PC reagiert langsam

Betti05 · 01.09.2016, 12:00

Ich habe folgendes Problem: Seit einiger Zeit reagiert mein PC nicht mehr sofort auf das anklicken, erst nach mehrmaligen klicks z.B. auf Links oder um Seiten zu schließen. Teilweise reagiert der Rechner gar nicht und ich muss die seite neu laden..lt meinem Antivirusprogramm kein Vius, lt Avira PC cleaner : sauber...
Da ich schoneinmal malware hatte die ähnliches verursacht hat, bitte ich hier nochmals um Hilfe. Danke!

M-K-D-B · 01.09.2016, 13:22

Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.

Bitte beachte folgende Hinweise:

Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort als Administrator zu starten!
Einige Programme, die wir hier verwenden, können unter Umständen von deinem Antiviren- oder Anti-Malwareprogramm fälschlicherweise als Bedrohung eingestuft werden. Die Sicherheitsprogramme können aufgrund eines bestimmten Programmverhaltens nicht zwischen "gut" oder "böse" unterscheiden und schlagen Alarm. Dabei handelt es sich um Fehlalarme, welche du getrost ignorieren kannst. Gegebenenfalls musst du deine Sicherheitssoftware vor der Ausführung eines Programms deaktivieren, damit unsere Bereinigungsvorgänge nicht beeinträchtigt werden.

Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!

Zur ersten Analyse bitte FRST und TDSS-Killer ausführen:

Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Schritt 2
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Bitte poste mit deiner nächsten Antwort

die Logdatei von TDSS-Killer,
die beiden neuen Logdateien von FRST.

Betti05 · 01.09.2016, 16:47

Hallo Matthias, vielen Dank für deine Hilfe.

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:07-10-2015
durchgeführt von sephiroth (Administrator) auf BEBISPC (01-09-2016 17:36:28)
Gestartet von C:\Users\sephiroth\Downloads\Programme
Geladene Profile: sephiroth (Verfügbare Profile: UpdatusUser & bebi-admin & sephiroth & Administrator)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.9.829.0\McCSPServiceHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(McAfee, Inc.) C:\Program Files\McAfee\MAT\McPvTray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Windows\System32\igfxTray.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Intel Security) C:\Program Files\Common Files\McAfee\ClientAnalytics\McClientAnalytics.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13427784 2013-03-18] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1278024 2013-03-08] (Realtek Semiconductor)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [404376 2015-08-09] ()
HKLM\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe
HKLM\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508240 2015-08-05] (Adobe Systems Incorporated)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3010800 2013-01-17] (Synaptics Incorporated)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [131712 2013-01-25] (Atheros Communications)
HKU\S-1-5-21-3549694130-846552002-615965096-1003\...\Run: [Amazon Music] => C:\Users\sephiroth\AppData\Local\Amazon Music\Amazon Music Helper.exe [5908968 2016-06-16] ()
HKU\S-1-5-21-3549694130-846552002-615965096-1003\...\Run: [EA Core] => "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
HKU\S-1-5-21-3549694130-846552002-615965096-1003\...\MountPoints2: {f4ce8d04-4140-11e6-be8f-0c54a52bf2d6} - "F:\LG_PC_Programs.exe" 
HKU\S-1-5-21-3549694130-846552002-615965096-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [11776 2014-11-21] (Microsoft Corporation)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2016-01-12]
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{3FE8F490-0084-4F0C-A8B2-620DCF1468B7}: [DhcpNameServer] 127.0.0.1
Tcpip\..\Interfaces\{4C027189-88FD-454F-9CFF-83B06802C1E5}: [DhcpNameServer] 192.168.2.1 192.168.2.1

Internet Explorer:
==================
HKU\S-1-5-21-3549694130-846552002-615965096-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com/
HKU\S-1-5-21-3549694130-846552002-615965096-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
SearchScopes: HKU\S-1-5-21-3549694130-846552002-615965096-1003 -> DefaultScope {E3CCF32F-40FA-4881-B11C-190C32C35A22} URL = 
SearchScopes: HKU\S-1-5-21-3549694130-846552002-615965096-1003 -> {BE9DFE30-CB7C-4D6C-BF17-55F76FA62734} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=C011DE0D20151130&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3549694130-846552002-615965096-1003 -> {E3CCF32F-40FA-4881-B11C-190C32C35A22} URL = 
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2013-01-25] (Qualcomm Atheros Commnucations)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (Seiko Epson Corporation)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (Seiko Epson Corporation)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-07-29] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-07-29] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-07-29] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-07-29] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2016-07-07] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2016-07-07] (McAfee, Inc.)

FireFox:
========
FF ProfilePath: C:\Users\sephiroth\AppData\Roaming\Mozilla\Firefox\Profiles\qkgsve8j.default-1469175143505
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-12] ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2016-07-07] ()
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-08-06] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-12] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-01-23] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-01-23] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2016-07-07] ()
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-08-06] (Adobe Systems)
FF Extension: Adguard AdBlocker - C:\Users\sephiroth\AppData\Roaming\Mozilla\Firefox\Profiles\qkgsve8j.default-1469175143505\Extensions\adguardadblocker@adguard.com.xpi [2016-08-12]
FF Extension: Adblock Plus - C:\Users\sephiroth\AppData\Roaming\Mozilla\Firefox\Profiles\qkgsve8j.default-1469175143505\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-07-22]
FF Extension: Kein Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-08-28]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF Extension: Kein Name - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2016-08-03]
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: E-Web Print - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2016-02-13]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2016-07-15]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AdobeActiveFileMonitor12.0; C:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe [181152 2013-09-03] (Adobe Systems Incorporated)
S2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2159320 2016-08-22] (Adobe Systems, Incorporated)
S2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [227456 2013-01-25] (Qualcomm Atheros Commnucations) [Datei ist nicht signiert]
S2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-27] (Acer Incorporated)
S2 CLKMSVC10_96E434EB; C:\Program Files (x86)\Acer\clear.fi SDK21\Movie\NavFilter\kmsvc.exe [241776 2013-02-04] (CyberLink)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [470056 2013-04-30] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [662088 2013-03-15] (Acer Incorporated)
S2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
S2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [355232 2015-08-09] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [167736 2013-01-30] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [431656 2013-06-17] (Acer Incorporate)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [158952 2016-07-29] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [993824 2016-07-07] (McAfee, Inc.)
R2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.9.829.0\\McCSPServiceHost.exe [1910000 2016-05-31] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [816128 2016-06-21] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232688 2016-04-26] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [382456 2016-06-23] (McAfee, Inc.)
R3 mfevtp; C:\WINDOWS\system32\mfevtps.exe [277744 2016-04-26] (McAfee, Inc.)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1454216 2016-06-17] (McAfee, Inc.)
S3 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1045336 2016-05-25] (Intel Security, Inc.)
S2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1572056 2015-12-01] (Secunia)
S2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [839384 2015-12-01] (Secunia)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-12-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-12-10] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-01-25] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-11-21] (Microsoft Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [78632 2016-04-27] (McAfee, Inc.)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [207968 2016-02-24] (McAfee, Inc.)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-01-10] (Acer Incorporated)
R2 McPvDrv; C:\Windows\system32\drivers\McPvDrv.sys [79192 2016-04-20] (McAfee, Inc.)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [419616 2016-04-27] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [349480 2016-04-27] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [83608 2016-04-27] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [493352 2016-04-27] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [843048 2016-04-27] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [519976 2016-04-27] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [100136 2016-04-27] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [46240 2016-06-06] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [243488 2016-04-27] (McAfee, Inc.)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2015-12-01] (Secunia)
R0 PxHlpa64; C:\Windows\System32\drivers\PxHlpa64.sys [56336 2013-07-19] (Corel Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [15704 2013-01-10] (Acer Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2013-01-17] (Synaptics Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-12-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-12-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-12-10] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-09-01 13:08 - 2016-09-01 13:08 - 00000681 _____ C:\Users\sephiroth\Desktop\JRT.txt
2016-08-31 22:12 - 2016-08-31 22:12 - 00004020 _____ C:\WINDOWS\System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse
2016-08-30 17:15 - 2016-08-30 17:20 - 86137158 _____ C:\Users\sephiroth\Downloads\Dunkelkammer020.zip
2016-08-28 16:04 - 2016-08-28 19:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-08-22 21:17 - 2016-08-22 21:17 - 00000224 _____ C:\Users\sephiroth\Desktop\bundeskleingartengesetz.txt
2016-08-16 11:49 - 2016-08-16 11:50 - 55412736 _____ C:\Users\sephiroth\Downloads\FontPack1500720033_XtdAlf_Lang_DC.msi
2016-08-16 10:27 - 2016-08-17 20:55 - 00000000 ____D C:\ProgramData\Skype
2016-08-16 10:27 - 2016-08-17 20:54 - 00000000 ____D C:\Users\sephiroth\AppData\Roaming\Skype
2016-08-16 10:27 - 2016-08-16 10:27 - 00000000 ____D C:\Users\sephiroth\AppData\Local\Skype
2016-08-16 10:27 - 2016-08-16 10:27 - 00000000 ____D C:\Program Files\Common Files\Atheros
2016-08-16 10:27 - 2015-01-06 05:01 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2016-08-16 10:27 - 2015-01-06 04:59 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2016-08-16 10:27 - 2015-01-06 03:12 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascfg.dll
2016-08-16 10:27 - 2015-01-06 03:02 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rascfg.dll
2016-08-16 10:26 - 2015-12-16 19:11 - 01200128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2016-08-16 10:26 - 2015-12-16 18:51 - 00868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2016-08-16 10:26 - 2015-06-10 00:39 - 00081920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-08-16 10:26 - 2015-06-10 00:39 - 00053248 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2016-08-16 10:26 - 2015-06-10 00:38 - 01201664 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-08-15 21:12 - 2016-08-15 21:12 - 06647784 _____ (Tim Kosse) C:\Users\sephiroth\Downloads\FileZilla_3.20.1_win64-setup.exe
2016-08-13 07:19 - 2016-08-13 07:19 - 00017683 _____ C:\Users\sephiroth\Downloads\Fw_ Bestätigung Ihrer Zahlung an Hamee US CORP.html
2016-08-13 07:19 - 2016-08-13 07:19 - 00006873 _____ C:\Users\sephiroth\Downloads\Fw_ [Hamee Strapya World] Shipping Confirmation E-mail Order#W-293201.html
2016-08-12 13:18 - 2016-08-12 13:18 - 00001562 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
2016-08-12 13:18 - 2016-08-12 13:18 - 00001550 _____ C:\Users\Public\Desktop\Adobe Application Manager.lnk
2016-08-12 13:18 - 2016-08-12 13:18 - 00000000 ____D C:\Users\sephiroth\AppData\Roaming\No Company Name
2016-08-10 15:38 - 2016-06-18 22:06 - 00590688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2016-08-10 15:38 - 2016-06-18 22:06 - 00072408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2016-08-10 15:38 - 2016-06-11 21:52 - 00379232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-08-10 15:38 - 2016-06-11 21:52 - 00057184 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2016-08-10 15:38 - 2016-06-11 20:05 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpresult.exe
2016-08-10 15:38 - 2016-06-11 19:14 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpresult.exe
2016-08-10 15:38 - 2016-06-11 18:50 - 00987136 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-08-10 15:38 - 2016-06-11 18:46 - 00482304 _____ (Microsoft Corporation) C:\WINDOWS\system32\tpmvsc.dll
2016-08-10 15:38 - 2016-06-11 18:44 - 00509440 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2016-08-10 15:38 - 2016-06-11 18:37 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-08-10 15:38 - 2016-06-11 18:24 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-08-10 15:38 - 2016-06-11 18:20 - 00413184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2016-08-10 15:38 - 2016-06-11 18:16 - 00626176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-08-10 15:38 - 2016-06-11 05:44 - 00107984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2016-08-10 15:38 - 2016-06-11 05:44 - 00091416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2016-08-10 15:38 - 2016-06-10 22:07 - 03820544 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2016-08-10 15:38 - 2016-06-10 22:03 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-08-10 15:38 - 2016-06-10 21:04 - 03547136 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-08-10 15:38 - 2016-06-10 20:11 - 06521800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-08-10 15:38 - 2016-06-10 20:11 - 01487992 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-08-10 15:38 - 2016-06-10 20:11 - 00261376 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-08-10 15:38 - 2016-06-10 20:11 - 00125024 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptxml.dll
2016-08-10 15:38 - 2016-06-10 20:10 - 00099136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptxml.dll
2016-08-10 15:38 - 2016-06-10 20:07 - 03273728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2016-08-10 15:38 - 2016-06-10 20:04 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-08-10 15:38 - 2016-06-09 21:32 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2016-08-10 15:38 - 2016-06-09 20:18 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2016-08-10 15:38 - 2016-06-07 20:10 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\hbaapi.dll
2016-08-10 15:38 - 2016-06-07 19:13 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hbaapi.dll
2016-08-10 15:38 - 2016-06-04 02:38 - 01613528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2016-08-10 15:38 - 2016-06-04 02:37 - 01970968 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2016-08-10 15:38 - 2016-05-29 09:08 - 22361344 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-08-10 15:38 - 2016-05-28 20:31 - 19788688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-08-10 15:38 - 2016-05-18 23:54 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\certenc.dll
2016-08-10 15:38 - 2016-05-18 23:15 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certenc.dll
2016-08-10 15:38 - 2016-05-18 22:56 - 01291776 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe
2016-08-10 15:38 - 2016-05-18 22:33 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe
2016-08-10 15:38 - 2016-05-18 22:28 - 02635264 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-08-10 15:38 - 2016-05-18 22:16 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-08-10 15:38 - 2016-05-14 22:26 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-08-10 15:38 - 2016-05-14 07:19 - 01134768 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-08-10 15:38 - 2016-05-14 01:08 - 00111616 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-08-10 15:38 - 2016-05-14 01:08 - 00032768 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2016-08-10 15:38 - 2016-05-14 01:08 - 00032512 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2016-08-10 15:38 - 2016-05-14 00:24 - 00862720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-08-10 15:38 - 2016-05-13 23:42 - 03667968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-08-10 15:38 - 2016-05-13 23:30 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2016-08-10 15:38 - 2016-05-13 23:29 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2016-08-10 15:38 - 2016-05-13 23:27 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2016-08-10 15:38 - 2016-05-13 23:27 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2016-08-10 15:38 - 2016-05-13 23:26 - 02230784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2016-08-10 15:38 - 2016-05-13 23:26 - 00897024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-08-10 15:38 - 2016-05-13 23:18 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2016-08-10 15:38 - 2016-05-13 23:18 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2016-08-10 15:38 - 2016-05-13 23:16 - 00727040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-08-10 15:38 - 2016-05-13 23:16 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2016-08-10 15:38 - 2016-05-12 20:36 - 00034600 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserAccountBroker.exe
2016-08-10 15:38 - 2016-05-12 19:39 - 00030984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserAccountBroker.exe
2016-08-10 15:38 - 2016-05-06 23:59 - 00331608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2016-08-10 15:38 - 2016-05-06 19:13 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-08-10 15:38 - 2016-05-05 20:28 - 01661072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-08-10 15:38 - 2016-05-05 19:39 - 01212256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-08-10 15:38 - 2016-05-05 19:18 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
2016-08-10 15:38 - 2016-05-05 19:02 - 03320832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-08-10 15:38 - 2016-05-05 18:37 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe
2016-08-10 15:38 - 2016-05-05 18:34 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-08-10 15:38 - 2016-05-05 18:29 - 03607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-08-10 15:38 - 2016-05-05 17:28 - 02778624 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-08-10 15:38 - 2016-05-05 17:16 - 02464768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-08-10 15:38 - 2016-04-16 15:56 - 01080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-08-10 15:38 - 2016-04-10 07:35 - 00551256 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2016-08-10 15:38 - 2016-04-10 00:15 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2016-08-10 15:38 - 2016-04-10 00:14 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Geolocation.dll
2016-08-10 15:38 - 2016-04-10 00:10 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2016-08-10 15:38 - 2016-04-10 00:09 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2016-08-10 15:38 - 2016-04-10 00:02 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2016-08-10 15:38 - 2016-04-09 23:59 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Geolocation.dll
2016-08-10 15:38 - 2016-04-09 23:59 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll
2016-08-10 15:38 - 2016-04-09 23:56 - 00543232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2016-08-10 15:38 - 2016-04-09 23:55 - 00881152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-08-10 15:38 - 2016-04-09 23:52 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2016-08-10 15:38 - 2016-04-07 18:06 - 00927744 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2016-08-10 15:38 - 2016-04-06 23:21 - 00114528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mup.sys
2016-08-10 15:38 - 2016-04-06 20:20 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-08-10 15:38 - 2016-04-06 20:17 - 18825216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-08-10 15:38 - 2016-04-06 18:25 - 15158272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-08-10 15:38 - 2016-04-06 00:37 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiswan.sys
2016-08-10 15:38 - 2016-04-02 15:58 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-08-10 15:38 - 2016-04-01 19:40 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2016-08-10 15:38 - 2016-04-01 18:53 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-08-10 15:38 - 2016-04-01 18:50 - 00737280 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-08-10 15:38 - 2016-02-04 18:57 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxp.dll
2016-08-10 15:38 - 2016-02-04 18:49 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2016-08-10 15:38 - 2016-02-04 18:39 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2016-08-10 15:35 - 2016-08-02 08:54 - 25808384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-08-10 15:35 - 2016-08-02 08:32 - 02894336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-08-10 15:35 - 2016-08-02 08:31 - 00572416 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-08-10 15:35 - 2016-08-02 08:20 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2016-08-10 15:35 - 2016-08-02 08:18 - 06047744 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-08-10 15:35 - 2016-08-02 08:18 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-08-10 15:35 - 2016-08-02 07:55 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-08-10 15:35 - 2016-08-02 07:54 - 20343808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-08-10 15:35 - 2016-08-02 07:51 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-08-10 15:35 - 2016-08-02 07:47 - 02286592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-08-10 15:35 - 2016-08-02 07:46 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-08-10 15:35 - 2016-08-02 07:41 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-08-10 15:35 - 2016-08-02 07:40 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2016-08-10 15:35 - 2016-08-02 07:39 - 00378880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-08-10 15:35 - 2016-08-02 07:38 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-08-10 15:35 - 2016-08-02 07:38 - 00724992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-08-10 15:35 - 2016-08-02 07:36 - 02131456 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-08-10 15:35 - 2016-08-02 07:28 - 15412224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-08-10 15:35 - 2016-08-02 07:23 - 02868224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-08-10 15:35 - 2016-08-02 07:21 - 04608000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-08-10 15:35 - 2016-08-02 07:20 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-08-10 15:35 - 2016-08-02 07:15 - 00692736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-08-10 15:35 - 2016-08-02 07:15 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-08-10 15:35 - 2016-08-02 07:14 - 02055680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-08-10 15:35 - 2016-08-02 07:11 - 13808128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-08-10 15:35 - 2016-08-02 07:10 - 01550848 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-08-10 15:35 - 2016-08-02 06:59 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-08-10 15:35 - 2016-08-02 06:56 - 02393088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-08-10 15:35 - 2016-08-02 06:53 - 01316352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-08-10 15:35 - 2016-08-02 06:51 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-08-10 15:35 - 2016-07-08 16:32 - 01753600 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-08-10 15:35 - 2016-07-08 16:25 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-08-10 15:35 - 2016-07-08 16:18 - 04169216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-08-10 15:35 - 2016-07-06 16:26 - 07793152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-08-10 15:35 - 2016-07-06 16:26 - 07075328 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2016-08-10 15:35 - 2016-07-06 16:23 - 05270016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll
2016-08-10 15:35 - 2016-07-06 16:21 - 05265920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-08-10 15:34 - 2016-07-09 02:09 - 00442712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-08-10 15:34 - 2016-07-09 02:08 - 00332632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-08-10 15:34 - 2016-07-08 16:19 - 00840704 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2016-08-10 15:34 - 2016-07-08 16:17 - 00696832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2016-08-10 15:33 - 2016-07-12 16:08 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-08-10 15:33 - 2016-07-08 16:22 - 01445376 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-08-10 15:33 - 2016-07-08 00:33 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-08-10 15:33 - 2016-07-07 23:53 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2016-08-10 15:33 - 2016-07-07 22:06 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2016-08-10 15:33 - 2016-05-19 01:18 - 00563024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-08-10 15:33 - 2016-05-19 01:18 - 00397232 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2016-08-10 15:33 - 2016-05-19 01:16 - 00178016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-08-10 15:33 - 2016-05-19 00:28 - 00340880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2016-08-09 21:36 - 2016-08-09 21:36 - 00001134 _____ C:\Users\sephiroth\Desktop\glasslinewarmglass.txt
2016-08-08 14:48 - 2016-08-09 12:17 - 00002452 _____ C:\Users\sephiroth\Desktop\merkzettelwarmglass.txt

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-09-01 17:36 - 2015-10-02 12:20 - 00000000 ____D C:\FRST
2016-09-01 17:36 - 2015-04-15 07:57 - 00000000 ____D C:\Users\sephiroth\Downloads\Programme
2016-09-01 17:28 - 2015-12-02 20:52 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-09-01 17:20 - 2015-12-10 10:07 - 01718569 _____ C:\WINDOWS\WindowsUpdate.log
2016-09-01 17:04 - 2016-07-29 10:59 - 00001134 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d1e97786bc8a9e.job
2016-09-01 17:04 - 2016-03-28 14:44 - 00001134 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-09-01 17:02 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2016-09-01 16:55 - 2016-01-16 20:10 - 00000000 ____D C:\Users\sephiroth\AppData\Roaming\vlc
2016-09-01 16:54 - 2015-12-10 12:54 - 00000935 _____ C:\WINDOWS\Tasks\EPSON XP-610 Series Update {2591B939-2580-48C9-973A-8EB6BD165040}.job
2016-09-01 16:54 - 2015-12-10 12:54 - 00000749 _____ C:\WINDOWS\Tasks\EPSON XP-610 Series Invitation {2591B939-2580-48C9-973A-8EB6BD165040}.job
2016-09-01 16:54 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2016-09-01 16:45 - 2015-12-05 23:45 - 00000935 _____ C:\WINDOWS\Tasks\EPSON XP-610 Series Update {F89D404C-FE94-442F-97C1-15EF2FFD76DC}.job
2016-09-01 16:45 - 2015-12-05 23:45 - 00000749 _____ C:\WINDOWS\Tasks\EPSON XP-610 Series Invitation {F89D404C-FE94-442F-97C1-15EF2FFD76DC}.job
2016-09-01 16:19 - 2016-01-28 19:42 - 00003942 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B4F37A35-1FFD-4015-AA48-A7C1CA8833EE}
2016-09-01 14:58 - 2015-11-30 22:26 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3549694130-846552002-615965096-1003
2016-09-01 14:26 - 2016-07-15 16:58 - 00000000 __RSD C:\Users\sephiroth\Documents\McAfee-Tresore
2016-09-01 14:26 - 2016-03-28 14:44 - 00001130 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-09-01 12:07 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-09-01 09:57 - 2015-11-30 22:12 - 00000000 ____D C:\Users\sephiroth\AppData\Local\Adobe
2016-08-31 19:57 - 2016-07-16 17:53 - 00000000 ____D C:\Users\sephiroth\AppData\Roaming\dvdcss
2016-08-31 19:57 - 2015-04-09 18:50 - 00000000 ____D C:\Users\sephiroth\.dvdcss
2016-08-30 18:58 - 2015-12-03 19:54 - 00000000 ____D C:\Users\sephiroth\AppData\Local\CrashDumps
2016-08-29 09:30 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2016-08-28 19:11 - 2015-11-30 22:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-08-28 15:08 - 2016-07-15 16:57 - 00000000 ____D C:\Program Files (x86)\McAfee
2016-08-18 18:58 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2016-08-18 11:28 - 2015-12-10 10:10 - 00000000 ____D C:\Users\sephiroth
2016-08-18 10:35 - 2014-11-21 05:35 - 01776918 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-08-18 10:35 - 2014-11-21 04:45 - 00765582 _____ C:\WINDOWS\system32\perfh007.dat
2016-08-18 10:35 - 2014-11-21 04:45 - 00159366 _____ C:\WINDOWS\system32\perfc007.dat
2016-08-18 10:30 - 2014-11-20 20:24 - 00032012 _____ C:\WINDOWS\PFRO.log
2016-08-18 10:30 - 2013-08-22 16:46 - 00423069 _____ C:\WINDOWS\setupact.log
2016-08-18 10:30 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-08-18 10:30 - 2013-08-22 16:44 - 00412672 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-08-18 10:30 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-08-17 21:02 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-08-16 10:27 - 2014-11-21 05:13 - 00000000 ____D C:\WINDOWS\ShellNew
2016-08-16 10:27 - 2013-11-29 10:55 - 00000000 ____D C:\Program Files (x86)\Bluetooth Suite
2016-08-16 10:27 - 2013-08-22 17:36 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2016-08-16 10:27 - 2013-08-22 16:46 - 00000262 _____ C:\WINDOWS\setuperr.log
2016-08-15 21:20 - 2015-11-30 21:56 - 00000000 ____D C:\Users\sephiroth\AppData\Roaming\FileZilla
2016-08-15 21:12 - 2015-11-30 21:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2016-08-15 21:12 - 2015-11-30 21:56 - 00000000 ____D C:\Program Files\FileZilla FTP Client
2016-08-12 19:03 - 2015-12-09 13:33 - 00001456 _____ C:\Users\sephiroth\AppData\Local\Adobe Für Web speichern 12.0 Prefs
2016-08-12 13:18 - 2015-11-30 22:18 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-08-10 21:04 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2016-08-10 20:11 - 2015-12-01 21:10 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-08-10 20:09 - 2015-12-01 21:10 - 147640136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-08-10 20:09 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2016-08-10 15:43 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-08-04 19:20 - 2015-11-30 22:46 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-08-03 17:06 - 2016-04-30 19:22 - 00000000 ____D C:\Users\sephiroth\AppData\Roaming\bluray

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-03-01 13:27 - 2016-05-12 14:50 - 0000132 _____ () C:\Users\sephiroth\AppData\Roaming\Adobe CS5-Voreinstellungen für PNG-Format
2015-12-09 13:33 - 2016-08-12 19:03 - 0001456 _____ () C:\Users\sephiroth\AppData\Local\Adobe Für Web speichern 12.0 Prefs
2016-05-19 14:41 - 2016-05-19 14:41 - 0004610 _____ () C:\Users\sephiroth\AppData\Local\recently-used.xbel
2013-11-29 10:58 - 2013-11-29 10:58 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
C:\Users\sephiroth\AppData\Local\Temp\COMAP.EXE
C:\Users\sephiroth\AppData\Local\Temp\EAD195C.exe
C:\Users\sephiroth\AppData\Local\Temp\EAD3BC7.exe
C:\Users\sephiroth\AppData\Local\Temp\EAD495B.exe
C:\Users\sephiroth\AppData\Local\Temp\EADA554.exe
C:\Users\sephiroth\AppData\Local\Temp\libeay32.dll
C:\Users\sephiroth\AppData\Local\Temp\McCSPInstall.dll
C:\Users\sephiroth\AppData\Local\Temp\msvcr120.dll
C:\Users\sephiroth\AppData\Local\Temp\sqlite3.dll
C:\Users\sephiroth\AppData\Local\Temp\UninstallEADM.dll
C:\Users\sephiroth\AppData\Local\Temp\vlc-2.2.4-win32.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-08-29 14:49

==================== Ende von FRST.txt ============================

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:07-10-2015
durchgeführt von sephiroth (2016-09-01 17:36:59)
Gestartet von C:\Users\sephiroth\Downloads\Programme
Windows 8.1 (X64) (2015-12-10 08:29:17)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3549694130-846552002-615965096-500 - Administrator - Disabled) => C:\Users\Administrator
bebi-admin (S-1-5-21-3549694130-846552002-615965096-1002 - Administrator - Enabled) => C:\Users\bebi-admin
Gast (S-1-5-21-3549694130-846552002-615965096-501 - Limited - Disabled)
sephiroth (S-1-5-21-3549694130-846552002-615965096-1003 - Administrator - Enabled) => C:\Users\sephiroth
UpdatusUser (S-1-5-21-3549694130-846552002-615965096-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Acer Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3013 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.3005 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3013 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3016 - Acer Incorporated)
Acer USB Charge Manager (HKLM\...\{07E867C5-0C48-40FF-A013-DDAF4565AD47}) (Version: 2.00.3004 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.01.2008 - Acer Incorporated)
AcerCloud Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.02.2022 - Acer Incorporated)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Photoshop Elements 12 (HKLM-x32\...\Adobe Photoshop Elements 12) (Version: 12.1.0.0 - Adobe Systems Incorporated)
Amazon Music (HKU\S-1-5-21-3549694130-846552002-615965096-1003\...\Amazon Amazon Music) (Version: 4.3.2.1367 - Amazon Services LLC)
clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.02.2012 - Acer Incorporated)
clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.02.2016 - Acer Incorporated)
clear.fi SDK - Video 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
clear.fi SDK- Movie 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 - Electronic Arts)
Die Sims™ 3 Reiseabenteuer (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts)
Die Sims™ 3 Showtime (HKLM-x32\...\{3BBFD444-5FAB-49F6-98B1-A1954E831399}) (Version: 12.0.273 - Electronic Arts)
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
Elements 12 Organizer (x32 Version: 12.0 - Ihr Firmenname) Hidden
Epson Easy Photo Print 2 (HKLM-x32\...\{07AA1C7F-E8CA-4FDC-B975-BC9EBC22B6DE}) (Version: 2.7.0.0 - SEIKO EPSON CORPORATION)
Epson E-Web Print (HKLM-x32\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION)
Epson Print CD (HKLM-x32\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.42.00 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON XP-610 Series Printer Uninstall (HKLM\...\EPSON XP-610 Series) (Version:  - SEIKO EPSON Corporation)
Extended Asian Language font pack for Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-2530-0000-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
FileZilla Client 3.20.1 (HKLM-x32\...\FileZilla Client) (Version: 3.20.1 - Tim Kosse)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
GIMP 2.8.16 (HKLM\...\GIMP-2_is1) (Version: 2.8.16 - The GIMP Team)
Google Update Helper (x32 Version: 1.3.25.3 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3006 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1310 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4264 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.0.1083 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Leawo Blu-ray Player Version  1.9.3.5 (HKLM-x32\...\{CF7F52BF-DEE0-44CD-A7E1-AADD5CCECCDD}_is1) (Version: 1.9.3.5 - Leawo Software)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3010 - Acer Incorporated)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.262 - McAfee, Inc.)
McAfee® Total Protection (HKLM-x32\...\MSC) (Version: 15.0.166 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 48.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 48.0.1 (x86 de)) (Version: 48.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0.1.6073 - Mozilla)
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{4CA8F973-6377-4ABF-9ED5-CC2323B3C000}) (Version: 12.5.00500 - Nero AG)
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google)
NVIDIA Grafiktreiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2008 - Acer)
Origin (HKLM-x32\...\Origin) (Version: 8.4.1.210 - Electronic Arts, Inc.)
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
PSE12 STI Installer (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.220 - Qualcomm Atheros Communications)
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.39 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6865 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C9661090-C134-46E8-90B2-76D72355C2A6}) (Version: 6.2.9200.28140 - Realtek Semiconductor Corp.)
Scrapbook MAX! 2.0 (HKLM-x32\...\Scrapbook MAX! 2.0) (Version: 2.0.6.1 - Indigo Rose Corporation)
Secunia PSI (3.0.0.11003) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.11003 - Secunia)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Software Updater (HKLM-x32\...\{8DBC5A0A-31C4-46C7-B252-6B593EA11A87}) (Version: 4.3.7 - SEIKO EPSON CORPORATION)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.3.4.5 - Synaptics Incorporated)
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WOW Slider (HKLM-x32\...\WOW Slider_is1) (Version:  - )

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3549694130-846552002-615965096-1003_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)

==================== Wiederherstellungspunkte =========================

17-08-2016 20:54:52 Removed Skype™ 7.3
20-08-2016 21:11:01 Windows Update
28-08-2016 15:00:35 Windows Update
31-08-2016 22:20:24 Windows Update

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0242D6EA-EA92-4C22-97E4-709AE43C60D4} - System32\Tasks\Dolby Selector => C:\Dolby PCEE4\pcee4.exe [2012-08-31] (Dolby Laboratories Inc.)
Task: {0469D31E-8959-4086-A6A9-A4C52443CD75} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-28] (Google Inc.)
Task: {0DA72A44-77D8-43D5-B0F3-D2B37A138859} - System32\Tasks\EPSON XP-610 Series Invitation {F89D404C-FE94-442F-97C1-15EF2FFD76DC} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {0F5F4B52-DF52-4D82-95AE-AFF007C65F5E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-28] (Google Inc.)
Task: {23BC35FB-6C7C-488A-AB2C-2942B80871C7} - System32\Tasks\EPSON XP-610 Series Invitation {2591B939-2580-48C9-973A-8EB6BD165040} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {2F20F5E3-A6BD-47EE-AC39-84A47810D5BC} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {3D16C00E-D508-4783-BFC6-FBFA4536F6CA} - System32\Tasks\Microsoft\Windows\Setup\gwx\rundetector => C:\Windows\system32\GWX\GWXDetector.exe [2016-07-10] (Microsoft Corporation)
Task: {510D8537-1480-4525-87E8-2B40B251B089} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [2016-07-07] (McAfee, Inc.)
Task: {53C5B87A-52CD-4AC8-A6AD-0E8A04310820} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2016-07-13] (Microsoft Corporation)
Task: {548ACE6E-AE7B-4632-A2CD-7FD103EBA247} - System32\Tasks\AdobeAAMUpdater-1.0-bebispc-sephiroth => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-08-05] (Adobe Systems Incorporated)
Task: {583BCD67-ED6A-47CE-86DA-A1C82F5DA2B9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated)
Task: {6BBF31EE-7B2F-4590-9195-68EFCD6C03C2} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2016-07-13] (Microsoft Corporation)
Task: {84616CED-3D67-49DE-BB2E-B25996F0E368} - System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\54.0\mcdatrep.exe [2016-01-27] (McAfee, Inc.)
Task: {8F2B5D50-FC49-4F37-99F2-E4CA803398A2} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {99F2BF4B-4187-47DE-A890-4050E99043E3} - System32\Tasks\EPSON XP-610 Series Update {2591B939-2580-48C9-973A-8EB6BD165040} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {A9B56390-E417-4227-B328-BBABE8A02004} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-08-10] (Microsoft Corporation)
Task: {B7C63CCC-F16F-48E0-9F47-53EFAF5643F2} - System32\Tasks\EPSON XP-610 Series Update {F89D404C-FE94-442F-97C1-15EF2FFD76DC} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {C00539EC-82DE-4880-9BA4-10EE7AC793CF} - System32\Tasks\GoogleUpdateTaskMachineUA1d1e97786bc8a9e => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-28] (Google Inc.)
Task: {C15A46E3-2104-4D81-91CB-A227F8D48A44} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {D16B063E-6B69-4369-BC40-2FD5AA69CA6A} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2013-06-17] (Acer Incorporate)
Task: {DB853280-0E26-47E2-BFD5-AFBF8D4EAB50} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe %windir%\system32\invagent.dll,RunUpdate
Task: {E0016269-49ED-4B59-9C2E-237CEE23361A} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-03-13] ()
Task: {FC5E2EAA-149A-445B-AFEE-F582A75F1A73} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-03-15] (Acer Incorporated)
Task: {FF327DEC-4945-4B04-A44A-3C8B2A30351B} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-12] (Adobe Systems Incorporated)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\EPSON XP-610 Series Invitation {2591B939-2580-48C9-973A-8EB6BD165040}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-610 Series Invitation {F89D404C-FE94-442F-97C1-15EF2FFD76DC}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-610 Series Update {2591B939-2580-48C9-973A-8EB6BD165040}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE:/EXE:{2591B939-2580-48C9-973A-8EB6BD165040} /F:UpdateWORKGROUP\BEBISPC$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON XP-610 Series Update {F89D404C-FE94-442F-97C1-15EF2FFD76DC}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE:/EXE:{F89D404C-FE94-442F-97C1-15EF2FFD76DC} /F:UpdateWORKGROUP\BEBISPC$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d1e97786bc8a9e.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2013-09-05 03:36 - 2013-09-05 03:36 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2013-11-29 11:08 - 2013-02-20 23:58 - 00111176 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2016-08-03 17:45 - 2016-08-03 17:45 - 00052400 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2013-01-25 01:09 - 2013-01-25 01:09 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-01-25 01:05 - 2013-01-25 01:05 - 00084992 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2013-01-25 01:12 - 2013-01-25 01:12 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2015-08-09 05:50 - 2015-08-09 05:50 - 00404376 _____ () C:\Windows\System32\igfxTray.exe
2013-11-29 10:50 - 2013-01-23 09:57 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\bebi-admin\Downloads\Firefox Setup Stub 35.0.exe:BDU
AlternateDataStreams: C:\Users\bebi-admin\Downloads\mbam-setup-2.0.4.1028.exe:BDU
AlternateDataStreams: C:\Users\bebi-admin\Downloads\vlc-2.1.5-win32.exe:BDU
AlternateDataStreams: C:\Users\sephiroth\Downloads\epson377464eu.exe:BDU
AlternateDataStreams: C:\Users\sephiroth\Downloads\epson379560eu.exe:BDU
AlternateDataStreams: C:\Users\sephiroth\Downloads\epson379671eu.exe:BDU

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3549694130-846552002-615965096-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\sephiroth\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\StartupFolder: => "Secunia PSI Tray.lnk"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKU\S-1-5-21-3549694130-846552002-615965096-1003\...\StartupApproved\Run: => "Amazon Music"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{751471A7-177E-4833-8B4F-0612DD0993C5}] => (Allow) LPort=1900
FirewallRules: [{5E65C5EA-E9D4-413E-8281-F1D73DBCF86D}] => (Allow) LPort=2869
FirewallRules: [{5F214C8A-A160-4B1A-889A-DBA43EB3A448}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{CC1F8DAC-215C-4902-8CFA-0895DE1FE657}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4E6B597E-A903-4764-A688-A6E6FBFF86AC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C0249DE3-C92F-41F9-97CF-FF8CCAD0DC8D}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\virtualdrive.exe
FirewallRules: [{F3EE67CC-B707-4BA0-ADA7-6D7FADEC8B47}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\virtualdrive.exe
FirewallRules: [{FDFBBDBA-767A-47DC-B5D1-B8D90375775B}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\Sdd.exe
FirewallRules: [{15BEEE06-917E-4CF0-86A6-BEDA2B849AE2}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\Sdd.exe
FirewallRules: [{4BF83CE8-F2C2-4007-B640-0AF7CBFD8DB0}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{3396864B-F3EE-4873-AF6D-74E0205F83DD}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{358D0982-D9C4-485A-8329-CFB71D2BE8A0}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{AAB31E5E-34B4-4F25-B233-A09E5EFAB7B4}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{8D119F86-3EFC-4CAB-B82F-ACEE343C5A6D}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{51A4ACB9-E4ED-40A6-8A6F-D37793388BA8}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{98A2DACE-B05D-476D-8C4A-51A3A26FFC0E}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Movie\PlayMovie.exe
FirewallRules: [{446EFD01-5A4E-4C02-B58E-307FD6C64DE3}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Video\MusicPlayer.exe
FirewallRules: [{6C778DC2-86E2-4080-98F1-E5B54C1A6DAA}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Video\VideoPlayer.exe
FirewallRules: [{346123E9-3BE3-4599-B6E6-BA51E29DD636}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{84473C5C-02EC-4FD0-8F94-B44334348049}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{B617AB0A-1E03-4AB7-8131-4470C803EA05}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{23D241DF-C9BA-49A6-84F6-47A6472D8C16}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{C494BE99-384C-41AD-8E80-81C016762D7C}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{9422DAB6-0692-4D5D-9FCE-28C155A68F74}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{83B56B15-DE7E-4E80-A7EE-789D9DCDEBF8}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{9636C431-1CBE-4427-B9F1-6D80040BD530}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{04F29660-4613-456B-B3F0-5A4732C186F7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{0C734922-2F5C-415D-9E1F-3E3423CA2EBF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{A1BB9B59-879B-4EEE-98CE-F9F8216228A2}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{7DA8A1D5-94A4-4BF0-9A11-07CFB414DB9A}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{C448AD7A-4408-457A-8032-7206CE94AE3C}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{C4E573EA-577C-48C0-9946-6E64D99F7E1D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6A1CD657-819F-4B0E-83BD-70663FF0DE97}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Bluetooth USB Module
Description: Bluetooth USB Module
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Qualcomm Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (09/01/2016 12:34:34 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (08/30/2016 06:58:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Leawo Blu-ray Player.exe, Version: 1.9.3.5, Zeitstempel: 0x577c681e
Name des fehlerhaften Moduls: Leawo Blu-ray Player.exe, Version: 1.9.3.5, Zeitstempel: 0x577c681e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x003a8b8d
ID des fehlerhaften Prozesses: 0x1394
Startzeit der fehlerhaften Anwendung: 0xLeawo Blu-ray Player.exe0
Pfad der fehlerhaften Anwendung: Leawo Blu-ray Player.exe1
Pfad des fehlerhaften Moduls: Leawo Blu-ray Player.exe2
Berichtskennung: Leawo Blu-ray Player.exe3
Vollständiger Name des fehlerhaften Pakets: Leawo Blu-ray Player.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Leawo Blu-ray Player.exe5

Error: (08/19/2016 09:54:53 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Explorer.EXE, Version 6.3.9600.18231 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 18ec

Startzeit: 01d1f9ee95d1b8a2

Endzeit: 0

Anwendungspfad: C:\WINDOWS\Explorer.EXE

Berichts-ID: 302a5dc7-65e2-11e6-be95-0c54a52bf2d6

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (08/18/2016 11:01:57 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "\\?\Volume{b8956608-c437-4be3-9348-6eeafc9579ef}\" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)

Error: (08/18/2016 11:01:57 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "Recovery" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)

Error: (08/15/2016 09:10:11 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (08/15/2016 03:36:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: updater.exe, Version: 2.0.3010.0, Zeitstempel: 0x513fcd49
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.18340, Zeitstempel: 0x57366075
Ausnahmecode: 0xe0434352
Fehleroffset: 0x0000000000008a5c
ID des fehlerhaften Prozesses: 0xe28
Startzeit der fehlerhaften Anwendung: 0xupdater.exe0
Pfad der fehlerhaften Anwendung: updater.exe1
Pfad des fehlerhaften Moduls: updater.exe2
Berichtskennung: updater.exe3
Vollständiger Name des fehlerhaften Pakets: updater.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: updater.exe5

Error: (08/15/2016 03:36:28 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: updater.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.Xml.XmlException
Stapel:
   bei System.Xml.XmlTextReaderImpl.ThrowWithoutLineInfo(System.String)
   bei System.Xml.XmlTextReaderImpl.ParseDocumentContent()
   bei System.Xml.XmlLoader.Load(System.Xml.XmlDocument, System.Xml.XmlReader, Boolean)
   bei System.Xml.XmlDocument.Load(System.Xml.XmlReader)
   bei System.Xml.XmlDocument.Load(System.String)
   bei updater.Report.AddFPToResult(updater.Result)
   bei updater.UpgradeItem.DiagnosticDownloadEvent(NotifyMgrArgs)
   bei updater.DownloadMgr.DownloadFile(System.String, System.String)
   bei updater.DownloadMgr.Worker(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   bei System.Threading.ThreadPoolWorkQueue.Dispatch()

Error: (08/11/2016 05:51:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 48.0.0.6051, Zeitstempel: 0x5797a45d
Name des fehlerhaften Moduls: mozglue.dll, Version: 48.0.0.6051, Zeitstempel: 0x5797951c
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000f035
ID des fehlerhaften Prozesses: 0x1350
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5

Error: (08/10/2016 10:00:34 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "\\?\Volume{b8956608-c437-4be3-9348-6eeafc9579ef}\" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)


Systemfehler:
=============
Error: (09/01/2016 05:20:29 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070103 fehlgeschlagen: Intel Corporation driver update for Intel(R) HD Graphics 4600

Error: (09/01/2016 04:59:12 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070103 fehlgeschlagen: Intel Corporation driver update for Intel(R) HD Graphics 4600

Error: (09/01/2016 04:12:01 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070103 fehlgeschlagen: Intel Corporation driver update for Intel(R) HD Graphics 4600

Error: (09/01/2016 02:58:20 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070103 fehlgeschlagen: Intel Corporation driver update for Intel(R) HD Graphics 4600

Error: (09/01/2016 02:26:04 PM) (Source: disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\DR17 gefunden.

Error: (09/01/2016 01:11:30 PM) (Source: disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR16 gefunden.

Error: (09/01/2016 01:07:25 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Adobe Genuine Software Integrity Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/01/2016 01:07:25 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Secunia Update Agent" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/01/2016 01:07:25 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Secunia PSI Agent" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/01/2016 01:07:25 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Nero Update" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4702MQ CPU @ 2.20GHz
Prozentuale Nutzung des RAM: 13%
Installierter physikalischer RAM: 16264.27 MB
Verfügbarer physikalischer RAM: 14030.81 MB
Summe virtueller Speicher: 18696.27 MB
Verfügbarer virtueller Speicher: 16635.39 MB

==================== Laufwerke ================================

Drive c: (Acer) (Fixed) (Total:220.22 GB) (Free:52.74 GB) NTFS
Drive d: (DATA) (Fixed) (Total:931.51 GB) (Free:690.43 GB) NTFS
Drive e: (BABYLON5_S4_DISC1) (CDROM) (Total:7.61 GB) (Free:0 GB) UDF

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 69C3CD7C)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 69C3CD56)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

Code:

ATTFilter

17:46:07.0341 0x1790  TDSS rootkit removing tool 3.1.0.11 Aug  5 2016 12:13:31
17:46:07.0341 0x1790  UEFI system
17:46:10.0731 0x1790  ============================================================
17:46:10.0731 0x1790  Current date / time: 2016/09/01 17:46:10.0731
17:46:10.0731 0x1790  SystemInfo:
17:46:10.0731 0x1790  
17:46:10.0731 0x1790  OS Version: 6.3.9600 ServicePack: 0.0
17:46:10.0731 0x1790  Product type: Workstation
17:46:10.0731 0x1790  ComputerName: BEBISPC
17:46:10.0731 0x1790  UserName: sephiroth
17:46:10.0731 0x1790  Windows directory: C:\WINDOWS
17:46:10.0731 0x1790  System windows directory: C:\WINDOWS
17:46:10.0731 0x1790  Running under WOW64
17:46:10.0731 0x1790  Processor architecture: Intel x64
17:46:10.0731 0x1790  Number of processors: 8
17:46:10.0731 0x1790  Page size: 0x1000
17:46:10.0731 0x1790  Boot type: Normal boot
17:46:10.0731 0x1790  CodeIntegrityOptions = 0x00000001
17:46:10.0731 0x1790  ============================================================
17:46:10.0778 0x1790  KLMD registered as C:\WINDOWS\system32\drivers\98289309.sys
17:46:10.0778 0x1790  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 9600.18378, osProperties = 0x19
17:46:11.0934 0x1790  System UUID: {08F84715-0A43-22E8-101E-FB01DE3A61ED}
17:46:12.0294 0x1790  Drive \Device\Harddisk0\DR0 - Size: 0x3B9E656000 ( 238.47 Gb ), SectorSize: 0x200, Cylinders: 0x799A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:46:14.0622 0x1790  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:46:14.0638 0x1790  ============================================================
17:46:14.0638 0x1790  \Device\Harddisk0\DR0:
17:46:14.0638 0x1790  GPT partitions:
17:46:14.0638 0x1790  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {524D89B6-16D4-44F1-830B-AD254D5FE2BD}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xC8000
17:46:14.0638 0x1790  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {D86CAFDB-D461-48EF-B8FD-FD1EF228AC14}, Name: EFI system partition, StartLBA 0xC8800, BlocksNum 0x96000
17:46:14.0638 0x1790  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {1F008091-46A8-4237-89B8-E81BF89187BC}, Name: Microsoft reserved partition, StartLBA 0x15E800, BlocksNum 0x40000
17:46:14.0638 0x1790  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {32A81FF2-A161-40BA-82EE-E09BE769E5EF}, Name: Basic data partition, StartLBA 0x19E800, BlocksNum 0x1B870800
17:46:14.0638 0x1790  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {B8956608-C437-4BE3-9348-6EEAFC9579EF}, Name: , StartLBA 0x1BA0F000, BlocksNum 0xE1000
17:46:14.0638 0x1790  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {054AD352-7766-4841-819A-BDC580289B69}, Name: Basic data partition, StartLBA 0x1BAF0000, BlocksNum 0x2203000
17:46:14.0638 0x1790  MBR partitions:
17:46:14.0638 0x1790  \Device\Harddisk1\DR1:
17:46:14.0638 0x1790  MBR partitions:
17:46:14.0638 0x1790  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
17:46:14.0638 0x1790  ============================================================
17:46:14.0638 0x1790  C: <-> \Device\Harddisk0\DR0\Partition4
17:46:14.0638 0x1790  D: <-> \Device\Harddisk1\DR1\Partition1
17:46:14.0638 0x1790  ============================================================
17:46:14.0638 0x1790  Initialize success
17:46:14.0638 0x1790  ============================================================

M-K-D-B · 01.09.2016, 20:08

FRST Logdateien sehen gut aus.

Die Logdatei von TDSS-Killer ist unvollständig.

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Betti05 · 04.09.2016, 06:41

ok, kommt heute nochmal. Danke

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 04.09.2016
Suchlaufzeit: 07:24
Protokolldatei: mbm.txt
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2016.09.04.02
Rootkit-Datenbank: v2016.08.15.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: sephiroth

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 429349
Abgelaufene Zeit: 7 Min., 45 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

Code:

ATTFilter

07:37:20.0677 0x1300  TDSS rootkit removing tool 3.1.0.11 Aug  5 2016 12:13:31
07:37:20.0677 0x1300  UEFI system
07:37:23.0943 0x1300  ============================================================
07:37:23.0943 0x1300  Current date / time: 2016/09/04 07:37:23.0943
07:37:23.0943 0x1300  SystemInfo:
07:37:23.0943 0x1300  
07:37:23.0943 0x1300  OS Version: 6.3.9600 ServicePack: 0.0
07:37:23.0943 0x1300  Product type: Workstation
07:37:23.0943 0x1300  ComputerName: BEBISPC
07:37:23.0943 0x1300  UserName: sephiroth
07:37:23.0943 0x1300  Windows directory: C:\WINDOWS
07:37:23.0943 0x1300  System windows directory: C:\WINDOWS
07:37:23.0943 0x1300  Running under WOW64
07:37:23.0943 0x1300  Processor architecture: Intel x64
07:37:23.0943 0x1300  Number of processors: 8
07:37:23.0943 0x1300  Page size: 0x1000
07:37:23.0943 0x1300  Boot type: Normal boot
07:37:23.0943 0x1300  CodeIntegrityOptions = 0x00000001
07:37:23.0943 0x1300  ============================================================
07:37:26.0396 0x1300  KLMD registered as C:\WINDOWS\system32\drivers\91664914.sys
07:37:26.0396 0x1300  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 9600.18378, osProperties = 0x19
07:37:26.0756 0x1300  System UUID: {08F84715-0A43-22E8-101E-FB01DE3A61ED}
07:37:27.0475 0x1300  Drive \Device\Harddisk0\DR0 - Size: 0x3B9E656000 ( 238.47 Gb ), SectorSize: 0x200, Cylinders: 0x799A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
07:37:27.0475 0x1300  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
07:37:27.0490 0x1300  ============================================================
07:37:27.0490 0x1300  \Device\Harddisk0\DR0:
07:37:27.0490 0x1300  GPT partitions:
07:37:27.0490 0x1300  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {524D89B6-16D4-44F1-830B-AD254D5FE2BD}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xC8000
07:37:27.0490 0x1300  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {D86CAFDB-D461-48EF-B8FD-FD1EF228AC14}, Name: EFI system partition, StartLBA 0xC8800, BlocksNum 0x96000
07:37:27.0490 0x1300  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {1F008091-46A8-4237-89B8-E81BF89187BC}, Name: Microsoft reserved partition, StartLBA 0x15E800, BlocksNum 0x40000
07:37:27.0490 0x1300  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {32A81FF2-A161-40BA-82EE-E09BE769E5EF}, Name: Basic data partition, StartLBA 0x19E800, BlocksNum 0x1B870800
07:37:27.0490 0x1300  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {B8956608-C437-4BE3-9348-6EEAFC9579EF}, Name: , StartLBA 0x1BA0F000, BlocksNum 0xE1000
07:37:27.0490 0x1300  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {054AD352-7766-4841-819A-BDC580289B69}, Name: Basic data partition, StartLBA 0x1BAF0000, BlocksNum 0x2203000
07:37:27.0490 0x1300  MBR partitions:
07:37:27.0490 0x1300  \Device\Harddisk1\DR1:
07:37:27.0490 0x1300  MBR partitions:
07:37:27.0490 0x1300  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
07:37:27.0490 0x1300  ============================================================
07:37:27.0490 0x1300  C: <-> \Device\Harddisk0\DR0\Partition4
07:37:27.0568 0x1300  D: <-> \Device\Harddisk1\DR1\Partition1
07:37:27.0568 0x1300  ============================================================
07:37:27.0568 0x1300  Initialize success
07:37:27.0568 0x1300  ============================================================
07:37:35.0603 0x1af8  ============================================================
07:37:35.0603 0x1af8  Scan started
07:37:35.0603 0x1af8  Mode: Manual; SigCheck; TDLFS; 
07:37:35.0603 0x1af8  ============================================================
07:37:35.0603 0x1af8  KSN ping started
07:37:35.0713 0x1af8  KSN ping finished: true
07:37:37.0150 0x1af8  ================ Scan system memory ========================
07:37:37.0150 0x1af8  System memory - ok
07:37:37.0150 0x1af8  ================ Scan services =============================
07:37:37.0228 0x1af8  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
07:37:37.0306 0x1af8  1394ohci - ok
07:37:37.0322 0x1af8  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
07:37:37.0322 0x1af8  3ware - ok
07:37:37.0338 0x1af8  [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
07:37:37.0353 0x1af8  ACPI - ok
07:37:37.0369 0x1af8  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
07:37:37.0369 0x1af8  acpiex - ok
07:37:37.0384 0x1af8  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
07:37:37.0384 0x1af8  acpipagr - ok
07:37:37.0384 0x1af8  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
07:37:37.0400 0x1af8  AcpiPmi - ok
07:37:37.0400 0x1af8  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
07:37:37.0416 0x1af8  acpitime - ok
07:37:37.0416 0x1af8  [ 4BA3BFF03B1A10E49B590BE3C4D79C10, 54D0159ACD6FB93EE08CBB2C7BA13DC3ECD131EE26E07E53040FB3976CC4FBAE ] AdobeActiveFileMonitor12.0 C:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe
07:37:37.0431 0x1af8  AdobeActiveFileMonitor12.0 - ok
07:37:37.0431 0x1af8  [ 68E7DEA59FDEF410BAF29FDB5B7A6EEF, B808FCF0C30B465A1330E47947B84FC722A3B4C46260E261C54B1EED725A288F ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
07:37:37.0447 0x1af8  AdobeARMservice - ok
07:37:37.0463 0x1af8  [ 32B31B696CB8E8F380831DFEB80A67E4, 8C8F6E16F2FB3E8F10569261B7712BBC931A2924B6C27D561E7F828041C4F3E6 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
07:37:37.0478 0x1af8  AdobeFlashPlayerUpdateSvc - ok
07:37:37.0494 0x1af8  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
07:37:37.0509 0x1af8  ADP80XX - ok
07:37:37.0525 0x1af8  [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc     C:\WINDOWS\System32\aelupsvc.dll
07:37:37.0556 0x1af8  AeLookupSvc - ok
07:37:37.0588 0x1af8  [ A460C3AF3755A2A79A3C8EFE72E147B5, 62CEA85DA53D86D3E7B5D79F94095C6126FFF3DEE1427BBF3DEF5EA366B4513B ] AFD             C:\WINDOWS\system32\drivers\afd.sys
07:37:37.0619 0x1af8  AFD - ok
07:37:37.0619 0x1af8  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
07:37:37.0619 0x1af8  agp440 - ok
07:37:37.0666 0x1af8  [ E20C1118524DF19945BCD83A3843E8CF, 90C87096E9E2595DAA503CFD9C24D7D8F9CB2D567ACAB06FBF5527C8A6059409 ] AGSService      C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
07:37:37.0697 0x1af8  AGSService - ok
07:37:37.0713 0x1af8  [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
07:37:37.0713 0x1af8  ahcache - ok
07:37:37.0728 0x1af8  [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG             C:\WINDOWS\System32\alg.exe
07:37:37.0728 0x1af8  ALG - ok
07:37:37.0744 0x1af8  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
07:37:37.0744 0x1af8  AmdK8 - ok
07:37:37.0759 0x1af8  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
07:37:37.0775 0x1af8  AmdPPM - ok
07:37:37.0775 0x1af8  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
07:37:37.0775 0x1af8  amdsata - ok
07:37:37.0791 0x1af8  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
07:37:37.0806 0x1af8  amdsbs - ok
07:37:37.0806 0x1af8  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
07:37:37.0806 0x1af8  amdxata - ok
07:37:37.0822 0x1af8  [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID           C:\WINDOWS\system32\drivers\appid.sys
07:37:37.0822 0x1af8  AppID - ok
07:37:37.0838 0x1af8  [ 88358135810B9DFD830A9D3A8C3D149A, DF914DA3828EE2310895D156342E3B3DF5E8C6F6F9B851C359E82A1F48180D4B ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
07:37:37.0838 0x1af8  AppIDSvc - ok
07:37:37.0853 0x1af8  [ 734622FBA766DBD65B1803549B24A04A, 3B6872B87A60D4DA265D3B8AB0561A929CFE2C097419183E93D3843422363C89 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
07:37:37.0853 0x1af8  Appinfo - ok
07:37:37.0869 0x1af8  [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
07:37:37.0884 0x1af8  AppReadiness - ok
07:37:37.0916 0x1af8  [ E0F846ADE7DED88981D0908DE56FF160, D8F536438091878724A5004849306ADFB96A2778A9D958ED3DCC0CD9E35160BB ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
07:37:37.0947 0x1af8  AppXSvc - ok
07:37:37.0963 0x1af8  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
07:37:37.0963 0x1af8  arcsas - ok
07:37:37.0963 0x1af8  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
07:37:37.0978 0x1af8  atapi - ok
07:37:37.0978 0x1af8  [ 62A40F3DFF2B40915A1981285B14EFD4, 02F19978D153E816A6A879F6D0D67B2AB89F5964B86953F11B82D9970C3ED963 ] AthBTPort       C:\WINDOWS\system32\DRIVERS\btath_flt.sys
07:37:37.0994 0x1af8  AthBTPort - ok
07:37:38.0009 0x1af8  [ A917E4F753B90A5181ECBFA56D5C154A, 4025FC65AB44AE5FDF6D144F16873C1E165D9EB7C4BF0570C996F2D7C8B71A1E ] AtherosSvc      C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
07:37:38.0009 0x1af8  AtherosSvc - detected UnsignedFile.Multi.Generic ( 1 )
07:37:38.0088 0x1af8  Detect skipped due to KSN trusted
07:37:38.0088 0x1af8  AtherosSvc - ok
07:37:38.0228 0x1af8  [ 2C7676F892E88FD190F08D98048C7C6C, 44C13C103F61DA4D1A3823D37344F8C9465A611A9560808CE928925FB69604F7 ] athr            C:\WINDOWS\system32\DRIVERS\athw8x.sys
07:37:38.0291 0x1af8  athr - ok
07:37:38.0306 0x1af8  [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
07:37:38.0322 0x1af8  AudioEndpointBuilder - ok
07:37:38.0338 0x1af8  [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
07:37:38.0369 0x1af8  Audiosrv - ok
07:37:38.0369 0x1af8  [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
07:37:38.0384 0x1af8  AxInstSV - ok
07:37:38.0384 0x1af8  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
07:37:38.0400 0x1af8  b06bdrv - ok
07:37:38.0416 0x1af8  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
07:37:38.0431 0x1af8  BasicDisplay - ok
07:37:38.0431 0x1af8  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
07:37:38.0431 0x1af8  BasicRender - ok
07:37:38.0447 0x1af8  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
07:37:38.0463 0x1af8  bcmfn2 - ok
07:37:38.0494 0x1af8  [ 174394F4EF93C117BF7BE3878046A1B1, D58E868342D1DAFC4B04384A3713F729DF07F408AA6AE4762E6A4244F976526A ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
07:37:38.0525 0x1af8  BDESVC - ok
07:37:38.0525 0x1af8  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
07:37:38.0556 0x1af8  Beep - ok
07:37:38.0588 0x1af8  [ 5059D93764340D4EAEDF49C47133118F, 26C5779469E04BEAFD290B619CA355648F3911C66D41B22D2C3DCA909FCA0F6E ] BFE             C:\WINDOWS\System32\bfe.dll
07:37:38.0619 0x1af8  BFE - ok
07:37:38.0634 0x1af8  [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS            C:\WINDOWS\System32\qmgr.dll
07:37:38.0666 0x1af8  BITS - ok
07:37:38.0666 0x1af8  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
07:37:38.0681 0x1af8  bowser - ok
07:37:38.0681 0x1af8  [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
07:37:38.0713 0x1af8  BrokerInfrastructure - ok
07:37:38.0728 0x1af8  [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser         C:\WINDOWS\System32\browser.dll
07:37:38.0759 0x1af8  Browser - ok
07:37:38.0775 0x1af8  [ 6BF12F3F3A5D3F2866E69B8B463BC0CD, E6D3358ABCF16ED2E68A93171C5E84D797137898BB2231E26FF0E4A07B8ADB22 ] BTATH_A2DP      C:\WINDOWS\system32\drivers\btath_a2dp.sys
07:37:38.0775 0x1af8  BTATH_A2DP - ok
07:37:38.0791 0x1af8  [ DC7038090A369FE866B76DB18E356558, 6782DBDDA352FBF8C2F5F6A90591794B569F2897AA5BD901AF062E774E734E48 ] btath_avdt      C:\WINDOWS\system32\drivers\btath_avdt.sys
07:37:38.0791 0x1af8  btath_avdt - ok
07:37:38.0806 0x1af8  [ 4AF7C20F94DAC343C01ED671C82DCB99, 2AABD85D9D76461DE883E0F13F61C391BA81E6198FF88268B319474E25A196C8 ] BTATH_HCRP      C:\WINDOWS\System32\drivers\btath_hcrp.sys
07:37:38.0806 0x1af8  BTATH_HCRP - ok
07:37:38.0806 0x1af8  [ 785C38070043BEEE9E9D591DE4067244, 1C8D15B8A9E80A2799E7094C4AE111FEA9FBC6EAA4A61B13EFE59314C9794949 ] BTATH_LWFLT     C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys
07:37:38.0822 0x1af8  BTATH_LWFLT - ok
07:37:38.0822 0x1af8  [ A6019537D6125099363F90D0C6D181F9, CA0C46AABBF71E2A29C93A477A06D33E3CACC84978DD9D729BEFB339E50D7055 ] BTATH_RCP       C:\WINDOWS\System32\drivers\btath_rcp.sys
07:37:38.0838 0x1af8  BTATH_RCP - ok
07:37:38.0853 0x1af8  [ 25B35FDD5FE5666DC49CCC0BC6A9AD81, 0F6A9783EF72AF53F20B19E51FE40A17F72FB9CC037670ADB77970AF9CA7E376 ] BtFilter        C:\WINDOWS\system32\DRIVERS\btfilter.sys
07:37:38.0869 0x1af8  BtFilter - ok
07:37:38.0869 0x1af8  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
07:37:38.0884 0x1af8  BthAvrcpTg - ok
07:37:38.0884 0x1af8  [ 12418846B057E4F92FC621F5C6CF737D, 0B8B0EADE4F2AD95D450A5C71C287C0F04F33897ABF27D3E3B6428A3C99C7B5D ] BthEnum         C:\WINDOWS\System32\drivers\BthEnum.sys
07:37:38.0900 0x1af8  BthEnum - ok
07:37:38.0900 0x1af8  [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
07:37:38.0916 0x1af8  BthHFEnum - ok
07:37:38.0916 0x1af8  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
07:37:38.0931 0x1af8  bthhfhid - ok
07:37:38.0947 0x1af8  [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
07:37:38.0978 0x1af8  BthHFSrv - ok
07:37:38.0994 0x1af8  [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum       C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys
07:37:39.0041 0x1af8  BthLEEnum - ok
07:37:39.0041 0x1af8  [ EF4B9E7C9AD88C00C18A12B0D22D1894, 672537E75201E690D86CD65252B8AEF887C76EBD37AB0C419462D69164B350CC ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
07:37:39.0072 0x1af8  BTHMODEM - ok
07:37:39.0088 0x1af8  [ FEA8FC81431AD93F44D5FBFBBF096AA7, C0581DF6B2AD24836604B083F4866F93A3F4D9091D382029948A5E6221EDF788 ] BthPan          C:\WINDOWS\system32\DRIVERS\bthpan.sys
07:37:39.0103 0x1af8  BthPan - ok
07:37:39.0134 0x1af8  [ B810B2B39CCA90DC6BF42AF1658AE0D1, D184F927BCFBDE7063A0C9873BF2C174226E1AB5081A7108FCC66210CD117465 ] BTHPORT         C:\WINDOWS\System32\Drivers\BTHport.sys
07:37:39.0166 0x1af8  BTHPORT - ok
07:37:39.0166 0x1af8  [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv         C:\WINDOWS\system32\bthserv.dll
07:37:39.0181 0x1af8  bthserv - ok
07:37:39.0181 0x1af8  [ 52A1B7ECAB4C9EF70FD41241691E09D3, F7A5BFE72D3151E73DD9922A76964C08AC1FDCB8460D9A17DCF8B7969006AD42 ] BTHUSB          C:\WINDOWS\System32\Drivers\BTHUSB.sys
07:37:39.0197 0x1af8  BTHUSB - ok
07:37:39.0259 0x1af8  [ D2B943C3B41A96A4E093DAB46E69E69F, 799BFAE6D8B600F6CD47D81E8C2F5995DA71914E6B5193F5E97E1CCB6997EBC4 ] CCDMonitorService C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
07:37:39.0306 0x1af8  CCDMonitorService - ok
07:37:39.0322 0x1af8  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
07:37:39.0338 0x1af8  cdfs - ok
07:37:39.0338 0x1af8  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
07:37:39.0369 0x1af8  cdrom - ok
07:37:39.0369 0x1af8  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
07:37:39.0416 0x1af8  CertPropSvc - ok
07:37:39.0416 0x1af8  [ EF41D362661C5D71D0BEB6D2329739F7, 7D0BB550E5E337E0B76658254AD15C32D2E08F74E116AC07F7D5FAA09F3A524B ] cfwids          C:\WINDOWS\system32\drivers\cfwids.sys
07:37:39.0447 0x1af8  cfwids - ok
07:37:39.0447 0x1af8  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
07:37:39.0478 0x1af8  circlass - ok
07:37:39.0494 0x1af8  [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
07:37:39.0525 0x1af8  CLFS - ok
07:37:39.0525 0x1af8  [ 16080706CF270608F191A9E0BDBC8513, BBBEA6C16D525C49A64E166763B9D82215C80A36D78C1E96C72499FAD8F362E3 ] CLKMSVC10_96E434EB C:\Program Files (x86)\Acer\clear.fi SDK21\Movie\NavFilter\kmsvc.exe
07:37:39.0541 0x1af8  CLKMSVC10_96E434EB - ok
07:37:39.0541 0x1af8  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
07:37:39.0556 0x1af8  CmBatt - ok
07:37:39.0588 0x1af8  [ 5CBF8B3E27D824D2AA2A34AFB406F1D0, 955AF1307C02D2B4DEEB150F37F77B8631C0F3C450037C233E9E27D6571B0265 ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
07:37:39.0619 0x1af8  CNG - ok
07:37:39.0619 0x1af8  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\WINDOWS\System32\drivers\CompositeBus.sys
07:37:39.0634 0x1af8  CompositeBus - ok
07:37:39.0634 0x1af8  COMSysApp - ok
07:37:39.0634 0x1af8  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
07:37:39.0650 0x1af8  condrv - ok
07:37:39.0666 0x1af8  [ DAC4D7D79C07957F237E1A4F24435E96, F0D5C21A403580D71F1F6B049C5BB043D3257D39FABCDE623E81CD48034610AC ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
07:37:39.0681 0x1af8  cphs - ok
07:37:39.0681 0x1af8  [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
07:37:39.0697 0x1af8  CryptSvc - ok
07:37:39.0713 0x1af8  [ 389C998C64319CD97625B0550E52ECFA, DD0EDDD9C8412F78D2D2B648D67DA887C3040E05DF29F48F71299CB68FDDD0F8 ] dam             C:\WINDOWS\system32\drivers\dam.sys
07:37:39.0713 0x1af8  dam - ok
07:37:39.0728 0x1af8  [ 7830CEA509693DE0817DF2F3F2D80E89, 7B1786CD225E2D6BCFA484D0BFB81DD162D5713EAEC80C53317CC6950E3D17F3 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
07:37:39.0759 0x1af8  DcomLaunch - ok
07:37:39.0759 0x1af8  [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
07:37:39.0791 0x1af8  defragsvc - ok
07:37:39.0791 0x1af8  [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
07:37:39.0806 0x1af8  DeviceAssociationService - ok
07:37:39.0822 0x1af8  [ B9A27D354D7DBEBC973B2A9A13E7BED0, 244ECE3DD7B00502FAE5699A4EF7E2B3B3101CBF8B283ACA707153BED6F33CE1 ] DeviceFastLaneService C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe
07:37:39.0838 0x1af8  DeviceFastLaneService - ok
07:37:39.0838 0x1af8  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
07:37:39.0853 0x1af8  DeviceInstall - ok
07:37:39.0853 0x1af8  [ 5408A71E47FF21E357192FD4126B3002, D9EDDE26EFB7B3EBD8F21F5730A49D594D916A95E0D09ABBA7B6E7C59052A712 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
07:37:39.0869 0x1af8  Dfsc - ok
07:37:39.0869 0x1af8  [ 85137571AEC8AC757D497B9DD30D544D, 6E15C9FB4010B26A8E5AFD4E85F7362B2616EB8503ACCE28EC31AC1E7D18566F ] dg_ssudbus      C:\WINDOWS\system32\DRIVERS\ssudbus.sys
07:37:39.0884 0x1af8  dg_ssudbus - ok
07:37:39.0900 0x1af8  [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
07:37:39.0916 0x1af8  Dhcp - ok
07:37:39.0931 0x1af8  [ 21EDAD8188372C912B7BB9B1C6CB0D38, 4A102745DE8A2A82D2C069B30503BF9FF2312A035A82854F84EF9C27E3533CEE ] DiagTrack       C:\WINDOWS\system32\diagtrack.dll
07:37:39.0978 0x1af8  DiagTrack - ok
07:37:39.0994 0x1af8  [ 8B1E62881D5AC68E673CD94B136B34AC, A0C50F17041E43AC07B67A74F2C408820316201439F47CDEA37A4F5891CC0E6F ] disk            C:\WINDOWS\system32\drivers\disk.sys
07:37:40.0025 0x1af8  disk - ok
07:37:40.0025 0x1af8  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
07:37:40.0041 0x1af8  dmvsc - ok
07:37:40.0041 0x1af8  [ E9AE4FAE83FB38A2962F9032B24CEB3C, CC7D2D8C97CB779791613D76D6E4AF5D628C948C28BAC584C3C7F6A5A6036FBA ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
07:37:40.0056 0x1af8  Dnscache - ok
07:37:40.0072 0x1af8  [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
07:37:40.0088 0x1af8  dot3svc - ok
07:37:40.0088 0x1af8  [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS             C:\WINDOWS\system32\dps.dll
07:37:40.0103 0x1af8  DPS - ok
07:37:40.0103 0x1af8  [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
07:37:40.0119 0x1af8  drmkaud - ok
07:37:40.0119 0x1af8  [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
07:37:40.0134 0x1af8  DsmSvc - ok
07:37:40.0166 0x1af8  [ F74B839FA0F4E6060CA1DA6B8DA17941, EF493E1F55FCD6A8C32B3D5D5809B7EFCCC9829E9A347522D1E6FE080D41BF37 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
07:37:40.0228 0x1af8  DXGKrnl - ok
07:37:40.0228 0x1af8  [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
07:37:40.0244 0x1af8  Eaphost - ok
07:37:40.0322 0x1af8  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
07:37:40.0384 0x1af8  ebdrv - ok
07:37:40.0400 0x1af8  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS             C:\WINDOWS\System32\lsass.exe
07:37:40.0400 0x1af8  EFS - ok
07:37:40.0400 0x1af8  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
07:37:40.0416 0x1af8  EhStorClass - ok
07:37:40.0416 0x1af8  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
07:37:40.0431 0x1af8  EhStorTcgDrv - ok
07:37:40.0447 0x1af8  [ 616E1B9130314EB0E331197940AA625B, A4736A31EFF6D35A27B0EC14A7C855B7577301500E20CE936B0F1C0013F0FDF0 ] ePowerSvc       C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
07:37:40.0463 0x1af8  ePowerSvc - ok
07:37:40.0463 0x1af8  [ D315FF43E23DF424ECEC2F6C930203E4, 68940EDA34DC4945CDD0D8018D96A0DA8F99F16A930946D14E4FECEE033FCB80 ] EpsonScanSvc    C:\WINDOWS\system32\EscSvc64.exe
07:37:40.0478 0x1af8  EpsonScanSvc - ok
07:37:40.0478 0x1af8  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
07:37:40.0494 0x1af8  ErrDev - ok
07:37:40.0509 0x1af8  [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem     C:\WINDOWS\system32\es.dll
07:37:40.0525 0x1af8  EventSystem - ok
07:37:40.0525 0x1af8  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
07:37:40.0541 0x1af8  exfat - ok
07:37:40.0556 0x1af8  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
07:37:40.0572 0x1af8  fastfat - ok
07:37:40.0588 0x1af8  [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax             C:\WINDOWS\system32\fxssvc.exe
07:37:40.0603 0x1af8  Fax - ok
07:37:40.0603 0x1af8  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
07:37:40.0619 0x1af8  fdc - ok
07:37:40.0619 0x1af8  [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
07:37:40.0634 0x1af8  fdPHost - ok
07:37:40.0634 0x1af8  [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
07:37:40.0650 0x1af8  FDResPub - ok
07:37:40.0650 0x1af8  [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
07:37:40.0666 0x1af8  fhsvc - ok
07:37:40.0666 0x1af8  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
07:37:40.0681 0x1af8  FileInfo - ok
07:37:40.0681 0x1af8  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
07:37:40.0697 0x1af8  Filetrace - ok
07:37:40.0713 0x1af8  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
07:37:40.0728 0x1af8  flpydisk - ok
07:37:40.0744 0x1af8  [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
07:37:40.0775 0x1af8  FltMgr - ok
07:37:40.0838 0x1af8  [ 2F225BC85B84C04EA01BAB8D8DACFA83, 1F6E20C8F0FFD3FA60BDF556FB8392FE014E6519C3F314D1D22D394DB2A040CA ] FontCache       C:\WINDOWS\system32\FntCache.dll
07:37:40.0869 0x1af8  FontCache - ok
07:37:40.0884 0x1af8  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
07:37:40.0884 0x1af8  FontCache3.0.0.0 - ok
07:37:40.0884 0x1af8  [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
07:37:40.0900 0x1af8  FsDepends - ok
07:37:40.0900 0x1af8  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
07:37:40.0916 0x1af8  Fs_Rec - ok
07:37:40.0916 0x1af8  [ D4AB6EE3D715BC44C00277FD934FAACF, DE8A8B14D7BA73BA1B5A833DE193CA65EDFE512A57D84F4F2CE19D9646D97F4E ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
07:37:40.0947 0x1af8  fvevol - ok
07:37:40.0947 0x1af8  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\WINDOWS\System32\drivers\fxppm.sys
07:37:40.0947 0x1af8  FxPPM - ok
07:37:40.0963 0x1af8  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
07:37:40.0963 0x1af8  gagp30kx - ok
07:37:40.0978 0x1af8  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
07:37:40.0978 0x1af8  gencounter - ok
07:37:40.0978 0x1af8  [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
07:37:40.0994 0x1af8  GPIOClx0101 - ok
07:37:41.0025 0x1af8  [ 9678FD4747A4F2E2318245EE6099482E, C76AE30E8BA77DC330F9CFE5ECEA58FAE0995396742923B564A2257DE24D7B32 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
07:37:41.0056 0x1af8  gpsvc - ok
07:37:41.0056 0x1af8  [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
07:37:41.0072 0x1af8  gupdate - ok
07:37:41.0072 0x1af8  [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
07:37:41.0088 0x1af8  gupdatem - ok
07:37:41.0103 0x1af8  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
07:37:41.0119 0x1af8  HDAudBus - ok
07:37:41.0119 0x1af8  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
07:37:41.0134 0x1af8  HidBatt - ok
07:37:41.0150 0x1af8  [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
07:37:41.0166 0x1af8  HidBth - ok
07:37:41.0166 0x1af8  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
07:37:41.0197 0x1af8  hidi2c - ok
07:37:41.0197 0x1af8  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
07:37:41.0228 0x1af8  HidIr - ok
07:37:41.0244 0x1af8  [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv         C:\WINDOWS\system32\hidserv.dll
07:37:41.0259 0x1af8  hidserv - ok
07:37:41.0275 0x1af8  [ 49676FEC898AB2A11B157F848269A56E, 011E6DDEF9570212520F92FEFD205E1F8104F198B57C40D11BE857FCBCC5F68D ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
07:37:41.0291 0x1af8  HidUsb - ok
07:37:41.0322 0x1af8  [ 7829E439EBDDDB0FEFD6DEBCEE6B09AD, FF6BB82CE0C21513E407FF465C768805CF202A7B4040140A944A0413875BEC37 ] HipShieldK      C:\WINDOWS\system32\drivers\HipShieldK.sys
07:37:41.0353 0x1af8  HipShieldK - ok
07:37:41.0353 0x1af8  [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc          C:\WINDOWS\system32\kmsvc.dll
07:37:41.0384 0x1af8  hkmsvc - ok
07:37:41.0400 0x1af8  [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
07:37:41.0416 0x1af8  HomeGroupListener - ok
07:37:41.0431 0x1af8  [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
07:37:41.0447 0x1af8  HomeGroupProvider - ok
07:37:41.0463 0x1af8  [ FFD55794A830AA05BF4E59D724D7D344, 2BD84931D4BF21A128319E48D55394C8415F42FC1D1CC71C08C6C2792BA1480E ] HomeNetSvc      C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
07:37:41.0478 0x1af8  HomeNetSvc - ok
07:37:41.0478 0x1af8  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
07:37:41.0494 0x1af8  HpSAMD - ok
07:37:41.0509 0x1af8  [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
07:37:41.0541 0x1af8  HTTP - ok
07:37:41.0541 0x1af8  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
07:37:41.0556 0x1af8  hwpolicy - ok
07:37:41.0556 0x1af8  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
07:37:41.0572 0x1af8  hyperkbd - ok
07:37:41.0572 0x1af8  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
07:37:41.0588 0x1af8  HyperVideo - ok
07:37:41.0588 0x1af8  [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
07:37:41.0603 0x1af8  i8042prt - ok
07:37:41.0603 0x1af8  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
07:37:41.0603 0x1af8  iaLPSSi_GPIO - ok
07:37:41.0619 0x1af8  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
07:37:41.0619 0x1af8  iaLPSSi_I2C - ok
07:37:41.0634 0x1af8  [ FA4C48E36F0B24E7E33D3E7E1844B9C9, F61F448B8E305DEFDDA5D4A6FC4E57C798C11ED4DA0ACB885847DC8A9A7B4E98 ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
07:37:41.0650 0x1af8  iaStorA - ok
07:37:41.0666 0x1af8  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
07:37:41.0681 0x1af8  iaStorAV - ok
07:37:41.0697 0x1af8  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
07:37:41.0713 0x1af8  iaStorV - ok
07:37:41.0713 0x1af8  IEEtwCollectorService - ok
07:37:41.0822 0x1af8  [ 5863E2DD2E5C2D1B1F70C3826C162A7B, A6A0DBFA91F53D116AFFC1644F636A9D33A20B00A842A190190584F8AE2D1FF0 ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
07:37:41.0900 0x1af8  igfx - ok
07:37:41.0916 0x1af8  [ C5202C7669226FF13A74228BD42AD982, BA843DEF6649DF34F9D0D0A380E77557D7785B8239A61EA33EFF08AEF0C8E6DE ] igfxCUIService1.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
07:37:41.0931 0x1af8  igfxCUIService1.0.0.0 - ok
07:37:41.0947 0x1af8  [ BD5F83AE5106A131E7C6E7A4CB15B6BE, 57CABC1FFC4F09D2C536112BB21494FA83AF7949532463FC458F12BC552D3ED2 ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
07:37:41.0978 0x1af8  IKEEXT - ok
07:37:41.0978 0x1af8  [ 5950F69F9B345952F3C2275C39EA393B, 382923DE0F5F25285F8C86BA628350DF1CFB6E63FF20736CF9285FB0F36A76DE ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
07:37:41.0994 0x1af8  intaud_WaveExtensible - ok
07:37:42.0041 0x1af8  [ 7D7711B0F972C73AE46105B42092D82E, AC66AE06B65C03BCEE2FF90732B13B651862382CDFEE85A6B5497DF3A2FF75A2 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
07:37:42.0103 0x1af8  IntcAzAudAddService - ok
07:37:42.0119 0x1af8  [ 0E0B99617ED3FDB6C5F0E2D62709B5DF, A656CA3A60E62BE16A015150B23136CE150F9876B4035E9E8D8E73D1707B37A4 ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
07:37:42.0134 0x1af8  IntcDAud - ok
07:37:42.0150 0x1af8  [ C6128F2E3DC6156C6F8828F9F1B96010, 612C1191AFB8F69BA5634E8C52BDDE608F57D98FA4C76C5A337676A5F1E8191D ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
07:37:42.0166 0x1af8  Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
07:37:42.0244 0x1af8  Detect skipped due to KSN trusted
07:37:42.0244 0x1af8  Intel(R) Capability Licensing Service Interface - ok
07:37:42.0291 0x1af8  [ 729AB4F0608E95EFF8FDEF23596283E2, 62A2091FF440C65505AB3E38436A86D9B0978BCB9485960EFCE0C5CBC8E06201 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
07:37:42.0322 0x1af8  Intel(R) Capability Licensing Service TCP IP Interface - ok
07:37:42.0322 0x1af8  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
07:37:42.0338 0x1af8  intelide - ok
07:37:42.0338 0x1af8  [ 7AA01AB1C110916825E6E1389F1B9AF2, E2885955AFA0908E194B1BC364C9582249B2B2AFFF93F17F3414F55B1E5F2C42 ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys

Betti05 · 04.09.2016, 06:43

Code:

ATTFilter

07:37:42.0353 0x1af8  intelpep - ok
07:37:42.0353 0x1af8  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
07:37:42.0369 0x1af8  intelppm - ok
07:37:42.0369 0x1af8  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
07:37:42.0384 0x1af8  IpFilterDriver - ok
07:37:42.0400 0x1af8  [ B452623C1DE60544054E784D94A7AA47, 57AECDEE0AB2B80DFFE11E43608988D46E9169288CB56D644DDE2CAFED6AFD40 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
07:37:42.0431 0x1af8  iphlpsvc - ok
07:37:42.0431 0x1af8  [ C800DCD904016B2BF6AB541083770A3A, 95A8FB9AB2818A4F44AFCBF2715B0B3024DCE38E1406EA639F2A5ECA105D2290 ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
07:37:42.0447 0x1af8  IPMIDRV - ok
07:37:42.0447 0x1af8  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
07:37:42.0463 0x1af8  IPNAT - ok
07:37:42.0463 0x1af8  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
07:37:42.0478 0x1af8  IRENUM - ok
07:37:42.0478 0x1af8  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
07:37:42.0478 0x1af8  isapnp - ok
07:37:42.0494 0x1af8  [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
07:37:42.0509 0x1af8  iScsiPrt - ok
07:37:42.0509 0x1af8  [ F1D3A377ED9BA1CA449824C41CAF104C, EA0E90D5D827664CFDB644753C6DC134C3F8F852F24175EC8328A9FA925B25BF ] iwdbus          C:\WINDOWS\System32\drivers\iwdbus.sys
07:37:42.0525 0x1af8  iwdbus - ok
07:37:42.0525 0x1af8  [ A326E83B46820EF62F7F0BA17A9DA542, 1CC6564B100517E62E7BACAC142F8B0C6B1800F16D9A25D95E9AA2C2CEC0E54B ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
07:37:42.0541 0x1af8  jhi_service - ok
07:37:42.0541 0x1af8  [ 779010324CCB6B974C4D737DDAABB2D5, 3D8591069D02F0888517C54A4C52E3174771EE86D3DA272C14FCE1B27DCB8613 ] k57nd60a        C:\WINDOWS\system32\DRIVERS\k57nd60a.sys
07:37:42.0572 0x1af8  k57nd60a - ok
07:37:42.0572 0x1af8  [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
07:37:42.0588 0x1af8  kbdclass - ok
07:37:42.0588 0x1af8  [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
07:37:42.0603 0x1af8  kbdhid - ok
07:37:42.0619 0x1af8  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\WINDOWS\system32\DRIVERS\kdnic.sys
07:37:42.0650 0x1af8  kdnic - ok
07:37:42.0650 0x1af8  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso          C:\WINDOWS\system32\lsass.exe
07:37:42.0666 0x1af8  KeyIso - ok
07:37:42.0681 0x1af8  [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
07:37:42.0697 0x1af8  KSecDD - ok
07:37:42.0713 0x1af8  [ 3D4AE520CD6F6FFE549DD195C1F515BE, 2AD3E07F504CE50956C391FD4633D20B354A854C940B3563A67B79BB6E40218F ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
07:37:42.0713 0x1af8  KSecPkg - ok
07:37:42.0713 0x1af8  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
07:37:42.0728 0x1af8  ksthunk - ok
07:37:42.0744 0x1af8  [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
07:37:42.0759 0x1af8  KtmRm - ok
07:37:42.0759 0x1af8  [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
07:37:42.0775 0x1af8  LanmanServer - ok
07:37:42.0791 0x1af8  [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
07:37:42.0806 0x1af8  LanmanWorkstation - ok
07:37:42.0822 0x1af8  [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc           C:\WINDOWS\System32\GeofenceMonitorService.dll
07:37:42.0838 0x1af8  lfsvc - ok
07:37:42.0838 0x1af8  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\WINDOWS\system32\DRIVERS\lltdio.sys
07:37:42.0853 0x1af8  lltdio - ok
07:37:42.0853 0x1af8  [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
07:37:42.0869 0x1af8  lltdsvc - ok
07:37:42.0869 0x1af8  [ 95DD1E89A772A383E0FDC677A2E2ED44, 94701ACC1F4D5422CB7084609BC25D34A05F68829DB5030AA6697BD7DBC3B0B2 ] LMDriver        C:\WINDOWS\System32\drivers\LMDriver.sys
07:37:42.0884 0x1af8  LMDriver - ok
07:37:42.0884 0x1af8  [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
07:37:42.0900 0x1af8  lmhosts - ok
07:37:42.0900 0x1af8  [ 70C1B686CA9083970484DDDED4426A08, AA19295AC97EBE36E9CED4B162CBF1EEF4916B02FDA6255ACEF0492E79E94C64 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
07:37:42.0916 0x1af8  LMS - ok
07:37:42.0931 0x1af8  [ 5E57ABEAB076EBD32DDF795B59A09A12, 0B0F729469A7EDD28517E85792FEF96F909094E0E8C95813FB274CFFA4C1BE5F ] LMSvc           C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
07:37:42.0931 0x1af8  LMSvc - ok
07:37:42.0947 0x1af8  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
07:37:42.0947 0x1af8  LSI_SAS - ok
07:37:42.0963 0x1af8  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\WINDOWS\system32\drivers\lsi_sas2.sys
07:37:42.0963 0x1af8  LSI_SAS2 - ok
07:37:42.0978 0x1af8  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\WINDOWS\system32\drivers\lsi_sas3.sys
07:37:42.0978 0x1af8  LSI_SAS3 - ok
07:37:42.0978 0x1af8  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
07:37:42.0994 0x1af8  LSI_SSS - ok
07:37:43.0009 0x1af8  [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM             C:\WINDOWS\System32\lsm.dll
07:37:43.0025 0x1af8  LSM - ok
07:37:43.0041 0x1af8  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
07:37:43.0041 0x1af8  luafv - ok
07:37:43.0056 0x1af8  [ 78BFF5425E044086E74E78650A359FBB, 294738C10F3ED933D4EC40EA0659372FCF19A3C6D45D356917438CA495F2CB45 ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys
07:37:43.0056 0x1af8  MBAMProtector - ok
07:37:43.0088 0x1af8  [ 9611577752E293259C7DCE19E9026362, 8CB5DFD63FA15603BB6FA6B501E09ED7F4DE0E8F68CB28B78CECAC3711BEFD24 ] MBAMScheduler   C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
07:37:43.0135 0x1af8  MBAMScheduler - ok
07:37:43.0181 0x1af8  [ F1A89A34388B5626F1548D393B23ECB1, EA00AC76C4C8C9340753B58A3313C9177A9B98F9F1BDE08F184CD0F53D0C186F ] MBAMService     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
07:37:43.0197 0x1af8  MBAMService - ok
07:37:43.0213 0x1af8  [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy   C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
07:37:43.0213 0x1af8  MBAMSwissArmy - ok
07:37:43.0228 0x1af8  [ 898415AC0B5F1D2A9A48ABCB68A6DC4B, E1FD9AE5E22E3E5A18288E66A6184E92A4B63A1274DCE147A7728BB09C6A225E ] MBAMWebAccessControl C:\WINDOWS\system32\drivers\mwac.sys
07:37:43.0228 0x1af8  MBAMWebAccessControl - ok
07:37:43.0244 0x1af8  [ 2C2700AFA516B6ABBAF38A83B46E01A9, 7250D3A52192A542C7F3BFE98CFDC506B9FCC655F3FBC827AA6ADD85CEAB976A ] McAfee SiteAdvisor Service C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
07:37:43.0244 0x1af8  McAfee SiteAdvisor Service - ok
07:37:43.0259 0x1af8  [ BDBCF7ED4238E511443B596CC8277119, 90635EFCD443AF2042AED00950BC456499D866F67C036FAC95865F45E1A3D4B9 ] McAPExe         C:\Program Files\McAfee\MSC\McAPExe.exe
07:37:43.0291 0x1af8  McAPExe - ok
07:37:43.0306 0x1af8  [ FFD55794A830AA05BF4E59D724D7D344, 2BD84931D4BF21A128319E48D55394C8415F42FC1D1CC71C08C6C2792BA1480E ] McBootDelayStartSvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
07:37:43.0322 0x1af8  McBootDelayStartSvc - ok
07:37:43.0353 0x1af8  [ 40B02F6D4B331443CC7E879BCD87100F, ACF976DC9565A905F71EFE9A25516A0F1B128E70B961B8D8256F51474B1F78D7 ] mccspsvc        C:\Program Files\Common Files\McAfee\CSP\1.9.829.0\\McCSPServiceHost.exe
07:37:43.0385 0x1af8  mccspsvc - ok
07:37:43.0400 0x1af8  [ FFD55794A830AA05BF4E59D724D7D344, 2BD84931D4BF21A128319E48D55394C8415F42FC1D1CC71C08C6C2792BA1480E ] McMPFSvc        C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
07:37:43.0416 0x1af8  McMPFSvc - ok
07:37:43.0431 0x1af8  [ FFD55794A830AA05BF4E59D724D7D344, 2BD84931D4BF21A128319E48D55394C8415F42FC1D1CC71C08C6C2792BA1480E ] McNaiAnn        C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
07:37:43.0447 0x1af8  McNaiAnn - ok
07:37:43.0463 0x1af8  [ 9151C5CDF8489F9FFE9854601FDA9A0F, 6E080E216EE1F16A7B72B3F42434F34C75A8082A3CBAAF7265116CCD22AFE582 ] McODS           C:\Program Files\McAfee\VirusScan\mcods.exe
07:37:43.0478 0x1af8  McODS - ok
07:37:43.0494 0x1af8  [ FFD55794A830AA05BF4E59D724D7D344, 2BD84931D4BF21A128319E48D55394C8415F42FC1D1CC71C08C6C2792BA1480E ] mcpltsvc        C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
07:37:43.0510 0x1af8  mcpltsvc - ok
07:37:43.0510 0x1af8  [ FFD55794A830AA05BF4E59D724D7D344, 2BD84931D4BF21A128319E48D55394C8415F42FC1D1CC71C08C6C2792BA1480E ] McProxy         C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
07:37:43.0525 0x1af8  McProxy - ok
07:37:43.0541 0x1af8  [ 6B9B3656CD62E439287C3C2143E25404, AE4BB60BDA6726803E079D9E5F20BEE7B494FFE1BD1064138342974308CB6916 ] McPvDrv         C:\WINDOWS\system32\drivers\McPvDrv.sys
07:37:43.0541 0x1af8  McPvDrv - ok
07:37:43.0541 0x1af8  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
07:37:43.0556 0x1af8  megasas - ok
07:37:43.0572 0x1af8  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
07:37:43.0588 0x1af8  megasr - ok
07:37:43.0588 0x1af8  [ 2BB3EAE2EA641515D4B205CAB29E1624, D3F18EE393EB1B0F919484281269A3C55A092D023E62C59D74CB63A55612024B ] MEIx64          C:\WINDOWS\System32\drivers\HECIx64.sys
07:37:43.0603 0x1af8  MEIx64 - ok
07:37:43.0603 0x1af8  [ FAF196A8E1905DB9248790583B3745E2, C8E6A3E74636E4D04816D0B35C2691F81E766B03726E05993429A0BF15528354 ] mfeaack         C:\WINDOWS\system32\drivers\mfeaack.sys
07:37:43.0619 0x1af8  mfeaack - ok
07:37:43.0635 0x1af8  [ A1A2DEA7E180BFC8284062DBCC67A18D, 77041A9D7429E615CE64E45A14BD53FAFF22284B0F3211399F4D6BA681B2A9DF ] mfeavfk         C:\WINDOWS\system32\drivers\mfeavfk.sys
07:37:43.0650 0x1af8  mfeavfk - ok
07:37:43.0650 0x1af8  [ E8B413490D4E3CD5CD36F9C442357F95, 684BD860B85DAC2AB06917580542F7F206B33122F3D450DD18A4736841EC1D93 ] mfeelamk        C:\WINDOWS\system32\drivers\mfeelamk.sys
07:37:43.0666 0x1af8  mfeelamk - ok
07:37:43.0666 0x1af8  [ 95A4DC60385F57418BD3361262D5F7C8, 5FAAE03B306710509E36A7B77DE9D36E4A1A38832403C29247E1A8B8C1D918B3 ] mfefire         C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
07:37:43.0681 0x1af8  mfefire - ok
07:37:43.0681 0x1af8  [ 767386839AD3C39F653512240C06D0D4, EA9D4DCC41AB1C1BC2BD86368C4F22AC43D046EAAAFFA13A89A8AA4D76F0B972 ] mfefirek        C:\WINDOWS\system32\drivers\mfefirek.sys
07:37:43.0697 0x1af8  mfefirek - ok
07:37:43.0713 0x1af8  [ FAF5C37877D57B16D7E2DAFA29969F96, DA83A140B8727A4FE0DC7B845651BCA31988B0779DA6B3909BB03A4DF9470709 ] mfehidk         C:\WINDOWS\system32\drivers\mfehidk.sys
07:37:43.0744 0x1af8  mfehidk - ok
07:37:43.0744 0x1af8  [ BDC13F3B0CED47103C1F2BE94F4EEA58, EA5DCA8AC3AB9FBC3448C3252B394099274906CC4EC3943454740AE68E1978EC ] mfemms          C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe
07:37:43.0760 0x1af8  mfemms - ok
07:37:43.0775 0x1af8  [ 73CA0AF7E33B8CF5A52AE929886FED56, B410C0719B1620B9AB638E5370F7D16F0813209122E3070AA5342F6D118AE145 ] mfencbdc        C:\WINDOWS\system32\DRIVERS\mfencbdc.sys
07:37:43.0791 0x1af8  mfencbdc - ok
07:37:43.0791 0x1af8  [ 7F94CA1F4E9BD7606A977F9B95DC49FD, A3A8351FEC47C50E43FA9D1BF86E7A7CDCA77A78326EB54793EFB5AAC6D795B1 ] mfencrk         C:\WINDOWS\system32\DRIVERS\mfencrk.sys
07:37:43.0791 0x1af8  mfencrk - ok
07:37:43.0806 0x1af8  [ DA49A90A69B3284FD11B6F02D0209A99, 759380964E6450FF21FB9A2BD23BA0394B005EC332E714D40D47262FCDC6CFE9 ] mfesapsn        C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys
07:37:43.0806 0x1af8  mfesapsn - ok
07:37:43.0822 0x1af8  [ 8DFE9C58B1509E3BBC6FD92B954204D9, 72D519AB2F5E3A335C61C1B632BB846FCD6406194EC36E965D52C1028E68FB33 ] mfevtp          C:\WINDOWS\system32\mfevtps.exe
07:37:43.0822 0x1af8  mfevtp - ok
07:37:43.0838 0x1af8  [ A47260605572FE4E4C42AB0A3CC0B4E9, 4DE6A365C8C4041AA27BD853912F7F5BED3ABF24E63A2932380189D30764D5FB ] mfewfpk         C:\WINDOWS\system32\drivers\mfewfpk.sys
07:37:43.0838 0x1af8  mfewfpk - ok
07:37:43.0853 0x1af8  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS           C:\WINDOWS\system32\mmcss.dll
07:37:43.0853 0x1af8  MMCSS - ok
07:37:43.0869 0x1af8  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\WINDOWS\system32\drivers\modem.sys
07:37:43.0869 0x1af8  Modem - ok
07:37:43.0900 0x1af8  [ 446FCA715F9A21A58C6FDA8455315760, B5C79AA540094E32A469F88886EDC4B8A7D6BFB2EAE0A14B5C518427A4A21395 ] ModuleCoreService C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
07:37:43.0931 0x1af8  ModuleCoreService - ok
07:37:43.0931 0x1af8  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
07:37:43.0947 0x1af8  monitor - ok
07:37:43.0947 0x1af8  [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
07:37:43.0963 0x1af8  mouclass - ok
07:37:43.0963 0x1af8  [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
07:37:43.0978 0x1af8  mouhid - ok
07:37:43.0978 0x1af8  [ 9A788037D768809DFD677F4BA08A224A, E0686B3318F924E440ADA439D6671D44D3FF97C13D45C2E0A3A7B9E23DA38350 ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
07:37:43.0994 0x1af8  mountmgr - ok
07:37:43.0994 0x1af8  [ A82AA5481A845F4AC0E5EE83904FBFED, 2E1640BCA51B1957815465E4DEE895FCD87C93EA80DDD3A80B5647B23D16FB67 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
07:37:43.0994 0x1af8  MozillaMaintenance - ok
07:37:44.0010 0x1af8  [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
07:37:44.0010 0x1af8  mpsdrv - ok
07:37:44.0041 0x1af8  [ D1418745A5472F3930A288E05B9E2C05, 95785F0FA7EE239459C0288DB37E9E54648029FD6FE45A61E6343526D67FFA32 ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
07:37:44.0072 0x1af8  MpsSvc - ok
07:37:44.0088 0x1af8  [ D2AC8F07995CE6CD18848C129435B481, 839B04116B49A757950E049150F6AADE41335914CC699ED73BE886BECAC39D36 ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
07:37:44.0103 0x1af8  MRxDAV - ok
07:37:44.0103 0x1af8  [ 5DCD41F62F71519D2A46D41F60C69B0C, A9C2F8B8F82BDBF48F34D5837ED27CE251C75232A07AF26F7B796D2A106795A0 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
07:37:44.0135 0x1af8  mrxsmb - ok
07:37:44.0135 0x1af8  [ D7C9BC4D37BF08C7DD436A0A5F321668, 30A5AF211BEC89E26134CDAE3E60D0D9F0AE2748F56E9D09B07431206AD381C6 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
07:37:44.0166 0x1af8  mrxsmb10 - ok
07:37:44.0181 0x1af8  [ 4065615E836BF8C61AF6278EB2A9D1D6, B9A0E40DEC36D1A228EC4EF48CCD9BE6C726E53D17F38280AA74C068E7887621 ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
07:37:44.0197 0x1af8  mrxsmb20 - ok
07:37:44.0213 0x1af8  [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge        C:\WINDOWS\system32\DRIVERS\bridge.sys
07:37:44.0228 0x1af8  MsBridge - ok
07:37:44.0228 0x1af8  [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
07:37:44.0244 0x1af8  MSDTC - ok
07:37:44.0244 0x1af8  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
07:37:44.0260 0x1af8  Msfs - ok
07:37:44.0260 0x1af8  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
07:37:44.0275 0x1af8  msgpiowin32 - ok
07:37:44.0275 0x1af8  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
07:37:44.0291 0x1af8  mshidkmdf - ok
07:37:44.0291 0x1af8  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
07:37:44.0291 0x1af8  mshidumdf - ok
07:37:44.0306 0x1af8  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
07:37:44.0306 0x1af8  msisadrv - ok
07:37:44.0322 0x1af8  [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
07:37:44.0322 0x1af8  MSiSCSI - ok
07:37:44.0338 0x1af8  msiserver - ok
07:37:44.0338 0x1af8  [ FFD55794A830AA05BF4E59D724D7D344, 2BD84931D4BF21A128319E48D55394C8415F42FC1D1CC71C08C6C2792BA1480E ] MSK80Service    C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
07:37:44.0385 0x1af8  MSK80Service - ok
07:37:44.0385 0x1af8  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
07:37:44.0400 0x1af8  MSKSSRV - ok
07:37:44.0400 0x1af8  [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp          C:\WINDOWS\system32\DRIVERS\mslldp.sys
07:37:44.0431 0x1af8  MsLldp - ok
07:37:44.0431 0x1af8  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
07:37:44.0447 0x1af8  MSPCLOCK - ok
07:37:44.0447 0x1af8  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
07:37:44.0463 0x1af8  MSPQM - ok
07:37:44.0478 0x1af8  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
07:37:44.0510 0x1af8  MsRPC - ok
07:37:44.0510 0x1af8  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
07:37:44.0525 0x1af8  mssmbios - ok
07:37:44.0525 0x1af8  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
07:37:44.0525 0x1af8  MSTEE - ok
07:37:44.0541 0x1af8  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
07:37:44.0541 0x1af8  MTConfig - ok
07:37:44.0556 0x1af8  [ 438EA7A2D8D4F9B8AFB64748ACA70BA8, AEEB7B657B645C4006C6D5E8D07ECE581DEE7AD22EA1A587C552574990CF091B ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
07:37:44.0556 0x1af8  Mup - ok
07:37:44.0556 0x1af8  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
07:37:44.0572 0x1af8  mvumis - ok
07:37:44.0588 0x1af8  [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent        C:\WINDOWS\system32\qagentRT.dll
07:37:44.0603 0x1af8  napagent - ok
07:37:44.0603 0x1af8  [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
07:37:44.0635 0x1af8  NativeWifiP - ok
07:37:44.0650 0x1af8  [ E0E4A1F81A7D69C595A8A9DDAD084C19, 8F55F3637AE8BFFB0ACE37AFC5122026525137E0B2923899B779C1BD08DF0E22 ] NAUpdate        c:\Program Files (x86)\Nero\Update\NASvc.exe
07:37:44.0666 0x1af8  NAUpdate - ok
07:37:44.0666 0x1af8  [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
07:37:44.0681 0x1af8  NcaSvc - ok
07:37:44.0681 0x1af8  [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService      C:\WINDOWS\System32\ncbservice.dll
07:37:44.0697 0x1af8  NcbService - ok
07:37:44.0697 0x1af8  [ 0813B71EAF097208DC76CE0605B48AF0, A93A2E6A8FB77B58AC4D580E6F8BF307A25BADC9493994F9BE235EBFB0E1DB22 ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
07:37:44.0713 0x1af8  NcdAutoSetup - ok
07:37:44.0728 0x1af8  [ 97DC5967F65503213FD1F1B3E4A6F983, 3EC515856C7CE9B30032F963DC04190F66EE62402A819781DC45B7D088C84229 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
07:37:44.0760 0x1af8  NDIS - ok
07:37:44.0775 0x1af8  [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap         C:\WINDOWS\system32\DRIVERS\ndiscap.sys
07:37:44.0775 0x1af8  NdisCap - ok
07:37:44.0791 0x1af8  [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform  C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
07:37:44.0791 0x1af8  NdisImPlatform - ok
07:37:44.0806 0x1af8  [ DC1D9F692C2AD84C214584C28501C1F7, 96FC0D1EC48FED963E02648541A2AAC8E72ED00D797EA8E3D0ED02F5EB4816C5 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
07:37:44.0822 0x1af8  NdisTapi - ok
07:37:44.0838 0x1af8  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
07:37:44.0853 0x1af8  Ndisuio - ok
07:37:44.0853 0x1af8  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
07:37:44.0885 0x1af8  NdisVirtualBus - ok
07:37:44.0885 0x1af8  [ C3755FCF9A0B5C6FE8ED9E873B85D3CE, 4D3DAFAFA5FB2930522D6DA536E3A731BABE0C24613C190D2330DB415D1A6515 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
07:37:44.0900 0x1af8  NdisWan - ok
07:37:44.0916 0x1af8  [ C3755FCF9A0B5C6FE8ED9E873B85D3CE, 4D3DAFAFA5FB2930522D6DA536E3A731BABE0C24613C190D2330DB415D1A6515 ] NdisWanLegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
07:37:44.0916 0x1af8  NdisWanLegacy - ok
07:37:44.0931 0x1af8  [ B8F36CBC72FC5C8B8A30AD850165EA8E, 478454B1399700B745265A64EC9C797C66BD0141471200BCF222F5EB15B0F40C ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
07:37:44.0931 0x1af8  NDProxy - ok
07:37:44.0947 0x1af8  [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
07:37:44.0947 0x1af8  Ndu - ok
07:37:44.0947 0x1af8  [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
07:37:44.0963 0x1af8  NetBIOS - ok
07:37:44.0978 0x1af8  [ 9DC17B7D9D84C37C102D379FCC7D4942, D522022ED4395686837E96F57EE29F8065FB749D1195B60D2A406FB33F696C09 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
07:37:44.0994 0x1af8  NetBT - ok
07:37:44.0994 0x1af8  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon        C:\WINDOWS\system32\lsass.exe
07:37:45.0010 0x1af8  Netlogon - ok
07:37:45.0025 0x1af8  [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman          C:\WINDOWS\System32\netman.dll
07:37:45.0041 0x1af8  Netman - ok
07:37:45.0056 0x1af8  [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
07:37:45.0072 0x1af8  netprofm - ok
07:37:45.0088 0x1af8  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
07:37:45.0103 0x1af8  NetTcpPortSharing - ok
07:37:45.0103 0x1af8  [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc          C:\WINDOWS\System32\drivers\netvsc63.sys
07:37:45.0119 0x1af8  netvsc - ok
07:37:45.0119 0x1af8  [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
07:37:45.0135 0x1af8  NlaSvc - ok
07:37:45.0135 0x1af8  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
07:37:45.0150 0x1af8  Npfs - ok
07:37:45.0150 0x1af8  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
07:37:45.0166 0x1af8  npsvctrig - ok
07:37:45.0166 0x1af8  [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi             C:\WINDOWS\system32\nsisvc.dll
07:37:45.0181 0x1af8  nsi - ok
07:37:45.0181 0x1af8  [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
07:37:45.0197 0x1af8  nsiproxy - ok
07:37:45.0260 0x1af8  [ 9980B262DBE439AE6BDC91AA985F19EE, E998E4CAE9CD103ADA9CA3C737C4DAD017D056828BFA42A41C7B4E4E108FB13C ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
07:37:45.0306 0x1af8  Ntfs - ok
07:37:45.0322 0x1af8  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\WINDOWS\system32\drivers\Null.sys
07:37:45.0322 0x1af8  Null - ok
07:37:45.0541 0x1af8  [ 9B93CC9C70EDE60A9C486E7719DB9E8D, 8E31BE72797D3308D8AF136E9F4C6199BCF4592F88E9FEB361752FF768225EC9 ] nvlddmkm        C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
07:37:45.0713 0x1af8  nvlddmkm - ok
07:37:45.0728 0x1af8  [ F76296368BB813E0C6996501A3271C7C, FA1C127F881C09C5066CB83A686AFD7A40D731922185EA4001A52ABA230FD812 ] nvpciflt        C:\WINDOWS\system32\DRIVERS\nvpciflt.sys
07:37:45.0744 0x1af8  nvpciflt - ok
07:37:45.0744 0x1af8  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
07:37:45.0760 0x1af8  nvraid - ok
07:37:45.0760 0x1af8  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
07:37:45.0775 0x1af8  nvstor - ok
07:37:45.0791 0x1af8  [ FB50E60564ED30DDC855F0CE435C8467, C9A56D74F58739B8A069336FF5456FC5F3CE89371B8CFE8144B8D06A9C79C6AB ] nvsvc           C:\WINDOWS\system32\nvvsvc.exe
07:37:45.0806 0x1af8  nvsvc - ok
07:37:45.0838 0x1af8  [ C63E582366EAD77978BFFD959A66DBB8, BBAC11300AFED29291A08EEC8A740DA67C8C003AF89D06F9E0671CCF0E7908A0 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
07:37:45.0869 0x1af8  nvUpdatusService - ok
07:37:45.0869 0x1af8  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
07:37:45.0885 0x1af8  nv_agp - ok
07:37:45.0885 0x1af8  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
07:37:45.0900 0x1af8  p2pimsvc - ok
07:37:45.0916 0x1af8  [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
07:37:45.0931 0x1af8  p2psvc - ok
07:37:45.0931 0x1af8  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
07:37:45.0947 0x1af8  Parport - ok
07:37:45.0947 0x1af8  [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
07:37:45.0963 0x1af8  partmgr - ok
07:37:45.0978 0x1af8  [ 0A2DF1055FEEA30DFF73DAC0DA45FDE4, 497B2AE591ABBCFA8FC571D9C1D750006212F2D2DDF12F5A9E7FFA811CD707A3 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
07:37:45.0994 0x1af8  PcaSvc - ok
07:37:45.0994 0x1af8  [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci             C:\WINDOWS\system32\drivers\pci.sys
07:37:46.0010 0x1af8  pci - ok
07:37:46.0010 0x1af8  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
07:37:46.0025 0x1af8  pciide - ok
07:37:46.0025 0x1af8  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
07:37:46.0041 0x1af8  pcmcia - ok
07:37:46.0041 0x1af8  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
07:37:46.0056 0x1af8  pcw - ok
07:37:46.0056 0x1af8  [ ED54A75050211DC77F9B98C41E026858, F92FB59ADE88469EAA50E91D43165C68CC32FDE11595A0069FD43103A674FE44 ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
07:37:46.0072 0x1af8  pdc - ok
07:37:46.0072 0x1af8  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
07:37:46.0119 0x1af8  PEAUTH - ok
07:37:46.0150 0x1af8  [ EDD4C63050ED1821B4C92D06FFD7180B, 33C6B54147771C813CD78CEF66C0A76CA50D9F1D13D41E6764310BF8C0D8D89D ] PEFService      C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
07:37:46.0181 0x1af8  PEFService - ok
07:37:46.0197 0x1af8  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
07:37:46.0197 0x1af8  PerfHost - ok
07:37:46.0228 0x1af8  [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla             C:\WINDOWS\system32\pla.dll
07:37:46.0275 0x1af8  pla - ok
07:37:46.0275 0x1af8  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
07:37:46.0291 0x1af8  PlugPlay - ok
07:37:46.0291 0x1af8  [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
07:37:46.0306 0x1af8  PNRPAutoReg - ok
07:37:46.0306 0x1af8  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
07:37:46.0322 0x1af8  PNRPsvc - ok
07:37:46.0338 0x1af8  [ 0FF8507A8B901B904E98EB36B9E347EE, FE4A9A6159A8490F3155D166656748722EFDEDCDC447C09155A5AD6D9F5D294D ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
07:37:46.0353 0x1af8  PolicyAgent - ok
07:37:46.0353 0x1af8  [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power           C:\WINDOWS\system32\umpo.dll
07:37:46.0385 0x1af8  Power - ok
07:37:46.0463 0x1af8  [ F6EA63145C20A23732AD2CA1EBA65FA1, 0DD1164D37C1500258E9CCCE458778A3DA196D9A65919B2672E3C88383068F52 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
07:37:46.0525 0x1af8  PrintNotify - ok
07:37:46.0525 0x1af8  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\WINDOWS\System32\drivers\processr.sys
07:37:46.0541 0x1af8  Processor - ok
07:37:46.0541 0x1af8  [ 6E409D818C6B342544EAE741B1422B85, B4ADFB7809FC42C432C984C3AC13FAFD1B7AD53BCC7FB16E86371DE4C829DD1A ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
07:37:46.0556 0x1af8  ProfSvc - ok
07:37:46.0556 0x1af8  [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched          C:\WINDOWS\system32\DRIVERS\pacer.sys
07:37:46.0572 0x1af8  Psched - ok
07:37:46.0572 0x1af8  [ DD3FD48D69F5FBBB21D46D1514C1C2DB, 2B188E3AC4BD9B608D375DD550507717852C2AF7C0F99FFED90098999B9D4F01 ] PSI             C:\WINDOWS\system32\DRIVERS\psi_mf_amd64.sys
07:37:46.0588 0x1af8  PSI - ok
07:37:46.0588 0x1af8  [ 07D57B890DD5693A6AB660CBAE8F91B4, 934895A41C116056E22FE3298418332A9F4280F96E96EEE06C977A4925395674 ] PxHlpa64        C:\WINDOWS\system32\drivers\PxHlpa64.sys
07:37:46.0588 0x1af8  PxHlpa64 - ok
07:37:46.0603 0x1af8  [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE           C:\WINDOWS\system32\qwave.dll
07:37:46.0619 0x1af8  QWAVE - ok
07:37:46.0619 0x1af8  [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
07:37:46.0635 0x1af8  QWAVEdrv - ok
07:37:46.0635 0x1af8  [ E94067155C8AA4EF134CB2528E0C9CD7, 6EEF603F64827AB138930DFE379BF8E48E64AE8AA5EE7B9E0CA369022BAAA2EA ] RadioShim       C:\WINDOWS\System32\drivers\RadioShim.sys
07:37:46.0650 0x1af8  RadioShim - ok
07:37:46.0650 0x1af8  [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
07:37:46.0650 0x1af8  RasAcd - ok
07:37:46.0666 0x1af8  [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
07:37:46.0666 0x1af8  RasAuto - ok
07:37:46.0681 0x1af8  [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan          C:\WINDOWS\System32\rasmans.dll
07:37:46.0697 0x1af8  RasMan - ok
07:37:46.0713 0x1af8  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
07:37:46.0728 0x1af8  RasPppoe - ok
07:37:46.0728 0x1af8  [ D67ED4AB59D1EF66B05AD1A81AC28B26, 72E750A9A6B484D8BEDE52FA6DABEF4D95765DE491152E1F6C856D0590B50C28 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
07:37:46.0744 0x1af8  rdbss - ok
07:37:46.0744 0x1af8  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
07:37:46.0775 0x1af8  rdpbus - ok
07:37:46.0791 0x1af8  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
07:37:46.0806 0x1af8  RDPDR - ok
07:37:46.0822 0x1af8  [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
07:37:46.0838 0x1af8  RdpVideoMiniport - ok
07:37:46.0853 0x1af8  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
07:37:46.0885 0x1af8  rdyboost - ok
07:37:46.0900 0x1af8  [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS            C:\WINDOWS\system32\drivers\ReFS.sys
07:37:46.0947 0x1af8  ReFS - ok
07:37:46.0947 0x1af8  [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
07:37:46.0963 0x1af8  RemoteAccess - ok
07:37:46.0963 0x1af8  [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
07:37:46.0978 0x1af8  RemoteRegistry - ok
07:37:46.0994 0x1af8  [ DC66AE45816614D2999DCD3834DCCC4E, 1C26225135E851DDD1307F52401DD7055B26B3F3B8FDD693B21042C2896E235A ] RFCOMM          C:\WINDOWS\system32\DRIVERS\rfcomm.sys
07:37:46.0994 0x1af8  RFCOMM - ok
07:37:47.0010 0x1af8  [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
07:37:47.0010 0x1af8  RpcEptMapper - ok
07:37:47.0025 0x1af8  [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator      C:\WINDOWS\system32\locator.exe
07:37:47.0025 0x1af8  RpcLocator - ok
07:37:47.0041 0x1af8  [ 7830CEA509693DE0817DF2F3F2D80E89, 7B1786CD225E2D6BCFA484D0BFB81DD162D5713EAEC80C53317CC6950E3D17F3 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
07:37:47.0072 0x1af8  RpcSs - ok
07:37:47.0072 0x1af8  [ 294CEFA27ED078654A310D167024EAE1, F0169C29A5B68EEE7AA84C09AB5121A515767C9E8C6659FAA990EE9380A61B46 ] RSPCIESTOR      C:\WINDOWS\system32\DRIVERS\RtsPStor.sys
07:37:47.0103 0x1af8  RSPCIESTOR - ok
07:37:47.0119 0x1af8  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\WINDOWS\system32\DRIVERS\rspndr.sys
07:37:47.0135 0x1af8  rspndr - ok
07:37:47.0135 0x1af8  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
07:37:47.0166 0x1af8  s3cap - ok
07:37:47.0166 0x1af8  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs           C:\WINDOWS\system32\lsass.exe
07:37:47.0197 0x1af8  SamSs - ok
07:37:47.0213 0x1af8  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
07:37:47.0228 0x1af8  sbp2port - ok
07:37:47.0244 0x1af8  [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
07:37:47.0275 0x1af8  SCardSvr - ok
07:37:47.0275 0x1af8  [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
07:37:47.0306 0x1af8  ScDeviceEnum - ok
07:37:47.0322 0x1af8  [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
07:37:47.0353 0x1af8  scfilter - ok
07:37:47.0400 0x1af8  [ 3151A020E03DDE31AAC49F35C5EFB4DB, 5ABB1103009979F86C862357E28F37C2744979F2C99F7CF6ABB4EB1B8416B3F6 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
07:37:47.0431 0x1af8  Schedule - ok
07:37:47.0447 0x1af8  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
07:37:47.0447 0x1af8  SCPolicySvc - ok
07:37:47.0463 0x1af8  [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
07:37:47.0478 0x1af8  sdbus - ok
07:37:47.0478 0x1af8  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
07:37:47.0494 0x1af8  sdstor - ok
07:37:47.0494 0x1af8  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\WINDOWS\system32\drivers\secdrv.sys
07:37:47.0494 0x1af8  secdrv - ok
07:37:47.0510 0x1af8  [ 6627154693B6C2B8A59727F5B38728E8, F08251EE3436400295F120D48F3763E6F11BBF4132D674AD3E8112B6B3538455 ] seclogon        C:\WINDOWS\system32\seclogon.dll
07:37:47.0510 0x1af8  seclogon - ok
07:37:47.0541 0x1af8  [ B34033662EEE2ED42BD0B52A37EB0058, 90D25B376F3DED2595EF9C791A137A0D8243CEB57BFFB637BEA13E5ECAAA6EAF ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
07:37:47.0572 0x1af8  Secunia PSI Agent - ok
07:37:47.0588 0x1af8  [ A638907301678BEAB54EB47172AA1EB9, 46E48B89B9F968ED4136827D2362C293A6188978E0FF13A88305D30A0ED0EE67 ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe
07:37:47.0619 0x1af8  Secunia Update Agent - ok
07:37:47.0619 0x1af8  [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS            C:\WINDOWS\System32\sens.dll
07:37:47.0635 0x1af8  SENS - ok
07:37:47.0650 0x1af8  [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
07:37:47.0697 0x1af8  SensrSvc - ok
07:37:47.0697 0x1af8  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
07:37:47.0713 0x1af8  SerCx - ok
07:37:47.0728 0x1af8  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
07:37:47.0728 0x1af8  SerCx2 - ok
07:37:47.0744 0x1af8  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
07:37:47.0744 0x1af8  Serenum - ok
07:37:47.0744 0x1af8  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
07:37:47.0760 0x1af8  Serial - ok
07:37:47.0760 0x1af8  [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
07:37:47.0775 0x1af8  sermouse - ok
07:37:47.0791 0x1af8  [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
07:37:47.0806 0x1af8  SessionEnv - ok
07:37:47.0806 0x1af8  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
07:37:47.0822 0x1af8  sfloppy - ok
07:37:47.0822 0x1af8  [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
07:37:47.0853 0x1af8  SharedAccess - ok
07:37:47.0853 0x1af8  [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
07:37:47.0885 0x1af8  ShellHWDetection - ok
07:37:47.0885 0x1af8  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
07:37:47.0900 0x1af8  SiSRaid2 - ok
07:37:47.0900 0x1af8  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
07:37:47.0916 0x1af8  SiSRaid4 - ok
07:37:47.0916 0x1af8  [ 18473323B0029FFDDBC2236B3FB63153, CB12932BA1A5C3BE6F4C2287B1604757E358EB0A977ED3F327430304F8D7E230 ] SmbDrvI         C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys
07:37:47.0916 0x1af8  SmbDrvI - ok
07:37:47.0916 0x1af8  [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost         C:\WINDOWS\System32\smphost.dll
07:37:47.0931 0x1af8  smphost - ok
07:37:47.0931 0x1af8  [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
07:37:47.0947 0x1af8  SNMPTRAP - ok
07:37:47.0963 0x1af8  [ B45AE0970B2D66CCE756DE6989E23EEC, 8393CF2DC4F65CD48D4D7B3C8C2D29E26728593B652D6CEAB65B50AEDA0884B7 ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
07:37:47.0978 0x1af8  spaceport - ok
07:37:47.0978 0x1af8  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
07:37:47.0994 0x1af8  SpbCx - ok
07:37:48.0010 0x1af8  [ 2E3976C857D7230EC8D2B2276E688255, C0A6A84369CB3E709A6FFEBED2B38AB62D731B79D052D6D6FA8EF855BC428778 ] Spooler         C:\WINDOWS\System32\spoolsv.exe
07:37:48.0025 0x1af8  Spooler - ok
07:37:48.0166 0x1af8  [ F264662C057A54AA2DE41B3C7551712F, 2C123C6ACD967CDF1AD2855187CF3D8357B16A4FD9C2F18AE54CFA384165FA11 ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
07:37:48.0306 0x1af8  sppsvc - ok
07:37:48.0322 0x1af8  [ 69DC128CF54009A686E0F0C57E2BA0DC, 961B1F1F4CD07D85660E63DEC0AACDE1BF0DA30C0E39C497AE31BD37C5591B72 ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
07:37:48.0338 0x1af8  srv - ok
07:37:48.0353 0x1af8  [ CED8576CD925E83ABEB14F65EA205C29, 37803AB047B5717EDBB7009F504C87B8DE110FBC5D67DFE6A9C8F04B30DD9629 ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
07:37:48.0385 0x1af8  srv2 - ok
07:37:48.0385 0x1af8  [ 4396587119D8F4B72561ED24666E7567, 11754EA2668B2088363EFD2BCE4FDABC8836A6C9D78873F2A4F3517A48932ABF ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
07:37:48.0400 0x1af8  srvnet - ok
07:37:48.0416 0x1af8  [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
07:37:48.0431 0x1af8  SSDPSRV - ok
07:37:48.0431 0x1af8  [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
07:37:48.0447 0x1af8  SstpSvc - ok
07:37:48.0463 0x1af8  [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm         C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
07:37:48.0463 0x1af8  ssudmdm - ok
07:37:48.0478 0x1af8  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
07:37:48.0494 0x1af8  stexstor - ok
07:37:48.0525 0x1af8  [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
07:37:48.0572 0x1af8  stisvc - ok
07:37:48.0588 0x1af8  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
07:37:48.0603 0x1af8  storahci - ok
07:37:48.0603 0x1af8  [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys
07:37:48.0619 0x1af8  storflt - ok
07:37:48.0635 0x1af8  [ 0EDD1F4D470C775740625B06A60C9DD5, 94964D0A793B1C984E87095249EE383A5E669D05BA6BF9F655587887E6CE3C19 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
07:37:48.0650 0x1af8  stornvme - ok
07:37:48.0650 0x1af8  [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
07:37:48.0666 0x1af8  StorSvc - ok
07:37:48.0666 0x1af8  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
07:37:48.0666 0x1af8  storvsc - ok
07:37:48.0681 0x1af8  [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc           C:\WINDOWS\system32\svsvc.dll
07:37:48.0681 0x1af8  svsvc - ok
07:37:48.0681 0x1af8  [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
07:37:48.0697 0x1af8  swenum - ok
07:37:48.0713 0x1af8  [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv           C:\WINDOWS\System32\swprv.dll
07:37:48.0728 0x1af8  swprv - ok
07:37:48.0744 0x1af8  [ 71553B320788DAB4E51FBE6CCE834BC5, F68B6B9BD50C191DB621D19D66F9EE92031147FE4FD75CC71C4D7B968DA85A1A ] SynTP           C:\WINDOWS\system32\DRIVERS\SynTP.sys
07:37:48.0760 0x1af8  SynTP - ok
07:37:48.0822 0x1af8  [ 7E85DB0463AD2403AE84AD162B162279, 996C42ECAFC6E24C623068AFAFCC0A2612526333AF9315F7536C6D40C2570632 ] SysMain         C:\WINDOWS\system32\sysmain.dll
07:37:48.0869 0x1af8  SysMain - ok
07:37:48.0869 0x1af8  [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
07:37:48.0885 0x1af8  SystemEventsBroker - ok
07:37:48.0900 0x1af8  [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
07:37:48.0900 0x1af8  TabletInputService - ok
07:37:48.0916 0x1af8  [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
07:37:48.0931 0x1af8  TapiSrv - ok
07:37:48.0978 0x1af8  [ 1C8560E3A37A9D4F25B7769C3E3D4163, 3246F3CD6C9EA2BD874822D594A0FAC68A9DE0612C0893B50B8A3D5F1E9B0B33 ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
07:37:49.0025 0x1af8  Tcpip - ok
07:37:49.0072 0x1af8  [ 1C8560E3A37A9D4F25B7769C3E3D4163, 3246F3CD6C9EA2BD874822D594A0FAC68A9DE0612C0893B50B8A3D5F1E9B0B33 ] TCPIP6          C:\WINDOWS\system32\DRIVERS\tcpip.sys
07:37:49.0150 0x1af8  TCPIP6 - ok
07:37:49.0166 0x1af8  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
07:37:49.0181 0x1af8  tcpipreg - ok
07:37:49.0181 0x1af8  [ E0BD2D83875464FEEEB242CBA8B7E073, A3067165128F36035FA9F3CBA55CFED736E180C495497FA7332B3D97908C3D90 ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
07:37:49.0197 0x1af8  tdx - ok
07:37:49.0197 0x1af8  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
07:37:49.0197 0x1af8  terminpt - ok
07:37:49.0228 0x1af8  [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService     C:\WINDOWS\System32\termsrv.dll
07:37:49.0260 0x1af8  TermService - ok
07:37:49.0260 0x1af8  [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes          C:\WINDOWS\system32\themeservice.dll
07:37:49.0275 0x1af8  Themes - ok
07:37:49.0275 0x1af8  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER     C:\WINDOWS\system32\mmcss.dll
07:37:49.0291 0x1af8  THREADORDER - ok
07:37:49.0291 0x1af8  [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
07:37:49.0306 0x1af8  TimeBroker - ok
07:37:49.0322 0x1af8  [ 80A2FC1A089A71F2DBE5D8394FFB009F, DEA30E751F6EA42E43E16869713FC7E37832B15DAFA0062B1798DFA476981385 ] TPM             C:\WINDOWS\system32\drivers\tpm.sys
07:37:49.0322 0x1af8  TPM - ok
07:37:49.0338 0x1af8  [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
07:37:49.0353 0x1af8  TrkWks - ok
07:37:49.0369 0x1af8  [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
07:37:49.0385 0x1af8  TrustedInstaller - ok
07:37:49.0385 0x1af8  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
07:37:49.0400 0x1af8  TsUsbFlt - ok
07:37:49.0400 0x1af8  [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
07:37:49.0416 0x1af8  TsUsbGD - ok
07:37:49.0431 0x1af8  [ E85916632CD3B9E9B546968DB950BF42, DECE3852C763CC6293C7D1B772296C43A0AE1E47BBCC4979C96B3B2AD70413F3 ] tunnel          C:\WINDOWS\system32\DRIVERS\tunnel.sys
07:37:49.0447 0x1af8  tunnel - ok
07:37:49.0447 0x1af8  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
07:37:49.0463 0x1af8  uagp35 - ok
07:37:49.0463 0x1af8  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
07:37:49.0478 0x1af8  UASPStor - ok
07:37:49.0478 0x1af8  [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000        C:\WINDOWS\System32\drivers\ucx01000.sys
07:37:49.0494 0x1af8  UCX01000 - ok
07:37:49.0494 0x1af8  [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
07:37:49.0510 0x1af8  udfs - ok
07:37:49.0525 0x1af8  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
07:37:49.0525 0x1af8  UEFI - ok
07:37:49.0525 0x1af8  [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
07:37:49.0541 0x1af8  UI0Detect - ok
07:37:49.0541 0x1af8  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
07:37:49.0556 0x1af8  uliagpkx - ok
07:37:49.0556 0x1af8  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
07:37:49.0572 0x1af8  umbus - ok
07:37:49.0572 0x1af8  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
07:37:49.0588 0x1af8  UmPass - ok
07:37:49.0588 0x1af8  [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
07:37:49.0603 0x1af8  UmRdpService - ok
07:37:49.0619 0x1af8  [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost        C:\WINDOWS\System32\upnphost.dll
07:37:49.0635 0x1af8  upnphost - ok
07:37:49.0650 0x1af8  [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
07:37:49.0650 0x1af8  usbccgp - ok
07:37:49.0666 0x1af8  [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
07:37:49.0666 0x1af8  usbcir - ok
07:37:49.0681 0x1af8  [ C996CBEF922B5653A01E3F50DDCE2F86, 231EB5A36E7EE242197E796D3B4AB12F945D2C8570587BC8D57D45530A0C59B4 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
07:37:49.0681 0x1af8  usbehci - ok
07:37:49.0697 0x1af8  [ CD81683F4553677B9BF5163A922153EB, 6B304B0D68B9BFF0245EC755CDAAF9DF59DF3A081727E32CB66672929F0DBC50 ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
07:37:49.0713 0x1af8  usbhub - ok
07:37:49.0728 0x1af8  [ 5C90D5379B53590FBB24BBAD4FA682EE, DC036340510C1C0999AB1CB845F8E6EB8B7696BAC9BBE6E936454C0000D1E9D4 ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
07:37:49.0744 0x1af8  USBHUB3 - ok
07:37:49.0744 0x1af8  [ A0F0484C97D6441ED6A75D7426ECCC9E, FF928ADE1C5464E581BF929F7383D5762D110EA6C7E31A6F0887EA7357ADBEFE ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
07:37:49.0760 0x1af8  usbohci - ok
07:37:49.0760 0x1af8  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
07:37:49.0775 0x1af8  usbprint - ok
07:37:49.0775 0x1af8  [ 0F030491BA4A27BD46F8B8ACEEE83F1A, 7063855611BEF94D4D229BA1BE507ECBDD89F5861641A407EB3E2919A352F9D4 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
07:37:49.0791 0x1af8  usbscan - ok
07:37:49.0806 0x1af8  [ 9D168BFA334D47BE404367EB58D4E130, 23279CBE6ACBD074E7B268BA2EDA14E2255C41F8117173B2BBE653D8259ECFA2 ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
07:37:49.0806 0x1af8  USBSTOR - ok
07:37:49.0806 0x1af8  [ FC974B03C8B87455F44F734C8F31A3C8, D69F6EE8030F7DF96FF151D9EAA6AE65417ACAC5A267C7DB96E9611D5BC42D2C ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
07:37:49.0822 0x1af8  usbuhci - ok
07:37:49.0838 0x1af8  [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys
07:37:49.0838 0x1af8  usbvideo - ok
07:37:49.0853 0x1af8  [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
07:37:49.0869 0x1af8  USBXHCI - ok
07:37:49.0869 0x1af8  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc        C:\WINDOWS\system32\lsass.exe
07:37:49.0885 0x1af8  VaultSvc - ok
07:37:49.0885 0x1af8  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
07:37:49.0900 0x1af8  vdrvroot - ok
07:37:49.0916 0x1af8  [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds             C:\WINDOWS\System32\vds.exe
07:37:49.0947 0x1af8  vds - ok
07:37:49.0963 0x1af8  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
07:37:49.0963 0x1af8  VerifierExt - ok
07:37:49.0978 0x1af8  [ 5DB4AFA10A488EC4DDB3DA09B0425BE5, 480AFB6A6BCC95E86C5087C3D9DCD6058D48659A5A63F524A0B9ED3A8FEF6B9B ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
07:37:50.0010 0x1af8  vhdmp - ok
07:37:50.0010 0x1af8  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\WINDOWS\system32\drivers\viaide.sys
07:37:50.0010 0x1af8  viaide - ok
07:37:50.0025 0x1af8  [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
07:37:50.0025 0x1af8  vmbus - ok
07:37:50.0025 0x1af8  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
07:37:50.0041 0x1af8  VMBusHID - ok
07:37:50.0056 0x1af8  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
07:37:50.0072 0x1af8  vmicguestinterface - ok
07:37:50.0088 0x1af8  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
07:37:50.0103 0x1af8  vmicheartbeat - ok
07:37:50.0103 0x1af8  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
07:37:50.0135 0x1af8  vmickvpexchange - ok
07:37:50.0135 0x1af8  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
07:37:50.0150 0x1af8  vmicrdv - ok
07:37:50.0166 0x1af8  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
07:37:50.0181 0x1af8  vmicshutdown - ok
07:37:50.0197 0x1af8  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
07:37:50.0213 0x1af8  vmictimesync - ok
07:37:50.0228 0x1af8  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
07:37:50.0244 0x1af8  vmicvss - ok
07:37:50.0244 0x1af8  [ 436E1A724E7E683F6B612D3D58F04241, 939B5EF0090DF3759295F88402FD0EA33F499DDA9F89E5D0E90D1F9AED65D491 ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
07:37:50.0260 0x1af8  volmgr - ok
07:37:50.0260 0x1af8  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
07:37:50.0275 0x1af8  volmgrx - ok
07:37:50.0291 0x1af8  [ 17F7B0F2298D97F4B6C7A69511033D3D, 5BDFC225F31553786726808FB7952940FC05CA72B3977D684056F42AFAA59565 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
07:37:50.0306 0x1af8  volsnap - ok
07:37:50.0306 0x1af8  [ DAC438FB5FF85A9E72806E2341D5D732, B1D1EFCA8C588A6BF53CEC941CC59702C366F15C7D5943431736EC857E57C0A2 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
07:37:50.0322 0x1af8  vpci - ok
07:37:50.0322 0x1af8  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
07:37:50.0338 0x1af8  vsmraid - ok
07:37:50.0353 0x1af8  [ D0CBA7B3531CCF2ADB985856D5F92434, 7FCBBCAF1AA85DCE8D75FB38DC4848AE12E8DD913CEBBC37BCD3D0123F0A3CAB ] VSS             C:\WINDOWS\system32\vssvc.exe
07:37:50.0400 0x1af8  VSS - ok
07:37:50.0400 0x1af8  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
07:37:50.0416 0x1af8  VSTXRAID - ok
07:37:50.0416 0x1af8  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
07:37:50.0431 0x1af8  vwifibus - ok
07:37:50.0431 0x1af8  [ 6B26AD573CCDD5209DF4397438B76354, 2C8AC314EC471F6D8B0B12D49D621360A10DCADA7C52E73596730C954FF89FCF ] vwififlt        C:\WINDOWS\system32\DRIVERS\vwififlt.sys
07:37:50.0447 0x1af8  vwififlt - ok
07:37:50.0447 0x1af8  [ 0B48E0DFB44EE475F4FD8A8EE599AF30, 28271D4CA0C642304CD8826A3D514F44E3391F9D6D07A1595BB30CE65E7E3494 ] vwifimp         C:\WINDOWS\system32\DRIVERS\vwifimp.sys
07:37:50.0463 0x1af8  vwifimp - ok
07:37:50.0478 0x1af8  [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time         C:\WINDOWS\system32\w32time.dll
07:37:50.0510 0x1af8  W32Time - ok
07:37:50.0510 0x1af8  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
07:37:50.0525 0x1af8  WacomPen - ok
07:37:50.0541 0x1af8  [ 139D842E5FB75A1E2F0212FBD7B0E457, F29F73B56865C5EBBE89B8F92AEFE2DB19E5C29A94D2E006A23243C23A41AE79 ] wbengine        C:\WINDOWS\system32\wbengine.exe
07:37:50.0588 0x1af8  wbengine - ok
07:37:50.0588 0x1af8  [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
07:37:50.0619 0x1af8  WbioSrvc - ok
07:37:50.0619 0x1af8  [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
07:37:50.0635 0x1af8  Wcmsvc - ok
07:37:50.0650 0x1af8  [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
07:37:50.0666 0x1af8  wcncsvc - ok
07:37:50.0666 0x1af8  [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
07:37:50.0681 0x1af8  WcsPlugInService - ok
07:37:50.0681 0x1af8  [ 81285DDC994F03379DB46419300B2DCB, 98D3622E11F375718AEA1DE3B5F0104DDAB4F96B6D4C19788C14F7B338A6F235 ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
07:37:50.0697 0x1af8  WdBoot - ok
07:37:50.0713 0x1af8  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
07:37:50.0728 0x1af8  Wdf01000 - ok
07:37:50.0744 0x1af8  [ 26B8FED3F3B85F5F0C4BD03FD00B9941, 7F94FE7954498223B33C025258DB588A3AC9FF25C58EEAD204514FD20652FE40 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
07:37:50.0744 0x1af8  WdFilter - ok
07:37:50.0761 0x1af8  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
07:37:50.0777 0x1af8  WdiServiceHost - ok
07:37:50.0777 0x1af8  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
07:37:50.0792 0x1af8  WdiSystemHost - ok
07:37:50.0792 0x1af8  [ CE67080F00E0AF32755096CEA6430ABA, 0E5D626F9F76C0BC63B2D246AD66D9CBF7D92F34B56398417BCFD0C331DBD282 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
07:37:50.0808 0x1af8  WdNisDrv - ok
07:37:50.0808 0x1af8  WdNisSvc - ok
07:37:50.0808 0x1af8  [ A70CAF5EA36CBA5FCA24244306D4D5C6, 76C3E20B62B89D9699A1E817377FAD70B144B877BCC5C850A5B64CC68184D8DA ] WebClient       C:\WINDOWS\System32\webclnt.dll
07:37:50.0824 0x1af8  WebClient - ok
07:37:50.0839 0x1af8  [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
07:37:50.0855 0x1af8  Wecsvc - ok
07:37:50.0855 0x1af8  [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
07:37:50.0855 0x1af8  WEPHOSTSVC - ok
07:37:50.0871 0x1af8  [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
07:37:50.0886 0x1af8  wercplsupport - ok
07:37:50.0886 0x1af8  [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
07:37:50.0902 0x1af8  WerSvc - ok
07:37:50.0902 0x1af8  [ 715ABA3DD164D06457A2A3C92F6EA9D5, E6F8269D2FFC4A548B65724C0A3F53756ED15E47229861FBD40B656EE40FE166 ] WFPLWFS         C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
07:37:50.0917 0x1af8  WFPLWFS - ok
07:37:50.0917 0x1af8  [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
07:37:50.0933 0x1af8  WiaRpc - ok
07:37:50.0933 0x1af8  [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
07:37:50.0949 0x1af8  WIMMount - ok
07:37:50.0949 0x1af8  WinDefend - ok
07:37:50.0964 0x1af8  [ 0E70990EC2E5D2331AA5E88DB0CFB826, 79DFF565C3FCBC691E8FEB669CEC00E340FD2A2AFA4488D23A7CC63A2A98A5C1 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
07:37:50.0980 0x1af8  WinHttpAutoProxySvc - ok
07:37:50.0996 0x1af8  [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
07:37:51.0011 0x1af8  Winmgmt - ok
07:37:51.0058 0x1af8  [ 427873F889F2F508BE8BE982219CE578, CA8DCFB774BF0F747295A7A0CB46A6177DE12AD6BD58266182206C41A3C9001E ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
07:37:51.0105 0x1af8  WinRM - ok
07:37:51.0121 0x1af8  [ 3AF1FA17F1C4ACBDB660D8F98B1A9C13, 99B0851410B462685F6705EBF832D10943FB9634030B02D15BF5D0C66F26F2C2 ] WinUsb          C:\WINDOWS\System32\drivers\WinUsb.sys
07:37:51.0121 0x1af8  WinUsb - ok
07:37:51.0199 0x1af8  [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
07:37:51.0246 0x1af8  WlanSvc - ok
07:37:51.0277 0x1af8  [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
07:37:51.0308 0x1af8  wlidsvc - ok
07:37:51.0324 0x1af8  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
07:37:51.0324 0x1af8  WmiAcpi - ok
07:37:51.0339 0x1af8  [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
07:37:51.0355 0x1af8  wmiApSrv - ok
07:37:51.0355 0x1af8  WMPNetworkSvc - ok
07:37:51.0355 0x1af8  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
07:37:51.0371 0x1af8  Wof - ok
07:37:51.0402 0x1af8  [ EDFA5CEDBE174FAAA4A09A6B297AEA42, 5998FE15462E4AD9C7B1444E5E2C17BD470DA3A5D474A0A118E02E47DADC678A ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
07:37:51.0433 0x1af8  workfolderssvc - ok
07:37:51.0433 0x1af8  [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
07:37:51.0449 0x1af8  wpcfltr - ok
07:37:51.0449 0x1af8  [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc          C:\WINDOWS\System32\wpcsvc.dll
07:37:51.0464 0x1af8  WPCSvc - ok
07:37:51.0464 0x1af8  [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
07:37:51.0480 0x1af8  WPDBusEnum - ok
07:37:51.0480 0x1af8  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
07:37:51.0496 0x1af8  WpdUpFltr - ok
07:37:51.0496 0x1af8  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
07:37:51.0511 0x1af8  ws2ifsl - ok
07:37:51.0511 0x1af8  [ 501D5EFAB9711039479AE48401386D2B, C8C1184DE93E9D2C4E8A60E4E9980745C4E5470E5DA9B59165D18705330ADEFE ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
07:37:51.0527 0x1af8  wscsvc - ok
07:37:51.0527 0x1af8  WSearch - ok
07:37:51.0589 0x1af8  [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService       C:\WINDOWS\System32\WSService.dll
07:37:51.0667 0x1af8  WSService - ok
07:37:51.0730 0x1af8  [ F3F60C88A6BBC8D0C68FE5B1C91181AF, AF9A4D282CD4BB1127BC3F48AB89DC294408D96F7906553C636F37D1503CFA48 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
07:37:51.0792 0x1af8  wuauserv - ok
07:37:51.0792 0x1af8  [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
07:37:51.0808 0x1af8  WudfPf - ok
07:37:51.0824 0x1af8  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
07:37:51.0855 0x1af8  WUDFRd - ok
07:37:51.0855 0x1af8  [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
07:37:51.0871 0x1af8  wudfsvc - ok
07:37:51.0886 0x1af8  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
07:37:51.0886 0x1af8  WUDFWpdFs - ok
07:37:51.0902 0x1af8  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp      C:\WINDOWS\System32\drivers\WUDFRd.sys
07:37:51.0917 0x1af8  WUDFWpdMtp - ok
07:37:51.0917 0x1af8  [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
07:37:51.0949 0x1af8  WwanSvc - ok
07:37:51.0949 0x1af8  ================ Scan global ===============================
07:37:51.0949 0x1af8  [ 3500AF0BA2EF095BF313EEB75D2366C6, C755E57B02BFA82151A182DF964349859575570EA5C3FBA81F747B8D2134A4D0 ] C:\WINDOWS\system32\basesrv.dll
07:37:51.0964 0x1af8  [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\WINDOWS\system32\winsrv.dll
07:37:51.0964 0x1af8  [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\WINDOWS\system32\sxssrv.dll
07:37:51.0980 0x1af8  [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\WINDOWS\system32\services.exe
07:37:51.0996 0x1af8  [ Global ] - ok
07:37:51.0996 0x1af8  ================ Scan MBR ==================================
07:37:51.0996 0x1af8  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
07:37:52.0011 0x1af8  \Device\Harddisk0\DR0 - ok
07:37:52.0027 0x1af8  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
07:37:52.0152 0x1af8  \Device\Harddisk1\DR1 - ok
07:37:52.0152 0x1af8  ================ Scan VBR ==================================
07:37:52.0167 0x1af8  [ 2F3CD90FE33B9499A1D9EB82D070CC01 ] \Device\Harddisk0\DR0\Partition1
07:37:52.0167 0x1af8  \Device\Harddisk0\DR0\Partition1 - ok
07:37:52.0167 0x1af8  [ 891F37FAD00B8FB4ED531026D683185D ] \Device\Harddisk0\DR0\Partition2
07:37:52.0167 0x1af8  \Device\Harddisk0\DR0\Partition2 - ok
07:37:52.0183 0x1af8  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
07:37:52.0183 0x1af8  \Device\Harddisk0\DR0\Partition3 - ok
07:37:52.0183 0x1af8  [ 1EDF1C835FB4455E7CF7EBAF8EB7CC46 ] \Device\Harddisk0\DR0\Partition4
07:37:52.0183 0x1af8  \Device\Harddisk0\DR0\Partition4 - ok
07:37:52.0199 0x1af8  [ 2C491FDFFA145F94E9C2E51E45A3BDAA ] \Device\Harddisk0\DR0\Partition5
07:37:52.0199 0x1af8  \Device\Harddisk0\DR0\Partition5 - ok
07:37:52.0199 0x1af8  [ 57CF76FF24CEC9B428224759EC899DB1 ] \Device\Harddisk0\DR0\Partition6
07:37:52.0199 0x1af8  \Device\Harddisk0\DR0\Partition6 - ok
07:37:52.0214 0x1af8  [ D494C6A5D114AF6C0F5FDFFE70262134 ] \Device\Harddisk1\DR1\Partition1
07:37:52.0214 0x1af8  \Device\Harddisk1\DR1\Partition1 - ok
07:37:52.0214 0x1af8  ================ Scan generic autorun ======================
07:37:52.0449 0x1af8  [ 6DDA13FB28B620FEE52E0E616F4E7B70, 8C75E17E2C0C81BA3D1660ACB73591C181C3BD15237DF3A2E9734A7FF365C16A ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
07:37:52.0667 0x1af8  RtHDVCpl - ok
07:37:52.0683 0x1af8  [ 45D629AAF007A0DED6689A7A031D2AC7, DD10DEA927A2CC16EE38765DD1DE45E88288C09923DC14A95C1C6E457D535BCC ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
07:37:52.0714 0x1af8  RtHDVBg_Dolby - ok
07:37:52.0730 0x1af8  [ 75FBFC49CE8A7EF087AB450145C093C1, 9682D832BFA8054D32A6C977CE3EF2B376EDDCBD9D722703029690203EA0061F ] C:\Windows\system32\igfxtray.exe
07:37:52.0746 0x1af8  IgfxTray - ok
07:37:52.0746 0x1af8  HotKeysCmds - ok
07:37:52.0746 0x1af8  Persistence - ok
07:37:52.0746 0x1af8  [ 63B913AAB1244D8DED54CF0EFC8A56BD, 639830E9ECB004F09EA968EDF68C0037B5DFF7CCFF007DE5D11DEF2166707341 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
07:37:52.0792 0x1af8  AdobeAAMUpdater-1.0 - ok
07:37:52.0792 0x1af8  SynTPEnh - ok
07:37:52.0808 0x1af8  [ 369993D4B8C009393A2F9BCBB7BD2587, DD9FBF8C32BB3A29F7062BABA23B84FB9F7395A4AB3FB7001071154CDE92F7D5 ] C:\Program Files (x86)\Windows Mail\wab.exe
07:37:52.0839 0x1af8  WAB Migrate - ok
07:37:52.0855 0x1af8  [ 369993D4B8C009393A2F9BCBB7BD2587, DD9FBF8C32BB3A29F7062BABA23B84FB9F7395A4AB3FB7001071154CDE92F7D5 ] C:\Program Files (x86)\Windows Mail\wab.exe
07:37:52.0871 0x1af8  WAB Migrate - ok
07:37:52.0996 0x1af8  [ 20616E7A9E9A1D231FD232FC3ACAE46D, 017D06196BFE0B1D71D4BAA5BDD716E8320C8F64882B512540DA8739B4CD0C4A ] C:\Users\sephiroth\AppData\Local\Amazon Music\Amazon Music Helper.exe
07:37:53.0089 0x1af8  Amazon Music - ok
07:37:53.0089 0x1af8  EA Core - ok
07:37:53.0105 0x1af8  [ 369993D4B8C009393A2F9BCBB7BD2587, DD9FBF8C32BB3A29F7062BABA23B84FB9F7395A4AB3FB7001071154CDE92F7D5 ] C:\Program Files (x86)\Windows Mail\wab.exe
07:37:53.0121 0x1af8  WAB Migrate - ok
07:37:53.0121 0x1af8  Waiting for KSN requests completion. In queue: 167
07:37:54.0167 0x1af8  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.207.0 ), 0x60100 ( disabled : updated )
07:37:54.0167 0x1af8  AV detected via SS2: McAfee Anti-Virus und Anti-Spyware, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 15.0.0.0 ), 0x51000 ( enabled : updated )
07:37:54.0167 0x1af8  FW detected via SS2: McAfee Firewall, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 15.0.0.0 ), 0x51010 ( enabled )
07:37:54.0324 0x1af8  ============================================================
07:37:54.0324 0x1af8  Scan finished
07:37:54.0324 0x1af8  ============================================================
07:37:54.0339 0x072c  Detected object count: 0
07:37:54.0339 0x072c  Actual detected object count: 0

Musste den Beitrag teilen, zu viele Zeichen..

M-K-D-B · 04.09.2016, 09:21

Servus,

Hinweis: Der Suchlauf mit ESET kann länger dauern.

Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

start
CloseProcesses:
CMD: dir "C:\Program Files (x86)"
CMD: dir "C:\Program Files"
CMD: dir "C:\ProgramData"
CMD: dir "%appdata%"
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Schritt 2

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Schritt 3
Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.

Starte die HitmanPro.exe
Klicke auf
Entferne den Haken bei
Klicke auf
und
Akzeptiere die Lizenzbedingungen und klicke auf
Klicke auf

und auf
Wenn der Scan beendet wurde, nichts löschen lassen etc. sondern wähle unten links auf der Button-Leiste
und speichere die Logdatei auf Deinem Desktop.
Schließe HitmanPro und poste mir das Log.

Schritt 4

Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Untersuchen.
FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Gibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?

Bitte poste mit deiner nächsten Antwort

die Logdatei des FRST-Fix,
die Logdatei von ESET,
die Logdatei von HitmanPro,
die beiden neuen Logdateien von FRST,
die Beantwortung der gestellten Fragen.

Betti05 · 05.09.2016, 12:48

Hier erst mal das Fixlog:

Code:

ATTFilter

Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:07-10-2015
durchgeführt von sephiroth (2016-09-05 13:40:58) Run:1
Gestartet von C:\Users\sephiroth\Downloads\Programme
Geladene Profile: sephiroth (Verfügbare Profile: UpdatusUser & bebi-admin & sephiroth & Administrator)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
start
CloseProcesses:
CMD: dir "C:\Program Files (x86)"
CMD: dir "C:\Program Files"
CMD: dir "C:\ProgramData"
CMD: dir "%appdata%"
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
*****************

Prozess erfolgreich geschlossen.

=========  dir "C:\Program Files (x86)" =========

 Datentr�ger in Laufwerk C: ist Acer
 Volumeseriennummer: 86A8-EB7F

 Verzeichnis von C:\Program Files (x86)

04.09.2016  07:23    <DIR>          .
04.09.2016  07:23    <DIR>          ..
29.11.2013  11:12    <DIR>          Acer
30.11.2015  22:45    <DIR>          Adobe
29.11.2013  10:53    <DIR>          AGEIA Technologies
10.12.2015  13:57    <DIR>          Audible
16.08.2016  10:27    <DIR>          Bluetooth Suite
17.08.2016  20:55    <DIR>          Common Files
16.12.2015  22:04    <DIR>          Electronic Arts
23.03.2016  11:40    <DIR>          epson
13.02.2016  13:01    <DIR>          EPSON Software
28.03.2016  14:44    <DIR>          Google
10.12.2015  10:10    <DIR>          Intel
10.08.2016  21:04    <DIR>          Internet Explorer
30.11.2015  21:57    <DIR>          leawo
04.09.2016  07:23    <DIR>           Malwarebytes Anti-Malware 
28.08.2016  15:08    <DIR>          McAfee
29.11.2013  11:06    <DIR>          Microsoft Office
30.11.2015  22:09    <DIR>          Microsoft SQL Server Compact Edition
10.12.2015  13:07    <DIR>          Microsoft WSE
22.08.2013  17:36    <DIR>          Microsoft.NET
03.09.2016  12:00    <DIR>          Mozilla Firefox
28.08.2016  19:11    <DIR>          Mozilla Maintenance Service
10.12.2015  09:55    <DIR>          MSBuild
18.04.2013  12:10    <DIR>          Nero
10.12.2015  10:10    <DIR>          NVIDIA Corporation
16.12.2015  22:04    <DIR>          Origin
29.11.2013  11:00    <DIR>          Qualcomm Atheros
29.11.2013  10:58    <DIR>          Realtek
10.12.2015  09:55    <DIR>          Reference Assemblies
04.01.2016  21:58    <DIR>          Scrapbook MAX! 2.0
12.01.2016  10:01    <DIR>          Secunia
30.11.2015  22:01    <DIR>          VideoLAN
30.11.2015  22:41    <DIR>          WildTangent Games
10.12.2015  09:59    <DIR>          Windows Defender
30.11.2015  22:09    <DIR>          Windows Live
21.11.2014  12:51    <DIR>          Windows Mail
10.12.2015  10:10    <DIR>          Windows Media Player
21.11.2014  12:51    <DIR>          Windows Multimedia Platform
22.08.2013  17:36    <DIR>          Windows NT
21.11.2014  12:51    <DIR>          Windows Photo Viewer
21.11.2014  12:51    <DIR>          Windows Portable Devices
22.08.2013  17:36    <DIR>          WindowsPowerShell
07.03.2016  15:15    <DIR>          WOW Slider
               0 Datei(en),              0 Bytes
              44 Verzeichnis(se), 39.894.745.088 Bytes frei

========= Ende von CMD: =========


=========  dir "C:\Program Files" =========

 Datentr�ger in Laufwerk C: ist Acer
 Volumeseriennummer: 86A8-EB7F

 Verzeichnis von C:\Program Files

16.08.2016  10:27    <DIR>          .
16.08.2016  10:27    <DIR>          ..
30.11.2015  21:46    <DIR>          Accessory Store
29.11.2013  11:07    <DIR>          Acer
16.08.2016  10:27    <DIR>          Common Files
15.08.2016  21:12    <DIR>          FileZilla FTP Client
06.01.2016  14:06    <DIR>          GIMP 2
28.03.2016  14:44    <DIR>          Google
29.11.2013  10:50    <DIR>          Intel
10.08.2016  21:04    <DIR>          Internet Explorer
15.07.2016  16:58    <DIR>          McAfee
15.07.2016  16:57    <DIR>          McAfee.com
10.12.2015  09:55    <DIR>          MSBuild
10.12.2015  10:07    <DIR>          NVIDIA Corporation
30.11.2015  21:46    <DIR>          Preload
10.12.2015  10:07    <DIR>          Realtek
10.12.2015  09:55    <DIR>          Reference Assemblies
10.12.2015  10:06    <DIR>          Synaptics
10.12.2015  09:59    <DIR>          Windows Defender
21.11.2014  12:52    <DIR>          Windows Mail
10.12.2015  10:10    <DIR>          Windows Media Player
21.11.2014  12:52    <DIR>          Windows Multimedia Platform
10.12.2015  10:14    <DIR>          Windows NT
21.11.2014  12:52    <DIR>          Windows Photo Viewer
21.11.2014  12:52    <DIR>          Windows Portable Devices
21.11.2014  12:51    <DIR>          WindowsPowerShell
               0 Datei(en),              0 Bytes
              26 Verzeichnis(se), 39.894.274.048 Bytes frei

========= Ende von CMD: =========


=========  dir "C:\ProgramData" =========

 Datentr�ger in Laufwerk C: ist Acer
 Volumeseriennummer: 86A8-EB7F

 Verzeichnis von C:\ProgramData

29.11.2013  11:10    <DIR>          Acer
06.12.2015  09:11    <DIR>          Adobe
23.12.2015  14:27    <DIR>          Apple
23.12.2015  11:55    <DIR>          Apple Computer
10.12.2015  10:30    <DIR>          Atheros
30.11.2015  22:40    <DIR>          boost_interprocess
29.11.2013  11:07    <DIR>          CLSK
01.12.2015  20:28    <DIR>          CyberLink
19.12.2015  12:03    <DIR>          EA Core
16.12.2015  22:04    <DIR>          Electronic Arts
05.12.2015  23:46    <DIR>          EPSON
28.03.2016  14:45    <DIR>          Google
04.01.2016  21:58    <DIR>          IndigoRose
29.11.2013  11:07    <DIR>          install_clap
29.11.2013  10:50    <DIR>          Intel
15.07.2016  16:58    <DIR>          Intel Security
08.12.2015  09:02    <DIR>          Leawo
04.09.2016  07:23    <DIR>          Malwarebytes
27.07.2016  21:36    <DIR>          McAfee
18.04.2013  12:10    <DIR>          Nero
01.12.2015  21:14    <DIR>          Norton
30.11.2015  22:40    <DIR>          NortonInstaller
29.11.2013  10:53    <DIR>          NVIDIA
10.12.2015  10:07    <DIR>          NVIDIA Corporation
29.11.2013  11:04    <DIR>          OEM
30.11.2015  21:46    <DIR>          OEM_YAHOO
19.12.2015  12:03    <DIR>          Origin
28.03.2016  14:44    <DIR>          Package Cache
10.12.2015  10:10    <DIR>          PRICache
29.11.2013  11:00    <DIR>          Qualcomm Atheros
10.12.2015  10:11    <DIR>          regid.1986-12.com.adobe
10.12.2015  10:11    <DIR>          regid.1991-06.com.microsoft
17.08.2016  20:55    <DIR>          Skype
05.12.2015  23:46    <DIR>          Sony Corporation
29.11.2013  11:02    <DIR>          Synaptics
29.11.2013  11:07    <DIR>          Temp
05.12.2015  23:46    <DIR>          UDL
30.11.2015  22:40    <DIR>          WildTangent
               0 Datei(en),              0 Bytes
              38 Verzeichnis(se), 39.894.274.048 Bytes frei

========= Ende von CMD: =========


=========  dir "%appdata%" =========

 Datentr�ger in Laufwerk C: ist Acer
 Volumeseriennummer: 86A8-EB7F

 Verzeichnis von C:\Users\sephiroth\AppData\Roaming

16.08.2016  10:27    <DIR>          .
16.08.2016  10:27    <DIR>          ..
28.03.2016  14:45    <DIR>          Adobe
12.05.2016  14:50               132 Adobe CS5-Voreinstellungen f�r PNG-Format
23.12.2015  12:07    <DIR>          Apple Computer
30.11.2015  21:46    <DIR>          Atheros
03.08.2016  17:06    <DIR>          bluray
30.03.2016  10:01    <DIR>          Coronic
05.01.2016  19:45    <DIR>          CyberLink
03.09.2016  13:54    <DIR>          dvdcss
11.02.2016  18:28    <DIR>          EPSON
15.08.2016  21:20    <DIR>          FileZilla
30.11.2015  22:25    <DIR>          golden-pattern
10.12.2015  10:29    <DIR>          Identities
04.01.2016  22:01    <DIR>          IndigoRose
18.05.2016  20:01    <DIR>          Leawo
30.11.2015  21:59    <DIR>          Macromedia
30.11.2015  22:04    <DIR>          Mozilla
12.08.2016  13:18    <DIR>          No Company Name
16.12.2015  22:06    <DIR>          Origin
17.08.2016  20:54    <DIR>          Skype
30.11.2015  21:46    <DIR>          Synaptics
03.09.2016  14:42    <DIR>          vlc
               1 Datei(en),            132 Bytes
              22 Verzeichnis(se), 39.894.269.952 Bytes frei

========= Ende von CMD: =========


========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-3549694130-846552002-615965096-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-3549694130-846552002-615965096-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt


========= Ende von RemoveProxy: =========


=========  ipconfig /flushdns =========


Windows-IP-Konfiguration

Der DNS-Aufl�sungscache wurde geleert.

========= Ende von CMD: =========


=========  netsh winsock reset =========


Der Winsock-Katalog wurde zur�ckgesetzt.
Sie m�ssen den Computer neu starten, um den Vorgang abzuschlie�en.


========= Ende von CMD: =========

EmptyTemp: => 7.3 GB temporäre Dateien entfernt.


Das System musste neu gestartet werden.. 

==== Ende von Fixlog 13:41:23 ====

M-K-D-B · 05.09.2016, 13:03

Servus,

gut gemacht.

Dann fehlen nur noch die anderen Schritte.

Betti05 · 05.09.2016, 13:29

Eset log:

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=f247ab3e7c127143ab0a0c6e3c3dff3b
# end=init
# utc_time=2016-09-05 11:45:39
# local_time=2016-09-05 01:45:39 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT 
Update Init
Update Download
Update Finalize
Updated modules version: 30651
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=f247ab3e7c127143ab0a0c6e3c3dff3b
# end=updated
# utc_time=2016-09-05 11:48:17
# local_time=2016-09-05 01:48:17 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT 
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=f247ab3e7c127143ab0a0c6e3c3dff3b
# engine=30651
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-09-05 12:23:22
# local_time=2016-09-05 02:23:22 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 4483984 32049482 0 0
# scanned=325737
# found=0
# cleaned=0
# scan_time=2104

M-K-D-B · 05.09.2016, 13:33

Und noch HitmanPro und FRST.

Betti05 · 05.09.2016, 13:45

hitman:

Code:

ATTFilter


	Code: 

 ATTFilter

  
	HitmanPro 3.7.14.265
www.hitmanpro.com

   Computer name . . . . : BEBISPC
   Windows . . . . . . . : 6.3.0.9600.X64/8
   User name . . . . . . : bebispc\sephiroth
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free

   Scan date . . . . . . : 2016-09-05 14:32:42
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 1m 7s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 0
   Traces  . . . . . . . : 2

   Objects scanned . . . : 1.635.624
   Files scanned . . . . : 53.429
   Remnants scanned  . . : 492.509 files / 1.089.686 keys

Suspicious files ____________________________________________________________

   C:\Users\sephiroth\Downloads\Programme\FRST-OlderVersion\FRST64.exe
      Size . . . . . . . : 2.192.384 bytes
      Age  . . . . . . . : 428.8 days (2015-07-04 20:10:48)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 61A8D7E0CDD6C2A06F29CFF6ECB21226C9DBF904BBD7EA7EDB739B6B64B77897
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 22.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.

   C:\Users\sephiroth\Downloads\Programme\FRST64.exe
      Size . . . . . . . : 2.193.920 bytes
      Age  . . . . . . . : 333.9 days (2015-10-07 18:04:52)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : CECE6CE47AE19F02A8E07D407A4DBB30D5999A790DC8D6302D56985A650393EB
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 22.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.

Und FRST

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:07-10-2015
durchgeführt von sephiroth (Administrator) auf BEBISPC (05-09-2016 14:36:56)
Gestartet von C:\Users\sephiroth\Downloads\Programme
Geladene Profile: UpdatusUser & bebi-admin & sephiroth & Administrator (Verfügbare Profile: UpdatusUser & bebi-admin & sephiroth & Administrator)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(McAfee, Inc.) C:\Program Files\McAfee\MAT\McPvTray.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.9.829.0\McCSPServiceHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
() C:\Program Files (x86)\Acer\Live Updater\updater.exe
(Intel Security) C:\Program Files\Common Files\McAfee\ClientAnalytics\McClientAnalytics.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13427784 2013-03-18] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1278024 2013-03-08] (Realtek Semiconductor)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [404376 2015-08-09] ()
HKLM\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe
HKLM\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508240 2015-08-05] (Adobe Systems Incorporated)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3010800 2013-01-17] (Synaptics Incorporated)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [131712 2013-01-25] (Atheros Communications)
HKU\S-1-5-21-3549694130-846552002-615965096-1001\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2014-11-21] (Microsoft Corporation)
HKU\S-1-5-21-3549694130-846552002-615965096-1002\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2014-11-21] (Microsoft Corporation)
HKU\S-1-5-21-3549694130-846552002-615965096-1003\...\Run: [Amazon Music] => C:\Users\sephiroth\AppData\Local\Amazon Music\Amazon Music Helper.exe [5908968 2016-06-16] ()
HKU\S-1-5-21-3549694130-846552002-615965096-1003\...\Run: [EA Core] => "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
HKU\S-1-5-21-3549694130-846552002-615965096-1003\...\MountPoints2: {f4ce8d04-4140-11e6-be8f-0c54a52bf2d6} - "F:\LG_PC_Programs.exe" 
HKU\S-1-5-21-3549694130-846552002-615965096-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [11776 2014-11-21] (Microsoft Corporation)
HKU\S-1-5-21-3549694130-846552002-615965096-500\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2014-11-21] (Microsoft Corporation)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2016-01-12]
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{3FE8F490-0084-4F0C-A8B2-620DCF1468B7}: [DhcpNameServer] 127.0.0.1
Tcpip\..\Interfaces\{4C027189-88FD-454F-9CFF-83B06802C1E5}: [DhcpNameServer] 192.168.2.1 192.168.2.1

Internet Explorer:
==================
HKU\S-1-5-21-3549694130-846552002-615965096-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com
HKU\S-1-5-21-3549694130-846552002-615965096-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
HKU\S-1-5-21-3549694130-846552002-615965096-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com
HKU\S-1-5-21-3549694130-846552002-615965096-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
HKU\S-1-5-21-3549694130-846552002-615965096-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com/
HKU\S-1-5-21-3549694130-846552002-615965096-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
HKU\S-1-5-21-3549694130-846552002-615965096-500\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer13.msn.com
HKU\S-1-5-21-3549694130-846552002-615965096-500\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
SearchScopes: HKU\S-1-5-21-3549694130-846552002-615965096-1002 -> DefaultScope {E3CCF32F-40FA-4881-B11C-190C32C35A22} URL = 
SearchScopes: HKU\S-1-5-21-3549694130-846552002-615965096-1002 -> {4E60EDF9-961E-448F-B568-0B47972BC7B3} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=C011DE0D20151130&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3549694130-846552002-615965096-1002 -> {E3CCF32F-40FA-4881-B11C-190C32C35A22} URL = 
SearchScopes: HKU\S-1-5-21-3549694130-846552002-615965096-1003 -> DefaultScope {E3CCF32F-40FA-4881-B11C-190C32C35A22} URL = 
SearchScopes: HKU\S-1-5-21-3549694130-846552002-615965096-1003 -> {BE9DFE30-CB7C-4D6C-BF17-55F76FA62734} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=C011DE0D20151130&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3549694130-846552002-615965096-1003 -> {E3CCF32F-40FA-4881-B11C-190C32C35A22} URL = 
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2013-01-25] (Qualcomm Atheros Commnucations)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (Seiko Epson Corporation)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (Seiko Epson Corporation)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-08-22] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-08-22] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-08-22] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-08-22] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2016-07-07] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2016-07-07] (McAfee, Inc.)

FireFox:
========
FF ProfilePath: C:\Users\sephiroth\AppData\Roaming\Mozilla\Firefox\Profiles\qkgsve8j.default-1469175143505
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-12] ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2016-07-07] ()
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-08-06] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-12] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-01-23] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-01-23] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2016-07-07] ()
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-08-06] (Adobe Systems)
FF Extension: Adguard AdBlocker - C:\Users\sephiroth\AppData\Roaming\Mozilla\Firefox\Profiles\qkgsve8j.default-1469175143505\Extensions\adguardadblocker@adguard.com.xpi [2016-08-12]
FF Extension: Adblock Plus - C:\Users\sephiroth\AppData\Roaming\Mozilla\Firefox\Profiles\qkgsve8j.default-1469175143505\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-07-22]
FF Extension: Kein Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-09-03]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF Extension: Kein Name - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2016-08-28]
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: E-Web Print - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2016-02-13]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2016-07-15]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeActiveFileMonitor12.0; C:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe [181152 2013-09-03] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2159320 2016-08-22] (Adobe Systems, Incorporated)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [227456 2013-01-25] (Qualcomm Atheros Commnucations) [Datei ist nicht signiert]
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-27] (Acer Incorporated)
S2 CLKMSVC10_96E434EB; C:\Program Files (x86)\Acer\clear.fi SDK21\Movie\NavFilter\kmsvc.exe [241776 2013-02-04] (CyberLink)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [470056 2013-04-30] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [662088 2013-03-15] (Acer Incorporated)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [355232 2015-08-09] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [167736 2013-01-30] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [431656 2013-06-17] (Acer Incorporate)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [163592 2016-08-22] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [993824 2016-07-07] (McAfee, Inc.)
R2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.9.829.0\\McCSPServiceHost.exe [1910000 2016-05-31] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [816128 2016-06-21] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232688 2016-04-26] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [382456 2016-06-23] (McAfee, Inc.)
R3 mfevtp; C:\WINDOWS\system32\mfevtps.exe [277744 2016-04-26] (McAfee, Inc.)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1454216 2016-06-17] (McAfee, Inc.)
S3 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [596768 2016-07-07] (McAfee, Inc.)
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1045336 2016-05-25] (Intel Security, Inc.)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1572056 2015-12-01] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [839384 2015-12-01] (Secunia)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-12-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-12-10] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-01-25] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-11-21] (Microsoft Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [78632 2016-04-27] (McAfee, Inc.)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [207968 2016-02-24] (McAfee, Inc.)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-01-10] (Acer Incorporated)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-09-05] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R2 McPvDrv; C:\Windows\system32\drivers\McPvDrv.sys [79192 2016-04-20] (McAfee, Inc.)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [419616 2016-04-27] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [349480 2016-04-27] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [83608 2016-04-27] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [493352 2016-04-27] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [843048 2016-04-27] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [519976 2016-04-27] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [100136 2016-04-27] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [46240 2016-06-06] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [243488 2016-04-27] (McAfee, Inc.)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2015-12-01] (Secunia)
R0 PxHlpa64; C:\Windows\System32\drivers\PxHlpa64.sys [56336 2013-07-19] (Corel Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [15704 2013-01-10] (Acer Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2013-01-17] (Synaptics Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-12-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-12-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-12-10] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-09-05 14:34 - 2016-09-05 14:34 - 00004766 _____ C:\Users\sephiroth\Desktop\HitmanPro_20160905_1434.log
2016-09-05 14:32 - 2016-09-05 14:34 - 00000000 ____D C:\ProgramData\HitmanPro
2016-09-05 13:50 - 2016-09-05 13:50 - 11438608 _____ (SurfRight B.V.) C:\Users\sephiroth\Downloads\HitmanPro_x64.exe
2016-09-05 13:38 - 2016-09-05 13:38 - 02870984 _____ (ESET) C:\Users\sephiroth\Downloads\esetsmartinstaller_deu.exe
2016-09-05 10:37 - 2016-09-05 10:37 - 00003846 _____ C:\WINDOWS\System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse
2016-09-04 08:31 - 2016-09-04 08:31 - 00000778 _____ C:\Users\sephiroth\Desktop\veganes nutella.txt
2016-09-04 07:34 - 2016-09-04 07:34 - 00001186 _____ C:\Users\sephiroth\Desktop\mbm.txt
2016-09-04 07:23 - 2016-09-05 13:55 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-09-04 07:23 - 2016-09-04 07:23 - 00001118 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-09-04 07:23 - 2016-09-04 07:23 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-09-04 07:23 - 2016-09-04 07:23 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-09-04 07:23 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-09-04 07:23 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-09-04 07:23 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-09-04 07:21 - 2016-09-04 07:21 - 22851472 _____ (Malwarebytes ) C:\Users\sephiroth\Downloads\mbam-setup-2.2.1.1043.exe
2016-09-03 12:00 - 2016-09-05 13:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-09-02 18:53 - 2016-09-02 18:53 - 00000386 _____ C:\Users\sephiroth\Desktop\ebereschengeleee.txt
2016-09-01 17:38 - 2016-09-01 17:38 - 04656735 _____ C:\Users\sephiroth\Downloads\tdsskiller.zip
2016-09-01 17:38 - 2016-09-01 17:38 - 00000000 ____D C:\Users\sephiroth\Downloads\tdsskiller
2016-08-30 17:15 - 2016-08-30 17:20 - 86137158 _____ C:\Users\sephiroth\Downloads\Dunkelkammer020.zip
2016-08-22 21:17 - 2016-08-22 21:17 - 00000224 _____ C:\Users\sephiroth\Desktop\bundeskleingartengesetz.txt
2016-08-16 11:49 - 2016-08-16 11:50 - 55412736 _____ C:\Users\sephiroth\Downloads\FontPack1500720033_XtdAlf_Lang_DC.msi
2016-08-16 10:27 - 2016-08-17 20:55 - 00000000 ____D C:\ProgramData\Skype
2016-08-16 10:27 - 2016-08-17 20:54 - 00000000 ____D C:\Users\sephiroth\AppData\Roaming\Skype
2016-08-16 10:27 - 2016-08-16 10:27 - 00000000 ____D C:\Users\sephiroth\AppData\Local\Skype
2016-08-16 10:27 - 2016-08-16 10:27 - 00000000 ____D C:\Program Files\Common Files\Atheros
2016-08-16 10:27 - 2015-01-06 05:01 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2016-08-16 10:27 - 2015-01-06 04:59 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2016-08-16 10:27 - 2015-01-06 03:12 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascfg.dll
2016-08-16 10:27 - 2015-01-06 03:02 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rascfg.dll
2016-08-16 10:26 - 2015-12-16 19:11 - 01200128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2016-08-16 10:26 - 2015-12-16 18:51 - 00868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2016-08-16 10:26 - 2015-06-10 00:39 - 00081920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-08-16 10:26 - 2015-06-10 00:39 - 00053248 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2016-08-16 10:26 - 2015-06-10 00:38 - 01201664 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-08-15 21:12 - 2016-08-15 21:12 - 06647784 _____ (Tim Kosse) C:\Users\sephiroth\Downloads\FileZilla_3.20.1_win64-setup.exe
2016-08-13 07:19 - 2016-08-13 07:19 - 00017683 _____ C:\Users\sephiroth\Downloads\Fw_ Bestätigung Ihrer Zahlung an Hamee US CORP.html
2016-08-13 07:19 - 2016-08-13 07:19 - 00006873 _____ C:\Users\sephiroth\Downloads\Fw_ [Hamee Strapya World] Shipping Confirmation E-mail Order#W-293201.html
2016-08-12 13:18 - 2016-08-12 13:18 - 00001562 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
2016-08-12 13:18 - 2016-08-12 13:18 - 00001550 _____ C:\Users\Public\Desktop\Adobe Application Manager.lnk
2016-08-12 13:18 - 2016-08-12 13:18 - 00000000 ____D C:\Users\sephiroth\AppData\Roaming\No Company Name
2016-08-10 15:38 - 2016-06-18 22:06 - 00590688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2016-08-10 15:38 - 2016-06-18 22:06 - 00072408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2016-08-10 15:38 - 2016-06-11 21:52 - 00379232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-08-10 15:38 - 2016-06-11 21:52 - 00057184 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2016-08-10 15:38 - 2016-06-11 20:05 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpresult.exe
2016-08-10 15:38 - 2016-06-11 19:14 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpresult.exe
2016-08-10 15:38 - 2016-06-11 18:50 - 00987136 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-08-10 15:38 - 2016-06-11 18:46 - 00482304 _____ (Microsoft Corporation) C:\WINDOWS\system32\tpmvsc.dll
2016-08-10 15:38 - 2016-06-11 18:44 - 00509440 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2016-08-10 15:38 - 2016-06-11 18:37 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-08-10 15:38 - 2016-06-11 18:24 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-08-10 15:38 - 2016-06-11 18:20 - 00413184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2016-08-10 15:38 - 2016-06-11 18:16 - 00626176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-08-10 15:38 - 2016-06-11 05:44 - 00107984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2016-08-10 15:38 - 2016-06-11 05:44 - 00091416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2016-08-10 15:38 - 2016-06-10 22:07 - 03820544 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2016-08-10 15:38 - 2016-06-10 22:03 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-08-10 15:38 - 2016-06-10 21:04 - 03547136 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-08-10 15:38 - 2016-06-10 20:11 - 06521800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-08-10 15:38 - 2016-06-10 20:11 - 01487992 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-08-10 15:38 - 2016-06-10 20:11 - 00261376 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-08-10 15:38 - 2016-06-10 20:11 - 00125024 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptxml.dll
2016-08-10 15:38 - 2016-06-10 20:10 - 00099136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptxml.dll
2016-08-10 15:38 - 2016-06-10 20:07 - 03273728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2016-08-10 15:38 - 2016-06-10 20:04 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-08-10 15:38 - 2016-06-09 21:32 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2016-08-10 15:38 - 2016-06-09 20:18 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2016-08-10 15:38 - 2016-06-07 20:10 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\hbaapi.dll
2016-08-10 15:38 - 2016-06-07 19:13 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hbaapi.dll
2016-08-10 15:38 - 2016-06-04 02:38 - 01613528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2016-08-10 15:38 - 2016-06-04 02:37 - 01970968 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2016-08-10 15:38 - 2016-05-29 09:08 - 22361344 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-08-10 15:38 - 2016-05-28 20:31 - 19788688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-08-10 15:38 - 2016-05-18 23:54 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\certenc.dll
2016-08-10 15:38 - 2016-05-18 23:15 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certenc.dll
2016-08-10 15:38 - 2016-05-18 22:56 - 01291776 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe
2016-08-10 15:38 - 2016-05-18 22:33 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe
2016-08-10 15:38 - 2016-05-18 22:28 - 02635264 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-08-10 15:38 - 2016-05-18 22:16 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-08-10 15:38 - 2016-05-14 22:26 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-08-10 15:38 - 2016-05-14 07:19 - 01134768 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-08-10 15:38 - 2016-05-14 01:08 - 00111616 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-08-10 15:38 - 2016-05-14 01:08 - 00032768 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2016-08-10 15:38 - 2016-05-14 01:08 - 00032512 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2016-08-10 15:38 - 2016-05-14 00:24 - 00862720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-08-10 15:38 - 2016-05-13 23:42 - 03667968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-08-10 15:38 - 2016-05-13 23:30 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2016-08-10 15:38 - 2016-05-13 23:29 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2016-08-10 15:38 - 2016-05-13 23:27 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2016-08-10 15:38 - 2016-05-13 23:27 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2016-08-10 15:38 - 2016-05-13 23:26 - 02230784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2016-08-10 15:38 - 2016-05-13 23:26 - 00897024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-08-10 15:38 - 2016-05-13 23:18 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2016-08-10 15:38 - 2016-05-13 23:18 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2016-08-10 15:38 - 2016-05-13 23:16 - 00727040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-08-10 15:38 - 2016-05-13 23:16 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2016-08-10 15:38 - 2016-05-12 20:36 - 00034600 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserAccountBroker.exe
2016-08-10 15:38 - 2016-05-12 19:39 - 00030984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserAccountBroker.exe
2016-08-10 15:38 - 2016-05-06 23:59 - 00331608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2016-08-10 15:38 - 2016-05-06 19:13 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-08-10 15:38 - 2016-05-05 20:28 - 01661072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-08-10 15:38 - 2016-05-05 19:39 - 01212256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-08-10 15:38 - 2016-05-05 19:18 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
2016-08-10 15:38 - 2016-05-05 19:02 - 03320832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-08-10 15:38 - 2016-05-05 18:37 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe
2016-08-10 15:38 - 2016-05-05 18:34 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-08-10 15:38 - 2016-05-05 18:29 - 03607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-08-10 15:38 - 2016-05-05 17:28 - 02778624 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-08-10 15:38 - 2016-05-05 17:16 - 02464768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-08-10 15:38 - 2016-04-16 15:56 - 01080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-08-10 15:38 - 2016-04-10 07:35 - 00551256 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2016-08-10 15:38 - 2016-04-10 00:15 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2016-08-10 15:38 - 2016-04-10 00:14 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Geolocation.dll
2016-08-10 15:38 - 2016-04-10 00:10 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2016-08-10 15:38 - 2016-04-10 00:09 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2016-08-10 15:38 - 2016-04-10 00:02 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2016-08-10 15:38 - 2016-04-09 23:59 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Geolocation.dll
2016-08-10 15:38 - 2016-04-09 23:59 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll
2016-08-10 15:38 - 2016-04-09 23:56 - 00543232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2016-08-10 15:38 - 2016-04-09 23:55 - 00881152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-08-10 15:38 - 2016-04-09 23:52 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2016-08-10 15:38 - 2016-04-07 18:06 - 00927744 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2016-08-10 15:38 - 2016-04-06 23:21 - 00114528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mup.sys
2016-08-10 15:38 - 2016-04-06 20:20 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-08-10 15:38 - 2016-04-06 20:17 - 18825216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-08-10 15:38 - 2016-04-06 18:25 - 15158272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-08-10 15:38 - 2016-04-06 00:37 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiswan.sys
2016-08-10 15:38 - 2016-04-02 15:58 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-08-10 15:38 - 2016-04-01 19:40 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2016-08-10 15:38 - 2016-04-01 18:53 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-08-10 15:38 - 2016-04-01 18:50 - 00737280 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-08-10 15:38 - 2016-02-04 18:57 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxp.dll
2016-08-10 15:38 - 2016-02-04 18:49 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2016-08-10 15:38 - 2016-02-04 18:39 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2016-08-10 15:35 - 2016-08-02 08:54 - 25808384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-08-10 15:35 - 2016-08-02 08:32 - 02894336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-08-10 15:35 - 2016-08-02 08:31 - 00572416 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-08-10 15:35 - 2016-08-02 08:20 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2016-08-10 15:35 - 2016-08-02 08:18 - 06047744 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-08-10 15:35 - 2016-08-02 08:18 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-08-10 15:35 - 2016-08-02 07:55 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-08-10 15:35 - 2016-08-02 07:54 - 20343808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-08-10 15:35 - 2016-08-02 07:51 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-08-10 15:35 - 2016-08-02 07:47 - 02286592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-08-10 15:35 - 2016-08-02 07:46 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-08-10 15:35 - 2016-08-02 07:41 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-08-10 15:35 - 2016-08-02 07:40 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2016-08-10 15:35 - 2016-08-02 07:39 - 00378880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-08-10 15:35 - 2016-08-02 07:38 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-08-10 15:35 - 2016-08-02 07:38 - 00724992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-08-10 15:35 - 2016-08-02 07:36 - 02131456 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-08-10 15:35 - 2016-08-02 07:28 - 15412224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-08-10 15:35 - 2016-08-02 07:23 - 02868224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-08-10 15:35 - 2016-08-02 07:21 - 04608000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-08-10 15:35 - 2016-08-02 07:20 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-08-10 15:35 - 2016-08-02 07:15 - 00692736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-08-10 15:35 - 2016-08-02 07:15 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-08-10 15:35 - 2016-08-02 07:14 - 02055680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-08-10 15:35 - 2016-08-02 07:11 - 13808128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-08-10 15:35 - 2016-08-02 07:10 - 01550848 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-08-10 15:35 - 2016-08-02 06:59 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-08-10 15:35 - 2016-08-02 06:56 - 02393088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-08-10 15:35 - 2016-08-02 06:53 - 01316352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-08-10 15:35 - 2016-08-02 06:51 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-08-10 15:35 - 2016-07-08 16:32 - 01753600 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-08-10 15:35 - 2016-07-08 16:25 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-08-10 15:35 - 2016-07-08 16:18 - 04169216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-08-10 15:35 - 2016-07-06 16:26 - 07793152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-08-10 15:35 - 2016-07-06 16:26 - 07075328 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2016-08-10 15:35 - 2016-07-06 16:23 - 05270016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll
2016-08-10 15:35 - 2016-07-06 16:21 - 05265920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-08-10 15:34 - 2016-07-09 02:09 - 00442712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-08-10 15:34 - 2016-07-09 02:08 - 00332632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-08-10 15:34 - 2016-07-08 16:19 - 00840704 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2016-08-10 15:34 - 2016-07-08 16:17 - 00696832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2016-08-10 15:33 - 2016-07-12 16:08 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-08-10 15:33 - 2016-07-08 16:22 - 01445376 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-08-10 15:33 - 2016-07-08 00:33 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-08-10 15:33 - 2016-07-07 23:53 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2016-08-10 15:33 - 2016-07-07 22:06 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2016-08-10 15:33 - 2016-05-19 01:18 - 00563024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-08-10 15:33 - 2016-05-19 01:18 - 00397232 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2016-08-10 15:33 - 2016-05-19 01:16 - 00178016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-08-10 15:33 - 2016-05-19 00:28 - 00340880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2016-08-09 21:36 - 2016-08-09 21:36 - 00001134 _____ C:\Users\sephiroth\Desktop\glasslinewarmglass.txt
2016-08-08 14:48 - 2016-08-09 12:17 - 00002452 _____ C:\Users\sephiroth\Desktop\merkzettelwarmglass.txt

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-09-05 14:36 - 2015-10-02 12:20 - 00000000 ____D C:\FRST
2016-09-05 14:28 - 2015-12-02 20:52 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-09-05 14:17 - 2015-12-10 10:07 - 02091441 _____ C:\WINDOWS\WindowsUpdate.log
2016-09-05 14:04 - 2016-07-29 10:59 - 00001134 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d1e97786bc8a9e.job
2016-09-05 14:04 - 2016-03-28 14:44 - 00001134 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-09-05 14:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2016-09-05 13:58 - 2015-11-30 22:26 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3549694130-846552002-615965096-1003
2016-09-05 13:54 - 2015-12-10 12:54 - 00000935 _____ C:\WINDOWS\Tasks\EPSON XP-610 Series Update {2591B939-2580-48C9-973A-8EB6BD165040}.job
2016-09-05 13:54 - 2015-12-10 12:54 - 00000749 _____ C:\WINDOWS\Tasks\EPSON XP-610 Series Invitation {2591B939-2580-48C9-973A-8EB6BD165040}.job
2016-09-05 13:54 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2016-09-05 13:46 - 2014-11-21 05:35 - 01776918 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-09-05 13:46 - 2014-11-21 04:45 - 00765582 _____ C:\WINDOWS\system32\perfh007.dat
2016-09-05 13:46 - 2014-11-21 04:45 - 00159366 _____ C:\WINDOWS\system32\perfc007.dat
2016-09-05 13:45 - 2015-12-05 23:45 - 00000935 _____ C:\WINDOWS\Tasks\EPSON XP-610 Series Update {F89D404C-FE94-442F-97C1-15EF2FFD76DC}.job
2016-09-05 13:45 - 2015-12-05 23:45 - 00000749 _____ C:\WINDOWS\Tasks\EPSON XP-610 Series Invitation {F89D404C-FE94-442F-97C1-15EF2FFD76DC}.job
2016-09-05 13:42 - 2016-07-15 16:58 - 00000000 __RSD C:\Users\sephiroth\Documents\McAfee-Tresore
2016-09-05 13:42 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2016-09-05 13:41 - 2016-03-28 14:44 - 00001130 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-09-05 13:41 - 2016-01-04 12:43 - 00000000 ____D C:\Users\sephiroth\AppData\LocalLow\Temp
2016-09-05 13:41 - 2015-11-30 22:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-09-05 13:41 - 2015-04-15 07:57 - 00000000 ____D C:\Users\sephiroth\Downloads\Programme
2016-09-05 13:41 - 2014-11-20 20:24 - 00034206 _____ C:\WINDOWS\PFRO.log
2016-09-05 13:41 - 2013-08-22 16:46 - 00423146 _____ C:\WINDOWS\setupact.log
2016-09-05 13:41 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-09-05 13:41 - 2013-08-22 16:44 - 00412672 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-09-05 10:42 - 2015-11-30 22:12 - 00000000 ____D C:\Users\sephiroth\AppData\Local\Adobe
2016-09-05 10:40 - 2016-01-28 19:42 - 00003942 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B4F37A35-1FFD-4015-AA48-A7C1CA8833EE}
2016-09-04 11:26 - 2016-07-13 17:52 - 00002194 _____ C:\Users\sephiroth\Desktop\käse.txt
2016-09-04 07:13 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-09-03 14:42 - 2016-01-16 20:10 - 00000000 ____D C:\Users\sephiroth\AppData\Roaming\vlc
2016-09-03 13:54 - 2016-07-16 17:53 - 00000000 ____D C:\Users\sephiroth\AppData\Roaming\dvdcss
2016-09-03 13:46 - 2015-04-09 18:50 - 00000000 ____D C:\Users\sephiroth\.dvdcss
2016-08-30 18:58 - 2015-12-03 19:54 - 00000000 ____D C:\Users\sephiroth\AppData\Local\CrashDumps
2016-08-28 15:08 - 2016-07-15 16:57 - 00000000 ____D C:\Program Files (x86)\McAfee
2016-08-18 18:58 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2016-08-18 11:28 - 2015-12-10 10:10 - 00000000 ____D C:\Users\sephiroth
2016-08-18 10:30 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-08-17 21:02 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-08-16 10:27 - 2014-11-21 05:13 - 00000000 ____D C:\WINDOWS\ShellNew
2016-08-16 10:27 - 2013-11-29 10:55 - 00000000 ____D C:\Program Files (x86)\Bluetooth Suite
2016-08-16 10:27 - 2013-08-22 17:36 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2016-08-16 10:27 - 2013-08-22 16:46 - 00000262 _____ C:\WINDOWS\setuperr.log
2016-08-15 21:20 - 2015-11-30 21:56 - 00000000 ____D C:\Users\sephiroth\AppData\Roaming\FileZilla
2016-08-15 21:12 - 2015-11-30 21:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2016-08-15 21:12 - 2015-11-30 21:56 - 00000000 ____D C:\Program Files\FileZilla FTP Client
2016-08-12 19:03 - 2015-12-09 13:33 - 00001456 _____ C:\Users\sephiroth\AppData\Local\Adobe Für Web speichern 12.0 Prefs
2016-08-12 13:18 - 2015-11-30 22:18 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-08-10 21:04 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2016-08-10 20:11 - 2015-12-01 21:10 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-08-10 20:09 - 2015-12-01 21:10 - 147640136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-08-10 20:09 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2016-08-10 15:43 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-03-01 13:27 - 2016-05-12 14:50 - 0000132 _____ () C:\Users\sephiroth\AppData\Roaming\Adobe CS5-Voreinstellungen für PNG-Format
2015-12-09 13:33 - 2016-08-12 19:03 - 0001456 _____ () C:\Users\sephiroth\AppData\Local\Adobe Für Web speichern 12.0 Prefs
2016-05-19 14:41 - 2016-05-19 14:41 - 0004610 _____ () C:\Users\sephiroth\AppData\Local\recently-used.xbel
2013-11-29 10:58 - 2013-11-29 10:58 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-08-29 14:49

==================== Ende von FRST.txt ============================

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:07-10-2015
durchgeführt von sephiroth (2016-09-05 14:37:25)
Gestartet von C:\Users\sephiroth\Downloads\Programme
Windows 8.1 (X64) (2015-12-10 08:29:17)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3549694130-846552002-615965096-500 - Administrator - Disabled) => C:\Users\Administrator
bebi-admin (S-1-5-21-3549694130-846552002-615965096-1002 - Administrator - Enabled) => C:\Users\bebi-admin
Gast (S-1-5-21-3549694130-846552002-615965096-501 - Limited - Disabled)
sephiroth (S-1-5-21-3549694130-846552002-615965096-1003 - Administrator - Enabled) => C:\Users\sephiroth
UpdatusUser (S-1-5-21-3549694130-846552002-615965096-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Acer Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3013 - Acer Incorporated)
Acer Games (HKU\S-1-5-21-3549694130-846552002-615965096-1002\...\Pokki_03d432a7e610c3e908213e7689d4342ce2111caf) (Version: 1.1.7.42206 - Pokki)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.3005 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3013 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3016 - Acer Incorporated)
Acer USB Charge Manager (HKLM\...\{07E867C5-0C48-40FF-A013-DDAF4565AD47}) (Version: 2.00.3004 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.01.2008 - Acer Incorporated)
AcerCloud Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.02.2022 - Acer Incorporated)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Photoshop Elements 12 (HKLM-x32\...\Adobe Photoshop Elements 12) (Version: 12.1.0.0 - Adobe Systems Incorporated)
Amazon Music (HKU\S-1-5-21-3549694130-846552002-615965096-1003\...\Amazon Amazon Music) (Version: 4.3.2.1367 - Amazon Services LLC)
clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.02.2012 - Acer Incorporated)
clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.02.2016 - Acer Incorporated)
clear.fi SDK - Video 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
clear.fi SDK- Movie 2 (x32 Version: 2.1.2606 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 - Electronic Arts)
Die Sims™ 3 Reiseabenteuer (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts)
Die Sims™ 3 Showtime (HKLM-x32\...\{3BBFD444-5FAB-49F6-98B1-A1954E831399}) (Version: 12.0.273 - Electronic Arts)
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
Elements 12 Organizer (x32 Version: 12.0 - Ihr Firmenname) Hidden
Epson Easy Photo Print 2 (HKLM-x32\...\{07AA1C7F-E8CA-4FDC-B975-BC9EBC22B6DE}) (Version: 2.7.0.0 - SEIKO EPSON CORPORATION)
Epson E-Web Print (HKLM-x32\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION)
Epson Print CD (HKLM-x32\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.42.00 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON XP-610 Series Printer Uninstall (HKLM\...\EPSON XP-610 Series) (Version:  - SEIKO EPSON Corporation)
Extended Asian Language font pack for Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-2530-0000-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
FileZilla Client 3.20.1 (HKLM-x32\...\FileZilla Client) (Version: 3.20.1 - Tim Kosse)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
GIMP 2.8.16 (HKLM\...\GIMP-2_is1) (Version: 2.8.16 - The GIMP Team)
Google Update Helper (x32 Version: 1.3.25.3 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3006 - Acer Incorporated)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1310 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4264 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.0.1083 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Leawo Blu-ray Player Version  1.9.3.5 (HKLM-x32\...\{CF7F52BF-DEE0-44CD-A7E1-AADD5CCECCDD}_is1) (Version: 1.9.3.5 - Leawo Software)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3010 - Acer Incorporated)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.262 - McAfee, Inc.)
McAfee® Total Protection (HKLM-x32\...\MSC) (Version: 15.0.166 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 48.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 48.0.2 (x86 de)) (Version: 48.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0.2.6079 - Mozilla)
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{4CA8F973-6377-4ABF-9ED5-CC2323B3C000}) (Version: 12.5.00500 - Nero AG)
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google)
NVIDIA Grafiktreiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2008 - Acer)
Origin (HKLM-x32\...\Origin) (Version: 8.4.1.210 - Electronic Arts, Inc.)
Pokki (HKU\S-1-5-21-3549694130-846552002-615965096-1002\...\Pokki) (Version: 0.263.14.114 - Pokki)
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
PSE12 STI Installer (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.220 - Qualcomm Atheros Communications)
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.39 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6865 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C9661090-C134-46E8-90B2-76D72355C2A6}) (Version: 6.2.9200.28140 - Realtek Semiconductor Corp.)
Scrapbook MAX! 2.0 (HKLM-x32\...\Scrapbook MAX! 2.0) (Version: 2.0.6.1 - Indigo Rose Corporation)
Secunia PSI (3.0.0.11003) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.11003 - Secunia)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Software Updater (HKLM-x32\...\{8DBC5A0A-31C4-46C7-B252-6B593EA11A87}) (Version: 4.3.7 - SEIKO EPSON CORPORATION)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.3.4.5 - Synaptics Incorporated)
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WOW Slider (HKLM-x32\...\WOW Slider_is1) (Version:  - )

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3549694130-846552002-615965096-1003_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)

==================== Wiederherstellungspunkte =========================

20-08-2016 21:11:01 Windows Update
28-08-2016 15:00:35 Windows Update
31-08-2016 22:20:24 Windows Update
04-09-2016 07:29:18 Windows Update

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0242D6EA-EA92-4C22-97E4-709AE43C60D4} - System32\Tasks\Dolby Selector => C:\Dolby PCEE4\pcee4.exe [2012-08-31] (Dolby Laboratories Inc.)
Task: {0469D31E-8959-4086-A6A9-A4C52443CD75} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-28] (Google Inc.)
Task: {047DD32F-9E72-4B6A-A608-F703EB8E6658} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2016-07-13] (Microsoft Corporation)
Task: {06955FC0-7FFF-4DF3-A741-3E19E005273A} - System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\54.0\mcdatrep.exe [2016-01-27] (McAfee, Inc.)
Task: {0DA72A44-77D8-43D5-B0F3-D2B37A138859} - System32\Tasks\EPSON XP-610 Series Invitation {F89D404C-FE94-442F-97C1-15EF2FFD76DC} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {0F5F4B52-DF52-4D82-95AE-AFF007C65F5E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-28] (Google Inc.)
Task: {23BC35FB-6C7C-488A-AB2C-2942B80871C7} - System32\Tasks\EPSON XP-610 Series Invitation {2591B939-2580-48C9-973A-8EB6BD165040} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {2F20F5E3-A6BD-47EE-AC39-84A47810D5BC} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {3D16C00E-D508-4783-BFC6-FBFA4536F6CA} - System32\Tasks\Microsoft\Windows\Setup\gwx\rundetector => C:\Windows\system32\GWX\GWXDetector.exe [2016-07-10] (Microsoft Corporation)
Task: {510D8537-1480-4525-87E8-2B40B251B089} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [2016-07-07] (McAfee, Inc.)
Task: {548ACE6E-AE7B-4632-A2CD-7FD103EBA247} - System32\Tasks\AdobeAAMUpdater-1.0-bebispc-sephiroth => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-08-05] (Adobe Systems Incorporated)
Task: {583BCD67-ED6A-47CE-86DA-A1C82F5DA2B9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated)
Task: {8F2B5D50-FC49-4F37-99F2-E4CA803398A2} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {99F2BF4B-4187-47DE-A890-4050E99043E3} - System32\Tasks\EPSON XP-610 Series Update {2591B939-2580-48C9-973A-8EB6BD165040} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {A9B56390-E417-4227-B328-BBABE8A02004} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-08-10] (Microsoft Corporation)
Task: {B7C63CCC-F16F-48E0-9F47-53EFAF5643F2} - System32\Tasks\EPSON XP-610 Series Update {F89D404C-FE94-442F-97C1-15EF2FFD76DC} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {C00539EC-82DE-4880-9BA4-10EE7AC793CF} - System32\Tasks\GoogleUpdateTaskMachineUA1d1e97786bc8a9e => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-28] (Google Inc.)
Task: {C15A46E3-2104-4D81-91CB-A227F8D48A44} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {D16B063E-6B69-4369-BC40-2FD5AA69CA6A} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2013-06-17] (Acer Incorporate)
Task: {DB853280-0E26-47E2-BFD5-AFBF8D4EAB50} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe %windir%\system32\invagent.dll,RunUpdate
Task: {E0016269-49ED-4B59-9C2E-237CEE23361A} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2013-03-13] ()
Task: {F8FEFFEB-B479-47B3-9608-F3D5762FB712} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2016-07-13] (Microsoft Corporation)
Task: {FC5E2EAA-149A-445B-AFEE-F582A75F1A73} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2013-03-15] (Acer Incorporated)
Task: {FF327DEC-4945-4B04-A44A-3C8B2A30351B} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-12] (Adobe Systems Incorporated)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\EPSON XP-610 Series Invitation {2591B939-2580-48C9-973A-8EB6BD165040}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-610 Series Invitation {F89D404C-FE94-442F-97C1-15EF2FFD76DC}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE
Task: C:\WINDOWS\Tasks\EPSON XP-610 Series Update {2591B939-2580-48C9-973A-8EB6BD165040}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE:/EXE:{2591B939-2580-48C9-973A-8EB6BD165040} /F:UpdateWORKGROUP\BEBISPC$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON XP-610 Series Update {F89D404C-FE94-442F-97C1-15EF2FFD76DC}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE:/EXE:{F89D404C-FE94-442F-97C1-15EF2FFD76DC} /F:UpdateWORKGROUP\BEBISPC$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d1e97786bc8a9e.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2013-09-05 03:36 - 2013-09-05 03:36 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2013-11-29 11:08 - 2013-02-20 23:58 - 00111176 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2016-08-03 17:45 - 2016-08-03 17:45 - 00052400 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2015-08-09 05:50 - 2015-08-09 05:50 - 00404376 _____ () C:\WINDOWS\system32\igfxTray.exe
2013-01-25 01:09 - 2013-01-25 01:09 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-01-25 01:05 - 2013-01-25 01:05 - 00084992 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2013-01-25 01:12 - 2013-01-25 01:12 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2013-03-13 17:52 - 2013-03-13 17:52 - 04149832 _____ () C:\Program Files (x86)\Acer\Live Updater\updater.exe
2013-11-29 10:50 - 2013-01-23 09:57 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\bebi-admin\Downloads\Firefox Setup Stub 35.0.exe:BDU
AlternateDataStreams: C:\Users\bebi-admin\Downloads\mbam-setup-2.0.4.1028.exe:BDU
AlternateDataStreams: C:\Users\bebi-admin\Downloads\vlc-2.1.5-win32.exe:BDU
AlternateDataStreams: C:\Users\sephiroth\Downloads\epson377464eu.exe:BDU
AlternateDataStreams: C:\Users\sephiroth\Downloads\epson379560eu.exe:BDU
AlternateDataStreams: C:\Users\sephiroth\Downloads\epson379671eu.exe:BDU

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3549694130-846552002-615965096-1001\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-21-3549694130-846552002-615965096-1002\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\Web\Wallpaper\acer01.jpg
HKU\S-1-5-21-3549694130-846552002-615965096-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\sephiroth\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-3549694130-846552002-615965096-500\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\StartupFolder: => "Secunia PSI Tray.lnk"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKU\S-1-5-21-3549694130-846552002-615965096-1003\...\StartupApproved\Run: => "Amazon Music"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{751471A7-177E-4833-8B4F-0612DD0993C5}] => (Allow) LPort=1900
FirewallRules: [{5E65C5EA-E9D4-413E-8281-F1D73DBCF86D}] => (Allow) LPort=2869
FirewallRules: [{5F214C8A-A160-4B1A-889A-DBA43EB3A448}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{CC1F8DAC-215C-4902-8CFA-0895DE1FE657}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4E6B597E-A903-4764-A688-A6E6FBFF86AC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C0249DE3-C92F-41F9-97CF-FF8CCAD0DC8D}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\virtualdrive.exe
FirewallRules: [{F3EE67CC-B707-4BA0-ADA7-6D7FADEC8B47}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\virtualdrive.exe
FirewallRules: [{FDFBBDBA-767A-47DC-B5D1-B8D90375775B}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\Sdd.exe
FirewallRules: [{15BEEE06-917E-4CF0-86A6-BEDA2B849AE2}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\Sdd.exe
FirewallRules: [{4BF83CE8-F2C2-4007-B640-0AF7CBFD8DB0}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{3396864B-F3EE-4873-AF6D-74E0205F83DD}] => (Allow) C:\Program Files (x86)\Acer\Acer Cloud\ccd.exe
FirewallRules: [{358D0982-D9C4-485A-8329-CFB71D2BE8A0}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{AAB31E5E-34B4-4F25-B233-A09E5EFAB7B4}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\WindowsUpnp.exe
FirewallRules: [{8D119F86-3EFC-4CAB-B82F-ACEE343C5A6D}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{51A4ACB9-E4ED-40A6-8A6F-D37793388BA8}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Photo\DMCDaemon.exe
FirewallRules: [{98A2DACE-B05D-476D-8C4A-51A3A26FFC0E}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Movie\PlayMovie.exe
FirewallRules: [{446EFD01-5A4E-4C02-B58E-307FD6C64DE3}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Video\MusicPlayer.exe
FirewallRules: [{6C778DC2-86E2-4080-98F1-E5B54C1A6DAA}] => (Allow) C:\Program Files (x86)\Acer\clear.fi SDK21\Video\VideoPlayer.exe
FirewallRules: [{346123E9-3BE3-4599-B6E6-BA51E29DD636}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{84473C5C-02EC-4FD0-8F94-B44334348049}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\WindowsUpnpMV.exe
FirewallRules: [{B617AB0A-1E03-4AB7-8131-4470C803EA05}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{23D241DF-C9BA-49A6-84F6-47A6472D8C16}] => (Allow) C:\Program Files (x86)\Acer\clear.fi Media\DMCDaemon.exe
FirewallRules: [{C494BE99-384C-41AD-8E80-81C016762D7C}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{9422DAB6-0692-4D5D-9FCE-28C155A68F74}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{83B56B15-DE7E-4E80-A7EE-789D9DCDEBF8}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{9636C431-1CBE-4427-B9F1-6D80040BD530}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{04F29660-4613-456B-B3F0-5A4732C186F7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{0C734922-2F5C-415D-9E1F-3E3423CA2EBF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{A1BB9B59-879B-4EEE-98CE-F9F8216228A2}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{7DA8A1D5-94A4-4BF0-9A11-07CFB414DB9A}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{C448AD7A-4408-457A-8032-7206CE94AE3C}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{C4E573EA-577C-48C0-9946-6E64D99F7E1D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6A1CD657-819F-4B0E-83BD-70663FF0DE97}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Bluetooth USB Module
Description: Bluetooth USB Module
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Qualcomm Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (09/05/2016 02:24:25 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (09/05/2016 02:24:06 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (09/05/2016 02:23:59 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (09/05/2016 02:03:34 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "\\?\Volume{b8956608-c437-4be3-9348-6eeafc9579ef}\" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)

Error: (09/05/2016 02:03:33 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "Recovery" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)

Error: (09/05/2016 01:46:26 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (09/05/2016 01:46:19 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (09/05/2016 01:45:35 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (09/05/2016 01:45:33 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (09/05/2016 01:45:29 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.


Systemfehler:
=============
Error: (09/05/2016 01:58:20 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070103 fehlgeschlagen: Intel Corporation driver update for Intel(R) HD Graphics 4600

Error: (09/05/2016 01:46:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (09/05/2016 01:46:48 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\SEPHIR~1\AppData\Local\Temp\ehdrv.sys

Error: (09/05/2016 01:46:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (09/05/2016 01:46:47 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\SEPHIR~1\AppData\Local\Temp\ehdrv.sys

Error: (09/05/2016 01:46:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (09/05/2016 01:46:47 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\SEPHIR~1\AppData\Local\Temp\ehdrv.sys

Error: (09/05/2016 01:44:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (09/05/2016 01:44:03 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1326

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (09/05/2016 01:41:28 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4702MQ CPU @ 2.20GHz
Prozentuale Nutzung des RAM: 19%
Installierter physikalischer RAM: 16264.27 MB
Verfügbarer physikalischer RAM: 13060 MB
Summe virtueller Speicher: 18696.27 MB
Verfügbarer virtueller Speicher: 15544.34 MB

==================== Laufwerke ================================

Drive c: (Acer) (Fixed) (Total:220.22 GB) (Free:37.86 GB) NTFS
Drive d: (DATA) (Fixed) (Total:931.51 GB) (Free:690.35 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 69C3CD7C)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 69C3CD56)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

Hi Matthias, scheint momentan etwas flüssiger zu laufen. Wie kann ich den Rechner ab und an mal "säubern"? Temp dateien ect...? Woran könnte das "Hängen" sonst liegen? VG +Danke Bettina

M-K-D-B · 05.09.2016, 20:01

Servus,

mit dem CCleaner kannst du deine temporären Dateien entfernen.

Wenn du keine Probleme mehr mit Malware hast, dann sind wir hier fertig. Deine Logdateien sind sauber.

Zum Schluss müssen wir noch ein paar abschließende Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern.

Cleanup:
Alle Logs gepostet? Dann lade Dir bitte

DelFix herunter.

Schließe alle offenen Programme.
Starte die delfix.exe mit einem Doppelklick.
Setze vor jede Funktion ein Häkchen.
Klicke auf Start.

Hinweis:
DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner anschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.

Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:
Browser
Java
Flash-Player
PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.

Optional:

Adblock Plus Kann Banner, Pop-ups, Videowerbung, Tracking und Malware-Seiten blockieren.

NoScript Verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.

Lade Software von einem sauberen Portal wie

.
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner .

Abschließend noch ein paar grundsätzliche Bemerkungen:

Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Lade keine Software von Chip, Softonic oder SourceForge. Die dort angebotene Software wird häufig mit einem sog. "Installer" verteilt, mit dem man sich nur unerwünschte Software oder Adware installiert.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Selbst Microsoft unterstützt sog. Registry-Cleaner nicht. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...

und/oder das Forum mit einer kleinen Spende unterstützen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann.

Betti05 · 06.09.2016, 09:42

Hallo Matthias, vielen Dank!

M-K-D-B · 06.09.2016, 12:49

Ich bin froh, dass wir helfen konnten

In diesem Forum kannst du eine kurze Rückmeldung zur Bereinigung abgeben, sofern du das möchtest:
Lob, Kritik und Wünsche
Klicke dazu auf den Button "NEUES THEMA" und poste ein kleines Feedback. Vielen Dank!

Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke mir bitte eine PM.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen.