35FC-4F4B-8111-107CD193FD22}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{B4AD301F-F413-4374-8A7D-D700DB5597AC}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{CED97A2E-740F-4ABA-9E98-8499F7209658}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{2C129A10-DD75-4275-9A07-5693CEE2920E}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{E0619D53-282D-428A-A8E6-D36B0AAB8F77}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{7DC1F2AF-BC6E-4D2B-A0D2-715F2E1FC644}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{C2F6C388-FE92-4BB1-BDFD-91EF8FC41C07}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{31140215-45ED-40D6-BF4F-1DF8EAF2807D}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{6213171F-DC6C-4808-855F-CC249A3B5D25}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{37D2C8D2-0FD1-4570-B2AB-060BCF4C68EF}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{27C8D863-5DE2-42D0-BC0C-B2DF703219DB}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{5550231F-F2D5-4973-B228-2B64FAC1D2D4}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{C095390D-F95F-433B-906F-8269CBD8FC1A}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{826B1BF8-521F-491D-9BDD-F0EDE575CAAA}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{79B67E20-4C49-4CAD-962E-70868CF5DC62}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{58D7FC7B-96DD-4168-A869-00C1110E8B99}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{9A31EF61-8070-4520-8B8B-F209A65C4108}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{EED79EB5-FDC0-4ADB-B33B-6636F76CF08B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{CAF39AFC-0747-4FFD-B81F-0EB4978513A5}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{0983FE4E-741C-48DC-B617-2EF4D65A14A3}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{DB7BB829-C696-4C53-B7F5-E67C4641D2A3}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{B24D7978-6CFD-46E0-896C-39DDB15D0EC4}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{53FC2207-F4D3-4F74-A2E3-3D6E06055831}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{501A251D-AFE8-4490-8320-DCD3BE60B2C9}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{BC1C2CD4-E9AC-4A63-B1F4-FE3DD2854975}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{4F3A6447-2392-4A4C-A646-AC03E36EB0CE}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{01C00909-1A76-476A-9C16-9A820D0854D4}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{56A8348C-7770-4692-BDD0-C536D608C4F9}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{CE53B88F-0FBC-48C7-8D7D-3D33030F7FB6}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{FD341979-A0FD-432D-B0C1-DD36AC6C9322}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{BB0AC2A2-3069-4AB4-922B-7182F859D654}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{B5B05E8E-FB4A-421A-B85C-CAB8401F0B03}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{E465B0F1-CFB6-44B7-AE0C-2083BE5A4D8A}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{B2A19B95-5420-4FCF-B766-3C4D4FEE4D1A}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{261F26CF-2D83-4B74-A032-A3D79751B5E8}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{69260419-26B4-4DDD-BF1D-F469A03AFBC5}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{390DE55B-FDE4-4B31-BCD6-A27DD4FF9745}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F747BDC2-6B6D-45DB-A844-BBC8F791AB84}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{4EC725B5-6A63-4BA0-8D6C-A40084229AA5}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{1D6409B1-249B-460D-9093-2AE5C3487104}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{7A325B55-3EE2-411A-9CCB-A776E345E83A}] => (Allow) D:\SteamLibrary\SteamApps\common\Chaos on Deponia\deponia2.exe
FirewallRules: [{5C82374D-27FA-4068-A202-5907FD4C508C}] => (Allow) D:\SteamLibrary\SteamApps\common\Chaos on Deponia\deponia2.exe
FirewallRules: [{2FC5EFA4-C48F-469F-AB87-EABA118AD758}] => (Allow) D:\SteamLibrary\SteamApps\common\Chaos on Deponia\VisionaireConfigurationTool.exe
FirewallRules: [{507DE4A5-46F4-4F2C-996F-7C951872E6E5}] => (Allow) D:\SteamLibrary\SteamApps\common\Chaos on Deponia\VisionaireConfigurationTool.exe
FirewallRules: [{B755D13F-3AB0-4280-9E03-1D719627CFE0}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{C1A69C26-1242-4FAF-B619-C63DEADEB4A2}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{D763EE58-BA1D-447C-B729-742BA4FD3644}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{9A1E18A9-E7B8-40C0-88D0-5CB10133FC6B}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{E8E75747-4782-41D0-A491-89C330EA5F98}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{3BB2BD74-D59F-4358-B405-6890BF2CE2BB}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\DMCDaemon.exe
FirewallRules: [{96161B9A-E582-495D-A908-1F3E4A21AEAB}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{C16C34E3-3EBC-45E0-B341-7E0A323FD486}] => (Allow) C:\Program Files (x86)\Acer\abMedia_\WindowsUpnpMV.exe
FirewallRules: [{74B6045A-4DD9-4A26-AB91-3E330B975112}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{433C8295-8217-44D8-945B-F3938CA58B83}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{F4E0685A-BCD3-4BBF-ACA4-33F5D5B9BC7E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{8AF7FB5D-F04C-440D-BE1F-10502E9BF25B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{BE98D70F-5041-432B-A1B6-DE53C1135C68}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{0C7948D9-D031-4DFD-9FF6-49870619E20A}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{782FDBF0-6290-4DB0-94F8-637756DCF48D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{E10CE0E0-7C71-4C49-9FC4-4BE6DB1FD306}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{C004AC70-A70B-4E01-B6A0-DDF25C7510AB}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{91EF9F2C-EB5B-4C48-AAFF-7B19F87B9202}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{A664105B-DB4C-4572-9FA7-F1016D66F368}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{2CCDAB98-8939-4F50-B9CE-2321C2D16109}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{CB220BBE-4A4B-4D8A-8A0E-FA04ECCD59E5}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{36773FAB-6576-4D75-A144-30AF025431D1}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\DMCDaemon.exe
FirewallRules: [{D142FB79-004B-4402-AE7F-23C946995440}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{788AEAFF-67CA-4634-8EF4-9CB0FFD9B9F2}] => (Allow) C:\Program Files (x86)\Acer\abPhoto_\WindowsUpnp.exe
FirewallRules: [{94C197FE-54B3-4F5A-8071-A0247EBCEC58}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{BE153F6A-E381-4D67-A7BD-B0BC547727D8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{C3636CA7-7DEF-4D87-8CA4-00B473E633C0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{01C0F763-7C16-4AF5-8292-3D2D03EEABA9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4185D03B-70CB-4928-9C11-A701FCC43993}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{2F6FEBB6-4A75-4DAD-AFF0-18ED8D6BCFDB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{86CDD454-0A3C-4566-8583-7DF5794CE043}] => (Allow) D:\Games\Hearthstone\Battle.net\Battle.net.exe
FirewallRules: [{BCB73C98-052F-47E9-B413-571B6B65B19F}] => (Allow) D:\Games\Hearthstone\Battle.net\Battle.net.exe
FirewallRules: [{E115148E-C055-42C8-8D28-E2DBBAAC0BA0}] => (Allow) D:\Games\Hearthstone\Hearthstone\Hearthstone.exe
FirewallRules: [{C769E317-1D68-4DE1-898D-97BC9B15E4A4}] => (Allow) D:\Games\Hearthstone\Hearthstone\Hearthstone.exe
FirewallRules: [{7BC76A29-6A6B-4D37-B1CB-5705FC12390B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{C9F58FF4-868F-47FA-900D-CEB38FDC6D7A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{9FDF4711-9B8F-48C5-AE01-BA853F9C074F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{23181098-1793-405E-8AE8-9744849B1B9E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{A9AE47C0-B61F-4C61-89D6-E0B71FF7D283}] => (Allow) D:\SteamLibrary\SteamApps\common\Oddworld New n Tasty\NNT.exe
FirewallRules: [{F33373BF-E370-4DA1-9984-6D66F4C99FF7}] => (Allow) D:\SteamLibrary\SteamApps\common\Oddworld New n Tasty\NNT.exe
FirewallRules: [{4BC700DB-A58C-4BF4-9FC5-5552108B3618}] => (Allow) D:\SteamLibrary\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{AA5AAB93-303C-4A76-83EB-A08AB6546078}] => (Allow) D:\SteamLibrary\SteamApps\common\Cities_Skylines\Cities.exe
FirewallRules: [{93554606-F44B-442F-83B7-86F3CF26D6D6}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{EC0FFDD4-F1F7-4E86-A22D-40DEAEC4F326}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe
FirewallRules: [{509351F1-5487-4C5B-94A7-5A5E592E7727}] => (Allow) D:\SteamLibrary\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{1628B84B-A3F4-4DA3-8AEF-9C859D23FF06}] => (Allow) D:\SteamLibrary\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{2512A4FC-BFA0-4FD3-85CA-31C7CEAC32B7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{33919CCB-33FE-4407-9AFD-971B9AF1F24C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Wiederherstellungspunkte =========================

