Mein Notebook ist seit Tagen extrem langsam

vigilanz · 13.11.2016, 21:34

Guten Abend

Wie bereits gesagt, mein Notebook ist seit einigen Tagen extrem langsam. Seiten bauen sich manchmal erst nach 90sek. auf oder Filme bleiben hängen,der Ton läuft ohne Störung weiter aber das Bild friert ein oder ruckelt so vor sich hin.

Meine Internetverbindung ist in Ordnung hab auch schon mal diesen CCleaner drüber laufen lassen. Bringt aber nichts.

Vielleicht kann mir ja hier jemand helfen würde mich sehr freuen.

Bitte sehen sie mir mein eher schlechtes Deutsch nach aber ich komme aus Schweden

Danke jetzt schon mal

cosinus · 14.11.2016, 00:29

Hallo und

+++ WICHTIGER HINWEIS +++

Während der Analyse und Bereinigung nimmst du KEINERLEI Änderungen auf eigene Faust vor, d.h. du installierst oder deinstallierst keine Software ohne Absprache.
Auch veränderst du keine Systemeinstellungen, solange wir deinen Fall bearbeiten. Änderungen, Installationen oder Deinstallationen machst du AUSSCHLIESSLICH nur auf Anweisung!
Es wird erforderlich sein, deinen Virenscanner zu deaktivieren und in bestimmten Fällen auch zu deinstallieren, damit vernünftig bereinigt werden kann. Dein System ist daher erst wenn wir hier fertig sind wieder für den alltäglichen Gebrauch wie surfen oder mailen von mir freigegeben.

Gelesen und verstanden?

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!

Zudem bitte auch ein Log mit Farbars Tool machen:

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

vigilanz · 14.11.2016, 10:29

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 12-11-2016
durchgeführt von sven (Administrator) auf SVEN (14-11-2016 10:23:56)
Gestartet von C:\Users\sven\Downloads
Geladene Profile: sven (Verfügbare Profile: sven)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\WINDOWS\System32\nvvsvc.exe
(Intel Corporation) C:\WINDOWS\System32\igfxCUIService.exe
(Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(Qualcomm Atheros) C:\Program Files (x86)\Qualcomm Atheros\Qualcomm Atheros 61x4 Wireless LAN&Bluetooth Installer\Bluetooth Suite\AdminService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\WINDOWS\System32\nvvsvc.exe
(Intel Corporation) C:\WINDOWS\System32\igfxEM.exe
(Intel Corporation) C:\WINDOWS\System32\igfxHK.exe
() C:\WINDOWS\System32\igfxTray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Dolby Laboratories Inc.) C:\Program Files\Dolby Digital Plus\ddp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\WINDOWS\System32\SettingSyncHost.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.Systray.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\WINDOWS\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1402624 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2787264 2016-01-12] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [91488 2015-07-23] ()
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [60136 2016-08-19] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [916072 2016-11-02] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [18536 2016-11-10] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-3040301451-3423915041-4195490239-1001\...\Run: [Speech Recognition] => C:\WINDOWS\Speech\Common\sapisvr.exe [45056 2015-10-30] (Microsoft Corporation)
HKU\S-1-5-21-3040301451-3423915041-4195490239-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8813784 2016-03-11] (Piriform Ltd)
HKU\S-1-5-21-3040301451-3423915041-4195490239-1001\...\MountPoints2: {ddcc1f2c-f757-11e5-8280-2c337a2bee2a} - "E:\HiSuiteDownLoader.exe" 
ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-05-06] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-05-06] (Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2015-05-06] (Acer Incorporated)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  Keine Datei

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 217.68.161.141 217.68.161.171 8.8.8.8
Tcpip\..\Interfaces\{1313af56-e5b3-4800-ba7b-0c026474b747}: [DhcpNameServer] 217.68.161.141 217.68.161.171 8.8.8.8
Tcpip\..\Interfaces\{dce3709e-82b6-4e68-943c-9857f4dcb0d3}: [DhcpNameServer] 217.68.161.141 217.68.161.171 8.8.8.8

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKU\S-1-5-21-3040301451-3423915041-4195490239-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
HKU\S-1-5-21-3040301451-3423915041-4195490239-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKU\S-1-5-21-3040301451-3423915041-4195490239-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKU\S-1-5-21-3040301451-3423915041-4195490239-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?pc=UE01&ocid=UE01DHP
SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3040301451-3423915041-4195490239-1001 -> DefaultScope {590E1F2C-935E-4332-8B56-4190897AC566} URL = 
SearchScopes: HKU\S-1-5-21-3040301451-3423915041-4195490239-1001 -> {590E1F2C-935E-4332-8B56-4190897AC566} URL = 
SearchScopes: HKU\S-1-5-21-3040301451-3423915041-4195490239-1001 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}

FireFox:
========
FF DefaultProfile: kmaofwxb.default
FF ProfilePath: C:\Users\sven\AppData\Roaming\Mozilla\Firefox\Profiles\kmaofwxb.default [2016-11-14]
FF Homepage: Mozilla\Firefox\Profiles\kmaofwxb.default -> hxxps://m.planetromeo.com/#/search/radar/distance
FF Extension: (German Dictionary) - C:\Users\sven\AppData\Roaming\Mozilla\Firefox\Profiles\kmaofwxb.default\Extensions\de-DE@dictionaries.addons.mozilla.org [2016-10-12]
FF Extension: (Wörterbuch Deutsch (de-DE), Hunspell-unterstützt) - C:\Users\sven\AppData\Roaming\Mozilla\Firefox\Profiles\kmaofwxb.default\Extensions\de_DE@dicts.j3e.de [2016-10-17]
FF Extension: (German Spelling Dictionary) - C:\Users\sven\AppData\Roaming\Mozilla\Firefox\Profiles\kmaofwxb.default\Extensions\GermanSpellingDictionary@lipocodes.xpi [2016-10-17]
FF Extension: (Adblock Plus) - C:\Users\sven\AppData\Roaming\Mozilla\Firefox\Profiles\kmaofwxb.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-10-28]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor => nicht gefunden
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll [2016-11-08] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-08] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-02-19] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-02-19] (Intel Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <nicht gefunden>
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1089088 2016-11-02] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [475232 2016-11-02] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [475232 2016-11-02] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1488240 2016-11-02] (Avira Operations GmbH & Co. KG)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Qualcomm Atheros 61x4 Wireless LAN&Bluetooth Installer\Bluetooth Suite\adminservice.exe [305664 2014-08-21] (Qualcomm Atheros) [Datei ist nicht signiert]
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [324304 2016-08-19] (Avira Operations GmbH & Co. KG)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2267352 2016-08-30] (Acer Incorporated)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [387944 2016-05-25] (Digital Wave Ltd.)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-06-12] (Acer Incorporated)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-01-12] (NVIDIA Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [370064 2015-10-14] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-02-19] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-02-19] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [466664 2014-06-10] (Acer Incorporate)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-01-12] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6308288 2016-01-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [4812736 2016-01-12] (NVIDIA Corporation)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 RMSvc; C:\Program Files\Acer\Acer Quick Access\RMSvc.exe [449768 2014-06-26] (Acer Incorporate)
R2 SpeedupService; C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe [26632 2016-11-10] (Avira Operations GmbH & Co. KG)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [233216 2014-06-23] (acer)
S3 vmicvss; C:\WINDOWS\System32\ICSvc.dll [511488 2016-09-07] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2016-10-25] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-10-25] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [151352 2016-11-02] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [153392 2016-10-06] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [35488 2015-12-06] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [78208 2016-05-11] (Avira Operations GmbH & Co. KG)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [116736 2014-02-19] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-01-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)
R3 Qcamain10x64; C:\WINDOWS\System32\drivers\Qcamain10x64.sys [2327040 2015-10-30] (Qualcomm Atheros, Inc.)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [402960 2015-05-14] (Realsil Semiconductor Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-11-14 10:22 - 2016-11-14 10:23 - 02411520 _____ (Farbar) C:\Users\sven\Downloads\FRST64.exe
2016-11-12 12:35 - 2016-11-12 12:35 - 00001296 _____ C:\Users\Public\Desktop\Avira System Speedup.lnk
2016-11-12 12:34 - 2016-11-14 10:06 - 00000000 ____D C:\Users\Public\Speedup Sessions
2016-11-12 11:42 - 2016-11-12 11:42 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2016-11-12 11:42 - 2016-11-12 11:42 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2016-11-09 19:00 - 2016-11-02 14:32 - 00316256 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-11-09 19:00 - 2016-11-02 14:31 - 00546968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-11-09 19:00 - 2016-10-25 09:32 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-11-09 19:00 - 2016-10-25 09:28 - 01083648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2016-11-09 19:00 - 2016-10-25 09:05 - 00712032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2016-11-09 19:00 - 2016-10-25 08:37 - 01349632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2016-11-09 19:00 - 2016-10-25 08:37 - 00980352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2016-11-09 19:00 - 2016-10-25 08:37 - 00895080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-11-09 19:00 - 2016-10-25 08:37 - 00882720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-11-09 19:00 - 2016-10-25 08:37 - 00709176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-11-09 19:00 - 2016-10-25 08:31 - 01824272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-11-09 19:00 - 2016-10-25 08:31 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-11-09 19:00 - 2016-10-25 08:30 - 02938920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-11-09 19:00 - 2016-10-25 08:30 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-11-09 19:00 - 2016-10-25 08:27 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-11-09 19:00 - 2016-10-25 08:27 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-11-09 19:00 - 2016-10-25 08:27 - 00256704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-11-09 19:00 - 2016-10-25 08:26 - 05240952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-11-09 19:00 - 2016-10-25 08:26 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-11-09 19:00 - 2016-10-25 08:26 - 01355344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2016-11-09 19:00 - 2016-10-25 08:26 - 00836752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2016-11-09 19:00 - 2016-10-25 08:26 - 00569752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2016-11-09 19:00 - 2016-10-25 08:22 - 00268040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2016-11-09 19:00 - 2016-10-25 08:19 - 00295776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-11-09 19:00 - 2016-10-25 08:18 - 01536088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2016-11-09 19:00 - 2016-10-25 07:56 - 02195640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-11-09 19:00 - 2016-10-25 07:56 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2016-11-09 19:00 - 2016-10-25 07:54 - 01522160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-11-09 19:00 - 2016-10-25 07:53 - 01174008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-11-09 19:00 - 2016-10-25 07:27 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2016-11-09 19:00 - 2016-10-25 07:21 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-11-09 19:00 - 2016-10-25 07:08 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-11-09 19:00 - 2016-10-25 07:06 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-11-09 19:00 - 2016-10-25 06:49 - 02597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2016-11-09 19:00 - 2016-10-25 06:48 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2016-11-09 19:00 - 2016-10-25 06:45 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-11-09 19:00 - 2016-10-25 06:44 - 00240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAnimation.dll
2016-11-09 19:00 - 2016-10-25 06:41 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-11-09 19:00 - 2016-10-25 06:37 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-11-09 19:00 - 2016-10-25 06:36 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-11-09 19:00 - 2016-10-25 06:36 - 00616960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-11-09 19:00 - 2016-10-25 06:35 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2016-11-09 19:00 - 2016-10-25 06:32 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-11-09 19:00 - 2016-10-25 06:31 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-11-09 19:00 - 2016-10-25 06:30 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-11-09 19:00 - 2016-10-25 06:28 - 00885248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-11-09 19:00 - 2016-10-25 06:28 - 00769536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2016-11-09 19:00 - 2016-10-25 06:28 - 00760320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2016-11-09 19:00 - 2016-10-25 06:27 - 01448960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2016-11-09 19:00 - 2016-10-25 06:23 - 02362880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2016-11-09 19:00 - 2016-10-25 06:23 - 00964096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2016-11-09 19:00 - 2016-10-25 06:22 - 01562624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmc.exe
2016-11-09 19:00 - 2016-10-25 06:21 - 03577344 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2016-11-09 19:00 - 2016-10-25 06:11 - 04078592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2016-11-09 19:00 - 2016-10-25 06:11 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2016-11-09 19:00 - 2016-10-25 06:09 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-11-09 19:00 - 2016-10-25 06:03 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-11-09 19:00 - 2016-10-25 06:00 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-11-09 19:00 - 2016-10-25 06:00 - 04412928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-11-09 19:00 - 2016-10-25 06:00 - 02555904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-11-09 19:00 - 2016-10-25 06:00 - 01984000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2016-11-09 19:00 - 2016-10-25 06:00 - 01708032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-11-09 19:00 - 2016-10-25 05:59 - 02680320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2016-11-09 19:00 - 2016-10-25 05:59 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2016-11-09 19:00 - 2016-10-25 05:58 - 09920512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-11-09 19:00 - 2016-10-25 05:57 - 06296064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-11-09 19:00 - 2016-10-25 05:56 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-11-09 19:00 - 2016-10-25 05:55 - 02001408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-11-09 19:00 - 2016-10-25 05:55 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnfldr.dll
2016-11-09 19:00 - 2016-10-25 05:54 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-11-09 19:00 - 2016-10-25 05:53 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-11-09 19:00 - 2016-10-25 05:47 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-11-09 19:00 - 2016-10-25 05:46 - 02771968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2016-11-09 19:00 - 2016-10-25 05:43 - 04404736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-11-09 19:00 - 2016-10-25 05:40 - 05325824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-11-09 19:00 - 2016-10-25 05:38 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-11-09 19:00 - 2016-10-25 05:37 - 02798080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-11-09 19:00 - 2016-10-25 05:36 - 02155008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-11-09 19:00 - 2016-10-25 05:35 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-11-09 19:00 - 2016-10-25 05:34 - 02062336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-11-09 19:00 - 2016-10-25 05:34 - 01228800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2016-11-09 19:00 - 2016-10-25 05:32 - 06743040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-11-09 19:00 - 2016-10-25 05:27 - 03065344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2016-11-09 19:00 - 2016-10-25 05:23 - 00712704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2016-11-09 18:59 - 2016-11-02 13:51 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-11-09 18:59 - 2016-10-25 10:34 - 00454496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2016-11-09 18:59 - 2016-10-25 09:42 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-11-09 18:59 - 2016-10-25 09:32 - 01862000 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-11-09 18:59 - 2016-10-25 09:32 - 00845568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2016-11-09 18:59 - 2016-10-25 09:32 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2016-11-09 18:59 - 2016-10-25 08:45 - 00032096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
2016-11-09 18:59 - 2016-10-25 08:39 - 00306840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2016-11-09 18:59 - 2016-10-25 08:37 - 02180128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-11-09 18:59 - 2016-10-25 08:29 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2016-11-09 18:59 - 2016-10-25 08:22 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthAvrcpTg.sys
2016-11-09 18:59 - 2016-10-25 08:12 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2016-11-09 18:59 - 2016-10-25 07:54 - 00273760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll
2016-11-09 18:59 - 2016-10-25 07:27 - 01466368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Pimstore.dll
2016-11-09 18:59 - 2016-10-25 07:26 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-11-09 18:59 - 2016-10-25 07:22 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2016-11-09 18:59 - 2016-10-25 07:18 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2016-11-09 18:59 - 2016-10-25 07:09 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-11-09 18:59 - 2016-10-25 07:05 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-11-09 18:59 - 2016-10-25 07:03 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SCardDlg.dll
2016-11-09 18:59 - 2016-10-25 07:01 - 00183296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSMDesktopProvider.dll
2016-11-09 18:59 - 2016-10-25 07:00 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2016-11-09 18:59 - 2016-10-25 07:00 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSM.dll
2016-11-09 18:59 - 2016-10-25 06:59 - 00205312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oemlicense.dll
2016-11-09 18:59 - 2016-10-25 06:54 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2016-11-09 18:59 - 2016-10-25 06:51 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2016-11-09 18:59 - 2016-10-25 06:50 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2016-11-09 18:59 - 2016-10-25 06:50 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\azroleui.dll
2016-11-09 18:59 - 2016-10-25 06:50 - 00260096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2016-11-09 18:59 - 2016-10-25 06:50 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-11-09 18:59 - 2016-10-25 06:49 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3ui.dll
2016-11-09 18:59 - 2016-10-25 06:48 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2016-11-09 18:59 - 2016-10-25 06:45 - 00564736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\objsel.dll
2016-11-09 18:59 - 2016-10-25 06:45 - 00541184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2016-11-09 18:59 - 2016-10-25 06:45 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneOm.dll
2016-11-09 18:59 - 2016-10-25 06:43 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\filemgmt.dll
2016-11-09 18:59 - 2016-10-25 06:42 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2016-11-09 18:59 - 2016-10-25 06:41 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2016-11-09 18:59 - 2016-10-25 06:40 - 01336832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2016-11-09 18:59 - 2016-10-25 06:39 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2016-11-09 18:59 - 2016-10-25 06:39 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certreq.exe
2016-11-09 18:59 - 2016-10-25 06:39 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-11-09 18:59 - 2016-10-25 06:37 - 04143104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WlanMM.dll
2016-11-09 18:59 - 2016-10-25 06:37 - 01226752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcnwiz.dll
2016-11-09 18:59 - 2016-10-25 06:37 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2016-11-09 18:59 - 2016-10-25 06:36 - 04646400 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2016-11-09 18:59 - 2016-10-25 06:36 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2016-11-09 18:59 - 2016-10-25 06:36 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2016-11-09 18:59 - 2016-10-25 06:36 - 00475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wvc.dll
2016-11-09 18:59 - 2016-10-25 06:36 - 00413696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WLanConn.dll
2016-11-09 18:59 - 2016-10-25 06:36 - 00153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSSync.dll
2016-11-09 18:59 - 2016-10-25 06:35 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2016-11-09 18:59 - 2016-10-25 06:35 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2016-11-09 18:59 - 2016-10-25 06:34 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-11-09 18:59 - 2016-10-25 06:33 - 01063936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2016-11-09 18:59 - 2016-10-25 06:33 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2016-11-09 18:59 - 2016-10-25 06:32 - 00738816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2016-11-09 18:59 - 2016-10-25 06:32 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2016-11-09 18:59 - 2016-10-25 06:32 - 00645632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.Search.dll
2016-11-09 18:59 - 2016-10-25 06:29 - 01497088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-11-09 18:59 - 2016-10-25 06:29 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-11-09 18:59 - 2016-10-25 06:29 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2016-11-09 18:59 - 2016-10-25 06:28 - 02578432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2016-11-09 18:59 - 2016-10-25 06:28 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2016-11-09 18:59 - 2016-10-25 06:27 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2016-11-09 18:59 - 2016-10-25 06:26 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2016-11-09 18:59 - 2016-10-25 06:25 - 03695104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2016-11-09 18:59 - 2016-10-25 06:25 - 01309696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdc.dll
2016-11-09 18:59 - 2016-10-25 06:25 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-11-09 18:59 - 2016-10-25 06:25 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-11-09 18:59 - 2016-10-25 06:25 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2016-11-09 18:59 - 2016-10-25 06:24 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\licensingdiag.exe
2016-11-09 18:59 - 2016-10-25 06:21 - 00639488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-11-09 18:59 - 2016-10-25 06:17 - 00581632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2016-11-09 18:59 - 2016-10-25 06:14 - 00683008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2016-11-09 18:59 - 2016-10-25 06:11 - 06471168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-11-09 18:59 - 2016-10-25 06:09 - 01448960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dui70.dll
2016-11-09 18:59 - 2016-10-25 06:07 - 03671040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-11-09 18:59 - 2016-10-25 06:04 - 00835072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2016-11-09 18:59 - 2016-10-25 06:01 - 02361856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcndmgr.dll
2016-11-09 18:59 - 2016-10-25 05:52 - 03555840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2016-11-09 18:59 - 2016-10-25 05:45 - 02679808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2016-11-09 18:59 - 2016-10-25 05:44 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2016-11-09 18:59 - 2016-10-25 05:41 - 02519552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2016-11-09 18:59 - 2016-10-25 05:35 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2016-11-09 18:59 - 2016-10-25 05:34 - 01249280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-11-09 18:59 - 2016-10-25 05:33 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2016-11-09 18:59 - 2016-10-25 05:32 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2016-11-09 18:59 - 2016-10-25 05:32 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2016-11-09 18:59 - 2016-10-25 05:21 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2016-11-09 18:59 - 2016-10-25 05:07 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-11-09 18:58 - 2016-10-25 10:24 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-11-09 18:58 - 2016-10-25 10:18 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-11-09 18:58 - 2016-10-25 09:49 - 00588328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmdrmdev.dll
2016-11-09 18:58 - 2016-10-25 09:49 - 00245840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-11-09 18:58 - 2016-10-25 09:48 - 02544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-11-09 18:58 - 2016-10-25 09:48 - 01554152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2016-11-09 18:58 - 2016-10-25 09:48 - 01552104 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2016-11-09 18:58 - 2016-10-25 09:48 - 01152328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-11-09 18:58 - 2016-10-25 09:48 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-11-09 18:58 - 2016-10-25 09:48 - 01017024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-11-09 18:58 - 2016-10-25 09:48 - 00847648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-11-09 18:58 - 2016-10-25 09:39 - 01750440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2016-11-09 18:58 - 2016-10-25 09:38 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-11-09 18:58 - 2016-10-25 09:37 - 06605544 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-11-09 18:58 - 2016-10-25 09:37 - 01040792 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2016-11-09 18:58 - 2016-10-25 09:35 - 06536248 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-11-09 18:58 - 2016-10-25 09:32 - 01557776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-11-09 18:58 - 2016-10-25 09:30 - 00360288 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-11-09 18:58 - 2016-10-25 08:47 - 28851216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsRaw.dll
2016-11-09 18:58 - 2016-10-25 08:47 - 02641928 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2016-11-09 18:58 - 2016-10-25 08:47 - 00305808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpeffects.dll
2016-11-09 18:58 - 2016-10-25 08:46 - 00388896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2016-11-09 18:58 - 2016-10-25 08:40 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-11-09 18:58 - 2016-10-25 08:35 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-11-09 18:58 - 2016-10-25 08:30 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-11-09 18:58 - 2016-10-25 08:26 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2016-11-09 18:58 - 2016-10-25 08:23 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-11-09 18:58 - 2016-10-25 08:20 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-11-09 18:58 - 2016-10-25 08:18 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-11-09 18:58 - 2016-10-25 08:14 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-11-09 18:58 - 2016-10-25 08:13 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-11-09 18:58 - 2016-10-25 08:12 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\racpldlg.dll
2016-11-09 18:58 - 2016-10-25 08:10 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\PortableDeviceClassExtension.dll
2016-11-09 18:58 - 2016-10-25 08:06 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-11-09 18:58 - 2016-10-25 08:06 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\PortableDeviceConnectApi.dll
2016-11-09 18:58 - 2016-10-25 08:05 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-11-09 18:58 - 2016-10-25 07:59 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2016-11-09 18:58 - 2016-10-25 07:52 - 00577536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2016-11-09 18:58 - 2016-10-25 07:51 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-11-09 18:58 - 2016-10-25 07:50 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAnimation.dll
2016-11-09 18:58 - 2016-10-25 07:49 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2016-11-09 18:58 - 2016-10-25 07:49 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WalletService.dll
2016-11-09 18:58 - 2016-10-25 07:48 - 00639488 _____ (Microsoft Corporation) C:\WINDOWS\system32\PortableDeviceApi.dll
2016-11-09 18:58 - 2016-10-25 07:46 - 00857600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2016-11-09 18:58 - 2016-10-25 07:43 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2016-11-09 18:58 - 2016-10-25 07:41 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2016-11-09 18:58 - 2016-10-25 07:40 - 02331480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2016-11-09 18:58 - 2016-10-25 07:40 - 00253088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpeffects.dll
2016-11-09 18:58 - 2016-10-25 07:39 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-11-09 18:58 - 2016-10-25 07:39 - 00674304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2016-11-09 18:58 - 2016-10-25 07:38 - 02088960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2016-11-09 18:58 - 2016-10-25 07:38 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2016-11-09 18:58 - 2016-10-25 07:38 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-11-09 18:58 - 2016-10-25 07:37 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2016-11-09 18:58 - 2016-10-25 07:37 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2016-11-09 18:58 - 2016-10-25 07:34 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2016-11-09 18:58 - 2016-10-25 07:33 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-11-09 18:58 - 2016-10-25 07:33 - 00817152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.Search.dll
2016-11-09 18:58 - 2016-10-25 07:32 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-11-09 18:58 - 2016-10-25 07:29 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2016-11-09 18:58 - 2016-10-25 07:28 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2016-11-09 18:58 - 2016-10-25 07:27 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs3D.dll
2016-11-09 18:58 - 2016-10-25 07:27 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMNetMgr.dll
2016-11-09 18:58 - 2016-10-25 07:27 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-11-09 18:58 - 2016-10-25 07:23 - 00865792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-11-09 18:58 - 2016-10-25 07:16 - 01965568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmc.exe
2016-11-09 18:58 - 2016-10-25 07:12 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2016-11-09 18:58 - 2016-10-25 07:05 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2016-11-09 18:58 - 2016-10-25 07:05 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\StikyNot.exe
2016-11-09 18:58 - 2016-10-25 07:03 - 05123072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2016-11-09 18:58 - 2016-10-25 07:03 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2016-11-09 18:58 - 2016-10-25 07:01 - 01121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-11-09 18:58 - 2016-10-25 07:00 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PortableDeviceClassExtension.dll
2016-11-09 18:58 - 2016-10-25 06:59 - 03351040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-11-09 18:58 - 2016-10-25 06:57 - 02285568 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2016-11-09 18:58 - 2016-10-25 06:56 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PortableDeviceConnectApi.dll
2016-11-09 18:58 - 2016-10-25 06:55 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2016-11-09 18:58 - 2016-10-25 06:53 - 02280960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-11-09 18:58 - 2016-10-25 06:46 - 00486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnfldr.dll
2016-11-09 18:58 - 2016-10-25 06:45 - 07977984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-11-09 18:58 - 2016-10-25 06:43 - 00520704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PortableDeviceApi.dll
2016-11-09 18:58 - 2016-10-25 06:42 - 02876928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2016-11-09 18:58 - 2016-10-25 06:36 - 00879616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2016-11-09 18:58 - 2016-10-25 06:28 - 07200256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-11-09 18:58 - 2016-10-25 06:28 - 01186816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMNetMgr.dll
2016-11-09 18:58 - 2016-10-25 06:28 - 00882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2016-11-09 18:58 - 2016-10-25 06:14 - 02911744 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-11-09 18:58 - 2016-10-25 06:05 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-11-09 18:58 - 2016-10-25 06:05 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-11-09 18:58 - 2016-10-25 06:05 - 01385472 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-11-09 18:58 - 2016-10-25 05:59 - 14258688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-11-09 18:58 - 2016-10-25 05:58 - 07536128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-11-09 18:58 - 2016-10-25 05:55 - 04171264 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-11-09 18:58 - 2016-10-25 05:55 - 02217984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2016-11-09 18:58 - 2016-10-25 05:53 - 03294208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2016-11-09 18:58 - 2016-10-25 05:53 - 00583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2016-11-09 18:58 - 2016-10-25 05:51 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\RADCUI.dll
2016-11-09 18:58 - 2016-10-25 05:50 - 01487872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2016-11-09 18:58 - 2016-10-25 05:48 - 00958976 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-11-09 18:58 - 2016-10-25 05:30 - 12590080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-11-09 18:57 - 2016-10-25 10:25 - 01637216 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-11-09 18:57 - 2016-10-25 09:51 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2016-11-09 18:57 - 2016-10-25 09:41 - 03694088 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-11-09 18:57 - 2016-10-25 08:40 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-11-09 18:57 - 2016-10-25 08:33 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\genericusbfn.sys
2016-11-09 18:57 - 2016-10-25 08:32 - 00824320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2016-11-09 18:57 - 2016-10-25 08:31 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2016-11-09 18:57 - 2016-10-25 08:04 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\LegacyNetUXHost.exe
2016-11-09 18:57 - 2016-10-25 07:59 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-11-09 18:57 - 2016-10-25 07:56 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-11-09 18:57 - 2016-10-25 07:55 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-11-09 18:57 - 2016-10-25 07:54 - 00752128 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2016-11-09 18:57 - 2016-10-25 07:53 - 00813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2016-11-09 18:57 - 2016-10-25 07:52 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-11-09 18:57 - 2016-10-25 07:51 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanui.dll
2016-11-09 18:57 - 2016-10-25 07:50 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll
2016-11-09 18:57 - 2016-10-25 07:50 - 00510464 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2016-11-09 18:57 - 2016-10-25 07:43 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-11-09 18:57 - 2016-10-25 07:42 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2016-11-09 18:57 - 2016-10-25 07:41 - 01294336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll
2016-11-09 18:57 - 2016-10-25 07:40 - 01216512 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcenter.dll
2016-11-09 18:57 - 2016-10-25 07:40 - 00947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2016-11-09 18:57 - 2016-10-25 07:40 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-11-09 18:57 - 2016-10-25 07:39 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\system32\WLanConn.dll
2016-11-09 18:57 - 2016-10-25 07:38 - 00610304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmdrmsdk.dll
2016-11-09 18:57 - 2016-10-25 07:35 - 01434112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2016-11-09 18:57 - 2016-10-25 07:35 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-11-09 18:57 - 2016-10-25 07:35 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-11-09 18:57 - 2016-10-25 07:33 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-11-09 18:57 - 2016-10-25 07:28 - 01752576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-11-09 18:57 - 2016-10-25 07:19 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2016-11-09 18:57 - 2016-10-25 07:07 - 00900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2016-11-09 18:57 - 2016-10-25 06:53 - 01728000 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-11-09 18:57 - 2016-10-25 06:49 - 03081216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-11-09 18:57 - 2016-10-25 06:46 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-11-09 18:57 - 2016-10-25 06:35 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmdrmsdk.dll
2016-11-09 18:57 - 2016-10-25 06:34 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-11-09 18:57 - 2016-10-25 06:32 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-11-09 18:57 - 2016-10-25 06:28 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-11-09 18:57 - 2016-10-25 06:25 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-11-09 18:57 - 2016-10-25 06:24 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-11-09 18:57 - 2016-10-25 06:23 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-11-09 18:57 - 2016-10-25 06:19 - 16984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-11-09 18:57 - 2016-10-25 06:17 - 04895744 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-11-09 18:57 - 2016-10-25 06:13 - 22375936 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-11-09 18:57 - 2016-10-25 06:01 - 13392384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-11-09 18:57 - 2016-10-25 05:52 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-11-09 18:57 - 2016-10-25 05:48 - 07838208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-11-09 18:57 - 2016-10-25 05:45 - 18673664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-11-09 18:57 - 2016-10-25 05:44 - 19348480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-11-09 18:57 - 2016-10-25 05:44 - 12134400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-11-09 18:57 - 2016-10-25 05:43 - 03664384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-11-09 18:57 - 2016-10-25 05:29 - 00515584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2016-11-09 18:57 - 2016-10-25 05:26 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-11-09 18:57 - 2016-10-25 02:47 - 00445873 _____ C:\WINDOWS\system32\ApnDatabase.xml
2016-11-09 18:56 - 2016-10-25 10:42 - 07468384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-11-09 18:56 - 2016-10-25 10:42 - 02656952 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-11-09 18:56 - 2016-10-25 10:42 - 01142560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-11-09 18:56 - 2016-10-25 10:42 - 01098648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2016-11-09 18:56 - 2016-10-25 10:42 - 00125280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mup.sys
2016-11-09 18:56 - 2016-10-25 10:41 - 01819208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-11-09 18:56 - 2016-10-25 10:40 - 00384864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2016-11-09 18:56 - 2016-10-25 10:19 - 03449168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2016-11-09 18:56 - 2016-10-25 09:50 - 00439136 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2016-11-09 18:56 - 2016-10-25 09:42 - 02607336 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-11-09 18:56 - 2016-10-25 09:42 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-11-09 18:56 - 2016-10-25 09:30 - 01848072 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2016-11-09 18:56 - 2016-10-25 09:01 - 01776768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-11-09 18:56 - 2016-10-25 08:45 - 00503600 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
2016-11-09 18:56 - 2016-10-25 08:31 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-11-09 18:56 - 2016-10-25 08:24 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys
2016-11-09 18:56 - 2016-10-25 08:21 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-11-09 18:56 - 2016-10-25 08:16 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-11-09 18:56 - 2016-10-25 08:08 - 00188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndiswan.sys
2016-11-09 18:56 - 2016-10-25 08:02 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2016-11-09 18:56 - 2016-10-25 07:55 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2016-11-09 18:56 - 2016-10-25 07:55 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2016-11-09 18:56 - 2016-10-25 07:53 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-11-09 18:56 - 2016-10-25 07:50 - 00363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneOm.dll
2016-11-09 18:56 - 2016-10-25 07:49 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\netman.dll
2016-11-09 18:56 - 2016-10-25 07:48 - 00344064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2016-11-09 18:56 - 2016-10-25 07:47 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2016-11-09 18:56 - 2016-10-25 07:39 - 00941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2016-11-09 18:56 - 2016-10-25 07:39 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-11-09 18:56 - 2016-10-25 07:38 - 00588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wvc.dll
2016-11-09 18:56 - 2016-10-25 07:36 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-11-09 18:56 - 2016-10-25 07:36 - 00538112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2016-11-09 18:56 - 2016-10-25 07:35 - 01132544 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2016-11-09 18:56 - 2016-10-25 07:30 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-11-09 18:56 - 2016-10-25 07:29 - 01847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-11-09 18:56 - 2016-10-25 07:29 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-11-09 18:56 - 2016-10-25 07:27 - 01040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-11-09 18:56 - 2016-10-25 07:27 - 00961536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2016-11-09 18:56 - 2016-10-25 07:26 - 02103296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2016-11-09 18:56 - 2016-10-25 07:25 - 01872896 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2016-11-09 18:56 - 2016-10-25 07:25 - 01319424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-11-09 18:56 - 2016-10-25 07:24 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2016-11-09 18:56 - 2016-10-25 07:21 - 02054144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-11-09 18:56 - 2016-10-25 07:17 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-11-09 18:56 - 2016-10-25 07:01 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-11-09 18:56 - 2016-10-25 06:54 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-11-09 18:56 - 2016-10-25 06:48 - 04826624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-11-09 18:56 - 2016-10-25 06:46 - 02055168 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2016-11-09 18:56 - 2016-10-25 06:41 - 02444800 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-11-09 18:56 - 2016-10-25 06:30 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-11-09 18:56 - 2016-10-25 06:14 - 00651776 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2016-11-09 18:56 - 2016-10-25 06:05 - 06312448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-11-09 18:56 - 2016-10-25 06:02 - 24610304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-11-09 18:56 - 2016-10-25 03:19 - 00775336 _____ C:\WINDOWS\SysWOW64\locale.nls
2016-11-09 18:56 - 2016-10-25 03:19 - 00775336 _____ C:\WINDOWS\system32\locale.nls
2016-11-09 18:56 - 2016-09-07 06:22 - 00604920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-11-09 18:55 - 2016-11-02 16:12 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-11-09 18:55 - 2016-11-02 16:08 - 00636296 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-11-09 18:55 - 2016-10-25 10:44 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-11-09 18:55 - 2016-10-25 10:44 - 00875480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-11-09 18:55 - 2016-10-25 10:42 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-11-09 18:55 - 2016-10-25 10:42 - 00037744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2016-11-09 18:55 - 2016-10-25 10:39 - 01238584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2016-11-09 18:55 - 2016-10-25 10:39 - 00754664 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-11-09 18:55 - 2016-10-25 10:26 - 00528736 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2016-11-09 18:55 - 2016-10-25 09:39 - 00730352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-11-09 18:55 - 2016-10-25 09:39 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-11-09 18:55 - 2016-10-25 09:38 - 00565600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-11-09 18:55 - 2016-10-25 09:38 - 00374008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-11-09 18:55 - 2016-10-25 09:37 - 04515256 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-11-09 18:55 - 2016-10-25 09:37 - 01603224 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2016-11-09 18:55 - 2016-10-25 09:37 - 00725776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2016-11-09 18:55 - 2016-10-25 09:36 - 01540216 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-11-09 18:55 - 2016-10-25 09:36 - 00692136 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-11-09 18:55 - 2016-10-25 09:34 - 01128104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2016-11-09 18:55 - 2016-10-25 09:34 - 00625000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2016-11-09 18:55 - 2016-10-25 09:34 - 00106928 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2016-11-09 18:55 - 2016-10-25 09:33 - 00341936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2016-11-09 18:55 - 2016-10-25 09:03 - 02549456 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-11-09 18:55 - 2016-10-25 09:03 - 01988440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-11-09 18:55 - 2016-10-25 09:02 - 00577376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-11-09 18:55 - 2016-10-25 09:02 - 00393568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-11-09 18:55 - 2016-10-25 09:01 - 01415200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-11-09 18:55 - 2016-10-25 09:01 - 00324448 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll
2016-11-09 18:55 - 2016-10-25 08:46 - 00376528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-11-09 18:55 - 2016-10-25 08:31 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2016-11-09 18:55 - 2016-10-25 08:30 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
2016-11-09 18:55 - 2016-10-25 08:13 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardDlg.dll
2016-11-09 18:55 - 2016-10-25 08:13 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2016-11-09 18:55 - 2016-10-25 08:12 - 00257536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpr.exe
2016-11-09 18:55 - 2016-10-25 08:12 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-11-09 18:55 - 2016-10-25 08:10 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2016-11-09 18:55 - 2016-10-25 08:10 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountExtension.dll
2016-11-09 18:55 - 2016-10-25 08:10 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSM.dll
2016-11-09 18:55 - 2016-10-25 08:02 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2016-11-09 18:55 - 2016-10-25 08:00 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-11-09 18:55 - 2016-10-25 07:59 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2016-11-09 18:55 - 2016-10-25 07:59 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2016-11-09 18:55 - 2016-10-25 07:58 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2016-11-09 18:55 - 2016-10-25 07:58 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-11-09 18:55 - 2016-10-25 07:58 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2016-11-09 18:55 - 2016-10-25 07:57 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2016-11-09 18:55 - 2016-10-25 07:56 - 00319488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3ui.dll
2016-11-09 18:55 - 2016-10-25 07:56 - 00317952 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2016-11-09 18:55 - 2016-10-25 07:53 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-11-09 18:55 - 2016-10-25 07:53 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2016-11-09 18:55 - 2016-10-25 07:52 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2016-11-09 18:55 - 2016-10-25 07:52 - 00522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2016-11-09 18:55 - 2016-10-25 07:52 - 00475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2016-11-09 18:55 - 2016-10-25 07:52 - 00370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack_win.dll
2016-11-09 18:55 - 2016-10-25 07:51 - 00950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFS.exe
2016-11-09 18:55 - 2016-10-25 07:51 - 00715776 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2016-11-09 18:55 - 2016-10-25 07:51 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll
2016-11-09 18:55 - 2016-10-25 07:51 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExecModelClient.dll
2016-11-09 18:55 - 2016-10-25 07:50 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXP.dll
2016-11-09 18:55 - 2016-10-25 07:46 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsperformancerecordercontrol.dll
2016-11-09 18:55 - 2016-10-25 07:46 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-11-09 18:55 - 2016-10-25 07:45 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-11-09 18:55 - 2016-10-25 07:44 - 01479168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2016-11-09 18:55 - 2016-10-25 07:43 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-11-09 18:55 - 2016-10-25 07:43 - 00440832 _____ (Microsoft Corporation) C:\WINDOWS\system32\certreq.exe
2016-11-09 18:55 - 2016-10-25 07:42 - 01813504 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2016-11-09 18:55 - 2016-10-25 07:42 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2016-11-09 18:55 - 2016-10-25 07:41 - 00892416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2016-11-09 18:55 - 2016-10-25 07:41 - 00492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-11-09 18:55 - 2016-10-25 07:41 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-11-09 18:55 - 2016-10-25 07:40 - 00607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxApplicabilityEngine.dll
2016-11-09 18:55 - 2016-10-25 07:40 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrGidsHandler.dll
2016-11-09 18:55 - 2016-10-25 07:40 - 00466944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2016-11-09 18:55 - 2016-10-25 07:39 - 00791552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-11-09 18:55 - 2016-10-25 07:39 - 00183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSSync.dll
2016-11-09 18:55 - 2016-10-25 07:38 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-11-09 18:55 - 2016-10-25 07:38 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2016-11-09 18:55 - 2016-10-25 07:38 - 00480768 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2016-11-09 18:55 - 2016-10-25 07:37 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2016-11-09 18:55 - 2016-10-25 07:36 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2016-11-09 18:55 - 2016-10-25 07:35 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-11-09 18:55 - 2016-10-25 07:34 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-11-09 18:55 - 2016-10-25 07:33 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2016-11-09 18:55 - 2016-10-25 07:32 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-11-09 18:55 - 2016-10-25 07:32 - 01159168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationFrame.dll
2016-11-09 18:55 - 2016-10-25 07:32 - 01053696 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-11-09 18:55 - 2016-10-25 07:32 - 00990208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-11-09 18:55 - 2016-10-25 07:32 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-11-09 18:55 - 2016-10-25 07:32 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll
2016-11-09 18:55 - 2016-10-25 07:30 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-11-09 18:55 - 2016-10-25 07:29 - 01575936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-11-09 18:55 - 2016-10-25 07:27 - 02731008 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2016-11-09 18:55 - 2016-10-25 07:25 - 01291776 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2016-11-09 18:55 - 2016-10-25 07:24 - 01211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-11-09 18:55 - 2016-10-25 07:23 - 01073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-11-09 18:55 - 2016-10-25 07:22 - 01424384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdc.dll
2016-11-09 18:55 - 2016-10-25 07:22 - 00638976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2016-11-09 18:55 - 2016-10-25 07:21 - 01570816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2016-11-09 18:55 - 2016-10-25 07:21 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-11-09 18:55 - 2016-10-25 07:20 - 03549696 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2016-11-09 18:55 - 2016-10-25 07:16 - 03415040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2016-11-09 18:55 - 2016-10-25 07:16 - 01062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2016-11-09 18:55 - 2016-10-25 07:11 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2016-11-09 18:55 - 2016-10-25 07:05 - 03587584 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-11-09 18:55 - 2016-10-25 07:05 - 02610176 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-11-09 18:55 - 2016-10-25 07:03 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2016-11-09 18:55 - 2016-10-25 06:54 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-11-09 18:55 - 2016-10-25 06:54 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2016-11-09 18:55 - 2016-10-25 06:53 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2016-11-09 18:55 - 2016-10-25 06:52 - 04170240 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2016-11-09 18:55 - 2016-10-25 06:52 - 00693760 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2016-11-09 18:55 - 2016-10-25 06:52 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2016-11-09 18:55 - 2016-10-25 06:51 - 02175488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-11-09 18:55 - 2016-10-25 06:50 - 02874880 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcndmgr.dll
2016-11-09 18:55 - 2016-10-25 06:49 - 01997312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-11-09 18:55 - 2016-10-25 06:47 - 03355136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2016-11-09 18:55 - 2016-10-25 06:43 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-11-09 18:55 - 2016-10-25 06:40 - 00984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-11-09 18:55 - 2016-10-25 06:39 - 05503488 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-11-09 18:55 - 2016-10-25 06:38 - 03585536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-11-09 18:55 - 2016-10-25 06:37 - 00765952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-11-09 18:55 - 2016-10-25 06:34 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-11-09 18:55 - 2016-10-25 06:34 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2016-11-09 18:55 - 2016-10-25 06:28 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2016-11-09 18:55 - 2016-10-25 06:26 - 02563584 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2016-11-09 18:55 - 2016-10-25 06:20 - 01797120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-11-09 18:55 - 2016-10-25 06:12 - 11544576 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-11-09 18:55 - 2016-10-25 06:10 - 01568256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2016-11-09 18:55 - 2016-10-25 06:05 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-11-09 18:55 - 2016-10-25 06:02 - 06976512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-11-09 18:55 - 2016-10-25 06:02 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-11-09 18:55 - 2016-10-25 06:02 - 03459584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2016-11-09 18:55 - 2016-10-25 05:44 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-11-09 18:55 - 2016-10-25 05:43 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2016-11-09 18:54 - 2016-11-02 15:25 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-11-09 18:54 - 2016-10-25 08:32 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfp.dll
2016-11-09 18:54 - 2016-10-25 08:21 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2016-11-09 18:54 - 2016-10-25 08:19 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scfilter.sys
2016-11-09 18:54 - 2016-10-25 08:12 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSMDesktopProvider.dll
2016-11-09 18:54 - 2016-10-25 08:09 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\oemlicense.dll
2016-11-09 18:54 - 2016-10-25 08:05 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\FingerprintEnrollment.dll
2016-11-09 18:54 - 2016-10-25 08:02 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-11-09 18:54 - 2016-10-25 07:59 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-11-09 18:54 - 2016-10-25 07:59 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsvc.dll
2016-11-09 18:54 - 2016-10-25 07:57 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2016-11-09 18:54 - 2016-10-25 07:56 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Dxpserver.exe
2016-11-09 18:54 - 2016-10-25 07:55 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2016-11-09 18:54 - 2016-10-25 07:55 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkDesktopSettings.dll
2016-11-09 18:54 - 2016-10-25 07:54 - 00188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.PicturePassword.dll
2016-11-09 18:54 - 2016-10-25 07:53 - 00714240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2016-11-09 18:54 - 2016-10-25 07:52 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\APHostService.dll
2016-11-09 18:54 - 2016-10-25 07:51 - 00469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll
2016-11-09 18:54 - 2016-10-25 07:50 - 00492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2016-11-09 18:54 - 2016-10-25 07:47 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2016-11-09 18:54 - 2016-10-25 07:47 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2016-11-09 18:54 - 2016-10-25 07:47 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\edputil.dll
2016-11-09 18:54 - 2016-10-25 07:44 - 00602112 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2016-11-09 18:54 - 2016-10-25 07:42 - 00656896 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2016-11-09 18:54 - 2016-10-25 07:41 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2016-11-09 18:54 - 2016-10-25 07:37 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-11-09 18:54 - 2016-10-25 07:34 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-11-09 18:54 - 2016-10-25 07:32 - 01037824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2016-11-09 18:54 - 2016-10-25 07:24 - 04456448 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2016-11-09 18:54 - 2016-10-25 07:21 - 00236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\licensingdiag.exe
2016-11-09 18:54 - 2016-10-25 07:09 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2016-11-09 18:54 - 2016-10-25 07:03 - 06675968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-11-09 18:54 - 2016-10-25 07:01 - 01755648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2016-11-09 18:54 - 2016-10-25 06:35 - 02902528 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2016-11-09 18:54 - 2016-10-25 06:13 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2016-11-09 18:54 - 2016-10-25 06:10 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2016-11-09 18:54 - 2016-10-25 06:03 - 00636928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2016-10-29 19:30 - 2016-10-29 19:30 - 00000000 ____D C:\Users\sven\.android
2016-10-29 19:27 - 2016-10-29 19:40 - 00000000 ____D C:\Users\sven\AppData\Roaming\MyPhoneExplorer
2016-10-29 19:25 - 2016-10-29 19:25 - 00002134 _____ C:\Users\Public\Desktop\MyPhoneExplorer.lnk
2016-10-29 19:25 - 2016-10-29 19:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPhoneExplorer
2016-10-29 19:24 - 2016-10-29 19:25 - 00000000 ____D C:\Program Files (x86)\MyPhoneExplorer
2016-10-29 19:22 - 2016-10-29 19:22 - 01474568 _____ C:\Users\sven\Downloads\MyPhoneExplorer - CHIP-Installer.exe
2016-10-29 19:21 - 2016-10-29 19:21 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_WinUSB_01007.Wdf
2016-10-28 20:16 - 2016-11-13 23:28 - 01368548 _____ C:\WINDOWS\SysWOW64\winapp2_disk.csv

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-11-14 10:24 - 2016-06-27 13:35 - 00019588 _____ C:\Users\sven\Downloads\FRST.txt
2016-11-14 10:23 - 2016-06-27 13:35 - 00000000 ____D C:\FRST
2016-11-14 10:21 - 2015-05-14 13:33 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-11-14 10:15 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-11-14 10:10 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-11-14 10:08 - 2015-05-14 13:12 - 00004148 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B97F59CC-1A20-4413-8902-A64BFB21C53F}
2016-11-14 10:07 - 2016-09-25 20:41 - 00000000 ____D C:\Users\sven\AppData\LocalLow\Mozilla
2016-11-14 10:05 - 2016-02-05 04:06 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-11-14 10:05 - 2015-05-14 13:04 - 00000000 __SHD C:\Users\sven\IntelGraphicsProfiles
2016-11-13 19:41 - 2015-06-09 21:15 - 00000000 ____D C:\Users\sven\AppData\Local\CrashDumps
2016-11-13 12:33 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2016-11-12 12:35 - 2016-08-25 19:42 - 00003430 _____ C:\WINDOWS\System32\Tasks\Avira System Speedup Tray
2016-11-12 12:35 - 2015-08-24 14:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-11-12 12:34 - 2015-08-24 14:34 - 00000000 ____D C:\Program Files (x86)\Avira
2016-11-12 12:26 - 2015-05-14 13:50 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-11-12 12:11 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache
2016-11-12 11:54 - 2015-10-30 19:35 - 00776766 _____ C:\WINDOWS\system32\perfh007.dat
2016-11-12 11:54 - 2015-10-30 19:35 - 00155544 _____ C:\WINDOWS\system32\perfc007.dat
2016-11-12 11:54 - 2015-07-29 10:05 - 01799166 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-11-12 11:47 - 2016-02-05 04:24 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-11-12 11:47 - 2016-02-05 04:01 - 00206424 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-11-12 11:46 - 2016-09-23 07:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-11-12 11:46 - 2015-05-14 13:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-11-12 11:45 - 2015-10-30 07:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-11-12 11:42 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2016-11-12 11:42 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-11-12 11:42 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-11-12 11:42 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-11-12 11:42 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2016-11-12 11:42 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-11-12 11:42 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-11-12 11:42 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Provisioning
2016-11-12 11:42 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-11-12 11:42 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Windows Defender
2016-11-12 11:42 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-11-12 11:42 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-11-10 18:58 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-11-10 18:58 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-11-09 20:09 - 2015-05-22 09:44 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-11-09 20:02 - 2015-05-22 09:44 - 141011376 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-11-09 16:52 - 2016-02-05 03:56 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-11-08 16:21 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-11-08 16:21 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-11-08 16:21 - 2015-05-14 13:33 - 00003870 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-11-02 11:17 - 2015-08-24 14:36 - 00151352 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2016-10-29 19:30 - 2016-02-05 04:09 - 00000000 ____D C:\Users\sven
2016-10-28 22:48 - 2015-10-30 08:26 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-10-28 22:48 - 2015-10-30 08:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-10-26 21:07 - 2014-11-26 23:46 - 00003834 _____ C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2016-10-26 09:40 - 2014-11-26 23:46 - 00003604 _____ C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
2016-10-25 09:58 - 2016-02-05 04:04 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-10-21 12:27 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-10-19 22:21 - 2015-05-14 13:05 - 00000000 ____D C:\Users\sven\AppData\Local\Packages

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-06-03 18:38 - 2015-06-03 18:38 - 0000017 _____ () C:\Users\sven\AppData\Local\resmon.resmoncfg
2016-02-05 04:06 - 2016-02-05 04:06 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-11-08 16:07

==================== Ende von FRST.txt ============================

vigilanz · 14.11.2016, 10:31

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 12-11-2016
durchgeführt von sven (14-11-2016 10:25:58)
Gestartet von C:\Users\sven\Downloads
Windows 10 Home Version 1511 (X64) (2016-02-05 03:34:36)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3040301451-3423915041-4195490239-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3040301451-3423915041-4195490239-503 - Limited - Disabled)
Gast (S-1-5-21-3040301451-3423915041-4195490239-501 - Limited - Disabled)
sven (S-1-5-21-3040301451-3423915041-4195490239-1001 - Administrator - Enabled) => C:\Users\sven

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

abDocs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 3.02.2000 - Acer Incorporated)
abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.00.3002 - Acer Incorporated)
abMusic (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 3.01.2002.1 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 3.08.2003.3 - Acer Incorporated)
Acer Care Center (HKLM\...\{A424844F-CDB3-45E2-BB77-1DDE4A091E76}) (Version: 1.00.3013 - Acer Incorporated)
Acer Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Acer Incorporated)
Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8107 - Acer Incorporated)
Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 3.12.2004 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8105 - Acer Incorporated)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3016.0 - Acer Incorporated)
Acer User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.02.3004 - Acer Incorporated)
Acer User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.02.3004 - Acer Incorporated)
Acer Video Player (HKLM-x32\...\{B6846F20-4821-11E3-8F96-0800200C9A66}) (Version: 1.00.2005.0 - Acer Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated)
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.22.2001.0 - Acer Incorporated)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.23.58 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{82dc2ab6-088f-4e0a-8e27-bb829481d3bc}) (Version: 1.2.70.16079 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.2.70.16079 - Avira Operations GmbH & Co. KG) Hidden
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 2.7.0.3167 - Avira Operations GmbH & Co. KG)
Broadcom NetLink Controller (HKLM\...\{7FBA83D7-D58E-4B70-9B9B-12E95B183B22}) (Version: 16.6.1.3 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.16 - Piriform)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4917 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.4220 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.4609.02 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.6.3.1 - Dolby Laboratories Inc)
Foxit PhantomPDF (HKLM-x32\...\{2DF18CA8-86F2-4F3A-A1BF-A2A7D39B9161}) (Version: 7.0.49.127 - Foxit Software Inc.)
Free YouTube To MP3 Converter (HKLM-x32\...\Free YouTube To MP3 Converter_is1) (Version: 4.1.16.525 - Digital Wave Ltd)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.0.1168 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4248 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.20 - Intel(R) Corporation) Hidden
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d491dd9d-2eda-4d75-b504-1a201436e7fd}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 49.0 (x64 de) (HKLM\...\Mozilla Firefox 49.0 (x64 de)) (Version: 49.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.0.0.6152 - Mozilla)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.7 - F.J. Wechselberger)
NVIDIA GeForce Experience 2.9.1.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.9.1.22 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0324 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0324 - NVIDIA Corporation)
Qualcomm Atheros 61x4 Wireless LAN&Bluetooth Installer (HKLM-x32\...\{3241744A-BA36-41F0-B4AA-EF3946D00632}) (Version: 11.0.0.619A - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.39059 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 4.1.0260 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.9.1.22 - NVIDIA Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WavePad Audio-Editor (HKLM-x32\...\WavePad) (Version: 6.53 - NCH Software)
Windows 10-Upgrade-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17362 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.31 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3040301451-3423915041-4195490239-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\InprocServer32 -> C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {059AE04A-93EB-47F5-8D0E-95D763FC9EA4} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {0A3BAE9C-159F-4733-8E97-66AF6CE68517} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2014-08-29] ()
Task: {0C414A68-D775-49D5-AAEA-821CE377903F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-08] (Adobe Systems Incorporated)
Task: {1B0DDC17-33F1-4E0B-B823-EBE773B88C37} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {1C804D73-FBEB-421B-89C2-5841D2A4BAC0} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2014-06-12] (Acer Incorporated)
Task: {1F9EF47A-EB8D-4221-B3E3-7BF3D0FE5854} - System32\Tasks\Avira System Speedup Tray => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.Systray.exe [2016-11-10] (Avira Operations GmbH & Co. KG)
Task: {31C1DD7D-4166-4310-9945-18E1E744D687} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {31F48F2A-577A-4FE8-B1BD-1C069C62301C} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2014-06-08] (Acer Incorporated)
Task: {4F61396C-1465-46E0-A392-0A93A6AFF690} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-11-09] (Microsoft Corporation)
Task: {5314B153-871E-4913-9FFF-D5A3D350E7BF} - System32\Tasks\UbtFrameworkService => C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-12] (TODO: <Company name>)
Task: {54A31A2D-E607-4C91-8432-04CA0993F54E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {55FFF7B5-BFC2-447C-BBA2-AC8CEB629686} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {5830D0A6-E851-4B43-8DBA-E62D510C2CD3} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {5E8C000A-8D27-492C-9E8E-0DD732E9F6C8} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {752DB7C2-8E62-49D6-A998-7090C5BAAFB9} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2014-08-29] ()
Task: {77C947E9-B3A2-46E1-BEFE-BC8D6E4D79C8} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {79DAF372-4C31-4455-AE16-AE74E7E91B73} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2014-06-10] (Acer Incorporate)
Task: {7BED352D-9BCB-4873-A71E-EC94F82B1A47} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe [2014-04-07] (Dolby Laboratories Inc.)
Task: {7D6CBD0A-40AC-4218-8F42-75F55F9511F5} - System32\Tasks\{04A50182-6A10-4E96-B7CA-A3B97B26DC71} => pcalua.exe -a "C:\Program Files (x86)\City Interactive\Wolfschanze\unins000.exe"
Task: {8D686C61-A3B2-4E50-8EBC-BCC0608F7C2E} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {ACA04DD1-F7B5-4DA0-B561-1D6F51E22EEB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {B77C166E-9551-4DCC-8E4F-25B4CD3611BC} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {CB8F60CF-ED78-41FD-84CD-8030D5079C2B} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {D6D7ED5C-CEFE-4522-A069-2D349395EEFF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-03-11] (Piriform Ltd)
Task: {EA86748B-89D2-4DED-90BE-75083CCBCAA4} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {EADB18A2-5EEA-4CF1-80C5-B795B5FD8A8B} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe [2016-09-09] (Acer)
Task: {EB286C21-E76C-47B7-A9E6-4E4A9C2AE8F3} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {EDE257F9-8E51-4195-B44B-DDE67500CD4F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {FF9427F4-F4F5-4D46-95DD-886F74E7BA0F} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2016-08-30] (Acer Incorporated)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\sven\Favorites\Downloadseite von NCH Software.lnk -> hxxp://www.nch.com.au/de/index.html

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-02-15 17:08 - 2016-01-12 05:43 - 00291264 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2014-11-26 23:59 - 2012-04-24 11:43 - 00254512 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-02-05 04:06 - 2015-07-13 18:37 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-11-09 18:56 - 2016-10-25 10:42 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-14 15:07 - 2015-10-14 15:07 - 00415128 _____ () C:\WINDOWS\system32\igfxTray.exe
2016-11-09 18:56 - 2016-10-25 10:42 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2014-11-27 00:06 - 2014-07-01 14:13 - 00111872 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2016-02-05 03:56 - 2016-02-05 03:56 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-07-13 15:34 - 2016-07-01 04:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-11-09 18:57 - 2016-10-25 05:49 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-11-09 18:56 - 2016-10-25 05:44 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-11-09 18:57 - 2016-10-25 05:45 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-11-09 18:57 - 2016-10-25 05:48 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-03-11 21:49 - 2016-03-11 21:49 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2016-04-19 16:38 - 2016-04-19 16:38 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2015-11-05 16:32 - 2016-05-25 10:44 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2015-11-05 16:32 - 2016-05-25 10:44 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2015-11-05 16:32 - 2016-05-25 10:44 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2015-11-05 16:32 - 2016-05-25 10:44 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2014-02-19 18:51 - 2014-02-19 18:51 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-05-15 13:31 - 2016-01-12 05:43 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-08-15 17:03 - 2016-08-15 17:03 - 00202456 _____ () C:\Program Files (x86)\Acer\abPhoto\curllib.dll
2016-08-15 17:05 - 2016-08-15 17:05 - 00654000 _____ () C:\Program Files (x86)\Acer\abPhoto\sqlite3.dll
2016-08-15 17:05 - 2016-08-15 17:05 - 00641240 _____ () C:\Program Files (x86)\Acer\abPhoto\tag.dll
2016-08-15 17:04 - 2016-08-15 17:04 - 00119000 _____ () C:\Program Files (x86)\Acer\abPhoto\OpenLDAP.dll
2016-09-20 18:39 - 2016-09-20 18:39 - 00015064 _____ () C:\WINDOWS\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2016-08-30 14:09 - 2016-08-30 14:09 - 00013016 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
2016-08-30 14:05 - 2016-08-30 14:05 - 00277856 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll
2016-09-09 09:51 - 2016-09-09 09:51 - 00202456 _____ () C:\Program Files (x86)\Acer\Acer Portal\curllib.dll
2016-09-09 09:51 - 2016-09-09 09:51 - 00119000 _____ () C:\Program Files (x86)\Acer\Acer Portal\OpenLDAP.dll
2016-04-19 16:38 - 2016-04-19 16:38 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-19 16:38 - 2016-04-19 16:38 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3040301451-3423915041-4195490239-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\sven\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg
DNS Servers: 217.68.161.141 - 217.68.161.171
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKLM\...\StartupApproved\Run: => "NvBackend"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run: => "RtHDVBg_Dolby"
HKLM\...\StartupApproved\Run32: => "abDocsDllLoader"
HKU\S-1-5-21-3040301451-3423915041-4195490239-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3040301451-3423915041-4195490239-1001\...\StartupApproved\Run: => "Speech Recognition"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{858B816B-F3AA-4F54-B78D-4B2744925EDA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FCF2F5BE-23D1-4B1D-B536-6821F72E35B3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{99BA8DFF-F210-41BD-A396-6CFB6CDA5BF1}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{2A586E7E-C714-4E2B-9D68-29753D6AC472}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{67E7A6C7-0057-49A3-A6DD-631E131CFFFB}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{631D8435-3346-4ED3-B12C-A1346182AFC8}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{B419A1E9-306E-40D6-B457-45A9EE08E1C9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{1FEC4194-71FB-4389-8A2A-74F654911816}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{048C8627-9039-49C6-97A4-6EF9B9F72931}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{4DEC39CC-6370-4BAE-9AD8-B6747E74D503}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{EA4466AA-79F5-4A0E-BF40-A2F2D2C6FA56}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{E6C2B799-4892-4371-8C9A-03B15F9A8BA3}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{A21D9C43-DCC5-43C7-9DAD-41D1F17321AA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{38BCC186-0444-4D34-B3FE-A50D610B1AA2}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{DC84A5A0-A862-40ED-8121-C880AE7A200C}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{2143DB1D-AD40-494E-BF7A-414B2941AE78}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{A53F71FE-35D2-413E-8CD7-DB22F53AAB36}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{EA383B57-91E5-448F-8D5C-F95F946441BB}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{E72F3FBE-6DBE-4400-B734-EFBD2D9D9561}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{486D6408-01EA-41AB-BDCC-D676917D7377}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{E90441A8-A8E7-49E0-9966-F0AA0F139BE0}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{CB88A341-838C-4361-99A2-2C9564B11B26}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{6F03D2F7-A7B8-4178-B96F-99A1C9341517}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{AC2C83C7-A9B7-49EF-AE5C-F4D9B269FC8F}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{77AE13EE-CF7B-418D-B281-65D3F4BC9958}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{9B84DF74-531E-47AF-8A49-8715521D9123}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{C7265B4A-7D6B-4880-9FC9-D3723A55293F}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{31FBB05B-0E6A-4A95-B0C2-A78F6EA6AD42}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C4A525F2-6726-43E0-9C20-84B4EAF2065A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4DE1967D-F772-4D5D-A74E-731696662735}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{225D37C4-8464-469D-A0FA-B98A91DDE2C2}] => (Allow) LPort=2869
FirewallRules: [{528B1EDD-2627-4B3B-8E4D-AFCFBD41AF2A}] => (Allow) LPort=1900
FirewallRules: [{8C8B7E2C-39E0-4E59-AF9B-6E824DFD3E60}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{7D110762-53E5-45A2-8140-5D81B7FA66EB}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{2E5D02C4-E42E-4F7A-B8B2-F01C6796DA2F}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{7CFA70C8-090D-48D6-B49A-810F6A023347}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{7FE64E41-9160-4FF3-92FD-00B34721A028}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{DFF21E99-3BE4-480D-B164-30553E490EBC}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{7E8C4405-E144-446F-8971-300CCB19F46A}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{C0306413-978F-4C5D-A59F-30C9098A1D96}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{BF25A1D2-1285-44CE-831C-7E04245B1399}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{E32C172B-45D2-41E8-A5DB-61D05B7DAD5C}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{C2806F64-E1DD-4E45-B40B-565CA0ED1A6F}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{53D67D9D-5D61-4FCC-9021-E24D3C4368FB}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{AAAA5E9D-F173-4A9B-9C92-C314A0A8DD8A}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{4B79ADE7-EBA6-49C6-810C-B981A94A409E}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{D49BA750-0E42-45FC-A55B-D96BC09391CE}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{299C273B-835A-47CA-BE78-A1072F82A0ED}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{36C71FD1-0E0B-4BF9-B17D-CA098705A3E8}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{4E0366E9-9193-4532-BC60-C04A630C5013}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{6A0DA194-5348-4606-8EE5-F4296217EC2C}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{FBE97CBB-E412-4E60-B305-E0DA7D973A1E}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{B97153D4-9719-423C-AD39-7EE417DD96C1}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{7292FCD5-80C9-4D72-B195-EB575A3F10AE}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{6BBCFD47-8C87-43CB-B106-2CA3403B76A4}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{2ED08C68-EF8A-4648-B8AC-E2C030AE5737}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{BA3D9E0B-8F26-4FDE-82F4-45BAD2EBD4AF}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{EA0136B6-9B16-46DA-B53C-8CBBFA025240}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe
FirewallRules: [{AD6D645A-132D-4226-8927-0172343DD488}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [{B66C40A6-2C0A-42F3-A554-31B0E0C9F9DB}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe
FirewallRules: [TCP Query User{CEABA2C8-3DA7-45A6-9FDD-2D3572EE3C96}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [UDP Query User{037341D6-3055-436A-87B0-16BCF92293FD}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe

==================== Wiederherstellungspunkte =========================

12-11-2016 12:35:09 Avira System Speedup 2.7.0

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (11/13/2016 10:01:36 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: SVEN)
Description: Das Paket „0EB8BD08.TheTribez_5.0.28.0_x86__erk4rrwmt7jyt+App“ wurde beendet, da das Anhalten zu lange dauerte.

Error: (11/13/2016 07:41:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: PurchaseDialog.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d845
Name des fehlerhaften Moduls: PurchaseDialog.dll, Version: 10.0.10586.122, Zeitstempel: 0x56cc1c59
Ausnahmecode: 0x80000003
Fehleroffset: 0x000000000002a024
ID des fehlerhaften Prozesses: 0x2178
Startzeit der fehlerhaften Anwendung: 0x01d23ddd6e85ddb4
Pfad der fehlerhaften Anwendung: C:\Windows\PurchaseDialog\PurchaseDialog.exe
Pfad des fehlerhaften Moduls: C:\Windows\PurchaseDialog\PurchaseDialog.dll
Berichtskennung: 1166de78-0218-4e9f-ac9d-82a1241e03fd
Vollständiger Name des fehlerhaften Pakets: Windows.PurchaseDialog_6.2.0.0_neutral_neutral_cw5n1h2txyewy
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Microsoft.Windows.PurchaseDialog

Error: (11/12/2016 12:35:12 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (11/12/2016 12:27:27 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Die erweiterbare Leistungsindikator-DLL rdyboost kann nicht geladen werden. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Windows-Fehlercode.

Error: (11/12/2016 12:27:27 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (11/10/2016 06:57:53 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (11/08/2016 10:07:13 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SVEN)
Description: Bei der Aktivierung der App „Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (11/08/2016 10:07:13 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SVEN)
Description: Bei der Aktivierung der App „Microsoft.BingWeather_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (11/08/2016 04:08:09 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (11/06/2016 08:21:12 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.


Systemfehler:
=============
Error: (11/14/2016 10:08:19 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{784E29F4-5EBE-4279-9948-1E8FE941646D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (11/13/2016 11:28:02 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_2d20a47" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/13/2016 11:28:02 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _2d20a47" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/13/2016 11:28:02 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_2d20a47" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/13/2016 11:28:02 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_2d20a47" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/13/2016 11:07:39 AM) (Source: DCOM) (EventID: 10016) (User: SVEN)
Description: Durch die Berechtigungseinstellungen für "Computerstandard" wird dem Benutzer "Sven\sven" (SID: S-1-5-21-3040301451-3423915041-4195490239-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 und der APPID 
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 im Anwendungscontainer "Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy" (SID: S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (11/13/2016 08:30:45 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{784E29F4-5EBE-4279-9948-1E8FE941646D}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (11/13/2016 12:08:15 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_1c4c5a" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/13/2016 12:08:15 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _1c4c5a" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/13/2016 12:08:15 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_1c4c5a" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.


CodeIntegrity:
===================================
  Date: 2016-11-14 10:09:33.437
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\WINDOWS\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-11-12 11:49:37.457
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\WINDOWS\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-11-11 14:46:47.049
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\WINDOWS\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-11-10 17:31:37.068
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\WINDOWS\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-10-29 18:40:26.576
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\WINDOWS\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-10-24 21:15:07.386
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\WINDOWS\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-10-21 13:32:09.132
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\WINDOWS\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-10-13 15:56:14.698
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\WINDOWS\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-09-17 09:13:12.648
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-09-16 10:30:27.735
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-4210H CPU @ 2.90GHz
Prozentuale Nutzung des RAM: 38%
Installierter physikalischer RAM: 8115.27 MB
Verfügbarer physikalischer RAM: 5023.08 MB
Summe virtueller Speicher: 9395.27 MB
Verfügbarer virtueller Speicher: 6009.8 MB

==================== Laufwerke ================================

Drive c: (Acer) (Fixed) (Total:914.33 GB) (Free:726.91 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 09B099EA)

Partition: GPT.

==================== Ende von Addition.txt ============================

ansonsten haben Sie erst einmal vielen Dank dass Sie sich meiner annehmen ich hoffe alles Richtig zu machen

als Virenscanner hab ich Avira aber der findet trotz umtägigen scann nichts

cosinus · 14.11.2016, 10:37

Bitte Avira deinstallieren. Das Teil empfehlen wir schon seit Jahren aus mehreren Gründen nicht mehr. Ein Grund ist ne rel. hohe Fehlalarmquote, der zweite Hauptgrund ist, dass die immer noch mit ASK zusammenarbeiten (Avira Suchfunktion geht über ASK). Auch andere Freewareanbieter wie AVG, Avast oder Panda sprangen auf diesen Zug auf; so was ist bei Sicherheitssoftware einfach inakzeptabel. Vgl. Antivirensoftware: Schutz Für Ihre Dateien, Aber Auf Kosten Ihrer Privatsphäre? | Emsisoft Blog

Gib Bescheid wenn Avira weg ist; wenn wir hier durch sind, kannst du auf einen anderen Virenscanner umsteigen, Infos folgen dann im Abschlussposting. Bitte JETZT nix mehr ohne Absprache installieren!

vigilanz · 14.11.2016, 10:54

Avira ist vollständig entfernt und ich bin jetzt ohne Virenscanner

cosinus · 14.11.2016, 10:58

Zitat:

und ich bin jetzt ohne Virenscanner

Nö, bist du nicht. In W10 ist fest ein AV eingebaut. Aber die Industrie hat ja erfolgreich die Lüge verbreitet, dass das AV von Microsoft nichts tauge...

1. Schritt: Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte

Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

Starte bitte die mbar.exe.
Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
Klicke auf den CleanUp Button und erlaube den Neustart.
Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
Nach dem Neustart starte die mbar.exe erneut.
Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

2. Schritt: Kaspersky TDSS-Killer

Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

vigilanz · 14.11.2016, 12:01

Code:

ATTFilter

Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2016.11.14.04
  rootkit: v2016.10.31.01

Windows 10 x64 NTFS
Internet Explorer 11.672.10586.0
sven :: SVEN [administrator]

14.11.2016 11:03:14
mbar-log-2016-11-14 (11-03-14).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 323607
Time elapsed: 16 minute(s), 33 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

Code:

ATTFilter

11:58:15.0216 0x0a88  TDSS rootkit removing tool 3.1.0.12 Nov  7 2016 07:10:01
11:58:15.0217 0x0a88  UEFI system
11:58:19.0811 0x0a88  ============================================================
11:58:19.0811 0x0a88  Current date / time: 2016/11/14 11:58:19.0811
11:58:19.0811 0x0a88  SystemInfo:
11:58:19.0811 0x0a88  
11:58:19.0811 0x0a88  OS Version: 10.0.10586 ServicePack: 0.0
11:58:19.0811 0x0a88  Product type: Workstation
11:58:19.0811 0x0a88  ComputerName: SVEN
11:58:19.0811 0x0a88  UserName: sven
11:58:19.0811 0x0a88  Windows directory: C:\WINDOWS
11:58:19.0811 0x0a88  System windows directory: C:\WINDOWS
11:58:19.0811 0x0a88  Running under WOW64
11:58:19.0811 0x0a88  Processor architecture: Intel x64
11:58:19.0811 0x0a88  Number of processors: 4
11:58:19.0811 0x0a88  Page size: 0x1000
11:58:19.0811 0x0a88  Boot type: Normal boot
11:58:19.0811 0x0a88  CodeIntegrityOptions = 0x00000001
11:58:19.0811 0x0a88  ============================================================
11:58:19.0828 0x0a88  KLMD ARK init status: drvProperties = 0xFFFF00, osBuild = 10586.672, osProperties = 0x19
11:58:19.0829 0x0a88  KLMD BG init status: drvProperties = 0xFFFF00, osBuild = 10586.672, osProperties = 0x19
11:58:19.0829 0x0a88  BG loaded
11:58:20.0049 0x0a88  System UUID: {C8C458A5-D08F-352B-99D3-3C968EE895F8}
11:58:20.0924 0x0a88  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:58:20.0924 0x0a88  ============================================================
11:58:20.0924 0x0a88  \Device\Harddisk0\DR0:
11:58:20.0924 0x0a88  GPT partitions:
11:58:20.0924 0x0a88  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {B784C650-0E87-448D-94FA-8C4FD5DF3AAE}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x12C000
11:58:20.0924 0x0a88  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {D8D20A44-E67C-4401-9731-A7849137FC51}, Name: EFI system partition, StartLBA 0x12C800, BlocksNum 0x96000
11:58:20.0924 0x0a88  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {561F7B97-665E-471E-B764-65D4213D2895}, Name: Microsoft reserved partition, StartLBA 0x1C2800, BlocksNum 0x40000
11:58:20.0924 0x0a88  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {BD901923-DC87-4AC7-BA11-DA6799D7F397}, Name: Basic data partition, StartLBA 0x202800, BlocksNum 0x724A7000
11:58:20.0924 0x0a88  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {FE02F297-6773-4A7D-8D9B-F9E31A08191A}, Name: Basic data partition, StartLBA 0x726A9800, BlocksNum 0x205D000
11:58:20.0924 0x0a88  MBR partitions:
11:58:20.0924 0x0a88  ============================================================
11:58:20.0942 0x0a88  C: <-> \Device\Harddisk0\DR0\Partition4
11:58:20.0942 0x0a88  ============================================================
11:58:20.0942 0x0a88  Initialize success
11:58:20.0942 0x0a88  ============================================================
11:59:06.0732 0x1b68  ============================================================
11:59:06.0732 0x1b68  Scan started
11:59:06.0732 0x1b68  Mode: Manual; 
11:59:06.0732 0x1b68  ============================================================
11:59:06.0732 0x1b68  KSN ping started
11:59:06.0916 0x1b68  KSN ping finished: true
11:59:07.0850 0x1b68  ================ Scan system memory ========================
11:59:07.0850 0x1b68  System memory - ok
11:59:07.0851 0x1b68  ================ Scan services =============================
11:59:07.0972 0x1b68  1394ohci - ok
11:59:07.0972 0x1b68  3ware - ok
11:59:07.0988 0x1b68  ACPI - ok
11:59:07.0988 0x1b68  acpiex - ok
11:59:08.0003 0x1b68  acpipagr - ok
11:59:08.0003 0x1b68  AcpiPmi - ok
11:59:08.0019 0x1b68  acpitime - ok
11:59:08.0135 0x1b68  [ 9BAF21BA600EC4E5FD9A66AD3E4FF5A6, 5E02E5E80557F6EC870EB7CC2DE95169D4225B87A2FE7E796736205F51C15816 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:59:08.0157 0x1b68  AdobeFlashPlayerUpdateSvc - ok
11:59:08.0172 0x1b68  ADP80XX - ok
11:59:08.0188 0x1b68  AFD - ok
11:59:08.0188 0x1b68  agp440 - ok
11:59:08.0204 0x1b68  ahcache - ok
11:59:08.0219 0x1b68  AJRouter - ok
11:59:08.0219 0x1b68  ALG - ok
11:59:08.0235 0x1b68  AmdK8 - ok
11:59:08.0235 0x1b68  AmdPPM - ok
11:59:08.0253 0x1b68  amdsata - ok
11:59:08.0257 0x1b68  amdsbs - ok
11:59:08.0257 0x1b68  amdxata - ok
11:59:08.0273 0x1b68  AppID - ok
11:59:08.0273 0x1b68  AppIDSvc - ok
11:59:08.0288 0x1b68  Appinfo - ok
11:59:08.0304 0x1b68  AppReadiness - ok
11:59:08.0304 0x1b68  AppXSvc - ok
11:59:08.0320 0x1b68  arcsas - ok
11:59:08.0320 0x1b68  AsyncMac - ok
11:59:08.0335 0x1b68  atapi - ok
11:59:08.0357 0x1b68  [ 48386DDF416537A107F19FF51148C613, 7D423F36AC0AB59D0303EAF1914154FD57B20A81E1D8CB657E8DB6CCE19509A5 ] AtherosSvc      C:\Program Files (x86)\Qualcomm Atheros\Qualcomm Atheros 61x4 Wireless LAN&Bluetooth Installer\Bluetooth Suite\adminservice.exe
11:59:08.0373 0x1b68  AtherosSvc - ok
11:59:08.0388 0x1b68  AudioEndpointBuilder - ok
11:59:08.0388 0x1b68  Audiosrv - ok
11:59:08.0405 0x1b68  AxInstSV - ok
11:59:08.0405 0x1b68  b06bdrv - ok
11:59:08.0420 0x1b68  BasicDisplay - ok
11:59:08.0436 0x1b68  BasicRender - ok
11:59:08.0436 0x1b68  bcmfn - ok
11:59:08.0457 0x1b68  bcmfn2 - ok
11:59:08.0457 0x1b68  BDESVC - ok
11:59:08.0473 0x1b68  Beep - ok
11:59:08.0619 0x1b68  BFE - ok
11:59:08.0635 0x1b68  BITS - ok
11:59:08.0635 0x1b68  bowser - ok
11:59:08.0652 0x1b68  BrokerInfrastructure - ok
11:59:08.0657 0x1b68  Browser - ok
11:59:08.0704 0x1b68  [ 2C1E8FAD28807F93B5A775B3095BF28A, 24A9FE132CCEF483EA1406EA128515ED071BD99A33DF05890E1398E297C897DD ] BtFilter        C:\WINDOWS\system32\DRIVERS\btfilter.sys
11:59:08.0720 0x1b68  BtFilter - ok
11:59:08.0735 0x1b68  BthAvrcpTg - ok
11:59:08.0755 0x1b68  BthEnum - ok
11:59:08.0757 0x1b68  BthHFEnum - ok
11:59:08.0757 0x1b68  bthhfhid - ok
11:59:08.0773 0x1b68  BthHFSrv - ok
11:59:08.0773 0x1b68  BthLEEnum - ok
11:59:08.0789 0x1b68  BTHMODEM - ok
11:59:08.0804 0x1b68  BthPan - ok
11:59:08.0804 0x1b68  BTHPORT - ok
11:59:08.0820 0x1b68  bthserv - ok
11:59:08.0820 0x1b68  BTHUSB - ok
11:59:08.0836 0x1b68  buttonconverter - ok
11:59:08.0836 0x1b68  CapImg - ok
11:59:08.0974 0x1b68  [ 4147B5CA0C368FFE0FCE4116F558986A, F466B4556A140321B8F87C486CEBFB223D37526D877343BB6DA8FEFD03E16396 ] CCDMonitorService C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
11:59:09.0090 0x1b68  CCDMonitorService - ok
11:59:09.0105 0x1b68  cdfs - ok
11:59:09.0105 0x1b68  CDPSvc - ok
11:59:09.0121 0x1b68  cdrom - ok
11:59:09.0121 0x1b68  CertPropSvc - ok
11:59:09.0136 0x1b68  circlass - ok
11:59:09.0136 0x1b68  CLFS - ok
11:59:09.0159 0x1b68  ClipSVC - ok
11:59:09.0174 0x1b68  CmBatt - ok
11:59:09.0190 0x1b68  CNG - ok
11:59:09.0190 0x1b68  cnghwassist - ok
11:59:09.0237 0x1b68  CompositeBus - ok
11:59:09.0253 0x1b68  COMSysApp - ok
11:59:09.0259 0x1b68  condrv - ok
11:59:09.0259 0x1b68  CoreMessagingRegistrar - ok
11:59:09.0390 0x1b68  [ 700A193A1555B083E3A08F5D3A844925, 974F7F0C78289EFE821407E418EB65A022D6445DED8EA112B9866784AF0221EE ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
11:59:09.0405 0x1b68  cphs - ok
11:59:09.0421 0x1b68  [ 9E79A2208A9ED205A7383CBC92C28053, 2E6599DF30DF19BD7BE6FEF1B21FED7F349A3F2306CC5CFDB767ABA7283E8A55 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
11:59:09.0436 0x1b68  CryptSvc - ok
11:59:09.0436 0x1b68  dam - ok
11:59:09.0459 0x1b68  DcomLaunch - ok
11:59:09.0459 0x1b68  DcpSvc - ok
11:59:09.0475 0x1b68  defragsvc - ok
11:59:09.0475 0x1b68  DeviceAssociationService - ok
11:59:09.0490 0x1b68  DeviceInstall - ok
11:59:09.0490 0x1b68  DevQueryBroker - ok
11:59:09.0506 0x1b68  Dfsc - ok
11:59:09.0522 0x1b68  [ 9593475FBC857A05D93BFF4FA7323C2B, D2A958AF5EFDC6136A6ABB7F8D5FE1F84C967E79BEA96C5BE3661A0145DEB907 ] dg_ssudbus      C:\WINDOWS\system32\DRIVERS\ssudbus.sys
11:59:09.0522 0x1b68  dg_ssudbus - ok
11:59:09.0559 0x1b68  [ D461D2BECEFA661291EB1B748A8D2CCB, 7275859FCDE58DE6C0C683AFDAD910EB4602336CC724EEE42495A8839213469D ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
11:59:09.0575 0x1b68  Dhcp - ok
11:59:09.0591 0x1b68  diagnosticshub.standardcollector.service - ok
11:59:09.0591 0x1b68  DiagTrack - ok
11:59:09.0638 0x1b68  [ 1CFFF6D1E6E192B1E81B6DA3E94C0D4C, 742917C923D8B222F78074B8A7F251A89C488B0CC0FA782D099D4A25841073E1 ] DigitalWave.Update.Service C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
11:59:09.0660 0x1b68  DigitalWave.Update.Service - ok
11:59:09.0660 0x1b68  disk - ok
11:59:09.0675 0x1b68  DmEnrollmentSvc - ok
11:59:09.0675 0x1b68  dmvsc - ok
11:59:09.0691 0x1b68  dmwappushservice - ok
11:59:09.0691 0x1b68  Dnscache - ok
11:59:09.0707 0x1b68  dot3svc - ok
11:59:09.0722 0x1b68  DPS - ok
11:59:09.0722 0x1b68  drmkaud - ok
11:59:09.0738 0x1b68  DsmSvc - ok
11:59:09.0738 0x1b68  DsSvc - ok
11:59:09.0757 0x1b68  DXGKrnl - ok
11:59:09.0759 0x1b68  Eaphost - ok
11:59:09.0759 0x1b68  ebdrv - ok
11:59:09.0775 0x1b68  EFS - ok
11:59:09.0791 0x1b68  EhStorClass - ok
11:59:09.0806 0x1b68  EhStorTcgDrv - ok
11:59:09.0806 0x1b68  embeddedmode - ok
11:59:09.0822 0x1b68  EntAppSvc - ok
11:59:09.0976 0x1b68  [ F800FEA3F6865E506AC2B218F25F1E38, 25E8EE3D009D52EDEF9F67587EA8E9E0FFD6094F3971B9470B0A7AC018AD469D ] ePowerSvc       C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
11:59:10.0108 0x1b68  ePowerSvc - ok
11:59:10.0122 0x1b68  ErrDev - ok
11:59:10.0139 0x1b68  EventSystem - ok
11:59:10.0146 0x1b68  exfat - ok
11:59:10.0156 0x1b68  fastfat - ok
11:59:10.0164 0x1b68  Fax - ok
11:59:10.0171 0x1b68  fdc - ok
11:59:10.0171 0x1b68  fdPHost - ok
11:59:10.0188 0x1b68  FDResPub - ok
11:59:10.0188 0x1b68  fhsvc - ok
11:59:10.0204 0x1b68  FileCrypt - ok
11:59:10.0219 0x1b68  FileInfo - ok
11:59:10.0219 0x1b68  Filetrace - ok
11:59:10.0235 0x1b68  flpydisk - ok
11:59:10.0250 0x1b68  FltMgr - ok
11:59:10.0250 0x1b68  FontCache - ok
11:59:10.0270 0x1b68  FontCache3.0.0.0 - ok
11:59:10.0270 0x1b68  FsDepends - ok
11:59:10.0286 0x1b68  Fs_Rec - ok
11:59:10.0286 0x1b68  fvevol - ok
11:59:10.0301 0x1b68  gagp30kx - ok
11:59:10.0301 0x1b68  gencounter - ok
11:59:10.0317 0x1b68  genericusbfn - ok
11:59:10.0386 0x1b68  [ 061CC5C12C39899D7398CFEBFD19F69F, 62319596863A74665FA801C305C952A0F20AAA0F1CDC2195F2F69D662790C80B ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
11:59:10.0448 0x1b68  GfExperienceService - ok
11:59:10.0467 0x1b68  GPIOClx0101 - ok
11:59:10.0549 0x1b68  [ B89C353AFC8F56D961D07FF1FE7B4BCD, C4491A1E33E0151AF3D7589769D4DCFABC68518A22393A7584FB573B47643B2F ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
11:59:10.0618 0x1b68  gpsvc - ok
11:59:10.0633 0x1b68  GpuEnergyDrv - ok
11:59:10.0633 0x1b68  HDAudBus - ok
11:59:10.0649 0x1b68  HidBatt - ok
11:59:10.0649 0x1b68  HidBth - ok
11:59:10.0671 0x1b68  hidi2c - ok
11:59:10.0671 0x1b68  hidinterrupt - ok
11:59:10.0686 0x1b68  HidIr - ok
11:59:10.0686 0x1b68  hidserv - ok
11:59:10.0702 0x1b68  [ 128DEDDD61915DBA4D451D91D21F0513, 961A0DDA02B0879989300C15E4FF9022882A4CD895D65335C263AC0DD1918314 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
11:59:10.0702 0x1b68  HidUsb - ok
11:59:10.0718 0x1b68  HomeGroupListener - ok
11:59:10.0718 0x1b68  HomeGroupProvider - ok
11:59:10.0733 0x1b68  HpSAMD - ok
11:59:10.0733 0x1b68  HTTP - ok
11:59:10.0749 0x1b68  hwpolicy - ok
11:59:10.0765 0x1b68  hyperkbd - ok
11:59:10.0771 0x1b68  i8042prt - ok
11:59:10.0771 0x1b68  iai2c - ok
11:59:10.0786 0x1b68  iaLPSS2i_I2C - ok
11:59:10.0786 0x1b68  iaLPSSi_GPIO - ok
11:59:10.0802 0x1b68  iaLPSSi_I2C - ok
11:59:10.0817 0x1b68  iaStorAV - ok
11:59:10.0817 0x1b68  iaStorV - ok
11:59:10.0833 0x1b68  ibbus - ok
11:59:10.0849 0x1b68  [ 57C88C15CEC97318F580D7F4327AAA46, FD3AD83576804DA819F48E3E198FE470420E730F6118AD0E719A91E67C80D3FE ] icssvc          C:\WINDOWS\System32\tetheringservice.dll
11:59:10.0886 0x1b68  icssvc - ok
11:59:10.0886 0x1b68  IEEtwCollectorService - ok
11:59:11.0271 0x1b68  [ 548712979B0BA12ECE2D8549797593D4, 6809412A76DE30C914A65BB8546E436AD540E00610D5D13FDE486C4446E95C24 ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
11:59:11.0572 0x1b68  igfx - ok
11:59:11.0619 0x1b68  [ BA1BA1C9E40BCEB88678747C1E7C256F, C85CC690D353FCEBFD243304C25EEAA2BC13DB1E2A4C8C65371F455511540959 ] igfxCUIService2.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
11:59:11.0634 0x1b68  igfxCUIService2.0.0.0 - ok
11:59:11.0650 0x1b68  IKEEXT - ok
11:59:11.0667 0x1b68  [ FC7C456AF9B9811499EDBD10616832EE, CA2D8B0E672D3AE449C2FF0B9E142D74E8C72FD877D11162A9F7CC51AF58220F ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
11:59:11.0671 0x1b68  intaud_WaveExtensible - ok
11:59:11.0935 0x1b68  [ 622868E4BAE8FBCD22CB1A5901A2C824, C1A2264C0984DD16C83B663C9CE43E049E1356E32C5771C3ACE225F285699138 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
11:59:12.0151 0x1b68  IntcAzAudAddService - ok
11:59:12.0204 0x1b68  [ 890144FA6AB42F2B54EE633BF96A019A, 8741904C66170BA11C78D31681E3759537C0BF2338538678BC64234DB8FDE93F ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
11:59:12.0220 0x1b68  IntcDAud - ok
11:59:12.0289 0x1b68  [ 4C17F57E43645E75800E9E84787E34E5, 6A1531D97462BA3B3DBDAD472AF15B717C958AA8C5CE2373DE0B2A41C35BE33E ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
11:59:12.0336 0x1b68  Intel(R) Capability Licensing Service TCP IP Interface - ok
11:59:12.0352 0x1b68  [ 2390C395882F7773AB7D6CC2547B41DE, 220EBA14BC4A686ED9879D27900AD66ACD937899759A4319297E0F15DFAB247C ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
11:59:12.0352 0x1b68  Intel(R) ME Service - ok
11:59:12.0374 0x1b68  intelide - ok
11:59:12.0374 0x1b68  intelpep - ok
11:59:12.0389 0x1b68  intelppm - ok
11:59:12.0389 0x1b68  IoQos - ok
11:59:12.0405 0x1b68  IpFilterDriver - ok
11:59:12.0470 0x1b68  [ 5AAB28A6AC2AAC9F66D4EAB6695D0474, BDAB1D04989788EA945C7FE0DE962F0FEC672D9703C271F8469822A91D7462B9 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
11:59:12.0521 0x1b68  iphlpsvc - ok
11:59:12.0536 0x1b68  IPMIDRV - ok
11:59:12.0536 0x1b68  IPNAT - ok
11:59:12.0552 0x1b68  IRENUM - ok
11:59:12.0552 0x1b68  isapnp - ok
11:59:12.0571 0x1b68  iScsiPrt - ok
11:59:12.0590 0x1b68  [ 622BF9C46A47CF17608C501320E8EFBD, 059F99D4306216324E100FCDAF02093B2CD662F2C6BE8565A4281E7760F8B575 ] iumsvc          C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
11:59:12.0590 0x1b68  iumsvc - ok
11:59:12.0605 0x1b68  [ A90C843F4FDD7A07129BA73C6BE13976, A76DEA9F09E3B2F18D3B646A0DD39E2773EC62E2F3C55421BA61C12190D78C1C ] iwdbus          C:\WINDOWS\System32\drivers\iwdbus.sys
11:59:12.0605 0x1b68  iwdbus - ok
11:59:12.0621 0x1b68  [ BDC9C7931DB723CB1AF9F7075EA06645, EEBD5DC9C4656F14F8F0A0A5E84657B6B2BA35283E0E571119DA82F131D5C21B ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
11:59:12.0621 0x1b68  jhi_service - ok
11:59:12.0637 0x1b68  k57nd60a - ok
11:59:12.0637 0x1b68  kbdclass - ok
11:59:12.0652 0x1b68  kbdhid - ok
11:59:12.0652 0x1b68  kdnic - ok
11:59:12.0674 0x1b68  KeyIso - ok
11:59:12.0674 0x1b68  KSecDD - ok
11:59:12.0690 0x1b68  KSecPkg - ok
11:59:12.0690 0x1b68  ksthunk - ok
11:59:12.0705 0x1b68  KtmRm - ok
11:59:12.0705 0x1b68  LanmanServer - ok
11:59:12.0721 0x1b68  LanmanWorkstation - ok
11:59:12.0737 0x1b68  lfsvc - ok
11:59:12.0737 0x1b68  LicenseManager - ok
11:59:12.0752 0x1b68  lltdio - ok
11:59:12.0752 0x1b68  lltdsvc - ok
11:59:12.0774 0x1b68  [ 4ACC60B4CBC911F3F34A1D66213BBBF5, C09A87ACAE0D41FD425BAF076FFE9B601DB89BB66199E5BD72FC59C6A8E449DB ] LMDriver        C:\WINDOWS\System32\drivers\LMDriver.sys
11:59:12.0774 0x1b68  LMDriver - ok
11:59:12.0774 0x1b68  lmhosts - ok
11:59:12.0806 0x1b68  [ A7D2A96187E5C5F4F7650900A15788AA, F131C3E8206A89A9244ECF2507F4FC1A8550E594A58F75338939A54C973078AF ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
11:59:12.0837 0x1b68  LMS - ok
11:59:12.0873 0x1b68  [ 5059A4211317A8272F53B6179BB6A631, A2EB1BE89520A34597373635503A751B37B8EFD95820B4CAA1CE9A68A471AF73 ] LMSvc           C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
11:59:12.0890 0x1b68  LMSvc - ok
11:59:12.0906 0x1b68  LSI_SAS - ok
11:59:12.0906 0x1b68  LSI_SAS2i - ok
11:59:12.0922 0x1b68  LSI_SAS3i - ok
11:59:12.0922 0x1b68  LSI_SSS - ok
11:59:12.0937 0x1b68  LSM - ok
11:59:12.0953 0x1b68  luafv - ok
11:59:12.0953 0x1b68  MapsBroker - ok
11:59:12.0970 0x1b68  megasas - ok
11:59:12.0975 0x1b68  megasr - ok
11:59:12.0991 0x1b68  [ AFEA4FAABCE6F0C299E9231FF4F466BE, BCF0C50F02C4AC2784139935F3756F5C4D24FCAF07ACD9567B87991A9D1F16DB ] MEIx64          C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys
11:59:12.0991 0x1b68  MEIx64 - ok
11:59:13.0006 0x1b68  MessagingService - ok
11:59:13.0038 0x1b68  mlx4_bus - ok
11:59:13.0053 0x1b68  MMCSS - ok
11:59:13.0053 0x1b68  Modem - ok
11:59:13.0075 0x1b68  monitor - ok
11:59:13.0075 0x1b68  mouclass - ok
11:59:13.0091 0x1b68  mouhid - ok
11:59:13.0091 0x1b68  mountmgr - ok
11:59:13.0107 0x1b68  [ C1A273141F13434647AC7CE37D2C18EC, F36D1A12DB8289949528F4BC81E077B33709F9B14A01537EEA63F27FFA17092D ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:59:13.0122 0x1b68  MozillaMaintenance - ok
11:59:13.0138 0x1b68  mpsdrv - ok
11:59:13.0138 0x1b68  MpsSvc - ok
11:59:13.0153 0x1b68  MRxDAV - ok
11:59:13.0153 0x1b68  mrxsmb - ok
11:59:13.0174 0x1b68  mrxsmb10 - ok
11:59:13.0176 0x1b68  mrxsmb20 - ok
11:59:13.0176 0x1b68  MsBridge - ok
11:59:13.0191 0x1b68  MSDTC - ok
11:59:13.0207 0x1b68  Msfs - ok
11:59:13.0222 0x1b68  msgpiowin32 - ok
11:59:13.0222 0x1b68  mshidkmdf - ok
11:59:13.0238 0x1b68  mshidumdf - ok
11:59:13.0238 0x1b68  msisadrv - ok
11:59:13.0254 0x1b68  MSiSCSI - ok
11:59:13.0254 0x1b68  msiserver - ok
11:59:13.0275 0x1b68  MSKSSRV - ok
11:59:13.0275 0x1b68  MsLldp - ok
11:59:13.0291 0x1b68  MSPCLOCK - ok
11:59:13.0291 0x1b68  MSPQM - ok
11:59:13.0307 0x1b68  MsRPC - ok
11:59:13.0322 0x1b68  mssmbios - ok
11:59:13.0322 0x1b68  MSTEE - ok
11:59:13.0338 0x1b68  MTConfig - ok
11:59:13.0338 0x1b68  Mup - ok
11:59:13.0354 0x1b68  mvumis - ok
11:59:13.0354 0x1b68  NativeWifiP - ok
11:59:13.0376 0x1b68  NcaSvc - ok
11:59:13.0376 0x1b68  NcbService - ok
11:59:13.0392 0x1b68  NcdAutoSetup - ok
11:59:13.0392 0x1b68  ndfltr - ok
11:59:13.0407 0x1b68  NDIS - ok
11:59:13.0423 0x1b68  NdisCap - ok
11:59:13.0423 0x1b68  NdisImPlatform - ok
11:59:13.0439 0x1b68  NdisTapi - ok
11:59:13.0439 0x1b68  Ndisuio - ok
11:59:13.0454 0x1b68  NdisVirtualBus - ok
11:59:13.0454 0x1b68  NdisWan - ok
11:59:13.0473 0x1b68  ndiswanlegacy - ok
11:59:13.0476 0x1b68  ndproxy - ok
11:59:13.0492 0x1b68  [ 883A36E2FF7FA3E1281CB575579FE3AF, F1BE02B13C090E2E36BD211055FC980E79BD14F72042773A3619A5143AAEE485 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
11:59:13.0508 0x1b68  Ndu - ok
11:59:13.0508 0x1b68  NetBIOS - ok
11:59:13.0539 0x1b68  [ C03E926B0E7D66D68994067231DC3246, 1895BE28921431AA78BEF9AFE01411FE8CDA570867E527E4D925E6FAA35D8BC0 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
11:59:13.0555 0x1b68  NetBT - ok
11:59:13.0572 0x1b68  Netlogon - ok
11:59:13.0577 0x1b68  Netman - ok
11:59:13.0577 0x1b68  netprofm - ok
11:59:13.0592 0x1b68  NetSetupSvc - ok
11:59:13.0608 0x1b68  NetTcpPortSharing - ok
11:59:13.0624 0x1b68  NgcCtnrSvc - ok
11:59:13.0624 0x1b68  NgcSvc - ok
11:59:13.0639 0x1b68  NlaSvc - ok
11:59:13.0639 0x1b68  Npfs - ok
11:59:13.0655 0x1b68  npsvctrig - ok
11:59:13.0655 0x1b68  nsi - ok
11:59:13.0677 0x1b68  nsiproxy - ok
11:59:13.0677 0x1b68  NTFS - ok
11:59:13.0693 0x1b68  Null - ok
11:59:14.0347 0x1b68  [ AEEA2EC9CEEB8ADE8284583BBB98AB0D, AB629C047EFB8F5CF13FF923C332A05CD3F510A8C07D2EA6D3C493E2533DB1E0 ] nvlddmkm        C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
11:59:14.0889 0x1b68  nvlddmkm - ok
11:59:15.0017 0x1b68  [ 1E3277F1C9F62F90488D02869A9522B7, 464870ACE9BDF7A6A9C46701209BEED5C33454CFF44CDABEAF871E06F23FEF17 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
11:59:15.0117 0x1b68  NvNetworkService - ok
11:59:15.0133 0x1b68  nvraid - ok
11:59:15.0139 0x1b68  nvstor - ok
11:59:15.0139 0x1b68  [ 59A8DE923619F3DC0C6C63DC33FB231E, 29D20EA3EB9599DE829A0630F2063D5DFD2263E9222CD4E3559725792D1454A5 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
11:59:15.0155 0x1b68  NvStreamKms - ok
11:59:15.0518 0x1b68  [ 9B4B3747C6756F49B986398A46EC1FE0, D0A25F07CBFB39B86DCB148A2EC8F01FDDD9B6D994418C54F49AA2B782CE9811 ] NvStreamNetworkSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
11:59:15.0838 0x1b68  NvStreamNetworkSvc - ok
11:59:16.0142 0x1b68  [ 266512CCC3B2E195CDE3A7A2C98A353A, DCB6C88A32FE3EE11D4FF242DE6E52B3C576C2EA4E4A5A245B4451CDEDCE94B0 ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
11:59:16.0374 0x1b68  NvStreamSvc - ok
11:59:16.0443 0x1b68  [ 1B44B5244EAF26BEC315AE84B0AFFC66, 760F376FFF7665E32718E890387CA2404D70DED2D2694A1647483722287D01B8 ] nvsvc           C:\WINDOWS\system32\nvvsvc.exe
11:59:16.0505 0x1b68  nvsvc - ok
11:59:16.0505 0x1b68  [ 64E8275CEAD43D3CA8E3A311B2F4B64A, 99E683890B9AF3243100B387317760B5F91745EF9F7FF2ABA2DC7B6551A6EAB6 ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
11:59:16.0521 0x1b68  nvvad_WaveExtensible - ok
11:59:16.0521 0x1b68  nv_agp - ok
11:59:16.0541 0x1b68  OneSyncSvc - ok
11:59:16.0574 0x1b68  p2pimsvc - ok
11:59:16.0574 0x1b68  p2psvc - ok
11:59:16.0590 0x1b68  Parport - ok
11:59:16.0605 0x1b68  [ D330D74B5F99309B5CCA30AE41C57CDE, AE5186CB4B639A5241BF0D17FE8A73D6DAFA505C31E250EA225CD498C8A4A07E ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
11:59:16.0605 0x1b68  partmgr - ok
11:59:16.0621 0x1b68  PcaSvc - ok
11:59:16.0621 0x1b68  pci - ok
11:59:16.0643 0x1b68  pciide - ok
11:59:16.0643 0x1b68  pcmcia - ok
11:59:16.0659 0x1b68  pcw - ok
11:59:16.0659 0x1b68  pdc - ok
11:59:16.0674 0x1b68  PEAUTH - ok
11:59:16.0674 0x1b68  percsas2i - ok
11:59:16.0690 0x1b68  percsas3i - ok
11:59:16.0789 0x1b68  PerfHost - ok
11:59:16.0805 0x1b68  PhoneSvc - ok
11:59:16.0805 0x1b68  PimIndexMaintenanceSvc - ok
11:59:16.0839 0x1b68  pla - ok
11:59:16.0843 0x1b68  PlugPlay - ok
11:59:16.0843 0x1b68  PNRPAutoReg - ok
11:59:16.0859 0x1b68  PNRPsvc - ok
11:59:16.0890 0x1b68  [ D67052BD0DA9C17BCBBF8AB5B6D354EE, 7FE9B414C74CF69E531B27C506216F7F5CBE00B67E90305A4A4A2ECADAA4F349 ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
11:59:16.0906 0x1b68  PolicyAgent - ok
11:59:16.0921 0x1b68  Power - ok
11:59:16.0943 0x1b68  PptpMiniport - ok
11:59:17.0143 0x1b68  [ 2195908CEF288E1C10E5266B9DF75D29, 30E0664A03C58DD3B325A9A4A248AD1FA9297DD65F0D472C3AD90E21B238169F ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
11:59:17.0305 0x1b68  PrintNotify - ok
11:59:17.0321 0x1b68  Processor - ok
11:59:17.0321 0x1b68  ProfSvc - ok
11:59:17.0343 0x1b68  Psched - ok
11:59:17.0374 0x1b68  [ 2ACAB8C99FFCB2555A5979944D26EB50, BA0543FEBFCB50A7A379D695F110DB0C6CB5AA299D3C517FE270635044F00BFA ] QASvc           C:\Program Files\Acer\Acer Quick Access\QASvc.exe
11:59:17.0390 0x1b68  QASvc - ok
11:59:17.0406 0x1b68  Qcamain10x64 - ok
11:59:17.0406 0x1b68  QWAVE - ok
11:59:17.0421 0x1b68  QWAVEdrv - ok
11:59:17.0421 0x1b68  [ 6A52182919E25FB56D253D389F92CE98, AE6497D5CF324CB813248ADECB0F53E5CB3D6C326774E2257319E4CE7782C591 ] RadioShim       C:\WINDOWS\System32\drivers\RadioShim.sys
11:59:17.0439 0x1b68  RadioShim - ok
11:59:17.0443 0x1b68  RasAcd - ok
11:59:17.0443 0x1b68  RasAgileVpn - ok
11:59:17.0459 0x1b68  RasAuto - ok
11:59:17.0459 0x1b68  Rasl2tp - ok
11:59:17.0474 0x1b68  RasMan - ok
11:59:17.0490 0x1b68  RasPppoe - ok
11:59:17.0490 0x1b68  RasSstp - ok
11:59:17.0506 0x1b68  rdbss - ok
11:59:17.0506 0x1b68  rdpbus - ok
11:59:17.0521 0x1b68  RDPDR - ok
11:59:17.0543 0x1b68  RdpVideoMiniport - ok
11:59:17.0543 0x1b68  rdyboost - ok
11:59:17.0559 0x1b68  ReFSv1 - ok
11:59:17.0559 0x1b68  RemoteAccess - ok
11:59:17.0575 0x1b68  RemoteRegistry - ok
11:59:17.0575 0x1b68  RetailDemo - ok
11:59:17.0590 0x1b68  RFCOMM - ok
11:59:17.0621 0x1b68  [ 41DDCF1ADD1FB7DE23DCF671740DDBE6, 87ECB5C883CEFF76D126A5B4D92E069C9298FA5B62CC981870F9ECCA13C074F1 ] RichVideo       C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
11:59:17.0640 0x1b68  RichVideo - ok
11:59:17.0659 0x1b68  [ 858DB87C457D2B44DDEF876B170AAACE, E59D06DCBD94573A89D98B58C46A3DA0AD115831D2A0FBD2F7940A6694504A28 ] RMSvc           C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
11:59:17.0690 0x1b68  RMSvc - ok
11:59:17.0690 0x1b68  RpcEptMapper - ok
11:59:17.0706 0x1b68  RpcLocator - ok
11:59:17.0706 0x1b68  RpcSs - ok
11:59:17.0722 0x1b68  rspndr - ok
11:59:17.0760 0x1b68  [ 3940780911A7BD1793B7CEEC9E4429C2, 539511D26D2EE348F80D9EFA414FD731983B14D8218E498217E7A0A0E439E41C ] RTSUER          C:\WINDOWS\system32\Drivers\RtsUer.sys
11:59:17.0775 0x1b68  RTSUER - ok
11:59:17.0775 0x1b68  s3cap - ok
11:59:17.0791 0x1b68  SamSs - ok
11:59:17.0791 0x1b68  sbp2port - ok
11:59:17.0806 0x1b68  SCardSvr - ok
11:59:17.0822 0x1b68  ScDeviceEnum - ok
11:59:17.0822 0x1b68  scfilter - ok
11:59:17.0844 0x1b68  Schedule - ok
11:59:17.0844 0x1b68  SCPolicySvc - ok
11:59:17.0860 0x1b68  sdbus - ok
11:59:17.0860 0x1b68  SDRSVC - ok
11:59:17.0875 0x1b68  sdstor - ok
11:59:17.0875 0x1b68  seclogon - ok
11:59:17.0891 0x1b68  SENS - ok
11:59:17.0891 0x1b68  SensorDataService - ok
11:59:17.0907 0x1b68  SensorService - ok
11:59:17.0922 0x1b68  SensrSvc - ok
11:59:17.0922 0x1b68  SerCx - ok
11:59:17.0941 0x1b68  SerCx2 - ok
11:59:17.0944 0x1b68  Serenum - ok
11:59:17.0944 0x1b68  Serial - ok
11:59:17.0960 0x1b68  sermouse - ok
11:59:17.0976 0x1b68  SessionEnv - ok
11:59:17.0991 0x1b68  sfloppy - ok
11:59:18.0007 0x1b68  SharedAccess - ok
11:59:18.0023 0x1b68  ShellHWDetection - ok
11:59:18.0023 0x1b68  SiSRaid2 - ok
11:59:18.0042 0x1b68  SiSRaid4 - ok
11:59:18.0045 0x1b68  smphost - ok
11:59:18.0045 0x1b68  SmsRouter - ok
11:59:18.0060 0x1b68  SNMPTRAP - ok
11:59:18.0076 0x1b68  spaceport - ok
11:59:18.0076 0x1b68  SpbCx - ok
11:59:18.0092 0x1b68  Spooler - ok
11:59:18.0107 0x1b68  sppsvc - ok
11:59:18.0107 0x1b68  srv - ok
11:59:18.0123 0x1b68  srv2 - ok
11:59:18.0123 0x1b68  srvnet - ok
11:59:18.0143 0x1b68  SSDPSRV - ok
11:59:18.0145 0x1b68  SstpSvc - ok
11:59:18.0161 0x1b68  [ 592FF34A2FD6C6351B8A3AA76B2C0A9E, 152B7472DE531AC45492F562DD470B2CE33F1EEF13BC78F26046AE5ABF54E32F ] ssudmdm         C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
11:59:18.0176 0x1b68  ssudmdm - ok
11:59:18.0176 0x1b68  StateRepository - ok
11:59:18.0192 0x1b68  stexstor - ok
11:59:18.0207 0x1b68  stisvc - ok
11:59:18.0207 0x1b68  storahci - ok
11:59:18.0223 0x1b68  storflt - ok
11:59:18.0223 0x1b68  stornvme - ok
11:59:18.0240 0x1b68  storqosflt - ok
11:59:18.0245 0x1b68  StorSvc - ok
11:59:18.0245 0x1b68  storufs - ok
11:59:18.0261 0x1b68  storvsc - ok
11:59:18.0261 0x1b68  svsvc - ok
11:59:18.0276 0x1b68  swenum - ok
11:59:18.0308 0x1b68  swprv - ok
11:59:18.0308 0x1b68  Synth3dVsc - ok
11:59:18.0323 0x1b68  SysMain - ok
11:59:18.0346 0x1b68  [ FA8E0A9C648035CA1B47C9DA77EDB7EA, 4097AB89D2DB4741B138F3939AED4C5DB00BA124BF66E5DC2218ACF3A37513A3 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
11:59:18.0392 0x1b68  SystemEventsBroker - ok
11:59:18.0392 0x1b68  TabletInputService - ok
11:59:18.0408 0x1b68  TapiSrv - ok
11:59:18.0424 0x1b68  Tcpip - ok
11:59:18.0424 0x1b68  Tcpip6 - ok
11:59:18.0446 0x1b68  tcpipreg - ok
11:59:18.0446 0x1b68  tdx - ok
11:59:18.0461 0x1b68  terminpt - ok
11:59:18.0461 0x1b68  TermService - ok
11:59:18.0477 0x1b68  Themes - ok
11:59:18.0477 0x1b68  TieringEngineService - ok
11:59:18.0493 0x1b68  tiledatamodelsvc - ok
11:59:18.0508 0x1b68  TimeBroker - ok
11:59:18.0524 0x1b68  [ 87B9ABB965F7AF987D52791F0DD1663D, 6E42F764D47ACAD644E5F547E503B7AEA8D700C335674D1B0EB5493914F747E7 ] TPM             C:\WINDOWS\System32\drivers\tpm.sys
11:59:18.0546 0x1b68  TPM - ok
11:59:18.0546 0x1b68  TrkWks - ok
11:59:18.0546 0x1b68  TrustedInstaller - ok
11:59:18.0562 0x1b68  tsusbflt - ok
11:59:18.0577 0x1b68  TsUsbGD - ok
11:59:18.0593 0x1b68  tunnel - ok
11:59:18.0593 0x1b68  tzautoupdate - ok
11:59:18.0609 0x1b68  uagp35 - ok
11:59:18.0609 0x1b68  UASPStor - ok
11:59:18.0624 0x1b68  UcmCx0101 - ok
11:59:18.0624 0x1b68  UcmUcsi - ok
11:59:18.0646 0x1b68  Ucx01000 - ok
11:59:18.0646 0x1b68  UdeCx - ok
11:59:18.0662 0x1b68  udfs - ok
11:59:18.0662 0x1b68  UEFI - ok
11:59:18.0693 0x1b68  [ EE33325429532937D51AC3F54DC93589, D861B541E42F41EDC69A2A3B44860E40164D797D11B4343495DE6281D33F718C ] UEIPSvc         C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
11:59:18.0709 0x1b68  UEIPSvc - ok
11:59:18.0740 0x1b68  [ 05DD22294A4F3F89E52351C7721E6D2C, 300A7D4BD5F26814CF73400E01DEB810CA3F91BD190B3D37B74ADF080F582829 ] Ufx01000        C:\WINDOWS\system32\drivers\ufx01000.sys
11:59:18.0747 0x1b68  Ufx01000 - ok
11:59:18.0762 0x1b68  UfxChipidea - ok
11:59:18.0762 0x1b68  ufxsynopsys - ok
11:59:18.0778 0x1b68  UI0Detect - ok
11:59:18.0794 0x1b68  uliagpkx - ok
11:59:18.0794 0x1b68  umbus - ok
11:59:18.0809 0x1b68  UmPass - ok
11:59:18.0825 0x1b68  UmRdpService - ok
11:59:18.0825 0x1b68  UnistoreSvc - ok
11:59:18.0847 0x1b68  upnphost - ok
11:59:18.0863 0x1b68  UrsChipidea - ok
11:59:18.0863 0x1b68  UrsCx01000 - ok
11:59:18.0878 0x1b68  UrsSynopsys - ok
11:59:18.0878 0x1b68  usbccgp - ok
11:59:18.0894 0x1b68  usbcir - ok
11:59:18.0894 0x1b68  usbehci - ok
11:59:18.0909 0x1b68  usbhub - ok
11:59:18.0925 0x1b68  USBHUB3 - ok
11:59:18.0925 0x1b68  usbohci - ok
11:59:18.0944 0x1b68  usbprint - ok
11:59:18.0947 0x1b68  usbser - ok
11:59:18.0947 0x1b68  USBSTOR - ok
11:59:18.0963 0x1b68  usbuhci - ok
11:59:18.0963 0x1b68  usbvideo - ok
11:59:18.0978 0x1b68  USBXHCI - ok
11:59:18.0994 0x1b68  UserDataSvc - ok
11:59:19.0010 0x1b68  UserManager - ok
11:59:19.0010 0x1b68  UsoSvc - ok
11:59:19.0025 0x1b68  VaultSvc - ok
11:59:19.0025 0x1b68  vdrvroot - ok
11:59:19.0047 0x1b68  vds - ok
11:59:19.0047 0x1b68  VerifierExt - ok
11:59:19.0063 0x1b68  vhdmp - ok
11:59:19.0079 0x1b68  vhf - ok
11:59:19.0079 0x1b68  vmbus - ok
11:59:19.0094 0x1b68  VMBusHID - ok
11:59:19.0094 0x1b68  vmicguestinterface - ok
11:59:19.0110 0x1b68  vmicheartbeat - ok
11:59:19.0110 0x1b68  vmickvpexchange - ok
11:59:19.0126 0x1b68  vmicrdv - ok
11:59:19.0126 0x1b68  vmicshutdown - ok
11:59:19.0146 0x1b68  vmictimesync - ok
11:59:19.0148 0x1b68  vmicvmsession - ok
11:59:19.0148 0x1b68  vmicvss - ok
11:59:19.0163 0x1b68  volmgr - ok
11:59:19.0163 0x1b68  volmgrx - ok
11:59:19.0179 0x1b68  volsnap - ok
11:59:19.0195 0x1b68  vpci - ok
11:59:19.0197 0x1b68  vsmraid - ok
11:59:19.0213 0x1b68  VSS - ok
11:59:19.0213 0x1b68  VSTXRAID - ok
11:59:19.0228 0x1b68  vwifibus - ok
11:59:19.0228 0x1b68  vwififlt - ok
11:59:19.0248 0x1b68  vwifimp - ok
11:59:19.0248 0x1b68  W32Time - ok
11:59:19.0263 0x1b68  WacomPen - ok
11:59:19.0263 0x1b68  WalletService - ok
11:59:19.0279 0x1b68  wanarp - ok
11:59:19.0279 0x1b68  wanarpv6 - ok
11:59:19.0294 0x1b68  wbengine - ok
11:59:19.0294 0x1b68  WbioSrvc - ok
11:59:19.0310 0x1b68  Wcmsvc - ok
11:59:19.0326 0x1b68  wcncsvc - ok
11:59:19.0326 0x1b68  WcsPlugInService - ok
11:59:19.0343 0x1b68  WdBoot - ok
11:59:19.0347 0x1b68  Wdf01000 - ok
11:59:19.0347 0x1b68  WdFilter - ok
11:59:19.0363 0x1b68  WdiServiceHost - ok
11:59:19.0379 0x1b68  WdiSystemHost - ok
11:59:19.0379 0x1b68  wdiwifi - ok
11:59:19.0394 0x1b68  WdNisDrv - ok
11:59:19.0394 0x1b68  WdNisSvc - ok
11:59:19.0410 0x1b68  WebClient - ok
11:59:19.0410 0x1b68  Wecsvc - ok
11:59:19.0426 0x1b68  WEPHOSTSVC - ok
11:59:19.0426 0x1b68  wercplsupport - ok
11:59:19.0448 0x1b68  WerSvc - ok
11:59:19.0448 0x1b68  WFPLWFS - ok
11:59:19.0463 0x1b68  WiaRpc - ok
11:59:19.0463 0x1b68  WIMMount - ok
11:59:19.0479 0x1b68  WinDefend - ok
11:59:19.0495 0x1b68  WindowsTrustedRT - ok
11:59:19.0510 0x1b68  WindowsTrustedRTProxy - ok
11:59:19.0510 0x1b68  WinHttpAutoProxySvc - ok
11:59:19.0526 0x1b68  WinMad - ok
11:59:19.0544 0x1b68  Winmgmt - ok
11:59:19.0548 0x1b68  WinRM - ok
11:59:19.0563 0x1b68  WINUSB - ok
11:59:19.0579 0x1b68  WinVerbs - ok
11:59:19.0579 0x1b68  WlanSvc - ok
11:59:19.0595 0x1b68  wlidsvc - ok
11:59:19.0595 0x1b68  WmiAcpi - ok
11:59:19.0610 0x1b68  wmiApSrv - ok
11:59:19.0626 0x1b68  WMPNetworkSvc - ok
11:59:19.0647 0x1b68  [ 2A9650FCC696DB28E45EA8B33B99B8E6, FBEBC6C05D50F578C6EEE0A7285EBE1DEADB08DD21FA3232630FD8D5A68FC3FB ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
11:59:19.0648 0x1b68  Wof - ok
11:59:19.0664 0x1b68  workfolderssvc - ok
11:59:19.0664 0x1b68  wpcfltr - ok
11:59:19.0679 0x1b68  WPDBusEnum - ok
11:59:19.0679 0x1b68  WpdUpFltr - ok
11:59:19.0695 0x1b68  WpnService - ok
11:59:19.0711 0x1b68  ws2ifsl - ok
11:59:19.0726 0x1b68  [ 5B813FADEA5BE9195F01C83287F823F7, B186175B12AF444F987FE9F0F9D329A0F9186C06E3D228824E0929BB0084853F ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
11:59:19.0763 0x1b68  wscsvc - ok
11:59:19.0763 0x1b68  WSearch - ok
11:59:19.0779 0x1b68  WSService - ok
11:59:19.0794 0x1b68  wuauserv - ok
11:59:19.0794 0x1b68  WudfPf - ok
11:59:19.0810 0x1b68  WUDFRd - ok
11:59:19.0810 0x1b68  wudfsvc - ok
11:59:19.0826 0x1b68  WUDFWpdFs - ok
11:59:19.0826 0x1b68  WUDFWpdMtp - ok
11:59:19.0848 0x1b68  WwanSvc - ok
11:59:19.0848 0x1b68  XblAuthManager - ok
11:59:19.0863 0x1b68  XblGameSave - ok
11:59:19.0863 0x1b68  xboxgip - ok
11:59:19.0879 0x1b68  XboxNetApiSvc - ok
11:59:19.0879 0x1b68  xinputhid - ok
11:59:19.0895 0x1b68  ================ Scan global ===============================
11:59:19.0926 0x1b68  [ Global ] - ok
11:59:19.0926 0x1b68  ================ Scan MBR ==================================
11:59:19.0943 0x1b68  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
11:59:20.0010 0x1b68  \Device\Harddisk0\DR0 - ok
11:59:20.0010 0x1b68  ================ Scan VBR ==================================
11:59:20.0010 0x1b68  [ 3F7F83B9DCDB02F6022B7F5DC4231419 ] \Device\Harddisk0\DR0\Partition1
11:59:20.0026 0x1b68  \Device\Harddisk0\DR0\Partition1 - ok
11:59:20.0026 0x1b68  [ 56532BD10D388D68A5790778911CAD6F ] \Device\Harddisk0\DR0\Partition2
11:59:20.0026 0x1b68  \Device\Harddisk0\DR0\Partition2 - ok
11:59:20.0045 0x1b68  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
11:59:20.0045 0x1b68  \Device\Harddisk0\DR0\Partition3 - ok
11:59:20.0048 0x1b68  [ 6020D3AEAF6742AF54C56E8D5C897FE1 ] \Device\Harddisk0\DR0\Partition4
11:59:20.0048 0x1b68  \Device\Harddisk0\DR0\Partition4 - ok
11:59:20.0048 0x1b68  [ 7138D2B9F1779B36B7D86EB38D9C66EE ] \Device\Harddisk0\DR0\Partition5
11:59:20.0064 0x1b68  \Device\Harddisk0\DR0\Partition5 - ok
11:59:20.0064 0x1b68  ================ Scan generic autorun ======================
11:59:20.0867 0x1b68  [ 65E8545F1297CD83534C354A7BED1848, 19B3F3C17A335837454DC1851C6436D0BB2D8B1595AEB4DC71265FB20868B48F ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
11:59:21.0531 0x1b68  RtHDVCpl - ok
11:59:21.0631 0x1b68  [ 31821EC63BDEDE18E64C11F7248B32AB, 6982AE866F8EC7943FDB3E4B77B03542A2E3E07F080B8D806C4ED903DE3368CE ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
11:59:21.0700 0x1b68  RtHDVBg_Dolby - ok
11:59:21.0901 0x1b68  [ E445C0DB7E5E89C657FC89C0C4CCEDE5, ABD7A9B36CFD6740CE06456B152D9EB1856C11CD7FB2A34E06D63BAD0639B2A0 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
11:59:22.0036 0x1b68  NvBackend - ok
11:59:22.0036 0x1b68  ShadowPlay - ok
11:59:22.0051 0x1b68  [ 4470CF575CC1131CAC72FB3A386512ED, 70BEB0E8291FD864C86C6505AD336E04E29AC943891B60928126A6E323979A56 ] C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
11:59:22.0051 0x1b68  abDocsDllLoader - ok
11:59:22.0140 0x1b68  OneDriveSetup - ok
11:59:22.0156 0x1b68  OneDriveSetup - ok
11:59:22.0187 0x1b68  [ 8F2EA5EE0695CCE2285D92C44108375C, 2C96A8E7E41E87C27B6A3325526F99A03333357EF2682C17A4892BE4A58D157E ] C:\Users\sven\AppData\Local\Microsoft\OneDrive\OneDrive.exe
11:59:22.0224 0x1b68  OneDrive - ok
11:59:22.0224 0x1b68  Speech Recognition - ok
11:59:22.0756 0x1b68  [ 35C570B08308326298DB8298376226A8, 2932C15E6B8BC854C2648DBF66F14531A4CF672C5D84244C9310CA8EEE1C55BC ] C:\Program Files\CCleaner\CCleaner64.exe
11:59:23.0173 0x1b68  CCleaner Monitoring - ok
11:59:23.0189 0x1b68  Waiting for KSN requests completion. In queue: 33
11:59:23.0332 0x1b14  Object required for P2P: [ 8F2EA5EE0695CCE2285D92C44108375C ] C:\Users\sven\AppData\Local\Microsoft\OneDrive\OneDrive.exe
11:59:23.0548 0x1b14  Object send P2P result: true
11:59:24.0236 0x1b68  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.9.10586.672 ), 0x62100 ( disabled : updated )
11:59:24.0252 0x1b68  Win FW state via NFP2: enabled ( trusted )
11:59:24.0383 0x1b68  ============================================================
11:59:24.0383 0x1b68  Scan finished
11:59:24.0383 0x1b68  ============================================================
11:59:24.0383 0x1b64  Detected object count: 0
11:59:24.0383 0x1b64  Actual detected object count: 0
11:59:35.0169 0x0c60  ============================================================
11:59:35.0169 0x0c60  Scan started
11:59:35.0169 0x0c60  Mode: Manual; SigCheck; TDLFS; 
11:59:35.0169 0x0c60  ============================================================
11:59:35.0169 0x0c60  KSN ping started
11:59:35.0248 0x0c60  KSN ping finished: true
11:59:35.0694 0x0c60  ================ Scan system memory ========================
11:59:35.0694 0x0c60  System memory - ok
11:59:35.0695 0x0c60  ================ Scan services =============================
11:59:35.0777 0x0c60  1394ohci - ok
11:59:35.0777 0x0c60  3ware - ok
11:59:35.0794 0x0c60  ACPI - ok
11:59:35.0799 0x0c60  acpiex - ok
11:59:35.0799 0x0c60  acpipagr - ok
11:59:35.0815 0x0c60  AcpiPmi - ok
11:59:35.0830 0x0c60  acpitime - ok
11:59:35.0946 0x0c60  [ 9BAF21BA600EC4E5FD9A66AD3E4FF5A6, 5E02E5E80557F6EC870EB7CC2DE95169D4225B87A2FE7E796736205F51C15816 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:59:36.0015 0x0c60  AdobeFlashPlayerUpdateSvc - ok
11:59:36.0030 0x0c60  ADP80XX - ok
11:59:36.0046 0x0c60  AFD - ok
11:59:36.0046 0x0c60  agp440 - ok
11:59:36.0062 0x0c60  ahcache - ok
11:59:36.0077 0x0c60  AJRouter - ok
11:59:36.0077 0x0c60  ALG - ok
11:59:36.0095 0x0c60  AmdK8 - ok
11:59:36.0099 0x0c60  AmdPPM - ok
11:59:36.0099 0x0c60  amdsata - ok
11:59:36.0115 0x0c60  amdsbs - ok
11:59:36.0115 0x0c60  amdxata - ok
11:59:36.0131 0x0c60  AppID - ok
11:59:36.0146 0x0c60  AppIDSvc - ok
11:59:36.0146 0x0c60  Appinfo - ok
11:59:36.0162 0x0c60  AppReadiness - ok
11:59:36.0178 0x0c60  AppXSvc - ok
11:59:36.0178 0x0c60  arcsas - ok
11:59:36.0195 0x0c60  AsyncMac - ok
11:59:36.0200 0x0c60  atapi - ok
11:59:36.0231 0x0c60  [ 48386DDF416537A107F19FF51148C613, 7D423F36AC0AB59D0303EAF1914154FD57B20A81E1D8CB657E8DB6CCE19509A5 ] AtherosSvc      C:\Program Files (x86)\Qualcomm Atheros\Qualcomm Atheros 61x4 Wireless LAN&Bluetooth Installer\Bluetooth Suite\adminservice.exe
11:59:36.0262 0x0c60  AtherosSvc - detected UnsignedFile.Multi.Generic ( 1 )
11:59:36.0431 0x0c60  AtherosSvc ( UnsignedFile.Multi.Generic ) - warning
11:59:36.0578 0x0c60  AudioEndpointBuilder - ok
11:59:36.0595 0x0c60  Audiosrv - ok
11:59:36.0600 0x0c60  AxInstSV - ok
11:59:36.0600 0x0c60  b06bdrv - ok
11:59:36.0616 0x0c60  BasicDisplay - ok
11:59:36.0616 0x0c60  BasicRender - ok
11:59:36.0632 0x0c60  bcmfn - ok
11:59:36.0648 0x0c60  bcmfn2 - ok
11:59:36.0648 0x0c60  BDESVC - ok
11:59:36.0663 0x0c60  Beep - ok
11:59:36.0663 0x0c60  BFE - ok
11:59:36.0679 0x0c60  BITS - ok
11:59:36.0679 0x0c60  bowser - ok
11:59:36.0700 0x0c60  BrokerInfrastructure - ok
11:59:36.0700 0x0c60  Browser - ok
11:59:36.0748 0x0c60  [ 2C1E8FAD28807F93B5A775B3095BF28A, 24A9FE132CCEF483EA1406EA128515ED071BD99A33DF05890E1398E297C897DD ] BtFilter        C:\WINDOWS\system32\DRIVERS\btfilter.sys
11:59:36.0801 0x0c60  BtFilter - ok
11:59:36.0801 0x0c60  BthAvrcpTg - ok
11:59:36.0817 0x0c60  BthEnum - ok
11:59:36.0832 0x0c60  BthHFEnum - ok
11:59:36.0832 0x0c60  bthhfhid - ok
11:59:36.0848 0x0c60  BthHFSrv - ok
11:59:36.0848 0x0c60  BthLEEnum - ok
11:59:36.0864 0x0c60  BTHMODEM - ok
11:59:36.0864 0x0c60  BthPan - ok
11:59:36.0879 0x0c60  BTHPORT - ok
11:59:36.0879 0x0c60  bthserv - ok
11:59:36.0900 0x0c60  BTHUSB - ok
11:59:36.0901 0x0c60  buttonconverter - ok
11:59:36.0901 0x0c60  CapImg - ok
11:59:37.0048 0x0c60  [ 4147B5CA0C368FFE0FCE4116F558986A, F466B4556A140321B8F87C486CEBFB223D37526D877343BB6DA8FEFD03E16396 ] CCDMonitorService C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
11:59:37.0249 0x0c60  CCDMonitorService - ok
11:59:37.0265 0x0c60  cdfs - ok
11:59:37.0265 0x0c60  CDPSvc - ok
11:59:37.0280 0x0c60  cdrom - ok
11:59:37.0280 0x0c60  CertPropSvc - ok
11:59:37.0300 0x0c60  circlass - ok
11:59:37.0302 0x0c60  CLFS - ok
11:59:37.0302 0x0c60  ClipSVC - ok
11:59:37.0333 0x0c60  CmBatt - ok
11:59:37.0333 0x0c60  CNG - ok
11:59:37.0349 0x0c60  cnghwassist - ok
11:59:37.0380 0x0c60  CompositeBus - ok
11:59:37.0399 0x0c60  COMSysApp - ok
11:59:37.0402 0x0c60  condrv - ok
11:59:37.0402 0x0c60  CoreMessagingRegistrar - ok
11:59:37.0534 0x0c60  [ 700A193A1555B083E3A08F5D3A844925, 974F7F0C78289EFE821407E418EB65A022D6445DED8EA112B9866784AF0221EE ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
11:59:37.0580 0x0c60  cphs - ok
11:59:37.0602 0x0c60  [ 9E79A2208A9ED205A7383CBC92C28053, 2E6599DF30DF19BD7BE6FEF1B21FED7F349A3F2306CC5CFDB767ABA7283E8A55 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
11:59:37.0649 0x0c60  CryptSvc - ok
11:59:37.0665 0x0c60  dam - ok
11:59:37.0665 0x0c60  DcomLaunch - ok
11:59:37.0680 0x0c60  DcpSvc - ok
11:59:37.0680 0x0c60  defragsvc - ok
11:59:37.0701 0x0c60  DeviceAssociationService - ok
11:59:37.0702 0x0c60  DeviceInstall - ok
11:59:37.0702 0x0c60  DevQueryBroker - ok
11:59:37.0718 0x0c60  Dfsc - ok
11:59:37.0734 0x0c60  [ 9593475FBC857A05D93BFF4FA7323C2B, D2A958AF5EFDC6136A6ABB7F8D5FE1F84C967E79BEA96C5BE3661A0145DEB907 ] dg_ssudbus      C:\WINDOWS\system32\DRIVERS\ssudbus.sys
11:59:37.0765 0x0c60  dg_ssudbus - ok
11:59:37.0798 0x0c60  [ D461D2BECEFA661291EB1B748A8D2CCB, 7275859FCDE58DE6C0C683AFDAD910EB4602336CC724EEE42495A8839213469D ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
11:59:37.0865 0x0c60  Dhcp - ok
11:59:37.0865 0x0c60  diagnosticshub.standardcollector.service - ok
11:59:37.0881 0x0c60  DiagTrack - ok
11:59:37.0918 0x0c60  [ 1CFFF6D1E6E192B1E81B6DA3E94C0D4C, 742917C923D8B222F78074B8A7F251A89C488B0CC0FA782D099D4A25841073E1 ] DigitalWave.Update.Service C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
11:59:37.0949 0x0c60  DigitalWave.Update.Service - ok
11:59:37.0965 0x0c60  disk - ok
11:59:37.0965 0x0c60  DmEnrollmentSvc - ok
11:59:37.0981 0x0c60  dmvsc - ok
11:59:37.0981 0x0c60  dmwappushservice - ok
11:59:37.0998 0x0c60  Dnscache - ok
11:59:38.0003 0x0c60  dot3svc - ok
11:59:38.0018 0x0c60  DPS - ok
11:59:38.0018 0x0c60  drmkaud - ok
11:59:38.0034 0x0c60  DsmSvc - ok
11:59:38.0050 0x0c60  DsSvc - ok
11:59:38.0050 0x0c60  DXGKrnl - ok
11:59:38.0065 0x0c60  Eaphost - ok
11:59:38.0065 0x0c60  ebdrv - ok
11:59:38.0081 0x0c60  EFS - ok
11:59:38.0081 0x0c60  EhStorClass - ok
11:59:38.0102 0x0c60  EhStorTcgDrv - ok
11:59:38.0102 0x0c60  embeddedmode - ok
11:59:38.0119 0x0c60  EntAppSvc - ok
11:59:38.0281 0x0c60  [ F800FEA3F6865E506AC2B218F25F1E38, 25E8EE3D009D52EDEF9F67587EA8E9E0FFD6094F3971B9470B0A7AC018AD469D ] ePowerSvc       C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
11:59:38.0450 0x0c60  ePowerSvc - ok
11:59:38.0466 0x0c60  ErrDev - ok
11:59:38.0534 0x0c60  EventSystem - ok
11:59:38.0534 0x0c60  exfat - ok
11:59:38.0550 0x0c60  fastfat - ok
11:59:38.0566 0x0c60  Fax - ok
11:59:38.0566 0x0c60  fdc - ok
11:59:38.0581 0x0c60  fdPHost - ok
11:59:38.0581 0x0c60  FDResPub - ok
11:59:38.0603 0x0c60  fhsvc - ok
11:59:38.0603 0x0c60  FileCrypt - ok
11:59:38.0619 0x0c60  FileInfo - ok
11:59:38.0619 0x0c60  Filetrace - ok
11:59:38.0634 0x0c60  flpydisk - ok
11:59:38.0634 0x0c60  FltMgr - ok
11:59:38.0650 0x0c60  FontCache - ok
11:59:38.0650 0x0c60  FontCache3.0.0.0 - ok
11:59:38.0666 0x0c60  FsDepends - ok
11:59:38.0666 0x0c60  Fs_Rec - ok
11:59:38.0681 0x0c60  fvevol - ok
11:59:38.0703 0x0c60  gagp30kx - ok
11:59:38.0703 0x0c60  gencounter - ok
11:59:38.0719 0x0c60  genericusbfn - ok
11:59:38.0819 0x0c60  [ 061CC5C12C39899D7398CFEBFD19F69F, 62319596863A74665FA801C305C952A0F20AAA0F1CDC2195F2F69D662790C80B ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
11:59:38.0904 0x0c60  GfExperienceService - ok
11:59:38.0919 0x0c60  GPIOClx0101 - ok
11:59:39.0004 0x0c60  [ B89C353AFC8F56D961D07FF1FE7B4BCD, C4491A1E33E0151AF3D7589769D4DCFABC68518A22393A7584FB573B47643B2F ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
11:59:39.0166 0x0c60  gpsvc - ok
11:59:39.0182 0x0c60  GpuEnergyDrv - ok
11:59:39.0201 0x0c60  HDAudBus - ok
11:59:39.0203 0x0c60  HidBatt - ok
11:59:39.0203 0x0c60  HidBth - ok
11:59:39.0219 0x0c60  hidi2c - ok
11:59:39.0219 0x0c60  hidinterrupt - ok
11:59:39.0235 0x0c60  HidIr - ok
11:59:39.0251 0x0c60  hidserv - ok
11:59:39.0251 0x0c60  [ 128DEDDD61915DBA4D451D91D21F0513, 961A0DDA02B0879989300C15E4FF9022882A4CD895D65335C263AC0DD1918314 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
11:59:39.0299 0x0c60  HidUsb - ok
11:59:39.0304 0x0c60  HomeGroupListener - ok
11:59:39.0304 0x0c60  HomeGroupProvider - ok
11:59:39.0320 0x0c60  HpSAMD - ok
11:59:39.0320 0x0c60  HTTP - ok
11:59:39.0335 0x0c60  hwpolicy - ok
11:59:39.0351 0x0c60  hyperkbd - ok
11:59:39.0351 0x0c60  i8042prt - ok
11:59:39.0367 0x0c60  iai2c - ok
11:59:39.0367 0x0c60  iaLPSS2i_I2C - ok
11:59:39.0382 0x0c60  iaLPSSi_GPIO - ok
11:59:39.0382 0x0c60  iaLPSSi_I2C - ok
11:59:39.0402 0x0c60  iaStorAV - ok
11:59:39.0404 0x0c60  iaStorV - ok
11:59:39.0404 0x0c60  ibbus - ok
11:59:39.0436 0x0c60  [ 57C88C15CEC97318F580D7F4327AAA46, FD3AD83576804DA819F48E3E198FE470420E730F6118AD0E719A91E67C80D3FE ] icssvc          C:\WINDOWS\System32\tetheringservice.dll
11:59:39.0504 0x0c60  icssvc - ok
11:59:39.0505 0x0c60  IEEtwCollectorService - ok
11:59:39.0883 0x0c60  [ 548712979B0BA12ECE2D8549797593D4, 6809412A76DE30C914A65BB8546E436AD540E00610D5D13FDE486C4446E95C24 ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
11:59:40.0284 0x0c60  igfx - ok
11:59:40.0338 0x0c60  [ BA1BA1C9E40BCEB88678747C1E7C256F, C85CC690D353FCEBFD243304C25EEAA2BC13DB1E2A4C8C65371F455511540959 ] igfxCUIService2.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
11:59:40.0385 0x0c60  igfxCUIService2.0.0.0 - ok
11:59:40.0402 0x0c60  IKEEXT - ok
11:59:40.0407 0x0c60  [ FC7C456AF9B9811499EDBD10616832EE, CA2D8B0E672D3AE449C2FF0B9E142D74E8C72FD877D11162A9F7CC51AF58220F ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
11:59:40.0423 0x0c60  intaud_WaveExtensible - ok
11:59:40.0686 0x0c60  [ 622868E4BAE8FBCD22CB1A5901A2C824, C1A2264C0984DD16C83B663C9CE43E049E1356E32C5771C3ACE225F285699138 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
11:59:40.0990 0x0c60  IntcAzAudAddService - ok
11:59:41.0034 0x0c60  [ 890144FA6AB42F2B54EE633BF96A019A, 8741904C66170BA11C78D31681E3759537C0BF2338538678BC64234DB8FDE93F ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
11:59:41.0065 0x0c60  IntcDAud - ok
11:59:41.0134 0x0c60  [ 4C17F57E43645E75800E9E84787E34E5, 6A1531D97462BA3B3DBDAD472AF15B717C958AA8C5CE2373DE0B2A41C35BE33E ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
11:59:41.0196 0x0c60  Intel(R) Capability Licensing Service TCP IP Interface - ok
11:59:41.0218 0x0c60  [ 2390C395882F7773AB7D6CC2547B41DE, 220EBA14BC4A686ED9879D27900AD66ACD937899759A4319297E0F15DFAB247C ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
11:59:41.0250 0x0c60  Intel(R) ME Service - ok
11:59:41.0250 0x0c60  intelide - ok
11:59:41.0265 0x0c60  intelpep - ok
11:59:41.0265 0x0c60  intelppm - ok
11:59:41.0281 0x0c60  IoQos - ok
11:59:41.0281 0x0c60  IpFilterDriver - ok
11:59:41.0350 0x0c60  [ 5AAB28A6AC2AAC9F66D4EAB6695D0474, BDAB1D04989788EA945C7FE0DE962F0FEC672D9703C271F8469822A91D7462B9 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
11:59:41.0482 0x0c60  iphlpsvc - ok
11:59:41.0497 0x0c60  IPMIDRV - ok
11:59:41.0497 0x0c60  IPNAT - ok
11:59:41.0514 0x0c60  IRENUM - ok
11:59:41.0519 0x0c60  isapnp - ok
11:59:41.0519 0x0c60  iScsiPrt - ok
11:59:41.0535 0x0c60  [ 622BF9C46A47CF17608C501320E8EFBD, 059F99D4306216324E100FCDAF02093B2CD662F2C6BE8565A4281E7760F8B575 ] iumsvc          C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
11:59:41.0581 0x0c60  iumsvc - ok
11:59:41.0597 0x0c60  [ A90C843F4FDD7A07129BA73C6BE13976, A76DEA9F09E3B2F18D3B646A0DD39E2773EC62E2F3C55421BA61C12190D78C1C ] iwdbus          C:\WINDOWS\System32\drivers\iwdbus.sys
11:59:41.0619 0x0c60  iwdbus - ok
11:59:41.0635 0x0c60  [ BDC9C7931DB723CB1AF9F7075EA06645, EEBD5DC9C4656F14F8F0A0A5E84657B6B2BA35283E0E571119DA82F131D5C21B ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
11:59:41.0651 0x0c60  jhi_service - ok
11:59:41.0666 0x0c60  k57nd60a - ok
11:59:41.0666 0x0c60  kbdclass - ok
11:59:41.0682 0x0c60  kbdhid - ok
11:59:41.0682 0x0c60  kdnic - ok
11:59:41.0697 0x0c60  KeyIso - ok
11:59:41.0697 0x0c60  KSecDD - ok
11:59:41.0720 0x0c60  KSecPkg - ok
11:59:41.0720 0x0c60  ksthunk - ok
11:59:41.0735 0x0c60  KtmRm - ok
11:59:41.0735 0x0c60  LanmanServer - ok
11:59:41.0751 0x0c60  LanmanWorkstation - ok
11:59:41.0751 0x0c60  lfsvc - ok
11:59:41.0766 0x0c60  LicenseManager - ok
11:59:41.0782 0x0c60  lltdio - ok
11:59:41.0782 0x0c60  lltdsvc - ok
11:59:41.0798 0x0c60  [ 4ACC60B4CBC911F3F34A1D66213BBBF5, C09A87ACAE0D41FD425BAF076FFE9B601DB89BB66199E5BD72FC59C6A8E449DB ] LMDriver        C:\WINDOWS\System32\drivers\LMDriver.sys
11:59:41.0819 0x0c60  LMDriver - ok
11:59:41.0819 0x0c60  lmhosts - ok
11:59:41.0851 0x0c60  [ A7D2A96187E5C5F4F7650900A15788AA, F131C3E8206A89A9244ECF2507F4FC1A8550E594A58F75338939A54C973078AF ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
11:59:41.0882 0x0c60  LMS - ok
11:59:41.0920 0x0c60  [ 5059A4211317A8272F53B6179BB6A631, A2EB1BE89520A34597373635503A751B37B8EFD95820B4CAA1CE9A68A471AF73 ] LMSvc           C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
11:59:41.0967 0x0c60  LMSvc - ok
11:59:41.0982 0x0c60  LSI_SAS - ok
11:59:41.0998 0x0c60  LSI_SAS2i - ok
11:59:41.0998 0x0c60  LSI_SAS3i - ok
11:59:42.0016 0x0c60  LSI_SSS - ok
11:59:42.0020 0x0c60  LSM - ok
11:59:42.0020 0x0c60  luafv - ok
11:59:42.0036 0x0c60  MapsBroker - ok
11:59:42.0036 0x0c60  megasas - ok
11:59:42.0051 0x0c60  megasr - ok
11:59:42.0067 0x0c60  [ AFEA4FAABCE6F0C299E9231FF4F466BE, BCF0C50F02C4AC2784139935F3756F5C4D24FCAF07ACD9567B87991A9D1F16DB ] MEIx64          C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys
11:59:42.0083 0x0c60  MEIx64 - ok
11:59:42.0098 0x0c60  MessagingService - ok
11:59:42.0121 0x0c60  mlx4_bus - ok
11:59:42.0121 0x0c60  MMCSS - ok
11:59:42.0136 0x0c60  Modem - ok
11:59:42.0136 0x0c60  monitor - ok
11:59:42.0152 0x0c60  mouclass - ok
11:59:42.0152 0x0c60  mouhid - ok
11:59:42.0167 0x0c60  mountmgr - ok
11:59:42.0183 0x0c60  [ C1A273141F13434647AC7CE37D2C18EC, F36D1A12DB8289949528F4BC81E077B33709F9B14A01537EEA63F27FFA17092D ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:59:42.0221 0x0c60  MozillaMaintenance - ok
11:59:42.0236 0x0c60  mpsdrv - ok
11:59:42.0236 0x0c60  MpsSvc - ok
11:59:42.0252 0x0c60  MRxDAV - ok
11:59:42.0252 0x0c60  mrxsmb - ok
11:59:42.0268 0x0c60  mrxsmb10 - ok
11:59:42.0268 0x0c60  mrxsmb20 - ok
11:59:42.0283 0x0c60  MsBridge - ok
11:59:42.0283 0x0c60  MSDTC - ok
11:59:42.0299 0x0c60  Msfs - ok
11:59:42.0321 0x0c60  msgpiowin32 - ok
11:59:42.0321 0x0c60  mshidkmdf - ok
11:59:42.0336 0x0c60  mshidumdf - ok
11:59:42.0336 0x0c60  msisadrv - ok
11:59:42.0352 0x0c60  MSiSCSI - ok
11:59:42.0352 0x0c60  msiserver - ok
11:59:42.0368 0x0c60  MSKSSRV - ok
11:59:42.0368 0x0c60  MsLldp - ok
11:59:42.0383 0x0c60  MSPCLOCK - ok
11:59:42.0399 0x0c60  MSPQM - ok
11:59:42.0399 0x0c60  MsRPC - ok
11:59:42.0421 0x0c60  mssmbios - ok
11:59:42.0421 0x0c60  MSTEE - ok
11:59:42.0437 0x0c60  MTConfig - ok
11:59:42.0437 0x0c60  Mup - ok
11:59:42.0452 0x0c60  mvumis - ok
11:59:42.0452 0x0c60  NativeWifiP - ok
11:59:42.0468 0x0c60  NcaSvc - ok
11:59:42.0468 0x0c60  NcbService - ok
11:59:42.0483 0x0c60  NcdAutoSetup - ok
11:59:42.0483 0x0c60  ndfltr - ok
11:59:42.0499 0x0c60  NDIS - ok
11:59:42.0515 0x0c60  NdisCap - ok
11:59:42.0521 0x0c60  NdisImPlatform - ok
11:59:42.0521 0x0c60  NdisTapi - ok
11:59:42.0537 0x0c60  Ndisuio - ok
11:59:42.0537 0x0c60  NdisVirtualBus - ok
11:59:42.0552 0x0c60  NdisWan - ok
11:59:42.0552 0x0c60  ndiswanlegacy - ok
11:59:42.0568 0x0c60  ndproxy - ok
11:59:42.0584 0x0c60  [ 883A36E2FF7FA3E1281CB575579FE3AF, F1BE02B13C090E2E36BD211055FC980E79BD14F72042773A3619A5143AAEE485 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
11:59:42.0621 0x0c60  Ndu - ok
11:59:42.0637 0x0c60  NetBIOS - ok
11:59:42.0668 0x0c60  [ C03E926B0E7D66D68994067231DC3246, 1895BE28921431AA78BEF9AFE01411FE8CDA570867E527E4D925E6FAA35D8BC0 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
11:59:42.0721 0x0c60  NetBT - ok
11:59:42.0721 0x0c60  Netlogon - ok
11:59:42.0737 0x0c60  Netman - ok
11:59:42.0737 0x0c60  netprofm - ok
11:59:42.0753 0x0c60  NetSetupSvc - ok
11:59:42.0768 0x0c60  NetTcpPortSharing - ok
11:59:42.0784 0x0c60  NgcCtnrSvc - ok
11:59:42.0784 0x0c60  NgcSvc - ok
11:59:42.0799 0x0c60  NlaSvc - ok
11:59:42.0799 0x0c60  Npfs - ok
11:59:42.0818 0x0c60  npsvctrig - ok
11:59:42.0822 0x0c60  nsi - ok
11:59:42.0822 0x0c60  nsiproxy - ok
11:59:42.0837 0x0c60  NTFS - ok
11:59:42.0853 0x0c60  Null - ok
11:59:43.0521 0x0c60  [ AEEA2EC9CEEB8ADE8284583BBB98AB0D, AB629C047EFB8F5CF13FF923C332A05CD3F510A8C07D2EA6D3C493E2533DB1E0 ] nvlddmkm        C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
11:59:44.0222 0x0c60  nvlddmkm - ok
11:59:44.0360 0x0c60  [ 1E3277F1C9F62F90488D02869A9522B7, 464870ACE9BDF7A6A9C46701209BEED5C33454CFF44CDABEAF871E06F23FEF17 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
11:59:44.0502 0x0c60  NvNetworkService - ok
11:59:44.0516 0x0c60  nvraid - ok
11:59:44.0524 0x0c60  nvstor - ok
11:59:44.0536 0x0c60  [ 59A8DE923619F3DC0C6C63DC33FB231E, 29D20EA3EB9599DE829A0630F2063D5DFD2263E9222CD4E3559725792D1454A5 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
11:59:44.0553 0x0c60  NvStreamKms - ok
11:59:44.0915 0x0c60  [ 9B4B3747C6756F49B986398A46EC1FE0, D0A25F07CBFB39B86DCB148A2EC8F01FDDD9B6D994418C54F49AA2B782CE9811 ] NvStreamNetworkSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
11:59:45.0328 0x0c60  NvStreamNetworkSvc - ok
11:59:45.0623 0x0c60  [ 266512CCC3B2E195CDE3A7A2C98A353A, DCB6C88A32FE3EE11D4FF242DE6E52B3C576C2EA4E4A5A245B4451CDEDCE94B0 ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
11:59:45.0940 0x0c60  NvStreamSvc - ok
11:59:46.0009 0x0c60  [ 1B44B5244EAF26BEC315AE84B0AFFC66, 760F376FFF7665E32718E890387CA2404D70DED2D2694A1647483722287D01B8 ] nvsvc           C:\WINDOWS\system32\nvvsvc.exe
11:59:46.0102 0x0c60  nvsvc - ok
11:59:46.0115 0x0c60  [ 64E8275CEAD43D3CA8E3A311B2F4B64A, 99E683890B9AF3243100B387317760B5F91745EF9F7FF2ABA2DC7B6551A6EAB6 ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
11:59:46.0118 0x0c60  nvvad_WaveExtensible - ok
11:59:46.0134 0x0c60  nv_agp - ok
11:59:46.0149 0x0c60  OneSyncSvc - ok
11:59:46.0165 0x0c60  p2pimsvc - ok
11:59:46.0165 0x0c60  p2psvc - ok
11:59:46.0181 0x0c60  Parport - ok
11:59:46.0196 0x0c60  [ D330D74B5F99309B5CCA30AE41C57CDE, AE5186CB4B639A5241BF0D17FE8A73D6DAFA505C31E250EA225CD498C8A4A07E ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
11:59:46.0234 0x0c60  partmgr - ok
11:59:46.0250 0x0c60  PcaSvc - ok
11:59:46.0250 0x0c60  pci - ok
11:59:46.0265 0x0c60  pciide - ok
11:59:46.0265 0x0c60  pcmcia - ok
11:59:46.0281 0x0c60  pcw - ok
11:59:46.0281 0x0c60  pdc - ok
11:59:46.0296 0x0c60  PEAUTH - ok
11:59:46.0296 0x0c60  percsas2i - ok
11:59:46.0317 0x0c60  percsas3i - ok
11:59:46.0418 0x0c60  PerfHost - ok
11:59:46.0434 0x0c60  PhoneSvc - ok
11:59:46.0450 0x0c60  PimIndexMaintenanceSvc - ok
11:59:46.0465 0x0c60  pla - ok
11:59:46.0481 0x0c60  PlugPlay - ok
11:59:46.0481 0x0c60  PNRPAutoReg - ok
11:59:46.0497 0x0c60  PNRPsvc - ok
11:59:46.0534 0x0c60  [ D67052BD0DA9C17BCBBF8AB5B6D354EE, 7FE9B414C74CF69E531B27C506216F7F5CBE00B67E90305A4A4A2ECADAA4F349 ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
11:59:46.0597 0x0c60  PolicyAgent - ok
11:59:46.0619 0x0c60  Power - ok
11:59:46.0619 0x0c60  PptpMiniport - ok
11:59:46.0819 0x0c60  [ 2195908CEF288E1C10E5266B9DF75D29, 30E0664A03C58DD3B325A9A4A248AD1FA9297DD65F0D472C3AD90E21B238169F ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
11:59:47.0193 0x0c60  PrintNotify - ok
11:59:47.0210 0x0c60  Processor - ok
11:59:47.0217 0x0c60  ProfSvc - ok
11:59:47.0219 0x0c60  Psched - ok
11:59:47.0251 0x0c60  [ 2ACAB8C99FFCB2555A5979944D26EB50, BA0543FEBFCB50A7A379D695F110DB0C6CB5AA299D3C517FE270635044F00BFA ] QASvc           C:\Program Files\Acer\Acer Quick Access\QASvc.exe
11:59:47.0298 0x0c60  QASvc - ok
11:59:47.0314 0x0c60  Qcamain10x64 - ok
11:59:47.0320 0x0c60  QWAVE - ok
11:59:47.0320 0x0c60  QWAVEdrv - ok
11:59:47.0336 0x0c60  [ 6A52182919E25FB56D253D389F92CE98, AE6497D5CF324CB813248ADECB0F53E5CB3D6C326774E2257319E4CE7782C591 ] RadioShim       C:\WINDOWS\System32\drivers\RadioShim.sys
11:59:47.0351 0x0c60  RadioShim - ok
11:59:47.0351 0x0c60  RasAcd - ok
11:59:47.0367 0x0c60  RasAgileVpn - ok
11:59:47.0367 0x0c60  RasAuto - ok
11:59:47.0382 0x0c60  Rasl2tp - ok
11:59:47.0398 0x0c60  RasMan - ok
11:59:47.0398 0x0c60  RasPppoe - ok
11:59:47.0419 0x0c60  RasSstp - ok
11:59:47.0420 0x0c60  rdbss - ok
11:59:47.0436 0x0c60  rdpbus - ok
11:59:47.0452 0x0c60  RDPDR - ok
11:59:47.0467 0x0c60  RdpVideoMiniport - ok
11:59:47.0467 0x0c60  rdyboost - ok
11:59:47.0483 0x0c60  ReFSv1 - ok
11:59:47.0483 0x0c60  RemoteAccess - ok
11:59:47.0498 0x0c60  RemoteRegistry - ok
11:59:47.0516 0x0c60  RetailDemo - ok
11:59:47.0520 0x0c60  RFCOMM - ok
11:59:47.0536 0x0c60  [ 41DDCF1ADD1FB7DE23DCF671740DDBE6, 87ECB5C883CEFF76D126A5B4D92E069C9298FA5B62CC981870F9ECCA13C074F1 ] RichVideo       C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
11:59:47.0583 0x0c60  RichVideo - ok
11:59:47.0620 0x0c60  [ 858DB87C457D2B44DDEF876B170AAACE, E59D06DCBD94573A89D98B58C46A3DA0AD115831D2A0FBD2F7940A6694504A28 ] RMSvc           C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
11:59:47.0667 0x0c60  RMSvc - ok
11:59:47.0667 0x0c60  RpcEptMapper - ok
11:59:47.0683 0x0c60  RpcLocator - ok
11:59:47.0683 0x0c60  RpcSs - ok
11:59:47.0698 0x0c60  rspndr - ok
11:59:47.0720 0x0c60  [ 3940780911A7BD1793B7CEEC9E4429C2, 539511D26D2EE348F80D9EFA414FD731983B14D8218E498217E7A0A0E439E41C ] RTSUER          C:\WINDOWS\system32\Drivers\RtsUer.sys
11:59:47.0783 0x0c60  RTSUER - ok
11:59:47.0799 0x0c60  s3cap - ok
11:59:47.0799 0x0c60  SamSs - ok
11:59:47.0820 0x0c60  sbp2port - ok
11:59:47.0820 0x0c60  SCardSvr - ok
11:59:47.0836 0x0c60  ScDeviceEnum - ok
11:59:47.0836 0x0c60  scfilter - ok
11:59:47.0852 0x0c60  Schedule - ok
11:59:47.0852 0x0c60  SCPolicySvc - ok
11:59:47.0867 0x0c60  sdbus - ok
11:59:47.0883 0x0c60  SDRSVC - ok
11:59:47.0883 0x0c60  sdstor - ok
11:59:47.0899 0x0c60  seclogon - ok
11:59:47.0899 0x0c60  SENS - ok
11:59:47.0921 0x0c60  SensorDataService - ok
11:59:47.0921 0x0c60  SensorService - ok
11:59:47.0936 0x0c60  SensrSvc - ok
11:59:47.0936 0x0c60  SerCx - ok
11:59:47.0952 0x0c60  SerCx2 - ok
11:59:47.0968 0x0c60  Serenum - ok
11:59:47.0968 0x0c60  Serial - ok
11:59:47.0983 0x0c60  sermouse - ok
11:59:47.0999 0x0c60  SessionEnv - ok
11:59:48.0017 0x0c60  sfloppy - ok
11:59:48.0021 0x0c60  SharedAccess - ok
11:59:48.0037 0x0c60  ShellHWDetection - ok
11:59:48.0037 0x0c60  SiSRaid2 - ok
11:59:48.0052 0x0c60  SiSRaid4 - ok
11:59:48.0052 0x0c60  smphost - ok
11:59:48.0068 0x0c60  SmsRouter - ok
11:59:48.0084 0x0c60  SNMPTRAP - ok
11:59:48.0099 0x0c60  spaceport - ok
11:59:48.0099 0x0c60  SpbCx - ok
11:59:48.0118 0x0c60  Spooler - ok
11:59:48.0121 0x0c60  sppsvc - ok
11:59:48.0121 0x0c60  srv - ok
11:59:48.0137 0x0c60  srv2 - ok
11:59:48.0137 0x0c60  srvnet - ok
11:59:48.0152 0x0c60  SSDPSRV - ok
11:59:48.0168 0x0c60  SstpSvc - ok
11:59:48.0184 0x0c60  [ 592FF34A2FD6C6351B8A3AA76B2C0A9E, 152B7472DE531AC45492F562DD470B2CE33F1EEF13BC78F26046AE5ABF54E32F ] ssudmdm         C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
11:59:48.0221 0x0c60  ssudmdm - ok
11:59:48.0221 0x0c60  StateRepository - ok
11:59:48.0237 0x0c60  stexstor - ok
11:59:48.0237 0x0c60  stisvc - ok
11:59:48.0253 0x0c60  storahci - ok
11:59:48.0253 0x0c60  storflt - ok
11:59:48.0268 0x0c60  stornvme - ok
11:59:48.0268 0x0c60  storqosflt - ok
11:59:48.0284 0x0c60  StorSvc - ok
11:59:48.0299 0x0c60  storufs - ok
11:59:48.0299 0x0c60  storvsc - ok
11:59:48.0322 0x0c60  svsvc - ok
11:59:48.0322 0x0c60  swenum - ok
11:59:48.0337 0x0c60  swprv - ok
11:59:48.0353 0x0c60  Synth3dVsc - ok
11:59:48.0368 0x0c60  SysMain - ok
11:59:48.0384 0x0c60  [ FA8E0A9C648035CA1B47C9DA77EDB7EA, 4097AB89D2DB4741B138F3939AED4C5DB00BA124BF66E5DC2218ACF3A37513A3 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
11:59:48.0469 0x0c60  SystemEventsBroker - ok
11:59:48.0484 0x0c60  TabletInputService - ok
11:59:48.0484 0x0c60  TapiSrv - ok
11:59:48.0500 0x0c60  Tcpip - ok
11:59:48.0500 0x0c60  Tcpip6 - ok
11:59:48.0522 0x0c60  tcpipreg - ok
11:59:48.0522 0x0c60  tdx - ok
11:59:48.0538 0x0c60  terminpt - ok
11:59:48.0553 0x0c60  TermService - ok
11:59:48.0553 0x0c60  Themes - ok
11:59:48.0569 0x0c60  TieringEngineService - ok
11:59:48.0569 0x0c60  tiledatamodelsvc - ok
11:59:48.0585 0x0c60  TimeBroker - ok
11:59:48.0600 0x0c60  [ 87B9ABB965F7AF987D52791F0DD1663D, 6E42F764D47ACAD644E5F547E503B7AEA8D700C335674D1B0EB5493914F747E7 ] TPM             C:\WINDOWS\System32\drivers\tpm.sys
11:59:48.0638 0x0c60  TPM - ok
11:59:48.0654 0x0c60  TrkWks - ok
11:59:48.0654 0x0c60  TrustedInstaller - ok
11:59:48.0669 0x0c60  tsusbflt - ok
11:59:48.0685 0x0c60  TsUsbGD - ok
11:59:48.0685 0x0c60  tunnel - ok
11:59:48.0701 0x0c60  tzautoupdate - ok
11:59:48.0701 0x0c60  uagp35 - ok
11:59:48.0723 0x0c60  UASPStor - ok
11:59:48.0723 0x0c60  UcmCx0101 - ok
11:59:48.0738 0x0c60  UcmUcsi - ok
11:59:48.0738 0x0c60  Ucx01000 - ok
11:59:48.0754 0x0c60  UdeCx - ok
11:59:48.0754 0x0c60  udfs - ok
11:59:48.0770 0x0c60  UEFI - ok
11:59:48.0801 0x0c60  [ EE33325429532937D51AC3F54DC93589, D861B541E42F41EDC69A2A3B44860E40164D797D11B4343495DE6281D33F718C ] UEIPSvc         C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
11:59:48.0823 0x0c60  UEIPSvc - ok
11:59:48.0839 0x0c60  [ 05DD22294A4F3F89E52351C7721E6D2C, 300A7D4BD5F26814CF73400E01DEB810CA3F91BD190B3D37B74ADF080F582829 ] Ufx01000        C:\WINDOWS\system32\drivers\ufx01000.sys
11:59:48.0901 0x0c60  Ufx01000 - ok
11:59:48.0901 0x0c60  UfxChipidea - ok
11:59:48.0918 0x0c60  ufxsynopsys - ok
11:59:48.0923 0x0c60  UI0Detect - ok
11:59:48.0939 0x0c60  uliagpkx - ok
11:59:48.0939 0x0c60  umbus - ok
11:59:48.0955 0x0c60  UmPass - ok
11:59:48.0955 0x0c60  UmRdpService - ok
11:59:48.0970 0x0c60  UnistoreSvc - ok
11:59:48.0986 0x0c60  upnphost - ok
11:59:49.0002 0x0c60  UrsChipidea - ok
11:59:49.0002 0x0c60  UrsCx01000 - ok
11:59:49.0021 0x0c60  UrsSynopsys - ok
11:59:49.0024 0x0c60  usbccgp - ok
11:59:49.0024 0x0c60  usbcir - ok
11:59:49.0039 0x0c60  usbehci - ok
11:59:49.0055 0x0c60  usbhub - ok
11:59:49.0055 0x0c60  USBHUB3 - ok
11:59:49.0071 0x0c60  usbohci - ok
11:59:49.0086 0x0c60  usbprint - ok
11:59:49.0086 0x0c60  usbser - ok
11:59:49.0102 0x0c60  USBSTOR - ok
11:59:49.0102 0x0c60  usbuhci - ok
11:59:49.0119 0x0c60  usbvideo - ok
11:59:49.0124 0x0c60  USBXHCI - ok
11:59:49.0124 0x0c60  UserDataSvc - ok
11:59:49.0155 0x0c60  UserManager - ok
11:59:49.0155 0x0c60  UsoSvc - ok
11:59:49.0171 0x0c60  VaultSvc - ok
11:59:49.0171 0x0c60  vdrvroot - ok
11:59:49.0186 0x0c60  vds - ok
11:59:49.0186 0x0c60  VerifierExt - ok
11:59:49.0202 0x0c60  vhdmp - ok
11:59:49.0202 0x0c60  vhf - ok
11:59:49.0224 0x0c60  vmbus - ok
11:59:49.0224 0x0c60  VMBusHID - ok
11:59:49.0240 0x0c60  vmicguestinterface - ok
11:59:49.0240 0x0c60  vmicheartbeat - ok
11:59:49.0256 0x0c60  vmickvpexchange - ok
11:59:49.0271 0x0c60  vmicrdv - ok
11:59:49.0271 0x0c60  vmicshutdown - ok
11:59:49.0287 0x0c60  vmictimesync - ok
11:59:49.0287 0x0c60  vmicvmsession - ok
11:59:49.0302 0x0c60  vmicvss - ok
11:59:49.0302 0x0c60  volmgr - ok
11:59:49.0325 0x0c60  volmgrx - ok
11:59:49.0325 0x0c60  volsnap - ok
11:59:49.0342 0x0c60  vpci - ok
11:59:49.0342 0x0c60  vsmraid - ok
11:59:49.0357 0x0c60  VSS - ok
11:59:49.0357 0x0c60  VSTXRAID - ok
11:59:49.0373 0x0c60  vwifibus - ok
11:59:49.0389 0x0c60  vwififlt - ok
11:59:49.0389 0x0c60  vwifimp - ok
11:59:49.0404 0x0c60  W32Time - ok
11:59:49.0404 0x0c60  WacomPen - ok
11:59:49.0424 0x0c60  WalletService - ok
11:59:49.0424 0x0c60  wanarp - ok
11:59:49.0440 0x0c60  wanarpv6 - ok
11:59:49.0440 0x0c60  wbengine - ok
11:59:49.0456 0x0c60  WbioSrvc - ok
11:59:49.0456 0x0c60  Wcmsvc - ok
11:59:49.0471 0x0c60  wcncsvc - ok
11:59:49.0471 0x0c60  WcsPlugInService - ok
11:59:49.0487 0x0c60  WdBoot - ok
11:59:49.0487 0x0c60  Wdf01000 - ok
11:59:49.0503 0x0c60  WdFilter - ok
11:59:49.0520 0x0c60  WdiServiceHost - ok
11:59:49.0525 0x0c60  WdiSystemHost - ok
11:59:49.0525 0x0c60  wdiwifi - ok
11:59:49.0540 0x0c60  WdNisDrv - ok
11:59:49.0540 0x0c60  WdNisSvc - ok
11:59:49.0556 0x0c60  WebClient - ok
11:59:49.0556 0x0c60  Wecsvc - ok
11:59:49.0572 0x0c60  WEPHOSTSVC - ok
11:59:49.0572 0x0c60  wercplsupport - ok
11:59:49.0587 0x0c60  WerSvc - ok
11:59:49.0603 0x0c60  WFPLWFS - ok
11:59:49.0603 0x0c60  WiaRpc - ok
11:59:49.0619 0x0c60  WIMMount - ok
11:59:49.0625 0x0c60  WinDefend - ok
11:59:49.0641 0x0c60  WindowsTrustedRT - ok
11:59:49.0656 0x0c60  WindowsTrustedRTProxy - ok
11:59:49.0656 0x0c60  WinHttpAutoProxySvc - ok
11:59:49.0672 0x0c60  WinMad - ok
11:59:49.0688 0x0c60  Winmgmt - ok
11:59:49.0688 0x0c60  WinRM - ok
11:59:49.0704 0x0c60  WINUSB - ok
11:59:49.0704 0x0c60  WinVerbs - ok
11:59:49.0725 0x0c60  WlanSvc - ok
11:59:49.0725 0x0c60  wlidsvc - ok
11:59:49.0741 0x0c60  WmiAcpi - ok
11:59:49.0741 0x0c60  wmiApSrv - ok
11:59:49.0757 0x0c60  WMPNetworkSvc - ok
11:59:49.0772 0x0c60  [ 2A9650FCC696DB28E45EA8B33B99B8E6, FBEBC6C05D50F578C6EEE0A7285EBE1DEADB08DD21FA3232630FD8D5A68FC3FB ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
11:59:49.0826 0x0c60  Wof - ok
11:59:49.0841 0x0c60  workfolderssvc - ok
11:59:49.0841 0x0c60  wpcfltr - ok
11:59:49.0857 0x0c60  WPDBusEnum - ok
11:59:49.0857 0x0c60  WpdUpFltr - ok
11:59:49.0872 0x0c60  WpnService - ok
11:59:49.0872 0x0c60  ws2ifsl - ok
11:59:49.0904 0x0c60  [ 5B813FADEA5BE9195F01C83287F823F7, B186175B12AF444F987FE9F0F9D329A0F9186C06E3D228824E0929BB0084853F ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
11:59:49.0973 0x0c60  wscsvc - ok
11:59:49.0973 0x0c60  WSearch - ok
11:59:49.0988 0x0c60  WSService - ok
11:59:49.0988 0x0c60  wuauserv - ok
11:59:50.0004 0x0c60  WudfPf - ok
11:59:50.0020 0x0c60  WUDFRd - ok
11:59:50.0026 0x0c60  wudfsvc - ok
11:59:50.0026 0x0c60  WUDFWpdFs - ok
11:59:50.0042 0x0c60  WUDFWpdMtp - ok
11:59:50.0042 0x0c60  WwanSvc - ok
11:59:50.0057 0x0c60  XblAuthManager - ok
11:59:50.0057 0x0c60  XblGameSave - ok
11:59:50.0073 0x0c60  xboxgip - ok
11:59:50.0073 0x0c60  XboxNetApiSvc - ok
11:59:50.0089 0x0c60  xinputhid - ok
11:59:50.0089 0x0c60  ================ Scan global ===============================
11:59:50.0126 0x0c60  [ Global ] - ok
11:59:50.0126 0x0c60  ================ Scan MBR ==================================
11:59:50.0126 0x0c60  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
11:59:50.0244 0x0c60  \Device\Harddisk0\DR0 - ok
11:59:50.0244 0x0c60  ================ Scan VBR ==================================
11:59:50.0260 0x0c60  [ 3F7F83B9DCDB02F6022B7F5DC4231419 ] \Device\Harddisk0\DR0\Partition1
11:59:50.0260 0x0c60  \Device\Harddisk0\DR0\Partition1 - ok
11:59:50.0260 0x0c60  [ 56532BD10D388D68A5790778911CAD6F ] \Device\Harddisk0\DR0\Partition2
11:59:50.0260 0x0c60  \Device\Harddisk0\DR0\Partition2 - ok
11:59:50.0276 0x0c60  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
11:59:50.0276 0x0c60  \Device\Harddisk0\DR0\Partition3 - ok
11:59:50.0276 0x0c60  [ 6020D3AEAF6742AF54C56E8D5C897FE1 ] \Device\Harddisk0\DR0\Partition4
11:59:50.0276 0x0c60  \Device\Harddisk0\DR0\Partition4 - ok
11:59:50.0291 0x0c60  [ 7138D2B9F1779B36B7D86EB38D9C66EE ] \Device\Harddisk0\DR0\Partition5
11:59:50.0291 0x0c60  \Device\Harddisk0\DR0\Partition5 - ok
11:59:50.0291 0x0c60  ================ Scan generic autorun ======================
11:59:51.0094 0x0c60  [ 65E8545F1297CD83534C354A7BED1848, 19B3F3C17A335837454DC1851C6436D0BB2D8B1595AEB4DC71265FB20868B48F ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
11:59:51.0965 0x0c60  RtHDVCpl - ok
11:59:52.0081 0x0c60  [ 31821EC63BDEDE18E64C11F7248B32AB, 6982AE866F8EC7943FDB3E4B77B03542A2E3E07F080B8D806C4ED903DE3368CE ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
11:59:52.0205 0x0c60  RtHDVBg_Dolby - ok
11:59:52.0417 0x0c60  [ E445C0DB7E5E89C657FC89C0C4CCEDE5, ABD7A9B36CFD6740CE06456B152D9EB1856C11CD7FB2A34E06D63BAD0639B2A0 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
11:59:52.0599 0x0c60  NvBackend - ok
11:59:52.0608 0x0c60  ShadowPlay - ok
11:59:52.0620 0x0c60  [ 4470CF575CC1131CAC72FB3A386512ED, 70BEB0E8291FD864C86C6505AD336E04E29AC943891B60928126A6E323979A56 ] C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
11:59:52.0640 0x0c60  abDocsDllLoader - ok
11:59:52.0724 0x0c60  OneDriveSetup - ok
11:59:52.0740 0x0c60  OneDriveSetup - ok
11:59:52.0772 0x0c60  [ 8F2EA5EE0695CCE2285D92C44108375C, 2C96A8E7E41E87C27B6A3325526F99A03333357EF2682C17A4892BE4A58D157E ] C:\Users\sven\AppData\Local\Microsoft\OneDrive\OneDrive.exe
11:59:52.0841 0x0c60  OneDrive - ok
11:59:52.0841 0x0c60  Object required for P2P: [ 8F2EA5EE0695CCE2285D92C44108375C ] C:\Users\sven\AppData\Local\Microsoft\OneDrive\OneDrive.exe
11:59:53.0032 0x0c60  Object send P2P result: true
11:59:53.0032 0x0c60  Speech Recognition - ok
11:59:53.0551 0x0c60  [ 35C570B08308326298DB8298376226A8, 2932C15E6B8BC854C2648DBF66F14531A4CF672C5D84244C9310CA8EEE1C55BC ] C:\Program Files\CCleaner\CCleaner64.exe
11:59:54.0124 0x0c60  CCleaner Monitoring - ok
11:59:54.0151 0x0c60  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.9.10586.672 ), 0x62100 ( disabled : updated )
11:59:54.0154 0x0c60  Win FW state via NFP2: enabled ( trusted )
11:59:54.0285 0x0c60  ============================================================
11:59:54.0285 0x0c60  Scan finished
11:59:54.0285 0x0c60  ============================================================
11:59:54.0285 0x1e04  Detected object count: 1
11:59:54.0285 0x1e04  Actual detected object count: 1
12:00:11.0814 0x1e04  AtherosSvc ( UnsignedFile.Multi.Generic ) - skipped by user
12:00:11.0814 0x1e04  AtherosSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip

cosinus · 14.11.2016, 12:30

Zitat:

11:59:06.0732 0x1b68 Scan started
11:59:06.0732 0x1b68 Mode: Manual;

Anleitungen bitte sorgfältiger lesen und umsetzen. Du hast den TDSSkiller falsch eingestellt

vigilanz · 14.11.2016, 12:42

Code:

ATTFilter

12:39:07.0294 0x1430  TDSS rootkit removing tool 3.1.0.12 Nov  7 2016 07:10:01
12:39:07.0294 0x1430  UEFI system
12:39:10.0350 0x1430  ============================================================
12:39:10.0351 0x1430  Current date / time: 2016/11/14 12:39:10.0350
12:39:10.0351 0x1430  SystemInfo:
12:39:10.0351 0x1430  
12:39:10.0351 0x1430  OS Version: 10.0.10586 ServicePack: 0.0
12:39:10.0351 0x1430  Product type: Workstation
12:39:10.0351 0x1430  ComputerName: SVEN
12:39:10.0352 0x1430  UserName: sven
12:39:10.0352 0x1430  Windows directory: C:\WINDOWS
12:39:10.0352 0x1430  System windows directory: C:\WINDOWS
12:39:10.0352 0x1430  Running under WOW64
12:39:10.0352 0x1430  Processor architecture: Intel x64
12:39:10.0352 0x1430  Number of processors: 4
12:39:10.0352 0x1430  Page size: 0x1000
12:39:10.0352 0x1430  Boot type: Normal boot
12:39:10.0352 0x1430  CodeIntegrityOptions = 0x00000001
12:39:10.0353 0x1430  ============================================================
12:39:10.0358 0x1430  KLMD ARK init status: drvProperties = 0xFFFF00, osBuild = 10586.672, osProperties = 0x19
12:39:10.0359 0x1430  KLMD BG init status: drvProperties = 0xFFFF00, osBuild = 10586.672, osProperties = 0x19
12:39:10.0359 0x1430  BG loaded
12:39:10.0541 0x1430  System UUID: {C8C458A5-D08F-352B-99D3-3C968EE895F8}
12:39:11.0444 0x1430  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:39:11.0451 0x1430  ============================================================
12:39:11.0452 0x1430  \Device\Harddisk0\DR0:
12:39:11.0452 0x1430  GPT partitions:
12:39:11.0453 0x1430  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {B784C650-0E87-448D-94FA-8C4FD5DF3AAE}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x12C000
12:39:11.0453 0x1430  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {D8D20A44-E67C-4401-9731-A7849137FC51}, Name: EFI system partition, StartLBA 0x12C800, BlocksNum 0x96000
12:39:11.0453 0x1430  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {561F7B97-665E-471E-B764-65D4213D2895}, Name: Microsoft reserved partition, StartLBA 0x1C2800, BlocksNum 0x40000
12:39:11.0453 0x1430  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {BD901923-DC87-4AC7-BA11-DA6799D7F397}, Name: Basic data partition, StartLBA 0x202800, BlocksNum 0x724A7000
12:39:11.0453 0x1430  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {FE02F297-6773-4A7D-8D9B-F9E31A08191A}, Name: Basic data partition, StartLBA 0x726A9800, BlocksNum 0x205D000
12:39:11.0453 0x1430  MBR partitions:
12:39:11.0453 0x1430  ============================================================
12:39:11.0456 0x1430  C: <-> \Device\Harddisk0\DR0\Partition4
12:39:11.0456 0x1430  ============================================================
12:39:11.0456 0x1430  Initialize success
12:39:11.0456 0x1430  ============================================================
12:39:13.0049 0x197c  ============================================================
12:39:13.0049 0x197c  Scan started
12:39:13.0049 0x197c  Mode: Manual; 
12:39:13.0049 0x197c  ============================================================
12:39:13.0049 0x197c  KSN ping started
12:39:13.0130 0x197c  KSN ping finished: true
12:39:14.0006 0x197c  ================ Scan system memory ========================
12:39:14.0006 0x197c  System memory - ok
12:39:14.0007 0x197c  ================ Scan services =============================
12:39:14.0106 0x197c  1394ohci - ok
12:39:14.0113 0x197c  3ware - ok
12:39:14.0123 0x197c  ACPI - ok
12:39:14.0134 0x197c  acpiex - ok
12:39:14.0143 0x197c  acpipagr - ok
12:39:14.0153 0x197c  AcpiPmi - ok
12:39:14.0161 0x197c  acpitime - ok
12:39:14.0287 0x197c  [ 9BAF21BA600EC4E5FD9A66AD3E4FF5A6, 5E02E5E80557F6EC870EB7CC2DE95169D4225B87A2FE7E796736205F51C15816 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:39:14.0301 0x197c  AdobeFlashPlayerUpdateSvc - ok
12:39:14.0333 0x197c  ADP80XX - ok
12:39:14.0347 0x197c  AFD - ok
12:39:14.0356 0x197c  agp440 - ok
12:39:14.0364 0x197c  ahcache - ok
12:39:14.0373 0x197c  AJRouter - ok
12:39:14.0382 0x197c  ALG - ok
12:39:14.0392 0x197c  AmdK8 - ok
12:39:14.0401 0x197c  AmdPPM - ok
12:39:14.0410 0x197c  amdsata - ok
12:39:14.0419 0x197c  amdsbs - ok
12:39:14.0428 0x197c  amdxata - ok
12:39:14.0439 0x197c  AppID - ok
12:39:14.0452 0x197c  AppIDSvc - ok
12:39:14.0460 0x197c  Appinfo - ok
12:39:14.0470 0x197c  AppReadiness - ok
12:39:14.0479 0x197c  AppXSvc - ok
12:39:14.0488 0x197c  arcsas - ok
12:39:14.0496 0x197c  AsyncMac - ok
12:39:14.0505 0x197c  atapi - ok
12:39:14.0535 0x197c  [ 48386DDF416537A107F19FF51148C613, 7D423F36AC0AB59D0303EAF1914154FD57B20A81E1D8CB657E8DB6CCE19509A5 ] AtherosSvc      C:\Program Files (x86)\Qualcomm Atheros\Qualcomm Atheros 61x4 Wireless LAN&Bluetooth Installer\Bluetooth Suite\adminservice.exe
12:39:14.0553 0x197c  AtherosSvc - ok
12:39:14.0564 0x197c  AudioEndpointBuilder - ok
12:39:14.0574 0x197c  Audiosrv - ok
12:39:14.0584 0x197c  AxInstSV - ok
12:39:14.0592 0x197c  b06bdrv - ok
12:39:14.0603 0x197c  BasicDisplay - ok
12:39:14.0611 0x197c  BasicRender - ok
12:39:14.0625 0x197c  bcmfn - ok
12:39:14.0636 0x197c  bcmfn2 - ok
12:39:14.0646 0x197c  BDESVC - ok
12:39:14.0657 0x197c  Beep - ok
12:39:14.0671 0x197c  BFE - ok
12:39:14.0680 0x197c  BITS - ok
12:39:14.0689 0x197c  bowser - ok
12:39:14.0698 0x197c  BrokerInfrastructure - ok
12:39:14.0709 0x197c  Browser - ok
12:39:14.0766 0x197c  [ 2C1E8FAD28807F93B5A775B3095BF28A, 24A9FE132CCEF483EA1406EA128515ED071BD99A33DF05890E1398E297C897DD ] BtFilter        C:\WINDOWS\system32\DRIVERS\btfilter.sys
12:39:14.0798 0x197c  BtFilter - ok
12:39:14.0808 0x197c  BthAvrcpTg - ok
12:39:14.0828 0x197c  BthEnum - ok
12:39:14.0837 0x197c  BthHFEnum - ok
12:39:14.0846 0x197c  bthhfhid - ok
12:39:14.0856 0x197c  BthHFSrv - ok
12:39:14.0864 0x197c  BthLEEnum - ok
12:39:14.0873 0x197c  BTHMODEM - ok
12:39:14.0882 0x197c  BthPan - ok
12:39:14.0891 0x197c  BTHPORT - ok
12:39:14.0900 0x197c  bthserv - ok
12:39:14.0910 0x197c  BTHUSB - ok
12:39:14.0923 0x197c  buttonconverter - ok
12:39:14.0935 0x197c  CapImg - ok
12:39:15.0084 0x197c  [ 4147B5CA0C368FFE0FCE4116F558986A, F466B4556A140321B8F87C486CEBFB223D37526D877343BB6DA8FEFD03E16396 ] CCDMonitorService C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
12:39:15.0202 0x197c  CCDMonitorService - ok
12:39:15.0218 0x197c  cdfs - ok
12:39:15.0229 0x197c  CDPSvc - ok
12:39:15.0240 0x197c  cdrom - ok
12:39:15.0252 0x197c  CertPropSvc - ok
12:39:15.0262 0x197c  circlass - ok
12:39:15.0275 0x197c  CLFS - ok
12:39:15.0288 0x197c  ClipSVC - ok
12:39:15.0324 0x197c  CmBatt - ok
12:39:15.0337 0x197c  CNG - ok
12:39:15.0351 0x197c  cnghwassist - ok
12:39:15.0410 0x197c  CompositeBus - ok
12:39:15.0422 0x197c  COMSysApp - ok
12:39:15.0434 0x197c  condrv - ok
12:39:15.0447 0x197c  CoreMessagingRegistrar - ok
12:39:15.0563 0x197c  [ 700A193A1555B083E3A08F5D3A844925, 974F7F0C78289EFE821407E418EB65A022D6445DED8EA112B9866784AF0221EE ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
12:39:15.0590 0x197c  cphs - ok
12:39:15.0612 0x197c  [ 9E79A2208A9ED205A7383CBC92C28053, 2E6599DF30DF19BD7BE6FEF1B21FED7F349A3F2306CC5CFDB767ABA7283E8A55 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
12:39:15.0621 0x197c  CryptSvc - ok
12:39:15.0630 0x197c  dam - ok
12:39:15.0647 0x197c  DcomLaunch - ok
12:39:15.0659 0x197c  DcpSvc - ok
12:39:15.0671 0x197c  defragsvc - ok
12:39:15.0679 0x197c  DeviceAssociationService - ok
12:39:15.0691 0x197c  DeviceInstall - ok
12:39:15.0703 0x197c  DevQueryBroker - ok
12:39:15.0718 0x197c  Dfsc - ok
12:39:15.0739 0x197c  [ 9593475FBC857A05D93BFF4FA7323C2B, D2A958AF5EFDC6136A6ABB7F8D5FE1F84C967E79BEA96C5BE3661A0145DEB907 ] dg_ssudbus      C:\WINDOWS\system32\DRIVERS\ssudbus.sys
12:39:15.0750 0x197c  dg_ssudbus - ok
12:39:15.0786 0x197c  [ D461D2BECEFA661291EB1B748A8D2CCB, 7275859FCDE58DE6C0C683AFDAD910EB4602336CC724EEE42495A8839213469D ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
12:39:15.0817 0x197c  Dhcp - ok
12:39:15.0831 0x197c  diagnosticshub.standardcollector.service - ok
12:39:15.0841 0x197c  DiagTrack - ok
12:39:15.0886 0x197c  [ 1CFFF6D1E6E192B1E81B6DA3E94C0D4C, 742917C923D8B222F78074B8A7F251A89C488B0CC0FA782D099D4A25841073E1 ] DigitalWave.Update.Service C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
12:39:15.0907 0x197c  DigitalWave.Update.Service - ok
12:39:15.0919 0x197c  disk - ok
12:39:15.0930 0x197c  DmEnrollmentSvc - ok
12:39:15.0943 0x197c  dmvsc - ok
12:39:15.0955 0x197c  dmwappushservice - ok
12:39:15.0966 0x197c  Dnscache - ok
12:39:15.0982 0x197c  dot3svc - ok
12:39:15.0994 0x197c  DPS - ok
12:39:16.0008 0x197c  drmkaud - ok
12:39:16.0017 0x197c  DsmSvc - ok
12:39:16.0028 0x197c  DsSvc - ok
12:39:16.0041 0x197c  DXGKrnl - ok
12:39:16.0054 0x197c  Eaphost - ok
12:39:16.0064 0x197c  ebdrv - ok
12:39:16.0076 0x197c  EFS - ok
12:39:16.0086 0x197c  EhStorClass - ok
12:39:16.0099 0x197c  EhStorTcgDrv - ok
12:39:16.0111 0x197c  embeddedmode - ok
12:39:16.0123 0x197c  EntAppSvc - ok
12:39:16.0307 0x197c  [ F800FEA3F6865E506AC2B218F25F1E38, 25E8EE3D009D52EDEF9F67587EA8E9E0FFD6094F3971B9470B0A7AC018AD469D ] ePowerSvc       C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
12:39:16.0439 0x197c  ePowerSvc - ok
12:39:16.0455 0x197c  ErrDev - ok
12:39:16.0471 0x197c  EventSystem - ok
12:39:16.0479 0x197c  exfat - ok
12:39:16.0489 0x197c  fastfat - ok
12:39:16.0498 0x197c  Fax - ok
12:39:16.0506 0x197c  fdc - ok
12:39:16.0515 0x197c  fdPHost - ok
12:39:16.0525 0x197c  FDResPub - ok
12:39:16.0536 0x197c  fhsvc - ok
12:39:16.0550 0x197c  FileCrypt - ok
12:39:16.0562 0x197c  FileInfo - ok
12:39:16.0577 0x197c  Filetrace - ok
12:39:16.0588 0x197c  flpydisk - ok
12:39:16.0598 0x197c  FltMgr - ok
12:39:16.0610 0x197c  FontCache - ok
12:39:16.0621 0x197c  FontCache3.0.0.0 - ok
12:39:16.0633 0x197c  FsDepends - ok
12:39:16.0642 0x197c  Fs_Rec - ok
12:39:16.0653 0x197c  fvevol - ok
12:39:16.0661 0x197c  gagp30kx - ok
12:39:16.0671 0x197c  gencounter - ok
12:39:16.0678 0x197c  genericusbfn - ok
12:39:16.0756 0x197c  [ 061CC5C12C39899D7398CFEBFD19F69F, 62319596863A74665FA801C305C952A0F20AAA0F1CDC2195F2F69D662790C80B ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
12:39:16.0814 0x197c  GfExperienceService - ok
12:39:16.0828 0x197c  GPIOClx0101 - ok
12:39:16.0917 0x197c  [ B89C353AFC8F56D961D07FF1FE7B4BCD, C4491A1E33E0151AF3D7589769D4DCFABC68518A22393A7584FB573B47643B2F ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
12:39:16.0998 0x197c  gpsvc - ok
12:39:17.0009 0x197c  GpuEnergyDrv - ok
12:39:17.0019 0x197c  HDAudBus - ok
12:39:17.0028 0x197c  HidBatt - ok
12:39:17.0040 0x197c  HidBth - ok
12:39:17.0048 0x197c  hidi2c - ok
12:39:17.0057 0x197c  hidinterrupt - ok
12:39:17.0065 0x197c  HidIr - ok
12:39:17.0075 0x197c  hidserv - ok
12:39:17.0087 0x197c  [ 128DEDDD61915DBA4D451D91D21F0513, 961A0DDA02B0879989300C15E4FF9022882A4CD895D65335C263AC0DD1918314 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
12:39:17.0090 0x197c  HidUsb - ok
12:39:17.0098 0x197c  HomeGroupListener - ok
12:39:17.0107 0x197c  HomeGroupProvider - ok
12:39:17.0115 0x197c  HpSAMD - ok
12:39:17.0125 0x197c  HTTP - ok
12:39:17.0135 0x197c  hwpolicy - ok
12:39:17.0143 0x197c  hyperkbd - ok
12:39:17.0154 0x197c  i8042prt - ok
12:39:17.0163 0x197c  iai2c - ok
12:39:17.0177 0x197c  iaLPSS2i_I2C - ok
12:39:17.0186 0x197c  iaLPSSi_GPIO - ok
12:39:17.0194 0x197c  iaLPSSi_I2C - ok
12:39:17.0203 0x197c  iaStorAV - ok
12:39:17.0211 0x197c  iaStorV - ok
12:39:17.0222 0x197c  ibbus - ok
12:39:17.0248 0x197c  [ 57C88C15CEC97318F580D7F4327AAA46, FD3AD83576804DA819F48E3E198FE470420E730F6118AD0E719A91E67C80D3FE ] icssvc          C:\WINDOWS\System32\tetheringservice.dll
12:39:17.0278 0x197c  icssvc - ok
12:39:17.0288 0x197c  IEEtwCollectorService - ok
12:39:17.0687 0x197c  [ 548712979B0BA12ECE2D8549797593D4, 6809412A76DE30C914A65BB8546E436AD540E00610D5D13FDE486C4446E95C24 ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
12:39:18.0009 0x197c  igfx - ok
12:39:18.0056 0x197c  [ BA1BA1C9E40BCEB88678747C1E7C256F, C85CC690D353FCEBFD243304C25EEAA2BC13DB1E2A4C8C65371F455511540959 ] igfxCUIService2.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
12:39:18.0084 0x197c  igfxCUIService2.0.0.0 - ok
12:39:18.0092 0x197c  IKEEXT - ok
12:39:18.0108 0x197c  [ FC7C456AF9B9811499EDBD10616832EE, CA2D8B0E672D3AE449C2FF0B9E142D74E8C72FD877D11162A9F7CC51AF58220F ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
12:39:18.0111 0x197c  intaud_WaveExtensible - ok
12:39:18.0387 0x197c  [ 622868E4BAE8FBCD22CB1A5901A2C824, C1A2264C0984DD16C83B663C9CE43E049E1356E32C5771C3ACE225F285699138 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
12:39:18.0614 0x197c  IntcAzAudAddService - ok
12:39:18.0662 0x197c  [ 890144FA6AB42F2B54EE633BF96A019A, 8741904C66170BA11C78D31681E3759537C0BF2338538678BC64234DB8FDE93F ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
12:39:18.0685 0x197c  IntcDAud - ok
12:39:18.0746 0x197c  [ 4C17F57E43645E75800E9E84787E34E5, 6A1531D97462BA3B3DBDAD472AF15B717C958AA8C5CE2373DE0B2A41C35BE33E ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
12:39:18.0790 0x197c  Intel(R) Capability Licensing Service TCP IP Interface - ok
12:39:18.0809 0x197c  [ 2390C395882F7773AB7D6CC2547B41DE, 220EBA14BC4A686ED9879D27900AD66ACD937899759A4319297E0F15DFAB247C ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
12:39:18.0816 0x197c  Intel(R) ME Service - ok
12:39:18.0825 0x197c  intelide - ok
12:39:18.0836 0x197c  intelpep - ok
12:39:18.0845 0x197c  intelppm - ok
12:39:18.0855 0x197c  IoQos - ok
12:39:18.0864 0x197c  IpFilterDriver - ok
12:39:18.0934 0x197c  [ 5AAB28A6AC2AAC9F66D4EAB6695D0474, BDAB1D04989788EA945C7FE0DE962F0FEC672D9703C271F8469822A91D7462B9 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
12:39:18.0991 0x197c  iphlpsvc - ok
12:39:19.0001 0x197c  IPMIDRV - ok
12:39:19.0009 0x197c  IPNAT - ok
12:39:19.0018 0x197c  IRENUM - ok
12:39:19.0027 0x197c  isapnp - ok
12:39:19.0037 0x197c  iScsiPrt - ok
12:39:19.0057 0x197c  [ 622BF9C46A47CF17608C501320E8EFBD, 059F99D4306216324E100FCDAF02093B2CD662F2C6BE8565A4281E7760F8B575 ] iumsvc          C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
12:39:19.0066 0x197c  iumsvc - ok
12:39:19.0075 0x197c  [ A90C843F4FDD7A07129BA73C6BE13976, A76DEA9F09E3B2F18D3B646A0DD39E2773EC62E2F3C55421BA61C12190D78C1C ] iwdbus          C:\WINDOWS\System32\drivers\iwdbus.sys
12:39:19.0078 0x197c  iwdbus - ok
12:39:19.0095 0x197c  [ BDC9C7931DB723CB1AF9F7075EA06645, EEBD5DC9C4656F14F8F0A0A5E84657B6B2BA35283E0E571119DA82F131D5C21B ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
12:39:19.0104 0x197c  jhi_service - ok
12:39:19.0112 0x197c  k57nd60a - ok
12:39:19.0121 0x197c  kbdclass - ok
12:39:19.0133 0x197c  kbdhid - ok
12:39:19.0144 0x197c  kdnic - ok
12:39:19.0154 0x197c  KeyIso - ok
12:39:19.0161 0x197c  KSecDD - ok
12:39:19.0170 0x197c  KSecPkg - ok
12:39:19.0178 0x197c  ksthunk - ok
12:39:19.0188 0x197c  KtmRm - ok
12:39:19.0197 0x197c  LanmanServer - ok
12:39:19.0206 0x197c  LanmanWorkstation - ok
12:39:19.0219 0x197c  lfsvc - ok
12:39:19.0227 0x197c  LicenseManager - ok
12:39:19.0239 0x197c  lltdio - ok
12:39:19.0248 0x197c  lltdsvc - ok
12:39:19.0258 0x197c  [ 4ACC60B4CBC911F3F34A1D66213BBBF5, C09A87ACAE0D41FD425BAF076FFE9B601DB89BB66199E5BD72FC59C6A8E449DB ] LMDriver        C:\WINDOWS\System32\drivers\LMDriver.sys
12:39:19.0261 0x197c  LMDriver - ok
12:39:19.0269 0x197c  lmhosts - ok
12:39:19.0303 0x197c  [ A7D2A96187E5C5F4F7650900A15788AA, F131C3E8206A89A9244ECF2507F4FC1A8550E594A58F75338939A54C973078AF ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
12:39:19.0323 0x197c  LMS - ok
12:39:19.0368 0x197c  [ 5059A4211317A8272F53B6179BB6A631, A2EB1BE89520A34597373635503A751B37B8EFD95820B4CAA1CE9A68A471AF73 ] LMSvc           C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
12:39:19.0391 0x197c  LMSvc - ok
12:39:19.0408 0x197c  LSI_SAS - ok
12:39:19.0418 0x197c  LSI_SAS2i - ok
12:39:19.0427 0x197c  LSI_SAS3i - ok
12:39:19.0437 0x197c  LSI_SSS - ok
12:39:19.0446 0x197c  LSM - ok
12:39:19.0455 0x197c  luafv - ok
12:39:19.0464 0x197c  MapsBroker - ok
12:39:19.0474 0x197c  megasas - ok
12:39:19.0485 0x197c  megasr - ok
12:39:19.0503 0x197c  [ AFEA4FAABCE6F0C299E9231FF4F466BE, BCF0C50F02C4AC2784139935F3756F5C4D24FCAF07ACD9567B87991A9D1F16DB ] MEIx64          C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys
12:39:19.0514 0x197c  MEIx64 - ok
12:39:19.0537 0x197c  MessagingService - ok
12:39:19.0566 0x197c  mlx4_bus - ok
12:39:19.0577 0x197c  MMCSS - ok
12:39:19.0588 0x197c  Modem - ok
12:39:19.0598 0x197c  monitor - ok
12:39:19.0609 0x197c  mouclass - ok
12:39:19.0619 0x197c  mouhid - ok
12:39:19.0630 0x197c  mountmgr - ok
12:39:19.0656 0x197c  [ C1A273141F13434647AC7CE37D2C18EC, F36D1A12DB8289949528F4BC81E077B33709F9B14A01537EEA63F27FFA17092D ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:39:19.0667 0x197c  MozillaMaintenance - ok
12:39:19.0675 0x197c  mpsdrv - ok
12:39:19.0684 0x197c  MpsSvc - ok
12:39:19.0692 0x197c  MRxDAV - ok
12:39:19.0702 0x197c  mrxsmb - ok
12:39:19.0711 0x197c  mrxsmb10 - ok
12:39:19.0720 0x197c  mrxsmb20 - ok
12:39:19.0731 0x197c  MsBridge - ok
12:39:19.0740 0x197c  MSDTC - ok
12:39:19.0758 0x197c  Msfs - ok
12:39:19.0767 0x197c  msgpiowin32 - ok
12:39:19.0775 0x197c  mshidkmdf - ok
12:39:19.0784 0x197c  mshidumdf - ok
12:39:19.0793 0x197c  msisadrv - ok
12:39:19.0804 0x197c  MSiSCSI - ok
12:39:19.0816 0x197c  msiserver - ok
12:39:19.0826 0x197c  MSKSSRV - ok
12:39:19.0839 0x197c  MsLldp - ok
12:39:19.0852 0x197c  MSPCLOCK - ok
12:39:19.0862 0x197c  MSPQM - ok
12:39:19.0873 0x197c  MsRPC - ok
12:39:19.0886 0x197c  mssmbios - ok
12:39:19.0893 0x197c  MSTEE - ok
12:39:19.0905 0x197c  MTConfig - ok
12:39:19.0913 0x197c  Mup - ok
12:39:19.0926 0x197c  mvumis - ok
12:39:19.0941 0x197c  NativeWifiP - ok
12:39:19.0949 0x197c  NcaSvc - ok
12:39:19.0958 0x197c  NcbService - ok
12:39:19.0967 0x197c  NcdAutoSetup - ok
12:39:19.0976 0x197c  ndfltr - ok
12:39:19.0986 0x197c  NDIS - ok
12:39:19.0994 0x197c  NdisCap - ok
12:39:20.0003 0x197c  NdisImPlatform - ok
12:39:20.0011 0x197c  NdisTapi - ok
12:39:20.0022 0x197c  Ndisuio - ok
12:39:20.0035 0x197c  NdisVirtualBus - ok
12:39:20.0048 0x197c  NdisWan - ok
12:39:20.0056 0x197c  ndiswanlegacy - ok
12:39:20.0065 0x197c  ndproxy - ok
12:39:20.0082 0x197c  [ 883A36E2FF7FA3E1281CB575579FE3AF, F1BE02B13C090E2E36BD211055FC980E79BD14F72042773A3619A5143AAEE485 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
12:39:20.0092 0x197c  Ndu - ok
12:39:20.0101 0x197c  NetBIOS - ok
12:39:20.0130 0x197c  [ C03E926B0E7D66D68994067231DC3246, 1895BE28921431AA78BEF9AFE01411FE8CDA570867E527E4D925E6FAA35D8BC0 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
12:39:20.0146 0x197c  NetBT - ok
12:39:20.0158 0x197c  Netlogon - ok
12:39:20.0169 0x197c  Netman - ok
12:39:20.0176 0x197c  netprofm - ok
12:39:20.0187 0x197c  NetSetupSvc - ok
12:39:20.0203 0x197c  NetTcpPortSharing - ok
12:39:20.0216 0x197c  NgcCtnrSvc - ok
12:39:20.0227 0x197c  NgcSvc - ok
12:39:20.0239 0x197c  NlaSvc - ok
12:39:20.0249 0x197c  Npfs - ok
12:39:20.0258 0x197c  npsvctrig - ok
12:39:20.0266 0x197c  nsi - ok
12:39:20.0274 0x197c  nsiproxy - ok
12:39:20.0289 0x197c  NTFS - ok
12:39:20.0300 0x197c  Null - ok
12:39:20.0990 0x197c  [ AEEA2EC9CEEB8ADE8284583BBB98AB0D, AB629C047EFB8F5CF13FF923C332A05CD3F510A8C07D2EA6D3C493E2533DB1E0 ] nvlddmkm        C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
12:39:21.0553 0x197c  nvlddmkm - ok
12:39:21.0694 0x197c  [ 1E3277F1C9F62F90488D02869A9522B7, 464870ACE9BDF7A6A9C46701209BEED5C33454CFF44CDABEAF871E06F23FEF17 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
12:39:21.0792 0x197c  NvNetworkService - ok
12:39:21.0805 0x197c  nvraid - ok
12:39:21.0813 0x197c  nvstor - ok
12:39:21.0823 0x197c  [ 59A8DE923619F3DC0C6C63DC33FB231E, 29D20EA3EB9599DE829A0630F2063D5DFD2263E9222CD4E3559725792D1454A5 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
12:39:21.0826 0x197c  NvStreamKms - ok
12:39:22.0209 0x197c  [ 9B4B3747C6756F49B986398A46EC1FE0, D0A25F07CBFB39B86DCB148A2EC8F01FDDD9B6D994418C54F49AA2B782CE9811 ] NvStreamNetworkSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
12:39:22.0548 0x197c  NvStreamNetworkSvc - ok
12:39:22.0851 0x197c  [ 266512CCC3B2E195CDE3A7A2C98A353A, DCB6C88A32FE3EE11D4FF242DE6E52B3C576C2EA4E4A5A245B4451CDEDCE94B0 ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
12:39:23.0094 0x197c  NvStreamSvc - ok
12:39:23.0168 0x197c  [ 1B44B5244EAF26BEC315AE84B0AFFC66, 760F376FFF7665E32718E890387CA2404D70DED2D2694A1647483722287D01B8 ] nvsvc           C:\WINDOWS\system32\nvvsvc.exe
12:39:23.0226 0x197c  nvsvc - ok
12:39:23.0239 0x197c  [ 64E8275CEAD43D3CA8E3A311B2F4B64A, 99E683890B9AF3243100B387317760B5F91745EF9F7FF2ABA2DC7B6551A6EAB6 ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
12:39:23.0243 0x197c  nvvad_WaveExtensible - ok
12:39:23.0251 0x197c  nv_agp - ok
12:39:23.0260 0x197c  OneSyncSvc - ok
12:39:23.0282 0x197c  p2pimsvc - ok
12:39:23.0292 0x197c  p2psvc - ok
12:39:23.0300 0x197c  Parport - ok
12:39:23.0317 0x197c  [ D330D74B5F99309B5CCA30AE41C57CDE, AE5186CB4B639A5241BF0D17FE8A73D6DAFA505C31E250EA225CD498C8A4A07E ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
12:39:23.0328 0x197c  partmgr - ok
12:39:23.0342 0x197c  PcaSvc - ok
12:39:23.0355 0x197c  pci - ok
12:39:23.0366 0x197c  pciide - ok
12:39:23.0377 0x197c  pcmcia - ok
12:39:23.0386 0x197c  pcw - ok
12:39:23.0394 0x197c  pdc - ok
12:39:23.0403 0x197c  PEAUTH - ok
12:39:23.0412 0x197c  percsas2i - ok
12:39:23.0422 0x197c  percsas3i - ok
12:39:23.0530 0x197c  PerfHost - ok
12:39:23.0549 0x197c  PhoneSvc - ok
12:39:23.0559 0x197c  PimIndexMaintenanceSvc - ok
12:39:23.0578 0x197c  pla - ok
12:39:23.0589 0x197c  PlugPlay - ok
12:39:23.0597 0x197c  PNRPAutoReg - ok
12:39:23.0605 0x197c  PNRPsvc - ok
12:39:23.0638 0x197c  [ D67052BD0DA9C17BCBBF8AB5B6D354EE, 7FE9B414C74CF69E531B27C506216F7F5CBE00B67E90305A4A4A2ECADAA4F349 ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
12:39:23.0666 0x197c  PolicyAgent - ok
12:39:23.0678 0x197c  Power - ok
12:39:23.0688 0x197c  PptpMiniport - ok
12:39:23.0913 0x197c  [ 2195908CEF288E1C10E5266B9DF75D29, 30E0664A03C58DD3B325A9A4A248AD1FA9297DD65F0D472C3AD90E21B238169F ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
12:39:24.0081 0x197c  PrintNotify - ok
12:39:24.0098 0x197c  Processor - ok
12:39:24.0106 0x197c  ProfSvc - ok
12:39:24.0115 0x197c  Psched - ok
12:39:24.0157 0x197c  [ 2ACAB8C99FFCB2555A5979944D26EB50, BA0543FEBFCB50A7A379D695F110DB0C6CB5AA299D3C517FE270635044F00BFA ] QASvc           C:\Program Files\Acer\Acer Quick Access\QASvc.exe
12:39:24.0180 0x197c  QASvc - ok
12:39:24.0189 0x197c  Qcamain10x64 - ok
12:39:24.0198 0x197c  QWAVE - ok
12:39:24.0208 0x197c  QWAVEdrv - ok
12:39:24.0221 0x197c  [ 6A52182919E25FB56D253D389F92CE98, AE6497D5CF324CB813248ADECB0F53E5CB3D6C326774E2257319E4CE7782C591 ] RadioShim       C:\WINDOWS\System32\drivers\RadioShim.sys
12:39:24.0225 0x197c  RadioShim - ok
12:39:24.0235 0x197c  RasAcd - ok
12:39:24.0243 0x197c  RasAgileVpn - ok
12:39:24.0253 0x197c  RasAuto - ok
12:39:24.0261 0x197c  Rasl2tp - ok
12:39:24.0271 0x197c  RasMan - ok
12:39:24.0279 0x197c  RasPppoe - ok
12:39:24.0290 0x197c  RasSstp - ok
12:39:24.0302 0x197c  rdbss - ok
12:39:24.0315 0x197c  rdpbus - ok
12:39:24.0327 0x197c  RDPDR - ok
12:39:24.0346 0x197c  RdpVideoMiniport - ok
12:39:24.0357 0x197c  rdyboost - ok
12:39:24.0366 0x197c  ReFSv1 - ok
12:39:24.0375 0x197c  RemoteAccess - ok
12:39:24.0383 0x197c  RemoteRegistry - ok
12:39:24.0395 0x197c  RetailDemo - ok
12:39:24.0405 0x197c  RFCOMM - ok
12:39:24.0429 0x197c  [ 41DDCF1ADD1FB7DE23DCF671740DDBE6, 87ECB5C883CEFF76D126A5B4D92E069C9298FA5B62CC981870F9ECCA13C074F1 ] RichVideo       C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
12:39:24.0442 0x197c  RichVideo - ok
12:39:24.0477 0x197c  [ 858DB87C457D2B44DDEF876B170AAACE, E59D06DCBD94573A89D98B58C46A3DA0AD115831D2A0FBD2F7940A6694504A28 ] RMSvc           C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
12:39:24.0500 0x197c  RMSvc - ok
12:39:24.0509 0x197c  RpcEptMapper - ok
12:39:24.0518 0x197c  RpcLocator - ok
12:39:24.0530 0x197c  RpcSs - ok
12:39:24.0541 0x197c  rspndr - ok
12:39:24.0574 0x197c  [ 3940780911A7BD1793B7CEEC9E4429C2, 539511D26D2EE348F80D9EFA414FD731983B14D8218E498217E7A0A0E439E41C ] RTSUER          C:\WINDOWS\system32\Drivers\RtsUer.sys
12:39:24.0596 0x197c  RTSUER - ok
12:39:24.0604 0x197c  s3cap - ok
12:39:24.0612 0x197c  SamSs - ok
12:39:24.0623 0x197c  sbp2port - ok
12:39:24.0635 0x197c  SCardSvr - ok
12:39:24.0644 0x197c  ScDeviceEnum - ok
12:39:24.0654 0x197c  scfilter - ok
12:39:24.0662 0x197c  Schedule - ok
12:39:24.0670 0x197c  SCPolicySvc - ok
12:39:24.0678 0x197c  sdbus - ok
12:39:24.0688 0x197c  SDRSVC - ok
12:39:24.0695 0x197c  sdstor - ok
12:39:24.0705 0x197c  seclogon - ok
12:39:24.0712 0x197c  SENS - ok
12:39:24.0724 0x197c  SensorDataService - ok
12:39:24.0737 0x197c  SensorService - ok
12:39:24.0746 0x197c  SensrSvc - ok
12:39:24.0755 0x197c  SerCx - ok
12:39:24.0763 0x197c  SerCx2 - ok
12:39:24.0774 0x197c  Serenum - ok
12:39:24.0782 0x197c  Serial - ok
12:39:24.0794 0x197c  sermouse - ok
12:39:24.0817 0x197c  SessionEnv - ok
12:39:24.0825 0x197c  sfloppy - ok
12:39:24.0837 0x197c  SharedAccess - ok
12:39:24.0845 0x197c  ShellHWDetection - ok
12:39:24.0853 0x197c  SiSRaid2 - ok
12:39:24.0861 0x197c  SiSRaid4 - ok
12:39:24.0874 0x197c  smphost - ok
12:39:24.0883 0x197c  SmsRouter - ok
12:39:24.0900 0x197c  SNMPTRAP - ok
12:39:24.0909 0x197c  spaceport - ok
12:39:24.0920 0x197c  SpbCx - ok
12:39:24.0934 0x197c  Spooler - ok
12:39:24.0941 0x197c  sppsvc - ok
12:39:24.0950 0x197c  srv - ok
12:39:24.0960 0x197c  srv2 - ok
12:39:24.0971 0x197c  srvnet - ok
12:39:24.0984 0x197c  SSDPSRV - ok
12:39:24.0992 0x197c  SstpSvc - ok
12:39:25.0011 0x197c  [ 592FF34A2FD6C6351B8A3AA76B2C0A9E, 152B7472DE531AC45492F562DD470B2CE33F1EEF13BC78F26046AE5ABF54E32F ] ssudmdm         C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
12:39:25.0024 0x197c  ssudmdm - ok
12:39:25.0034 0x197c  StateRepository - ok
12:39:25.0045 0x197c  stexstor - ok
12:39:25.0057 0x197c  stisvc - ok
12:39:25.0093 0x197c  storahci - ok
12:39:25.0103 0x197c  storflt - ok
12:39:25.0111 0x197c  stornvme - ok
12:39:25.0121 0x197c  storqosflt - ok
12:39:25.0134 0x197c  StorSvc - ok
12:39:25.0142 0x197c  storufs - ok
12:39:25.0150 0x197c  storvsc - ok
12:39:25.0160 0x197c  svsvc - ok
12:39:25.0168 0x197c  swenum - ok
12:39:25.0177 0x197c  swprv - ok
12:39:25.0186 0x197c  Synth3dVsc - ok
12:39:25.0194 0x197c  SysMain - ok
12:39:25.0227 0x197c  [ FA8E0A9C648035CA1B47C9DA77EDB7EA, 4097AB89D2DB4741B138F3939AED4C5DB00BA124BF66E5DC2218ACF3A37513A3 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
12:39:25.0263 0x197c  SystemEventsBroker - ok
12:39:25.0272 0x197c  TabletInputService - ok
12:39:25.0280 0x197c  TapiSrv - ok
12:39:25.0289 0x197c  Tcpip - ok
12:39:25.0297 0x197c  Tcpip6 - ok
12:39:25.0310 0x197c  tcpipreg - ok
12:39:25.0326 0x197c  tdx - ok
12:39:25.0338 0x197c  terminpt - ok
12:39:25.0349 0x197c  TermService - ok
12:39:25.0358 0x197c  Themes - ok
12:39:25.0369 0x197c  TieringEngineService - ok
12:39:25.0380 0x197c  tiledatamodelsvc - ok
12:39:25.0391 0x197c  TimeBroker - ok
12:39:25.0419 0x197c  [ 87B9ABB965F7AF987D52791F0DD1663D, 6E42F764D47ACAD644E5F547E503B7AEA8D700C335674D1B0EB5493914F747E7 ] TPM             C:\WINDOWS\System32\drivers\tpm.sys
12:39:25.0434 0x197c  TPM - ok
12:39:25.0445 0x197c  TrkWks - ok
12:39:25.0452 0x197c  TrustedInstaller - ok
12:39:25.0469 0x197c  tsusbflt - ok
12:39:25.0480 0x197c  TsUsbGD - ok
12:39:25.0491 0x197c  tunnel - ok
12:39:25.0502 0x197c  tzautoupdate - ok
12:39:25.0510 0x197c  uagp35 - ok
12:39:25.0522 0x197c  UASPStor - ok
12:39:25.0532 0x197c  UcmCx0101 - ok
12:39:25.0543 0x197c  UcmUcsi - ok
12:39:25.0555 0x197c  Ucx01000 - ok
12:39:25.0565 0x197c  UdeCx - ok
12:39:25.0577 0x197c  udfs - ok
12:39:25.0587 0x197c  UEFI - ok
12:39:25.0610 0x197c  [ EE33325429532937D51AC3F54DC93589, D861B541E42F41EDC69A2A3B44860E40164D797D11B4343495DE6281D33F718C ] UEIPSvc         C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
12:39:25.0627 0x197c  UEIPSvc - ok
12:39:25.0654 0x197c  [ 05DD22294A4F3F89E52351C7721E6D2C, 300A7D4BD5F26814CF73400E01DEB810CA3F91BD190B3D37B74ADF080F582829 ] Ufx01000        C:\WINDOWS\system32\drivers\ufx01000.sys
12:39:25.0670 0x197c  Ufx01000 - ok
12:39:25.0678 0x197c  UfxChipidea - ok
12:39:25.0687 0x197c  ufxsynopsys - ok
12:39:25.0710 0x197c  UI0Detect - ok
12:39:25.0720 0x197c  uliagpkx - ok
12:39:25.0730 0x197c  umbus - ok
12:39:25.0742 0x197c  UmPass - ok
12:39:25.0752 0x197c  UmRdpService - ok
12:39:25.0764 0x197c  UnistoreSvc - ok
12:39:25.0792 0x197c  upnphost - ok
12:39:25.0803 0x197c  UrsChipidea - ok
12:39:25.0813 0x197c  UrsCx01000 - ok
12:39:25.0826 0x197c  UrsSynopsys - ok
12:39:25.0836 0x197c  usbccgp - ok
12:39:25.0846 0x197c  usbcir - ok
12:39:25.0858 0x197c  usbehci - ok
12:39:25.0869 0x197c  usbhub - ok
12:39:25.0880 0x197c  USBHUB3 - ok
12:39:25.0892 0x197c  usbohci - ok
12:39:25.0904 0x197c  usbprint - ok
12:39:25.0917 0x197c  usbser - ok
12:39:25.0928 0x197c  USBSTOR - ok
12:39:25.0939 0x197c  usbuhci - ok
12:39:25.0954 0x197c  usbvideo - ok
12:39:25.0965 0x197c  USBXHCI - ok
12:39:25.0976 0x197c  UserDataSvc - ok
12:39:26.0003 0x197c  UserManager - ok
12:39:26.0012 0x197c  UsoSvc - ok
12:39:26.0025 0x197c  VaultSvc - ok
12:39:26.0037 0x197c  vdrvroot - ok
12:39:26.0049 0x197c  vds - ok
12:39:26.0059 0x197c  VerifierExt - ok
12:39:26.0070 0x197c  vhdmp - ok
12:39:26.0080 0x197c  vhf - ok
12:39:26.0093 0x197c  vmbus - ok
12:39:26.0104 0x197c  VMBusHID - ok
12:39:26.0114 0x197c  vmicguestinterface - ok
12:39:26.0124 0x197c  vmicheartbeat - ok
12:39:26.0135 0x197c  vmickvpexchange - ok
12:39:26.0144 0x197c  vmicrdv - ok
12:39:26.0154 0x197c  vmicshutdown - ok
12:39:26.0164 0x197c  vmictimesync - ok
12:39:26.0174 0x197c  vmicvmsession - ok
12:39:26.0184 0x197c  vmicvss - ok
12:39:26.0195 0x197c  volmgr - ok
12:39:26.0205 0x197c  volmgrx - ok
12:39:26.0218 0x197c  volsnap - ok
12:39:26.0229 0x197c  vpci - ok
12:39:26.0240 0x197c  vsmraid - ok
12:39:26.0252 0x197c  VSS - ok
12:39:26.0262 0x197c  VSTXRAID - ok
12:39:26.0273 0x197c  vwifibus - ok
12:39:26.0284 0x197c  vwififlt - ok
12:39:26.0294 0x197c  vwifimp - ok
12:39:26.0306 0x197c  W32Time - ok
12:39:26.0315 0x197c  WacomPen - ok
12:39:26.0327 0x197c  WalletService - ok
12:39:26.0339 0x197c  wanarp - ok
12:39:26.0352 0x197c  wanarpv6 - ok
12:39:26.0363 0x197c  wbengine - ok
12:39:26.0373 0x197c  WbioSrvc - ok
12:39:26.0386 0x197c  Wcmsvc - ok
12:39:26.0398 0x197c  wcncsvc - ok
12:39:26.0410 0x197c  WcsPlugInService - ok
12:39:26.0428 0x197c  WdBoot - ok
12:39:26.0438 0x197c  Wdf01000 - ok
12:39:26.0450 0x197c  WdFilter - ok
12:39:26.0462 0x197c  WdiServiceHost - ok
12:39:26.0474 0x197c  WdiSystemHost - ok
12:39:26.0487 0x197c  wdiwifi - ok
12:39:26.0496 0x197c  WdNisDrv - ok
12:39:26.0506 0x197c  WdNisSvc - ok
12:39:26.0518 0x197c  WebClient - ok
12:39:26.0529 0x197c  Wecsvc - ok
12:39:26.0540 0x197c  WEPHOSTSVC - ok
12:39:26.0553 0x197c  wercplsupport - ok
12:39:26.0562 0x197c  WerSvc - ok
12:39:26.0574 0x197c  WFPLWFS - ok
12:39:26.0585 0x197c  WiaRpc - ok
12:39:26.0595 0x197c  WIMMount - ok
12:39:26.0604 0x197c  WinDefend - ok
12:39:26.0629 0x197c  WindowsTrustedRT - ok
12:39:26.0642 0x197c  WindowsTrustedRTProxy - ok
12:39:26.0654 0x197c  WinHttpAutoProxySvc - ok
12:39:26.0664 0x197c  WinMad - ok
12:39:26.0682 0x197c  Winmgmt - ok
12:39:26.0692 0x197c  WinRM - ok
12:39:26.0713 0x197c  WINUSB - ok
12:39:26.0725 0x197c  WinVerbs - ok
12:39:26.0738 0x197c  WlanSvc - ok
12:39:26.0749 0x197c  wlidsvc - ok
12:39:26.0762 0x197c  WmiAcpi - ok
12:39:26.0779 0x197c  wmiApSrv - ok
12:39:26.0789 0x197c  WMPNetworkSvc - ok
12:39:26.0817 0x197c  [ 2A9650FCC696DB28E45EA8B33B99B8E6, FBEBC6C05D50F578C6EEE0A7285EBE1DEADB08DD21FA3232630FD8D5A68FC3FB ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
12:39:26.0832 0x197c  Wof - ok
12:39:26.0848 0x197c  workfolderssvc - ok
12:39:26.0858 0x197c  wpcfltr - ok
12:39:26.0871 0x197c  WPDBusEnum - ok
12:39:26.0882 0x197c  WpdUpFltr - ok
12:39:26.0895 0x197c  WpnService - ok
12:39:26.0908 0x197c  ws2ifsl - ok
12:39:26.0932 0x197c  [ 5B813FADEA5BE9195F01C83287F823F7, B186175B12AF444F987FE9F0F9D329A0F9186C06E3D228824E0929BB0084853F ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
12:39:26.0978 0x197c  wscsvc - ok
12:39:26.0987 0x197c  WSearch - ok
12:39:27.0006 0x197c  WSService - ok
12:39:27.0016 0x197c  wuauserv - ok
12:39:27.0028 0x197c  WudfPf - ok
12:39:27.0039 0x197c  WUDFRd - ok
12:39:27.0051 0x197c  wudfsvc - ok
12:39:27.0059 0x197c  WUDFWpdFs - ok
12:39:27.0070 0x197c  WUDFWpdMtp - ok
12:39:27.0082 0x197c  WwanSvc - ok
12:39:27.0094 0x197c  XblAuthManager - ok
12:39:27.0109 0x197c  XblGameSave - ok
12:39:27.0122 0x197c  xboxgip - ok
12:39:27.0136 0x197c  XboxNetApiSvc - ok
12:39:27.0148 0x197c  xinputhid - ok
12:39:27.0158 0x197c  ================ Scan global ===============================
12:39:27.0190 0x197c  [ Global ] - ok
12:39:27.0191 0x197c  ================ Scan MBR ==================================
12:39:27.0196 0x197c  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
12:39:27.0292 0x197c  \Device\Harddisk0\DR0 - ok
12:39:27.0293 0x197c  ================ Scan VBR ==================================
12:39:27.0298 0x197c  [ 3F7F83B9DCDB02F6022B7F5DC4231419 ] \Device\Harddisk0\DR0\Partition1
12:39:27.0301 0x197c  \Device\Harddisk0\DR0\Partition1 - ok
12:39:27.0306 0x197c  [ 56532BD10D388D68A5790778911CAD6F ] \Device\Harddisk0\DR0\Partition2
12:39:27.0308 0x197c  \Device\Harddisk0\DR0\Partition2 - ok
12:39:27.0314 0x197c  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
12:39:27.0314 0x197c  \Device\Harddisk0\DR0\Partition3 - ok
12:39:27.0323 0x197c  [ 6020D3AEAF6742AF54C56E8D5C897FE1 ] \Device\Harddisk0\DR0\Partition4
12:39:27.0327 0x197c  \Device\Harddisk0\DR0\Partition4 - ok
12:39:27.0334 0x197c  [ 7138D2B9F1779B36B7D86EB38D9C66EE ] \Device\Harddisk0\DR0\Partition5
12:39:27.0337 0x197c  \Device\Harddisk0\DR0\Partition5 - ok
12:39:27.0338 0x197c  ================ Scan generic autorun ======================
12:39:28.0165 0x197c  [ 65E8545F1297CD83534C354A7BED1848, 19B3F3C17A335837454DC1851C6436D0BB2D8B1595AEB4DC71265FB20868B48F ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
12:39:28.0855 0x197c  RtHDVCpl - ok
12:39:28.0968 0x197c  [ 31821EC63BDEDE18E64C11F7248B32AB, 6982AE866F8EC7943FDB3E4B77B03542A2E3E07F080B8D806C4ED903DE3368CE ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
12:39:29.0036 0x197c  RtHDVBg_Dolby - ok
12:39:29.0229 0x197c  [ E445C0DB7E5E89C657FC89C0C4CCEDE5, ABD7A9B36CFD6740CE06456B152D9EB1856C11CD7FB2A34E06D63BAD0639B2A0 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
12:39:29.0369 0x197c  NvBackend - ok
12:39:29.0377 0x197c  ShadowPlay - ok
12:39:29.0389 0x197c  [ 4470CF575CC1131CAC72FB3A386512ED, 70BEB0E8291FD864C86C6505AD336E04E29AC943891B60928126A6E323979A56 ] C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
12:39:29.0394 0x197c  abDocsDllLoader - ok
12:39:29.0501 0x197c  OneDriveSetup - ok
12:39:29.0506 0x197c  OneDriveSetup - ok
12:39:29.0547 0x197c  [ 8F2EA5EE0695CCE2285D92C44108375C, 2C96A8E7E41E87C27B6A3325526F99A03333357EF2682C17A4892BE4A58D157E ] C:\Users\sven\AppData\Local\Microsoft\OneDrive\OneDrive.exe
12:39:29.0575 0x197c  OneDrive - ok
12:39:29.0578 0x197c  Speech Recognition - ok
12:39:30.0137 0x197c  [ 35C570B08308326298DB8298376226A8, 2932C15E6B8BC854C2648DBF66F14531A4CF672C5D84244C9310CA8EEE1C55BC ] C:\Program Files\CCleaner\CCleaner64.exe
12:39:30.0570 0x197c  CCleaner Monitoring - ok
12:39:30.0587 0x197c  Waiting for KSN requests completion. In queue: 33
12:39:30.0727 0x0950  Object required for P2P: [ 8F2EA5EE0695CCE2285D92C44108375C ] C:\Users\sven\AppData\Local\Microsoft\OneDrive\OneDrive.exe
12:39:30.0931 0x0950  Object send P2P result: true
12:39:31.0616 0x197c  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.9.10586.672 ), 0x62100 ( disabled : updated )
12:39:31.0626 0x197c  Win FW state via NFP2: enabled ( trusted )
12:39:31.0747 0x197c  ============================================================
12:39:31.0747 0x197c  Scan finished
12:39:31.0747 0x197c  ============================================================
12:39:31.0762 0x00cc  Detected object count: 0
12:39:31.0762 0x00cc  Actual detected object count: 0

also ich ha ihn runtergeladen und auch start scan gedrückt... was hab ich da falsch gemacht ?

cosinus · 14.11.2016, 12:51

Du hast die Anleitung nicht richtig gelesen!!

http://deeprybka.trojaner-board.de/tdss/options.PNG

vigilanz · 14.11.2016, 14:09

Code:

ATTFilter

14:05:57.0561 0x0fac  TDSS rootkit removing tool 3.1.0.12 Nov  7 2016 07:10:01
14:05:57.0561 0x0fac  UEFI system
14:06:04.0534 0x0fac  ============================================================
14:06:04.0534 0x0fac  Current date / time: 2016/11/14 14:06:04.0534
14:06:04.0534 0x0fac  SystemInfo:
14:06:04.0534 0x0fac  
14:06:04.0534 0x0fac  OS Version: 10.0.10586 ServicePack: 0.0
14:06:04.0534 0x0fac  Product type: Workstation
14:06:04.0534 0x0fac  ComputerName: SVEN
14:06:04.0534 0x0fac  UserName: sven
14:06:04.0534 0x0fac  Windows directory: C:\WINDOWS
14:06:04.0534 0x0fac  System windows directory: C:\WINDOWS
14:06:04.0534 0x0fac  Running under WOW64
14:06:04.0534 0x0fac  Processor architecture: Intel x64
14:06:04.0534 0x0fac  Number of processors: 4
14:06:04.0534 0x0fac  Page size: 0x1000
14:06:04.0534 0x0fac  Boot type: Normal boot
14:06:04.0534 0x0fac  CodeIntegrityOptions = 0x00000001
14:06:04.0534 0x0fac  ============================================================
14:06:04.0534 0x0fac  KLMD ARK init status: drvProperties = 0xFFFF00, osBuild = 10586.672, osProperties = 0x19
14:06:04.0534 0x0fac  KLMD BG init status: drvProperties = 0xFFFF00, osBuild = 10586.672, osProperties = 0x19
14:06:04.0534 0x0fac  BG loaded
14:06:04.0735 0x0fac  System UUID: {C8C458A5-D08F-352B-99D3-3C968EE895F8}
14:06:05.0591 0x0fac  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:06:05.0596 0x0fac  ============================================================
14:06:05.0596 0x0fac  \Device\Harddisk0\DR0:
14:06:05.0596 0x0fac  GPT partitions:
14:06:05.0596 0x0fac  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {B784C650-0E87-448D-94FA-8C4FD5DF3AAE}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x12C000
14:06:05.0596 0x0fac  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {D8D20A44-E67C-4401-9731-A7849137FC51}, Name: EFI system partition, StartLBA 0x12C800, BlocksNum 0x96000
14:06:05.0596 0x0fac  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {561F7B97-665E-471E-B764-65D4213D2895}, Name: Microsoft reserved partition, StartLBA 0x1C2800, BlocksNum 0x40000
14:06:05.0596 0x0fac  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {BD901923-DC87-4AC7-BA11-DA6799D7F397}, Name: Basic data partition, StartLBA 0x202800, BlocksNum 0x724A7000
14:06:05.0596 0x0fac  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {FE02F297-6773-4A7D-8D9B-F9E31A08191A}, Name: Basic data partition, StartLBA 0x726A9800, BlocksNum 0x205D000
14:06:05.0596 0x0fac  MBR partitions:
14:06:05.0596 0x0fac  ============================================================
14:06:05.0612 0x0fac  C: <-> \Device\Harddisk0\DR0\Partition4
14:06:05.0612 0x0fac  ============================================================
14:06:05.0612 0x0fac  Initialize success
14:06:05.0612 0x0fac  ============================================================
14:06:17.0534 0x1fb0  ============================================================
14:06:17.0534 0x1fb0  Scan started
14:06:17.0534 0x1fb0  Mode: Manual; SigCheck; TDLFS; 
14:06:17.0534 0x1fb0  ============================================================
14:06:17.0534 0x1fb0  KSN ping started
14:06:17.0712 0x1fb0  KSN ping finished: true
14:06:18.0683 0x1fb0  ================ Scan system memory ========================
14:06:18.0683 0x1fb0  System memory - ok
14:06:18.0683 0x1fb0  ================ Scan services =============================
14:06:18.0767 0x1fb0  1394ohci - ok
14:06:18.0783 0x1fb0  3ware - ok
14:06:18.0783 0x1fb0  ACPI - ok
14:06:18.0799 0x1fb0  acpiex - ok
14:06:18.0814 0x1fb0  acpipagr - ok
14:06:18.0814 0x1fb0  AcpiPmi - ok
14:06:18.0834 0x1fb0  acpitime - ok
14:06:18.0952 0x1fb0  [ 9BAF21BA600EC4E5FD9A66AD3E4FF5A6, 5E02E5E80557F6EC870EB7CC2DE95169D4225B87A2FE7E796736205F51C15816 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:06:19.0032 0x1fb0  AdobeFlashPlayerUpdateSvc - ok
14:06:19.0052 0x1fb0  ADP80XX - ok
14:06:19.0068 0x1fb0  AFD - ok
14:06:19.0068 0x1fb0  agp440 - ok
14:06:19.0083 0x1fb0  ahcache - ok
14:06:19.0083 0x1fb0  AJRouter - ok
14:06:19.0099 0x1fb0  ALG - ok
14:06:19.0099 0x1fb0  AmdK8 - ok
14:06:19.0115 0x1fb0  AmdPPM - ok
14:06:19.0115 0x1fb0  amdsata - ok
14:06:19.0135 0x1fb0  amdsbs - ok
14:06:19.0137 0x1fb0  amdxata - ok
14:06:19.0152 0x1fb0  AppID - ok
14:06:19.0152 0x1fb0  AppIDSvc - ok
14:06:19.0168 0x1fb0  Appinfo - ok
14:06:19.0168 0x1fb0  AppReadiness - ok
14:06:19.0186 0x1fb0  AppXSvc - ok
14:06:19.0186 0x1fb0  arcsas - ok
14:06:19.0201 0x1fb0  AsyncMac - ok
14:06:19.0201 0x1fb0  atapi - ok
14:06:19.0236 0x1fb0  [ 48386DDF416537A107F19FF51148C613, 7D423F36AC0AB59D0303EAF1914154FD57B20A81E1D8CB657E8DB6CCE19509A5 ] AtherosSvc      C:\Program Files (x86)\Qualcomm Atheros\Qualcomm Atheros 61x4 Wireless LAN&Bluetooth Installer\Bluetooth Suite\adminservice.exe
14:06:19.0283 0x1fb0  AtherosSvc - detected UnsignedFile.Multi.Generic ( 1 )
14:06:19.0816 0x1fb0  AtherosSvc ( UnsignedFile.Multi.Generic ) - warning
14:06:19.0816 0x1fb0  Force sending object to P2P due to detect: AtherosSvc
14:06:20.0170 0x1fb0  Object send P2P result: true
14:06:20.0317 0x1fb0  AudioEndpointBuilder - ok
14:06:20.0336 0x1fb0  Audiosrv - ok
14:06:20.0339 0x1fb0  AxInstSV - ok
14:06:20.0355 0x1fb0  b06bdrv - ok
14:06:20.0355 0x1fb0  BasicDisplay - ok
14:06:20.0370 0x1fb0  BasicRender - ok
14:06:20.0386 0x1fb0  bcmfn - ok
14:06:20.0386 0x1fb0  bcmfn2 - ok
14:06:20.0402 0x1fb0  BDESVC - ok
14:06:20.0402 0x1fb0  Beep - ok
14:06:20.0417 0x1fb0  BFE - ok
14:06:20.0434 0x1fb0  BITS - ok
14:06:20.0439 0x1fb0  bowser - ok
14:06:20.0455 0x1fb0  BrokerInfrastructure - ok
14:06:20.0455 0x1fb0  Browser - ok
14:06:20.0502 0x1fb0  [ 2C1E8FAD28807F93B5A775B3095BF28A, 24A9FE132CCEF483EA1406EA128515ED071BD99A33DF05890E1398E297C897DD ] BtFilter        C:\WINDOWS\system32\DRIVERS\btfilter.sys
14:06:20.0555 0x1fb0  BtFilter - ok
14:06:20.0571 0x1fb0  BthAvrcpTg - ok
14:06:20.0617 0x1fb0  BthEnum - ok
14:06:20.0617 0x1fb0  BthHFEnum - ok
14:06:20.0636 0x1fb0  bthhfhid - ok
14:06:20.0639 0x1fb0  BthHFSrv - ok
14:06:20.0655 0x1fb0  BthLEEnum - ok
14:06:20.0655 0x1fb0  BTHMODEM - ok
14:06:20.0671 0x1fb0  BthPan - ok
14:06:20.0671 0x1fb0  BTHPORT - ok
14:06:20.0686 0x1fb0  bthserv - ok
14:06:20.0686 0x1fb0  BTHUSB - ok
14:06:20.0702 0x1fb0  buttonconverter - ok
14:06:20.0718 0x1fb0  CapImg - ok
14:06:20.0871 0x1fb0  [ 4147B5CA0C368FFE0FCE4116F558986A, F466B4556A140321B8F87C486CEBFB223D37526D877343BB6DA8FEFD03E16396 ] CCDMonitorService C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
14:06:21.0072 0x1fb0  CCDMonitorService - ok
14:06:21.0087 0x1fb0  cdfs - ok
14:06:21.0087 0x1fb0  CDPSvc - ok
14:06:21.0103 0x1fb0  cdrom - ok
14:06:21.0103 0x1fb0  CertPropSvc - ok
14:06:21.0119 0x1fb0  circlass - ok
14:06:21.0138 0x1fb0  CLFS - ok
14:06:21.0141 0x1fb0  ClipSVC - ok
14:06:21.0172 0x1fb0  CmBatt - ok
14:06:21.0172 0x1fb0  CNG - ok
14:06:21.0188 0x1fb0  cnghwassist - ok
14:06:21.0241 0x1fb0  CompositeBus - ok
14:06:21.0241 0x1fb0  COMSysApp - ok
14:06:21.0256 0x1fb0  condrv - ok
14:06:21.0272 0x1fb0  CoreMessagingRegistrar - ok
14:06:21.0388 0x1fb0  [ 700A193A1555B083E3A08F5D3A844925, 974F7F0C78289EFE821407E418EB65A022D6445DED8EA112B9866784AF0221EE ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
14:06:21.0441 0x1fb0  cphs - ok
14:06:21.0457 0x1fb0  [ 9E79A2208A9ED205A7383CBC92C28053, 2E6599DF30DF19BD7BE6FEF1B21FED7F349A3F2306CC5CFDB767ABA7283E8A55 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
14:06:21.0504 0x1fb0  CryptSvc - ok
14:06:21.0504 0x1fb0  dam - ok
14:06:21.0519 0x1fb0  DcomLaunch - ok
14:06:21.0540 0x1fb0  DcpSvc - ok
14:06:21.0541 0x1fb0  defragsvc - ok
14:06:21.0557 0x1fb0  DeviceAssociationService - ok
14:06:21.0557 0x1fb0  DeviceInstall - ok
14:06:21.0573 0x1fb0  DevQueryBroker - ok
14:06:21.0573 0x1fb0  Dfsc - ok
14:06:21.0604 0x1fb0  [ 9593475FBC857A05D93BFF4FA7323C2B, D2A958AF5EFDC6136A6ABB7F8D5FE1F84C967E79BEA96C5BE3661A0145DEB907 ] dg_ssudbus      C:\WINDOWS\system32\DRIVERS\ssudbus.sys
14:06:21.0636 0x1fb0  dg_ssudbus - ok
14:06:21.0657 0x1fb0  [ D461D2BECEFA661291EB1B748A8D2CCB, 7275859FCDE58DE6C0C683AFDAD910EB4602336CC724EEE42495A8839213469D ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
14:06:21.0739 0x1fb0  Dhcp - ok
14:06:21.0742 0x1fb0  diagnosticshub.standardcollector.service - ok
14:06:21.0757 0x1fb0  DiagTrack - ok
14:06:21.0789 0x1fb0  [ 1CFFF6D1E6E192B1E81B6DA3E94C0D4C, 742917C923D8B222F78074B8A7F251A89C488B0CC0FA782D099D4A25841073E1 ] DigitalWave.Update.Service C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
14:06:21.0820 0x1fb0  DigitalWave.Update.Service - ok
14:06:21.0840 0x1fb0  disk - ok
14:06:21.0842 0x1fb0  DmEnrollmentSvc - ok
14:06:21.0858 0x1fb0  dmvsc - ok
14:06:21.0858 0x1fb0  dmwappushservice - ok
14:06:21.0873 0x1fb0  Dnscache - ok
14:06:21.0873 0x1fb0  dot3svc - ok
14:06:21.0889 0x1fb0  DPS - ok
14:06:21.0905 0x1fb0  drmkaud - ok
14:06:21.0905 0x1fb0  DsmSvc - ok
14:06:21.0920 0x1fb0  DsSvc - ok
14:06:21.0920 0x1fb0  DXGKrnl - ok
14:06:21.0939 0x1fb0  Eaphost - ok
14:06:21.0942 0x1fb0  ebdrv - ok
14:06:21.0942 0x1fb0  EFS - ok
14:06:21.0958 0x1fb0  EhStorClass - ok
14:06:21.0974 0x1fb0  EhStorTcgDrv - ok
14:06:21.0974 0x1fb0  embeddedmode - ok
14:06:21.0989 0x1fb0  EntAppSvc - ok
14:06:22.0158 0x1fb0  [ F800FEA3F6865E506AC2B218F25F1E38, 25E8EE3D009D52EDEF9F67587EA8E9E0FFD6094F3971B9470B0A7AC018AD469D ] ePowerSvc       C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
14:06:22.0321 0x1fb0  ePowerSvc - ok
14:06:22.0343 0x1fb0  ErrDev - ok
14:06:22.0359 0x1fb0  EventSystem - ok
14:06:22.0359 0x1fb0  exfat - ok
14:06:22.0374 0x1fb0  fastfat - ok
14:06:22.0374 0x1fb0  Fax - ok
14:06:22.0390 0x1fb0  fdc - ok
14:06:22.0406 0x1fb0  fdPHost - ok
14:06:22.0406 0x1fb0  FDResPub - ok
14:06:22.0421 0x1fb0  fhsvc - ok
14:06:22.0421 0x1fb0  FileCrypt - ok
14:06:22.0441 0x1fb0  FileInfo - ok
14:06:22.0443 0x1fb0  Filetrace - ok
14:06:22.0459 0x1fb0  flpydisk - ok
14:06:22.0459 0x1fb0  FltMgr - ok
14:06:22.0475 0x1fb0  FontCache - ok
14:06:22.0475 0x1fb0  FontCache3.0.0.0 - ok
14:06:22.0490 0x1fb0  FsDepends - ok
14:06:22.0490 0x1fb0  Fs_Rec - ok
14:06:22.0506 0x1fb0  fvevol - ok
14:06:22.0521 0x1fb0  gagp30kx - ok
14:06:22.0521 0x1fb0  gencounter - ok
14:06:22.0539 0x1fb0  genericusbfn - ok
14:06:22.0606 0x1fb0  [ 061CC5C12C39899D7398CFEBFD19F69F, 62319596863A74665FA801C305C952A0F20AAA0F1CDC2195F2F69D662790C80B ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
14:06:22.0690 0x1fb0  GfExperienceService - ok
14:06:22.0706 0x1fb0  GPIOClx0101 - ok
14:06:22.0791 0x1fb0  [ B89C353AFC8F56D961D07FF1FE7B4BCD, C4491A1E33E0151AF3D7589769D4DCFABC68518A22393A7584FB573B47643B2F ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
14:06:22.0959 0x1fb0  gpsvc - ok
14:06:22.0975 0x1fb0  GpuEnergyDrv - ok
14:06:22.0975 0x1fb0  HDAudBus - ok
14:06:22.0991 0x1fb0  HidBatt - ok
14:06:23.0006 0x1fb0  HidBth - ok
14:06:23.0006 0x1fb0  hidi2c - ok
14:06:23.0022 0x1fb0  hidinterrupt - ok
14:06:23.0022 0x1fb0  HidIr - ok
14:06:23.0042 0x1fb0  hidserv - ok
14:06:23.0044 0x1fb0  [ 128DEDDD61915DBA4D451D91D21F0513, 961A0DDA02B0879989300C15E4FF9022882A4CD895D65335C263AC0DD1918314 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
14:06:23.0075 0x1fb0  HidUsb - ok
14:06:23.0091 0x1fb0  HomeGroupListener - ok
14:06:23.0091 0x1fb0  HomeGroupProvider - ok
14:06:23.0107 0x1fb0  HpSAMD - ok
14:06:23.0122 0x1fb0  HTTP - ok
14:06:23.0139 0x1fb0  hwpolicy - ok
14:06:23.0144 0x1fb0  hyperkbd - ok
14:06:23.0144 0x1fb0  i8042prt - ok
14:06:23.0160 0x1fb0  iai2c - ok
14:06:23.0176 0x1fb0  iaLPSS2i_I2C - ok
14:06:23.0176 0x1fb0  iaLPSSi_GPIO - ok
14:06:23.0191 0x1fb0  iaLPSSi_I2C - ok
14:06:23.0191 0x1fb0  iaStorAV - ok
14:06:23.0207 0x1fb0  iaStorV - ok
14:06:23.0207 0x1fb0  ibbus - ok
14:06:23.0222 0x1fb0  [ 57C88C15CEC97318F580D7F4327AAA46, FD3AD83576804DA819F48E3E198FE470420E730F6118AD0E719A91E67C80D3FE ] icssvc          C:\WINDOWS\System32\tetheringservice.dll
14:06:23.0307 0x1fb0  icssvc - ok
14:06:23.0307 0x1fb0  IEEtwCollectorService - ok
14:06:23.0728 0x1fb0  [ 548712979B0BA12ECE2D8549797593D4, 6809412A76DE30C914A65BB8546E436AD540E00610D5D13FDE486C4446E95C24 ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
14:06:24.0148 0x1fb0  igfx - ok
14:06:24.0180 0x1fb0  [ BA1BA1C9E40BCEB88678747C1E7C256F, C85CC690D353FCEBFD243304C25EEAA2BC13DB1E2A4C8C65371F455511540959 ] igfxCUIService2.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
14:06:24.0227 0x1fb0  igfxCUIService2.0.0.0 - ok
14:06:24.0243 0x1fb0  IKEEXT - ok
14:06:24.0258 0x1fb0  [ FC7C456AF9B9811499EDBD10616832EE, CA2D8B0E672D3AE449C2FF0B9E142D74E8C72FD877D11162A9F7CC51AF58220F ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
14:06:24.0281 0x1fb0  intaud_WaveExtensible - ok
14:06:24.0528 0x1fb0  [ 622868E4BAE8FBCD22CB1A5901A2C824, C1A2264C0984DD16C83B663C9CE43E049E1356E32C5771C3ACE225F285699138 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
14:06:24.0828 0x1fb0  IntcAzAudAddService - ok
14:06:24.0881 0x1fb0  [ 890144FA6AB42F2B54EE633BF96A019A, 8741904C66170BA11C78D31681E3759537C0BF2338538678BC64234DB8FDE93F ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
14:06:24.0928 0x1fb0  IntcDAud - ok
14:06:24.0997 0x1fb0  [ 4C17F57E43645E75800E9E84787E34E5, 6A1531D97462BA3B3DBDAD472AF15B717C958AA8C5CE2373DE0B2A41C35BE33E ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
14:06:25.0080 0x1fb0  Intel(R) Capability Licensing Service TCP IP Interface - ok
14:06:25.0128 0x1fb0  [ 2390C395882F7773AB7D6CC2547B41DE, 220EBA14BC4A686ED9879D27900AD66ACD937899759A4319297E0F15DFAB247C ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
14:06:25.0144 0x1fb0  Intel(R) ME Service - ok
14:06:25.0160 0x1fb0  intelide - ok
14:06:25.0160 0x1fb0  intelpep - ok
14:06:25.0177 0x1fb0  intelppm - ok
14:06:25.0182 0x1fb0  IoQos - ok
14:06:25.0182 0x1fb0  IpFilterDriver - ok
14:06:25.0244 0x1fb0  [ 5AAB28A6AC2AAC9F66D4EAB6695D0474, BDAB1D04989788EA945C7FE0DE962F0FEC672D9703C271F8469822A91D7462B9 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
14:06:25.0381 0x1fb0  iphlpsvc - ok
14:06:25.0397 0x1fb0  IPMIDRV - ok
14:06:25.0397 0x1fb0  IPNAT - ok
14:06:25.0413 0x1fb0  IRENUM - ok
14:06:25.0413 0x1fb0  isapnp - ok
14:06:25.0428 0x1fb0  iScsiPrt - ok
14:06:25.0444 0x1fb0  [ 622BF9C46A47CF17608C501320E8EFBD, 059F99D4306216324E100FCDAF02093B2CD662F2C6BE8565A4281E7760F8B575 ] iumsvc          C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
14:06:25.0497 0x1fb0  iumsvc - ok
14:06:25.0497 0x1fb0  [ A90C843F4FDD7A07129BA73C6BE13976, A76DEA9F09E3B2F18D3B646A0DD39E2773EC62E2F3C55421BA61C12190D78C1C ] iwdbus          C:\WINDOWS\System32\drivers\iwdbus.sys
14:06:25.0513 0x1fb0  iwdbus - ok
14:06:25.0529 0x1fb0  [ BDC9C7931DB723CB1AF9F7075EA06645, EEBD5DC9C4656F14F8F0A0A5E84657B6B2BA35283E0E571119DA82F131D5C21B ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
14:06:25.0560 0x1fb0  jhi_service - ok
14:06:25.0560 0x1fb0  k57nd60a - ok
14:06:25.0582 0x1fb0  kbdclass - ok
14:06:25.0582 0x1fb0  kbdhid - ok
14:06:25.0597 0x1fb0  kdnic - ok
14:06:25.0597 0x1fb0  KeyIso - ok
14:06:25.0613 0x1fb0  KSecDD - ok
14:06:25.0613 0x1fb0  KSecPkg - ok
14:06:25.0629 0x1fb0  ksthunk - ok
14:06:25.0629 0x1fb0  KtmRm - ok
14:06:25.0644 0x1fb0  LanmanServer - ok
14:06:25.0660 0x1fb0  LanmanWorkstation - ok
14:06:25.0660 0x1fb0  lfsvc - ok
14:06:25.0681 0x1fb0  LicenseManager - ok
14:06:25.0681 0x1fb0  lltdio - ok
14:06:25.0697 0x1fb0  lltdsvc - ok
14:06:25.0713 0x1fb0  [ 4ACC60B4CBC911F3F34A1D66213BBBF5, C09A87ACAE0D41FD425BAF076FFE9B601DB89BB66199E5BD72FC59C6A8E449DB ] LMDriver        C:\WINDOWS\System32\drivers\LMDriver.sys
14:06:25.0713 0x1fb0  LMDriver - ok
14:06:25.0729 0x1fb0  lmhosts - ok
14:06:25.0780 0x1fb0  [ A7D2A96187E5C5F4F7650900A15788AA, F131C3E8206A89A9244ECF2507F4FC1A8550E594A58F75338939A54C973078AF ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
14:06:25.0813 0x1fb0  LMS - ok
14:06:25.0845 0x1fb0  [ 5059A4211317A8272F53B6179BB6A631, A2EB1BE89520A34597373635503A751B37B8EFD95820B4CAA1CE9A68A471AF73 ] LMSvc           C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
14:06:25.0882 0x1fb0  LMSvc - ok
14:06:25.0898 0x1fb0  LSI_SAS - ok
14:06:25.0914 0x1fb0  LSI_SAS2i - ok
14:06:25.0929 0x1fb0  LSI_SAS3i - ok
14:06:25.0945 0x1fb0  LSI_SSS - ok
14:06:25.0945 0x1fb0  LSM - ok
14:06:25.0960 0x1fb0  luafv - ok
14:06:25.0960 0x1fb0  MapsBroker - ok
14:06:25.0980 0x1fb0  megasas - ok
14:06:25.0983 0x1fb0  megasr - ok
14:06:25.0998 0x1fb0  [ AFEA4FAABCE6F0C299E9231FF4F466BE, BCF0C50F02C4AC2784139935F3756F5C4D24FCAF07ACD9567B87991A9D1F16DB ] MEIx64          C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys
14:06:26.0029 0x1fb0  MEIx64 - ok
14:06:26.0029 0x1fb0  MessagingService - ok
14:06:26.0061 0x1fb0  mlx4_bus - ok
14:06:26.0080 0x1fb0  MMCSS - ok
14:06:26.0083 0x1fb0  Modem - ok
14:06:26.0098 0x1fb0  monitor - ok
14:06:26.0098 0x1fb0  mouclass - ok
14:06:26.0114 0x1fb0  mouhid - ok
14:06:26.0130 0x1fb0  mountmgr - ok
14:06:26.0145 0x1fb0  [ C1A273141F13434647AC7CE37D2C18EC, F36D1A12DB8289949528F4BC81E077B33709F9B14A01537EEA63F27FFA17092D ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:06:26.0199 0x1fb0  MozillaMaintenance - ok
14:06:26.0230 0x1fb0  mpsdrv - ok
14:06:26.0246 0x1fb0  MpsSvc - ok
14:06:26.0246 0x1fb0  MRxDAV - ok
14:06:26.0261 0x1fb0  mrxsmb - ok
14:06:26.0279 0x1fb0  mrxsmb10 - ok
14:06:26.0283 0x1fb0  mrxsmb20 - ok
14:06:26.0283 0x1fb0  MsBridge - ok
14:06:26.0299 0x1fb0  MSDTC - ok
14:06:26.0315 0x1fb0  Msfs - ok
14:06:26.0330 0x1fb0  msgpiowin32 - ok
14:06:26.0330 0x1fb0  mshidkmdf - ok
14:06:26.0346 0x1fb0  mshidumdf - ok
14:06:26.0362 0x1fb0  msisadrv - ok
14:06:26.0378 0x1fb0  MSiSCSI - ok
14:06:26.0383 0x1fb0  msiserver - ok
14:06:26.0383 0x1fb0  MSKSSRV - ok
14:06:26.0399 0x1fb0  MsLldp - ok
14:06:26.0415 0x1fb0  MSPCLOCK - ok
14:06:26.0415 0x1fb0  MSPQM - ok
14:06:26.0430 0x1fb0  MsRPC - ok
14:06:26.0446 0x1fb0  mssmbios - ok
14:06:26.0446 0x1fb0  MSTEE - ok
14:06:26.0461 0x1fb0  MTConfig - ok
14:06:26.0461 0x1fb0  Mup - ok
14:06:26.0483 0x1fb0  mvumis - ok
14:06:26.0499 0x1fb0  NativeWifiP - ok
14:06:26.0499 0x1fb0  NcaSvc - ok
14:06:26.0515 0x1fb0  NcbService - ok
14:06:26.0530 0x1fb0  NcdAutoSetup - ok
14:06:26.0530 0x1fb0  ndfltr - ok
14:06:26.0546 0x1fb0  NDIS - ok
14:06:26.0546 0x1fb0  NdisCap - ok
14:06:26.0561 0x1fb0  NdisImPlatform - ok
14:06:26.0561 0x1fb0  NdisTapi - ok
14:06:26.0583 0x1fb0  Ndisuio - ok
14:06:26.0583 0x1fb0  NdisVirtualBus - ok
14:06:26.0599 0x1fb0  NdisWan - ok
14:06:26.0599 0x1fb0  ndiswanlegacy - ok
14:06:26.0614 0x1fb0  ndproxy - ok
14:06:26.0630 0x1fb0  [ 883A36E2FF7FA3E1281CB575579FE3AF, F1BE02B13C090E2E36BD211055FC980E79BD14F72042773A3619A5143AAEE485 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
14:06:26.0683 0x1fb0  Ndu - ok
14:06:26.0683 0x1fb0  NetBIOS - ok
14:06:26.0715 0x1fb0  [ C03E926B0E7D66D68994067231DC3246, 1895BE28921431AA78BEF9AFE01411FE8CDA570867E527E4D925E6FAA35D8BC0 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
14:06:26.0762 0x1fb0  NetBT - ok
14:06:26.0783 0x1fb0  Netlogon - ok
14:06:26.0783 0x1fb0  Netman - ok
14:06:26.0799 0x1fb0  netprofm - ok
14:06:26.0799 0x1fb0  NetSetupSvc - ok
14:06:26.0815 0x1fb0  NetTcpPortSharing - ok
14:06:26.0830 0x1fb0  NgcCtnrSvc - ok
14:06:26.0846 0x1fb0  NgcSvc - ok
14:06:26.0846 0x1fb0  NlaSvc - ok
14:06:26.0861 0x1fb0  Npfs - ok
14:06:26.0861 0x1fb0  npsvctrig - ok
14:06:26.0882 0x1fb0  nsi - ok
14:06:26.0884 0x1fb0  nsiproxy - ok
14:06:26.0899 0x1fb0  NTFS - ok
14:06:26.0899 0x1fb0  Null - ok
14:06:27.0563 0x1fb0  [ AEEA2EC9CEEB8ADE8284583BBB98AB0D, AB629C047EFB8F5CF13FF923C332A05CD3F510A8C07D2EA6D3C493E2533DB1E0 ] nvlddmkm        C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
14:06:28.0319 0x1fb0  nvlddmkm - ok
14:06:28.0485 0x1fb0  [ 1E3277F1C9F62F90488D02869A9522B7, 464870ACE9BDF7A6A9C46701209BEED5C33454CFF44CDABEAF871E06F23FEF17 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
14:06:28.0630 0x1fb0  NvNetworkService - ok
14:06:28.0697 0x1fb0  nvraid - ok
14:06:28.0707 0x1fb0  nvstor - ok
14:06:28.0718 0x1fb0  [ 59A8DE923619F3DC0C6C63DC33FB231E, 29D20EA3EB9599DE829A0630F2063D5DFD2263E9222CD4E3559725792D1454A5 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
14:06:28.0734 0x1fb0  NvStreamKms - ok
14:06:29.0122 0x1fb0  [ 9B4B3747C6756F49B986398A46EC1FE0, D0A25F07CBFB39B86DCB148A2EC8F01FDDD9B6D994418C54F49AA2B782CE9811 ] NvStreamNetworkSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
14:06:29.0526 0x1fb0  NvStreamNetworkSvc - ok
14:06:29.0822 0x1fb0  [ 266512CCC3B2E195CDE3A7A2C98A353A, DCB6C88A32FE3EE11D4FF242DE6E52B3C576C2EA4E4A5A245B4451CDEDCE94B0 ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
14:06:30.0146 0x1fb0  NvStreamSvc - ok
14:06:30.0217 0x1fb0  [ 1B44B5244EAF26BEC315AE84B0AFFC66, 760F376FFF7665E32718E890387CA2404D70DED2D2694A1647483722287D01B8 ] nvsvc           C:\WINDOWS\system32\nvvsvc.exe
14:06:30.0302 0x1fb0  nvsvc - ok
14:06:30.0302 0x1fb0  [ 64E8275CEAD43D3CA8E3A311B2F4B64A, 99E683890B9AF3243100B387317760B5F91745EF9F7FF2ABA2DC7B6551A6EAB6 ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
14:06:30.0318 0x1fb0  nvvad_WaveExtensible - ok
14:06:30.0333 0x1fb0  nv_agp - ok
14:06:30.0333 0x1fb0  OneSyncSvc - ok
14:06:30.0369 0x1fb0  p2pimsvc - ok
14:06:30.0371 0x1fb0  p2psvc - ok
14:06:30.0371 0x1fb0  Parport - ok
14:06:30.0434 0x1fb0  [ D330D74B5F99309B5CCA30AE41C57CDE, AE5186CB4B639A5241BF0D17FE8A73D6DAFA505C31E250EA225CD498C8A4A07E ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
14:06:30.0472 0x1fb0  partmgr - ok
14:06:30.0472 0x1fb0  PcaSvc - ok
14:06:30.0487 0x1fb0  pci - ok
14:06:30.0487 0x1fb0  pciide - ok
14:06:30.0503 0x1fb0  pcmcia - ok
14:06:30.0503 0x1fb0  pcw - ok
14:06:30.0518 0x1fb0  pdc - ok
14:06:30.0534 0x1fb0  PEAUTH - ok
14:06:30.0534 0x1fb0  percsas2i - ok
14:06:30.0550 0x1fb0  percsas3i - ok
14:06:30.0649 0x1fb0  PerfHost - ok
14:06:30.0671 0x1fb0  PhoneSvc - ok
14:06:30.0687 0x1fb0  PimIndexMaintenanceSvc - ok
14:06:30.0703 0x1fb0  pla - ok
14:06:30.0718 0x1fb0  PlugPlay - ok
14:06:30.0718 0x1fb0  PNRPAutoReg - ok
14:06:30.0734 0x1fb0  PNRPsvc - ok
14:06:30.0767 0x1fb0  [ D67052BD0DA9C17BCBBF8AB5B6D354EE, 7FE9B414C74CF69E531B27C506216F7F5CBE00B67E90305A4A4A2ECADAA4F349 ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
14:06:30.0834 0x1fb0  PolicyAgent - ok
14:06:30.0850 0x1fb0  Power - ok
14:06:30.0850 0x1fb0  PptpMiniport - ok
14:06:31.0119 0x1fb0  [ 2195908CEF288E1C10E5266B9DF75D29, 30E0664A03C58DD3B325A9A4A248AD1FA9297DD65F0D472C3AD90E21B238169F ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
14:06:31.0471 0x1fb0  PrintNotify - ok
14:06:31.0472 0x1fb0  Processor - ok
14:06:31.0488 0x1fb0  ProfSvc - ok
14:06:31.0488 0x1fb0  Psched - ok
14:06:31.0535 0x1fb0  [ 2ACAB8C99FFCB2555A5979944D26EB50, BA0543FEBFCB50A7A379D695F110DB0C6CB5AA299D3C517FE270635044F00BFA ] QASvc           C:\Program Files\Acer\Acer Quick Access\QASvc.exe
14:06:31.0573 0x1fb0  QASvc - ok
14:06:31.0588 0x1fb0  Qcamain10x64 - ok
14:06:31.0588 0x1fb0  QWAVE - ok
14:06:31.0604 0x1fb0  QWAVEdrv - ok
14:06:31.0620 0x1fb0  [ 6A52182919E25FB56D253D389F92CE98, AE6497D5CF324CB813248ADECB0F53E5CB3D6C326774E2257319E4CE7782C591 ] RadioShim       C:\WINDOWS\System32\drivers\RadioShim.sys
14:06:31.0635 0x1fb0  RadioShim - ok
14:06:31.0635 0x1fb0  RasAcd - ok
14:06:31.0651 0x1fb0  RasAgileVpn - ok
14:06:31.0651 0x1fb0  RasAuto - ok
14:06:31.0670 0x1fb0  Rasl2tp - ok
14:06:31.0672 0x1fb0  RasMan - ok
14:06:31.0672 0x1fb0  RasPppoe - ok
14:06:31.0688 0x1fb0  RasSstp - ok
14:06:31.0704 0x1fb0  rdbss - ok
14:06:31.0719 0x1fb0  rdpbus - ok
14:06:31.0719 0x1fb0  RDPDR - ok
14:06:31.0751 0x1fb0  RdpVideoMiniport - ok
14:06:31.0751 0x1fb0  rdyboost - ok
14:06:31.0773 0x1fb0  ReFSv1 - ok
14:06:31.0773 0x1fb0  RemoteAccess - ok
14:06:31.0788 0x1fb0  RemoteRegistry - ok
14:06:31.0788 0x1fb0  RetailDemo - ok
14:06:31.0804 0x1fb0  RFCOMM - ok
14:06:31.0835 0x1fb0  [ 41DDCF1ADD1FB7DE23DCF671740DDBE6, 87ECB5C883CEFF76D126A5B4D92E069C9298FA5B62CC981870F9ECCA13C074F1 ] RichVideo       C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
14:06:31.0873 0x1fb0  RichVideo - ok
14:06:31.0904 0x1fb0  [ 858DB87C457D2B44DDEF876B170AAACE, E59D06DCBD94573A89D98B58C46A3DA0AD115831D2A0FBD2F7940A6694504A28 ] RMSvc           C:\Program Files\Acer\Acer Quick Access\RMSvc.exe
14:06:31.0951 0x1fb0  RMSvc - ok
14:06:31.0968 0x1fb0  RpcEptMapper - ok
14:06:31.0973 0x1fb0  RpcLocator - ok
14:06:31.0973 0x1fb0  RpcSs - ok
14:06:31.0989 0x1fb0  rspndr - ok
14:06:32.0020 0x1fb0  [ 3940780911A7BD1793B7CEEC9E4429C2, 539511D26D2EE348F80D9EFA414FD731983B14D8218E498217E7A0A0E439E41C ] RTSUER          C:\WINDOWS\system32\Drivers\RtsUer.sys
14:06:32.0073 0x1fb0  RTSUER - ok
14:06:32.0089 0x1fb0  s3cap - ok
14:06:32.0104 0x1fb0  SamSs - ok
14:06:32.0104 0x1fb0  sbp2port - ok
14:06:32.0120 0x1fb0  SCardSvr - ok
14:06:32.0120 0x1fb0  ScDeviceEnum - ok
14:06:32.0136 0x1fb0  scfilter - ok
14:06:32.0151 0x1fb0  Schedule - ok
14:06:32.0151 0x1fb0  SCPolicySvc - ok
14:06:32.0172 0x1fb0  sdbus - ok
14:06:32.0174 0x1fb0  SDRSVC - ok
14:06:32.0189 0x1fb0  sdstor - ok
14:06:32.0189 0x1fb0  seclogon - ok
14:06:32.0205 0x1fb0  SENS - ok
14:06:32.0220 0x1fb0  SensorDataService - ok
14:06:32.0220 0x1fb0  SensorService - ok
14:06:32.0236 0x1fb0  SensrSvc - ok
14:06:32.0236 0x1fb0  SerCx - ok
14:06:32.0252 0x1fb0  SerCx2 - ok
14:06:32.0267 0x1fb0  Serenum - ok
14:06:32.0273 0x1fb0  Serial - ok
14:06:32.0273 0x1fb0  sermouse - ok
14:06:32.0289 0x1fb0  SessionEnv - ok
14:06:32.0305 0x1fb0  sfloppy - ok
14:06:32.0320 0x1fb0  SharedAccess - ok
14:06:32.0320 0x1fb0  ShellHWDetection - ok
14:06:32.0336 0x1fb0  SiSRaid2 - ok
14:06:32.0352 0x1fb0  SiSRaid4 - ok
14:06:32.0368 0x1fb0  smphost - ok
14:06:32.0374 0x1fb0  SmsRouter - ok
14:06:32.0389 0x1fb0  SNMPTRAP - ok
14:06:32.0405 0x1fb0  spaceport - ok
14:06:32.0405 0x1fb0  SpbCx - ok
14:06:32.0421 0x1fb0  Spooler - ok
14:06:32.0421 0x1fb0  sppsvc - ok
14:06:32.0436 0x1fb0  srv - ok
14:06:32.0452 0x1fb0  srv2 - ok
14:06:32.0452 0x1fb0  srvnet - ok
14:06:32.0473 0x1fb0  SSDPSRV - ok
14:06:32.0474 0x1fb0  SstpSvc - ok
14:06:32.0490 0x1fb0  [ 592FF34A2FD6C6351B8A3AA76B2C0A9E, 152B7472DE531AC45492F562DD470B2CE33F1EEF13BC78F26046AE5ABF54E32F ] ssudmdm         C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
14:06:32.0521 0x1fb0  ssudmdm - ok
14:06:32.0537 0x1fb0  StateRepository - ok
14:06:32.0552 0x1fb0  stexstor - ok
14:06:32.0552 0x1fb0  stisvc - ok
14:06:32.0571 0x1fb0  storahci - ok
14:06:32.0574 0x1fb0  storflt - ok
14:06:32.0574 0x1fb0  stornvme - ok
14:06:32.0590 0x1fb0  storqosflt - ok
14:06:32.0605 0x1fb0  StorSvc - ok
14:06:32.0605 0x1fb0  storufs - ok
14:06:32.0621 0x1fb0  storvsc - ok
14:06:32.0621 0x1fb0  svsvc - ok
14:06:32.0636 0x1fb0  swenum - ok
14:06:32.0636 0x1fb0  swprv - ok
14:06:32.0652 0x1fb0  Synth3dVsc - ok
14:06:32.0652 0x1fb0  SysMain - ok
14:06:32.0690 0x1fb0  [ FA8E0A9C648035CA1B47C9DA77EDB7EA, 4097AB89D2DB4741B138F3939AED4C5DB00BA124BF66E5DC2218ACF3A37513A3 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
14:06:32.0774 0x1fb0  SystemEventsBroker - ok
14:06:32.0774 0x1fb0  TabletInputService - ok
14:06:32.0790 0x1fb0  TapiSrv - ok
14:06:32.0790 0x1fb0  Tcpip - ok
14:06:32.0806 0x1fb0  Tcpip6 - ok
14:06:32.0821 0x1fb0  tcpipreg - ok
14:06:32.0821 0x1fb0  tdx - ok
14:06:32.0837 0x1fb0  terminpt - ok
14:06:32.0853 0x1fb0  TermService - ok
14:06:32.0853 0x1fb0  Themes - ok
14:06:32.0869 0x1fb0  TieringEngineService - ok
14:06:32.0875 0x1fb0  tiledatamodelsvc - ok
14:06:32.0875 0x1fb0  TimeBroker - ok
14:06:32.0906 0x1fb0  [ 87B9ABB965F7AF987D52791F0DD1663D, 6E42F764D47ACAD644E5F547E503B7AEA8D700C335674D1B0EB5493914F747E7 ] TPM             C:\WINDOWS\System32\drivers\tpm.sys
14:06:32.0953 0x1fb0  TPM - ok
14:06:32.0953 0x1fb0  TrkWks - ok
14:06:32.0970 0x1fb0  TrustedInstaller - ok
14:06:32.0975 0x1fb0  tsusbflt - ok
14:06:32.0991 0x1fb0  TsUsbGD - ok
14:06:32.0991 0x1fb0  tunnel - ok
14:06:33.0006 0x1fb0  tzautoupdate - ok
14:06:33.0006 0x1fb0  uagp35 - ok
14:06:33.0022 0x1fb0  UASPStor - ok
14:06:33.0022 0x1fb0  UcmCx0101 - ok
14:06:33.0037 0x1fb0  UcmUcsi - ok
14:06:33.0037 0x1fb0  Ucx01000 - ok
14:06:33.0053 0x1fb0  UdeCx - ok
14:06:33.0053 0x1fb0  udfs - ok
14:06:33.0075 0x1fb0  UEFI - ok
14:06:33.0091 0x1fb0  [ EE33325429532937D51AC3F54DC93589, D861B541E42F41EDC69A2A3B44860E40164D797D11B4343495DE6281D33F718C ] UEIPSvc         C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
14:06:33.0122 0x1fb0  UEIPSvc - ok
14:06:33.0138 0x1fb0  [ 05DD22294A4F3F89E52351C7721E6D2C, 300A7D4BD5F26814CF73400E01DEB810CA3F91BD190B3D37B74ADF080F582829 ] Ufx01000        C:\WINDOWS\system32\drivers\ufx01000.sys
14:06:33.0191 0x1fb0  Ufx01000 - ok
14:06:33.0207 0x1fb0  UfxChipidea - ok
14:06:33.0207 0x1fb0  ufxsynopsys - ok
14:06:33.0222 0x1fb0  UI0Detect - ok
14:06:33.0238 0x1fb0  uliagpkx - ok
14:06:33.0238 0x1fb0  umbus - ok
14:06:33.0254 0x1fb0  UmPass - ok
14:06:33.0269 0x1fb0  UmRdpService - ok
14:06:33.0276 0x1fb0  UnistoreSvc - ok
14:06:33.0291 0x1fb0  upnphost - ok
14:06:33.0291 0x1fb0  UrsChipidea - ok
14:06:33.0307 0x1fb0  UrsCx01000 - ok
14:06:33.0323 0x1fb0  UrsSynopsys - ok
14:06:33.0323 0x1fb0  usbccgp - ok
14:06:33.0338 0x1fb0  usbcir - ok
14:06:33.0338 0x1fb0  usbehci - ok
14:06:33.0354 0x1fb0  usbhub - ok
14:06:33.0354 0x1fb0  USBHUB3 - ok
14:06:33.0376 0x1fb0  usbohci - ok
14:06:33.0376 0x1fb0  usbprint - ok
14:06:33.0392 0x1fb0  usbser - ok
14:06:33.0392 0x1fb0  USBSTOR - ok
14:06:33.0407 0x1fb0  usbuhci - ok
14:06:33.0407 0x1fb0  usbvideo - ok
14:06:33.0423 0x1fb0  USBXHCI - ok
14:06:33.0439 0x1fb0  UserDataSvc - ok
14:06:33.0454 0x1fb0  UserManager - ok
14:06:33.0470 0x1fb0  UsoSvc - ok
14:06:33.0476 0x1fb0  VaultSvc - ok
14:06:33.0476 0x1fb0  vdrvroot - ok
14:06:33.0492 0x1fb0  vds - ok
14:06:33.0492 0x1fb0  VerifierExt - ok
14:06:33.0508 0x1fb0  vhdmp - ok
14:06:33.0523 0x1fb0  vhf - ok
14:06:33.0523 0x1fb0  vmbus - ok
14:06:33.0539 0x1fb0  VMBusHID - ok
14:06:33.0539 0x1fb0  vmicguestinterface - ok
14:06:33.0554 0x1fb0  vmicheartbeat - ok
14:06:33.0554 0x1fb0  vmickvpexchange - ok
14:06:33.0573 0x1fb0  vmicrdv - ok
14:06:33.0577 0x1fb0  vmicshutdown - ok
14:06:33.0577 0x1fb0  vmictimesync - ok
14:06:33.0592 0x1fb0  vmicvmsession - ok
14:06:33.0592 0x1fb0  vmicvss - ok
14:06:33.0608 0x1fb0  volmgr - ok
14:06:33.0608 0x1fb0  volmgrx - ok
14:06:33.0623 0x1fb0  volsnap - ok
14:06:33.0639 0x1fb0  vpci - ok
14:06:33.0639 0x1fb0  vsmraid - ok
14:06:33.0655 0x1fb0  VSS - ok
14:06:33.0655 0x1fb0  VSTXRAID - ok
14:06:33.0676 0x1fb0  vwifibus - ok
14:06:33.0677 0x1fb0  vwififlt - ok
14:06:33.0693 0x1fb0  vwifimp - ok
14:06:33.0708 0x1fb0  W32Time - ok
14:06:33.0708 0x1fb0  WacomPen - ok
14:06:33.0724 0x1fb0  WalletService - ok
14:06:33.0724 0x1fb0  wanarp - ok
14:06:33.0739 0x1fb0  wanarpv6 - ok
14:06:33.0739 0x1fb0  wbengine - ok
14:06:33.0755 0x1fb0  WbioSrvc - ok
14:06:33.0755 0x1fb0  Wcmsvc - ok
14:06:33.0777 0x1fb0  wcncsvc - ok
14:06:33.0777 0x1fb0  WcsPlugInService - ok
14:06:33.0792 0x1fb0  WdBoot - ok
14:06:33.0792 0x1fb0  Wdf01000 - ok
14:06:33.0808 0x1fb0  WdFilter - ok
14:06:33.0808 0x1fb0  WdiServiceHost - ok
14:06:33.0824 0x1fb0  WdiSystemHost - ok
14:06:33.0839 0x1fb0  wdiwifi - ok
14:06:33.0839 0x1fb0  WdNisDrv - ok
14:06:33.0855 0x1fb0  WdNisSvc - ok
14:06:33.0855 0x1fb0  WebClient - ok
14:06:33.0877 0x1fb0  Wecsvc - ok
14:06:33.0877 0x1fb0  WEPHOSTSVC - ok
14:06:33.0893 0x1fb0  wercplsupport - ok
14:06:33.0893 0x1fb0  WerSvc - ok
14:06:33.0908 0x1fb0  WFPLWFS - ok
14:06:33.0908 0x1fb0  WiaRpc - ok
14:06:33.0924 0x1fb0  WIMMount - ok
14:06:33.0924 0x1fb0  WinDefend - ok
14:06:33.0940 0x1fb0  WindowsTrustedRT - ok
14:06:33.0955 0x1fb0  WindowsTrustedRTProxy - ok
14:06:33.0977 0x1fb0  WinHttpAutoProxySvc - ok
14:06:33.0977 0x1fb0  WinMad - ok
14:06:34.0009 0x1fb0  Winmgmt - ok
14:06:34.0009 0x1fb0  WinRM - ok
14:06:34.0024 0x1fb0  WINUSB - ok
14:06:34.0040 0x1fb0  WinVerbs - ok
14:06:34.0040 0x1fb0  WlanSvc - ok
14:06:34.0056 0x1fb0  wlidsvc - ok
14:06:34.0056 0x1fb0  WmiAcpi - ok
14:06:34.0078 0x1fb0  wmiApSrv - ok
14:06:34.0078 0x1fb0  WMPNetworkSvc - ok
14:06:34.0109 0x1fb0  [ 2A9650FCC696DB28E45EA8B33B99B8E6, FBEBC6C05D50F578C6EEE0A7285EBE1DEADB08DD21FA3232630FD8D5A68FC3FB ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
14:06:34.0140 0x1fb0  Wof - ok
14:06:34.0156 0x1fb0  workfolderssvc - ok
14:06:34.0178 0x1fb0  wpcfltr - ok
14:06:34.0178 0x1fb0  WPDBusEnum - ok
14:06:34.0194 0x1fb0  WpdUpFltr - ok
14:06:34.0209 0x1fb0  WpnService - ok
14:06:34.0209 0x1fb0  ws2ifsl - ok
14:06:34.0240 0x1fb0  [ 5B813FADEA5BE9195F01C83287F823F7, B186175B12AF444F987FE9F0F9D329A0F9186C06E3D228824E0929BB0084853F ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
14:06:34.0309 0x1fb0  wscsvc - ok
14:06:34.0309 0x1fb0  WSearch - ok
14:06:34.0325 0x1fb0  WSService - ok
14:06:34.0341 0x1fb0  wuauserv - ok
14:06:34.0341 0x1fb0  WudfPf - ok
14:06:34.0356 0x1fb0  WUDFRd - ok
14:06:34.0376 0x1fb0  wudfsvc - ok
14:06:34.0378 0x1fb0  WUDFWpdFs - ok
14:06:34.0378 0x1fb0  WUDFWpdMtp - ok
14:06:34.0394 0x1fb0  WwanSvc - ok
14:06:34.0410 0x1fb0  XblAuthManager - ok
14:06:34.0410 0x1fb0  XblGameSave - ok
14:06:34.0425 0x1fb0  xboxgip - ok
14:06:34.0425 0x1fb0  XboxNetApiSvc - ok
14:06:34.0441 0x1fb0  xinputhid - ok
14:06:34.0441 0x1fb0  ================ Scan global ===============================
14:06:34.0478 0x1fb0  [ Global ] - ok
14:06:34.0478 0x1fb0  ================ Scan MBR ==================================
14:06:34.0478 0x1fb0  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
14:06:34.0674 0x1fb0  \Device\Harddisk0\DR0 - ok
14:06:34.0675 0x1fb0  ================ Scan VBR ==================================
14:06:34.0679 0x1fb0  [ 3F7F83B9DCDB02F6022B7F5DC4231419 ] \Device\Harddisk0\DR0\Partition1
14:06:34.0679 0x1fb0  \Device\Harddisk0\DR0\Partition1 - ok
14:06:34.0679 0x1fb0  [ 56532BD10D388D68A5790778911CAD6F ] \Device\Harddisk0\DR0\Partition2
14:06:34.0679 0x1fb0  \Device\Harddisk0\DR0\Partition2 - ok
14:06:34.0694 0x1fb0  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
14:06:34.0694 0x1fb0  \Device\Harddisk0\DR0\Partition3 - ok
14:06:34.0694 0x1fb0  [ 6020D3AEAF6742AF54C56E8D5C897FE1 ] \Device\Harddisk0\DR0\Partition4
14:06:34.0710 0x1fb0  \Device\Harddisk0\DR0\Partition4 - ok
14:06:34.0710 0x1fb0  [ 7138D2B9F1779B36B7D86EB38D9C66EE ] \Device\Harddisk0\DR0\Partition5
14:06:34.0710 0x1fb0  \Device\Harddisk0\DR0\Partition5 - ok
14:06:34.0710 0x1fb0  ================ Scan generic autorun ======================
14:06:35.0531 0x1fb0  [ 65E8545F1297CD83534C354A7BED1848, 19B3F3C17A335837454DC1851C6436D0BB2D8B1595AEB4DC71265FB20868B48F ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
14:06:36.0395 0x1fb0  RtHDVCpl - ok
14:06:36.0503 0x1fb0  [ 31821EC63BDEDE18E64C11F7248B32AB, 6982AE866F8EC7943FDB3E4B77B03542A2E3E07F080B8D806C4ED903DE3368CE ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
14:06:36.0603 0x1fb0  RtHDVBg_Dolby - ok
14:06:36.0788 0x1fb0  [ E445C0DB7E5E89C657FC89C0C4CCEDE5, ABD7A9B36CFD6740CE06456B152D9EB1856C11CD7FB2A34E06D63BAD0639B2A0 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
14:06:36.0973 0x1fb0  NvBackend - ok
14:06:36.0973 0x1fb0  ShadowPlay - ok
14:06:36.0989 0x1fb0  [ 4470CF575CC1131CAC72FB3A386512ED, 70BEB0E8291FD864C86C6505AD336E04E29AC943891B60928126A6E323979A56 ] C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
14:06:37.0020 0x1fb0  abDocsDllLoader - ok
14:06:37.0104 0x1fb0  OneDriveSetup - ok
14:06:37.0120 0x1fb0  OneDriveSetup - ok
14:06:37.0157 0x1fb0  [ 8F2EA5EE0695CCE2285D92C44108375C, 2C96A8E7E41E87C27B6A3325526F99A03333357EF2682C17A4892BE4A58D157E ] C:\Users\sven\AppData\Local\Microsoft\OneDrive\OneDrive.exe
14:06:37.0220 0x1fb0  OneDrive - ok
14:06:37.0220 0x1fb0  Speech Recognition - ok
14:06:37.0758 0x1fb0  [ 35C570B08308326298DB8298376226A8, 2932C15E6B8BC854C2648DBF66F14531A4CF672C5D84244C9310CA8EEE1C55BC ] C:\Program Files\CCleaner\CCleaner64.exe
14:06:38.0321 0x1fb0  CCleaner Monitoring - ok
14:06:38.0340 0x1fb0  Waiting for KSN requests completion. In queue: 59
14:06:39.0371 0x1fb0  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.9.10586.672 ), 0x62100 ( disabled : updated )
14:06:39.0386 0x1fb0  Win FW state via NFP2: enabled ( trusted )
14:06:39.0533 0x1fb0  ============================================================
14:06:39.0533 0x1fb0  Scan finished
14:06:39.0533 0x1fb0  ============================================================
14:06:39.0553 0x1c58  Detected object count: 1
14:06:39.0553 0x1c58  Actual detected object count: 1
14:06:45.0784 0x1c58  AtherosSvc ( UnsignedFile.Multi.Generic ) - skipped by user
14:06:45.0784 0x1c58  AtherosSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip

so also die hacken sind gesetzt wie auf dem Bild

cosinus · 14.11.2016, 14:45

Zitat:

14:06:17.0534 0x1fb0 Scan started
14:06:17.0534 0x1fb0 Mode: Manual; SigCheck; TDLFS;

So isses richtig

Adware/Junkware/Toolbars entfernen

Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!
Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren!

1. Schritt: adwCleaner

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

vigilanz · 15.11.2016, 10:15

Code:

ATTFilter

# AdwCleaner v6.030 - Bericht erstellt am 14/11/2016 um 17:45:59
# Aktualisiert am 19/10/2016 von Malwarebytes
# Datenbank : 2016-11-13.3 [Server]
# Betriebssystem : Windows 10 Home  (X64)
# Benutzername : sven - SVEN
# Gestartet von : C:\Users\sven\Downloads\AdwCleaner_6.030.exe
# Modus: Löschen
# Unterstützung : hxxps://www.malwarebytes.com/support



***** [ Dienste ] *****



***** [ Ordner ] *****

[-] Ordner gelöscht: C:\Program Files\Booking.com
[-] Ordner gelöscht: C:\ProgramData\pokki
[#] Ordner mit Neustart gelöscht: C:\ProgramData\Pokki
[-] Ordner gelöscht: C:\Users\Default User\AppData\Local\Pokki
[#] Ordner mit Neustart gelöscht: C:\Users\Default\AppData\Local\Pokki


***** [ Dateien ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Verknüpfungen ] *****



***** [ Aufgabenplanung ] *****



***** [ Registrierungsdatenbank ] *****

[-] Schlüssel gelöscht: HKU\S-1-5-21-3040301451-3423915041-4195490239-1001\Software\Classes\pokki
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Classes\pokki
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\pokki
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\Interface\{7BCA6879-A9F8-47DE-AE05-F5CE7EA3A474}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\TypeLib\{ADF1FA2A-6EAA-4A97-A55F-3C8B92843EF5}
[-] Daten  wiederhergestellt: HKU\S-1-5-21-3040301451-3423915041-4195490239-1001\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] 
[-] Daten  wiederhergestellt: HKU\S-1-5-21-3040301451-3423915041-4195490239-1001\Software\Microsoft\Internet Explorer\Main [Default_Search_URL] 
[-] Daten  wiederhergestellt: HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] 
[-] Daten  wiederhergestellt: HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL] 
[-] Daten  wiederhergestellt: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] 
[-] Daten  wiederhergestellt: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL] 
[-] Daten  wiederhergestellt: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] 
[-] Daten  wiederhergestellt: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] 
[-] Daten  wiederhergestellt: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] 
[-] Daten  wiederhergestellt: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] 
[-] Schlüssel gelöscht: HKU\S-1-5-21-3040301451-3423915041-4195490239-1001\Software\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
[-] Wert gelöscht: HKU\S-1-5-21-3040301451-3423915041-4195490239-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [Pokki]
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Classes\AppID\OverlayIcon.DLL


***** [ Browser ] *****



*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [3630 Bytes] - [14/11/2016 17:45:59]
C:\AdwCleaner\AdwCleaner[S0].txt - [4260 Bytes] - [14/11/2016 17:43:50]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [3776 Bytes] ##########

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.9 (09.30.2016)
Operating System: Windows 10 Home x64 
Ran by sven (Administrator) on 14.11.2016 at 17:51:08,30
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 1 

Successfully deleted: C:\Users\sven\AppData\Roaming\Mozilla\Firefox\Profiles\kmaofwxb.default\extensions\trash (Folder) 



Registry: 1 

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{590E1F2C-935E-4332-8B56-4190897AC566} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 14.11.2016 at 17:53:22,73
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

hab ich wieder was falsch gemacht?

cosinus · 15.11.2016, 11:15

Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Untersuchen klicken

14.11.2016, 12:51	#11
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Mein Notebook ist seit Tagen extrem langsam Du hast die Anleitung nicht richtig gelesen!! http://deeprybka.trojaner-board.de/tdss/options.PNG __________________ Logfiles bitte immer in CODE-Tags posten

15.11.2016, 11:15	#15
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Mein Notebook ist seit Tagen extrem langsam Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Untersuchen klicken __________________ Logfiles bitte immer in CODE-Tags posten

Mein Notebook ist seit Tagen extrem langsam

Plagegeister aller Art und deren Bekämpfung: Mein Notebook ist seit Tagen extrem langsam