24-03-2016 21:00:45 McAfee  Vulnerability Scanner
01-04-2016 10:45:07 Installed PDF Architect 4 View Module
01-04-2016 10:45:55 Installed PDF Architect 4 Edit Module
08-04-2016 11:30:52 Geplanter Prüfpunkt
13-04-2016 12:09:58 Windows Update
15-04-2016 23:20:37 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (04/16/2016 10:57:42 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (04/16/2016 10:57:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_PcaSvc, Version: 6.3.9600.17415, Zeitstempel: 0x54504177
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.18194, Zeitstempel: 0x56951674
Ausnahmecode: 0xc0000008
Fehleroffset: 0x00000000000925fa
ID des fehlerhaften Prozesses: 0x47c
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_PcaSvc0
Pfad der fehlerhaften Anwendung: svchost.exe_PcaSvc1
Pfad des fehlerhaften Moduls: svchost.exe_PcaSvc2
Berichtskennung: svchost.exe_PcaSvc3
Vollständiger Name des fehlerhaften Pakets: svchost.exe_PcaSvc4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe_PcaSvc5

Error: (04/16/2016 10:57:06 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (04/16/2016 10:00:53 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (04/16/2016 10:00:12 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (04/16/2016 10:00:11 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (04/16/2016 10:00:01 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (04/16/2016 09:42:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AcerPortal.exe, Version: 3.0.4.2002, Zeitstempel: 0x54942c87
Name des fehlerhaften Moduls: SHELL32.dll, Version: 6.3.9600.18231, Zeitstempel: 0x56b8f1ef
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00218d0b
ID des fehlerhaften Prozesses: 0x12c
Startzeit der fehlerhaften Anwendung: 0xAcerPortal.exe0
Pfad der fehlerhaften Anwendung: AcerPortal.exe1
Pfad des fehlerhaften Moduls: AcerPortal.exe2
Berichtskennung: AcerPortal.exe3
Vollständiger Name des fehlerhaften Pakets: AcerPortal.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AcerPortal.exe5

Error: (04/15/2016 10:56:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AcerPortal.exe, Version: 3.0.4.2002, Zeitstempel: 0x54942c87
Name des fehlerhaften Moduls: SHELL32.dll, Version: 6.3.9600.18231, Zeitstempel: 0x56b8f1ef
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00218d0b
ID des fehlerhaften Prozesses: 0x15f4
Startzeit der fehlerhaften Anwendung: 0xAcerPortal.exe0
Pfad der fehlerhaften Anwendung: AcerPortal.exe1
Pfad des fehlerhaften Moduls: AcerPortal.exe2
Berichtskennung: AcerPortal.exe3
Vollständiger Name des fehlerhaften Pakets: AcerPortal.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AcerPortal.exe5

Error: (04/15/2016 04:00:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AcerPortal.exe, Version: 3.0.4.2002, Zeitstempel: 0x54942c87
Name des fehlerhaften Moduls: SHELL32.dll, Version: 6.3.9600.18231, Zeitstempel: 0x56b8f1ef
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00218d0b
ID des fehlerhaften Prozesses: 0xe3c
Startzeit der fehlerhaften Anwendung: 0xAcerPortal.exe0
Pfad der fehlerhaften Anwendung: AcerPortal.exe1
Pfad des fehlerhaften Moduls: AcerPortal.exe2
Berichtskennung: AcerPortal.exe3
Vollständiger Name des fehlerhaften Pakets: AcerPortal.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AcerPortal.exe5


Systemfehler:
=============
Error: (04/16/2016 10:58:13 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Gerätezuordnungsdienst" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056

Error: (04/16/2016 10:58:13 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Programmkompatibilitäts-Assistent-Dienst" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056

Error: (04/16/2016 10:57:13 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Automatische WLAN-Konfiguration" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/16/2016 10:57:13 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Diagnosesystemhost" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/16/2016 10:57:13 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Überwachung verteilter Verknüpfungen (Client)" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/16/2016 10:57:13 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Superfetch" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/16/2016 10:57:13 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Programmkompatibilitäts-Assistent-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/16/2016 10:57:13 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Netzwerkverbindungen" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 100 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/16/2016 10:57:13 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Netzwerkverbindungsbroker" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/16/2016 10:57:13 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Heimnetzgruppen-Listener" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4710HQ CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 34%
Installierter physikalischer RAM: 8115.27 MB
Verfügbarer physikalischer RAM: 5317.5 MB
Summe virtueller Speicher: 9395.27 MB
Verfügbarer virtueller Speicher: 6378.06 MB

==================== Laufwerke ================================

Drive c: (Acer) (Fixed) (Total:118.43 GB) (Free:41.38 GB) NTFS
Drive d: (DATA) (Fixed) (Total:915.93 GB) (Free:879.08 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: FD2DE1CF)

Partition: GPT.

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: FD2DE1DE)

Partition: GPT.

==================== Ende von Addition.txt ============================

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:13-04-2016
durchgeführt von Evan (Administrator) auf EVANSPC (16-04-2016 23:09:35)
Gestartet von C:\Users\Evan\Desktop
Geladene Profile: Evan (Verfügbare Profile: Evan)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Dolby Laboratories Inc.) C:\Program Files\Dolby Digital Plus\ddp.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
() C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\mcafee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.8.267.0\McCSPServiceHost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-05-26] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387376 2014-05-13] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2685072 2015-05-01] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM-x32\...\Run: [BacKGround Agent] => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [62208 2014-12-19] (Acer Incorporated)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2011-03-09] (CyberLink)
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [136488 2012-06-14] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe [234000 2012-06-14] (CyberLink Corp.)
HKLM-x32\...\Run: [LGODDFU] => C:\Program Files (x86)\lg_fwupdate\lgfw.exe [27760 2012-07-12] (Bitleader)
HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [90880 2014-12-19] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595480 2016-03-20] (Oracle Corporation)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [220704 2016-04-05] (Geek Software GmbH)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2014-04-29] (Atheros Communications)
HKU\S-1-5-21-3016204580-1220623134-1212562069-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3013712 2015-12-14] (Valve Corporation)
HKU\S-1-5-21-3016204580-1220623134-1212562069-1001\...\Run: [AcerPortal] => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2480384 2014-12-19] (Acer)
HKU\S-1-5-21-3016204580-1220623134-1212562069-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50599552 2016-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-3016204580-1220623134-1212562069-1001\...\MountPoints2: {161cc7c0-a4ea-11e5-82fe-206a8ade63c7} - "E:\Startme.exe" 
HKU\S-1-5-21-3016204580-1220623134-1212562069-1001\...\MountPoints2: {238b1480-e510-11e4-8281-206a8ade63c7} - "E:\Startme.exe" 
HKU\S-1-5-21-3016204580-1220623134-1212562069-1001\...\MountPoints2: {7649c2b4-11a9-11e5-8286-206a8ade63c7} - "E:\Startme.exe" 
HKU\S-1-5-21-3016204580-1220623134-1212562069-1001\...\MountPoints2: {794acad2-9530-11e4-8274-3010b3063411} - "F:\Startme.exe" 
ShellIconOverlayIdentifiers: [ACloudSyncedRF] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll [2014-12-19] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ACloudSyncedSF] -> {5D5F18B7-D59B-4B18-A3E9-0A4BDCCCB699} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll [2014-12-19] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll [2014-12-19] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\Acer Portal\x64\shellext_win.dll [2014-12-19] (Acer Incorporated)
Startup: C:\Users\Evan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk [2014-10-29]
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog5 01 C:\Windows\SysWOW64\napinsp.dll [55296 2014-10-29] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\system32\napinsp.dll"
Winsock: Catalog5 02 C:\Windows\SysWOW64\pnrpnsp.dll [70144 2014-10-29] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\system32\pnrpnsp.dll"
Winsock: Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [70144 2014-10-29] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\system32\pnrpnsp.dll"
Winsock: Catalog5 04 C:\Windows\SysWOW64\NLAapi.dll [65536 2014-10-29] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [286208 2014-10-29] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\System32\mswsock.dll"
Winsock: Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [23040 2014-10-29] (Microsoft Corporation)ACHTUNG: LibraryPath sollte sein "%SystemRoot%\System32\winrnr.dll"
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{95491AA6-1613-4636-9E91-37E128AD2C1D}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{D6FBC128-646D-4B1B-8334-D7C9A6BB9864}: [DhcpNameServer] 10.57.1.1
Tcpip\..\Interfaces\{F757B5CF-AD94-48D2-ABC6-7FE01E11C386}: [DhcpNameServer] 134.99.128.5

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2013-08-22] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-03-28] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-03-28] (Oracle Corporation)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-04-12] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-04-12] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-04-12] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-04-12] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\MSC\McSnIePl64.dll [2016-03-03] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2016-03-03] (McAfee, Inc.)

FireFox:
========
FF ProfilePath: C:\Users\Evan\AppData\Roaming\Mozilla\Firefox\Profiles\usp9bynr.default-1460836370547
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-07] ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2016-03-03] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-07] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-13] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-13] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-08-26] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-02-19] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-02-19] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-03-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-03-28] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2016-03-03] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3016204580-1220623134-1212562069-1001: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2015-05-29] (Sony Network Entertainment International LLC)
FF Extension: Adblock Plus - C:\Users\Evan\AppData\Roaming\Mozilla\Firefox\Profiles\usp9bynr.default-1460836370547\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-16]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF Extension: McAfee WebAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2015-12-29]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2016-02-19] [ist nicht signiert]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-04-13]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-04-13]
CHR HKLM-x32\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files (x86)\Sony\Media Go\MediaGoDetector.crx" <nicht gefunden>

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [319104 2014-04-29] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert]
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2713856 2014-12-19] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-06-12] (Acer Incorporated)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-01] (NVIDIA Corporation)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315352 2014-06-16] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-02-19] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-02-19] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [466664 2014-06-10] (Acer Incorporate)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [163592 2016-04-12] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [863448 2016-03-03] (McAfee, Inc.)
R2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.8.267.0\McCSPServiceHost.exe [1696712 2016-02-23] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [681680 2016-02-26] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [234192 2015-11-18] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [380896 2016-01-21] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [275368 2015-11-18] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [453520 2016-01-03] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1884304 2015-05-01] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22997648 2015-05-01] (NVIDIA Corporation)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [157487 2015-09-04] (The OpenVPN Project) [Datei ist nicht signiert]
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [896456 2016-03-02] (Intel Security, Inc.)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-06-26] (Acer Incorporate)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [233216 2014-06-23] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3893248 2014-04-02] (Qualcomm Atheros Communications, Inc.)
S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-04-29] (Qualcomm Atheros)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [79248 2015-11-25] (McAfee, Inc.)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 dsNcAdpt; C:\Windows\system32\DRIVERS\dsNcAdpt.sys [36816 2014-04-10] (Juniper Networks) [Datei ist nicht signiert]
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 ggsomc; C:\Windows\System32\drivers\ggsomc.sys [30424 2015-07-09] (Sony Mobile Communications)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [207208 2015-05-19] (McAfee, Inc.)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [116736 2014-02-19] (Intel Corporation)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [419624 2015-11-25] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [351144 2015-11-25] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [83096 2015-11-25] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [496368 2015-11-25] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [846080 2015-11-25] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [539496 2015-11-20] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [109480 2015-11-20] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [45728 2016-03-15] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [245096 2015-11-25] (McAfee, Inc.)
S1 ndisrd; C:\Windows\system32\DRIVERS\ndisrfl.sys [41688 2014-10-30] (Intel Corporation)
S3 NetTap630; C:\Windows\system32\DRIVERS\nettap630.sys [67800 2014-10-30] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-01] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 mfeaack01; \Device\mfeaack01.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-16 23:03 - 2016-04-16 23:06 - 00000000 ____D C:\ProgramData\HitmanPro
2016-04-16 23:03 - 2016-04-16 23:03 - 11441744 _____ (SurfRight B.V.) C:\Users\Evan\Downloads\HitmanPro_x64.exe
2016-04-16 22:00 - 2016-04-16 22:00 - 00000000 ____D C:\Program Files (x86)\ESET
2016-04-16 21:59 - 2016-04-16 21:59 - 02870984 _____ (ESET) C:\Users\Evan\Downloads\esetsmartinstaller_deu.exe
2016-04-16 21:52 - 2016-04-16 21:52 - 00000000 ____D C:\Users\Evan\Desktop\Alte Firefox-Daten
2016-04-16 19:48 - 2016-04-16 19:48 - 00004020 _____ C:\Windows\System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse
2016-04-15 23:32 - 2016-04-15 23:32 - 00000560 _____ C:\TDSSKiller.3.1.0.9_15.04.2016_23.32.11_log.txt
2016-04-15 23:21 - 2016-04-15 23:21 - 00001007 _____ C:\Users\Evan\Desktop\JRT.txt
2016-04-15 23:19 - 2016-04-15 23:19 - 01610352 _____ (Malwarebytes) C:\Users\Evan\Desktop\JRT.exe
2016-04-14 01:31 - 2016-04-14 01:31 - 00039366 _____ C:\Users\Evan\Desktop\6000000239-Bildungskredit-173-Informationen-zum-Kreditvertrag.pdf
2016-04-14 01:31 - 2016-04-14 01:31 - 00038051 _____ C:\Users\Evan\Desktop\6000002670-Nutzungsbedingungen-für-das-KfW-Online-Banking.pdf
2016-04-14 01:31 - 2016-04-14 01:31 - 00030122 _____ C:\Users\Evan\Desktop\6000002174-Informationen-zur-Vermeidung-der-Überschuldung.pdf
2016-04-14 01:23 - 2016-04-14 01:23 - 01421822 _____ C:\Users\Evan\Desktop\6000001455-Vereinbarung-Online-Banking.pdf
2016-04-13 23:02 - 2016-04-13 23:13 - 00251776 _____ C:\TDSSKiller.3.1.0.9_13.04.2016_23.02.57_log.txt
2016-04-13 23:02 - 2016-04-13 23:02 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Evan\Desktop\tdsskiller.exe
2016-04-13 22:57 - 2016-04-16 23:09 - 00024326 _____ C:\Users\Evan\Desktop\FRST.txt
2016-04-13 22:57 - 2016-04-15 23:26 - 00046394 _____ C:\Users\Evan\Desktop\Addition.txt
2016-04-13 22:57 - 2016-04-13 22:58 - 00000000 ____D C:\Users\Evan\Desktop\Bewerbung
2016-04-13 22:56 - 2016-04-16 23:09 - 00000000 ____D C:\FRST
2016-04-13 22:56 - 2016-04-13 22:56 - 02375168 _____ (Farbar) C:\Users\Evan\Desktop\FRST64.exe
2016-04-13 12:03 - 2016-02-02 20:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys
2016-04-13 12:02 - 2016-04-04 08:35 - 00046768 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-04-13 12:02 - 2016-04-02 15:26 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-04-13 12:02 - 2016-04-02 15:26 - 01169408 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-04-13 12:02 - 2016-03-31 02:54 - 25817600 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-04-13 12:02 - 2016-03-31 02:31 - 02892800 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-04-13 12:02 - 2016-03-31 02:28 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-04-13 12:02 - 2016-03-31 02:25 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-04-13 12:02 - 2016-03-31 02:17 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-04-13 12:02 - 2016-03-31 02:03 - 20352512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-04-13 12:02 - 2016-03-31 01:56 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2016-04-13 12:02 - 2016-03-31 01:56 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-04-13 12:02 - 2016-03-31 01:55 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-04-13 12:02 - 2016-03-31 01:53 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-04-13 12:02 - 2016-03-31 01:51 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-04-13 12:02 - 2016-03-31 01:50 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-04-13 12:02 - 2016-03-31 01:45 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-04-13 12:02 - 2016-03-31 01:45 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-04-13 12:02 - 2016-03-31 01:43 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-04-13 12:02 - 2016-03-31 01:43 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-04-13 12:02 - 2016-03-31 01:43 - 00379392 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-04-13 12:02 - 2016-03-31 01:42 - 02131968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-04-13 12:02 - 2016-03-31 01:39 - 15415808 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-04-13 12:02 - 2016-03-31 01:30 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-04-13 12:02 - 2016-03-31 01:30 - 02596864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-04-13 12:02 - 2016-03-31 01:30 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-04-13 12:02 - 2016-03-31 01:30 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2016-04-13 12:02 - 2016-03-31 01:27 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-04-13 12:02 - 2016-03-31 01:24 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-04-13 12:02 - 2016-03-31 01:23 - 02056192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-04-13 12:02 - 2016-03-31 01:23 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-04-13 12:02 - 2016-03-31 01:23 - 00330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-04-13 12:02 - 2016-03-31 01:21 - 13811712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-04-13 12:02 - 2016-03-31 01:18 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-04-13 12:02 - 2016-03-31 01:06 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-04-13 12:02 - 2016-03-31 01:05 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-04-13 12:02 - 2016-03-31 01:02 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-04-13 12:02 - 2016-03-31 01:00 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-04-13 12:02 - 2016-03-29 16:05 - 04175872 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-04-13 12:02 - 2016-03-28 15:21 - 00698368 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-04-13 12:02 - 2016-03-28 15:21 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-04-13 12:02 - 2016-03-28 15:21 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-04-13 12:02 - 2016-03-28 15:21 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-04-13 12:02 - 2016-03-28 15:21 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-04-13 12:02 - 2016-03-16 01:00 - 00561952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-04-13 12:02 - 2016-03-15 16:14 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-04-13 12:02 - 2016-03-11 16:48 - 00833024 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2016-04-13 12:02 - 2016-03-10 21:19 - 07452512 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-04-13 12:02 - 2016-03-10 21:17 - 01663192 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-04-13 12:02 - 2016-03-10 21:17 - 01523216 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-04-13 12:02 - 2016-03-10 21:17 - 01490128 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-04-13 12:02 - 2016-03-10 21:17 - 01358960 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2016-04-13 12:02 - 2016-03-10 21:17 - 01133752 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-04-13 12:02 - 2016-03-10 20:22 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-04-13 12:02 - 2016-03-10 20:21 - 00401920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-04-13 12:02 - 2016-03-10 20:20 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-04-13 12:02 - 2016-03-10 19:48 - 00862720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-04-13 12:02 - 2016-03-10 19:44 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-04-13 12:02 - 2016-03-10 19:43 - 00161280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-04-13 12:02 - 2016-03-10 19:16 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-04-13 12:02 - 2016-03-10 19:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2016-04-13 12:02 - 2016-03-10 18:55 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-04-13 12:02 - 2016-03-10 18:48 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2016-04-13 12:02 - 2016-03-10 18:42 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-04-13 12:02 - 2016-03-03 18:47 - 02345472 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2016-04-13 12:02 - 2016-03-03 18:33 - 01556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2016-04-13 12:02 - 2016-03-03 18:13 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2016-04-13 12:02 - 2016-03-03 03:39 - 01661576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-04-13 12:02 - 2016-03-03 03:39 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-04-13 12:02 - 2016-02-09 03:31 - 22365472 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-04-13 12:02 - 2016-02-09 03:31 - 19794896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-04-13 12:02 - 2016-02-09 03:31 - 02757616 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-04-13 12:02 - 2016-02-09 03:31 - 02412576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-04-13 12:02 - 2016-02-09 03:31 - 00273264 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2016-04-13 12:02 - 2016-02-08 22:55 - 02712576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-04-13 12:02 - 2016-02-08 22:15 - 02551808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themecpl.dll
2016-04-13 12:02 - 2016-02-08 22:02 - 01197056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2016-04-13 12:02 - 2016-02-08 21:48 - 12879360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2016-04-13 12:02 - 2016-02-08 21:43 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2016-04-13 12:02 - 2016-02-08 21:40 - 00539648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hgcpl.dll
2016-04-13 12:02 - 2016-02-08 21:39 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2016-04-13 12:02 - 2016-02-08 21:37 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingMonitor.dll
2016-04-13 12:02 - 2016-02-08 21:35 - 00954880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2016-04-13 12:02 - 2016-02-08 21:34 - 00667648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
2016-04-13 12:02 - 2016-02-08 21:33 - 00520192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2016-04-13 12:02 - 2016-02-08 20:50 - 03120640 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-04-13 12:02 - 2016-02-08 19:55 - 02592256 _____ (Microsoft Corporation) C:\Windows\system32\themecpl.dll
2016-04-13 12:02 - 2016-02-08 19:33 - 01278464 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2016-04-13 12:02 - 2016-02-08 19:12 - 14466560 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2016-04-13 12:02 - 2016-02-08 19:02 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2016-04-13 12:02 - 2016-02-08 19:00 - 00599552 _____ (Microsoft Corporation) C:\Windows\system32\hgcpl.dll
2016-04-13 12:02 - 2016-02-08 18:58 - 00336384 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2016-04-13 12:02 - 2016-02-08 18:55 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\SettingMonitor.dll
2016-04-13 12:02 - 2016-02-08 18:53 - 02171904 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll
2016-04-13 12:02 - 2016-02-08 18:53 - 01348096 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2016-04-13 12:02 - 2016-02-08 18:50 - 01220096 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2016-04-13 12:02 - 2016-02-08 18:50 - 00841728 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll
2016-04-13 12:02 - 2016-02-08 18:48 - 00655872 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2016-04-13 12:02 - 2016-02-08 18:47 - 02819584 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2016-04-13 12:02 - 2016-02-08 18:44 - 00955392 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2016-04-13 12:02 - 2016-02-07 01:05 - 00551256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2016-04-13 12:02 - 2016-02-07 00:41 - 00316760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2016-04-13 12:02 - 2016-02-05 21:07 - 00378712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2016-04-13 12:02 - 2016-02-05 17:11 - 00845312 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2016-04-13 12:02 - 2016-02-05 17:11 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2016-04-13 12:02 - 2016-02-05 17:07 - 00272384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2016-04-13 12:02 - 2016-02-05 17:02 - 01083904 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2016-04-13 12:02 - 2016-02-05 16:46 - 01455104 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2016-04-13 12:02 - 2016-02-04 20:07 - 00222720 _____ (Microsoft Corporation) C:\Windows\system32\dhcpsapi.dll
2016-04-13 12:02 - 2016-02-04 19:35 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpsapi.dll
2016-04-13 12:02 - 2016-02-04 18:23 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2016-04-13 12:02 - 2016-02-04 18:22 - 00561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2016-04-13 12:02 - 2016-02-03 17:14 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2016-04-13 12:02 - 2016-02-03 17:11 - 01673728 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2016-04-13 12:02 - 2016-02-02 19:51 - 00162304 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2016-04-13 12:02 - 2016-02-02 19:19 - 00144384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2016-04-13 12:02 - 2016-02-02 19:18 - 01574912 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe
2016-04-13 12:02 - 2016-02-02 19:15 - 00787456 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
2016-04-13 12:02 - 2016-02-02 19:01 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\WsmAgent.dll
2016-04-13 12:02 - 2016-02-02 18:51 - 02609152 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2016-04-13 12:02 - 2016-02-02 18:48 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2016-04-13 12:02 - 2016-02-02 18:46 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAgent.dll
2016-04-13 12:02 - 2016-02-02 18:41 - 02170880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2016-04-13 12:02 - 2016-02-02 18:39 - 00236032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2016-04-13 12:02 - 2016-01-31 19:17 - 00779264 _____ (Microsoft Corporation) C:\Windows\system32\WindowsAnytimeUpgradeui.exe
2016-04-13 12:02 - 2016-01-27 17:18 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2016-04-13 12:02 - 2016-01-26 21:15 - 00072024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vpci.sys
2016-04-13 12:02 - 2016-01-22 07:22 - 02487296 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2016-04-13 12:02 - 2016-01-22 07:11 - 01482240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2016-04-13 12:02 - 2016-01-21 21:35 - 00952928 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2016-04-13 12:02 - 2016-01-21 20:42 - 00786152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2016-04-13 12:02 - 2016-01-21 00:40 - 00099672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2016-04-13 12:02 - 2014-11-08 04:38 - 00166912 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2016-04-13 12:02 - 2014-11-08 04:17 - 00143360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2016-04-12 10:10 - 2016-04-12 10:10 - 48271149 _____ C:\Users\Evan\Desktop\bok%3A978-3-322-90755-4.pdf
2016-04-12 10:10 - 2016-04-12 10:10 - 00266088 _____ C:\Users\Evan\Desktop\20070914_Rossa-Sladek_Markenerfolg.pdf
2016-04-12 10:04 - 2016-04-12 10:06 - 00426261 _____ C:\Users\Evan\Desktop\LiM-AP-17-Markenprofilierung-durch-Branchen.pdf
2016-04-12 10:01 - 2016-04-12 10:01 - 27081437 _____ C:\Users\Evan\Desktop\Viele Untmarken werden kombiniert - Branchenimages.pdf
2016-04-12 09:48 - 2016-04-12 14:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-04-12 09:26 - 2016-04-12 09:26 - 00150761 _____ C:\Users\Evan\Desktop\0fcfd50c059b6ed8c6000000.pdf
2016-04-11 19:16 - 2016-04-16 19:58 - 00003846 _____ C:\Windows\System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse
2016-04-07 00:11 - 2016-04-07 00:11 - 00016896 ___SH C:\Users\Evan\Thumbs.db
2016-04-06 17:06 - 2016-04-06 17:06 - 00001064 _____ C:\Users\Public\Desktop\PDF24.lnk
2016-04-06 17:06 - 2016-04-06 17:06 - 00000000 ____D C:\Users\Evan\AppData\Local\PDF24
2016-04-06 17:06 - 2016-04-06 17:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2016-04-06 17:06 - 2016-04-06 17:06 - 00000000 ____D C:\Program Files (x86)\PDF24
2016-04-06 17:02 - 2016-04-06 17:02 - 00000000 ____D C:\Program Files\PDFCreator
2016-04-01 10:46 - 2016-04-01 11:09 - 00000000 ____D C:\Users\Evan\AppData\Roaming\PDF Architect 4
2016-04-01 10:45 - 2016-04-01 11:10 - 00000000 ____D C:\Program Files\PDF Architect 4
2016-04-01 10:44 - 2016-04-01 11:16 - 00000000 ____D C:\ProgramData\PDF Architect 4
2016-03-31 18:44 - 2016-03-31 18:44 - 35242143 _____ C:\Users\Evan\Desktop\Masterarbeit Literatur.zip
2016-03-31 18:36 - 2016-04-07 00:13 - 00000000 ____D C:\Users\Evan\Desktop\Scanbot

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-16 23:05 - 2014-10-25 17:09 - 00000000 ____D C:\Users\Evan\AppData\Roaming\ClassicShell
2016-04-16 23:02 - 2014-08-25 18:17 - 00765582 _____ C:\Windows\system32\perfh007.dat
2016-04-16 23:02 - 2014-08-25 18:17 - 00159366 _____ C:\Windows\system32\perfc007.dat
2016-04-16 23:02 - 2014-03-18 12:03 - 01776918 _____ C:\Windows\system32\PerfStringBackup.INI
2016-04-16 23:02 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2016-04-16 22:17 - 2014-10-24 23:54 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-04-16 22:13 - 2015-01-10 22:58 - 00000000 ____D C:\Users\Evan\AppData\Local\Battle.net
2016-04-16 21:52 - 2014-10-25 03:55 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3016204580-1220623134-1212562069-1001
2016-04-16 21:42 - 2014-10-25 05:43 - 00000000 ____D C:\Users\Evan\AppData\Local\CrashDumps
2016-04-16 21:40 - 2014-11-02 13:23 - 00000000 __RDO C:\Users\Evan\OneDrive
2016-04-16 21:40 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-16 17:28 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2016-04-15 22:54 - 2014-10-25 04:20 - 00000000 ____D C:\Program Files (x86)\McAfee
2016-04-15 18:58 - 2015-06-21 20:54 - 00000000 ____D C:\Windows\System32\Tasks\McAfee
2016-04-14 17:12 - 2014-10-25 03:49 - 00000000 ____D C:\Users\Evan
2016-04-14 14:11 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2016-04-14 01:31 - 2015-05-19 22:53 - 11681792 ___SH C:\Users\Evan\Desktop\Thumbs.db
2016-04-13 22:50 - 2013-08-22 16:44 - 00387328 _____ C:\Windows\system32\FNTCACHE.DAT
2016-04-13 16:29 - 2015-04-16 23:55 - 00000000 ____D C:\Windows\system32\appraiser
2016-04-13 16:29 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData
2016-04-13 16:29 - 2013-08-22 15:25 - 00524288 ___SH C:\Windows\system32\config\BBI
2016-04-13 15:54 - 2016-03-07 23:07 - 00010653 _____ C:\Users\Evan\Desktop\Notendurchschnitt.xlsx
2016-04-13 12:16 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2016-04-13 12:15 - 2014-10-28 01:15 - 00000000 ____D C:\Windows\system32\MRT
2016-04-13 12:12 - 2014-10-28 01:15 - 135176864 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-04-13 12:01 - 2016-01-14 10:59 - 00177488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-04-13 12:00 - 2016-03-10 00:11 - 01737080 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-04-13 12:00 - 2016-03-10 00:11 - 01501488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-04-13 12:00 - 2016-03-10 00:11 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2016-04-12 14:54 - 2015-04-14 19:34 - 00000000 ____D C:\Users\Evan\AppData\Roaming\vlc
2016-04-12 14:45 - 2014-10-25 05:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-04-09 10:19 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2016-04-07 23:17 - 2014-10-24 23:54 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-04-07 09:05 - 2014-07-14 19:58 - 00000000 ____D C:\ProgramData\McAfee
2016-04-05 23:53 - 2015-03-13 10:25 - 00829944 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-04-05 23:53 - 2015-03-13 10:25 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-04-03 13:16 - 2015-11-03 22:01 - 00000000 ____D C:\Users\Evan\Documents\Youcam
2016-04-03 13:16 - 2015-05-13 20:19 - 00000000 ____D C:\Users\Evan\AppData\Roaming\Skype
2016-04-01 10:44 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\FxsTmp
2016-03-29 19:14 - 2016-02-16 23:59 - 00000000 ____D C:\Users\Evan\Desktop\Aunahmen von smartvpic
2016-03-28 15:11 - 2014-10-25 03:49 - 00000000 ____D C:\Users\Evan\AppData\Local\Packages
2016-03-28 10:43 - 2014-11-03 21:59 - 00000000 ____D C:\ProgramData\Oracle
2016-03-28 10:41 - 2015-08-21 19:59 - 00000000 ____D C:\Users\Evan\.oracle_jre_usage
2016-03-28 10:41 - 2015-07-10 00:54 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-03-28 10:41 - 2015-07-10 00:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-03-28 10:41 - 2015-07-10 00:54 - 00000000 ____D C:\Program Files (x86)\Java
2016-03-27 15:39 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-03-24 13:34 - 2014-11-04 00:48 - 00000000 ____D C:\Program Files (x86)\Steam
2016-03-23 20:39 - 2015-04-04 23:38 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-03-23 20:39 - 2015-04-04 23:38 - 00000000 ___SD C:\Windows\system32\GWX

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-11-18 18:51 - 2004-01-26 18:15 - 0233472 ____R () C:\Users\Evan\AppData\Roaming\MafiaSetup.exe
2015-11-11 17:39 - 2015-11-11 17:39 - 0003398 _____ () C:\Users\Evan\AppData\Local\HWVendorDetection.log
2014-08-25 08:42 - 2014-08-25 08:42 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
C:\Users\Evan\AppData\Local\Temp\dsNCInst64.exe
C:\Users\Evan\AppData\Local\Temp\Foxit PhantomPDF Updater.exe
C:\Users\Evan\AppData\Local\Temp\Intel_Technology_Access_Software.exe
C:\Users\Evan\AppData\Local\Temp\jre-8u65-windows-au.exe
C:\Users\Evan\AppData\Local\Temp\jre-8u66-windows-au.exe
C:\Users\Evan\AppData\Local\Temp\jre-8u71-windows-au.exe
C:\Users\Evan\AppData\Local\Temp\jre-8u73-windows-au.exe
C:\Users\Evan\AppData\Local\Temp\jre-8u77-windows-au.exe
C:\Users\Evan\AppData\Local\Temp\oct1AB8.tmp.exe
C:\Users\Evan\AppData\Local\Temp\oct1DA1.tmp.exe
C:\Users\Evan\AppData\Local\Temp\oct1DDF.tmp.exe
C:\Users\Evan\AppData\Local\Temp\oct2083.tmp.exe
C:\Users\Evan\AppData\Local\Temp\oct284B.tmp.exe
C:\Users\Evan\AppData\Local\Temp\oct2A1A.tmp.exe
C:\Users\Evan\AppData\Local\Temp\oct409F.tmp.exe
C:\Users\Evan\AppData\Local\Temp\oct4AB3.tmp.exe
C:\Users\Evan\AppData\Local\Temp\oct5070.tmp.exe
C:\Users\Evan\AppData\Local\Temp\oct5C8F.tmp.exe
C:\Users\Evan\AppData\Local\Temp\oct5F1E.tmp.exe
C:\Users\Evan\AppData\Local\Temp\oct635A.tmp.exe
C:\Users\Evan\AppData\Local\Temp\oct660B.tmp.exe
C:\Users\Evan\AppData\Local\Temp\oct720A.tmp.exe
C:\Users\Evan\AppData\Local\Temp\oct74BB.tmp.exe
C:\Users\Evan\AppData\Local\Temp\oct807.tmp.exe
C:\Users\Evan\AppData\Local\Temp\oct8F66.tmp.exe
C:\Users\Evan\AppData\Local\Temp\oct9282.tmp.exe
C:\Users\Evan\AppData\Local\Temp\oct95DE.tmp.exe
C:\Users\Evan\AppData\Local\Temp\oct98A.tmp.exe
C:\Users\Evan\AppData\Local\Temp\octA12B.tmp.exe
C:\Users\Evan\AppData\Local\Temp\octB623.tmp.exe
C:\Users\Evan\AppData\Local\Temp\octC0D8.tmp.exe
C:\Users\Evan\AppData\Local\Temp\octC743.tmp.exe
C:\Users\Evan\AppData\Local\Temp\octDB2D.tmp.exe
C:\Users\Evan\AppData\Local\Temp\octE219.tmp.exe
C:\Users\Evan\AppData\Local\Temp\octE4EC.tmp.exe
C:\Users\Evan\AppData\Local\Temp\octF4BB.tmp.exe
C:\Users\Evan\AppData\Local\Temp\octF5CC.tmp.exe
C:\Users\Evan\AppData\Local\Temp\ose00000.exe
C:\Users\Evan\AppData\Local\Temp\SIntf16.dll
C:\Users\Evan\AppData\Local\Temp\SIntf32.dll
C:\Users\Evan\AppData\Local\Temp\SIntfNT.dll
C:\Users\Evan\AppData\Local\Temp\ytb.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-04-10 12:28

==================== Ende von FRST.txt ============================

Firefox sucht jetzt wieder mit Google.
Der Internet Explorer jedoch mit Bing, weiß nicht ob das nach dem zurücksetzen normal ist? installiert hatte ich es nie...

Wenn wir jetzt noch die Funde von heute entfernen, kannst du mir dann noch posten, wie ich JRT, FRST, Hitmanpro und TDSSKiller richtig deinstallieren kann? Die tauchen bei mir unter Systemsteuerung nicht auf, bzw. mir sagen, wo ich es nachlesen kann.

Danke dir schon einmal sehr für deine Hilfe!

M-K-D-B · 17.04.2016, 11:12

Servus,

leere einfach den Papierkorb.
DelFix (siehe weiter unten) entfernt die verwendeten Tools und sich selbst.

Reste entfernen
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

start
CloseProcesses:
C:\Users\Evan\AppData\Local\Temp\DMR
EmptyTemp:
end

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Die Fixlog von FRST gleich posten, da diese sonst mit DelFix (siehe weiter unten) automatisch entfernt wird!

Wenn du keine Probleme mehr mit Malware hast, dann sind wir hier fertig. Deine Logdateien sind sauber.

Zum Schluss müssen wir noch ein paar abschließende Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern.

Cleanup:
Alle Logs gepostet? Dann lade Dir bitte

DelFix herunter.

Schließe alle offenen Programme.
Starte die delfix.exe mit einem Doppelklick.
Setze vor jede Funktion ein Häkchen.
Klicke auf Start.

Hinweis:
DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner anschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.

Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:
Browser
Java
Flash-Player
PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Sofern du noch unentschieden bist, verwende ein einziges der folgenden Antivirusprogramme mit Echtzeitscanner und stets aktueller Signaturendatenbank:

	Emsisoft	Microsoft Security Essentials	ESET

Microsoft Security Essentials (MSE) ist ab Windows 8 fest eingebaut, wenn du also Windows 8, 8.1 oder 10 und dich für MSE entschieden hast, brauchst du nicht extra MSE zu installieren. Bei Windows 7 muss es aber manuell installiert oder über die Windows Updates als optionales Update bezogen werden. Selbstverständlich ist ein legales/aktiviertes Windows Voraussetzung dafür.

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.

Optional:

Adblock Plus Kann Banner, Pop-ups, Videowerbung, Tracking und Malware-Seiten blockieren.

NoScript Verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.

Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.

Lade Software von einem sauberen Portal wie

.
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner .

Abschließend noch ein paar grundsätzliche Bemerkungen:

Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Lade keine Software von Chip, Softonic oder SourceForge. Die dort angebotene Software wird häufig mit einem sog. "Installer" verteilt, mit dem man sich nur unerwünschte Software oder Adware installiert.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Selbst Microsoft unterstützt sog. Registry-Cleaner nicht. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...

und/oder das Forum mit einer kleinen Spende unterstützen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann.

Waffelprinz · 17.04.2016, 12:17

Ich danke dir vielmals

Was war denn jetzt eigentlich das Problem?
Und was ist mit den 5 Bedrohungen die der ESET ONline Scanner gefunden hat, sind das gar keine?

Hier die FRST Datei

Code:

ATTFilter

Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:13-04-2016
durchgeführt von Evan (2016-04-17 13:14:30) Run:1
Gestartet von C:\Users\Evan\Desktop
Geladene Profile: Evan (Verfügbare Profile: Evan)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
start
CloseProcesses:
C:\Users\Evan\AppData\Local\Temp\DMR
EmptyTemp:
end
*****************

Prozess erfolgreich geschlossen.
C:\Users\Evan\AppData\Local\Temp\DMR => erfolgreich verschoben
EmptyTemp: => 5.7 GB temporäre Dateien entfernt.


Das System musste neu gestartet werden.

==== Ende von Fixlog 13:14:46 ====

M-K-D-B · 17.04.2016, 13:05

Zitat:

Zitat von Waffelprinz

Ich danke dir vielmals

Was war denn jetzt eigentlich das Problem?

Nur ein paar Adware-Reste, nichts Schlimmes.

Zitat:

Zitat von Waffelprinz

Und was ist mit den 5 Bedrohungen die der ESET ONline Scanner gefunden hat, sind das gar keine?

Die haben wir mit FRST vorhin gelöscht.

Ich bin froh, dass wir helfen konnten

In diesem Forum kannst du eine kurze Rückmeldung zur Bereinigung abgeben, sofern du das möchtest:
Lob, Kritik und Wünsche
Klicke dazu auf den Button "NEUES THEMA" und poste ein kleines Feedback. Vielen Dank!

Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke mir bitte eine PM.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen.