| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Trojan.Injector.MSIL in Quarantäne, trotzdem funktioniert Google Chrome nichtWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
06.03.2017, 20:14
| #1 |
 |  Trojan.Injector.MSIL in Quarantäne, trotzdem funktioniert Google Chrome nicht Hallo Trojanerboard, ich sichere meinen Laptop ständig mit dem McAfee Virenscanner. Er findet keine Bedrohung. Am 02.03. ging Google Chrome nicht mehr. Es hat sich nach dem Start immer wieder aufgehangen. Auch eine Neuinstallation von Chrome brachte keine Änderung. Nach etwas googlen bin ich drauf gekommen, dass ich eventuell Mailware auf den Rechner habe und habe mir am 04.03. die kostenlose Version von Mailwarebytes heruntergeladen. 17 Bedrohungen, darunter auch ein Trojaner (Trojan.Injector.MSIL). Ich frage mich warum McAfee da nichts findet. Gestern am 05.03. habe ich Mailwarebytes noch einmal durchlaufen lassen und es wurden zwei weitere Schad-Dateien gefunden. Die Dateien sind alle in Quarantäne. Chrome geht immer noch nicht. Was kann ich tun? Danke für Eure Hilfe! Bianka |
|
06.03.2017, 20:40
| #2 | |
| /// TB-Ausbilder   | Trojan.Injector.MSIL in Quarantäne, trotzdem funktioniert Google Chrome nicht Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Zitat:
Bitte die kompletten Logdateien von MBAM mit den Funden posten. Gedanklich musst du dich davon verabscheiden, dass McAfee sämtliche Schadsoftware erkennt. Zur ersten Analyse bitte FRST und TDSS-Killer ausführen: Schritt 1 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Schritt 2 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Bitte poste mit deiner nächsten Antwort
|
|
06.03.2017, 21:56
| #3 |
| | Trojan.Injector.MSIL in Quarantäne, trotzdem funktioniert Google Chrome nicht FRST.txt
__________________Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 05-03-2017
durchgeführt von Bianka (Administrator) auf JENSBIANKALIEBE (06-03-2017 21:15:36)
Gestartet von C:\Users\Bianka\Desktop
Geladene Profile: Bianka (Verfügbare Profile: Bianka)
Platform: Windows 8.1 Connected (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Intel(R) Corporation) C:\Program Files\Intel Corporation\Intel(R) Technology Access\LegacyCsLoaderService.exe
(Intel(R) Corporation) C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMSvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Malwarebytes) E:\Programme\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Quick Access\QASvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Quick Access\RMSvc.exe
(Intel Security) C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McC9A94.tmp
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(acer) C:\Program Files\Packard Bell\User Experience Improvement Program\Framework\UBTService.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.EXE
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(Pokki) C:\Users\Bianka\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMLockHandler.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMTray.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Quick Access\QAEvent.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Quick Access\QAMsg.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Malwarebytes) E:\Programme\Malwarebytes\Anti-Malware\mbamtray.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerWinMonitor.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\2.3.290.0\McCSPServiceHost.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\VSCore_15_6\mcapexe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\swriter.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.bin
(McAfee, Inc.) C:\Program Files\McAfee\VirusScan\McVsShld.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672664 2014-06-30] (Realtek Semiconductor)
HKLM\...\Run: [Malwarebytes TrayApp] => E:\PROGRAMME\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2014-04-29] (Atheros Communications)
HKU\S-1-5-21-3939777714-882395854-1159617953-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27427808 2017-02-08] (Skype Technologies S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2016-08-26]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk [2014-11-21]
ShortcutTarget: Install LastPass FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk [2014-11-21]
ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe ()
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{C2DD1DA6-5C52-4B22-9AD4-AEFFB5517783}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{FDA7EFCC-8D4F-4528-998E-4C644058C139}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3939777714-882395854-1159617953-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
HKU\S-1-5-21-3939777714-882395854-1159617953-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=APJB
SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3939777714-882395854-1159617953-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3939777714-882395854-1159617953-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3939777714-882395854-1159617953-1001 -> {69142CA1-E7F5-4C54-A9B4-81E7F99E8A45} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=B011DE453D20141008&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-3939777714-882395854-1159617953-1001 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2014-11-21] (LastPass)
BHO: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll [2014-11-21] (LastPass)
BHO-x32: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2014-11-21] (LastPass)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll [2014-11-21] (LastPass)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2017-02-10] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2017-02-10] (McAfee, Inc.)
FireFox:
========
FF ProfilePath: C:\Users\Bianka\AppData\Roaming\Mozilla\Firefox\Profiles\2ptrwtj5.default [2017-03-05]
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\2ptrwtj5.default -> Sichere Suche
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\2ptrwtj5.default -> Web Search
FF Homepage: Mozilla\Firefox\Profiles\2ptrwtj5.default -> hxxp://google.de/
FF Keyword.URL: Mozilla\Firefox\Profiles\2ptrwtj5.default -> hxxps://de.search.yahoo.com/search?fr=mcafee&type=C111DE453D20141008&p=
FF Extension: (LastPass) - C:\Users\Bianka\AppData\Roaming\Mozilla\Firefox\Profiles\2ptrwtj5.default\Extensions\support@lastpass.com [2015-09-24]
FF Extension: (Video DownloadHelper) - C:\Users\Bianka\AppData\Roaming\Mozilla\Firefox\Profiles\2ptrwtj5.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-09-20]
FF Extension: (McAfee WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2016-05-24]
FF SearchPlugin: C:\Users\Bianka\AppData\Roaming\Mozilla\Firefox\Profiles\2ptrwtj5.default\searchplugins\McSiteAdvisor.xml [2017-03-05]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2017-02-17] [ist nicht signiert]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2015-08-02]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-02-15] ()
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2014-11-21] (LastPass)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2017-02-10] ()
FF Plugin: @videolan.org/vlc,version=2.1.5 -> E:\Programme\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-15] ()
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2014-11-21] (LastPass)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2017-02-10] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-03-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-03-05] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3939777714-882395854-1159617953-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Bianka\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2016-08-31] (Citrix Online)
FF Plugin HKU\S-1-5-21-3939777714-882395854-1159617953-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\Bianka\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2017-02-28] (Zoom Video Communications, Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxp://homepage-web.com/?s=acer&m=home
CHR StartupUrls: Default -> "hxxp://google.de/"
CHR DefaultSearchKeyword: Default -> lp
CHR Profile: C:\Users\Bianka\AppData\Local\Google\Chrome\User Data\Default [2017-03-06]
CHR Extension: (Google Docs) - C:\Users\Bianka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-03-05]
CHR Extension: (Google Drive) - C:\Users\Bianka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-05]
CHR Extension: (ColorZilla) - C:\Users\Bianka\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhlhnicpbhignbdhedgjhgdocnmhomnp [2017-03-05]
CHR Extension: (YouTube) - C:\Users\Bianka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-05]
CHR Extension: (Google Docs Offline) - C:\Users\Bianka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-03-05]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Bianka\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2017-03-05]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Bianka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-05]
CHR Extension: (Google Mail) - C:\Users\Bianka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-05]
CHR Extension: (Chrome Media Router) - C:\Users\Bianka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-03-05]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-04-27]
CHR HKLM\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3939777714-882395854-1159617953-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-04-27]
CHR HKLM-x32\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx
Opera:
=======
StartMenuInternet: (HKLM) OperaStable - E:\Programme\Opera\Launcher.exe
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 0295171488827201mcinstcleanup; C:\Windows\TEMP\029517~1.EXE [1027864 2016-11-28] (McAfee, Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [319104 2014-04-29] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert]
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [3053312 2014-06-26] (Acer Incorporated)
U4 ClientAnalyticsService; C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe [1747800 2017-02-16] (Intel Security)
R3 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [2573032 2014-06-12] (Acer Incorporated)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Datei ist nicht signiert]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315376 2014-06-09] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation)
R2 Intel(R) Technology Access Legacy CS Loader; C:\Program Files\Intel Corporation\Intel(R) Technology Access\LegacyCsLoaderService.exe [144128 2015-07-31] (Intel(R) Corporation)
R2 Intel(R) TechnologyAccessService; C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe [481536 2015-07-31] (Intel(R) Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel Corporation)
R2 LMSvc; C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMSvc.exe [466664 2014-06-10] (Acer Incorporate)
R2 MBAMService; E:\Programme\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [188352 2017-02-22] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_15_6\McApExe.exe [989632 2017-01-23] (McAfee, Inc.)
R2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\2.3.290.0\\McCSPServiceHost.exe [2054080 2017-02-04] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [1342904 2017-02-01] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [241040 2016-11-14] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [383032 2016-11-14] (McAfee, Inc.)
R3 mfevtp; C:\Windows\system32\mfevtps.exe [342768 2016-11-14] (McAfee, Inc.)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1465840 2016-12-22] (McAfee, Inc.)
R3 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1104304 2016-11-15] (Intel Security, Inc.)
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R3 QASvc; C:\Program Files\Packard Bell\Packard Bell Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 RMSvc; C:\Program Files\Packard Bell\Packard Bell Quick Access\RMSvc.exe [449768 2014-06-26] (Acer Incorporate)
R3 UEIPSvc; C:\Program Files\Packard Bell\User Experience Improvement Program\Framework\UBTService.exe [233216 2014-06-23] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S3 Intel(R) TA SAM; "C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe" [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3893248 2014-04-02] (Qualcomm Atheros Communications, Inc.)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-04-29] (Qualcomm Atheros)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [88456 2016-11-18] (McAfee, Inc.)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 GPIO; C:\Windows\System32\drivers\iaiogpioe.sys [31232 2014-06-09] (Intel Corporation)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [216704 2016-08-02] (McAfee, Inc.)
R3 iaioi2c; C:\Windows\System32\drivers\iaioi2ce.sys [69632 2014-06-09] (Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [251848 2017-03-05] (Malwarebytes)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [484576 2016-11-18] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [366320 2016-11-18] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [85048 2016-11-18] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [518184 2016-11-18] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [916432 2016-11-18] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [498152 2016-10-24] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [109336 2016-10-24] (McAfee, Inc.)
R3 mfeplk; C:\Windows\System32\drivers\mfeplk.sys [110248 2016-11-18] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [46240 2016-06-06] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [254800 2016-11-18] (McAfee, Inc.)
R1 ndisrd; C:\Windows\system32\DRIVERS\ndisrfl.sys [41688 2015-04-30] (Intel Corporation)
R3 NetTap630; C:\Windows\system32\DRIVERS\nettap630.sys [67800 2015-04-30] (Intel Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-03-06 21:15 - 2017-03-06 21:17 - 00026212 _____ C:\Users\Bianka\Desktop\FRST.txt
2017-03-06 21:14 - 2017-03-06 21:15 - 00000000 ____D C:\FRST
2017-03-06 21:13 - 2017-03-06 21:12 - 02423808 _____ (Farbar) C:\Users\Bianka\Desktop\FRST64.exe
2017-03-06 20:45 - 2017-03-06 20:45 - 00000119 ____H C:\Users\Bianka\Desktop\.~lock.eBookText (neu).odt#
2017-03-06 20:12 - 2017-03-06 20:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2017-03-05 22:50 - 2017-03-05 23:37 - 00015645 _____ C:\Users\Bianka\Desktop\Brotrezept.odt
2017-03-05 19:30 - 2017-03-05 19:30 - 00002251 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-03-05 19:30 - 2017-03-05 19:30 - 00002239 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-03-05 19:29 - 2017-03-05 19:29 - 00003542 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-03-05 19:29 - 2017-03-05 19:29 - 00003414 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-03-04 15:33 - 2017-03-06 20:01 - 00004034 _____ C:\Windows\System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse
2017-03-04 13:52 - 2017-03-04 13:52 - 00133640 _____ (Zoom Video Communications, Inc.) C:\Users\Bianka\Downloads\Zoom_launcher (3).exe
2017-03-04 13:52 - 2017-03-04 13:52 - 00000000 ____D C:\Users\Bianka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2017-03-04 00:18 - 2017-03-05 19:56 - 00251848 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-03-04 00:17 - 2017-03-04 00:17 - 00000925 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-03-04 00:17 - 2017-03-04 00:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-03-04 00:17 - 2017-03-04 00:17 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-03-04 00:17 - 2017-01-20 07:47 - 00077416 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-03-03 19:17 - 2017-03-03 19:18 - 01129376 _____ (Google Inc.) C:\Users\Bianka\Downloads\ChromeSetup.exe
2017-03-01 21:25 - 2017-03-01 21:26 - 439608336 _____ C:\Users\Bianka\Downloads\Interview Bianca und Katharina Kongress Lebensfreude zoom_0.mp4
2017-03-01 11:56 - 2017-03-01 11:56 - 00133640 _____ (Zoom Video Communications, Inc.) C:\Users\Bianka\Downloads\Zoom_launcher (2).exe
2017-03-01 11:26 - 2017-03-01 11:26 - 00133640 _____ (Zoom Video Communications, Inc.) C:\Users\Bianka\Downloads\Zoom_launcher (1).exe
2017-03-01 10:29 - 2017-03-05 20:32 - 00000033 _____ C:\Users\Bianka\Desktop\LP.txt
2017-03-01 08:58 - 2017-03-04 14:52 - 00000000 ____D C:\Users\Bianka\Documents\Zoom
2017-03-01 08:52 - 2017-03-04 13:53 - 00001954 _____ C:\Users\Bianka\Desktop\Zoom.lnk
2017-03-01 08:51 - 2017-03-01 08:51 - 00133640 _____ (Zoom Video Communications, Inc.) C:\Users\Bianka\Downloads\Zoom_launcher.exe
2017-02-27 21:19 - 2017-02-27 21:19 - 01629144 _____ (Skype Technologies S.A.) C:\Users\Bianka\Downloads\SkypeSetup.exe
2017-02-26 20:43 - 2017-03-05 14:25 - 00033172 _____ C:\Users\Bianka\Desktop\eBookText (neu).odt
2017-02-25 21:56 - 2017-02-26 17:32 - 00000000 ____D C:\Users\Bianka\Desktop\Pure-Lebensfreude-Online-Kongress
2017-02-25 12:30 - 2017-02-26 22:35 - 00027994 _____ C:\Users\Bianka\Desktop\Whatsapp-Chat.txt
2017-02-24 19:18 - 2017-02-24 19:19 - 00000706 _____ C:\Users\Bianka\Desktop\Onlinekongresserläuterung.txt
2017-02-23 21:59 - 2017-02-23 23:23 - 00000300 _____ C:\Users\Bianka\Desktop\Impressum.txt
2017-02-17 21:51 - 2017-02-17 21:51 - 00046655 _____ C:\Users\Bianka\Downloads\PB_KAZ_KtoNr_0092294801_07-02-2017_0928.pdf
2017-02-15 16:16 - 2017-02-15 22:57 - 00000453 _____ C:\Users\Bianka\Desktop\Karima Stockmann.txt
2017-02-15 13:22 - 2017-02-15 16:16 - 00000274 _____ C:\Users\Bianka\Desktop\Franziska Luschas.txt
2017-02-15 13:10 - 2017-02-19 17:37 - 00000670 _____ C:\Users\Bianka\Desktop\Astrid Kuby.txt
2017-02-15 11:36 - 2017-02-15 13:10 - 00000183 _____ C:\Users\Bianka\Desktop\Berge.txt
2017-02-15 10:05 - 2017-02-15 11:36 - 00000288 _____ C:\Users\Bianka\Desktop\Silvia Maria Engel.txt
2017-02-06 21:51 - 2017-02-06 21:57 - 00003772 _____ C:\Users\Bianka\Desktop\Gunnar Kessler.txt
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-03-06 21:14 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf
2017-03-06 20:55 - 2016-09-14 11:24 - 00000000 ____D C:\Users\Bianka\Desktop\ExpertenBilderZ
2017-03-06 20:55 - 2016-09-14 11:21 - 00000000 ____D C:\Users\Bianka\Desktop\ExpertenBilderA
2017-03-06 20:54 - 2016-09-14 10:00 - 00000000 ____D C:\Users\Bianka\Desktop\ExpertenBilderBianka
2017-03-06 20:54 - 2014-08-10 10:06 - 00765582 _____ C:\Windows\system32\perfh007.dat
2017-03-06 20:54 - 2014-08-10 10:06 - 00159366 _____ C:\Windows\system32\perfc007.dat
2017-03-06 20:54 - 2014-03-18 10:47 - 01776918 _____ C:\Windows\system32\PerfStringBackup.INI
2017-03-06 20:33 - 2016-08-31 17:57 - 00000696 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-3939777714-882395854-1159617953-1001.job
2017-03-06 20:25 - 2016-08-31 17:57 - 00000600 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3939777714-882395854-1159617953-1001.job
2017-03-06 20:25 - 2014-11-25 13:47 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-03-06 20:20 - 2014-10-08 17:47 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3939777714-882395854-1159617953-1001
2017-03-06 20:07 - 2016-06-18 11:56 - 00003068 _____ C:\Windows\System32\Tasks\McAfeeLogon
2017-03-06 20:07 - 2016-01-30 14:11 - 00000000 ____D C:\Windows\System32\Tasks\McAfee
2017-03-06 20:06 - 2016-01-30 14:09 - 00000000 ____D C:\Program Files (x86)\McAfee
2017-03-06 20:02 - 2014-10-08 17:45 - 00000000 ___DO C:\Users\Bianka\OneDrive
2017-03-06 19:41 - 2014-10-08 17:40 - 00000000 ____D C:\Users\Bianka\AppData\Local\SweetLabs App Platform
2017-03-05 23:53 - 2016-03-19 21:00 - 00000000 ____D C:\Users\Bianka\Desktop\Fotos
2017-03-05 23:37 - 2015-12-18 17:08 - 03708416 ___SH C:\Users\Bianka\Desktop\Thumbs.db
2017-03-05 19:56 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-03-05 19:30 - 2014-10-08 18:31 - 00000000 ____D C:\Users\Bianka\AppData\Local\Google
2017-03-05 19:29 - 2014-10-08 18:31 - 00000000 ____D C:\Program Files (x86)\Google
2017-03-05 18:54 - 2014-10-08 17:40 - 00000000 ____D C:\Users\Bianka
2017-03-05 15:34 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\NDF
2017-03-05 15:08 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2017-03-05 14:41 - 2014-10-08 17:59 - 00000000 __SHD C:\Users\Bianka\AppData\LocalLow\EmieUserList
2017-03-05 14:41 - 2014-10-08 17:58 - 00000000 __SHD C:\Users\Bianka\AppData\LocalLow\EmieSiteList
2017-03-05 00:08 - 2014-11-05 20:14 - 00000000 ____D C:\Users\Bianka\AppData\Roaming\vlc
2017-03-04 19:30 - 2017-01-03 00:13 - 00021862 _____ C:\Users\Bianka\Desktop\Haushaltsbuch 2017 .ods
2017-03-04 13:52 - 2016-01-19 23:01 - 00000000 ____D C:\Users\Bianka\AppData\Roaming\Zoom
2017-03-04 10:24 - 2014-11-01 18:15 - 00000000 ____D C:\Users\Bianka\AppData\Local\CrashDumps
2017-03-03 20:16 - 2017-01-18 20:49 - 00013932 _____ C:\Users\Bianka\Desktop\RechnungenUmsatzsteuerFA 2016 (neu).ods
2017-03-02 18:48 - 2014-10-08 17:45 - 00002454 _____ C:\Users\Bianka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2017-03-01 10:17 - 2017-01-20 18:02 - 00000790 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2017-03-01 10:17 - 2014-11-25 10:54 - 00003862 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1416909253
2017-03-01 08:41 - 2016-04-10 17:57 - 00000000 ____D C:\Program Files\Common Files\logishrd
2017-02-28 22:47 - 2016-01-18 11:01 - 00000000 ____D C:\Users\Bianka\AppData\Roaming\Skype
2017-02-28 09:51 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\LiveKernelReports
2017-02-27 22:06 - 2016-10-13 10:56 - 00019537 _____ C:\Users\Bianka\Desktop\Experten,Tel,EMail,Verein.ods
2017-02-27 21:24 - 2016-01-18 10:59 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-02-27 21:24 - 2016-01-18 10:59 - 00000000 ____D C:\ProgramData\Skype
2017-02-27 20:29 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2017-02-27 20:23 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-02-25 21:54 - 2016-09-21 10:12 - 00001913 _____ C:\Users\Bianka\Desktop\Andre Loibl.txt
2017-02-23 23:30 - 2014-11-24 12:04 - 03101184 ___SH C:\Users\Bianka\Downloads\Thumbs.db
2017-02-23 22:21 - 2014-11-09 21:16 - 00000000 ____D C:\Windows\system32\MRT
2017-02-23 22:16 - 2014-11-09 21:16 - 138020592 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-02-22 23:10 - 2015-05-01 21:23 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-02-22 19:25 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
2017-02-22 19:21 - 2014-10-08 18:30 - 00000000 ____D C:\Users\Bianka\AppData\Local\Deployment
2017-02-22 18:54 - 2014-10-08 17:59 - 00000000 __SHD C:\Users\Bianka\AppData\Local\EmieUserList
2017-02-22 18:54 - 2014-10-08 17:59 - 00000000 __SHD C:\Users\Bianka\AppData\Local\EmieSiteList
2017-02-19 21:58 - 2016-10-26 11:38 - 00015533 _____ C:\Users\Bianka\Desktop\Thomas Schmelzer.txt
2017-02-19 17:55 - 2017-01-22 15:29 - 00000300 _____ C:\Users\Bianka\Desktop\Ina Rudolph.txt
2017-02-18 20:07 - 2016-08-31 17:57 - 00003712 _____ C:\Windows\System32\Tasks\G2MUploadTask-S-1-5-21-3939777714-882395854-1159617953-1001
2017-02-18 20:07 - 2016-08-31 17:57 - 00003616 _____ C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-3939777714-882395854-1159617953-1001
2017-02-17 21:41 - 2016-01-30 14:03 - 00000000 ____D C:\ProgramData\McAfee
2017-02-17 21:40 - 2016-01-30 14:03 - 00000000 ____D C:\Program Files\Common Files\McAfee
2017-02-17 21:40 - 2013-08-22 15:44 - 00377416 _____ C:\Windows\system32\FNTCACHE.DAT
2017-02-15 10:04 - 2017-01-11 13:47 - 00001529 _____ C:\Users\Bianka\Desktop\Ralf senftleben.txt
2017-02-15 08:25 - 2014-11-25 13:47 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-02-15 08:25 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-02-15 08:25 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\Macromed
2017-02-10 22:33 - 2013-08-22 16:36 - 00000000 ___HD C:\Windows\ELAMBKUP
2017-02-09 23:32 - 2016-09-21 09:11 - 00011681 _____ C:\Users\Bianka\Desktop\Recherche Experten.txt
2017-02-06 20:41 - 2016-10-12 23:26 - 00835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-02-06 20:41 - 2016-10-12 23:26 - 00177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-02-05 23:26 - 2017-01-25 00:24 - 00000000 ____D C:\Users\Bianka\Desktop\Bilder für Freebie
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-11-21 23:42 - 2014-11-21 23:42 - 14147584 _____ () C:\Program Files (x86)\Common Files\lpuninstall.exe
2014-08-10 01:06 - 2014-08-10 01:06 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-08-26 15:56 - 2016-08-26 16:06 - 0000369 _____ () C:\ProgramData\hpzinstall.log
Einige Dateien in TEMP:
====================
2014-11-25 13:50 - 2013-12-25 12:34 - 3832576 _____ (Acer Incorporated) C:\Users\Bianka\AppData\Local\Temp\AcerDocsSetup.exe
2015-02-15 04:36 - 2015-02-15 04:36 - 40696528 _____ (Intel Corporation) C:\Users\Bianka\AppData\Local\Temp\Intel_Technology_Access_Software.exe
2015-12-02 16:05 - 2015-12-02 16:05 - 0120336 _____ (McAfee, Inc.) C:\Users\Bianka\AppData\Local\Temp\McCSPInstall.dll
2015-12-28 12:03 - 2015-09-01 12:11 - 0162120 _____ (McAfee Inc.) C:\Users\Bianka\AppData\Local\Temp\mccspuninstall.exe
2015-02-25 21:34 - 2015-02-25 21:35 - 135518328 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct12DD.tmp.exe
2016-04-14 18:42 - 2016-04-14 18:42 - 63707840 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct1418.tmp.exe
2015-12-11 18:27 - 2015-12-11 18:28 - 62903592 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct15D4.tmp.exe
2015-07-19 20:04 - 2015-07-19 20:05 - 67099128 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct162A.tmp.exe
2015-12-13 20:55 - 2015-12-13 20:56 - 63066872 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct175F.tmp.exe
2015-06-01 21:18 - 2015-06-01 21:18 - 67289280 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct1ACA.tmp.exe
2016-07-29 10:58 - 2016-07-29 11:07 - 63953128 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct2AC4.tmp.exe
2015-06-01 21:12 - 2015-06-01 21:13 - 67289280 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct2CA5.tmp.exe
2015-03-15 20:41 - 2015-03-15 20:42 - 139274496 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct41EA.tmp.exe
2015-01-03 14:40 - 2015-01-03 14:41 - 87183720 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct56AC.tmp.exe
2014-12-21 17:32 - 2014-12-21 17:33 - 95168336 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct5732.tmp.exe
2015-10-10 11:31 - 2015-10-10 11:31 - 67197784 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct5807.tmp.exe
2015-01-31 18:54 - 2015-01-31 18:55 - 61865696 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct61D7.tmp.exe
2015-03-22 21:00 - 2015-03-22 21:01 - 109032712 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct6283.tmp.exe
2015-02-02 14:08 - 2015-02-02 14:08 - 61862488 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct7427.tmp.exe
2015-03-12 20:52 - 2015-03-12 20:53 - 139275384 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct8E2F.tmp.exe
2016-02-17 20:14 - 2016-02-17 20:15 - 63078856 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct95E1.tmp.exe
2015-05-30 20:40 - 2015-05-30 20:40 - 67289280 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct9687.tmp.exe
2014-11-21 22:11 - 2014-11-21 22:30 - 84041160 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct9889.tmp.exe
2015-05-09 12:23 - 2015-05-09 12:24 - 107701776 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct9CB4.tmp.exe
2015-07-25 17:53 - 2015-07-25 17:53 - 67096576 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct9CF6.tmp.exe
2015-06-01 21:09 - 2015-06-01 21:10 - 67289280 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octA56E.tmp.exe
2015-05-24 14:29 - 2015-05-24 14:29 - 66882760 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octA6A4.tmp.exe
2015-06-01 21:15 - 2015-06-01 21:15 - 67289280 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octAF39.tmp.exe
2016-07-25 14:27 - 2016-07-25 14:28 - 63953600 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octB45A.tmp.exe
2015-10-30 18:30 - 2015-10-30 18:31 - 64809432 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octB7E9.tmp.exe
2015-12-07 23:04 - 2015-12-07 23:05 - 62760704 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octBF1D.tmp.exe
2015-02-11 19:02 - 2015-02-11 19:02 - 61869384 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octC2C8.tmp.exe
2015-08-28 08:59 - 2015-08-28 09:00 - 67202952 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octC8F0.tmp.exe
2015-04-17 17:17 - 2015-04-17 17:18 - 107667040 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octCC20.tmp.exe
2016-09-20 20:37 - 2016-09-20 20:37 - 64108904 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octCD56.tmp.exe
2015-02-22 16:13 - 2015-02-22 16:14 - 135702664 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octD17A.tmp.exe
2014-12-19 19:14 - 2014-12-19 19:14 - 84724888 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octD1F5.tmp.exe
2015-02-23 22:55 - 2015-02-23 22:55 - 135702568 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octD819.tmp.exe
2015-03-16 22:58 - 2015-03-16 22:58 - 94958272 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octD8AF.tmp.exe
2016-03-15 22:21 - 2016-03-15 22:22 - 63142648 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octD992.tmp.exe
2016-03-10 23:11 - 2016-03-10 23:12 - 63143840 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octDB79.tmp.exe
2016-11-17 23:37 - 2016-11-17 23:37 - 64111920 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octDB9.tmp.exe
2014-10-08 18:23 - 2014-10-08 18:24 - 50678288 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octF10C.tmp.exe
2016-08-15 20:55 - 2016-08-15 20:55 - 7046480 _____ () C:\Users\Bianka\AppData\Local\Temp\paint.net.4.0.10.install.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-03-01 10:37
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 05-03-2017
durchgeführt von Bianka (06-03-2017 21:19:00)
Gestartet von C:\Users\Bianka\Desktop
Windows 8.1 Connected (Update) (X64) (2014-10-08 16:40:44)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3939777714-882395854-1159617953-500 - Administrator - Disabled)
Bianka (S-1-5-21-3939777714-882395854-1159617953-1001 - Administrator - Enabled) => C:\Users\Bianka
Gast (S-1-5-21-3939777714-882395854-1159617953-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3939777714-882395854-1159617953-1003 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}
FW: McAfee Firewall (Enabled) {B3F62DDF-980B-3470-75A7-407A2E6F58C7}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
4500_G510af_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
4500G510af (x32 Version: 140.0.001.000 - Hewlett-Packard) Hidden
4500G510af_Software_Min (x32 Version: 140.0.001.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 20.0.0.260 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.01.2008.3 - Acer Incorporated)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bing Bar (HKLM-x32\...\{3611CA6C-5FCA-4900-A329-6A118123CCFC}) (Version: 7.1.355.0 - Microsoft Corporation)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Citrix Online Launcher (HKLM-x32\...\{09DA5EE2-7E46-4DC4-96F9-BFEE50D40659}) (Version: 1.0.408 - Citrix)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4917 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.4220 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3914.57 - CyberLink Corp.)
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden
eBay Worldwide (HKLM-x32\...\{91589413-6675-4C27-8AFC-EFB9103B90A5}) (Version: 2.4.0105 - OEM)
Fax (x32 Version: 140.0.307.000 - Hewlett-Packard) Hidden
FileZilla Client 3.23.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.23.0.2 - Tim Kosse)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
GoToMeeting 8.0.0.6441 (HKU\S-1-5-21-3939777714-882395854-1159617953-1001\...\GoToMeeting) (Version: 8.0.0.6441 - CitrixOnline)
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Host App Service (HKU\S-1-5-21-3939777714-882395854-1159617953-1001\...\SweetLabs_AP) (Version: 0.269.8.114 - Pokki)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Officejet 4500 G510a-f 14.0 Rel. 6 (HKLM\...\{A49C5804-8F24-433C-99B2-9F9F541090C7}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Support Assistant (HKLM-x32\...\{4780AF24-213D-4187-86F2-0014A6D6077B}) (Version: 8.3.50.9 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{AAE126B3-95C5-49E1-A590-7B5F6EDC7D60}) (Version: 12.5.32.203 - HP Inc.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8101 - Packard Bell)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3574 - Intel Corporation)
Intel(R) Technology Access (HKLM-x32\...\{fb74531f-28c3-4dca-9849-e6b8faa85afe}) (Version: 1.5.0.1021 - Intel Corporation)
Intel(R) Technology Access Software Asset Manager (x32 Version: 1.0.1562 - Intel Corporation) Hidden
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation)
LastPass (Nur deinstallieren) (HKLM-x32\...\LastPass) (Version: - LastPass)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8100 - Packard Bell)
Malwarebytes Version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
McAfee Internet Security Suite (HKLM-x32\...\MSC) (Version: 14.0.12000 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.235 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0 - Mozilla)
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Opera Stable 43.0.2442.1144 (HKLM-x32\...\Opera 43.0.2442.1144) (Version: 43.0.2442.1144 - Opera Software)
Packard Bell Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Packard Bell)
Packard Bell Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8107 - Packard Bell)
Packard Bell Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8105 - Packard Bell)
Packard Bell Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3016.0 - Packard Bell)
Packard Bell Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8108 - Packard Bell)
Packard Bell User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.02.3004 - Packard Bell)
Packard Bell User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.02.3004 - Packard Bell)
paint.net (HKLM\...\{6AC1101E-7561-43C9-BEEA-4AB1D220D8FF}) (Version: 4.0.13 - dotPDN LLC)
Pokki Start Menu (HKU\S-1-5-21-3939777714-882395854-1159617953-1001\...\SweetLabs_Start_Menu) (Version: 0.269.8.114 - Pokki)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.322 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.33 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.39059 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.33.529.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7288 - Realtek Semiconductor Corp.)
Saal Design Software (HKLM-x32\...\SaalDesignSoftware) (Version: 4.0 - Saal Digital Fotoservice GmbH)
Saal Design Software (x32 Version: 4.0 - Saal Digital Fotoservice GmbH) Hidden
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype™ 7.32 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.104 - Skype Technologies S.A.)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.6.81.gd359a796 - Spotify AB)
Startfenster (HKLM-x32\...\Startfenster) (Version: - Startfenster) <==== ACHTUNG
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
WinRAR 5.40 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-3939777714-882395854-1159617953-1001\...\ZoomUMX) (Version: 4.0 - Zoom Video Communications, Inc.)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3939777714-882395854-1159617953-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3939777714-882395854-1159617953-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Bianka\AppData\Local\Citrix\GoToMeeting\5808\G2MOutlookAddin64.dll => Keine Datei
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {05690C2D-2462-4329-A6BA-2BE6B7928391} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Packard Bell\Packard Bell Recovery Management\Notification\Notification.exe [2014-06-17] (Acer Incorporated)
Task: {085E5887-7694-4C67-B066-07CA7CF7D58F} - System32\Tasks\G2MUpdateTask-S-1-5-21-3939777714-882395854-1159617953-1001 => C:\Users\Bianka\AppData\Local\Citrix\GoToMeeting\6441\g2mupdate.exe [2017-02-18] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {106706D0-E476-400D-B4AD-2DC7B9C94E25} - System32\Tasks\UbtFrameworkService => C:\Program Files\Packard Bell\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-12] (TODO: <Company name>)
Task: {1A46170F-14F7-41FE-8E2B-E06FC3306809} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-12-07] (HP Inc.)
Task: {312CDB5A-4AC9-43C4-B4AC-C1ED6DDB1547} - System32\Tasks\IntelTA-Upgrade-56460984-97c2-4bc7-a632-d776cf817f5d => C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe
Task: {312E43F1-DFFC-4E8B-80E0-1B5A9E39B030} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [2016-12-09] (McAfee, Inc.)
Task: {39A7FD01-C315-4367-86CF-19F05FF3FB85} - System32\Tasks\SweetLabs App Platform => C:\Users\Bianka\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe [2016-11-16] (Pokki)
Task: {46C1FA8A-EAC0-4ECB-B5D6-3E90F05B0D75} - System32\Tasks\IntelTA-Upgrade-56460984-97c2-4bc7-a632-d776cf817f5d-Logon => C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe
Task: {47FC67FC-9211-4ADE-9B00-4B50628B3137} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {52E66837-0D6C-4593-91B4-1101A2088582} - System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.50.1291.1\mcdatrep.exe [2017-02-10] (McAfee, Inc.)
Task: {6D5036F1-FF73-47A9-88E3-C0C28EB11624} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2016-12-06] (HP Inc.)
Task: {6E83697B-11FB-4B17-8751-0E153CCBE470} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)
Task: {86377B76-DC30-4084-97F1-4460C9CF88AA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {90AA8809-AAB5-4716-B4FE-8FB10A69AF5C} - System32\Tasks\Launch Manager => C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMLauncher.exe [2014-06-10] (Acer Incorporate)
Task: {9724304D-AEFF-4334-866A-49DD98ECC1FA} - System32\Tasks\Quick Access => C:\Program Files\Packard Bell\Packard Bell Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {AD342E15-C9E1-4F7F-B358-57EF5D892E15} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {B4BCE3D4-CB4C-4036-AD11-1EE7A571446D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-05] (Google Inc.)
Task: {B6CF8580-93B8-4991-A681-07047CD3D3D0} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {B924DBF1-6776-4110-AE67-4F92EA42C3C8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2017-02-23] (Microsoft Corporation)
Task: {B9635281-C472-4AE6-94D6-81F6E3902874} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Packard Bell\Packard Bell Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {D18E474C-2E57-48E5-AC50-9933F3194224} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-05] (Google Inc.)
Task: {D3C088AF-18A5-416B-B125-25A93C6FE4F3} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {D8F6BBFF-8454-4137-9B0C-E4E62002B90A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {E00F7476-48BF-48F8-A325-B88AD2C2BBFA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)
Task: {E5123DAA-931C-44A6-B9AE-C3351D3D8FF3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-15] (Adobe Systems Incorporated)
Task: {E79B1364-B9CB-42DA-886A-D57ECC9BA405} - System32\Tasks\G2MUploadTask-S-1-5-21-3939777714-882395854-1159617953-1001 => C:\Users\Bianka\AppData\Local\Citrix\GoToMeeting\6441\g2mupload.exe [2017-02-18] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {EB873949-AEBC-4FE8-8C95-39E517C105FE} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Packard Bell\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {EBDA2E4D-7745-4035-86B1-6AD1ED378541} - System32\Tasks\ALU => C:\Program Files (x86)\Packard Bell\Live Updater\updater.exe [2013-07-08] ()
Task: {EC753DFA-E68E-4D00-B974-D5C75CCCE682} - System32\Tasks\Power Management => C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTrayLauncher.exe [2014-06-12] (Acer Incorporated)
Task: {F2091015-81A7-496C-937F-94BD68A461E3} - System32\Tasks\Opera scheduled Autoupdate 1416909253 => E:\Programme\Opera\launcher.exe [2017-02-27] (Opera Software)
Task: {F33E1F55-808A-4E9E-9A4E-A30E6B322DB8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-06] (HP Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3939777714-882395854-1159617953-1001.job => C:\Users\Bianka\AppData\Local\Citrix\GoToMeeting\6441\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-3939777714-882395854-1159617953-1001.job => C:\Users\Bianka\AppData\Local\Citrix\GoToMeeting\6441\g2mupload.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-07-07 10:44 - 2015-07-07 10:44 - 00088064 _____ () C:\Program Files\Intel Corporation\Intel(R) Technology Access\libglog.dll
2015-07-07 12:41 - 2015-07-07 12:41 - 01793280 _____ () C:\Program Files\Intel Corporation\Intel(R) Technology Access\cpprest120_1_4.dll
2015-07-07 12:41 - 2015-07-07 12:41 - 00354560 _____ () C:\Program Files\Intel Corporation\Intel(R) Technology Access\JsonCpp.dll
2014-08-10 01:34 - 2012-04-24 11:43 - 00254512 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2017-03-04 00:17 - 2017-01-20 07:47 - 02264352 _____ () E:\PROGRAMME\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2014-04-29 01:38 - 2014-04-29 01:38 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2014-04-29 01:35 - 2014-04-29 01:35 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2014-04-29 01:42 - 2014-04-29 01:42 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2014-08-13 09:27 - 2014-08-13 09:27 - 00988160 _____ () C:\Program Files (x86)\OpenOffice 4\program\libxml2.dll
2014-07-29 13:34 - 2014-07-29 13:34 - 00170496 _____ () C:\Program Files (x86)\OpenOffice 4\program\libxslt.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3939777714-882395854-1159617953-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Bianka\Pictures\09_15_P5090046.JPG
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKU\S-1-5-21-3939777714-882395854-1159617953-1001\...\StartupApproved\Run: => "Skype"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{0CE5CF7B-5DBE-4DBE-B5F6-C0D5236C108B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{E3ED660B-CD44-49D0-B965-C7FD2C72FEE7}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{AA06CA47-1FBD-4BAE-BDA9-F17DB5A47C1C}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{DB6807F4-48F6-4465-A3B4-61895551CF18}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{C37C349D-8DFE-4561-B36A-85CF9C562833}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{047C4C49-8D94-48ED-A6CD-5333E2D675FD}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{3205A298-3828-4C76-B0A9-046569C8630E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{9780FBB0-5838-4E0F-A936-288E0CFC4E56}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{5EE0A4CA-D0BE-4EA2-B961-E93D647B9240}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{666D0BA6-7785-42B8-99ED-95D258FB2663}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{EE092216-6C1A-45DE-AD11-9BF91F998A41}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{0E364B41-ACCD-4053-B533-3D3F2F3E07C5}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{C726FF4D-7C57-47C4-B6B1-297B963A480D}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{0429B611-1E56-47DA-8660-859D47AB38F2}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{900309BC-45B9-48B1-9D6C-27FECD98EA9A}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{8C52154C-FC98-4DBB-9719-F5A831A6BCC2}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{7AB5AB13-626D-42DC-8262-09D02C005533}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{A8013614-99B6-476E-B9B5-5AD70B4858BC}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{7AFDC0C1-7808-421C-8BE6-020F292BD761}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{A3B9F61E-4744-43B1-9A4F-7096CC917862}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{CC8CF53F-F3B1-47A6-B1D5-7ABB4146900A}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{D4248B9E-0049-40A5-BB42-031EC16D8AD7}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{A3617924-CE0B-4875-B2CB-2DDD44475C9E}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{4FA7383E-A4E6-41F3-8E2C-B732146F8C97}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{EFB2FDA5-6759-4FF3-8C13-2E3B564B0D8C}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{F4F4548A-1530-4005-9F23-F33F19727C99}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{86E88A6D-4C71-4564-8DA0-2291A5C44E68}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{60E52576-F4C9-4AE4-93D9-0D7551A625BC}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{68C58FA2-9E5C-4DB8-9368-6140AEF7E3DB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FB29E85E-6577-4DF2-92EA-338A6A540006}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EFF9CD08-6446-405E-A96F-B23DEA208216}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3BF3FB5D-D6F7-4D19-AC48-D89A5AF2FCAD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{04E35453-A7AD-4229-BB1D-8A1F51A2859B}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{130EE2F0-33EC-4849-B4BA-49A634D3BFF9}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{BAA67CA2-CFA8-4601-8DD1-2178522EDF9D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{5DA7647D-C9ED-43E9-A43F-70D73710C335}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{F3F603E5-88BE-4FB7-9CD4-B5F3CA0AFD7C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{89ACC33D-6BEA-4541-9D4B-43930FF7E6A1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{9F59F8AC-060B-4356-ACB9-993B8EC36157}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{8155787D-16BC-4F8A-B72C-6BBA8976C8E1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{9E486F02-1EC6-438F-AC76-909EFD674784}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{3A012DC7-46F3-44D1-BE57-2A6BF389D91F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{3BBE98CC-ACB4-489A-A956-88F89D628FEA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{5F98F186-425A-43D8-9E52-16A3DF3C0D7F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{48B97D00-C251-4AEF-99B5-AB99903A5044}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{3B0555E7-D763-4DE1-8CAE-D4DEA051F35A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{0820FB7C-DB81-4A9C-8EAE-B2F9F2DE8A6E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{E427A732-8AFA-41E0-B056-13370F8CE81D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{8A2E3F81-646C-473A-BFF3-0428E8379A34}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{26770239-524E-46A3-9F4D-DF3D286F3DFA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{E1E3EEDC-D04D-47EF-B682-FEFF34E2B8A3}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{F24AE540-DC9D-4B4F-A77A-2630B81E381B}] => (Allow) E:\Programme\Opera\43.0.2442.991\opera.exe
FirewallRules: [{A052A64F-FD0E-47F6-9B34-051F42902B5E}] => (Allow) E:\Programme\Opera\43.0.2442.1144\opera.exe
FirewallRules: [{9F98E57E-2F32-433D-A9B9-2A6214A074A7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Wiederherstellungspunkte =========================
18-02-2017 11:29:32 Intel(R) Technology Access
22-02-2017 19:23:43 Windows Update
05-03-2017 18:00:06 Geplanter Prüfpunkt
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (03/05/2017 10:33:19 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm chrome.exe, Version 56.0.2924.87 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 798
Startzeit: 01d295f7d10b632c
Endzeit: 60000
Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Berichts-ID: 2bcfd2a7-01eb-11e7-82ad-206a8ade4140
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (03/05/2017 10:27:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm chrome.exe, Version 56.0.2924.87 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 944
Startzeit: 01d295edc61a864a
Endzeit: 4294967295
Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Berichts-ID: d6027a12-01e1-11e7-82ad-206a8ade4140
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (03/05/2017 09:05:05 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm chrome.exe, Version 56.0.2924.87 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1f80
Startzeit: 01d295e8dc786c13
Endzeit: 31
Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Berichts-ID: 9bf5cb8f-01dd-11e7-82ad-206a8ade4140
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (03/05/2017 08:39:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm chrome.exe, Version 56.0.2924.87 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 914
Startzeit: 01d295e7e4fd2b35
Endzeit: 60000
Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Berichts-ID: 39f5cc66-01db-11e7-82ad-206a8ade4140
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (03/05/2017 08:32:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm chrome.exe, Version 56.0.2924.87 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1190
Startzeit: 01d295e4085babc6
Endzeit: 18
Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Berichts-ID: c0bab5a6-01d8-11e7-82ad-206a8ade4140
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (03/05/2017 07:43:48 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm chrome.exe, Version 56.0.2924.87 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1114
Startzeit: 01d295de94b8bb6c
Endzeit: 4294967295
Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Berichts-ID: 4200e56c-01d2-11e7-82ac-206a8ade4140
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (03/05/2017 06:45:01 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm chrome.exe, Version 56.0.2924.87 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: ee0
Startzeit: 01d295d39358a55e
Endzeit: 60000
Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Berichts-ID: 46769ae2-01cb-11e7-82ab-206a8ade4140
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (03/05/2017 02:38:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Notification.exe, Version: 6.0.3012.0, Zeitstempel: 0x53281d82
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.18340, Zeitstempel: 0x57366075
Ausnahmecode: 0xe0434352
Fehleroffset: 0x0000000000008a5c
ID des fehlerhaften Prozesses: 0x2044
Startzeit der fehlerhaften Anwendung: 0x01d295b5cb3ec928
Pfad der fehlerhaften Anwendung: C:\Program Files\Packard Bell\Packard Bell Recovery Management\Notification\Notification.exe
Pfad des fehlerhaften Moduls: C:\Windows\system32\KERNELBASE.dll
Berichtskennung: 0a84fac5-01a9-11e7-82aa-206a8ade4140
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (03/05/2017 02:38:40 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Notification.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.InvalidOperationException
bei System.Diagnostics.Process.GetProcessHandle(Int32, Boolean)
bei System.Diagnostics.Process.OpenProcessHandle(Int32)
bei System.Diagnostics.Process.get_Handle()
bei Notification.Form1.CheckAppContainer(System.Diagnostics.Process)
bei Notification.Form1.CheckResolution()
bei Notification.Form1..ctor()
bei Notification.Program.Main()
Error: (03/05/2017 02:33:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm chrome.exe, Version 56.0.2924.87 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 2180
Startzeit: 01d295a96502212f
Endzeit: 4294967295
Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Berichts-ID: e45e5607-01a6-11e7-82aa-206a8ade4140
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Systemfehler:
=============
Error: (03/06/2017 08:08:35 PM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: Fehler "1053" in DCOM, als der Dienst "mcpltsvc" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{20966775-18A4-4299-B8E3-772C336B52A7}
Error: (03/06/2017 08:08:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee Platform Services" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (03/06/2017 08:08:35 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst McAfee Platform Services erreicht.
Error: (03/06/2017 08:08:34 PM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: Fehler "1053" in DCOM, als der Dienst "mcpltsvc" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{20966775-18A4-4299-B8E3-772C336B52A7}
Error: (03/06/2017 08:08:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee Platform Services" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (03/06/2017 08:08:34 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst McAfee Platform Services erreicht.
Error: (03/06/2017 08:08:34 PM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: Fehler "1053" in DCOM, als der Dienst "mcpltsvc" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{20966775-18A4-4299-B8E3-772C336B52A7}
Error: (03/06/2017 08:08:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee Platform Services" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (03/06/2017 08:08:34 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst McAfee Platform Services erreicht.
Error: (03/06/2017 08:08:34 PM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: Fehler "1053" in DCOM, als der Dienst "mcpltsvc" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{20966775-18A4-4299-B8E3-772C336B52A7}
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Celeron(R) CPU N2840 @ 2.16GHz
Prozentuale Nutzung des RAM: 43%
Installierter physikalischer RAM: 3977.98 MB
Verfügbarer physikalischer RAM: 2254.21 MB
Summe virtueller Speicher: 5321.98 MB
Verfügbarer virtueller Speicher: 3581.5 MB
==================== Laufwerke ================================
Drive c: (Packard Bell) (Fixed) (Total:205.07 GB) (Free:146.81 GB) NTFS
Drive e: (Volume) (Fixed) (Total:244.14 GB) (Free:66.41 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: B4119404)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
07.03.2017, 15:58
| #4 |
| /// TB-Ausbilder | Trojan.Injector.MSIL in Quarantäne, trotzdem funktioniert Google Chrome nicht Servus, es fehlen noch die Logdateien von TDSS-Killer und MBAM (mit den Funden). |
|
07.03.2017, 17:16
| #5 |
| | KDSSKiller - Teil1Code:
ATTFilter 21:48:50.0120 0x1a94 TDSS rootkit removing tool 3.1.0.12 Nov 7 2016 07:10:01
21:48:50.0120 0x1a94 UEFI system
21:49:32.0311 0x1a94 ============================================================
21:49:32.0312 0x1a94 Current date / time: 2017/03/06 21:49:32.0311
21:49:32.0312 0x1a94 SystemInfo:
21:49:32.0312 0x1a94
21:49:32.0312 0x1a94 OS Version: 6.3.9600 ServicePack: 0.0
21:49:32.0312 0x1a94 Product type: Workstation
21:49:32.0312 0x1a94 ComputerName: JENSBIANKALIEBE
21:49:32.0312 0x1a94 UserName: Bianka
21:49:32.0312 0x1a94 Windows directory: C:\Windows
21:49:32.0312 0x1a94 System windows directory: C:\Windows
21:49:32.0312 0x1a94 Running under WOW64
21:49:32.0312 0x1a94 Processor architecture: Intel x64
21:49:32.0312 0x1a94 Number of processors: 2
21:49:32.0312 0x1a94 Page size: 0x1000
21:49:32.0312 0x1a94 Boot type: Normal boot
21:49:32.0312 0x1a94 CodeIntegrityOptions = 0x00000001
21:49:32.0313 0x1a94 ============================================================
21:49:32.0709 0x1a94 KLMD registered as C:\Windows\system32\drivers\99402334.sys
21:49:32.0710 0x1a94 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 9600.18505, osProperties = 0x19
21:49:33.0242 0x1a94 System UUID: {1AC36CBE-FF5E-C7D2-70E0-F345C98149D7}
21:49:34.0585 0x1a94 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:49:34.0635 0x1a94 ============================================================
21:49:34.0635 0x1a94 \Device\Harddisk0\DR0:
21:49:34.0636 0x1a94 GPT partitions:
21:49:34.0637 0x1a94 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {D3266109-50EA-4BD6-8C0D-0779033B4DFC}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x12C000
21:49:34.0637 0x1a94 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {67A6D2DC-1F60-476C-9F7D-D8FBC0AAC9AD}, Name: EFI system partition, StartLBA 0x12C800, BlocksNum 0x96000
21:49:34.0638 0x1a94 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {A1BC1AC1-A930-4066-AD4C-7DE7BC3FAAA9}, Name: Microsoft reserved partition, StartLBA 0x1C2800, BlocksNum 0x40000
21:49:34.0638 0x1a94 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {9130F390-B044-4E07-833A-7FA61E06CAC0}, Name: Basic data partition, StartLBA 0x202800, BlocksNum 0x19A26000
21:49:34.0639 0x1a94 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {3455B00D-F535-4B0A-8690-8A0DDF917BC6}, Name: Basic data partition, StartLBA 0x19C28800, BlocksNum 0x1E847800
21:49:34.0639 0x1a94 \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {75A62438-8E5C-4CC2-A58C-860A3936C112}, Name: Basic data partition, StartLBA 0x38470800, BlocksNum 0x1F15800
21:49:34.0639 0x1a94 MBR partitions:
21:49:34.0639 0x1a94 ============================================================
21:49:34.0658 0x1a94 C: <-> \Device\Harddisk0\DR0\Partition4
21:49:34.0700 0x1a94 E: <-> \Device\Harddisk0\DR0\Partition5
21:49:34.0700 0x1a94 ============================================================
21:49:34.0700 0x1a94 Initialize success
21:49:34.0700 0x1a94 ============================================================
21:49:40.0510 0x024c ============================================================
21:49:40.0511 0x024c Scan started
21:49:40.0511 0x024c Mode: Manual;
21:49:40.0511 0x024c ============================================================
21:49:40.0511 0x024c KSN ping started
21:49:40.0711 0x024c KSN ping finished: true
21:49:43.0646 0x024c ================ Scan system memory ========================
21:49:43.0646 0x024c System memory - ok
21:49:43.0650 0x024c ================ Scan services =============================
21:49:43.0774 0x024c 0295171488827201mcinstcleanup - ok
21:49:43.0977 0x024c [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\Windows\System32\drivers\1394ohci.sys
21:49:43.0998 0x024c 1394ohci - ok
21:49:44.0128 0x024c [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\Windows\system32\drivers\3ware.sys
21:49:44.0140 0x024c 3ware - ok
21:49:44.0233 0x024c [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI C:\Windows\system32\drivers\ACPI.sys
21:49:44.0261 0x024c ACPI - ok
21:49:44.0282 0x024c [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\Windows\system32\Drivers\acpiex.sys
21:49:44.0286 0x024c acpiex - ok
21:49:44.0308 0x024c [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\Windows\System32\drivers\acpipagr.sys
21:49:44.0309 0x024c acpipagr - ok
21:49:44.0317 0x024c [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\Windows\System32\drivers\acpipmi.sys
21:49:44.0319 0x024c AcpiPmi - ok
21:49:44.0328 0x024c [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\Windows\System32\drivers\acpitime.sys
21:49:44.0330 0x024c acpitime - ok
21:49:44.0397 0x024c [ B932E0EE190778D840F1442DFC0F9612, 8780963F14D57279FDD585BE945ED40F24590D32676C7A9EF94002D38B8BA643 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:49:44.0412 0x024c AdobeARMservice - ok
21:49:44.0591 0x024c [ 89ECFB35517F62C3802B227F288B750E, 47B329FEC98DC634A9068D6B88A331B323D99E9C21D3FE330352210841E715CA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:49:44.0642 0x024c AdobeFlashPlayerUpdateSvc - ok
21:49:44.0724 0x024c [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\Windows\system32\drivers\ADP80XX.SYS
21:49:44.0766 0x024c ADP80XX - ok
21:49:44.0810 0x024c [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:49:44.0818 0x024c AeLookupSvc - ok
21:49:44.0886 0x024c [ A460C3AF3755A2A79A3C8EFE72E147B5, 62CEA85DA53D86D3E7B5D79F94095C6126FFF3DEE1427BBF3DEF5EA366B4513B ] AFD C:\Windows\system32\drivers\afd.sys
21:49:44.0916 0x024c AFD - ok
21:49:44.0944 0x024c [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\Windows\system32\drivers\agp440.sys
21:49:44.0948 0x024c agp440 - ok
21:49:44.0984 0x024c [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache C:\Windows\system32\DRIVERS\ahcache.sys
21:49:44.0989 0x024c ahcache - ok
21:49:45.0029 0x024c [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG C:\Windows\System32\alg.exe
21:49:45.0040 0x024c ALG - ok
21:49:45.0082 0x024c [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\Windows\System32\drivers\amdk8.sys
21:49:45.0143 0x024c AmdK8 - ok
21:49:45.0192 0x024c [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\Windows\System32\drivers\amdppm.sys
21:49:45.0207 0x024c AmdPPM - ok
21:49:45.0237 0x024c [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\Windows\system32\drivers\amdsata.sys
21:49:45.0243 0x024c amdsata - ok
21:49:45.0283 0x024c [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
21:49:45.0335 0x024c amdsbs - ok
21:49:45.0365 0x024c [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\Windows\system32\drivers\amdxata.sys
21:49:45.0368 0x024c amdxata - ok
21:49:45.0411 0x024c [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID C:\Windows\system32\drivers\appid.sys
21:49:45.0417 0x024c AppID - ok
21:49:45.0454 0x024c [ 88358135810B9DFD830A9D3A8C3D149A, DF914DA3828EE2310895D156342E3B3DF5E8C6F6F9B851C359E82A1F48180D4B ] AppIDSvc C:\Windows\System32\appidsvc.dll
21:49:45.0461 0x024c AppIDSvc - ok
21:49:45.0501 0x024c [ 734622FBA766DBD65B1803549B24A04A, 3B6872B87A60D4DA265D3B8AB0561A929CFE2C097419183E93D3843422363C89 ] Appinfo C:\Windows\System32\appinfo.dll
21:49:45.0511 0x024c Appinfo - ok
21:49:45.0590 0x024c [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness C:\Windows\system32\AppReadiness.dll
21:49:45.0628 0x024c AppReadiness - ok
21:49:45.0726 0x024c [ E0F846ADE7DED88981D0908DE56FF160, D8F536438091878724A5004849306ADFB96A2778A9D958ED3DCC0CD9E35160BB ] AppXSvc C:\Windows\system32\appxdeploymentserver.dll
21:49:45.0798 0x024c AppXSvc - ok
21:49:45.0832 0x024c [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\Windows\system32\drivers\arcsas.sys
21:49:45.0838 0x024c arcsas - ok
21:49:45.0860 0x024c [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\Windows\system32\drivers\atapi.sys
21:49:45.0863 0x024c atapi - ok
21:49:45.0898 0x024c [ 8302D313DCC5536FE6BFB85165D9BB1E, CD9101D9CFE34F0D6CF5A6AD5C997CC5D32CCF5135B78604D0C3CD7252117C2D ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys
21:49:45.0904 0x024c AthBTPort - ok
21:49:45.0996 0x024c [ 23C3686D98C650878602066093BAFDCA, 8D5B6D5ADB7A8706D84A4F16915290B50FCF76330954387D0964CD67C3BD1727 ] AtherosSvc C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe
21:49:46.0025 0x024c AtherosSvc - ok
21:49:46.0252 0x024c [ 60EFDC0EE93A51C63C159C3BD06D25F3, 7108F32496E935FEB0C030A0BFCECC1A8D6BEF5BB8129E5B7D9309321E96C3EB ] athr C:\Windows\system32\DRIVERS\athwbx.sys
21:49:46.0451 0x024c athr - ok
21:49:46.0504 0x024c [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
21:49:46.0524 0x024c AudioEndpointBuilder - ok
21:49:46.0614 0x024c [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv C:\Windows\System32\Audiosrv.dll
21:49:46.0657 0x024c Audiosrv - ok
21:49:46.0693 0x024c [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV C:\Windows\System32\AxInstSV.dll
21:49:46.0702 0x024c AxInstSV - ok
21:49:46.0772 0x024c [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
21:49:46.0802 0x024c b06bdrv - ok
21:49:46.0839 0x024c [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\Windows\System32\drivers\BasicDisplay.sys
21:49:46.0844 0x024c BasicDisplay - ok
21:49:46.0871 0x024c [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender C:\Windows\System32\drivers\BasicRender.sys
21:49:46.0875 0x024c BasicRender - ok
21:49:46.0947 0x024c [ 4BEFF67C1775D353A16A62347E727874, 62363C5E5F4BF049A3E49FADA8CB17269945056ACADB319FDC4F05B74E2553C8 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BBSvc.exe
21:49:46.0989 0x024c BBSvc - ok
21:49:47.0034 0x024c [ A6DAAD3EA93DBDBD07FA821BCED133F6, 8F33D4E4B82091D09E62FD5487C88F3DF0DAC31FCBB846183CC4020533A131DE ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.exe
21:49:47.0056 0x024c BBUpdate - ok
21:49:47.0078 0x024c [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\Windows\System32\drivers\bcmfn2.sys
21:49:47.0081 0x024c bcmfn2 - ok
21:49:47.0132 0x024c [ 174394F4EF93C117BF7BE3878046A1B1, D58E868342D1DAFC4B04384A3713F729DF07F408AA6AE4762E6A4244F976526A ] BDESVC C:\Windows\System32\bdesvc.dll
21:49:47.0199 0x024c BDESVC - ok
21:49:47.0228 0x024c [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\Windows\system32\drivers\Beep.sys
21:49:47.0230 0x024c Beep - ok
21:49:47.0324 0x024c [ 5059D93764340D4EAEDF49C47133118F, 26C5779469E04BEAFD290B619CA355648F3911C66D41B22D2C3DCA909FCA0F6E ] BFE C:\Windows\System32\bfe.dll
21:49:47.0374 0x024c BFE - ok
21:49:47.0462 0x024c [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS C:\Windows\System32\qmgr.dll
21:49:47.0512 0x024c BITS - ok
21:49:47.0568 0x024c [ 4938A9236300A356F97E378491EE4844, 60D892960D48EEF48F8EC4DE4F174EBD0BC0E7B28B6D8723D554CD1979EB55B4 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:49:47.0578 0x024c bowser - ok
21:49:47.0633 0x024c [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
21:49:47.0670 0x024c BrokerInfrastructure - ok
21:49:47.0714 0x024c [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser C:\Windows\System32\browser.dll
21:49:47.0728 0x024c Browser - ok
21:49:47.0782 0x024c [ 15BE0FCECAE5BC00FB3D339D3D1CF4E4, 7F77C73404044270AA0A4C9D6BD838564B5356ACA935982390A6EA11FA653AE0 ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys
21:49:47.0824 0x024c BTATH_A2DP - ok
21:49:47.0857 0x024c [ 1FFA5E05F2DE32D9E65CFDA4B33D50FD, 9EC578F563A90C60F893817548195781893405AC8ED7F87C3B5F94F9842161A5 ] btath_avdt C:\Windows\system32\drivers\btath_avdt.sys
21:49:47.0867 0x024c btath_avdt - ok
21:49:47.0897 0x024c [ AF7DEA6A0E93AF8517A310D189B656BE, 008FE5102EE6B73A8D9AFC2B0E563C6A3567167380FCEDC538278240D2AE1FD4 ] BTATH_BUS C:\Windows\system32\drivers\btath_bus.sys
21:49:47.0899 0x024c BTATH_BUS - ok
21:49:47.0924 0x024c [ 785C38070043BEEE9E9D591DE4067244, 1C8D15B8A9E80A2799E7094C4AE111FEA9FBC6EAA4A61B13EFE59314C9794949 ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys
21:49:47.0928 0x024c BTATH_LWFLT - ok
21:49:47.0968 0x024c [ 859A116D748FBA603AF94C251DC5CF97, D64061721BE01F86386C4B0168B166C6AD076630B2229036E1D368D877389D46 ] BTATH_RCP C:\Windows\System32\drivers\btath_rcp.sys
21:49:47.0978 0x024c BTATH_RCP - ok
21:49:48.0037 0x024c [ 6BAA2BD613DB6440C8D2C864CA0EA5D7, 0B0C268BA443FFBB07A3ADC215669F911839A665F5DD3E4C7C21760B6365F5F2 ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys
21:49:48.0067 0x024c BtFilter - ok
21:49:48.0095 0x024c [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\Windows\System32\drivers\BthAvrcpTg.sys
21:49:48.0098 0x024c BthAvrcpTg - ok
21:49:48.0137 0x024c [ 1104A31260CCF4318C884E0AE6C513BF, A8F83B558944DEF0F84414A11DC3CB90C3A92377B46760EC0A9B8BC22FB0D5C7 ] BthEnum C:\Windows\System32\drivers\BthEnum.sys
21:49:48.0141 0x024c BthEnum - ok
21:49:48.0193 0x024c [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum C:\Windows\System32\drivers\bthhfenum.sys
21:49:48.0207 0x024c BthHFEnum - ok
21:49:48.0227 0x024c [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\Windows\System32\drivers\BthHFHid.sys
21:49:48.0232 0x024c bthhfhid - ok
21:49:48.0300 0x024c [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv C:\Windows\System32\BthHFSrv.dll
21:49:48.0327 0x024c BthHFSrv - ok
21:49:48.0351 0x024c [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum C:\Windows\system32\DRIVERS\BthLEEnum.sys
21:49:48.0361 0x024c BthLEEnum - ok
21:49:48.0386 0x024c [ 66B791F6B11DC4303DD18A224A501542, 502AE4D6FFC6B0FCED081B0E0F61F699F96F20DFEE737B53828F5DEE3BD0FCB1 ] BTHMODEM C:\Windows\System32\drivers\bthmodem.sys
21:49:48.0390 0x024c BTHMODEM - ok
21:49:48.0431 0x024c [ FEA8FC81431AD93F44D5FBFBBF096AA7, C0581DF6B2AD24836604B083F4866F93A3F4D9091D382029948A5E6221EDF788 ] BthPan C:\Windows\System32\drivers\bthpan.sys
21:49:48.0442 0x024c BthPan - ok
21:49:48.0550 0x024c [ 0CC00ADC1B84C93FB46E1A0974E956E1, 64C759244651B916901F4D0C82C3D6034532A20714A72FD26FC9D050B99E230B ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
21:49:48.0594 0x024c BTHPORT - ok
21:49:48.0637 0x024c [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv C:\Windows\system32\bthserv.dll
21:49:48.0641 0x024c bthserv - ok
21:49:48.0689 0x024c [ 08EA90955AED2D959EE67DF6EDF0E2B6, 0A70AA67E5DD24C473C66A570C0FEBA9D398A0F0AD8386FE05D01C4D16346968 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
21:49:48.0698 0x024c BTHUSB - ok
21:49:48.0923 0x024c [ C85FD6135D9D1C0B4391CC05759FD014, 1756AC9CB0C2FE57EF4BF9378540B9BA7AE4153EDE4BB9366A936B863A1D328D ] CCDMonitorService C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
21:49:49.0069 0x024c CCDMonitorService - ok
21:49:49.0101 0x024c [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:49:49.0105 0x024c cdfs - ok
21:49:49.0130 0x024c [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\Windows\System32\drivers\cdrom.sys
21:49:49.0139 0x024c cdrom - ok
21:49:49.0181 0x024c [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc C:\Windows\System32\certprop.dll
21:49:49.0195 0x024c CertPropSvc - ok
21:49:49.0246 0x024c [ 06FB15E8F933F22A59C79E5D87B41F64, 26FE8291AFBD0242171A17252B74800304F338A31B674190EDAA39D20DC00FF3 ] cfwids C:\Windows\system32\drivers\cfwids.sys
21:49:49.0258 0x024c cfwids - ok
21:49:49.0278 0x024c [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\Windows\System32\drivers\circlass.sys
21:49:49.0283 0x024c circlass - ok
21:49:49.0364 0x024c [ 9DA497AEAF35AA7BF7710132FC2A9906, D38DF749222BD0B6E8E6442CC79D56CF827A1430ACAB4F85F7FC469DD31A211C ] CLFS C:\Windows\system32\drivers\CLFS.sys
21:49:49.0408 0x024c CLFS - ok
21:49:49.0656 0x024c [ C0252538508FE7E831B4C0D8CF7989BB, 7D53BB51E9315978FDF769784B9C526DB2740642F807FF4807E73E6DC80D6561 ] ClientAnalyticsService C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe
21:49:49.0745 0x024c ClientAnalyticsService - ok
21:49:49.0784 0x024c [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\Windows\System32\drivers\CmBatt.sys
21:49:49.0787 0x024c CmBatt - ok
21:49:49.0864 0x024c [ EFC79D3224D19FD926FFEA0A24729FEF, 41B0B41F7270C82691453679E03194845B9AF08C28800BF39D3CEB7CB1530BB8 ] CNG C:\Windows\system32\Drivers\cng.sys
21:49:49.0905 0x024c CNG - ok
21:49:49.0946 0x024c [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\Windows\System32\drivers\CompositeBus.sys
21:49:49.0949 0x024c CompositeBus - ok
21:49:49.0959 0x024c COMSysApp - ok
21:49:49.0982 0x024c [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\Windows\system32\drivers\condrv.sys
21:49:49.0984 0x024c condrv - ok
21:49:50.0059 0x024c [ C5082FFE65B0672D06CCE39F45C3FF87, 21D38D7588A1BA628257D80EDA2103C9B7DD2DF6546420C6DD15F0E87BA773B5 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
21:49:50.0075 0x024c cphs - ok
21:49:50.0130 0x024c [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:49:50.0158 0x024c CryptSvc - ok
21:49:50.0191 0x024c [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam C:\Windows\system32\drivers\dam.sys
21:49:50.0197 0x024c dam - ok
21:49:50.0322 0x024c [ 7830CEA509693DE0817DF2F3F2D80E89, 7B1786CD225E2D6BCFA484D0BFB81DD162D5713EAEC80C53317CC6950E3D17F3 ] DcomLaunch C:\Windows\system32\rpcss.dll
21:49:50.0354 0x024c DcomLaunch - ok
21:49:50.0404 0x024c [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc C:\Windows\System32\defragsvc.dll
21:49:50.0427 0x024c defragsvc - ok
21:49:50.0483 0x024c [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\Windows\system32\das.dll
21:49:50.0508 0x024c DeviceAssociationService - ok
21:49:50.0545 0x024c [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall C:\Windows\system32\umpnpmgr.dll
21:49:50.0553 0x024c DeviceInstall - ok
21:49:50.0597 0x024c [ FBFF94FC1FE0699A6BC5ACE270AB9EA1, 7D67E7BE539D9D515A1A6B9282C72114310E874DD1FE51E71F002DBB0E1439FB ] Dfsc C:\Windows\system32\Drivers\dfsc.sys
21:49:50.0607 0x024c Dfsc - ok
21:49:50.0643 0x024c [ 0F4A5D01156B948B54550375498B08A2, 1CAE3D744429A06E9C9EC46AC6B216AB68154EF8FACDD0721C47902B83820F56 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
21:49:50.0650 0x024c dg_ssudbus - ok
21:49:50.0716 0x024c [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp C:\Windows\system32\dhcpcore.dll
21:49:50.0748 0x024c Dhcp - ok
21:49:50.0871 0x024c [ 0AC9F83A5508935DE89C447473085EEA, 223782B17BACEFB0A663EB13514B68B919C95EF641CDDA7AC30CB239BC4307EC ] DiagTrack C:\Windows\system32\diagtrack.dll
21:49:50.0950 0x024c DiagTrack - ok
21:49:50.0990 0x024c [ 8B1E62881D5AC68E673CD94B136B34AC, A0C50F17041E43AC07B67A74F2C408820316201439F47CDEA37A4F5891CC0E6F ] disk C:\Windows\system32\drivers\disk.sys
21:49:50.0994 0x024c disk - ok
21:49:51.0028 0x024c [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\Windows\System32\drivers\dmvsc.sys
21:49:51.0030 0x024c dmvsc - ok
21:49:51.0095 0x024c [ 561CBB163EB3C8221D9B1D7D1E5CA477, 4D235E73CC127769A257B31A92180552276EC8DDD991F1106815FADEF385E72D ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:49:51.0155 0x024c Dnscache - ok
21:49:51.0209 0x024c [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc C:\Windows\System32\dot3svc.dll
21:49:51.0240 0x024c dot3svc - ok
21:49:51.0289 0x024c [ 27069CFFF29B7F04F4B1BB10154BE52B, 6869626F9A1D3F64224883C5E661638CEE893A3E29651C7B9302A03E52180415 ] dot4 C:\Windows\system32\DRIVERS\Dot4.sys
21:49:51.0301 0x024c dot4 - ok
21:49:51.0339 0x024c [ 0BD906A79F9CE3013F7D9D0AC45F9F9D, 2F7D5082E7E226D5EBEA164A8ACEE0A447C96EB1829224A6EFA3E7B4EFEE1D14 ] Dot4Print C:\Windows\System32\drivers\Dot4Prt.sys
21:49:51.0343 0x024c Dot4Print - ok
21:49:51.0386 0x024c [ B7D595F2F464F7B628AD53F06547792C, F5D06A91EF54FBF56305FCC882B854350B266B2A005D80CC77AEBC2929440729 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
21:49:51.0401 0x024c dot4usb - ok
21:49:51.0478 0x024c [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS C:\Windows\system32\dps.dll
21:49:51.0510 0x024c DPS - ok
21:49:51.0552 0x024c [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:49:51.0556 0x024c drmkaud - ok
21:49:51.0603 0x024c [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc C:\Windows\System32\DeviceSetupManager.dll
21:49:51.0634 0x024c DsmSvc - ok
21:49:51.0771 0x024c [ F74B839FA0F4E6060CA1DA6B8DA17941, EF493E1F55FCD6A8C32B3D5D5809B7EFCCC9829E9A347522D1E6FE080D41BF37 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:49:51.0831 0x024c DXGKrnl - ok
21:49:51.0871 0x024c [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost C:\Windows\System32\eapsvc.dll
21:49:51.0879 0x024c Eaphost - ok
21:49:52.0082 0x024c [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\Windows\system32\drivers\evbda.sys
21:49:52.0279 0x024c ebdrv - ok
21:49:52.0315 0x024c [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS C:\Windows\System32\lsass.exe
21:49:52.0319 0x024c EFS - ok
21:49:52.0342 0x024c [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\Windows\system32\drivers\EhStorClass.sys
21:49:52.0347 0x024c EhStorClass - ok
21:49:52.0380 0x024c [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\Windows\system32\drivers\EhStorTcgDrv.sys
21:49:52.0388 0x024c EhStorTcgDrv - ok
21:49:52.0615 0x024c [ F800FEA3F6865E506AC2B218F25F1E38, 25E8EE3D009D52EDEF9F67587EA8E9E0FFD6094F3971B9470B0A7AC018AD469D ] ePowerSvc C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
21:49:52.0755 0x024c ePowerSvc - ok
21:49:52.0777 0x024c [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\Windows\System32\drivers\errdev.sys
21:49:52.0779 0x024c ErrDev - ok
21:49:52.0858 0x024c [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem C:\Windows\system32\es.dll
21:49:52.0879 0x024c EventSystem - ok
21:49:52.0938 0x024c [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\Windows\system32\drivers\exfat.sys
21:49:52.0949 0x024c exfat - ok
21:49:52.0981 0x024c [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:49:52.0992 0x024c fastfat - ok
21:49:53.0059 0x024c [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax C:\Windows\system32\fxssvc.exe
21:49:53.0099 0x024c Fax - ok
21:49:53.0109 0x024c [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\Windows\System32\drivers\fdc.sys
21:49:53.0112 0x024c fdc - ok
21:49:53.0143 0x024c [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost C:\Windows\system32\fdPHost.dll
21:49:53.0146 0x024c fdPHost - ok
21:49:53.0182 0x024c [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub C:\Windows\system32\fdrespub.dll
21:49:53.0187 0x024c FDResPub - ok
21:49:53.0239 0x024c [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc C:\Windows\system32\fhsvc.dll
21:49:53.0259 0x024c fhsvc - ok
21:49:53.0295 0x024c [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:49:53.0306 0x024c FileInfo - ok
21:49:53.0336 0x024c [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:49:53.0342 0x024c Filetrace - ok
21:49:53.0367 0x024c [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\Windows\System32\drivers\flpydisk.sys
21:49:53.0373 0x024c flpydisk - ok
21:49:53.0435 0x024c [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:49:53.0470 0x024c FltMgr - ok
21:49:53.0592 0x024c [ 1EFEF3B4EF2B241263F0F791EA128598, B6CADC254B0779E43E0D6AB6125A7E7ED8FF50C3158911681BA7B43160A08176 ] FontCache C:\Windows\system32\FntCache.dll
21:49:53.0674 0x024c FontCache - ok
21:49:53.0751 0x024c [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:49:53.0761 0x024c FontCache3.0.0.0 - ok
21:49:53.0811 0x024c [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
21:49:53.0818 0x024c FsDepends - ok
21:49:53.0844 0x024c [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:49:53.0847 0x024c Fs_Rec - ok
21:49:53.0928 0x024c [ D4AB6EE3D715BC44C00277FD934FAACF, DE8A8B14D7BA73BA1B5A833DE193CA65EDFE512A57D84F4F2CE19D9646D97F4E ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
21:49:53.0973 0x024c fvevol - ok
21:49:53.0999 0x024c [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\Windows\System32\drivers\fxppm.sys
21:49:54.0002 0x024c FxPPM - ok
21:49:54.0024 0x024c [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
21:49:54.0028 0x024c gagp30kx - ok
21:49:54.0065 0x024c [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\Windows\System32\drivers\vmgencounter.sys
21:49:54.0069 0x024c gencounter - ok
21:49:54.0109 0x024c [ 794F13178118C609BA4F59111EDB6758, 9B79A3E3ECA4493AE25231C7B158B41571A2960458E0F2DEBE3C8BF40F708188 ] GPIO C:\Windows\System32\drivers\iaiogpioe.sys
21:49:54.0113 0x024c GPIO - ok
21:49:54.0161 0x024c [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101 C:\Windows\system32\Drivers\msgpioclx.sys
21:49:54.0182 0x024c GPIOClx0101 - ok
21:49:54.0394 0x024c [ 9678FD4747A4F2E2318245EE6099482E, C76AE30E8BA77DC330F9CFE5ECEA58FAE0995396742923B564A2257DE24D7B32 ] gpsvc C:\Windows\System32\gpsvc.dll
21:49:54.0460 0x024c gpsvc - ok
21:49:54.0575 0x024c [ 2D8BBF6C7241AAD9EDE7708EBB7B43A4, 51AF8150C6CF738AF14F502E6BDAD1035773DD45980770E06393814B75259EF8 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:49:54.0621 0x024c gupdate - ok
21:49:54.0660 0x024c [ 2D8BBF6C7241AAD9EDE7708EBB7B43A4, 51AF8150C6CF738AF14F502E6BDAD1035773DD45980770E06393814B75259EF8 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:49:54.0674 0x024c gupdatem - ok
21:49:54.0733 0x024c [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:49:54.0755 0x024c HdAudAddService - ok
21:49:54.0789 0x024c [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus C:\Windows\System32\drivers\HDAudBus.sys
21:49:54.0796 0x024c HDAudBus - ok
21:49:54.0816 0x024c [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\Windows\System32\drivers\HidBatt.sys
21:49:54.0819 0x024c HidBatt - ok
21:49:54.0852 0x024c [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth C:\Windows\System32\drivers\hidbth.sys
21:49:54.0860 0x024c HidBth - ok
21:49:54.0881 0x024c [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\Windows\System32\drivers\hidi2c.sys
21:49:54.0885 0x024c hidi2c - ok
21:49:54.0914 0x024c [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\Windows\System32\drivers\hidir.sys
21:49:54.0918 0x024c HidIr - ok
21:49:54.0966 0x024c [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv C:\Windows\system32\hidserv.dll
21:49:54.0977 0x024c hidserv - ok
21:49:55.0018 0x024c [ 49676FEC898AB2A11B157F848269A56E, 011E6DDEF9570212520F92FEFD205E1F8104F198B57C40D11BE857FCBCC5F68D ] HidUsb C:\Windows\System32\drivers\hidusb.sys
21:49:55.0025 0x024c HidUsb - ok
21:49:55.0088 0x024c [ F60E629BADC03B5BCCF8AAE022651A64, 08D3BA75F3A43843F8F13D7EEA263E46A9452FAB3B30BFD389E4B0477675CB3B ] HipShieldK C:\Windows\system32\drivers\HipShieldK.sys
21:49:55.0113 0x024c HipShieldK - ok
21:49:55.0155 0x024c [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc C:\Windows\system32\kmsvc.dll
21:49:55.0180 0x024c hkmsvc - ok
21:49:55.0264 0x024c [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:49:55.0308 0x024c HomeGroupListener - ok
21:49:55.0389 0x024c [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:49:55.0432 0x024c HomeGroupProvider - ok
21:49:55.0621 0x024c [ 7515D791E39C9D75714FFDB954D12494, 4B2568FB4C48F8F01FA3EE59116F669FD8FAF1AF427C9262E36491970AB1126D ] HomeNetSvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
21:49:55.0678 0x024c HomeNetSvc - ok
21:49:55.0805 0x024c [ 0D0213498683414DDE29B1686A4C08D5, E9B64406C04B6E55CBD17E7C47B023CEA11FEE07B791154129D6F4F29D15AB7F ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
21:49:55.0862 0x024c hpqcxs08 - ok
21:49:55.0914 0x024c [ EE281DD6843F3F697C1AD7933EEB1E9B, 1ECE31C2150B92DDC1DCBBCECFE3E979F2C60B3F106280E3167BEC0269BF7A41 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
21:49:55.0938 0x024c hpqddsvc - ok
21:49:55.0980 0x024c [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
21:49:55.0989 0x024c HpSAMD - ok
21:49:56.0074 0x024c [ EC80F3ECC5F8543E22BBCB037D837CA9, 23A4AE80A6C317CE77BD9D352CD9CED8649E3AD98A7C0A2044138BB20B46F398 ] HPSupportSolutionsFrameworkService C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
21:49:56.0082 0x024c HPSupportSolutionsFrameworkService - ok
21:49:56.0219 0x024c [ 76A6FDA32A21515B67633497D8FDB1E4, 7DCAEC3186EAFDD4A53BCD8AAE9B82CBA8871C89B929FFD3BA43E675B95B2495 ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:49:56.0262 0x024c HTTP - ok
21:49:56.0283 0x024c [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
21:49:56.0285 0x024c hwpolicy - ok
21:49:56.0301 0x024c [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\Windows\System32\drivers\hyperkbd.sys
21:49:56.0303 0x024c hyperkbd - ok
21:49:56.0330 0x024c [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\Windows\system32\DRIVERS\HyperVideo.sys
21:49:56.0332 0x024c HyperVideo - ok
21:49:56.0370 0x024c [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt C:\Windows\System32\drivers\i8042prt.sys
21:49:56.0380 0x024c i8042prt - ok
21:49:56.0404 0x024c [ F49D75806D962F85C44E32A1AFB9B8E0, DF033C79C478EB2EA82466F1A7CB58FE17E7C23FE0F24E7B18718750E9F98FF3 ] iaioi2c C:\Windows\System32\drivers\iaioi2ce.sys
21:49:56.0409 0x024c iaioi2c - ok
21:49:56.0432 0x024c [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
21:49:56.0436 0x024c iaLPSSi_GPIO - ok
21:49:56.0465 0x024c [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\Windows\System32\drivers\iaLPSSi_I2C.sys
21:49:56.0473 0x024c iaLPSSi_I2C - ok
21:49:56.0521 0x024c [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\Windows\system32\drivers\iaStorAV.sys
21:49:56.0549 0x024c iaStorAV - ok
21:49:56.0571 0x024c [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
21:49:56.0586 0x024c iaStorV - ok
21:49:56.0640 0x024c [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
21:49:56.0655 0x024c ICCS - ok
21:49:56.0737 0x024c [ DAF66902F08796F9C694901660E5A64A, F4A4764DED05980426BAB54AAF040BC27A39C80315F5161E8D0B4C7F694BD8E6 ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
21:49:56.0752 0x024c IDriverT - ok
21:49:56.0775 0x024c IEEtwCollectorService - ok
21:49:57.0005 0x024c [ 623DB9620F552B480690AD882AFACED1, F44039122CF6001CB40A4032D3C108D9A83F06FC700A5B47D83EF605F83C9D2F ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
21:49:57.0212 0x024c igfx - ok
21:49:57.0251 0x024c [ 5264EE143875DDEA0E8CF8540C2AA743, D3A9F6A8FEDC74DFC986432DF5DC1A15048D7FB165E52A38F1269563B0D01A66 ] igfxCUIService1.0.0.0 C:\Windows\system32\igfxCUIService.exe
21:49:57.0263 0x024c igfxCUIService1.0.0.0 - ok
21:49:57.0346 0x024c [ 5697FD05EC6915A1E7193D658D8D6E05, 0179C3AF29880AA21F609CB471034EA5FA49324ACCE12736866675C037EBEC7A ] IKEEXT C:\Windows\System32\ikeext.dll
21:49:57.0391 0x024c IKEEXT - ok
21:49:57.0420 0x024c [ FC7C456AF9B9811499EDBD10616832EE, CA2D8B0E672D3AE449C2FF0B9E142D74E8C72FD877D11162A9F7CC51AF58220F ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
21:49:57.0423 0x024c intaud_WaveExtensible - ok
21:49:57.0647 0x024c [ AAB0607E015F07D342DD3CB04A311257, 681EE04F24D7DEC1E3C02549E7A5C70E2AA6D342ED9F3819178E03E8747F9277 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:49:57.0843 0x024c IntcAzAudAddService - ok
21:49:57.0888 0x024c [ 890144FA6AB42F2B54EE633BF96A019A, 8741904C66170BA11C78D31681E3759537C0BF2338538678BC64234DB8FDE93F ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
21:49:57.0911 0x024c IntcDAud - ok
21:49:57.0997 0x024c [ 768DD5CB66952BC4A3BD474757AEE34F, 5A1F91FC8028D84FD83591D60CB7E3B24425C3B0FFF5A9BB0F7CE2E17AAB92D4 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
21:49:58.0030 0x024c Intel(R) Capability Licensing Service Interface - ok
21:49:58.0073 0x024c [ 7C9ED65324CF268ACBA8024257F782D8, 1DC43DBA3612E26454D7786DEB0538B44A736B67EC99642B4CC574D8A03E0DC7 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
21:49:58.0107 0x024c Intel(R) Capability Licensing Service TCP IP Interface - ok
21:49:58.0126 0x024c Intel(R) TA SAM - ok
21:49:58.0196 0x024c [ 5F158EFE9E72A5D6EDB9A59B3966A972, 8052CE286B9CC94ABBE9DC36A0D66A4DC45FE381D41C6CEBDAD8ABD78113C2EB ] Intel(R) Technology Access Legacy CS Loader C:\Program Files\Intel Corporation\Intel(R) Technology Access\LegacyCsLoaderService.exe
21:49:58.0222 0x024c Intel(R) Technology Access Legacy CS Loader - ok
21:49:58.0306 0x024c [ BA2EF85C5B79DE726B0C87587EEE6D90, 51A60B377E9A1F7C1EE88357CB5B63F8036D4CB977B37C4669BED88029A68721 ] Intel(R) TechnologyAccessService C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe
21:49:58.0356 0x024c Intel(R) TechnologyAccessService - ok
21:49:58.0383 0x024c [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\Windows\system32\drivers\intelide.sys
21:49:58.0386 0x024c intelide - ok
21:49:58.0425 0x024c [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep C:\Windows\system32\drivers\intelpep.sys
21:49:58.0429 0x024c intelpep - ok
21:49:58.0457 0x024c [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\Windows\System32\drivers\intelppm.sys
21:49:58.0466 0x024c intelppm - ok
21:49:58.0489 0x024c [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:49:58.0495 0x024c IpFilterDriver - ok
21:49:58.0604 0x024c [ B452623C1DE60544054E784D94A7AA47, 57AECDEE0AB2B80DFFE11E43608988D46E9169288CB56D644DDE2CAFED6AFD40 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:49:58.0657 0x024c iphlpsvc - ok
21:49:58.0696 0x024c [ C800DCD904016B2BF6AB541083770A3A, 95A8FB9AB2818A4F44AFCBF2715B0B3024DCE38E1406EA639F2A5ECA105D2290 ] IPMIDRV C:\Windows\System32\drivers\IPMIDrv.sys
21:49:58.0700 0x024c IPMIDRV - ok
21:49:58.0742 0x024c [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
21:49:58.0754 0x024c IPNAT - ok
21:49:58.0780 0x024c [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:49:58.0783 0x024c IRENUM - ok
21:49:58.0794 0x024c [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\Windows\system32\drivers\isapnp.sys
21:49:58.0798 0x024c isapnp - ok
21:49:58.0863 0x024c [ AD3C1F4BD9167420F04052FDA197CF29, 82B687092DFC50E8885656AF06BFB7559930750F4905BC4DBDA3A5D334A443D1 ] iScsiPrt C:\Windows\System32\drivers\msiscsi.sys
21:49:58.0882 0x024c iScsiPrt - ok
21:49:58.0947 0x024c [ 622BF9C46A47CF17608C501320E8EFBD, 059F99D4306216324E100FCDAF02093B2CD662F2C6BE8565A4281E7760F8B575 ] iumsvc C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
21:49:58.0992 0x024c iumsvc - ok
21:49:59.0045 0x024c [ A90C843F4FDD7A07129BA73C6BE13976, A76DEA9F09E3B2F18D3B646A0DD39E2773EC62E2F3C55421BA61C12190D78C1C ] iwdbus C:\Windows\System32\drivers\iwdbus.sys
21:49:59.0054 0x024c iwdbus - ok
21:49:59.0094 0x024c [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass C:\Windows\System32\drivers\kbdclass.sys
21:49:59.0103 0x024c kbdclass - ok
21:49:59.0137 0x024c [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid C:\Windows\System32\drivers\kbdhid.sys
21:49:59.0142 0x024c kbdhid - ok
21:49:59.0174 0x024c [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\Windows\system32\DRIVERS\kdnic.sys
21:49:59.0177 0x024c kdnic - ok
21:49:59.0201 0x024c [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso C:\Windows\system32\lsass.exe
21:49:59.0209 0x024c KeyIso - ok
21:49:59.0257 0x024c [ 304DA394D958BC3B62AF6DF514005B01, 8D17777C82F034E800181E82D30FCED800CBC46CD659AE2E0D972CA1381BD4C2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:49:59.0269 0x024c KSecDD - ok
21:49:59.0353 0x024c [ 3D4AE520CD6F6FFE549DD195C1F515BE, 2AD3E07F504CE50956C391FD4633D20B354A854C940B3563A67B79BB6E40218F ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
21:49:59.0378 0x024c KSecPkg - ok
21:49:59.0416 0x024c [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
21:49:59.0419 0x024c ksthunk - ok
21:49:59.0451 0x024c [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm C:\Windows\system32\msdtckrm.dll
21:49:59.0470 0x024c KtmRm - ok
21:49:59.0554 0x024c [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer C:\Windows\system32\srvsvc.dll
21:49:59.0579 0x024c LanmanServer - ok
21:49:59.0699 0x024c [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:49:59.0731 0x024c LanmanWorkstation - ok
21:49:59.0796 0x024c [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc C:\Windows\System32\GeofenceMonitorService.dll
21:49:59.0846 0x024c lfsvc - ok
21:49:59.0878 0x024c [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:49:59.0883 0x024c lltdio - ok
21:49:59.0936 0x024c [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:49:59.0967 0x024c lltdsvc - ok
21:49:59.0997 0x024c [ 4ACC60B4CBC911F3F34A1D66213BBBF5, C09A87ACAE0D41FD425BAF076FFE9B601DB89BB66199E5BD72FC59C6A8E449DB ] LMDriver C:\Windows\System32\drivers\LMDriver.sys
21:50:00.0000 0x024c LMDriver - ok
21:50:00.0032 0x024c [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts C:\Windows\System32\lmhsvc.dll
21:50:00.0039 0x024c lmhosts - ok
21:50:00.0090 0x024c [ 5059A4211317A8272F53B6179BB6A631, A2EB1BE89520A34597373635503A751B37B8EFD95820B4CAA1CE9A68A471AF73 ] LMSvc C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMSvc.exe
21:50:00.0121 0x024c LMSvc - ok
21:50:00.0146 0x024c [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
21:50:00.0152 0x024c LSI_SAS - ok
21:50:00.0202 0x024c [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
21:50:00.0210 0x024c LSI_SAS2 - ok
21:50:00.0238 0x024c [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\Windows\system32\drivers\lsi_sas3.sys
21:50:00.0243 0x024c LSI_SAS3 - ok
21:50:00.0257 0x024c [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\Windows\system32\drivers\lsi_sss.sys
21:50:00.0261 0x024c LSI_SSS - ok
21:50:00.0343 0x024c [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM C:\Windows\System32\lsm.dll
21:50:00.0395 0x024c LSM - ok
21:50:00.0421 0x024c [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv C:\Windows\system32\drivers\luafv.sys
21:50:00.0426 0x024c luafv - ok
21:50:00.0481 0x024c [ A0A527569856B9814E8920F52EBB67F5, 4347277C84B47E4CC048850BDEFB258CFB3B476AA99FD503FD71FBB70FFF5ACF ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
21:50:00.0538 0x024c LVRS64 - ok
21:50:00.0803 0x024c [ 415E344294D1C0D04627B29146F68481, B4A1A05BDF07E8F226A98E51F62BE18BE2C046A084C495BD8A95CABC79FD0614 ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
21:50:01.0038 0x024c LVUVC64 - ok
21:50:01.0394 0x024c [ 804E3246E3E73D4A936F2F4BCDC53A2D, BF1F9B4AC292238FA6EE541E325B220F311977F9D87D5BC7F90AD058FBF0B35A ] MBAMService E:\Programme\Malwarebytes\Anti-Malware\mbamservice.exe
21:50:01.0514 0x024c MBAMService - ok
21:50:01.0583 0x024c [ BDE2FC7213C0897524C1357BAAE30239, 1E1AB68145107429217E07A662477C86406E0188BE9F01CAC416AC13054D1A5E ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys
21:50:01.0626 0x024c MBAMSwissArmy - ok
21:50:01.0732 0x024c [ 69F56C3A8A442A891FC5A274CE3BCBB2, 429E6A5D57975219D0893E48C1C25E88919D6BC0C37B8B560B2D2863A480C696 ] McAfee SiteAdvisor Service C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
21:50:01.0754 0x024c McAfee SiteAdvisor Service - ok
21:50:01.0880 0x024c [ 56A485A5B702DB8AB32122A2EAD2694E, 28BF10E3CA295246B6A133B3CBA4C84C7AF3726185916CBB26645184F8C5EE25 ] McAPExe C:\Program Files\Common Files\McAfee\VSCore_15_6\McApExe.exe
21:50:01.0921 0x024c McAPExe - ok
21:50:01.0959 0x024c [ 7515D791E39C9D75714FFDB954D12494, 4B2568FB4C48F8F01FA3EE59116F669FD8FAF1AF427C9262E36491970AB1126D ] McBootDelayStartSvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
21:50:01.0977 0x024c McBootDelayStartSvc - ok
21:50:02.0204 0x024c [ 080B4F6A1A8ADB39852C3AE8602E2D85, 22AF98641807648B6E2FF0B76AFD009FDAB6BC086C7B16790AB7726B6A4A9476 ] mccspsvc C:\Program Files\Common Files\McAfee\CSP\2.3.290.0\\McCSPServiceHost.exe
21:50:02.0312 0x024c mccspsvc - ok
21:50:02.0367 0x024c [ 7515D791E39C9D75714FFDB954D12494, 4B2568FB4C48F8F01FA3EE59116F669FD8FAF1AF427C9262E36491970AB1126D ] McMPFSvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
21:50:02.0387 0x024c McMPFSvc - ok
21:50:02.0418 0x024c [ 7515D791E39C9D75714FFDB954D12494, 4B2568FB4C48F8F01FA3EE59116F669FD8FAF1AF427C9262E36491970AB1126D ] McNaiAnn C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
21:50:02.0437 0x024c McNaiAnn - ok
21:50:02.0606 0x024c [ A50E64755DFC7777BA2AFA5AE53E9F01, 6A64EBA9307F8AADF723517950D4DB5AE0FCB2714ACC861E468CDBBF24FE39E8 ] McODS C:\Program Files\McAfee\VirusScan\mcods.exe
21:50:02.0663 0x024c McODS - ok
21:50:02.0693 0x024c [ 7515D791E39C9D75714FFDB954D12494, 4B2568FB4C48F8F01FA3EE59116F669FD8FAF1AF427C9262E36491970AB1126D ] mcpltsvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
21:50:02.0713 0x024c mcpltsvc - ok
21:50:02.0742 0x024c [ 7515D791E39C9D75714FFDB954D12494, 4B2568FB4C48F8F01FA3EE59116F669FD8FAF1AF427C9262E36491970AB1126D ] McProxy C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
21:50:02.0761 0x024c McProxy - ok
21:50:02.0796 0x024c [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\Windows\system32\drivers\megasas.sys
21:50:02.0800 0x024c megasas - ok
21:50:02.0847 0x024c [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\Windows\system32\drivers\megasr.sys
21:50:02.0872 0x024c megasr - ok
21:50:02.0937 0x024c [ 6820218B1C5EE9037955B337CBB4142B, 85B12BABFFB371C9FF6A20EE795DD33CD8DD784D3CBCF2DEC65E57A3D45EC029 ] mfeaack C:\Windows\system32\drivers\mfeaack.sys
21:50:02.0968 0x024c mfeaack - ok
21:50:02.0994 0x024c [ 2B1A0FF97C0E065CB83A9A897ECE9F15, 63A2CF428A3F315F9019B7C34E45AEE259BCD468D49B313A44961529581FE40D ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
21:50:03.0007 0x024c mfeavfk - ok
21:50:03.0046 0x024c [ FE970DF83C4E999998AB440ECAD7D0E7, 7394B5837C8F14A889DE228E7833C0F08FBFF8A40DCA9EA775ADB3A3D67E0178 ] mfeelamk C:\Windows\system32\drivers\mfeelamk.sys
21:50:03.0050 0x024c mfeelamk - ok
21:50:03.0087 0x024c [ 313DA2DB8E3F908980FBEBC511F30A50, FA1D3F766DED7C4765AD51B985FD1E65C03315E9ED377BF0CEF14B8D01DC7B06 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
21:50:03.0099 0x024c mfefire - ok
21:50:03.0159 0x024c [ 472EC3FF35A7D038155F189EC62E2F72, B97E6792FB7FFF7DF356F44955DD733009D900859247F8E4CA06844E2DB9C9CB ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
21:50:03.0191 0x024c mfefirek - ok
21:50:03.0292 0x024c [ F11A7C2408C4691137E33D82F61221BC, 706DC1AD05245246740CC9572700F65675276E7D550648B4DDDC6BFEFC2272CF ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
21:50:03.0336 0x024c mfehidk - ok
21:50:03.0390 0x024c [ A185B311B7053F8E9313C835D654862E, 79DA7726F887B82E98F6245B840144202D2B0CE811863DCDCE42F1912FBF6545 ] mfemms C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe
21:50:03.0410 0x024c mfemms - ok
21:50:03.0670 0x024c [ 261B1A6F691FEBC2F34057BF72010CD9, 589A18AD1C74B1766EB08D9EA5AA46224964D54A50EA7A485660C65A8CA7AEBE ] mfencbdc C:\Windows\system32\DRIVERS\mfencbdc.sys
21:50:03.0698 0x024c mfencbdc - ok
21:50:03.0737 0x024c [ 54A804B0A4E77542D2E7331F593137C3, B9C8B94D7C22B28CF8E5AADB088510D92C73154A48A51F220B4375C51DE829BE ] mfencrk C:\Windows\system32\DRIVERS\mfencrk.sys
21:50:03.0742 0x024c mfencrk - ok
21:50:03.0774 0x024c [ 7C2C87D65568F9276100E99B9D225DC4, B2AEC1D5DC528E075F80B6242907C5D2E9A0C82DB59E0FE1114E31E4D90A4533 ] mfeplk C:\Windows\system32\drivers\mfeplk.sys
21:50:03.0779 0x024c mfeplk - ok
21:50:03.0849 0x024c [ DA49A90A69B3284FD11B6F02D0209A99, 759380964E6450FF21FB9A2BD23BA0394B005EC332E714D40D47262FCDC6CFE9 ] mfesapsn C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys
21:50:03.0859 0x024c mfesapsn - ok
21:50:03.0939 0x024c [ BF65650E76D1DB5D49D0C15B79419C34, 106339F6968A33020DA3C56F31A9750DB588518C5DBCDED20A31B300905B90AF ] mfevtp C:\Windows\system32\mfevtps.exe
21:50:03.0987 0x024c mfevtp - ok
21:50:04.0033 0x024c [ 798D11CE31982A628DB55AF6A1B499FD, E6A69F45218645BF2193206FF0797E19E6BA37AC5D123762E57C8A77CE11FA6E ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
21:50:04.0073 0x024c mfewfpk - ok
21:50:04.0110 0x024c [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS C:\Windows\system32\mmcss.dll
21:50:04.0123 0x024c MMCSS - ok
21:50:04.0150 0x024c [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\Windows\system32\drivers\modem.sys
21:50:04.0155 0x024c Modem - ok
21:50:04.0316 0x024c [ A33B71D493BA379312B176A27FB5B085, 81A4D286BAB7A51F56AD23610A2F3137BAAFC94FBCF5F3341DF136F0EEBA99D8 ] ModuleCoreService C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
21:50:04.0390 0x024c ModuleCoreService - ok
21:50:04.0410 0x024c [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\Windows\System32\drivers\monitor.sys
21:50:04.0413 0x024c monitor - ok
21:50:04.0432 0x024c [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass C:\Windows\System32\drivers\mouclass.sys
21:50:04.0436 0x024c mouclass - ok
21:50:04.0455 0x024c [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid C:\Windows\System32\drivers\mouhid.sys
21:50:04.0458 0x024c mouhid - ok
21:50:04.0490 0x024c [ 24DABC0A77FAFDC0E379AB3B30F61BB6, E66624ABBF1D742879035F9161F9D3713DE7B759B3D3CF8B96C9E397A02FCF82 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
21:50:04.0495 0x024c mountmgr - ok
21:50:04.0530 0x024c [ 0DE2474F316C515482ABAD3B697F8714, 62862AE7432F5350068E96AD466093359C6CF444EB517AE6D09134FAF78C49F5 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:50:04.0537 0x024c MozillaMaintenance - ok
21:50:04.0583 0x024c [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:50:04.0587 0x024c mpsdrv - ok
21:50:04.0676 0x024c [ D1418745A5472F3930A288E05B9E2C05, 95785F0FA7EE239459C0288DB37E9E54648029FD6FE45A61E6343526D67FFA32 ] MpsSvc C:\Windows\system32\mpssvc.dll
21:50:04.0763 0x024c MpsSvc - ok
21:50:04.0808 0x024c [ 3F818C1518DA702C8F10259095C9BDE0, B98C1A6F9A3C01A10503B2B2C45CC89AFF17B346B15990F4DB4820F68BDC62C8 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:50:04.0819 0x024c MRxDAV - ok
21:50:04.0858 0x024c [ C3B0566DE49265AE98405825938C20A1, F8BCA4A5AF21B841C998D4772DA9FF84E45F1356AA1285A1D48C06574A81CA4C ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:50:04.0872 0x024c mrxsmb - ok
21:50:04.0960 0x024c [ 15D7AF1A26CCEBA32DF21A8E2098F463, 84390806AD3A9651DAB803E9257EEE851B898ED2AB56D8936E8C9F6B41967243 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:50:05.0017 0x024c mrxsmb10 - ok
21:50:05.0120 0x024c [ 0790EEB1EC199F8BE8259E47B373ED23, F9330F43B40675CCB60804182EF04BFBA3837ED14C798788A4B27D65A646D1C7 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:50:05.0158 0x024c mrxsmb20 - ok
21:50:05.0208 0x024c [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge C:\Windows\system32\DRIVERS\bridge.sys
21:50:05.0242 0x024c MsBridge - ok
21:50:05.0302 0x024c [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC C:\Windows\System32\msdtc.exe
21:50:05.0345 0x024c MSDTC - ok
21:50:05.0413 0x024c [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:50:05.0418 0x024c Msfs - ok
21:50:05.0447 0x024c [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\Windows\System32\drivers\msgpiowin32.sys
21:50:05.0452 0x024c msgpiowin32 - ok
21:50:05.0470 0x024c [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
21:50:05.0473 0x024c mshidkmdf - ok
21:50:05.0492 0x024c [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\Windows\System32\drivers\mshidumdf.sys
21:50:05.0493 0x024c mshidumdf - ok
21:50:05.0521 0x024c [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
21:50:05.0524 0x024c msisadrv - ok
21:50:05.0570 0x024c [ A06142B3850B06972F1C89748FAA2C02, B1CCC5C8D100FEB384FCC85FED2A77F47DA4C9BA5F6889A130F4D73E30ACAA78 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:50:05.0582 0x024c MSiSCSI - ok
21:50:05.0593 0x024c msiserver - ok
21:50:05.0642 0x024c [ 7515D791E39C9D75714FFDB954D12494, 4B2568FB4C48F8F01FA3EE59116F669FD8FAF1AF427C9262E36491970AB1126D ] MSK80Service C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
21:50:05.0660 0x024c MSK80Service - ok
21:50:05.0685 0x024c [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:50:05.0687 0x024c MSKSSRV - ok
21:50:05.0727 0x024c [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp C:\Windows\system32\DRIVERS\mslldp.sys
21:50:05.0733 0x024c MsLldp - ok
21:50:05.0765 0x024c [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:50:05.0768 0x024c MSPCLOCK - ok
21:50:05.0794 0x024c [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:50:05.0796 0x024c MSPQM - ok
21:50:05.0835 0x024c [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:50:05.0902 0x024c MsRPC - ok
21:50:05.0938 0x024c [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\Windows\System32\drivers\mssmbios.sys
21:50:05.0944 0x024c mssmbios - ok
21:50:05.0971 0x024c [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:50:05.0974 0x024c MSTEE - ok
21:50:05.0998 0x024c [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\Windows\System32\drivers\MTConfig.sys
|
|
07.03.2017, 17:19
| #6 |
| | KDSSKiller - Teil2Code:
ATTFilter 21:50:06.0002 0x024c MTConfig - ok
21:50:06.0046 0x024c [ 438EA7A2D8D4F9B8AFB64748ACA70BA8, AEEB7B657B645C4006C6D5E8D07ECE581DEE7AD22EA1A587C552574990CF091B ] Mup C:\Windows\system32\Drivers\mup.sys
21:50:06.0056 0x024c Mup - ok
21:50:06.0087 0x024c [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\Windows\system32\drivers\mvumis.sys
21:50:06.0094 0x024c mvumis - ok
21:50:06.0182 0x024c [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent C:\Windows\system32\qagentRT.dll
21:50:06.0258 0x024c napagent - ok
21:50:06.0332 0x024c [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:50:06.0353 0x024c NativeWifiP - ok
21:50:06.0400 0x024c [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc C:\Windows\System32\ncasvc.dll
21:50:06.0430 0x024c NcaSvc - ok
21:50:06.0470 0x024c [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService C:\Windows\System32\ncbservice.dll
21:50:06.0482 0x024c NcbService - ok
21:50:06.0523 0x024c [ 0813B71EAF097208DC76CE0605B48AF0, A93A2E6A8FB77B58AC4D580E6F8BF307A25BADC9493994F9BE235EBFB0E1DB22 ] NcdAutoSetup C:\Windows\System32\NcdAutoSetup.dll
21:50:06.0536 0x024c NcdAutoSetup - ok
21:50:06.0628 0x024c [ 97DC5967F65503213FD1F1B3E4A6F983, 3EC515856C7CE9B30032F963DC04190F66EE62402A819781DC45B7D088C84229 ] NDIS C:\Windows\system32\drivers\ndis.sys
21:50:06.0686 0x024c NDIS - ok
21:50:06.0738 0x024c [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
21:50:06.0742 0x024c NdisCap - ok
21:50:06.0798 0x024c [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform C:\Windows\system32\DRIVERS\NdisImPlatform.sys
21:50:06.0816 0x024c NdisImPlatform - ok
21:50:06.0850 0x024c [ F6CAD1FD269E8FFE4DACF0F7A653CB02, 46476469CE07348EA69202E954D969A899553A93B7B224E09882564811DD48BF ] ndisrd C:\Windows\system32\DRIVERS\ndisrfl.sys
21:50:06.0855 0x024c ndisrd - ok
21:50:06.0917 0x024c [ 82821F4EEC776B4CF11695A38F3ABA46, 23184F9D31E662855DC4D23EFE7C2FE00E5487D3762B6024704A5D8C87762E1C ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:50:06.0925 0x024c NdisTapi - ok
21:50:07.0012 0x024c [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:50:07.0025 0x024c Ndisuio - ok
21:50:07.0059 0x024c [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\Windows\System32\drivers\NdisVirtualBus.sys
21:50:07.0064 0x024c NdisVirtualBus - ok
21:50:07.0124 0x024c [ C3755FCF9A0B5C6FE8ED9E873B85D3CE, 4D3DAFAFA5FB2930522D6DA536E3A731BABE0C24613C190D2330DB415D1A6515 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:50:07.0171 0x024c NdisWan - ok
21:50:07.0199 0x024c [ C3755FCF9A0B5C6FE8ED9E873B85D3CE, 4D3DAFAFA5FB2930522D6DA536E3A731BABE0C24613C190D2330DB415D1A6515 ] NdisWanLegacy C:\Windows\system32\DRIVERS\ndiswan.sys
21:50:07.0209 0x024c NdisWanLegacy - ok
21:50:07.0266 0x024c [ DDD7F92A83F74D1476B71FBA9530A8DC, D3F94FC9F48854E09B0B77CE5E1C1DB948D54EAC63C5583437051BB893B5A386 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:50:07.0281 0x024c NDProxy - ok
21:50:07.0337 0x024c [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu C:\Windows\system32\drivers\Ndu.sys
21:50:07.0347 0x024c Ndu - ok
21:50:07.0393 0x024c [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\System32\HPZinw12.dll
21:50:07.0403 0x024c Net Driver HPZ12 - ok
21:50:07.0434 0x024c [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:50:07.0438 0x024c NetBIOS - ok
21:50:07.0488 0x024c [ 9DC17B7D9D84C37C102D379FCC7D4942, D522022ED4395686837E96F57EE29F8065FB749D1195B60D2A406FB33F696C09 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
21:50:07.0504 0x024c NetBT - ok
21:50:07.0537 0x024c [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon C:\Windows\system32\lsass.exe
21:50:07.0544 0x024c Netlogon - ok
21:50:07.0585 0x024c [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman C:\Windows\System32\netman.dll
21:50:07.0601 0x024c Netman - ok
21:50:07.0651 0x024c [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm C:\Windows\System32\netprofmsvc.dll
21:50:07.0685 0x024c netprofm - ok
21:50:07.0715 0x024c [ 87CFE8B5238A976E222B71572EA974BF, D54E087673E4BD40E45763AB3C199804E4B25EAFBB511301A177480F299D6539 ] NetTap630 C:\Windows\system32\DRIVERS\nettap630.sys
21:50:07.0720 0x024c NetTap630 - ok
21:50:07.0837 0x024c [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:50:07.0955 0x024c NetTcpPortSharing - ok
21:50:08.0014 0x024c [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc C:\Windows\System32\drivers\netvsc63.sys
21:50:08.0019 0x024c netvsc - ok
21:50:08.0058 0x024c [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc C:\Windows\System32\nlasvc.dll
21:50:08.0093 0x024c NlaSvc - ok
21:50:08.0115 0x024c [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:50:08.0119 0x024c Npfs - ok
21:50:08.0141 0x024c [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\Windows\System32\drivers\npsvctrig.sys
21:50:08.0144 0x024c npsvctrig - ok
21:50:08.0183 0x024c [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi C:\Windows\system32\nsisvc.dll
21:50:08.0187 0x024c nsi - ok
21:50:08.0217 0x024c [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:50:08.0221 0x024c nsiproxy - ok
21:50:08.0383 0x024c [ 9980B262DBE439AE6BDC91AA985F19EE, E998E4CAE9CD103ADA9CA3C737C4DAD017D056828BFA42A41C7B4E4E108FB13C ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:50:08.0483 0x024c Ntfs - ok
21:50:08.0527 0x024c [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\Windows\system32\drivers\Null.sys
21:50:08.0530 0x024c Null - ok
21:50:08.0560 0x024c [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\Windows\system32\drivers\nvraid.sys
21:50:08.0572 0x024c nvraid - ok
21:50:08.0590 0x024c [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\Windows\system32\drivers\nvstor.sys
21:50:08.0598 0x024c nvstor - ok
21:50:08.0615 0x024c [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
21:50:08.0621 0x024c nv_agp - ok
21:50:08.0667 0x024c [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
21:50:08.0689 0x024c p2pimsvc - ok
21:50:08.0757 0x024c [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc C:\Windows\system32\p2psvc.dll
21:50:08.0789 0x024c p2psvc - ok
21:50:08.0834 0x024c [ 57DCE4FB0467986AE78E1C6FC5240D32, F7F3ADD1B48E4D6BB0A664A2FE556F71ED7453054B4FB667A29BE050C845045B ] Parport C:\Windows\System32\drivers\parport.sys
21:50:08.0843 0x024c Parport - ok
21:50:08.0884 0x024c [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:50:08.0895 0x024c partmgr - ok
21:50:08.0975 0x024c [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc C:\Windows\System32\pcasvc.dll
21:50:09.0014 0x024c PcaSvc - ok
21:50:09.0091 0x024c [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci C:\Windows\system32\drivers\pci.sys
21:50:09.0111 0x024c pci - ok
21:50:09.0151 0x024c [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\Windows\system32\drivers\pciide.sys
21:50:09.0157 0x024c pciide - ok
21:50:09.0244 0x024c [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
21:50:09.0268 0x024c pcmcia - ok
21:50:09.0298 0x024c [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\Windows\system32\drivers\pcw.sys
21:50:09.0304 0x024c pcw - ok
21:50:09.0350 0x024c [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc C:\Windows\system32\drivers\pdc.sys
21:50:09.0357 0x024c pdc - ok
21:50:09.0433 0x024c [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:50:09.0485 0x024c PEAUTH - ok
21:50:09.0664 0x024c [ 028362370BEEBADACC881E3D4956E236, D641E431F8B41218E92C0F02A3FE9897B09E116AC8222DC0E7C4994BC0CEEA2F ] PEFService C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
21:50:09.0774 0x024c PEFService - ok
21:50:09.0853 0x024c [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\Windows\SysWow64\perfhost.exe
21:50:09.0861 0x024c PerfHost - ok
21:50:10.0028 0x024c [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla C:\Windows\system32\pla.dll
21:50:10.0106 0x024c pla - ok
21:50:10.0153 0x024c [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:50:10.0165 0x024c PlugPlay - ok
21:50:10.0203 0x024c [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\Windows\System32\HPZipm12.dll
21:50:10.0210 0x024c Pml Driver HPZ12 - ok
21:50:10.0249 0x024c [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
21:50:10.0272 0x024c PNRPAutoReg - ok
21:50:10.0332 0x024c [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
21:50:10.0381 0x024c PNRPsvc - ok
21:50:10.0443 0x024c [ 0FF8507A8B901B904E98EB36B9E347EE, FE4A9A6159A8490F3155D166656748722EFDEDCDC447C09155A5AD6D9F5D294D ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:50:10.0481 0x024c PolicyAgent - ok
21:50:10.0509 0x024c [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power C:\Windows\system32\umpo.dll
21:50:10.0516 0x024c Power - ok
21:50:10.0783 0x024c [ F6EA63145C20A23732AD2CA1EBA65FA1, 0DD1164D37C1500258E9CCCE458778A3DA196D9A65919B2672E3C88383068F52 ] PrintNotify C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
21:50:10.0910 0x024c PrintNotify - ok
21:50:10.0952 0x024c [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\Windows\System32\drivers\processr.sys
21:50:10.0965 0x024c Processor - ok
21:50:11.0004 0x024c [ 6E409D818C6B342544EAE741B1422B85, B4ADFB7809FC42C432C984C3AC13FAFD1B7AD53BCC7FB16E86371DE4C829DD1A ] ProfSvc C:\Windows\system32\profsvc.dll
21:50:11.0027 0x024c ProfSvc - ok
21:50:11.0064 0x024c [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
21:50:11.0073 0x024c Psched - ok
21:50:11.0163 0x024c [ 2ACAB8C99FFCB2555A5979944D26EB50, BA0543FEBFCB50A7A379D695F110DB0C6CB5AA299D3C517FE270635044F00BFA ] QASvc C:\Program Files\Packard Bell\Packard Bell Quick Access\QASvc.exe
21:50:11.0203 0x024c QASvc - ok
21:50:11.0285 0x024c [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE C:\Windows\system32\qwave.dll
21:50:11.0326 0x024c QWAVE - ok
21:50:11.0369 0x024c [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:50:11.0375 0x024c QWAVEdrv - ok
21:50:11.0411 0x024c [ 6A52182919E25FB56D253D389F92CE98, AE6497D5CF324CB813248ADECB0F53E5CB3D6C326774E2257319E4CE7782C591 ] RadioShim C:\Windows\System32\drivers\RadioShim.sys
21:50:11.0414 0x024c RadioShim - ok
21:50:11.0454 0x024c [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:50:11.0456 0x024c RasAcd - ok
21:50:11.0518 0x024c [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto C:\Windows\System32\rasauto.dll
21:50:11.0536 0x024c RasAuto - ok
21:50:11.0638 0x024c [ 15C0034561FE5B03FA376F1A6232478B, 0F9B5C2BD7D8803FF3C5ED957D3F0859F2A59B74510E4659FBF05EDCBF230208 ] RasMan C:\Windows\System32\rasmans.dll
21:50:11.0676 0x024c RasMan - ok
21:50:11.0709 0x024c [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:50:11.0714 0x024c RasPppoe - ok
21:50:11.0764 0x024c [ D67ED4AB59D1EF66B05AD1A81AC28B26, 72E750A9A6B484D8BEDE52FA6DABEF4D95765DE491152E1F6C856D0590B50C28 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:50:11.0787 0x024c rdbss - ok
21:50:11.0800 0x024c [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\Windows\System32\drivers\rdpbus.sys
21:50:11.0803 0x024c rdpbus - ok
21:50:11.0827 0x024c [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
21:50:11.0835 0x024c RDPDR - ok
21:50:11.0871 0x024c [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
21:50:11.0873 0x024c RdpVideoMiniport - ok
21:50:11.0905 0x024c [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
21:50:11.0917 0x024c rdyboost - ok
21:50:12.0036 0x024c [ 2D39BCFA4DD1081B8F282B623456B858, DD8C433B66B6661F4DBD1784CBD334441B508BE84932DD443F7AD51CEA192BA9 ] ReFS C:\Windows\system32\drivers\ReFS.sys
21:50:12.0076 0x024c ReFS - ok
21:50:12.0130 0x024c [ DF78648AC3C8DC9D70E6714AF785382F, 56E104939ED0AB5B26AE07BAB1BBB7D15828DBD3A2AD35361423D7ADDA4BA551 ] RemoteAccess C:\Windows\System32\mprdim.dll
21:50:12.0144 0x024c RemoteAccess - ok
21:50:12.0201 0x024c [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:50:12.0241 0x024c RemoteRegistry - ok
21:50:12.0336 0x024c [ DC66AE45816614D2999DCD3834DCCC4E, 1C26225135E851DDD1307F52401DD7055B26B3F3B8FDD693B21042C2896E235A ] RFCOMM C:\Windows\System32\drivers\rfcomm.sys
21:50:12.0361 0x024c RFCOMM - ok
21:50:12.0477 0x024c [ 41DDCF1ADD1FB7DE23DCF671740DDBE6, 87ECB5C883CEFF76D126A5B4D92E069C9298FA5B62CC981870F9ECCA13C074F1 ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
21:50:12.0543 0x024c RichVideo - ok
21:50:12.0596 0x024c [ 858DB87C457D2B44DDEF876B170AAACE, E59D06DCBD94573A89D98B58C46A3DA0AD115831D2A0FBD2F7940A6694504A28 ] RMSvc C:\Program Files\Packard Bell\Packard Bell Quick Access\RMSvc.exe
21:50:12.0626 0x024c RMSvc - ok
21:50:12.0663 0x024c [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
21:50:12.0670 0x024c RpcEptMapper - ok
21:50:12.0701 0x024c [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator C:\Windows\system32\locator.exe
21:50:12.0704 0x024c RpcLocator - ok
21:50:12.0770 0x024c [ 7830CEA509693DE0817DF2F3F2D80E89, 7B1786CD225E2D6BCFA484D0BFB81DD162D5713EAEC80C53317CC6950E3D17F3 ] RpcSs C:\Windows\system32\rpcss.dll
21:50:12.0800 0x024c RpcSs - ok
21:50:12.0828 0x024c [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:50:12.0832 0x024c rspndr - ok
21:50:12.0881 0x024c [ BCDE27DA663D2F1BE1EA262F2BFDA8D0, 07744F83C41503D8C948E8D8569628C7C9D283EBA3C20CB63BC81123812A0A25 ] RSUSBVSTOR C:\Windows\System32\Drivers\RtsUVStor.sys
21:50:12.0930 0x024c RSUSBVSTOR - ok
21:50:13.0007 0x024c [ D5C3918E3EF787A41172B8E5348247F0, 033E5E6037CDFE65D26AD834ACD2B652EEED66BA48753F7B319C9FD41CE4F180 ] RTL8168 C:\Windows\system32\DRIVERS\Rt630x64.sys
21:50:13.0050 0x024c RTL8168 - ok
21:50:13.0075 0x024c [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\Windows\System32\drivers\vms3cap.sys
21:50:13.0076 0x024c s3cap - ok
21:50:13.0104 0x024c [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs C:\Windows\system32\lsass.exe
21:50:13.0109 0x024c SamSs - ok
21:50:13.0143 0x024c [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
21:50:13.0151 0x024c sbp2port - ok
21:50:13.0190 0x024c [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:50:13.0202 0x024c SCardSvr - ok
21:50:13.0247 0x024c [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum C:\Windows\System32\ScDeviceEnum.dll
21:50:13.0260 0x024c ScDeviceEnum - ok
21:50:13.0291 0x024c [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
21:50:13.0296 0x024c scfilter - ok
21:50:13.0455 0x024c [ 3151A020E03DDE31AAC49F35C5EFB4DB, 5ABB1103009979F86C862357E28F37C2744979F2C99F7CF6ABB4EB1B8416B3F6 ] Schedule C:\Windows\system32\schedsvc.dll
21:50:13.0511 0x024c Schedule - ok
21:50:13.0553 0x024c [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc C:\Windows\System32\certprop.dll
21:50:13.0558 0x024c SCPolicySvc - ok
21:50:13.0617 0x024c [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus C:\Windows\System32\drivers\sdbus.sys
21:50:13.0634 0x024c sdbus - ok
21:50:13.0671 0x024c [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\Windows\System32\drivers\sdstor.sys
21:50:13.0676 0x024c sdstor - ok
21:50:13.0717 0x024c [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:50:13.0723 0x024c secdrv - ok
21:50:13.0771 0x024c [ 6627154693B6C2B8A59727F5B38728E8, F08251EE3436400295F120D48F3763E6F11BBF4132D674AD3E8112B6B3538455 ] seclogon C:\Windows\system32\seclogon.dll
21:50:13.0787 0x024c seclogon - ok
21:50:13.0832 0x024c [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS C:\Windows\System32\sens.dll
21:50:13.0849 0x024c SENS - ok
21:50:13.0928 0x024c [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
21:50:13.0980 0x024c SensrSvc - ok
21:50:14.0010 0x024c [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\Windows\system32\drivers\SerCx.sys
21:50:14.0016 0x024c SerCx - ok
21:50:14.0039 0x024c [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\Windows\system32\drivers\SerCx2.sys
21:50:14.0049 0x024c SerCx2 - ok
21:50:14.0088 0x024c [ 1F0135949A6AD6025F363F80FE268251, DB2D503863143F2251E589F7B0B3E9FBF997D7333D54C55856590B5080B5513D ] Serenum C:\Windows\System32\drivers\serenum.sys
21:50:14.0091 0x024c Serenum - ok
21:50:14.0110 0x024c [ 81633C87B42B63BA484A6177179AC750, A22BA40E9EC74E88D8098CBDC954E1D63B832FCB789E3C7B731DE5DA39BEE2CA ] Serial C:\Windows\System32\drivers\serial.sys
21:50:14.0120 0x024c Serial - ok
21:50:14.0149 0x024c [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse C:\Windows\System32\drivers\sermouse.sys
21:50:14.0154 0x024c sermouse - ok
21:50:14.0212 0x024c [ 389458EA0B5FAEBA325FAC47B9ED589E, F7F37A1F1E912069F65E4629FF733F080AE675DF6FE255AF48F5E23EB47D0622 ] SessionEnv C:\Windows\system32\sessenv.dll
21:50:14.0246 0x024c SessionEnv - ok
21:50:14.0276 0x024c [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\Windows\System32\drivers\sfloppy.sys
21:50:14.0280 0x024c sfloppy - ok
21:50:14.0355 0x024c [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:50:14.0398 0x024c SharedAccess - ok
21:50:14.0470 0x024c [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:50:14.0516 0x024c ShellHWDetection - ok
21:50:14.0543 0x024c [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
21:50:14.0546 0x024c SiSRaid2 - ok
21:50:14.0565 0x024c [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
21:50:14.0570 0x024c SiSRaid4 - ok
21:50:14.0619 0x024c [ B72B80E6FF423C5011E745CB76DA9A08, 18A6B9D46E91AD4D463EB5CB832702392D2E162577F90C328B515FCE69FABD15 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
21:50:14.0663 0x024c SkypeUpdate - ok
21:50:14.0721 0x024c [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost C:\Windows\System32\smphost.dll
21:50:14.0730 0x024c smphost - ok
21:50:14.0793 0x024c [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:50:14.0807 0x024c SNMPTRAP - ok
21:50:14.0898 0x024c [ 546B88E6906EE9813EFE314DC95E3488, FC172C2DCC7ACDBBC9CE07CFCBAEDFAEAD2641A037E126174525DBE8BA660CC4 ] spaceport C:\Windows\system32\drivers\spaceport.sys
21:50:14.0922 0x024c spaceport - ok
21:50:14.0941 0x024c [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\Windows\system32\drivers\SpbCx.sys
21:50:14.0945 0x024c SpbCx - ok
21:50:15.0018 0x024c [ FCB156A6745631A67DEA61827061D483, 9275ABFA1E1E595969A71C0DA228D18D1B868BF46E097E1276142BD80F8A32C9 ] Spooler C:\Windows\System32\spoolsv.exe
21:50:15.0082 0x024c Spooler - ok
21:50:15.0427 0x024c [ F264662C057A54AA2DE41B3C7551712F, 2C123C6ACD967CDF1AD2855187CF3D8357B16A4FD9C2F18AE54CFA384165FA11 ] sppsvc C:\Windows\system32\sppsvc.exe
21:50:15.0730 0x024c sppsvc - ok
21:50:15.0817 0x024c [ 36B082C7A764A34FB1DC72D975870B61, 572CB632D9FDC1183F7BF8BFCBC51765C647945E0C13D1C91ADE3D0E76DF83BC ] srv C:\Windows\system32\DRIVERS\srv.sys
21:50:15.0845 0x024c srv - ok
21:50:15.0894 0x024c [ F5849909D4B29B4E3D4445F943E5C7E3, 3FCA1423753716FE1AFDD27EE1E13C4D779A3C976185B5C998EF1A9A39BFC186 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:50:15.0932 0x024c srv2 - ok
21:50:15.0977 0x024c [ FABC49666708EA562549E78E6FBF3191, BE1FEBFC259308B39C727915C41A67CD50720A6E2A68D148F4F2F926AED43B02 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:50:15.0990 0x024c srvnet - ok
21:50:16.0036 0x024c [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:50:16.0074 0x024c SSDPSRV - ok
21:50:16.0125 0x024c [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:50:16.0167 0x024c SstpSvc - ok
21:50:16.0221 0x024c [ D08FFE34AF5B7AC5F69EEA1E0E8C6ECE, CC43752CE5C879E24229C84443DBEE667CE629ECF992AD0D42F0F77FE04F6751 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
21:50:16.0250 0x024c ssudmdm - ok
21:50:16.0275 0x024c [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\Windows\system32\drivers\stexstor.sys
21:50:16.0279 0x024c stexstor - ok
21:50:16.0383 0x024c [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc C:\Windows\System32\wiaservc.dll
21:50:16.0455 0x024c stisvc - ok
21:50:16.0481 0x024c [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\Windows\system32\drivers\storahci.sys
21:50:16.0487 0x024c storahci - ok
21:50:16.0512 0x024c [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
21:50:16.0516 0x024c storflt - ok
21:50:16.0558 0x024c [ 0EDD1F4D470C775740625B06A60C9DD5, 94964D0A793B1C984E87095249EE383A5E669D05BA6BF9F655587887E6CE3C19 ] stornvme C:\Windows\system32\drivers\stornvme.sys
21:50:16.0563 0x024c stornvme - ok
21:50:16.0593 0x024c [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc C:\Windows\system32\storsvc.dll
21:50:16.0601 0x024c StorSvc - ok
21:50:16.0629 0x024c [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\Windows\system32\drivers\storvsc.sys
21:50:16.0634 0x024c storvsc - ok
21:50:16.0676 0x024c [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc C:\Windows\system32\svsvc.dll
21:50:16.0685 0x024c svsvc - ok
21:50:16.0744 0x024c [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum C:\Windows\System32\drivers\swenum.sys
21:50:16.0752 0x024c swenum - ok
21:50:16.0868 0x024c [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv C:\Windows\System32\swprv.dll
21:50:16.0906 0x024c swprv - ok
21:50:17.0000 0x024c [ 7E85DB0463AD2403AE84AD162B162279, 996C42ECAFC6E24C623068AFAFCC0A2612526333AF9315F7536C6D40C2570632 ] SysMain C:\Windows\system32\sysmain.dll
21:50:17.0063 0x024c SysMain - ok
21:50:17.0104 0x024c [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
21:50:17.0130 0x024c SystemEventsBroker - ok
21:50:17.0171 0x024c [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:50:17.0203 0x024c TabletInputService - ok
21:50:17.0260 0x024c [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv C:\Windows\System32\tapisrv.dll
21:50:17.0328 0x024c TapiSrv - ok
21:50:17.0525 0x024c [ 2F10C145F517419E17203632FCDA0A13, 143F5837AE79E3EDB98F17A4661ECD5BCBFEB317077286B51E765560339B53A8 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:50:17.0653 0x024c Tcpip - ok
21:50:17.0745 0x024c [ 2F10C145F517419E17203632FCDA0A13, 143F5837AE79E3EDB98F17A4661ECD5BCBFEB317077286B51E765560339B53A8 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
21:50:17.0814 0x024c TCPIP6 - ok
21:50:17.0850 0x024c [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:50:17.0855 0x024c tcpipreg - ok
21:50:17.0903 0x024c [ E0BD2D83875464FEEEB242CBA8B7E073, A3067165128F36035FA9F3CBA55CFED736E180C495497FA7332B3D97908C3D90 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:50:17.0909 0x024c tdx - ok
21:50:17.0930 0x024c [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\Windows\System32\drivers\terminpt.sys
21:50:17.0937 0x024c terminpt - ok
21:50:18.0038 0x024c [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService C:\Windows\System32\termsrv.dll
21:50:18.0104 0x024c TermService - ok
21:50:18.0134 0x024c [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes C:\Windows\system32\themeservice.dll
21:50:18.0140 0x024c Themes - ok
21:50:18.0167 0x024c [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER C:\Windows\system32\mmcss.dll
21:50:18.0172 0x024c THREADORDER - ok
21:50:18.0219 0x024c [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker C:\Windows\System32\TimeBrokerServer.dll
21:50:18.0242 0x024c TimeBroker - ok
21:50:18.0290 0x024c [ 80A2FC1A089A71F2DBE5D8394FFB009F, DEA30E751F6EA42E43E16869713FC7E37832B15DAFA0062B1798DFA476981385 ] TPM C:\Windows\system32\drivers\tpm.sys
21:50:18.0302 0x024c TPM - ok
21:50:18.0341 0x024c [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks C:\Windows\System32\trkwks.dll
21:50:18.0355 0x024c TrkWks - ok
21:50:18.0406 0x024c [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:50:18.0416 0x024c TrustedInstaller - ok
21:50:18.0441 0x024c [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
21:50:18.0445 0x024c TsUsbFlt - ok
21:50:18.0480 0x024c [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD C:\Windows\System32\drivers\TsUsbGD.sys
21:50:18.0484 0x024c TsUsbGD - ok
21:50:18.0524 0x024c [ E85916632CD3B9E9B546968DB950BF42, DECE3852C763CC6293C7D1B772296C43A0AE1E47BBCC4979C96B3B2AD70413F3 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:50:18.0534 0x024c tunnel - ok
21:50:18.0569 0x024c [ E624283C1A2F9BB4688A002914CC00A7, B6908C1FFDD6BCFFC5C2FC0C429FC3E237E340F891F80CFD737BE41E5EF7E328 ] TXEIx64 C:\Windows\System32\drivers\TXEIx64.sys
21:50:18.0577 0x024c TXEIx64 - ok
21:50:18.0617 0x024c [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
21:50:18.0624 0x024c uagp35 - ok
21:50:18.0658 0x024c [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\Windows\System32\drivers\uaspstor.sys
21:50:18.0668 0x024c UASPStor - ok
21:50:18.0720 0x024c [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000 C:\Windows\System32\drivers\ucx01000.sys
21:50:18.0730 0x024c UCX01000 - ok
21:50:18.0777 0x024c [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:50:18.0801 0x024c udfs - ok
21:50:18.0823 0x024c [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\Windows\System32\drivers\UEFI.sys
21:50:18.0826 0x024c UEFI - ok
21:50:18.0879 0x024c [ EE33325429532937D51AC3F54DC93589, D861B541E42F41EDC69A2A3B44860E40164D797D11B4343495DE6281D33F718C ] UEIPSvc C:\Program Files\Packard Bell\User Experience Improvement Program\Framework\UBTService.exe
21:50:18.0888 0x024c UEIPSvc - ok
21:50:18.0932 0x024c [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:50:18.0938 0x024c UI0Detect - ok
21:50:18.0968 0x024c [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
21:50:18.0972 0x024c uliagpkx - ok
21:50:18.0988 0x024c [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\Windows\System32\drivers\umbus.sys
21:50:18.0991 0x024c umbus - ok
21:50:19.0014 0x024c [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\Windows\System32\drivers\umpass.sys
21:50:19.0016 0x024c UmPass - ok
21:50:19.0066 0x024c [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService C:\Windows\System32\umrdp.dll
21:50:19.0088 0x024c UmRdpService - ok
21:50:19.0138 0x024c [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost C:\Windows\System32\upnphost.dll
21:50:19.0162 0x024c upnphost - ok
21:50:19.0199 0x024c [ DF355EB0199198728027962DCFCDE5FB, 9E158BD07389B4CFF99674716647FA3AABEECBD1A98EDF20E544E099A99A8768 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
21:50:19.0205 0x024c usbaudio - ok
21:50:19.0233 0x024c [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp C:\Windows\System32\drivers\usbccgp.sys
21:50:19.0240 0x024c usbccgp - ok
21:50:19.0273 0x024c [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir C:\Windows\System32\drivers\usbcir.sys
21:50:19.0278 0x024c usbcir - ok
21:50:19.0315 0x024c [ C996CBEF922B5653A01E3F50DDCE2F86, 231EB5A36E7EE242197E796D3B4AB12F945D2C8570587BC8D57D45530A0C59B4 ] usbehci C:\Windows\System32\drivers\usbehci.sys
21:50:19.0320 0x024c usbehci - ok
21:50:19.0381 0x024c [ CD81683F4553677B9BF5163A922153EB, 6B304B0D68B9BFF0245EC755CDAAF9DF59DF3A081727E32CB66672929F0DBC50 ] usbhub C:\Windows\System32\drivers\usbhub.sys
21:50:19.0399 0x024c usbhub - ok
21:50:19.0478 0x024c [ 5C90D5379B53590FBB24BBAD4FA682EE, DC036340510C1C0999AB1CB845F8E6EB8B7696BAC9BBE6E936454C0000D1E9D4 ] USBHUB3 C:\Windows\System32\drivers\UsbHub3.sys
21:50:19.0505 0x024c USBHUB3 - ok
21:50:19.0535 0x024c [ A0F0484C97D6441ED6A75D7426ECCC9E, FF928ADE1C5464E581BF929F7383D5762D110EA6C7E31A6F0887EA7357ADBEFE ] usbohci C:\Windows\System32\drivers\usbohci.sys
21:50:19.0538 0x024c usbohci - ok
21:50:19.0568 0x024c [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\Windows\System32\drivers\usbprint.sys
21:50:19.0572 0x024c usbprint - ok
21:50:19.0614 0x024c [ 9D168BFA334D47BE404367EB58D4E130, 23279CBE6ACBD074E7B268BA2EDA14E2255C41F8117173B2BBE653D8259ECFA2 ] USBSTOR C:\Windows\System32\drivers\USBSTOR.SYS
21:50:19.0623 0x024c USBSTOR - ok
21:50:19.0647 0x024c [ FC974B03C8B87455F44F734C8F31A3C8, D69F6EE8030F7DF96FF151D9EAA6AE65417ACAC5A267C7DB96E9611D5BC42D2C ] usbuhci C:\Windows\System32\drivers\usbuhci.sys
21:50:19.0652 0x024c usbuhci - ok
21:50:19.0702 0x024c [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
21:50:19.0716 0x024c usbvideo - ok
21:50:19.0764 0x024c [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI C:\Windows\System32\drivers\USBXHCI.SYS
21:50:19.0779 0x024c USBXHCI - ok
21:50:19.0801 0x024c [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc C:\Windows\system32\lsass.exe
21:50:19.0805 0x024c VaultSvc - ok
21:50:19.0830 0x024c [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
21:50:19.0834 0x024c vdrvroot - ok
21:50:19.0940 0x024c [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds C:\Windows\System32\vds.exe
21:50:20.0015 0x024c vds - ok
21:50:20.0045 0x024c [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\Windows\system32\drivers\VerifierExt.sys
21:50:20.0055 0x024c VerifierExt - ok
21:50:20.0122 0x024c [ 8ABB4BABF59F092DF0B43778D8FD1884, 94C2100CE86448543A8DD586AD4A128AB9EB37959238D70F33EF59202270AC6C ] vhdmp C:\Windows\System32\drivers\vhdmp.sys
21:50:20.0217 0x024c vhdmp - ok
21:50:20.0255 0x024c [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\Windows\system32\drivers\viaide.sys
21:50:20.0258 0x024c viaide - ok
21:50:20.0294 0x024c [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus C:\Windows\system32\drivers\vmbus.sys
21:50:20.0345 0x024c vmbus - ok
21:50:20.0389 0x024c [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\Windows\System32\drivers\VMBusHID.sys
21:50:20.0394 0x024c VMBusHID - ok
21:50:20.0478 0x024c [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\Windows\System32\ICSvc.dll
21:50:20.0516 0x024c vmicguestinterface - ok
21:50:20.0541 0x024c [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat C:\Windows\System32\ICSvc.dll
21:50:20.0558 0x024c vmicheartbeat - ok
21:50:20.0582 0x024c [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
21:50:20.0599 0x024c vmickvpexchange - ok
21:50:20.0623 0x024c [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv C:\Windows\System32\ICSvc.dll
21:50:20.0640 0x024c vmicrdv - ok
21:50:20.0664 0x024c [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown C:\Windows\System32\ICSvc.dll
21:50:20.0681 0x024c vmicshutdown - ok
21:50:20.0705 0x024c [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync C:\Windows\System32\ICSvc.dll
21:50:20.0722 0x024c vmictimesync - ok
21:50:20.0746 0x024c [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss C:\Windows\System32\ICSvc.dll
21:50:20.0764 0x024c vmicvss - ok
21:50:20.0787 0x024c [ 436E1A724E7E683F6B612D3D58F04241, 939B5EF0090DF3759295F88402FD0EA33F499DDA9F89E5D0E90D1F9AED65D491 ] volmgr C:\Windows\system32\drivers\volmgr.sys
21:50:20.0791 0x024c volmgr - ok
21:50:20.0815 0x024c [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:50:20.0836 0x024c volmgrx - ok
21:50:20.0906 0x024c [ 17F7B0F2298D97F4B6C7A69511033D3D, 5BDFC225F31553786726808FB7952940FC05CA72B3977D684056F42AFAA59565 ] volsnap C:\Windows\system32\drivers\volsnap.sys
21:50:20.0937 0x024c volsnap - ok
21:50:20.0954 0x024c [ DAC438FB5FF85A9E72806E2341D5D732, B1D1EFCA8C588A6BF53CEC941CC59702C366F15C7D5943431736EC857E57C0A2 ] vpci C:\Windows\System32\drivers\vpci.sys
21:50:20.0958 0x024c vpci - ok
21:50:20.0985 0x024c [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
21:50:20.0992 0x024c vsmraid - ok
21:50:21.0114 0x024c [ D0CBA7B3531CCF2ADB985856D5F92434, 7FCBBCAF1AA85DCE8D75FB38DC4848AE12E8DD913CEBBC37BCD3D0123F0A3CAB ] VSS C:\Windows\system32\vssvc.exe
21:50:21.0190 0x024c VSS - ok
21:50:21.0210 0x024c [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\Windows\system32\drivers\vstxraid.sys
21:50:21.0221 0x024c VSTXRAID - ok
21:50:21.0261 0x024c [ 71066FF95C487327E44C8AF1B72EBE8B, EA2729126B452CAE0C80D07501779D804B08E47F1217B61D53277B40869FEC25 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
21:50:21.0263 0x024c vwifibus - ok
21:50:21.0306 0x024c [ 29AB43937FFDA0B0FB56984226E698C6, 6A1A559964FE5D594E54988C46149969E6FFD5A8D5A6862E14648B608794CC29 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
21:50:21.0321 0x024c vwififlt - ok
21:50:21.0350 0x024c [ 8B8624A93E3F88CB923AEB05B6313227, 2856B63CD376BF2B1A9129581E7B9207588D4EAFD29A2C8D98F176FEAFDE26A9 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
21:50:21.0357 0x024c vwifimp - ok
21:50:21.0424 0x024c [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time C:\Windows\system32\w32time.dll
21:50:21.0452 0x024c W32Time - ok
21:50:21.0481 0x024c [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\Windows\System32\drivers\wacompen.sys
21:50:21.0485 0x024c WacomPen - ok
21:50:21.0611 0x024c [ 841345442390953CBC8801B95D3D0540, FD4F9FD2C4C60A1A580177FFF2E9035009AC6A38E78D4236B0ED4773E3B263EE ] wbengine C:\Windows\system32\wbengine.exe
21:50:21.0683 0x024c wbengine - ok
21:50:21.0752 0x024c [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
21:50:21.0785 0x024c WbioSrvc - ok
21:50:21.0852 0x024c [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc C:\Windows\System32\wcmsvc.dll
21:50:21.0886 0x024c Wcmsvc - ok
21:50:21.0960 0x024c [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:50:22.0009 0x024c wcncsvc - ok
21:50:22.0052 0x024c [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:50:22.0068 0x024c WcsPlugInService - ok
21:50:22.0121 0x024c [ 81285DDC994F03379DB46419300B2DCB, 98D3622E11F375718AEA1DE3B5F0104DDAB4F96B6D4C19788C14F7B338A6F235 ] WdBoot C:\Windows\system32\drivers\WdBoot.sys
21:50:22.0132 0x024c WdBoot - ok
21:50:22.0245 0x024c [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:50:22.0319 0x024c Wdf01000 - ok
21:50:22.0345 0x024c [ 26B8FED3F3B85F5F0C4BD03FD00B9941, 7F94FE7954498223B33C025258DB588A3AC9FF25C58EEAD204514FD20652FE40 ] WdFilter C:\Windows\system32\drivers\WdFilter.sys
21:50:22.0355 0x024c WdFilter - ok
21:50:22.0394 0x024c [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:50:22.0404 0x024c WdiServiceHost - ok
21:50:22.0415 0x024c [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:50:22.0424 0x024c WdiSystemHost - ok
21:50:22.0455 0x024c [ CE67080F00E0AF32755096CEA6430ABA, 0E5D626F9F76C0BC63B2D246AD66D9CBF7D92F34B56398417BCFD0C331DBD282 ] WdNisDrv C:\Windows\system32\Drivers\WdNisDrv.sys
21:50:22.0460 0x024c WdNisDrv - ok
21:50:22.0476 0x024c WdNisSvc - ok
21:50:22.0512 0x024c [ A70CAF5EA36CBA5FCA24244306D4D5C6, 76C3E20B62B89D9699A1E817377FAD70B144B877BCC5C850A5B64CC68184D8DA ] WebClient C:\Windows\System32\webclnt.dll
21:50:22.0550 0x024c WebClient - ok
21:50:22.0614 0x024c [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:50:22.0674 0x024c Wecsvc - ok
21:50:22.0715 0x024c [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC C:\Windows\system32\wephostsvc.dll
21:50:22.0725 0x024c WEPHOSTSVC - ok
21:50:22.0762 0x024c [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:50:22.0773 0x024c wercplsupport - ok
21:50:22.0809 0x024c [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc C:\Windows\System32\WerSvc.dll
21:50:22.0820 0x024c WerSvc - ok
21:50:22.0850 0x024c [ 715ABA3DD164D06457A2A3C92F6EA9D5, E6F8269D2FFC4A548B65724C0A3F53756ED15E47229861FBD40B656EE40FE166 ] WFPLWFS C:\Windows\system32\DRIVERS\wfplwfs.sys
21:50:22.0857 0x024c WFPLWFS - ok
21:50:22.0900 0x024c [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc C:\Windows\System32\wiarpc.dll
21:50:22.0914 0x024c WiaRpc - ok
21:50:22.0955 0x024c [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
21:50:22.0960 0x024c WIMMount - ok
21:50:22.0971 0x024c WinDefend - ok
21:50:23.0063 0x024c [ 0E70990EC2E5D2331AA5E88DB0CFB826, 79DFF565C3FCBC691E8FEB669CEC00E340FD2A2AFA4488D23A7CC63A2A98A5C1 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
21:50:23.0102 0x024c WinHttpAutoProxySvc - ok
21:50:23.0169 0x024c [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:50:23.0232 0x024c Winmgmt - ok
21:50:23.0419 0x024c [ 427873F889F2F508BE8BE982219CE578, CA8DCFB774BF0F747295A7A0CB46A6177DE12AD6BD58266182206C41A3C9001E ] WinRM C:\Windows\system32\WsmSvc.dll
21:50:23.0570 0x024c WinRM - ok
21:50:23.0621 0x024c [ 3AF1FA17F1C4ACBDB660D8F98B1A9C13, 99B0851410B462685F6705EBF832D10943FB9634030B02D15BF5D0C66F26F2C2 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
21:50:23.0626 0x024c WinUsb - ok
21:50:23.0768 0x024c [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc C:\Windows\System32\wlansvc.dll
21:50:23.0839 0x024c WlanSvc - ok
21:50:23.0935 0x024c [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc C:\Windows\system32\wlidsvc.dll
21:50:24.0025 0x024c wlidsvc - ok
21:50:24.0054 0x024c [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\Windows\System32\drivers\wmiacpi.sys
21:50:24.0056 0x024c WmiAcpi - ok
21:50:24.0112 0x024c [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:50:24.0126 0x024c wmiApSrv - ok
21:50:24.0153 0x024c WMPNetworkSvc - ok
21:50:24.0178 0x024c [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof C:\Windows\system32\drivers\Wof.sys
21:50:24.0186 0x024c Wof - ok
21:50:24.0323 0x024c [ EDFA5CEDBE174FAAA4A09A6B297AEA42, 5998FE15462E4AD9C7B1444E5E2C17BD470DA3A5D474A0A118E02E47DADC678A ] workfolderssvc C:\Windows\system32\workfolderssvc.dll
21:50:24.0391 0x024c workfolderssvc - ok
21:50:24.0420 0x024c [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr C:\Windows\system32\DRIVERS\wpcfltr.sys
21:50:24.0423 0x024c wpcfltr - ok
21:50:24.0459 0x024c [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:50:24.0466 0x024c WPCSvc - ok
21:50:24.0505 0x024c [ DBDCE2378F65F0A07D4644AC103037E7, 99714F0CD31297C9831BAF04768F467F6E0BF710C859CEDCA83069226BF1A68A ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:50:24.0517 0x024c WPDBusEnum - ok
21:50:24.0548 0x024c [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\Windows\system32\drivers\WpdUpFltr.sys
21:50:24.0551 0x024c WpdUpFltr - ok
21:50:24.0565 0x024c [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:50:24.0569 0x024c ws2ifsl - ok
21:50:24.0594 0x024c [ 501D5EFAB9711039479AE48401386D2B, C8C1184DE93E9D2C4E8A60E4E9980745C4E5470E5DA9B59165D18705330ADEFE ] wscsvc C:\Windows\System32\wscsvc.dll
21:50:24.0604 0x024c wscsvc - ok
21:50:24.0611 0x024c WSearch - ok
21:50:24.0848 0x024c [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService C:\Windows\System32\WSService.dll
21:50:25.0027 0x024c WSService - ok
21:50:25.0244 0x024c [ F3F60C88A6BBC8D0C68FE5B1C91181AF, AF9A4D282CD4BB1127BC3F48AB89DC294408D96F7906553C636F37D1503CFA48 ] wuauserv C:\Windows\system32\wuaueng.dll
21:50:25.0412 0x024c wuauserv - ok
21:50:25.0457 0x024c [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
21:50:25.0462 0x024c WudfPf - ok
21:50:25.0499 0x024c [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd C:\Windows\System32\drivers\WUDFRd.sys
21:50:25.0509 0x024c WUDFRd - ok
21:50:25.0549 0x024c [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:50:25.0559 0x024c wudfsvc - ok
21:50:25.0586 0x024c [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs C:\Windows\System32\drivers\WUDFRd.sys
21:50:25.0593 0x024c WUDFWpdFs - ok
21:50:25.0608 0x024c [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp C:\Windows\system32\DRIVERS\WUDFRd.sys
21:50:25.0615 0x024c WUDFWpdMtp - ok
21:50:25.0699 0x024c [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc C:\Windows\System32\wwansvc.dll
21:50:25.0759 0x024c WwanSvc - ok
21:50:25.0802 0x024c ================ Scan global ===============================
21:50:25.0850 0x024c [ 3500AF0BA2EF095BF313EEB75D2366C6, C755E57B02BFA82151A182DF964349859575570EA5C3FBA81F747B8D2134A4D0 ] C:\Windows\system32\basesrv.dll
21:50:25.0900 0x024c [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\Windows\system32\winsrv.dll
21:50:25.0965 0x024c [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\Windows\system32\sxssrv.dll
21:50:26.0020 0x024c [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\Windows\system32\services.exe
21:50:26.0063 0x024c [ Global ] - ok
21:50:26.0064 0x024c ================ Scan MBR ==================================
21:50:26.0083 0x024c [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
21:50:26.0094 0x024c \Device\Harddisk0\DR0 - ok
21:50:26.0095 0x024c ================ Scan VBR ==================================
21:50:26.0098 0x024c [ 0DB6C855F2008A699F70690D677CD1A0 ] \Device\Harddisk0\DR0\Partition1
21:50:26.0101 0x024c \Device\Harddisk0\DR0\Partition1 - ok
21:50:26.0116 0x024c [ 53DD2AAFE995F7E3A4BCE458A80A02D1 ] \Device\Harddisk0\DR0\Partition2
21:50:26.0117 0x024c \Device\Harddisk0\DR0\Partition2 - ok
21:50:26.0130 0x024c [ 9DF6EE3B3D77B2C80E2646ADE55EB073 ] \Device\Harddisk0\DR0\Partition3
21:50:26.0130 0x024c \Device\Harddisk0\DR0\Partition3 - ok
21:50:26.0156 0x024c [ 126FBAD101823976579A05DFC74FDF77 ] \Device\Harddisk0\DR0\Partition4
21:50:26.0159 0x024c \Device\Harddisk0\DR0\Partition4 - ok
21:50:26.0177 0x024c [ 89EB7DB2C993D1C17FB8B8427D3EA510 ] \Device\Harddisk0\DR0\Partition5
21:50:26.0180 0x024c \Device\Harddisk0\DR0\Partition5 - ok
21:50:26.0214 0x024c [ 6C1A715066525046F764F0878CB09349 ] \Device\Harddisk0\DR0\Partition6
21:50:26.0218 0x024c \Device\Harddisk0\DR0\Partition6 - ok
21:50:26.0219 0x024c ================ Scan generic autorun ======================
21:50:26.0843 0x024c [ DA2D7BED47EF71BDFEEDDEEE76C965FD, 79DB43FB6E84AD492E45DD7F58235D65DF0750AED8E1CEF287D9D1379106A953 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
21:50:27.0394 0x024c RTHDVCPL - ok
21:50:27.0634 0x024c [ A6A21A7D544675E98C040DA18904CF50, AACB578C297C7AC9FEBDAB4AD20235E5CFF6E3F260E76E6AE18D43DC57D69672 ] E:\PROGRAMME\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe
21:50:27.0755 0x024c Malwarebytes TrayApp - ok
21:50:27.0829 0x024c [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
21:50:27.0833 0x024c HP Software Update - ok
21:50:27.0869 0x024c Skype - ok
21:50:27.0873 0x024c Waiting for KSN requests completion. In queue: 170
21:50:28.0060 0x15d0 Object required for P2P: [ F264662C057A54AA2DE41B3C7551712F ] sppsvc
21:50:28.0420 0x15d0 Object send P2P result: true
21:50:28.0912 0x024c AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.207.0 ), 0x60110 ( disabled : outofdate )
21:50:28.0971 0x024c AV detected via SS2: McAfee Anti-Virus und Anti-Spyware, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 15.3.0.0 ), 0x51000 ( enabled : updated )
21:50:28.0974 0x024c FW detected via SS2: McAfee Firewall, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 15.3.0.0 ), 0x51010 ( enabled )
21:50:29.0107 0x024c ============================================================
21:50:29.0107 0x024c Scan finished
21:50:29.0107 0x024c ============================================================
21:50:29.0153 0x0498 Detected object count: 0
21:50:29.0153 0x0498 Actual detected object count: 0
21:55:53.0003 0x1488 ============================================================
21:55:53.0003 0x1488 Scan started
21:55:53.0003 0x1488 Mode: Manual;
21:55:53.0003 0x1488 ============================================================
21:55:53.0003 0x1488 KSN ping started
21:55:53.0095 0x1488 KSN ping finished: true
21:55:54.0073 0x1488 ================ Scan system memory ========================
21:55:54.0073 0x1488 System memory - ok
21:55:54.0077 0x1488 ================ Scan services =============================
21:55:54.0221 0x1488 0295171488827201mcinstcleanup - ok
21:55:54.0394 0x1488 [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\Windows\System32\drivers\1394ohci.sys
21:55:54.0414 0x1488 1394ohci - ok
21:55:54.0442 0x1488 [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\Windows\system32\drivers\3ware.sys
21:55:54.0450 0x1488 3ware - ok
21:55:54.0516 0x1488 [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI C:\Windows\system32\drivers\ACPI.sys
21:55:54.0536 0x1488 ACPI - ok
21:55:54.0561 0x1488 [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\Windows\system32\Drivers\acpiex.sys
21:55:54.0564 0x1488 acpiex - ok
21:55:54.0586 0x1488 [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\Windows\System32\drivers\acpipagr.sys
21:55:54.0588 0x1488 acpipagr - ok
21:55:54.0597 0x1488 [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\Windows\System32\drivers\acpipmi.sys
21:55:54.0599 0x1488 AcpiPmi - ok
21:55:54.0608 0x1488 [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\Windows\System32\drivers\acpitime.sys
21:55:54.0611 0x1488 acpitime - ok
21:55:54.0678 0x1488 [ B932E0EE190778D840F1442DFC0F9612, 8780963F14D57279FDD585BE945ED40F24590D32676C7A9EF94002D38B8BA643 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:55:54.0693 0x1488 AdobeARMservice - ok
21:55:54.0846 0x1488 [ 89ECFB35517F62C3802B227F288B750E, 47B329FEC98DC634A9068D6B88A331B323D99E9C21D3FE330352210841E715CA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:55:54.0904 0x1488 AdobeFlashPlayerUpdateSvc - ok
21:55:55.0000 0x1488 [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\Windows\system32\drivers\ADP80XX.SYS
21:55:55.0055 0x1488 ADP80XX - ok
21:55:55.0098 0x1488 [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:55:55.0106 0x1488 AeLookupSvc - ok
21:55:55.0179 0x1488 [ A460C3AF3755A2A79A3C8EFE72E147B5, 62CEA85DA53D86D3E7B5D79F94095C6126FFF3DEE1427BBF3DEF5EA366B4513B ] AFD C:\Windows\system32\drivers\afd.sys
21:55:55.0206 0x1488 AFD - ok
21:55:55.0233 0x1488 [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\Windows\system32\drivers\agp440.sys
21:55:55.0238 0x1488 agp440 - ok
21:55:55.0274 0x1488 [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache C:\Windows\system32\DRIVERS\ahcache.sys
21:55:55.0279 0x1488 ahcache - ok
21:55:55.0318 0x1488 [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG C:\Windows\System32\alg.exe
21:55:55.0325 0x1488 ALG - ok
21:55:55.0372 0x1488 [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\Windows\System32\drivers\amdk8.sys
21:55:55.0382 0x1488 AmdK8 - ok
21:55:55.0410 0x1488 [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\Windows\System32\drivers\amdppm.sys
21:55:55.0418 0x1488 AmdPPM - ok
21:55:55.0448 0x1488 [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\Windows\system32\drivers\amdsata.sys
21:55:55.0455 0x1488 amdsata - ok
21:55:55.0488 0x1488 [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
21:55:55.0497 0x1488 amdsbs - ok
21:55:55.0520 0x1488 [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\Windows\system32\drivers\amdxata.sys
21:55:55.0522 0x1488 amdxata - ok
21:55:55.0554 0x1488 [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID C:\Windows\system32\drivers\appid.sys
21:55:55.0558 0x1488 AppID - ok
21:55:55.0586 0x1488 [ 88358135810B9DFD830A9D3A8C3D149A, DF914DA3828EE2310895D156342E3B3DF5E8C6F6F9B851C359E82A1F48180D4B ] AppIDSvc C:\Windows\System32\appidsvc.dll
21:55:55.0589 0x1488 AppIDSvc - ok
21:55:55.0623 0x1488 [ 734622FBA766DBD65B1803549B24A04A, 3B6872B87A60D4DA265D3B8AB0561A929CFE2C097419183E93D3843422363C89 ] Appinfo C:\Windows\System32\appinfo.dll
21:55:55.0633 0x1488 Appinfo - ok
21:55:55.0692 0x1488 [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness C:\Windows\system32\AppReadiness.dll
21:55:55.0723 0x1488 AppReadiness - ok
21:55:55.0832 0x1488 [ E0F846ADE7DED88981D0908DE56FF160, D8F536438091878724A5004849306ADFB96A2778A9D958ED3DCC0CD9E35160BB ] AppXSvc C:\Windows\system32\appxdeploymentserver.dll
21:55:55.0870 0x1488 AppXSvc - ok
21:55:55.0911 0x1488 [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\Windows\system32\drivers\arcsas.sys
21:55:55.0916 0x1488 arcsas - ok
21:55:55.0939 0x1488 [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\Windows\system32\drivers\atapi.sys
21:55:55.0942 0x1488 atapi - ok
21:55:55.0978 0x1488 [ 8302D313DCC5536FE6BFB85165D9BB1E, CD9101D9CFE34F0D6CF5A6AD5C997CC5D32CCF5135B78604D0C3CD7252117C2D ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys
21:55:55.0983 0x1488 AthBTPort - ok
21:55:56.0107 0x1488 [ 23C3686D98C650878602066093BAFDCA, 8D5B6D5ADB7A8706D84A4F16915290B50FCF76330954387D0964CD67C3BD1727 ] AtherosSvc C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe
21:55:56.0134 0x1488 AtherosSvc - ok
21:55:56.0346 0x1488 [ 60EFDC0EE93A51C63C159C3BD06D25F3, 7108F32496E935FEB0C030A0BFCECC1A8D6BEF5BB8129E5B7D9309321E96C3EB ] athr C:\Windows\system32\DRIVERS\athwbx.sys
21:55:56.0454 0x1488 athr - ok
21:55:56.0507 0x1488 [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
21:55:56.0519 0x1488 AudioEndpointBuilder - ok
21:55:56.0584 0x1488 [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv C:\Windows\System32\Audiosrv.dll
21:55:56.0626 0x1488 Audiosrv - ok
21:55:56.0658 0x1488 [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV C:\Windows\System32\AxInstSV.dll
21:55:56.0663 0x1488 AxInstSV - ok
21:55:56.0732 0x1488 [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
21:55:56.0761 0x1488 b06bdrv - ok
21:55:56.0796 0x1488 [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\Windows\System32\drivers\BasicDisplay.sys
21:55:56.0801 0x1488 BasicDisplay - ok
21:55:56.0827 0x1488 [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender C:\Windows\System32\drivers\BasicRender.sys
21:55:56.0831 0x1488 BasicRender - ok
21:55:56.0911 0x1488 [ 4BEFF67C1775D353A16A62347E727874, 62363C5E5F4BF049A3E49FADA8CB17269945056ACADB319FDC4F05B74E2553C8 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BBSvc.exe
21:55:56.0943 0x1488 BBSvc - ok
21:55:56.0980 0x1488 [ A6DAAD3EA93DBDBD07FA821BCED133F6, 8F33D4E4B82091D09E62FD5487C88F3DF0DAC31FCBB846183CC4020533A131DE ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.exe
21:55:57.0015 0x1488 BBUpdate - ok
21:55:57.0047 0x1488 [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\Windows\System32\drivers\bcmfn2.sys
21:55:57.0050 0x1488 bcmfn2 - ok
21:55:57.0105 0x1488 [ 174394F4EF93C117BF7BE3878046A1B1, D58E868342D1DAFC4B04384A3713F729DF07F408AA6AE4762E6A4244F976526A ] BDESVC C:\Windows\System32\bdesvc.dll
21:55:57.0150 0x1488 BDESVC - ok
21:55:57.0174 0x1488 [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\Windows\system32\drivers\Beep.sys
21:55:57.0177 0x1488 Beep - ok
21:55:57.0273 0x1488 [ 5059D93764340D4EAEDF49C47133118F, 26C5779469E04BEAFD290B619CA355648F3911C66D41B22D2C3DCA909FCA0F6E ] BFE C:\Windows\System32\bfe.dll
21:55:57.0310 0x1488 BFE - ok
21:55:57.0394 0x1488 [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS C:\Windows\System32\qmgr.dll
21:55:57.0442 0x1488 BITS - ok
21:55:57.0490 0x1488 [ 4938A9236300A356F97E378491EE4844, 60D892960D48EEF48F8EC4DE4F174EBD0BC0E7B28B6D8723D554CD1979EB55B4 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:55:57.0499 0x1488 bowser - ok
21:55:57.0590 0x1488 [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
21:55:57.0649 0x1488 BrokerInfrastructure - ok
21:55:57.0709 0x1488 [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser C:\Windows\System32\browser.dll
21:55:57.0729 0x1488 Browser - ok
21:55:57.0787 0x1488 [ 15BE0FCECAE5BC00FB3D339D3D1CF4E4, 7F77C73404044270AA0A4C9D6BD838564B5356ACA935982390A6EA11FA653AE0 ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys
21:55:57.0843 0x1488 BTATH_A2DP - ok
21:55:57.0868 0x1488 [ 1FFA5E05F2DE32D9E65CFDA4B33D50FD, 9EC578F563A90C60F893817548195781893405AC8ED7F87C3B5F94F9842161A5 ] btath_avdt C:\Windows\system32\drivers\btath_avdt.sys
21:55:57.0875 0x1488 btath_avdt - ok
21:55:57.0911 0x1488 [ AF7DEA6A0E93AF8517A310D189B656BE, 008FE5102EE6B73A8D9AFC2B0E563C6A3567167380FCEDC538278240D2AE1FD4 ] BTATH_BUS C:\Windows\system32\drivers\btath_bus.sys
21:55:57.0915 0x1488 BTATH_BUS - ok
21:55:57.0939 0x1488 [ 785C38070043BEEE9E9D591DE4067244, 1C8D15B8A9E80A2799E7094C4AE111FEA9FBC6EAA4A61B13EFE59314C9794949 ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys
21:55:57.0946 0x1488 BTATH_LWFLT - ok
21:55:57.0990 0x1488 [ 859A116D748FBA603AF94C251DC5CF97, D64061721BE01F86386C4B0168B166C6AD076630B2229036E1D368D877389D46 ] BTATH_RCP C:\Windows\System32\drivers\btath_rcp.sys
21:55:58.0002 0x1488 BTATH_RCP - ok
21:55:58.0066 0x1488 [ 6BAA2BD613DB6440C8D2C864CA0EA5D7, 0B0C268BA443FFBB07A3ADC215669F911839A665F5DD3E4C7C21760B6365F5F2 ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys
21:55:58.0107 0x1488 BtFilter - ok
21:55:58.0140 0x1488 [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\Windows\System32\drivers\BthAvrcpTg.sys
21:55:58.0144 0x1488 BthAvrcpTg - ok
21:55:58.0184 0x1488 [ 1104A31260CCF4318C884E0AE6C513BF, A8F83B558944DEF0F84414A11DC3CB90C3A92377B46760EC0A9B8BC22FB0D5C7 ] BthEnum C:\Windows\System32\drivers\BthEnum.sys
21:55:58.0188 0x1488 BthEnum - ok
21:55:58.0250 0x1488 [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum C:\Windows\System32\drivers\bthhfenum.sys
21:55:58.0263 0x1488 BthHFEnum - ok
21:55:58.0289 0x1488 [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\Windows\System32\drivers\BthHFHid.sys
21:55:58.0294 0x1488 bthhfhid - ok
21:55:58.0358 0x1488 [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv C:\Windows\System32\BthHFSrv.dll
21:55:58.0387 0x1488 BthHFSrv - ok
21:55:58.0424 0x1488 [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum C:\Windows\system32\DRIVERS\BthLEEnum.sys
21:55:58.0437 0x1488 BthLEEnum - ok
21:55:58.0454 0x1488 [ 66B791F6B11DC4303DD18A224A501542, 502AE4D6FFC6B0FCED081B0E0F61F699F96F20DFEE737B53828F5DEE3BD0FCB1 ] BTHMODEM C:\Windows\System32\drivers\bthmodem.sys
21:55:58.0457 0x1488 BTHMODEM - ok
21:55:58.0494 0x1488 [ FEA8FC81431AD93F44D5FBFBBF096AA7, C0581DF6B2AD24836604B083F4866F93A3F4D9091D382029948A5E6221EDF788 ] BthPan C:\Windows\System32\drivers\bthpan.sys
21:55:58.0499 0x1488 BthPan - ok
21:55:58.0578 0x1488 [ 0CC00ADC1B84C93FB46E1A0974E956E1, 64C759244651B916901F4D0C82C3D6034532A20714A72FD26FC9D050B99E230B ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
21:55:58.0612 0x1488 BTHPORT - ok
21:55:58.0648 0x1488 [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv C:\Windows\system32\bthserv.dll
21:55:58.0654 0x1488 bthserv - ok
21:55:58.0704 0x1488 [ 08EA90955AED2D959EE67DF6EDF0E2B6, 0A70AA67E5DD24C473C66A570C0FEBA9D398A0F0AD8386FE05D01C4D16346968 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
21:55:58.0713 0x1488 BTHUSB - ok
21:55:58.0928 0x1488 [ C85FD6135D9D1C0B4391CC05759FD014, 1756AC9CB0C2FE57EF4BF9378540B9BA7AE4153EDE4BB9366A936B863A1D328D ] CCDMonitorService C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
21:55:59.0013 0x1488 CCDMonitorService - ok
21:55:59.0047 0x1488 [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:55:59.0051 0x1488 cdfs - ok
21:55:59.0075 0x1488 [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\Windows\System32\drivers\cdrom.sys
21:55:59.0085 0x1488 cdrom - ok
21:55:59.0122 0x1488 [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc C:\Windows\System32\certprop.dll
21:55:59.0128 0x1488 CertPropSvc - ok
21:55:59.0167 0x1488 [ 06FB15E8F933F22A59C79E5D87B41F64, 26FE8291AFBD0242171A17252B74800304F338A31B674190EDAA39D20DC00FF3 ] cfwids C:\Windows\system32\drivers\cfwids.sys
21:55:59.0176 0x1488 cfwids - ok
21:55:59.0203 0x1488 [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\Windows\System32\drivers\circlass.sys
21:55:59.0207 0x1488 circlass - ok
21:55:59.0293 0x1488 [ 9DA497AEAF35AA7BF7710132FC2A9906, D38DF749222BD0B6E8E6442CC79D56CF827A1430ACAB4F85F7FC469DD31A211C ] CLFS C:\Windows\system32\drivers\CLFS.sys
21:55:59.0344 0x1488 CLFS - ok
21:55:59.0587 0x1488 [ C0252538508FE7E831B4C0D8CF7989BB, 7D53BB51E9315978FDF769784B9C526DB2740642F807FF4807E73E6DC80D6561 ] ClientAnalyticsService C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe
21:55:59.0636 0x1488 ClientAnalyticsService - ok
21:55:59.0675 0x1488 [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\Windows\System32\drivers\CmBatt.sys
21:55:59.0678 0x1488 CmBatt - ok
21:55:59.0745 0x1488 [ EFC79D3224D19FD926FFEA0A24729FEF, 41B0B41F7270C82691453679E03194845B9AF08C28800BF39D3CEB7CB1530BB8 ] CNG C:\Windows\system32\Drivers\cng.sys
21:55:59.0789 0x1488 CNG - ok
21:55:59.0827 0x1488 [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\Windows\System32\drivers\CompositeBus.sys
21:55:59.0830 0x1488 CompositeBus - ok
21:55:59.0838 0x1488 COMSysApp - ok
21:55:59.0861 0x1488 [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\Windows\system32\drivers\condrv.sys
21:55:59.0863 0x1488 condrv - ok
21:55:59.0968 0x1488 [ C5082FFE65B0672D06CCE39F45C3FF87, 21D38D7588A1BA628257D80EDA2103C9B7DD2DF6546420C6DD15F0E87BA773B5 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
21:56:00.0017 0x1488 cphs - ok
21:56:00.0074 0x1488 [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:56:00.0085 0x1488 CryptSvc - ok
21:56:00.0126 0x1488 [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam C:\Windows\system32\drivers\dam.sys
21:56:00.0134 0x1488 dam - ok
21:56:00.0261 0x1488 [ 7830CEA509693DE0817DF2F3F2D80E89, 7B1786CD225E2D6BCFA484D0BFB81DD162D5713EAEC80C53317CC6950E3D17F3 ] DcomLaunch C:\Windows\system32\rpcss.dll
21:56:00.0291 0x1488 DcomLaunch - ok
21:56:00.0358 0x1488 [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc C:\Windows\System32\defragsvc.dll
21:56:00.0385 0x1488 defragsvc - ok
21:56:00.0448 0x1488 [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\Windows\system32\das.dll
21:56:00.0478 0x1488 DeviceAssociationService - ok
21:56:00.0516 0x1488 [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall C:\Windows\system32\umpnpmgr.dll
21:56:00.0532 0x1488 DeviceInstall - ok
21:56:00.0586 0x1488 [ FBFF94FC1FE0699A6BC5ACE270AB9EA1, 7D67E7BE539D9D515A1A6B9282C72114310E874DD1FE51E71F002DBB0E1439FB ] Dfsc C:\Windows\system32\Drivers\dfsc.sys
21:56:00.0596 0x1488 Dfsc - ok
21:56:00.0635 0x1488 [ 0F4A5D01156B948B54550375498B08A2, 1CAE3D744429A06E9C9EC46AC6B216AB68154EF8FACDD0721C47902B83820F56 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
21:56:00.0650 0x1488 dg_ssudbus - ok
21:56:00.0727 0x1488 [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp C:\Windows\system32\dhcpcore.dll
21:56:00.0785 0x1488 Dhcp - ok
21:56:00.0920 0x1488 [ 0AC9F83A5508935DE89C447473085EEA, 223782B17BACEFB0A663EB13514B68B919C95EF641CDDA7AC30CB239BC4307EC ] DiagTrack C:\Windows\system32\diagtrack.dll
21:56:01.0012 0x1488 DiagTrack - ok
21:56:01.0047 0x1488 [ 8B1E62881D5AC68E673CD94B136B34AC, A0C50F17041E43AC07B67A74F2C408820316201439F47CDEA37A4F5891CC0E6F ] disk C:\Windows\system32\drivers\disk.sys
21:56:01.0052 0x1488 disk - ok
21:56:01.0085 0x1488 [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\Windows\System32\drivers\dmvsc.sys
21:56:01.0088 0x1488 dmvsc - ok
21:56:01.0137 0x1488 [ 561CBB163EB3C8221D9B1D7D1E5CA477, 4D235E73CC127769A257B31A92180552276EC8DDD991F1106815FADEF385E72D ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:56:01.0171 0x1488 Dnscache - ok
21:56:01.0222 0x1488 [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc C:\Windows\System32\dot3svc.dll
21:56:01.0245 0x1488 dot3svc - ok
21:56:01.0286 0x1488 [ 27069CFFF29B7F04F4B1BB10154BE52B, 6869626F9A1D3F64224883C5E661638CEE893A3E29651C7B9302A03E52180415 ] dot4 C:\Windows\system32\DRIVERS\Dot4.sys
21:56:01.0296 0x1488 dot4 - ok
21:56:01.0328 0x1488 [ 0BD906A79F9CE3013F7D9D0AC45F9F9D, 2F7D5082E7E226D5EBEA164A8ACEE0A447C96EB1829224A6EFA3E7B4EFEE1D14 ] Dot4Print C:\Windows\System32\drivers\Dot4Prt.sys
21:56:01.0332 0x1488 Dot4Print - ok
21:56:01.0374 0x1488 [ B7D595F2F464F7B628AD53F06547792C, F5D06A91EF54FBF56305FCC882B854350B266B2A005D80CC77AEBC2929440729 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
21:56:01.0377 0x1488 dot4usb - ok
21:56:01.0423 0x1488 [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS C:\Windows\system32\dps.dll
21:56:01.0458 0x1488 DPS - ok
21:56:01.0497 0x1488 [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:56:01.0500 0x1488 drmkaud - ok
21:56:01.0559 0x1488 [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc C:\Windows\System32\DeviceSetupManager.dll
21:56:01.0592 0x1488 DsmSvc - ok
21:56:01.0724 0x1488 [ F74B839FA0F4E6060CA1DA6B8DA17941, EF493E1F55FCD6A8C32B3D5D5809B7EFCCC9829E9A347522D1E6FE080D41BF37 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:56:01.0788 0x1488 DXGKrnl - ok
21:56:01.0828 0x1488 [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost C:\Windows\System32\eapsvc.dll
21:56:01.0837 0x1488 Eaphost - ok
21:56:02.0052 0x1488 [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\Windows\system32\drivers\evbda.sys
21:56:02.0222 0x1488 ebdrv - ok
21:56:02.0261 0x1488 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS C:\Windows\System32\lsass.exe
21:56:02.0265 0x1488 EFS - ok
21:56:02.0288 0x1488 [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\Windows\system32\drivers\EhStorClass.sys
21:56:02.0292 0x1488 EhStorClass - ok
21:56:02.0315 0x1488 [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\Windows\system32\drivers\EhStorTcgDrv.sys
21:56:02.0322 0x1488 EhStorTcgDrv - ok
21:56:02.0546 0x1488 [ F800FEA3F6865E506AC2B218F25F1E38, 25E8EE3D009D52EDEF9F67587EA8E9E0FFD6094F3971B9470B0A7AC018AD469D ] ePowerSvc C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
21:56:02.0697 0x1488 ePowerSvc - ok
21:56:02.0723 0x1488 [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\Windows\System32\drivers\errdev.sys
21:56:02.0724 0x1488 ErrDev - ok
21:56:02.0794 0x1488 [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem C:\Windows\system32\es.dll
21:56:02.0819 0x1488 EventSystem - ok
21:56:02.0847 0x1488 [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\Windows\system32\drivers\exfat.sys
21:56:02.0854 0x1488 exfat - ok
21:56:02.0883 0x1488 [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:56:02.0891 0x1488 fastfat - ok
21:56:02.0956 0x1488 [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax C:\Windows\system32\fxssvc.exe
21:56:03.0020 0x1488 Fax - ok
21:56:03.0034 0x1488 [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\Windows\System32\drivers\fdc.sys
21:56:03.0037 0x1488 fdc - ok
21:56:03.0068 0x1488 [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost C:\Windows\system32\fdPHost.dll
21:56:03.0072 0x1488 fdPHost - ok
21:56:03.0106 0x1488 [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub C:\Windows\system32\fdrespub.dll
21:56:03.0112 0x1488 FDResPub - ok
21:56:03.0187 0x1488 [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc C:\Windows\system32\fhsvc.dll
21:56:03.0212 0x1488 fhsvc - ok
21:56:03.0240 0x1488 [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:56:03.0247 0x1488 FileInfo - ok
21:56:03.0280 0x1488 [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:56:03.0283 0x1488 Filetrace - ok
21:56:03.0300 0x1488 [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\Windows\System32\drivers\flpydisk.sys
21:56:03.0303 0x1488 flpydisk - ok
21:56:03.0358 0x1488 [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:56:03.0401 0x1488 FltMgr - ok
21:56:03.0525 0x1488 [ 1EFEF3B4EF2B241263F0F791EA128598, B6CADC254B0779E43E0D6AB6125A7E7ED8FF50C3158911681BA7B43160A08176 ] FontCache C:\Windows\system32\FntCache.dll
21:56:03.0595 0x1488 FontCache - ok
21:56:03.0660 0x1488 [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:56:03.0670 0x1488 FontCache3.0.0.0 - ok
21:56:03.0727 0x1488 [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
21:56:03.0737 0x1488 FsDepends - ok
21:56:03.0769 0x1488 [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:56:03.0774 0x1488 Fs_Rec - ok
21:56:03.0876 0x1488 [ D4AB6EE3D715BC44C00277FD934FAACF, DE8A8B14D7BA73BA1B5A833DE193CA65EDFE512A57D84F4F2CE19D9646D97F4E ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
21:56:03.0915 0x1488 fvevol - ok
21:56:03.0945 0x1488 [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\Windows\System32\drivers\fxppm.sys
21:56:03.0947 0x1488 FxPPM - ok
21:56:03.0969 0x1488 [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
21:56:03.0974 0x1488 gagp30kx - ok
21:56:04.0010 0x1488 [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\Windows\System32\drivers\vmgencounter.sys
21:56:04.0013 0x1488 gencounter - ok
21:56:04.0045 0x1488 [ 794F13178118C609BA4F59111EDB6758, 9B79A3E3ECA4493AE25231C7B158B41571A2960458E0F2DEBE3C8BF40F708188 ] GPIO C:\Windows\System32\drivers\iaiogpioe.sys
21:56:04.0050 0x1488 GPIO - ok
21:56:04.0089 0x1488 [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101 C:\Windows\system32\Drivers\msgpioclx.sys
21:56:04.0103 0x1488 GPIOClx0101 - ok
21:56:04.0248 0x1488 [ 9678FD4747A4F2E2318245EE6099482E, C76AE30E8BA77DC330F9CFE5ECEA58FAE0995396742923B564A2257DE24D7B32 ] gpsvc C:\Windows\System32\gpsvc.dll
21:56:04.0361 0x1488 gpsvc - ok
21:56:04.0467 0x1488 [ 2D8BBF6C7241AAD9EDE7708EBB7B43A4, 51AF8150C6CF738AF14F502E6BDAD1035773DD45980770E06393814B75259EF8 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:56:04.0505 0x1488 gupdate - ok
21:56:04.0563 0x1488 [ 2D8BBF6C7241AAD9EDE7708EBB7B43A4, 51AF8150C6CF738AF14F502E6BDAD1035773DD45980770E06393814B75259EF8 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:56:04.0578 0x1488 gupdatem - ok
21:56:04.0643 0x1488 [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:56:04.0675 0x1488 HdAudAddService - ok
21:56:04.0711 0x1488 [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus C:\Windows\System32\drivers\HDAudBus.sys
21:56:04.0718 0x1488 HDAudBus - ok
21:56:04.0739 0x1488 [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\Windows\System32\drivers\HidBatt.sys
21:56:04.0744 0x1488 HidBatt - ok
21:56:04.0778 0x1488 [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth C:\Windows\System32\drivers\hidbth.sys
21:56:04.0787 0x1488 HidBth - ok
21:56:04.0815 0x1488 [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\Windows\System32\drivers\hidi2c.sys
21:56:04.0819 0x1488 hidi2c - ok
21:56:04.0848 0x1488 [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\Windows\System32\drivers\hidir.sys
21:56:04.0851 0x1488 HidIr - ok
21:56:04.0888 0x1488 [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv C:\Windows\system32\hidserv.dll
21:56:04.0893 0x1488 hidserv - ok
21:56:04.0931 0x1488 [ 49676FEC898AB2A11B157F848269A56E, 011E6DDEF9570212520F92FEFD205E1F8104F198B57C40D11BE857FCBCC5F68D ] HidUsb C:\Windows\System32\drivers\hidusb.sys
21:56:04.0935 0x1488 HidUsb - ok
21:56:04.0991 0x1488 [ F60E629BADC03B5BCCF8AAE022651A64, 08D3BA75F3A43843F8F13D7EEA263E46A9452FAB3B30BFD389E4B0477675CB3B ] HipShieldK C:\Windows\system32\drivers\HipShieldK.sys
21:56:05.0015 0x1488 HipShieldK - ok
21:56:05.0056 0x1488 [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc C:\Windows\system32\kmsvc.dll
21:56:05.0067 0x1488 hkmsvc - ok
21:56:05.0130 0x1488 [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:56:05.0182 0x1488 HomeGroupListener - ok
21:56:05.0262 0x1488 [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:56:05.0288 0x1488 HomeGroupProvider - ok
21:56:05.0479 0x1488 [ 7515D791E39C9D75714FFDB954D12494, 4B2568FB4C48F8F01FA3EE59116F669FD8FAF1AF427C9262E36491970AB1126D ] HomeNetSvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
21:56:05.0504 0x1488 HomeNetSvc - ok
21:56:05.0633 0x1488 [ 0D0213498683414DDE29B1686A4C08D5, E9B64406C04B6E55CBD17E7C47B023CEA11FEE07B791154129D6F4F29D15AB7F ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
21:56:05.0657 0x1488 hpqcxs08 - ok
21:56:05.0701 0x1488 [ EE281DD6843F3F697C1AD7933EEB1E9B, 1ECE31C2150B92DDC1DCBBCECFE3E979F2C60B3F106280E3167BEC0269BF7A41 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
21:56:05.0709 0x1488 hpqddsvc - ok
21:56:05.0748 0x1488 [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
21:56:05.0753 0x1488 HpSAMD - ok
21:56:05.0842 0x1488 [ EC80F3ECC5F8543E22BBCB037D837CA9, 23A4AE80A6C317CE77BD9D352CD9CED8649E3AD98A7C0A2044138BB20B46F398 ] HPSupportSolutionsFrameworkService C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
21:56:05.0851 0x1488 HPSupportSolutionsFrameworkService - ok
21:56:05.0953 0x1488 [ 76A6FDA32A21515B67633497D8FDB1E4, 7DCAEC3186EAFDD4A53BCD8AAE9B82CBA8871C89B929FFD3BA43E675B95B2495 ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:56:06.0004 0x1488 HTTP - ok
21:56:06.0018 0x1488 [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
21:56:06.0020 0x1488 hwpolicy - ok
21:56:06.0036 0x1488 [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\Windows\System32\drivers\hyperkbd.sys
21:56:06.0038 0x1488 hyperkbd - ok
21:56:06.0065 0x1488 [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\Windows\system32\DRIVERS\HyperVideo.sys
21:56:06.0067 0x1488 HyperVideo - ok
21:56:06.0106 0x1488 [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt C:\Windows\System32\drivers\i8042prt.sys
21:56:06.0115 0x1488 i8042prt - ok
21:56:06.0139 0x1488 [ F49D75806D962F85C44E32A1AFB9B8E0, DF033C79C478EB2EA82466F1A7CB58FE17E7C23FE0F24E7B18718750E9F98FF3 ] iaioi2c C:\Windows\System32\drivers\iaioi2ce.sys
21:56:06.0145 0x1488 iaioi2c - ok
21:56:06.0190 0x1488 [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
21:56:06.0193 0x1488 iaLPSSi_GPIO - ok
21:56:06.0211 0x1488 [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\Windows\System32\drivers\iaLPSSi_I2C.sys
21:56:06.0217 0x1488 iaLPSSi_I2C - ok
21:56:06.0271 0x1488 [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\Windows\system32\drivers\iaStorAV.sys
21:56:06.0309 0x1488 iaStorAV - ok
21:56:06.0334 0x1488 [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
21:56:06.0348 0x1488 iaStorV - ok
21:56:06.0418 0x1488 [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
21:56:06.0450 0x1488 ICCS - ok
21:56:06.0550 0x1488 [ DAF66902F08796F9C694901660E5A64A, F4A4764DED05980426BAB54AAF040BC27A39C80315F5161E8D0B4C7F694BD8E6 ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
21:56:06.0564 0x1488 IDriverT - ok
21:56:06.0590 0x1488 IEEtwCollectorService - ok
21:56:06.0784 0x1488 [ 623DB9620F552B480690AD882AFACED1, F44039122CF6001CB40A4032D3C108D9A83F06FC700A5B47D83EF605F83C9D2F ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
21:56:06.0978 0x1488 igfx - ok
21:56:07.0010 0x1488 [ 5264EE143875DDEA0E8CF8540C2AA743, D3A9F6A8FEDC74DFC986432DF5DC1A15048D7FB165E52A38F1269563B0D01A66 ] igfxCUIService1.0.0.0 C:\Windows\system32\igfxCUIService.exe
21:56:07.0022 0x1488 igfxCUIService1.0.0.0 - ok
21:56:07.0133 0x1488 [ 5697FD05EC6915A1E7193D658D8D6E05, 0179C3AF29880AA21F609CB471034EA5FA49324ACCE12736866675C037EBEC7A ] IKEEXT C:\Windows\System32\ikeext.dll
21:56:07.0182 0x1488 IKEEXT - ok
21:56:07.0211 0x1488 [ FC7C456AF9B9811499EDBD10616832EE, CA2D8B0E672D3AE449C2FF0B9E142D74E8C72FD877D11162A9F7CC51AF58220F ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
21:56:07.0213 0x1488 intaud_WaveExtensible - ok
21:56:07.0434 0x1488 [ AAB0607E015F07D342DD3CB04A311257, 681EE04F24D7DEC1E3C02549E7A5C70E2AA6D342ED9F3819178E03E8747F9277 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:56:07.0635 0x1488 IntcAzAudAddService - ok
21:56:07.0680 0x1488 [ 890144FA6AB42F2B54EE633BF96A019A, 8741904C66170BA11C78D31681E3759537C0BF2338538678BC64234DB8FDE93F ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
21:56:07.0707 0x1488 IntcDAud - ok
21:56:07.0818 0x1488 [ 768DD5CB66952BC4A3BD474757AEE34F, 5A1F91FC8028D84FD83591D60CB7E3B24425C3B0FFF5A9BB0F7CE2E17AAB92D4 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
21:56:07.0862 0x1488 Intel(R) Capability Licensing Service Interface - ok
21:56:07.0907 0x1488 [ 7C9ED65324CF268ACBA8024257F782D8, 1DC43DBA3612E26454D7786DEB0538B44A736B67EC99642B4CC574D8A03E0DC7 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
21:56:07.0942 0x1488 Intel(R) Capability Licensing Service TCP IP Interface - ok
21:56:07.0961 0x1488 Intel(R) TA SAM - ok
21:56:08.0031 0x1488 [ 5F158EFE9E72A5D6EDB9A59B3966A972, 8052CE286B9CC94ABBE9DC36A0D66A4DC45FE381D41C6CEBDAD8ABD78113C2EB ] Intel(R) Technology Access Legacy CS Loader C:\Program Files\Intel Corporation\Intel(R) Technology Access\LegacyCsLoaderService.exe
21:56:08.0049 0x1488 Intel(R) Technology Access Legacy CS Loader - ok
21:56:08.0114 0x1488 [ BA2EF85C5B79DE726B0C87587EEE6D90, 51A60B377E9A1F7C1EE88357CB5B63F8036D4CB977B37C4669BED88029A68721 ] Intel(R) TechnologyAccessService C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe
21:56:08.0136 0x1488 Intel(R) TechnologyAccessService - ok
21:56:08.0162 0x1488 [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\Windows\system32\drivers\intelide.sys
21:56:08.0164 0x1488 intelide - ok
21:56:08.0204 0x1488 [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep C:\Windows\system32\drivers\intelpep.sys
21:56:08.0208 0x1488 intelpep - ok
21:56:08.0233 0x1488 [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\Windows\System32\drivers\intelppm.sys
21:56:08.0239 0x1488 intelppm - ok
21:56:08.0268 0x1488 [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:56:08.0273 0x1488 IpFilterDriver - ok
21:56:08.0373 0x1488 [ B452623C1DE60544054E784D94A7AA47, 57AECDEE0AB2B80DFFE11E43608988D46E9169288CB56D644DDE2CAFED6AFD40 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:56:08.0418 0x1488 iphlpsvc - ok
21:56:08.0453 0x1488 [ C800DCD904016B2BF6AB541083770A3A, 95A8FB9AB2818A4F44AFCBF2715B0B3024DCE38E1406EA639F2A5ECA105D2290 ] IPMIDRV C:\Windows\System32\drivers\IPMIDrv.sys
21:56:08.0457 0x1488 IPMIDRV - ok
21:56:08.0508 0x1488 [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
21:56:08.0538 0x1488 IPNAT - ok
21:56:08.0561 0x1488 [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:56:08.0565 0x1488 IRENUM - ok
21:56:08.0581 0x1488 [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\Windows\system32\drivers\isapnp.sys
21:56:08.0584 0x1488 isapnp - ok
21:56:08.0649 0x1488 [ AD3C1F4BD9167420F04052FDA197CF29, 82B687092DFC50E8885656AF06BFB7559930750F4905BC4DBDA3A5D334A443D1 ] iScsiPrt C:\Windows\System32\drivers\msiscsi.sys
21:56:08.0671 0x1488 iScsiPrt - ok
21:56:08.0731 0x1488 [ 622BF9C46A47CF17608C501320E8EFBD, 059F99D4306216324E100FCDAF02093B2CD662F2C6BE8565A4281E7760F8B575 ] iumsvc C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
21:56:08.0749 0x1488 iumsvc - ok
21:56:08.0789 0x1488 [ A90C843F4FDD7A07129BA73C6BE13976, A76DEA9F09E3B2F18D3B646A0DD39E2773EC62E2F3C55421BA61C12190D78C1C ] iwdbus C:\Windows\System32\drivers\iwdbus.sys
21:56:08.0796 0x1488 iwdbus - ok
21:56:08.0826 0x1488 [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass C:\Windows\System32\drivers\kbdclass.sys
21:56:08.0833 0x1488 kbdclass - ok
21:56:08.0860 0x1488 [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid C:\Windows\System32\drivers\kbdhid.sys
21:56:08.0863 0x1488 kbdhid - ok
21:56:08.0898 0x1488 [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\Windows\system32\DRIVERS\kdnic.sys
21:56:08.0902 0x1488 kdnic - ok
21:56:08.0928 0x1488 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso C:\Windows\system32\lsass.exe
21:56:08.0937 0x1488 KeyIso - ok
21:56:08.0983 0x1488 [ 304DA394D958BC3B62AF6DF514005B01, 8D17777C82F034E800181E82D30FCED800CBC46CD659AE2E0D972CA1381BD4C2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:56:08.0995 0x1488 KSecDD - ok
21:56:09.0050 0x1488 [ 3D4AE520CD6F6FFE549DD195C1F515BE, 2AD3E07F504CE50956C391FD4633D20B354A854C940B3563A67B79BB6E40218F ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
21:56:09.0087 0x1488 KSecPkg - ok
21:56:09.0109 0x1488 [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
21:56:09.0113 0x1488 ksthunk - ok
21:56:09.0164 0x1488 [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm C:\Windows\system32\msdtckrm.dll
21:56:09.0211 0x1488 KtmRm - ok
21:56:09.0258 0x1488 [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer C:\Windows\system32\srvsvc.dll
21:56:09.0299 0x1488 LanmanServer - ok
21:56:09.0356 0x1488 [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:56:09.0401 0x1488 LanmanWorkstation - ok
21:56:09.0462 0x1488 [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc C:\Windows\System32\GeofenceMonitorService.dll
21:56:09.0497 0x1488 lfsvc - ok
21:56:09.0525 0x1488 [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:56:09.0528 0x1488 lltdio - ok
21:56:09.0557 0x1488 [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:56:09.0580 0x1488 lltdsvc - ok
21:56:09.0612 0x1488 [ 4ACC60B4CBC911F3F34A1D66213BBBF5, C09A87ACAE0D41FD425BAF076FFE9B601DB89BB66199E5BD72FC59C6A8E449DB ] LMDriver C:\Windows\System32\drivers\LMDriver.sys
21:56:09.0615 0x1488 LMDriver - ok
21:56:09.0647 0x1488 [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts C:\Windows\System32\lmhsvc.dll
21:56:09.0652 0x1488 lmhosts - ok
21:56:09.0712 0x1488 [ 5059A4211317A8272F53B6179BB6A631, A2EB1BE89520A34597373635503A751B37B8EFD95820B4CAA1CE9A68A471AF73 ] LMSvc C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMSvc.exe
21:56:09.0752 0x1488 LMSvc - ok
21:56:09.0782 0x1488 [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
21:56:09.0788 0x1488 LSI_SAS - ok
21:56:09.0824 0x1488 [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
21:56:09.0830 0x1488 LSI_SAS2 - ok
21:56:09.0849 0x1488 [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\Windows\system32\drivers\lsi_sas3.sys
21:56:09.0853 0x1488 LSI_SAS3 - ok
21:56:09.0871 0x1488 [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\Windows\system32\drivers\lsi_sss.sys
21:56:09.0875 0x1488 LSI_SSS - ok
21:56:09.0937 0x1488 [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM C:\Windows\System32\lsm.dll
21:56:09.0986 0x1488 LSM - ok
21:56:10.0012 0x1488 [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv C:\Windows\system32\drivers\luafv.sys
21:56:10.0017 0x1488 luafv - ok
21:56:10.0075 0x1488 [ A0A527569856B9814E8920F52EBB67F5, 4347277C84B47E4CC048850BDEFB258CFB3B476AA99FD503FD71FBB70FFF5ACF ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
21:56:10.0121 0x1488 LVRS64 - ok
21:56:10.0377 0x1488 [ 415E344294D1C0D04627B29146F68481, B4A1A05BDF07E8F226A98E51F62BE18BE2C046A084C495BD8A95CABC79FD0614 ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
21:56:10.0617 0x1488 LVUVC64 - ok
21:56:10.0977 0x1488 [ 804E3246E3E73D4A936F2F4BCDC53A2D, BF1F9B4AC292238FA6EE541E325B220F311977F9D87D5BC7F90AD058FBF0B35A ] MBAMService E:\Programme\Malwarebytes\Anti-Malware\mbamservice.exe
|
|
07.03.2017, 17:20
| #7 |
| | KDSSKiller - Teil3Code:
ATTFilter 21:56:11.0097 0x1488 MBAMService - ok
21:56:11.0156 0x1488 [ BDE2FC7213C0897524C1357BAAE30239, 1E1AB68145107429217E07A662477C86406E0188BE9F01CAC416AC13054D1A5E ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys
21:56:11.0168 0x1488 MBAMSwissArmy - ok
21:56:11.0263 0x1488 [ 69F56C3A8A442A891FC5A274CE3BCBB2, 429E6A5D57975219D0893E48C1C25E88919D6BC0C37B8B560B2D2863A480C696 ] McAfee SiteAdvisor Service C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
21:56:11.0283 0x1488 McAfee SiteAdvisor Service - ok
21:56:11.0429 0x1488 [ 56A485A5B702DB8AB32122A2EAD2694E, 28BF10E3CA295246B6A133B3CBA4C84C7AF3726185916CBB26645184F8C5EE25 ] McAPExe C:\Program Files\Common Files\McAfee\VSCore_15_6\McApExe.exe
21:56:11.0495 0x1488 McAPExe - ok
21:56:11.0553 0x1488 [ 7515D791E39C9D75714FFDB954D12494, 4B2568FB4C48F8F01FA3EE59116F669FD8FAF1AF427C9262E36491970AB1126D ] McBootDelayStartSvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
21:56:11.0572 0x1488 McBootDelayStartSvc - ok
21:56:11.0803 0x1488 [ 080B4F6A1A8ADB39852C3AE8602E2D85, 22AF98641807648B6E2FF0B76AFD009FDAB6BC086C7B16790AB7726B6A4A9476 ] mccspsvc C:\Program Files\Common Files\McAfee\CSP\2.3.290.0\\McCSPServiceHost.exe
21:56:11.0913 0x1488 mccspsvc - ok
21:56:11.0970 0x1488 [ 7515D791E39C9D75714FFDB954D12494, 4B2568FB4C48F8F01FA3EE59116F669FD8FAF1AF427C9262E36491970AB1126D ] McMPFSvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
21:56:11.0989 0x1488 McMPFSvc - ok
21:56:12.0017 0x1488 [ 7515D791E39C9D75714FFDB954D12494, 4B2568FB4C48F8F01FA3EE59116F669FD8FAF1AF427C9262E36491970AB1126D ] McNaiAnn C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
21:56:12.0036 0x1488 McNaiAnn - ok
21:56:12.0213 0x1488 [ A50E64755DFC7777BA2AFA5AE53E9F01, 6A64EBA9307F8AADF723517950D4DB5AE0FCB2714ACC861E468CDBBF24FE39E8 ] McODS C:\Program Files\McAfee\VirusScan\mcods.exe
21:56:12.0267 0x1488 McODS - ok
21:56:12.0297 0x1488 [ 7515D791E39C9D75714FFDB954D12494, 4B2568FB4C48F8F01FA3EE59116F669FD8FAF1AF427C9262E36491970AB1126D ] mcpltsvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
21:56:12.0315 0x1488 mcpltsvc - ok
21:56:12.0344 0x1488 [ 7515D791E39C9D75714FFDB954D12494, 4B2568FB4C48F8F01FA3EE59116F669FD8FAF1AF427C9262E36491970AB1126D ] McProxy C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
21:56:12.0363 0x1488 McProxy - ok
21:56:12.0398 0x1488 [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\Windows\system32\drivers\megasas.sys
21:56:12.0402 0x1488 megasas - ok
21:56:12.0450 0x1488 [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\Windows\system32\drivers\megasr.sys
21:56:12.0475 0x1488 megasr - ok
21:56:12.0546 0x1488 [ 6820218B1C5EE9037955B337CBB4142B, 85B12BABFFB371C9FF6A20EE795DD33CD8DD784D3CBCF2DEC65E57A3D45EC029 ] mfeaack C:\Windows\system32\drivers\mfeaack.sys
21:56:12.0576 0x1488 mfeaack - ok
21:56:12.0608 0x1488 [ 2B1A0FF97C0E065CB83A9A897ECE9F15, 63A2CF428A3F315F9019B7C34E45AEE259BCD468D49B313A44961529581FE40D ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
21:56:12.0628 0x1488 mfeavfk - ok
21:56:12.0672 0x1488 [ FE970DF83C4E999998AB440ECAD7D0E7, 7394B5837C8F14A889DE228E7833C0F08FBFF8A40DCA9EA775ADB3A3D67E0178 ] mfeelamk C:\Windows\system32\drivers\mfeelamk.sys
21:56:12.0678 0x1488 mfeelamk - ok
21:56:12.0716 0x1488 [ 313DA2DB8E3F908980FBEBC511F30A50, FA1D3F766DED7C4765AD51B985FD1E65C03315E9ED377BF0CEF14B8D01DC7B06 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
21:56:12.0747 0x1488 mfefire - ok
21:56:12.0814 0x1488 [ 472EC3FF35A7D038155F189EC62E2F72, B97E6792FB7FFF7DF356F44955DD733009D900859247F8E4CA06844E2DB9C9CB ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
21:56:12.0852 0x1488 mfefirek - ok
21:56:12.0949 0x1488 [ F11A7C2408C4691137E33D82F61221BC, 706DC1AD05245246740CC9572700F65675276E7D550648B4DDDC6BFEFC2272CF ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
21:56:13.0007 0x1488 mfehidk - ok
21:56:13.0079 0x1488 [ A185B311B7053F8E9313C835D654862E, 79DA7726F887B82E98F6245B840144202D2B0CE811863DCDCE42F1912FBF6545 ] mfemms C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe
21:56:13.0132 0x1488 mfemms - ok
21:56:13.0237 0x1488 [ 261B1A6F691FEBC2F34057BF72010CD9, 589A18AD1C74B1766EB08D9EA5AA46224964D54A50EA7A485660C65A8CA7AEBE ] mfencbdc C:\Windows\system32\DRIVERS\mfencbdc.sys
21:56:13.0277 0x1488 mfencbdc - ok
21:56:13.0317 0x1488 [ 54A804B0A4E77542D2E7331F593137C3, B9C8B94D7C22B28CF8E5AADB088510D92C73154A48A51F220B4375C51DE829BE ] mfencrk C:\Windows\system32\DRIVERS\mfencrk.sys
21:56:13.0324 0x1488 mfencrk - ok
21:56:13.0357 0x1488 [ 7C2C87D65568F9276100E99B9D225DC4, B2AEC1D5DC528E075F80B6242907C5D2E9A0C82DB59E0FE1114E31E4D90A4533 ] mfeplk C:\Windows\system32\drivers\mfeplk.sys
21:56:13.0365 0x1488 mfeplk - ok
21:56:13.0430 0x1488 [ DA49A90A69B3284FD11B6F02D0209A99, 759380964E6450FF21FB9A2BD23BA0394B005EC332E714D40D47262FCDC6CFE9 ] mfesapsn C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys
21:56:13.0440 0x1488 mfesapsn - ok
21:56:13.0513 0x1488 [ BF65650E76D1DB5D49D0C15B79419C34, 106339F6968A33020DA3C56F31A9750DB588518C5DBCDED20A31B300905B90AF ] mfevtp C:\Windows\system32\mfevtps.exe
21:56:13.0562 0x1488 mfevtp - ok
21:56:13.0638 0x1488 [ 798D11CE31982A628DB55AF6A1B499FD, E6A69F45218645BF2193206FF0797E19E6BA37AC5D123762E57C8A77CE11FA6E ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
21:56:13.0679 0x1488 mfewfpk - ok
21:56:13.0724 0x1488 [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS C:\Windows\system32\mmcss.dll
21:56:13.0735 0x1488 MMCSS - ok
21:56:13.0764 0x1488 [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\Windows\system32\drivers\modem.sys
21:56:13.0769 0x1488 Modem - ok
21:56:13.0909 0x1488 [ A33B71D493BA379312B176A27FB5B085, 81A4D286BAB7A51F56AD23610A2F3137BAAFC94FBCF5F3341DF136F0EEBA99D8 ] ModuleCoreService C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
21:56:13.0950 0x1488 ModuleCoreService - ok
21:56:13.0969 0x1488 [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\Windows\System32\drivers\monitor.sys
21:56:13.0971 0x1488 monitor - ok
21:56:13.0991 0x1488 [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass C:\Windows\System32\drivers\mouclass.sys
21:56:13.0994 0x1488 mouclass - ok
21:56:14.0015 0x1488 [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid C:\Windows\System32\drivers\mouhid.sys
21:56:14.0018 0x1488 mouhid - ok
21:56:14.0062 0x1488 [ 24DABC0A77FAFDC0E379AB3B30F61BB6, E66624ABBF1D742879035F9161F9D3713DE7B759B3D3CF8B96C9E397A02FCF82 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
21:56:14.0070 0x1488 mountmgr - ok
21:56:14.0115 0x1488 [ 0DE2474F316C515482ABAD3B697F8714, 62862AE7432F5350068E96AD466093359C6CF444EB517AE6D09134FAF78C49F5 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:56:14.0136 0x1488 MozillaMaintenance - ok
21:56:14.0176 0x1488 [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:56:14.0183 0x1488 mpsdrv - ok
21:56:14.0290 0x1488 [ D1418745A5472F3930A288E05B9E2C05, 95785F0FA7EE239459C0288DB37E9E54648029FD6FE45A61E6343526D67FFA32 ] MpsSvc C:\Windows\system32\mpssvc.dll
21:56:14.0342 0x1488 MpsSvc - ok
21:56:14.0399 0x1488 [ 3F818C1518DA702C8F10259095C9BDE0, B98C1A6F9A3C01A10503B2B2C45CC89AFF17B346B15990F4DB4820F68BDC62C8 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:56:14.0411 0x1488 MRxDAV - ok
21:56:14.0455 0x1488 [ C3B0566DE49265AE98405825938C20A1, F8BCA4A5AF21B841C998D4772DA9FF84E45F1356AA1285A1D48C06574A81CA4C ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:56:14.0471 0x1488 mrxsmb - ok
21:56:14.0532 0x1488 [ 15D7AF1A26CCEBA32DF21A8E2098F463, 84390806AD3A9651DAB803E9257EEE851B898ED2AB56D8936E8C9F6B41967243 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:56:14.0566 0x1488 mrxsmb10 - ok
21:56:14.0656 0x1488 [ 0790EEB1EC199F8BE8259E47B373ED23, F9330F43B40675CCB60804182EF04BFBA3837ED14C798788A4B27D65A646D1C7 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:56:14.0704 0x1488 mrxsmb20 - ok
21:56:14.0755 0x1488 [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge C:\Windows\system32\DRIVERS\bridge.sys
21:56:14.0766 0x1488 MsBridge - ok
21:56:14.0821 0x1488 [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC C:\Windows\System32\msdtc.exe
21:56:14.0835 0x1488 MSDTC - ok
21:56:14.0871 0x1488 [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:56:14.0875 0x1488 Msfs - ok
21:56:14.0893 0x1488 [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\Windows\System32\drivers\msgpiowin32.sys
21:56:14.0896 0x1488 msgpiowin32 - ok
21:56:14.0918 0x1488 [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
21:56:14.0919 0x1488 mshidkmdf - ok
21:56:14.0928 0x1488 [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\Windows\System32\drivers\mshidumdf.sys
21:56:14.0930 0x1488 mshidumdf - ok
21:56:14.0958 0x1488 [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
21:56:14.0960 0x1488 msisadrv - ok
21:56:14.0996 0x1488 [ A06142B3850B06972F1C89748FAA2C02, B1CCC5C8D100FEB384FCC85FED2A77F47DA4C9BA5F6889A130F4D73E30ACAA78 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:56:15.0009 0x1488 MSiSCSI - ok
21:56:15.0027 0x1488 msiserver - ok
21:56:15.0081 0x1488 [ 7515D791E39C9D75714FFDB954D12494, 4B2568FB4C48F8F01FA3EE59116F669FD8FAF1AF427C9262E36491970AB1126D ] MSK80Service C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
21:56:15.0103 0x1488 MSK80Service - ok
21:56:15.0122 0x1488 [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:56:15.0124 0x1488 MSKSSRV - ok
21:56:15.0163 0x1488 [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp C:\Windows\system32\DRIVERS\mslldp.sys
21:56:15.0168 0x1488 MsLldp - ok
21:56:15.0190 0x1488 [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:56:15.0193 0x1488 MSPCLOCK - ok
21:56:15.0209 0x1488 [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:56:15.0211 0x1488 MSPQM - ok
21:56:15.0248 0x1488 [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:56:15.0279 0x1488 MsRPC - ok
21:56:15.0305 0x1488 [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\Windows\System32\drivers\mssmbios.sys
21:56:15.0308 0x1488 mssmbios - ok
21:56:15.0331 0x1488 [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:56:15.0333 0x1488 MSTEE - ok
21:56:15.0357 0x1488 [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\Windows\System32\drivers\MTConfig.sys
21:56:15.0360 0x1488 MTConfig - ok
21:56:15.0406 0x1488 [ 438EA7A2D8D4F9B8AFB64748ACA70BA8, AEEB7B657B645C4006C6D5E8D07ECE581DEE7AD22EA1A587C552574990CF091B ] Mup C:\Windows\system32\Drivers\mup.sys
21:56:15.0417 0x1488 Mup - ok
21:56:15.0445 0x1488 [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\Windows\system32\drivers\mvumis.sys
21:56:15.0450 0x1488 mvumis - ok
21:56:15.0531 0x1488 [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent C:\Windows\system32\qagentRT.dll
21:56:15.0566 0x1488 napagent - ok
21:56:15.0634 0x1488 [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:56:15.0664 0x1488 NativeWifiP - ok
21:56:15.0712 0x1488 [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc C:\Windows\System32\ncasvc.dll
21:56:15.0724 0x1488 NcaSvc - ok
21:56:15.0764 0x1488 [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService C:\Windows\System32\ncbservice.dll
21:56:15.0776 0x1488 NcbService - ok
21:56:15.0803 0x1488 [ 0813B71EAF097208DC76CE0605B48AF0, A93A2E6A8FB77B58AC4D580E6F8BF307A25BADC9493994F9BE235EBFB0E1DB22 ] NcdAutoSetup C:\Windows\System32\NcdAutoSetup.dll
21:56:15.0811 0x1488 NcdAutoSetup - ok
21:56:15.0904 0x1488 [ 97DC5967F65503213FD1F1B3E4A6F983, 3EC515856C7CE9B30032F963DC04190F66EE62402A819781DC45B7D088C84229 ] NDIS C:\Windows\system32\drivers\ndis.sys
21:56:15.0949 0x1488 NDIS - ok
21:56:15.0985 0x1488 [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
21:56:15.0987 0x1488 NdisCap - ok
21:56:16.0030 0x1488 [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform C:\Windows\system32\DRIVERS\NdisImPlatform.sys
21:56:16.0047 0x1488 NdisImPlatform - ok
21:56:16.0087 0x1488 [ F6CAD1FD269E8FFE4DACF0F7A653CB02, 46476469CE07348EA69202E954D969A899553A93B7B224E09882564811DD48BF ] ndisrd C:\Windows\system32\DRIVERS\ndisrfl.sys
21:56:16.0092 0x1488 ndisrd - ok
21:56:16.0129 0x1488 [ 82821F4EEC776B4CF11695A38F3ABA46, 23184F9D31E662855DC4D23EFE7C2FE00E5487D3762B6024704A5D8C87762E1C ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:56:16.0133 0x1488 NdisTapi - ok
21:56:16.0183 0x1488 [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:56:16.0196 0x1488 Ndisuio - ok
21:56:16.0230 0x1488 [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\Windows\System32\drivers\NdisVirtualBus.sys
21:56:16.0234 0x1488 NdisVirtualBus - ok
21:56:16.0290 0x1488 [ C3755FCF9A0B5C6FE8ED9E873B85D3CE, 4D3DAFAFA5FB2930522D6DA536E3A731BABE0C24613C190D2330DB415D1A6515 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:56:16.0330 0x1488 NdisWan - ok
21:56:16.0360 0x1488 [ C3755FCF9A0B5C6FE8ED9E873B85D3CE, 4D3DAFAFA5FB2930522D6DA536E3A731BABE0C24613C190D2330DB415D1A6515 ] NdisWanLegacy C:\Windows\system32\DRIVERS\ndiswan.sys
21:56:16.0373 0x1488 NdisWanLegacy - ok
21:56:16.0413 0x1488 [ DDD7F92A83F74D1476B71FBA9530A8DC, D3F94FC9F48854E09B0B77CE5E1C1DB948D54EAC63C5583437051BB893B5A386 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:56:16.0422 0x1488 NDProxy - ok
21:56:16.0482 0x1488 [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu C:\Windows\system32\drivers\Ndu.sys
21:56:16.0501 0x1488 Ndu - ok
21:56:16.0542 0x1488 [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\System32\HPZinw12.dll
21:56:16.0551 0x1488 Net Driver HPZ12 - ok
21:56:16.0582 0x1488 [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:56:16.0586 0x1488 NetBIOS - ok
21:56:16.0658 0x1488 [ 9DC17B7D9D84C37C102D379FCC7D4942, D522022ED4395686837E96F57EE29F8065FB749D1195B60D2A406FB33F696C09 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
21:56:16.0699 0x1488 NetBT - ok
21:56:16.0730 0x1488 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon C:\Windows\system32\lsass.exe
21:56:16.0738 0x1488 Netlogon - ok
21:56:16.0798 0x1488 [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman C:\Windows\System32\netman.dll
21:56:16.0842 0x1488 Netman - ok
21:56:16.0936 0x1488 [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm C:\Windows\System32\netprofmsvc.dll
21:56:16.0975 0x1488 netprofm - ok
21:56:17.0009 0x1488 [ 87CFE8B5238A976E222B71572EA974BF, D54E087673E4BD40E45763AB3C199804E4B25EAFBB511301A177480F299D6539 ] NetTap630 C:\Windows\system32\DRIVERS\nettap630.sys
21:56:17.0014 0x1488 NetTap630 - ok
21:56:17.0117 0x1488 [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:56:17.0175 0x1488 NetTcpPortSharing - ok
21:56:17.0220 0x1488 [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc C:\Windows\System32\drivers\netvsc63.sys
21:56:17.0234 0x1488 netvsc - ok
21:56:17.0301 0x1488 [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc C:\Windows\System32\nlasvc.dll
21:56:17.0351 0x1488 NlaSvc - ok
21:56:17.0386 0x1488 [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:56:17.0391 0x1488 Npfs - ok
21:56:17.0423 0x1488 [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\Windows\System32\drivers\npsvctrig.sys
21:56:17.0428 0x1488 npsvctrig - ok
21:56:17.0465 0x1488 [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi C:\Windows\system32\nsisvc.dll
21:56:17.0474 0x1488 nsi - ok
21:56:17.0511 0x1488 [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:56:17.0515 0x1488 nsiproxy - ok
21:56:17.0666 0x1488 [ 9980B262DBE439AE6BDC91AA985F19EE, E998E4CAE9CD103ADA9CA3C737C4DAD017D056828BFA42A41C7B4E4E108FB13C ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:56:17.0780 0x1488 Ntfs - ok
21:56:17.0809 0x1488 [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\Windows\system32\drivers\Null.sys
21:56:17.0811 0x1488 Null - ok
21:56:17.0839 0x1488 [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\Windows\system32\drivers\nvraid.sys
21:56:17.0847 0x1488 nvraid - ok
21:56:17.0865 0x1488 [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\Windows\system32\drivers\nvstor.sys
21:56:17.0873 0x1488 nvstor - ok
21:56:17.0897 0x1488 [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
21:56:17.0902 0x1488 nv_agp - ok
21:56:18.0038 0x1488 [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
21:56:18.0069 0x1488 p2pimsvc - ok
21:56:18.0224 0x1488 [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc C:\Windows\system32\p2psvc.dll
21:56:18.0279 0x1488 p2psvc - ok
21:56:18.0344 0x1488 [ 57DCE4FB0467986AE78E1C6FC5240D32, F7F3ADD1B48E4D6BB0A664A2FE556F71ED7453054B4FB667A29BE050C845045B ] Parport C:\Windows\System32\drivers\parport.sys
21:56:18.0355 0x1488 Parport - ok
21:56:18.0414 0x1488 [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:56:18.0426 0x1488 partmgr - ok
21:56:18.0618 0x1488 [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc C:\Windows\System32\pcasvc.dll
21:56:18.0648 0x1488 PcaSvc - ok
21:56:18.0765 0x1488 [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci C:\Windows\system32\drivers\pci.sys
21:56:18.0800 0x1488 pci - ok
21:56:19.0122 0x1488 [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\Windows\system32\drivers\pciide.sys
21:56:19.0130 0x1488 pciide - ok
21:56:19.0185 0x1488 [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
21:56:19.0200 0x1488 pcmcia - ok
21:56:19.0233 0x1488 [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\Windows\system32\drivers\pcw.sys
21:56:19.0239 0x1488 pcw - ok
21:56:19.0272 0x1488 [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc C:\Windows\system32\drivers\pdc.sys
21:56:19.0279 0x1488 pdc - ok
21:56:19.0335 0x1488 [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:56:19.0387 0x1488 PEAUTH - ok
21:56:19.0560 0x1488 [ 028362370BEEBADACC881E3D4956E236, D641E431F8B41218E92C0F02A3FE9897B09E116AC8222DC0E7C4994BC0CEEA2F ] PEFService C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
21:56:19.0592 0x1488 PEFService - ok
21:56:19.0666 0x1488 [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\Windows\SysWow64\perfhost.exe
21:56:19.0671 0x1488 PerfHost - ok
21:56:19.0856 0x1488 [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla C:\Windows\system32\pla.dll
21:56:19.0972 0x1488 pla - ok
21:56:20.0020 0x1488 [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:56:20.0032 0x1488 PlugPlay - ok
21:56:20.0072 0x1488 [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\Windows\System32\HPZipm12.dll
21:56:20.0089 0x1488 Pml Driver HPZ12 - ok
21:56:20.0128 0x1488 [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
21:56:20.0136 0x1488 PNRPAutoReg - ok
21:56:20.0183 0x1488 [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
21:56:20.0200 0x1488 PNRPsvc - ok
21:56:20.0253 0x1488 [ 0FF8507A8B901B904E98EB36B9E347EE, FE4A9A6159A8490F3155D166656748722EFDEDCDC447C09155A5AD6D9F5D294D ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:56:20.0282 0x1488 PolicyAgent - ok
21:56:20.0312 0x1488 [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power C:\Windows\system32\umpo.dll
21:56:20.0321 0x1488 Power - ok
21:56:20.0544 0x1488 [ F6EA63145C20A23732AD2CA1EBA65FA1, 0DD1164D37C1500258E9CCCE458778A3DA196D9A65919B2672E3C88383068F52 ] PrintNotify C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
21:56:20.0694 0x1488 PrintNotify - ok
21:56:20.0731 0x1488 [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\Windows\System32\drivers\processr.sys
21:56:20.0736 0x1488 Processor - ok
21:56:20.0783 0x1488 [ 6E409D818C6B342544EAE741B1422B85, B4ADFB7809FC42C432C984C3AC13FAFD1B7AD53BCC7FB16E86371DE4C829DD1A ] ProfSvc C:\Windows\system32\profsvc.dll
21:56:20.0795 0x1488 ProfSvc - ok
21:56:20.0832 0x1488 [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
21:56:20.0839 0x1488 Psched - ok
21:56:20.0933 0x1488 [ 2ACAB8C99FFCB2555A5979944D26EB50, BA0543FEBFCB50A7A379D695F110DB0C6CB5AA299D3C517FE270635044F00BFA ] QASvc C:\Program Files\Packard Bell\Packard Bell Quick Access\QASvc.exe
21:56:20.0973 0x1488 QASvc - ok
21:56:21.0029 0x1488 [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE C:\Windows\system32\qwave.dll
21:56:21.0057 0x1488 QWAVE - ok
21:56:21.0096 0x1488 [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:56:21.0102 0x1488 QWAVEdrv - ok
21:56:21.0125 0x1488 [ 6A52182919E25FB56D253D389F92CE98, AE6497D5CF324CB813248ADECB0F53E5CB3D6C326774E2257319E4CE7782C591 ] RadioShim C:\Windows\System32\drivers\RadioShim.sys
21:56:21.0128 0x1488 RadioShim - ok
21:56:21.0167 0x1488 [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:56:21.0170 0x1488 RasAcd - ok
21:56:21.0223 0x1488 [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto C:\Windows\System32\rasauto.dll
21:56:21.0243 0x1488 RasAuto - ok
21:56:21.0336 0x1488 [ 15C0034561FE5B03FA376F1A6232478B, 0F9B5C2BD7D8803FF3C5ED957D3F0859F2A59B74510E4659FBF05EDCBF230208 ] RasMan C:\Windows\System32\rasmans.dll
21:56:21.0379 0x1488 RasMan - ok
21:56:21.0410 0x1488 [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:56:21.0414 0x1488 RasPppoe - ok
21:56:21.0480 0x1488 [ D67ED4AB59D1EF66B05AD1A81AC28B26, 72E750A9A6B484D8BEDE52FA6DABEF4D95765DE491152E1F6C856D0590B50C28 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:56:21.0511 0x1488 rdbss - ok
21:56:21.0527 0x1488 [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\Windows\System32\drivers\rdpbus.sys
21:56:21.0530 0x1488 rdpbus - ok
21:56:21.0552 0x1488 [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
21:56:21.0560 0x1488 RDPDR - ok
21:56:21.0595 0x1488 [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
21:56:21.0597 0x1488 RdpVideoMiniport - ok
21:56:21.0632 0x1488 [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
21:56:21.0654 0x1488 rdyboost - ok
21:56:21.0746 0x1488 [ 2D39BCFA4DD1081B8F282B623456B858, DD8C433B66B6661F4DBD1784CBD334441B508BE84932DD443F7AD51CEA192BA9 ] ReFS C:\Windows\system32\drivers\ReFS.sys
21:56:21.0789 0x1488 ReFS - ok
21:56:21.0830 0x1488 [ DF78648AC3C8DC9D70E6714AF785382F, 56E104939ED0AB5B26AE07BAB1BBB7D15828DBD3A2AD35361423D7ADDA4BA551 ] RemoteAccess C:\Windows\System32\mprdim.dll
21:56:21.0841 0x1488 RemoteAccess - ok
21:56:21.0896 0x1488 [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:56:21.0909 0x1488 RemoteRegistry - ok
21:56:21.0947 0x1488 [ DC66AE45816614D2999DCD3834DCCC4E, 1C26225135E851DDD1307F52401DD7055B26B3F3B8FDD693B21042C2896E235A ] RFCOMM C:\Windows\System32\drivers\rfcomm.sys
21:56:21.0958 0x1488 RFCOMM - ok
21:56:22.0068 0x1488 [ 41DDCF1ADD1FB7DE23DCF671740DDBE6, 87ECB5C883CEFF76D126A5B4D92E069C9298FA5B62CC981870F9ECCA13C074F1 ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
21:56:22.0114 0x1488 RichVideo - ok
21:56:22.0172 0x1488 [ 858DB87C457D2B44DDEF876B170AAACE, E59D06DCBD94573A89D98B58C46A3DA0AD115831D2A0FBD2F7940A6694504A28 ] RMSvc C:\Program Files\Packard Bell\Packard Bell Quick Access\RMSvc.exe
21:56:22.0201 0x1488 RMSvc - ok
21:56:22.0235 0x1488 [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
21:56:22.0246 0x1488 RpcEptMapper - ok
21:56:22.0280 0x1488 [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator C:\Windows\system32\locator.exe
21:56:22.0284 0x1488 RpcLocator - ok
21:56:22.0357 0x1488 [ 7830CEA509693DE0817DF2F3F2D80E89, 7B1786CD225E2D6BCFA484D0BFB81DD162D5713EAEC80C53317CC6950E3D17F3 ] RpcSs C:\Windows\system32\rpcss.dll
21:56:22.0383 0x1488 RpcSs - ok
21:56:22.0421 0x1488 [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:56:22.0426 0x1488 rspndr - ok
21:56:22.0483 0x1488 [ BCDE27DA663D2F1BE1EA262F2BFDA8D0, 07744F83C41503D8C948E8D8569628C7C9D283EBA3C20CB63BC81123812A0A25 ] RSUSBVSTOR C:\Windows\System32\Drivers\RtsUVStor.sys
21:56:22.0533 0x1488 RSUSBVSTOR - ok
21:56:22.0610 0x1488 [ D5C3918E3EF787A41172B8E5348247F0, 033E5E6037CDFE65D26AD834ACD2B652EEED66BA48753F7B319C9FD41CE4F180 ] RTL8168 C:\Windows\system32\DRIVERS\Rt630x64.sys
21:56:22.0646 0x1488 RTL8168 - ok
21:56:22.0666 0x1488 [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\Windows\System32\drivers\vms3cap.sys
21:56:22.0668 0x1488 s3cap - ok
21:56:22.0695 0x1488 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs C:\Windows\system32\lsass.exe
21:56:22.0699 0x1488 SamSs - ok
21:56:22.0721 0x1488 [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
21:56:22.0726 0x1488 sbp2port - ok
21:56:22.0758 0x1488 [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:56:22.0768 0x1488 SCardSvr - ok
21:56:22.0805 0x1488 [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum C:\Windows\System32\ScDeviceEnum.dll
21:56:22.0822 0x1488 ScDeviceEnum - ok
21:56:22.0860 0x1488 [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
21:56:22.0865 0x1488 scfilter - ok
21:56:22.0990 0x1488 [ 3151A020E03DDE31AAC49F35C5EFB4DB, 5ABB1103009979F86C862357E28F37C2744979F2C99F7CF6ABB4EB1B8416B3F6 ] Schedule C:\Windows\system32\schedsvc.dll
21:56:23.0066 0x1488 Schedule - ok
21:56:23.0101 0x1488 [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc C:\Windows\System32\certprop.dll
21:56:23.0107 0x1488 SCPolicySvc - ok
21:56:23.0153 0x1488 [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus C:\Windows\System32\drivers\sdbus.sys
21:56:23.0164 0x1488 sdbus - ok
21:56:23.0197 0x1488 [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\Windows\System32\drivers\sdstor.sys
21:56:23.0203 0x1488 sdstor - ok
21:56:23.0240 0x1488 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:56:23.0243 0x1488 secdrv - ok
21:56:23.0284 0x1488 [ 6627154693B6C2B8A59727F5B38728E8, F08251EE3436400295F120D48F3763E6F11BBF4132D674AD3E8112B6B3538455 ] seclogon C:\Windows\system32\seclogon.dll
21:56:23.0297 0x1488 seclogon - ok
21:56:23.0353 0x1488 [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS C:\Windows\System32\sens.dll
21:56:23.0375 0x1488 SENS - ok
21:56:23.0459 0x1488 [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
21:56:23.0502 0x1488 SensrSvc - ok
21:56:23.0536 0x1488 [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\Windows\system32\drivers\SerCx.sys
21:56:23.0542 0x1488 SerCx - ok
21:56:23.0575 0x1488 [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\Windows\system32\drivers\SerCx2.sys
21:56:23.0584 0x1488 SerCx2 - ok
21:56:23.0624 0x1488 [ 1F0135949A6AD6025F363F80FE268251, DB2D503863143F2251E589F7B0B3E9FBF997D7333D54C55856590B5080B5513D ] Serenum C:\Windows\System32\drivers\serenum.sys
21:56:23.0628 0x1488 Serenum - ok
21:56:23.0646 0x1488 [ 81633C87B42B63BA484A6177179AC750, A22BA40E9EC74E88D8098CBDC954E1D63B832FCB789E3C7B731DE5DA39BEE2CA ] Serial C:\Windows\System32\drivers\serial.sys
21:56:23.0652 0x1488 Serial - ok
21:56:23.0685 0x1488 [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse C:\Windows\System32\drivers\sermouse.sys
21:56:23.0688 0x1488 sermouse - ok
21:56:23.0750 0x1488 [ 389458EA0B5FAEBA325FAC47B9ED589E, F7F37A1F1E912069F65E4629FF733F080AE675DF6FE255AF48F5E23EB47D0622 ] SessionEnv C:\Windows\system32\sessenv.dll
21:56:23.0798 0x1488 SessionEnv - ok
21:56:23.0834 0x1488 [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\Windows\System32\drivers\sfloppy.sys
21:56:23.0837 0x1488 sfloppy - ok
21:56:23.0915 0x1488 [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:56:23.0981 0x1488 SharedAccess - ok
21:56:24.0079 0x1488 [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:56:24.0112 0x1488 ShellHWDetection - ok
21:56:24.0146 0x1488 [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
21:56:24.0149 0x1488 SiSRaid2 - ok
21:56:24.0166 0x1488 [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
21:56:24.0170 0x1488 SiSRaid4 - ok
21:56:24.0221 0x1488 [ B72B80E6FF423C5011E745CB76DA9A08, 18A6B9D46E91AD4D463EB5CB832702392D2E162577F90C328B515FCE69FABD15 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
21:56:24.0241 0x1488 SkypeUpdate - ok
21:56:24.0267 0x1488 [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost C:\Windows\System32\smphost.dll
21:56:24.0272 0x1488 smphost - ok
21:56:24.0317 0x1488 [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:56:24.0322 0x1488 SNMPTRAP - ok
21:56:24.0402 0x1488 [ 546B88E6906EE9813EFE314DC95E3488, FC172C2DCC7ACDBBC9CE07CFCBAEDFAEAD2641A037E126174525DBE8BA660CC4 ] spaceport C:\Windows\system32\drivers\spaceport.sys
21:56:24.0426 0x1488 spaceport - ok
21:56:24.0443 0x1488 [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\Windows\system32\drivers\SpbCx.sys
21:56:24.0447 0x1488 SpbCx - ok
21:56:24.0522 0x1488 [ FCB156A6745631A67DEA61827061D483, 9275ABFA1E1E595969A71C0DA228D18D1B868BF46E097E1276142BD80F8A32C9 ] Spooler C:\Windows\System32\spoolsv.exe
21:56:24.0574 0x1488 Spooler - ok
21:56:24.0893 0x1488 [ F264662C057A54AA2DE41B3C7551712F, 2C123C6ACD967CDF1AD2855187CF3D8357B16A4FD9C2F18AE54CFA384165FA11 ] sppsvc C:\Windows\system32\sppsvc.exe
21:56:25.0077 0x1488 sppsvc - ok
21:56:25.0088 0x1488 Object required for P2P: [ F264662C057A54AA2DE41B3C7551712F ] sppsvc
21:56:25.0314 0x1488 Object send P2P result: true
21:56:25.0384 0x1488 [ 36B082C7A764A34FB1DC72D975870B61, 572CB632D9FDC1183F7BF8BFCBC51765C647945E0C13D1C91ADE3D0E76DF83BC ] srv C:\Windows\system32\DRIVERS\srv.sys
21:56:25.0405 0x1488 srv - ok
21:56:25.0446 0x1488 [ F5849909D4B29B4E3D4445F943E5C7E3, 3FCA1423753716FE1AFDD27EE1E13C4D779A3C976185B5C998EF1A9A39BFC186 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:56:25.0479 0x1488 srv2 - ok
21:56:25.0521 0x1488 [ FABC49666708EA562549E78E6FBF3191, BE1FEBFC259308B39C727915C41A67CD50720A6E2A68D148F4F2F926AED43B02 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:56:25.0530 0x1488 srvnet - ok
21:56:25.0579 0x1488 [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:56:25.0591 0x1488 SSDPSRV - ok
21:56:25.0634 0x1488 [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:56:25.0646 0x1488 SstpSvc - ok
21:56:25.0693 0x1488 [ D08FFE34AF5B7AC5F69EEA1E0E8C6ECE, CC43752CE5C879E24229C84443DBEE667CE629ECF992AD0D42F0F77FE04F6751 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
21:56:25.0700 0x1488 ssudmdm - ok
21:56:25.0721 0x1488 [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\Windows\system32\drivers\stexstor.sys
21:56:25.0724 0x1488 stexstor - ok
21:56:25.0778 0x1488 [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc C:\Windows\System32\wiaservc.dll
21:56:25.0812 0x1488 stisvc - ok
21:56:25.0829 0x1488 [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\Windows\system32\drivers\storahci.sys
21:56:25.0833 0x1488 storahci - ok
21:56:25.0860 0x1488 [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
21:56:25.0863 0x1488 storflt - ok
21:56:25.0908 0x1488 [ 0EDD1F4D470C775740625B06A60C9DD5, 94964D0A793B1C984E87095249EE383A5E669D05BA6BF9F655587887E6CE3C19 ] stornvme C:\Windows\system32\drivers\stornvme.sys
21:56:25.0913 0x1488 stornvme - ok
21:56:25.0942 0x1488 [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc C:\Windows\system32\storsvc.dll
21:56:25.0949 0x1488 StorSvc - ok
21:56:25.0978 0x1488 [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\Windows\system32\drivers\storvsc.sys
21:56:25.0983 0x1488 storvsc - ok
21:56:26.0024 0x1488 [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc C:\Windows\system32\svsvc.dll
21:56:26.0032 0x1488 svsvc - ok
21:56:26.0067 0x1488 [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum C:\Windows\System32\drivers\swenum.sys
21:56:26.0070 0x1488 swenum - ok
21:56:26.0192 0x1488 [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv C:\Windows\System32\swprv.dll
21:56:26.0239 0x1488 swprv - ok
21:56:26.0364 0x1488 [ 7E85DB0463AD2403AE84AD162B162279, 996C42ECAFC6E24C623068AFAFCC0A2612526333AF9315F7536C6D40C2570632 ] SysMain C:\Windows\system32\sysmain.dll
21:56:26.0416 0x1488 SysMain - ok
21:56:26.0464 0x1488 [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
21:56:26.0492 0x1488 SystemEventsBroker - ok
21:56:26.0529 0x1488 [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:56:26.0542 0x1488 TabletInputService - ok
21:56:26.0598 0x1488 [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv C:\Windows\System32\tapisrv.dll
21:56:26.0672 0x1488 TapiSrv - ok
21:56:26.0851 0x1488 [ 2F10C145F517419E17203632FCDA0A13, 143F5837AE79E3EDB98F17A4661ECD5BCBFEB317077286B51E765560339B53A8 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:56:27.0018 0x1488 Tcpip - ok
21:56:27.0110 0x1488 [ 2F10C145F517419E17203632FCDA0A13, 143F5837AE79E3EDB98F17A4661ECD5BCBFEB317077286B51E765560339B53A8 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
21:56:27.0179 0x1488 TCPIP6 - ok
21:56:27.0221 0x1488 [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:56:27.0224 0x1488 tcpipreg - ok
21:56:27.0276 0x1488 [ E0BD2D83875464FEEEB242CBA8B7E073, A3067165128F36035FA9F3CBA55CFED736E180C495497FA7332B3D97908C3D90 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:56:27.0291 0x1488 tdx - ok
21:56:27.0323 0x1488 [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\Windows\System32\drivers\terminpt.sys
21:56:27.0328 0x1488 terminpt - ok
21:56:27.0459 0x1488 [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService C:\Windows\System32\termsrv.dll
21:56:27.0516 0x1488 TermService - ok
21:56:27.0548 0x1488 [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes C:\Windows\system32\themeservice.dll
21:56:27.0553 0x1488 Themes - ok
21:56:27.0581 0x1488 [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER C:\Windows\system32\mmcss.dll
21:56:27.0585 0x1488 THREADORDER - ok
21:56:27.0632 0x1488 [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker C:\Windows\System32\TimeBrokerServer.dll
21:56:27.0658 0x1488 TimeBroker - ok
21:56:27.0704 0x1488 [ 80A2FC1A089A71F2DBE5D8394FFB009F, DEA30E751F6EA42E43E16869713FC7E37832B15DAFA0062B1798DFA476981385 ] TPM C:\Windows\system32\drivers\tpm.sys
21:56:27.0717 0x1488 TPM - ok
21:56:27.0755 0x1488 [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks C:\Windows\System32\trkwks.dll
21:56:27.0767 0x1488 TrkWks - ok
21:56:27.0822 0x1488 [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:56:27.0831 0x1488 TrustedInstaller - ok
21:56:27.0867 0x1488 [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
21:56:27.0872 0x1488 TsUsbFlt - ok
21:56:27.0917 0x1488 [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD C:\Windows\System32\drivers\TsUsbGD.sys
21:56:27.0921 0x1488 TsUsbGD - ok
21:56:27.0961 0x1488 [ E85916632CD3B9E9B546968DB950BF42, DECE3852C763CC6293C7D1B772296C43A0AE1E47BBCC4979C96B3B2AD70413F3 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:56:27.0971 0x1488 tunnel - ok
21:56:28.0006 0x1488 [ E624283C1A2F9BB4688A002914CC00A7, B6908C1FFDD6BCFFC5C2FC0C429FC3E237E340F891F80CFD737BE41E5EF7E328 ] TXEIx64 C:\Windows\System32\drivers\TXEIx64.sys
21:56:28.0011 0x1488 TXEIx64 - ok
21:56:28.0041 0x1488 [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
21:56:28.0046 0x1488 uagp35 - ok
21:56:28.0071 0x1488 [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\Windows\System32\drivers\uaspstor.sys
21:56:28.0080 0x1488 UASPStor - ok
21:56:28.0128 0x1488 [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000 C:\Windows\System32\drivers\ucx01000.sys
21:56:28.0143 0x1488 UCX01000 - ok
21:56:28.0180 0x1488 [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:56:28.0215 0x1488 udfs - ok
21:56:28.0237 0x1488 [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\Windows\System32\drivers\UEFI.sys
21:56:28.0239 0x1488 UEFI - ok
21:56:28.0312 0x1488 [ EE33325429532937D51AC3F54DC93589, D861B541E42F41EDC69A2A3B44860E40164D797D11B4343495DE6281D33F718C ] UEIPSvc C:\Program Files\Packard Bell\User Experience Improvement Program\Framework\UBTService.exe
21:56:28.0364 0x1488 UEIPSvc - ok
21:56:28.0436 0x1488 [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:56:28.0447 0x1488 UI0Detect - ok
21:56:28.0483 0x1488 [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
21:56:28.0489 0x1488 uliagpkx - ok
21:56:28.0515 0x1488 [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\Windows\System32\drivers\umbus.sys
21:56:28.0520 0x1488 umbus - ok
21:56:28.0539 0x1488 [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\Windows\System32\drivers\umpass.sys
21:56:28.0543 0x1488 UmPass - ok
21:56:28.0598 0x1488 [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService C:\Windows\System32\umrdp.dll
21:56:28.0649 0x1488 UmRdpService - ok
21:56:28.0716 0x1488 [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost C:\Windows\System32\upnphost.dll
21:56:28.0745 0x1488 upnphost - ok
21:56:28.0781 0x1488 [ DF355EB0199198728027962DCFCDE5FB, 9E158BD07389B4CFF99674716647FA3AABEECBD1A98EDF20E544E099A99A8768 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
21:56:28.0788 0x1488 usbaudio - ok
21:56:28.0813 0x1488 [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp C:\Windows\System32\drivers\usbccgp.sys
21:56:28.0820 0x1488 usbccgp - ok
21:56:28.0853 0x1488 [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir C:\Windows\System32\drivers\usbcir.sys
21:56:28.0858 0x1488 usbcir - ok
21:56:28.0884 0x1488 [ C996CBEF922B5653A01E3F50DDCE2F86, 231EB5A36E7EE242197E796D3B4AB12F945D2C8570587BC8D57D45530A0C59B4 ] usbehci C:\Windows\System32\drivers\usbehci.sys
21:56:28.0889 0x1488 usbehci - ok
21:56:28.0958 0x1488 [ CD81683F4553677B9BF5163A922153EB, 6B304B0D68B9BFF0245EC755CDAAF9DF59DF3A081727E32CB66672929F0DBC50 ] usbhub C:\Windows\System32\drivers\usbhub.sys
21:56:28.0982 0x1488 usbhub - ok
21:56:29.0046 0x1488 [ 5C90D5379B53590FBB24BBAD4FA682EE, DC036340510C1C0999AB1CB845F8E6EB8B7696BAC9BBE6E936454C0000D1E9D4 ] USBHUB3 C:\Windows\System32\drivers\UsbHub3.sys
21:56:29.0069 0x1488 USBHUB3 - ok
21:56:29.0105 0x1488 [ A0F0484C97D6441ED6A75D7426ECCC9E, FF928ADE1C5464E581BF929F7383D5762D110EA6C7E31A6F0887EA7357ADBEFE ] usbohci C:\Windows\System32\drivers\usbohci.sys
21:56:29.0109 0x1488 usbohci - ok
21:56:29.0138 0x1488 [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\Windows\System32\drivers\usbprint.sys
21:56:29.0142 0x1488 usbprint - ok
21:56:29.0184 0x1488 [ 9D168BFA334D47BE404367EB58D4E130, 23279CBE6ACBD074E7B268BA2EDA14E2255C41F8117173B2BBE653D8259ECFA2 ] USBSTOR C:\Windows\System32\drivers\USBSTOR.SYS
21:56:29.0195 0x1488 USBSTOR - ok
21:56:29.0228 0x1488 [ FC974B03C8B87455F44F734C8F31A3C8, D69F6EE8030F7DF96FF151D9EAA6AE65417ACAC5A267C7DB96E9611D5BC42D2C ] usbuhci C:\Windows\System32\drivers\usbuhci.sys
21:56:29.0232 0x1488 usbuhci - ok
21:56:29.0281 0x1488 [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
21:56:29.0299 0x1488 usbvideo - ok
21:56:29.0345 0x1488 [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI C:\Windows\System32\drivers\USBXHCI.SYS
21:56:29.0355 0x1488 USBXHCI - ok
21:56:29.0371 0x1488 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc C:\Windows\system32\lsass.exe
21:56:29.0375 0x1488 VaultSvc - ok
21:56:29.0400 0x1488 [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
21:56:29.0403 0x1488 vdrvroot - ok
21:56:29.0507 0x1488 [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds C:\Windows\System32\vds.exe
21:56:29.0601 0x1488 vds - ok
21:56:29.0626 0x1488 [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\Windows\system32\drivers\VerifierExt.sys
21:56:29.0633 0x1488 VerifierExt - ok
21:56:29.0719 0x1488 [ 8ABB4BABF59F092DF0B43778D8FD1884, 94C2100CE86448543A8DD586AD4A128AB9EB37959238D70F33EF59202270AC6C ] vhdmp C:\Windows\System32\drivers\vhdmp.sys
21:56:29.0745 0x1488 vhdmp - ok
21:56:29.0768 0x1488 [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\Windows\system32\drivers\viaide.sys
21:56:29.0771 0x1488 viaide - ok
21:56:29.0796 0x1488 [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus C:\Windows\system32\drivers\vmbus.sys
21:56:29.0803 0x1488 vmbus - ok
21:56:29.0824 0x1488 [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\Windows\System32\drivers\VMBusHID.sys
21:56:29.0827 0x1488 VMBusHID - ok
21:56:29.0911 0x1488 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\Windows\System32\ICSvc.dll
21:56:29.0951 0x1488 vmicguestinterface - ok
21:56:29.0980 0x1488 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat C:\Windows\System32\ICSvc.dll
21:56:29.0997 0x1488 vmicheartbeat - ok
21:56:30.0021 0x1488 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
21:56:30.0038 0x1488 vmickvpexchange - ok
21:56:30.0062 0x1488 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv C:\Windows\System32\ICSvc.dll
21:56:30.0078 0x1488 vmicrdv - ok
21:56:30.0103 0x1488 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown C:\Windows\System32\ICSvc.dll
21:56:30.0120 0x1488 vmicshutdown - ok
21:56:30.0144 0x1488 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync C:\Windows\System32\ICSvc.dll
21:56:30.0161 0x1488 vmictimesync - ok
21:56:30.0185 0x1488 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss C:\Windows\System32\ICSvc.dll
21:56:30.0204 0x1488 vmicvss - ok
21:56:30.0234 0x1488 [ 436E1A724E7E683F6B612D3D58F04241, 939B5EF0090DF3759295F88402FD0EA33F499DDA9F89E5D0E90D1F9AED65D491 ] volmgr C:\Windows\system32\drivers\volmgr.sys
21:56:30.0238 0x1488 volmgr - ok
21:56:30.0278 0x1488 [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:56:30.0316 0x1488 volmgrx - ok
21:56:30.0386 0x1488 [ 17F7B0F2298D97F4B6C7A69511033D3D, 5BDFC225F31553786726808FB7952940FC05CA72B3977D684056F42AFAA59565 ] volsnap C:\Windows\system32\drivers\volsnap.sys
21:56:30.0400 0x1488 volsnap - ok
21:56:30.0424 0x1488 [ DAC438FB5FF85A9E72806E2341D5D732, B1D1EFCA8C588A6BF53CEC941CC59702C366F15C7D5943431736EC857E57C0A2 ] vpci C:\Windows\System32\drivers\vpci.sys
21:56:30.0428 0x1488 vpci - ok
21:56:30.0455 0x1488 [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
21:56:30.0463 0x1488 vsmraid - ok
21:56:30.0585 0x1488 [ D0CBA7B3531CCF2ADB985856D5F92434, 7FCBBCAF1AA85DCE8D75FB38DC4848AE12E8DD913CEBBC37BCD3D0123F0A3CAB ] VSS C:\Windows\system32\vssvc.exe
21:56:30.0629 0x1488 VSS - ok
21:56:30.0649 0x1488 [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\Windows\system32\drivers\vstxraid.sys
21:56:30.0660 0x1488 VSTXRAID - ok
21:56:30.0698 0x1488 [ 71066FF95C487327E44C8AF1B72EBE8B, EA2729126B452CAE0C80D07501779D804B08E47F1217B61D53277B40869FEC25 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
21:56:30.0701 0x1488 vwifibus - ok
21:56:30.0739 0x1488 [ 29AB43937FFDA0B0FB56984226E698C6, 6A1A559964FE5D594E54988C46149969E6FFD5A8D5A6862E14648B608794CC29 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
21:56:30.0745 0x1488 vwififlt - ok
21:56:30.0763 0x1488 [ 8B8624A93E3F88CB923AEB05B6313227, 2856B63CD376BF2B1A9129581E7B9207588D4EAFD29A2C8D98F176FEAFDE26A9 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
21:56:30.0767 0x1488 vwifimp - ok
21:56:30.0850 0x1488 [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time C:\Windows\system32\w32time.dll
21:56:30.0903 0x1488 W32Time - ok
21:56:30.0928 0x1488 [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\Windows\System32\drivers\wacompen.sys
21:56:30.0931 0x1488 WacomPen - ok
21:56:31.0038 0x1488 [ 841345442390953CBC8801B95D3D0540, FD4F9FD2C4C60A1A580177FFF2E9035009AC6A38E78D4236B0ED4773E3B263EE ] wbengine C:\Windows\system32\wbengine.exe
21:56:31.0122 0x1488 wbengine - ok
21:56:31.0217 0x1488 [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
21:56:31.0259 0x1488 WbioSrvc - ok
21:56:31.0323 0x1488 [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc C:\Windows\System32\wcmsvc.dll
21:56:31.0357 0x1488 Wcmsvc - ok
21:56:31.0416 0x1488 [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:56:31.0452 0x1488 wcncsvc - ok
21:56:31.0498 0x1488 [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:56:31.0509 0x1488 WcsPlugInService - ok
21:56:31.0552 0x1488 [ 81285DDC994F03379DB46419300B2DCB, 98D3622E11F375718AEA1DE3B5F0104DDAB4F96B6D4C19788C14F7B338A6F235 ] WdBoot C:\Windows\system32\drivers\WdBoot.sys
21:56:31.0555 0x1488 WdBoot - ok
21:56:31.0626 0x1488 [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:56:31.0665 0x1488 Wdf01000 - ok
21:56:31.0694 0x1488 [ 26B8FED3F3B85F5F0C4BD03FD00B9941, 7F94FE7954498223B33C025258DB588A3AC9FF25C58EEAD204514FD20652FE40 ] WdFilter C:\Windows\system32\drivers\WdFilter.sys
21:56:31.0704 0x1488 WdFilter - ok
21:56:31.0742 0x1488 [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:56:31.0750 0x1488 WdiServiceHost - ok
21:56:31.0761 0x1488 [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:56:31.0769 0x1488 WdiSystemHost - ok
21:56:31.0806 0x1488 [ CE67080F00E0AF32755096CEA6430ABA, 0E5D626F9F76C0BC63B2D246AD66D9CBF7D92F34B56398417BCFD0C331DBD282 ] WdNisDrv C:\Windows\system32\Drivers\WdNisDrv.sys
21:56:31.0814 0x1488 WdNisDrv - ok
21:56:31.0836 0x1488 WdNisSvc - ok
21:56:31.0898 0x1488 [ A70CAF5EA36CBA5FCA24244306D4D5C6, 76C3E20B62B89D9699A1E817377FAD70B144B877BCC5C850A5B64CC68184D8DA ] WebClient C:\Windows\System32\webclnt.dll
21:56:31.0948 0x1488 WebClient - ok
21:56:32.0006 0x1488 [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:56:32.0040 0x1488 Wecsvc - ok
21:56:32.0075 0x1488 [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC C:\Windows\system32\wephostsvc.dll
21:56:32.0086 0x1488 WEPHOSTSVC - ok
21:56:32.0133 0x1488 [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:56:32.0149 0x1488 wercplsupport - ok
21:56:32.0190 0x1488 [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc C:\Windows\System32\WerSvc.dll
21:56:32.0210 0x1488 WerSvc - ok
21:56:32.0259 0x1488 [ 715ABA3DD164D06457A2A3C92F6EA9D5, E6F8269D2FFC4A548B65724C0A3F53756ED15E47229861FBD40B656EE40FE166 ] WFPLWFS C:\Windows\system32\DRIVERS\wfplwfs.sys
21:56:32.0274 0x1488 WFPLWFS - ok
21:56:32.0326 0x1488 [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc C:\Windows\System32\wiarpc.dll
21:56:32.0340 0x1488 WiaRpc - ok
21:56:32.0380 0x1488 [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
21:56:32.0384 0x1488 WIMMount - ok
21:56:32.0393 0x1488 WinDefend - ok
21:56:32.0484 0x1488 [ 0E70990EC2E5D2331AA5E88DB0CFB826, 79DFF565C3FCBC691E8FEB669CEC00E340FD2A2AFA4488D23A7CC63A2A98A5C1 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
21:56:32.0537 0x1488 WinHttpAutoProxySvc - ok
21:56:32.0620 0x1488 [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:56:32.0681 0x1488 Winmgmt - ok
21:56:32.0862 0x1488 [ 427873F889F2F508BE8BE982219CE578, CA8DCFB774BF0F747295A7A0CB46A6177DE12AD6BD58266182206C41A3C9001E ] WinRM C:\Windows\system32\WsmSvc.dll
21:56:32.0997 0x1488 WinRM - ok
21:56:33.0046 0x1488 [ 3AF1FA17F1C4ACBDB660D8F98B1A9C13, 99B0851410B462685F6705EBF832D10943FB9634030B02D15BF5D0C66F26F2C2 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
21:56:33.0050 0x1488 WinUsb - ok
21:56:33.0184 0x1488 [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc C:\Windows\System32\wlansvc.dll
21:56:33.0269 0x1488 WlanSvc - ok
21:56:33.0359 0x1488 [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc C:\Windows\system32\wlidsvc.dll
21:56:33.0465 0x1488 wlidsvc - ok
21:56:33.0501 0x1488 [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\Windows\System32\drivers\wmiacpi.sys
21:56:33.0503 0x1488 WmiAcpi - ok
21:56:33.0546 0x1488 [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:56:33.0556 0x1488 wmiApSrv - ok
21:56:33.0577 0x1488 WMPNetworkSvc - ok
21:56:33.0600 0x1488 [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof C:\Windows\system32\drivers\Wof.sys
21:56:33.0608 0x1488 Wof - ok
21:56:33.0734 0x1488 [ EDFA5CEDBE174FAAA4A09A6B297AEA42, 5998FE15462E4AD9C7B1444E5E2C17BD470DA3A5D474A0A118E02E47DADC678A ] workfolderssvc C:\Windows\system32\workfolderssvc.dll
21:56:33.0806 0x1488 workfolderssvc - ok
21:56:33.0835 0x1488 [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr C:\Windows\system32\DRIVERS\wpcfltr.sys
21:56:33.0838 0x1488 wpcfltr - ok
21:56:33.0874 0x1488 [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:56:33.0885 0x1488 WPCSvc - ok
21:56:33.0930 0x1488 [ DBDCE2378F65F0A07D4644AC103037E7, 99714F0CD31297C9831BAF04768F467F6E0BF710C859CEDCA83069226BF1A68A ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:56:33.0942 0x1488 WPDBusEnum - ok
21:56:33.0973 0x1488 [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\Windows\system32\drivers\WpdUpFltr.sys
21:56:33.0976 0x1488 WpdUpFltr - ok
21:56:33.0992 0x1488 [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:56:33.0995 0x1488 ws2ifsl - ok
21:56:34.0032 0x1488 [ 501D5EFAB9711039479AE48401386D2B, C8C1184DE93E9D2C4E8A60E4E9980745C4E5470E5DA9B59165D18705330ADEFE ] wscsvc C:\Windows\System32\wscsvc.dll
21:56:34.0044 0x1488 wscsvc - ok
21:56:34.0053 0x1488 WSearch - ok
21:56:34.0274 0x1488 [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService C:\Windows\System32\WSService.dll
21:56:34.0455 0x1488 WSService - ok
21:56:34.0640 0x1488 [ F3F60C88A6BBC8D0C68FE5B1C91181AF, AF9A4D282CD4BB1127BC3F48AB89DC294408D96F7906553C636F37D1503CFA48 ] wuauserv C:\Windows\system32\wuaueng.dll
21:56:34.0829 0x1488 wuauserv - ok
21:56:34.0882 0x1488 [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
21:56:34.0886 0x1488 WudfPf - ok
21:56:34.0932 0x1488 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd C:\Windows\System32\drivers\WUDFRd.sys
21:56:34.0952 0x1488 WUDFRd - ok
21:56:35.0026 0x1488 [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:56:35.0047 0x1488 wudfsvc - ok
21:56:35.0083 0x1488 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs C:\Windows\System32\drivers\WUDFRd.sys
21:56:35.0097 0x1488 WUDFWpdFs - ok
21:56:35.0116 0x1488 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp C:\Windows\system32\DRIVERS\WUDFRd.sys
21:56:35.0126 0x1488 WUDFWpdMtp - ok
21:56:35.0198 0x1488 [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc C:\Windows\System32\wwansvc.dll
21:56:35.0248 0x1488 WwanSvc - ok
21:56:35.0278 0x1488 ================ Scan global ===============================
21:56:35.0322 0x1488 [ 3500AF0BA2EF095BF313EEB75D2366C6, C755E57B02BFA82151A182DF964349859575570EA5C3FBA81F747B8D2134A4D0 ] C:\Windows\system32\basesrv.dll
21:56:35.0364 0x1488 [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\Windows\system32\winsrv.dll
21:56:35.0437 0x1488 [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\Windows\system32\sxssrv.dll
21:56:35.0503 0x1488 [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\Windows\system32\services.exe
21:56:35.0526 0x1488 [ Global ] - ok
21:56:35.0527 0x1488 ================ Scan MBR ==================================
21:56:35.0541 0x1488 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
21:56:35.0549 0x1488 \Device\Harddisk0\DR0 - ok
21:56:35.0550 0x1488 ================ Scan VBR ==================================
21:56:35.0554 0x1488 [ 0DB6C855F2008A699F70690D677CD1A0 ] \Device\Harddisk0\DR0\Partition1
21:56:35.0558 0x1488 \Device\Harddisk0\DR0\Partition1 - ok
21:56:35.0574 0x1488 [ 53DD2AAFE995F7E3A4BCE458A80A02D1 ] \Device\Harddisk0\DR0\Partition2
21:56:35.0575 0x1488 \Device\Harddisk0\DR0\Partition2 - ok
21:56:35.0588 0x1488 [ 9DF6EE3B3D77B2C80E2646ADE55EB073 ] \Device\Harddisk0\DR0\Partition3
21:56:35.0588 0x1488 \Device\Harddisk0\DR0\Partition3 - ok
21:56:35.0615 0x1488 [ 126FBAD101823976579A05DFC74FDF77 ] \Device\Harddisk0\DR0\Partition4
21:56:35.0618 0x1488 \Device\Harddisk0\DR0\Partition4 - ok
21:56:35.0636 0x1488 [ 89EB7DB2C993D1C17FB8B8427D3EA510 ] \Device\Harddisk0\DR0\Partition5
21:56:35.0639 0x1488 \Device\Harddisk0\DR0\Partition5 - ok
21:56:35.0673 0x1488 [ 6C1A715066525046F764F0878CB09349 ] \Device\Harddisk0\DR0\Partition6
21:56:35.0677 0x1488 \Device\Harddisk0\DR0\Partition6 - ok
21:56:35.0678 0x1488 ================ Scan generic autorun ======================
21:56:36.0331 0x1488 [ DA2D7BED47EF71BDFEEDDEEE76C965FD, 79DB43FB6E84AD492E45DD7F58235D65DF0750AED8E1CEF287D9D1379106A953 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
21:56:36.0695 0x1488 RTHDVCPL - ok
21:56:36.0931 0x1488 [ A6A21A7D544675E98C040DA18904CF50, AACB578C297C7AC9FEBDAB4AD20235E5CFF6E3F260E76E6AE18D43DC57D69672 ] E:\PROGRAMME\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe
21:56:37.0006 0x1488 Malwarebytes TrayApp - ok
21:56:37.0111 0x1488 [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
21:56:37.0124 0x1488 HP Software Update - ok
21:56:37.0163 0x1488 Skype - ok
21:56:37.0207 0x1488 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.207.0 ), 0x60110 ( disabled : outofdate )
21:56:37.0211 0x1488 AV detected via SS2: McAfee Anti-Virus und Anti-Spyware, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 15.3.0.0 ), 0x51000 ( enabled : updated )
21:56:37.0216 0x1488 FW detected via SS2: McAfee Firewall, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 15.3.0.0 ), 0x51010 ( enabled )
21:56:37.0304 0x1488 ============================================================
21:56:37.0305 0x1488 Scan finished
21:56:37.0305 0x1488 ============================================================
21:56:37.0336 0x0ba0 Detected object count: 0
21:56:37.0336 0x0ba0 Actual detected object count: 0
21:59:01.0739 0x1d28 ============================================================
21:59:01.0739 0x1d28 Scan started
21:59:01.0739 0x1d28 Mode: Manual; SigCheck; TDLFS;
21:59:01.0739 0x1d28 ============================================================
21:59:01.0739 0x1d28 KSN ping started
21:59:01.0832 0x1d28 KSN ping finished: true
21:59:02.0603 0x1d28 ================ Scan system memory ========================
21:59:02.0603 0x1d28 System memory - ok
21:59:02.0606 0x1d28 ================ Scan services =============================
21:59:02.0743 0x1d28 0295171488827201mcinstcleanup - ok
21:59:02.0922 0x1d28 [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\Windows\System32\drivers\1394ohci.sys
21:59:03.0097 0x1d28 1394ohci - ok
21:59:03.0117 0x1d28 [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\Windows\system32\drivers\3ware.sys
21:59:03.0145 0x1d28 3ware - ok
21:59:03.0198 0x1d28 [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI C:\Windows\system32\drivers\ACPI.sys
21:59:03.0266 0x1d28 ACPI - ok
21:59:03.0292 0x1d28 [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\Windows\system32\Drivers\acpiex.sys
21:59:03.0319 0x1d28 acpiex - ok
21:59:03.0339 0x1d28 [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\Windows\System32\drivers\acpipagr.sys
21:59:03.0367 0x1d28 acpipagr - ok
21:59:03.0375 0x1d28 [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\Windows\System32\drivers\acpipmi.sys
21:59:03.0416 0x1d28 AcpiPmi - ok
21:59:03.0433 0x1d28 [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\Windows\System32\drivers\acpitime.sys
21:59:03.0466 0x1d28 acpitime - ok
21:59:03.0522 0x1d28 [ B932E0EE190778D840F1442DFC0F9612, 8780963F14D57279FDD585BE945ED40F24590D32676C7A9EF94002D38B8BA643 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:59:03.0543 0x1d28 AdobeARMservice - ok
21:59:03.0681 0x1d28 [ 89ECFB35517F62C3802B227F288B750E, 47B329FEC98DC634A9068D6B88A331B323D99E9C21D3FE330352210841E715CA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:59:03.0770 0x1d28 AdobeFlashPlayerUpdateSvc - ok
21:59:03.0835 0x1d28 [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\Windows\system32\drivers\ADP80XX.SYS
21:59:03.0904 0x1d28 ADP80XX - ok
21:59:03.0940 0x1d28 [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:59:03.0985 0x1d28 AeLookupSvc - ok
21:59:04.0043 0x1d28 [ A460C3AF3755A2A79A3C8EFE72E147B5, 62CEA85DA53D86D3E7B5D79F94095C6126FFF3DEE1427BBF3DEF5EA366B4513B ] AFD C:\Windows\system32\drivers\afd.sys
21:59:04.0114 0x1d28 AFD - ok
21:59:04.0141 0x1d28 [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\Windows\system32\drivers\agp440.sys
21:59:04.0167 0x1d28 agp440 - ok
21:59:04.0214 0x1d28 [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache C:\Windows\system32\DRIVERS\ahcache.sys
21:59:04.0264 0x1d28 ahcache - ok
21:59:04.0302 0x1d28 [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG C:\Windows\System32\alg.exe
21:59:04.0388 0x1d28 ALG - ok
21:59:04.0430 0x1d28 [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\Windows\System32\drivers\amdk8.sys
21:59:04.0489 0x1d28 AmdK8 - ok
21:59:04.0523 0x1d28 [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\Windows\System32\drivers\amdppm.sys
21:59:04.0552 0x1d28 AmdPPM - ok
21:59:04.0577 0x1d28 [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\Windows\system32\drivers\amdsata.sys
21:59:04.0609 0x1d28 amdsata - ok
21:59:04.0640 0x1d28 [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
21:59:04.0675 0x1d28 amdsbs - ok
21:59:04.0694 0x1d28 [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\Windows\system32\drivers\amdxata.sys
21:59:04.0718 0x1d28 amdxata - ok
21:59:04.0750 0x1d28 [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID C:\Windows\system32\drivers\appid.sys
21:59:04.0781 0x1d28 AppID - ok
21:59:04.0815 0x1d28 [ 88358135810B9DFD830A9D3A8C3D149A, DF914DA3828EE2310895D156342E3B3DF5E8C6F6F9B851C359E82A1F48180D4B ] AppIDSvc C:\Windows\System32\appidsvc.dll
21:59:04.0841 0x1d28 AppIDSvc - ok
21:59:04.0883 0x1d28 [ 734622FBA766DBD65B1803549B24A04A, 3B6872B87A60D4DA265D3B8AB0561A929CFE2C097419183E93D3843422363C89 ] Appinfo C:\Windows\System32\appinfo.dll
21:59:04.0947 0x1d28 Appinfo - ok
21:59:05.0001 0x1d28 [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness C:\Windows\system32\AppReadiness.dll
21:59:05.0062 0x1d28 AppReadiness - ok
21:59:05.0174 0x1d28 [ E0F846ADE7DED88981D0908DE56FF160, D8F536438091878724A5004849306ADFB96A2778A9D958ED3DCC0CD9E35160BB ] AppXSvc C:\Windows\system32\appxdeploymentserver.dll
21:59:05.0289 0x1d28 AppXSvc - ok
21:59:05.0328 0x1d28 [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\Windows\system32\drivers\arcsas.sys
21:59:05.0357 0x1d28 arcsas - ok
21:59:05.0378 0x1d28 [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\Windows\system32\drivers\atapi.sys
21:59:05.0403 0x1d28 atapi - ok
21:59:05.0427 0x1d28 [ 8302D313DCC5536FE6BFB85165D9BB1E, CD9101D9CFE34F0D6CF5A6AD5C997CC5D32CCF5135B78604D0C3CD7252117C2D ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys
21:59:05.0460 0x1d28 AthBTPort - ok
21:59:05.0553 0x1d28 [ 23C3686D98C650878602066093BAFDCA, 8D5B6D5ADB7A8706D84A4F16915290B50FCF76330954387D0964CD67C3BD1727 ] AtherosSvc C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe
21:59:05.0629 0x1d28 AtherosSvc - detected UnsignedFile.Multi.Generic ( 1 )
21:59:05.0629 0x1d28 Detect skipped due to KSN trusted
21:59:05.0629 0x1d28 AtherosSvc - ok
21:59:05.0795 0x1d28 [ 60EFDC0EE93A51C63C159C3BD06D25F3, 7108F32496E935FEB0C030A0BFCECC1A8D6BEF5BB8129E5B7D9309321E96C3EB ] athr C:\Windows\system32\DRIVERS\athwbx.sys
21:59:06.0066 0x1d28 athr - ok
21:59:06.0120 0x1d28 [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
21:59:06.0170 0x1d28 AudioEndpointBuilder - ok
21:59:06.0243 0x1d28 [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv C:\Windows\System32\Audiosrv.dll
21:59:06.0313 0x1d28 Audiosrv - ok
21:59:06.0353 0x1d28 [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV C:\Windows\System32\AxInstSV.dll
21:59:06.0397 0x1d28 AxInstSV - ok
21:59:06.0452 0x1d28 [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
21:59:06.0504 0x1d28 b06bdrv - ok
21:59:06.0533 0x1d28 [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\Windows\System32\drivers\BasicDisplay.sys
21:59:06.0604 0x1d28 BasicDisplay - ok
21:59:06.0620 0x1d28 [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender C:\Windows\System32\drivers\BasicRender.sys
21:59:06.0688 0x1d28 BasicRender - ok
21:59:06.0738 0x1d28 [ 4BEFF67C1775D353A16A62347E727874, 62363C5E5F4BF049A3E49FADA8CB17269945056ACADB319FDC4F05B74E2553C8 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BBSvc.exe
21:59:06.0768 0x1d28 BBSvc - ok
21:59:06.0786 0x1d28 [ A6DAAD3EA93DBDBD07FA821BCED133F6, 8F33D4E4B82091D09E62FD5487C88F3DF0DAC31FCBB846183CC4020533A131DE ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.exe
21:59:06.0817 0x1d28 BBUpdate - ok
21:59:06.0840 0x1d28 [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\Windows\System32\drivers\bcmfn2.sys
21:59:06.0857 0x1d28 bcmfn2 - ok
21:59:06.0898 0x1d28 [ 174394F4EF93C117BF7BE3878046A1B1, D58E868342D1DAFC4B04384A3713F729DF07F408AA6AE4762E6A4244F976526A ] BDESVC C:\Windows\System32\bdesvc.dll
21:59:06.0966 0x1d28 BDESVC - ok
21:59:06.0990 0x1d28 [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\Windows\system32\drivers\Beep.sys
21:59:07.0035 0x1d28 Beep - ok
21:59:07.0110 0x1d28 [ 5059D93764340D4EAEDF49C47133118F, 26C5779469E04BEAFD290B619CA355648F3911C66D41B22D2C3DCA909FCA0F6E ] BFE C:\Windows\System32\bfe.dll
21:59:07.0232 0x1d28 BFE - ok
21:59:07.0306 0x1d28 [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS C:\Windows\System32\qmgr.dll
21:59:07.0403 0x1d28 BITS - ok
21:59:07.0447 0x1d28 [ 4938A9236300A356F97E378491EE4844, 60D892960D48EEF48F8EC4DE4F174EBD0BC0E7B28B6D8723D554CD1979EB55B4 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:59:07.0489 0x1d28 bowser - ok
21:59:07.0532 0x1d28 [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
21:59:07.0599 0x1d28 BrokerInfrastructure - ok
21:59:07.0636 0x1d28 [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser C:\Windows\System32\browser.dll
21:59:07.0679 0x1d28 Browser - ok
21:59:07.0802 0x1d28 [ 15BE0FCECAE5BC00FB3D339D3D1CF4E4, 7F77C73404044270AA0A4C9D6BD838564B5356ACA935982390A6EA11FA653AE0 ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys
21:59:07.0854 0x1d28 BTATH_A2DP - ok
21:59:07.0881 0x1d28 [ 1FFA5E05F2DE32D9E65CFDA4B33D50FD, 9EC578F563A90C60F893817548195781893405AC8ED7F87C3B5F94F9842161A5 ] btath_avdt C:\Windows\system32\drivers\btath_avdt.sys
21:59:07.0903 0x1d28 btath_avdt - ok
21:59:07.0925 0x1d28 [ AF7DEA6A0E93AF8517A310D189B656BE, 008FE5102EE6B73A8D9AFC2B0E563C6A3567167380FCEDC538278240D2AE1FD4 ] BTATH_BUS C:\Windows\system32\drivers\btath_bus.sys
21:59:07.0941 0x1d28 BTATH_BUS - ok
21:59:07.0963 0x1d28 [ 785C38070043BEEE9E9D591DE4067244, 1C8D15B8A9E80A2799E7094C4AE111FEA9FBC6EAA4A61B13EFE59314C9794949 ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys
21:59:07.0994 0x1d28 BTATH_LWFLT - ok
21:59:08.0025 0x1d28 [ 859A116D748FBA603AF94C251DC5CF97, D64061721BE01F86386C4B0168B166C6AD076630B2229036E1D368D877389D46 ] BTATH_RCP C:\Windows\System32\drivers\btath_rcp.sys
21:59:08.0048 0x1d28 BTATH_RCP - ok
21:59:08.0091 0x1d28 [ 6BAA2BD613DB6440C8D2C864CA0EA5D7, 0B0C268BA443FFBB07A3ADC215669F911839A665F5DD3E4C7C21760B6365F5F2 ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys
21:59:08.0143 0x1d28 BtFilter - ok
21:59:08.0178 0x1d28 [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\Windows\System32\drivers\BthAvrcpTg.sys
21:59:08.0217 0x1d28 BthAvrcpTg - ok
21:59:08.0252 0x1d28 [ 1104A31260CCF4318C884E0AE6C513BF, A8F83B558944DEF0F84414A11DC3CB90C3A92377B46760EC0A9B8BC22FB0D5C7 ] BthEnum C:\Windows\System32\drivers\BthEnum.sys
21:59:08.0305 0x1d28 BthEnum - ok
21:59:08.0344 0x1d28 [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum C:\Windows\System32\drivers\bthhfenum.sys
21:59:08.0383 0x1d28 BthHFEnum - ok
21:59:08.0401 0x1d28 [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\Windows\System32\drivers\BthHFHid.sys
21:59:08.0437 0x1d28 bthhfhid - ok
21:59:08.0484 0x1d28 [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv C:\Windows\System32\BthHFSrv.dll
21:59:08.0530 0x1d28 BthHFSrv - ok
21:59:08.0578 0x1d28 [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum C:\Windows\system32\DRIVERS\BthLEEnum.sys
21:59:08.0619 0x1d28 BthLEEnum - ok
21:59:08.0635 0x1d28 [ 66B791F6B11DC4303DD18A224A501542, 502AE4D6FFC6B0FCED081B0E0F61F699F96F20DFEE737B53828F5DEE3BD0FCB1 ] BTHMODEM C:\Windows\System32\drivers\bthmodem.sys
21:59:08.0676 0x1d28 BTHMODEM - ok
21:59:08.0708 0x1d28 [ FEA8FC81431AD93F44D5FBFBBF096AA7, C0581DF6B2AD24836604B083F4866F93A3F4D9091D382029948A5E6221EDF788 ] BthPan C:\Windows\System32\drivers\bthpan.sys
21:59:08.0751 0x1d28 BthPan - ok
21:59:08.0828 0x1d28 [ 0CC00ADC1B84C93FB46E1A0974E956E1, 64C759244651B916901F4D0C82C3D6034532A20714A72FD26FC9D050B99E230B ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
21:59:08.0911 0x1d28 BTHPORT - ok
21:59:08.0951 0x1d28 [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv C:\Windows\system32\bthserv.dll
21:59:08.0987 0x1d28 bthserv - ok
21:59:09.0037 0x1d28 [ 08EA90955AED2D959EE67DF6EDF0E2B6, 0A70AA67E5DD24C473C66A570C0FEBA9D398A0F0AD8386FE05D01C4D16346968 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
21:59:09.0067 0x1d28 BTHUSB - ok
21:59:09.0293 0x1d28 [ C85FD6135D9D1C0B4391CC05759FD014, 1756AC9CB0C2FE57EF4BF9378540B9BA7AE4153EDE4BB9366A936B863A1D328D ] CCDMonitorService C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
21:59:09.0414 0x1d28 CCDMonitorService - ok
21:59:09.0449 0x1d28 [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:59:09.0500 0x1d28 cdfs - ok
21:59:09.0532 0x1d28 [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\Windows\System32\drivers\cdrom.sys
21:59:09.0564 0x1d28 cdrom - ok
21:59:09.0602 0x1d28 [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc C:\Windows\System32\certprop.dll
21:59:09.0662 0x1d28 CertPropSvc - ok
21:59:09.0710 0x1d28 [ 06FB15E8F933F22A59C79E5D87B41F64, 26FE8291AFBD0242171A17252B74800304F338A31B674190EDAA39D20DC00FF3 ] cfwids C:\Windows\system32\drivers\cfwids.sys
21:59:09.0746 0x1d28 cfwids - ok
21:59:09.0771 0x1d28 [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\Windows\System32\drivers\circlass.sys
21:59:09.0801 0x1d28 circlass - ok
21:59:09.0855 0x1d28 [ 9DA497AEAF35AA7BF7710132FC2A9906, D38DF749222BD0B6E8E6442CC79D56CF827A1430ACAB4F85F7FC469DD31A211C ] CLFS C:\Windows\system32\drivers\CLFS.sys
21:59:09.0895 0x1d28 CLFS - ok
21:59:10.0141 0x1d28 [ C0252538508FE7E831B4C0D8CF7989BB, 7D53BB51E9315978FDF769784B9C526DB2740642F807FF4807E73E6DC80D6561 ] ClientAnalyticsService C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe
21:59:10.0272 0x1d28 ClientAnalyticsService - ok
21:59:10.0310 0x1d28 [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\Windows\System32\drivers\CmBatt.sys
21:59:10.0363 0x1d28 CmBatt - ok
21:59:10.0425 0x1d28 [ EFC79D3224D19FD926FFEA0A24729FEF, 41B0B41F7270C82691453679E03194845B9AF08C28800BF39D3CEB7CB1530BB8 ] CNG C:\Windows\system32\Drivers\cng.sys
21:59:10.0490 0x1d28 CNG - ok
21:59:10.0528 0x1d28 [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\Windows\System32\drivers\CompositeBus.sys
21:59:10.0563 0x1d28 CompositeBus - ok
21:59:10.0570 0x1d28 COMSysApp - ok
21:59:10.0585 0x1d28 [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\Windows\system32\drivers\condrv.sys
21:59:10.0628 0x1d28 condrv - ok
21:59:10.0741 0x1d28 [ C5082FFE65B0672D06CCE39F45C3FF87, 21D38D7588A1BA628257D80EDA2103C9B7DD2DF6546420C6DD15F0E87BA773B5 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
21:59:10.0808 0x1d28 cphs - ok
21:59:10.0850 0x1d28 [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:59:10.0887 0x1d28 CryptSvc - ok
21:59:10.0913 0x1d28 [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam C:\Windows\system32\drivers\dam.sys
21:59:10.0938 0x1d28 dam - ok
|
|
07.03.2017, 17:28
| #8 |
| | KDSSKiller - Teil4Code:
ATTFilter 21:59:11.0011 0x1d28 [ 7830CEA509693DE0817DF2F3F2D80E89, 7B1786CD225E2D6BCFA484D0BFB81DD162D5713EAEC80C53317CC6950E3D17F3 ] DcomLaunch C:\Windows\system32\rpcss.dll
21:59:11.0079 0x1d28 DcomLaunch - ok
21:59:11.0140 0x1d28 [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc C:\Windows\System32\defragsvc.dll
21:59:11.0192 0x1d28 defragsvc - ok
21:59:11.0243 0x1d28 [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\Windows\system32\das.dll
21:59:11.0297 0x1d28 DeviceAssociationService - ok
21:59:11.0337 0x1d28 [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall C:\Windows\system32\umpnpmgr.dll
21:59:11.0383 0x1d28 DeviceInstall - ok
21:59:11.0428 0x1d28 [ FBFF94FC1FE0699A6BC5ACE270AB9EA1, 7D67E7BE539D9D515A1A6B9282C72114310E874DD1FE51E71F002DBB0E1439FB ] Dfsc C:\Windows\system32\Drivers\dfsc.sys
21:59:11.0458 0x1d28 Dfsc - ok
21:59:11.0487 0x1d28 [ 0F4A5D01156B948B54550375498B08A2, 1CAE3D744429A06E9C9EC46AC6B216AB68154EF8FACDD0721C47902B83820F56 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
21:59:11.0513 0x1d28 dg_ssudbus - ok
21:59:11.0562 0x1d28 [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp C:\Windows\system32\dhcpcore.dll
21:59:11.0631 0x1d28 Dhcp - ok
21:59:11.0730 0x1d28 [ 0AC9F83A5508935DE89C447473085EEA, 223782B17BACEFB0A663EB13514B68B919C95EF641CDDA7AC30CB239BC4307EC ] DiagTrack C:\Windows\system32\diagtrack.dll
21:59:11.0842 0x1d28 DiagTrack - ok
21:59:11.0881 0x1d28 [ 8B1E62881D5AC68E673CD94B136B34AC, A0C50F17041E43AC07B67A74F2C408820316201439F47CDEA37A4F5891CC0E6F ] disk C:\Windows\system32\drivers\disk.sys
21:59:11.0910 0x1d28 disk - ok
21:59:11.0941 0x1d28 [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\Windows\System32\drivers\dmvsc.sys
21:59:11.0991 0x1d28 dmvsc - ok
21:59:12.0045 0x1d28 [ 561CBB163EB3C8221D9B1D7D1E5CA477, 4D235E73CC127769A257B31A92180552276EC8DDD991F1106815FADEF385E72D ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:59:12.0115 0x1d28 Dnscache - ok
21:59:12.0160 0x1d28 [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc C:\Windows\System32\dot3svc.dll
21:59:12.0198 0x1d28 dot3svc - ok
21:59:12.0241 0x1d28 [ 27069CFFF29B7F04F4B1BB10154BE52B, 6869626F9A1D3F64224883C5E661638CEE893A3E29651C7B9302A03E52180415 ] dot4 C:\Windows\system32\DRIVERS\Dot4.sys
21:59:12.0261 0x1d28 dot4 - ok
21:59:12.0295 0x1d28 [ 0BD906A79F9CE3013F7D9D0AC45F9F9D, 2F7D5082E7E226D5EBEA164A8ACEE0A447C96EB1829224A6EFA3E7B4EFEE1D14 ] Dot4Print C:\Windows\System32\drivers\Dot4Prt.sys
21:59:12.0311 0x1d28 Dot4Print - ok
21:59:12.0342 0x1d28 [ B7D595F2F464F7B628AD53F06547792C, F5D06A91EF54FBF56305FCC882B854350B266B2A005D80CC77AEBC2929440729 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
21:59:12.0358 0x1d28 dot4usb - ok
21:59:12.0392 0x1d28 [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS C:\Windows\system32\dps.dll
21:59:12.0429 0x1d28 DPS - ok
21:59:12.0464 0x1d28 [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:59:12.0487 0x1d28 drmkaud - ok
21:59:12.0519 0x1d28 [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc C:\Windows\System32\DeviceSetupManager.dll
21:59:12.0555 0x1d28 DsmSvc - ok
21:59:12.0668 0x1d28 [ F74B839FA0F4E6060CA1DA6B8DA17941, EF493E1F55FCD6A8C32B3D5D5809B7EFCCC9829E9A347522D1E6FE080D41BF37 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:59:12.0790 0x1d28 DXGKrnl - ok
21:59:12.0828 0x1d28 [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost C:\Windows\System32\eapsvc.dll
21:59:12.0888 0x1d28 Eaphost - ok
21:59:13.0086 0x1d28 [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\Windows\system32\drivers\evbda.sys
21:59:13.0336 0x1d28 ebdrv - ok
21:59:13.0383 0x1d28 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS C:\Windows\System32\lsass.exe
21:59:13.0408 0x1d28 EFS - ok
21:59:13.0431 0x1d28 [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\Windows\system32\drivers\EhStorClass.sys
21:59:13.0456 0x1d28 EhStorClass - ok
21:59:13.0479 0x1d28 [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\Windows\system32\drivers\EhStorTcgDrv.sys
21:59:13.0507 0x1d28 EhStorTcgDrv - ok
21:59:13.0727 0x1d28 [ F800FEA3F6865E506AC2B218F25F1E38, 25E8EE3D009D52EDEF9F67587EA8E9E0FFD6094F3971B9470B0A7AC018AD469D ] ePowerSvc C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
21:59:13.0856 0x1d28 ePowerSvc - ok
21:59:13.0879 0x1d28 [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\Windows\System32\drivers\errdev.sys
21:59:13.0906 0x1d28 ErrDev - ok
21:59:13.0965 0x1d28 [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem C:\Windows\system32\es.dll
21:59:14.0010 0x1d28 EventSystem - ok
21:59:14.0047 0x1d28 [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\Windows\system32\drivers\exfat.sys
21:59:14.0108 0x1d28 exfat - ok
21:59:14.0138 0x1d28 [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:59:14.0171 0x1d28 fastfat - ok
21:59:14.0226 0x1d28 [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax C:\Windows\system32\fxssvc.exe
21:59:14.0300 0x1d28 Fax - ok
21:59:14.0310 0x1d28 [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\Windows\System32\drivers\fdc.sys
21:59:14.0341 0x1d28 fdc - ok
21:59:14.0377 0x1d28 [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost C:\Windows\system32\fdPHost.dll
21:59:14.0419 0x1d28 fdPHost - ok
21:59:14.0461 0x1d28 [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub C:\Windows\system32\fdrespub.dll
21:59:14.0496 0x1d28 FDResPub - ok
21:59:14.0542 0x1d28 [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc C:\Windows\system32\fhsvc.dll
21:59:14.0594 0x1d28 fhsvc - ok
21:59:14.0626 0x1d28 [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:59:14.0650 0x1d28 FileInfo - ok
21:59:14.0668 0x1d28 [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:59:14.0725 0x1d28 Filetrace - ok
21:59:14.0744 0x1d28 [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\Windows\System32\drivers\flpydisk.sys
21:59:14.0798 0x1d28 flpydisk - ok
21:59:14.0942 0x1d28 [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:59:15.0002 0x1d28 FltMgr - ok
21:59:15.0080 0x1d28 [ 1EFEF3B4EF2B241263F0F791EA128598, B6CADC254B0779E43E0D6AB6125A7E7ED8FF50C3158911681BA7B43160A08176 ] FontCache C:\Windows\system32\FntCache.dll
21:59:15.0229 0x1d28 FontCache - ok
21:59:15.0306 0x1d28 [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:59:15.0365 0x1d28 FontCache3.0.0.0 - ok
21:59:15.0397 0x1d28 [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
21:59:15.0421 0x1d28 FsDepends - ok
21:59:15.0432 0x1d28 [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:59:15.0456 0x1d28 Fs_Rec - ok
21:59:15.0512 0x1d28 [ D4AB6EE3D715BC44C00277FD934FAACF, DE8A8B14D7BA73BA1B5A833DE193CA65EDFE512A57D84F4F2CE19D9646D97F4E ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
21:59:15.0614 0x1d28 fvevol - ok
21:59:15.0642 0x1d28 [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\Windows\System32\drivers\fxppm.sys
21:59:15.0683 0x1d28 FxPPM - ok
21:59:15.0699 0x1d28 [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
21:59:15.0725 0x1d28 gagp30kx - ok
21:59:15.0752 0x1d28 [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\Windows\System32\drivers\vmgencounter.sys
21:59:15.0795 0x1d28 gencounter - ok
21:59:15.0830 0x1d28 [ 794F13178118C609BA4F59111EDB6758, 9B79A3E3ECA4493AE25231C7B158B41571A2960458E0F2DEBE3C8BF40F708188 ] GPIO C:\Windows\System32\drivers\iaiogpioe.sys
21:59:15.0896 0x1d28 GPIO - ok
21:59:15.0936 0x1d28 [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101 C:\Windows\system32\Drivers\msgpioclx.sys
21:59:15.0964 0x1d28 GPIOClx0101 - ok
21:59:16.0038 0x1d28 [ 9678FD4747A4F2E2318245EE6099482E, C76AE30E8BA77DC330F9CFE5ECEA58FAE0995396742923B564A2257DE24D7B32 ] gpsvc C:\Windows\System32\gpsvc.dll
21:59:16.0212 0x1d28 gpsvc - ok
21:59:16.0319 0x1d28 [ 2D8BBF6C7241AAD9EDE7708EBB7B43A4, 51AF8150C6CF738AF14F502E6BDAD1035773DD45980770E06393814B75259EF8 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:59:16.0409 0x1d28 gupdate - ok
21:59:16.0436 0x1d28 [ 2D8BBF6C7241AAD9EDE7708EBB7B43A4, 51AF8150C6CF738AF14F502E6BDAD1035773DD45980770E06393814B75259EF8 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:59:16.0458 0x1d28 gupdatem - ok
21:59:16.0499 0x1d28 [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:59:16.0562 0x1d28 HdAudAddService - ok
21:59:16.0597 0x1d28 [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus C:\Windows\System32\drivers\HDAudBus.sys
21:59:16.0728 0x1d28 HDAudBus - ok
21:59:16.0758 0x1d28 [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\Windows\System32\drivers\HidBatt.sys
21:59:16.0808 0x1d28 HidBatt - ok
21:59:16.0837 0x1d28 [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth C:\Windows\System32\drivers\hidbth.sys
21:59:16.0871 0x1d28 HidBth - ok
21:59:16.0889 0x1d28 [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\Windows\System32\drivers\hidi2c.sys
21:59:16.0935 0x1d28 hidi2c - ok
21:59:16.0966 0x1d28 [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\Windows\System32\drivers\hidir.sys
21:59:17.0011 0x1d28 HidIr - ok
21:59:17.0049 0x1d28 [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv C:\Windows\system32\hidserv.dll
21:59:17.0090 0x1d28 hidserv - ok
21:59:17.0113 0x1d28 [ 49676FEC898AB2A11B157F848269A56E, 011E6DDEF9570212520F92FEFD205E1F8104F198B57C40D11BE857FCBCC5F68D ] HidUsb C:\Windows\System32\drivers\hidusb.sys
21:59:17.0203 0x1d28 HidUsb - ok
21:59:17.0245 0x1d28 [ F60E629BADC03B5BCCF8AAE022651A64, 08D3BA75F3A43843F8F13D7EEA263E46A9452FAB3B30BFD389E4B0477675CB3B ] HipShieldK C:\Windows\system32\drivers\HipShieldK.sys
21:59:17.0272 0x1d28 HipShieldK - ok
21:59:17.0306 0x1d28 [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc C:\Windows\system32\kmsvc.dll
21:59:17.0372 0x1d28 hkmsvc - ok
21:59:17.0425 0x1d28 [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:59:17.0521 0x1d28 HomeGroupListener - ok
21:59:17.0571 0x1d28 [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:59:17.0622 0x1d28 HomeGroupProvider - ok
21:59:17.0821 0x1d28 [ 7515D791E39C9D75714FFDB954D12494, 4B2568FB4C48F8F01FA3EE59116F669FD8FAF1AF427C9262E36491970AB1126D ] HomeNetSvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
21:59:17.0870 0x1d28 HomeNetSvc - ok
21:59:17.0995 0x1d28 [ 0D0213498683414DDE29B1686A4C08D5, E9B64406C04B6E55CBD17E7C47B023CEA11FEE07B791154129D6F4F29D15AB7F ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
21:59:18.0038 0x1d28 hpqcxs08 - ok
21:59:18.0072 0x1d28 [ EE281DD6843F3F697C1AD7933EEB1E9B, 1ECE31C2150B92DDC1DCBBCECFE3E979F2C60B3F106280E3167BEC0269BF7A41 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
21:59:18.0091 0x1d28 hpqddsvc - ok
21:59:18.0120 0x1d28 [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
21:59:18.0145 0x1d28 HpSAMD - ok
21:59:18.0226 0x1d28 [ EC80F3ECC5F8543E22BBCB037D837CA9, 23A4AE80A6C317CE77BD9D352CD9CED8649E3AD98A7C0A2044138BB20B46F398 ] HPSupportSolutionsFrameworkService C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
21:59:18.0307 0x1d28 HPSupportSolutionsFrameworkService - ok
21:59:18.0380 0x1d28 [ 76A6FDA32A21515B67633497D8FDB1E4, 7DCAEC3186EAFDD4A53BCD8AAE9B82CBA8871C89B929FFD3BA43E675B95B2495 ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:59:18.0446 0x1d28 HTTP - ok
21:59:18.0469 0x1d28 [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
21:59:18.0493 0x1d28 hwpolicy - ok
21:59:18.0510 0x1d28 [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\Windows\System32\drivers\hyperkbd.sys
21:59:18.0553 0x1d28 hyperkbd - ok
21:59:18.0572 0x1d28 [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\Windows\system32\DRIVERS\HyperVideo.sys
21:59:18.0616 0x1d28 HyperVideo - ok
21:59:18.0653 0x1d28 [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt C:\Windows\System32\drivers\i8042prt.sys
21:59:18.0717 0x1d28 i8042prt - ok
21:59:18.0744 0x1d28 [ F49D75806D962F85C44E32A1AFB9B8E0, DF033C79C478EB2EA82466F1A7CB58FE17E7C23FE0F24E7B18718750E9F98FF3 ] iaioi2c C:\Windows\System32\drivers\iaioi2ce.sys
21:59:18.0802 0x1d28 iaioi2c - ok
21:59:18.0840 0x1d28 [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
21:59:18.0857 0x1d28 iaLPSSi_GPIO - ok
21:59:18.0882 0x1d28 [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\Windows\System32\drivers\iaLPSSi_I2C.sys
21:59:18.0905 0x1d28 iaLPSSi_I2C - ok
21:59:18.0945 0x1d28 [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\Windows\system32\drivers\iaStorAV.sys
21:59:18.0984 0x1d28 iaStorAV - ok
21:59:19.0007 0x1d28 [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
21:59:19.0047 0x1d28 iaStorV - ok
21:59:19.0092 0x1d28 [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
21:59:19.0112 0x1d28 ICCS - ok
21:59:19.0201 0x1d28 [ DAF66902F08796F9C694901660E5A64A, F4A4764DED05980426BAB54AAF040BC27A39C80315F5161E8D0B4C7F694BD8E6 ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
21:59:19.0253 0x1d28 IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
21:59:19.0253 0x1d28 Detect skipped due to KSN trusted
21:59:19.0254 0x1d28 IDriverT - ok
21:59:19.0266 0x1d28 IEEtwCollectorService - ok
21:59:19.0455 0x1d28 [ 623DB9620F552B480690AD882AFACED1, F44039122CF6001CB40A4032D3C108D9A83F06FC700A5B47D83EF605F83C9D2F ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
21:59:19.0666 0x1d28 igfx - ok
21:59:19.0703 0x1d28 [ 5264EE143875DDEA0E8CF8540C2AA743, D3A9F6A8FEDC74DFC986432DF5DC1A15048D7FB165E52A38F1269563B0D01A66 ] igfxCUIService1.0.0.0 C:\Windows\system32\igfxCUIService.exe
21:59:19.0732 0x1d28 igfxCUIService1.0.0.0 - ok
21:59:19.0807 0x1d28 [ 5697FD05EC6915A1E7193D658D8D6E05, 0179C3AF29880AA21F609CB471034EA5FA49324ACCE12736866675C037EBEC7A ] IKEEXT C:\Windows\System32\ikeext.dll
21:59:19.0884 0x1d28 IKEEXT - ok
21:59:19.0916 0x1d28 [ FC7C456AF9B9811499EDBD10616832EE, CA2D8B0E672D3AE449C2FF0B9E142D74E8C72FD877D11162A9F7CC51AF58220F ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
21:59:19.0935 0x1d28 intaud_WaveExtensible - ok
21:59:20.0136 0x1d28 [ AAB0607E015F07D342DD3CB04A311257, 681EE04F24D7DEC1E3C02549E7A5C70E2AA6D342ED9F3819178E03E8747F9277 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:59:20.0290 0x1d28 IntcAzAudAddService - ok
21:59:20.0340 0x1d28 [ 890144FA6AB42F2B54EE633BF96A019A, 8741904C66170BA11C78D31681E3759537C0BF2338538678BC64234DB8FDE93F ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
21:59:20.0372 0x1d28 IntcDAud - ok
21:59:20.0447 0x1d28 [ 768DD5CB66952BC4A3BD474757AEE34F, 5A1F91FC8028D84FD83591D60CB7E3B24425C3B0FFF5A9BB0F7CE2E17AAB92D4 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
21:59:20.0499 0x1d28 Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
21:59:20.0499 0x1d28 Detect skipped due to KSN trusted
21:59:20.0499 0x1d28 Intel(R) Capability Licensing Service Interface - ok
21:59:20.0547 0x1d28 [ 7C9ED65324CF268ACBA8024257F782D8, 1DC43DBA3612E26454D7786DEB0538B44A736B67EC99642B4CC574D8A03E0DC7 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
21:59:20.0592 0x1d28 Intel(R) Capability Licensing Service TCP IP Interface - ok
21:59:20.0611 0x1d28 Intel(R) TA SAM - ok
21:59:20.0666 0x1d28 [ 5F158EFE9E72A5D6EDB9A59B3966A972, 8052CE286B9CC94ABBE9DC36A0D66A4DC45FE381D41C6CEBDAD8ABD78113C2EB ] Intel(R) Technology Access Legacy CS Loader C:\Program Files\Intel Corporation\Intel(R) Technology Access\LegacyCsLoaderService.exe
21:59:20.0697 0x1d28 Intel(R) Technology Access Legacy CS Loader - ok
21:59:20.0745 0x1d28 [ BA2EF85C5B79DE726B0C87587EEE6D90, 51A60B377E9A1F7C1EE88357CB5B63F8036D4CB977B37C4669BED88029A68721 ] Intel(R) TechnologyAccessService C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe
21:59:20.0777 0x1d28 Intel(R) TechnologyAccessService - ok
21:59:20.0801 0x1d28 [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\Windows\system32\drivers\intelide.sys
21:59:20.0824 0x1d28 intelide - ok
21:59:20.0854 0x1d28 [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep C:\Windows\system32\drivers\intelpep.sys
21:59:20.0877 0x1d28 intelpep - ok
21:59:20.0892 0x1d28 [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\Windows\System32\drivers\intelppm.sys
21:59:20.0931 0x1d28 intelppm - ok
21:59:20.0950 0x1d28 [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:59:21.0024 0x1d28 IpFilterDriver - ok
21:59:21.0088 0x1d28 [ B452623C1DE60544054E784D94A7AA47, 57AECDEE0AB2B80DFFE11E43608988D46E9169288CB56D644DDE2CAFED6AFD40 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:59:21.0236 0x1d28 iphlpsvc - ok
21:59:21.0280 0x1d28 [ C800DCD904016B2BF6AB541083770A3A, 95A8FB9AB2818A4F44AFCBF2715B0B3024DCE38E1406EA639F2A5ECA105D2290 ] IPMIDRV C:\Windows\System32\drivers\IPMIDrv.sys
21:59:21.0344 0x1d28 IPMIDRV - ok
21:59:21.0403 0x1d28 [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
21:59:21.0464 0x1d28 IPNAT - ok
21:59:21.0486 0x1d28 [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:59:21.0543 0x1d28 IRENUM - ok
21:59:21.0565 0x1d28 [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\Windows\system32\drivers\isapnp.sys
21:59:21.0588 0x1d28 isapnp - ok
21:59:21.0633 0x1d28 [ AD3C1F4BD9167420F04052FDA197CF29, 82B687092DFC50E8885656AF06BFB7559930750F4905BC4DBDA3A5D334A443D1 ] iScsiPrt C:\Windows\System32\drivers\msiscsi.sys
21:59:21.0669 0x1d28 iScsiPrt - ok
21:59:21.0734 0x1d28 [ 622BF9C46A47CF17608C501320E8EFBD, 059F99D4306216324E100FCDAF02093B2CD662F2C6BE8565A4281E7760F8B575 ] iumsvc C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
21:59:21.0779 0x1d28 iumsvc - ok
21:59:21.0815 0x1d28 [ A90C843F4FDD7A07129BA73C6BE13976, A76DEA9F09E3B2F18D3B646A0DD39E2773EC62E2F3C55421BA61C12190D78C1C ] iwdbus C:\Windows\System32\drivers\iwdbus.sys
21:59:21.0831 0x1d28 iwdbus - ok
21:59:21.0849 0x1d28 [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass C:\Windows\System32\drivers\kbdclass.sys
21:59:21.0873 0x1d28 kbdclass - ok
21:59:21.0897 0x1d28 [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid C:\Windows\System32\drivers\kbdhid.sys
21:59:21.0943 0x1d28 kbdhid - ok
21:59:21.0969 0x1d28 [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\Windows\system32\DRIVERS\kdnic.sys
21:59:22.0035 0x1d28 kdnic - ok
21:59:22.0051 0x1d28 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso C:\Windows\system32\lsass.exe
21:59:22.0077 0x1d28 KeyIso - ok
21:59:22.0114 0x1d28 [ 304DA394D958BC3B62AF6DF514005B01, 8D17777C82F034E800181E82D30FCED800CBC46CD659AE2E0D972CA1381BD4C2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:59:22.0140 0x1d28 KSecDD - ok
21:59:22.0199 0x1d28 [ 3D4AE520CD6F6FFE549DD195C1F515BE, 2AD3E07F504CE50956C391FD4633D20B354A854C940B3563A67B79BB6E40218F ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
21:59:22.0252 0x1d28 KSecPkg - ok
21:59:22.0266 0x1d28 [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
21:59:22.0303 0x1d28 ksthunk - ok
21:59:22.0357 0x1d28 [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm C:\Windows\system32\msdtckrm.dll
21:59:22.0413 0x1d28 KtmRm - ok
21:59:22.0483 0x1d28 [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer C:\Windows\system32\srvsvc.dll
21:59:22.0557 0x1d28 LanmanServer - ok
21:59:22.0606 0x1d28 [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:59:22.0662 0x1d28 LanmanWorkstation - ok
21:59:22.0713 0x1d28 [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc C:\Windows\System32\GeofenceMonitorService.dll
21:59:22.0813 0x1d28 lfsvc - ok
21:59:22.0884 0x1d28 [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:59:22.0930 0x1d28 lltdio - ok
21:59:22.0979 0x1d28 [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:59:23.0032 0x1d28 lltdsvc - ok
21:59:23.0058 0x1d28 [ 4ACC60B4CBC911F3F34A1D66213BBBF5, C09A87ACAE0D41FD425BAF076FFE9B601DB89BB66199E5BD72FC59C6A8E449DB ] LMDriver C:\Windows\System32\drivers\LMDriver.sys
21:59:23.0076 0x1d28 LMDriver - ok
21:59:23.0104 0x1d28 [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts C:\Windows\System32\lmhsvc.dll
21:59:23.0162 0x1d28 lmhosts - ok
21:59:23.0211 0x1d28 [ 5059A4211317A8272F53B6179BB6A631, A2EB1BE89520A34597373635503A751B37B8EFD95820B4CAA1CE9A68A471AF73 ] LMSvc C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMSvc.exe
21:59:23.0251 0x1d28 LMSvc - ok
21:59:23.0284 0x1d28 [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
21:59:23.0310 0x1d28 LSI_SAS - ok
21:59:23.0348 0x1d28 [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
21:59:23.0374 0x1d28 LSI_SAS2 - ok
21:59:23.0396 0x1d28 [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\Windows\system32\drivers\lsi_sas3.sys
21:59:23.0422 0x1d28 LSI_SAS3 - ok
21:59:23.0440 0x1d28 [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\Windows\system32\drivers\lsi_sss.sys
21:59:23.0466 0x1d28 LSI_SSS - ok
21:59:23.0524 0x1d28 [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM C:\Windows\System32\lsm.dll
21:59:23.0628 0x1d28 LSM - ok
21:59:23.0647 0x1d28 [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv C:\Windows\system32\drivers\luafv.sys
21:59:23.0747 0x1d28 luafv - ok
21:59:23.0801 0x1d28 [ A0A527569856B9814E8920F52EBB67F5, 4347277C84B47E4CC048850BDEFB258CFB3B476AA99FD503FD71FBB70FFF5ACF ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
21:59:23.0830 0x1d28 LVRS64 - ok
21:59:24.0085 0x1d28 [ 415E344294D1C0D04627B29146F68481, B4A1A05BDF07E8F226A98E51F62BE18BE2C046A084C495BD8A95CABC79FD0614 ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
21:59:24.0381 0x1d28 LVUVC64 - ok
21:59:24.0746 0x1d28 [ 804E3246E3E73D4A936F2F4BCDC53A2D, BF1F9B4AC292238FA6EE541E325B220F311977F9D87D5BC7F90AD058FBF0B35A ] MBAMService E:\Programme\Malwarebytes\Anti-Malware\mbamservice.exe
21:59:24.0912 0x1d28 MBAMService - ok
21:59:24.0966 0x1d28 [ BDE2FC7213C0897524C1357BAAE30239, 1E1AB68145107429217E07A662477C86406E0188BE9F01CAC416AC13054D1A5E ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys
21:59:24.0994 0x1d28 MBAMSwissArmy - ok
21:59:25.0073 0x1d28 [ 69F56C3A8A442A891FC5A274CE3BCBB2, 429E6A5D57975219D0893E48C1C25E88919D6BC0C37B8B560B2D2863A480C696 ] McAfee SiteAdvisor Service C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
21:59:25.0121 0x1d28 McAfee SiteAdvisor Service - ok
21:59:25.0213 0x1d28 [ 56A485A5B702DB8AB32122A2EAD2694E, 28BF10E3CA295246B6A133B3CBA4C84C7AF3726185916CBB26645184F8C5EE25 ] McAPExe C:\Program Files\Common Files\McAfee\VSCore_15_6\McApExe.exe
21:59:25.0301 0x1d28 McAPExe - ok
21:59:25.0342 0x1d28 [ 7515D791E39C9D75714FFDB954D12494, 4B2568FB4C48F8F01FA3EE59116F669FD8FAF1AF427C9262E36491970AB1126D ] McBootDelayStartSvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
21:59:25.0388 0x1d28 McBootDelayStartSvc - ok
21:59:25.0585 0x1d28 [ 080B4F6A1A8ADB39852C3AE8602E2D85, 22AF98641807648B6E2FF0B76AFD009FDAB6BC086C7B16790AB7726B6A4A9476 ] mccspsvc C:\Program Files\Common Files\McAfee\CSP\2.3.290.0\\McCSPServiceHost.exe
21:59:25.0724 0x1d28 mccspsvc - ok
21:59:25.0762 0x1d28 [ 7515D791E39C9D75714FFDB954D12494, 4B2568FB4C48F8F01FA3EE59116F669FD8FAF1AF427C9262E36491970AB1126D ] McMPFSvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
21:59:25.0808 0x1d28 McMPFSvc - ok
21:59:25.0836 0x1d28 [ 7515D791E39C9D75714FFDB954D12494, 4B2568FB4C48F8F01FA3EE59116F669FD8FAF1AF427C9262E36491970AB1126D ] McNaiAnn C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
21:59:25.0881 0x1d28 McNaiAnn - ok
21:59:26.0050 0x1d28 [ A50E64755DFC7777BA2AFA5AE53E9F01, 6A64EBA9307F8AADF723517950D4DB5AE0FCB2714ACC861E468CDBBF24FE39E8 ] McODS C:\Program Files\McAfee\VirusScan\mcods.exe
21:59:26.0160 0x1d28 McODS - ok
21:59:26.0190 0x1d28 [ 7515D791E39C9D75714FFDB954D12494, 4B2568FB4C48F8F01FA3EE59116F669FD8FAF1AF427C9262E36491970AB1126D ] mcpltsvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
21:59:26.0237 0x1d28 mcpltsvc - ok
21:59:26.0265 0x1d28 [ 7515D791E39C9D75714FFDB954D12494, 4B2568FB4C48F8F01FA3EE59116F669FD8FAF1AF427C9262E36491970AB1126D ] McProxy C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
21:59:26.0312 0x1d28 McProxy - ok
21:59:26.0342 0x1d28 [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\Windows\system32\drivers\megasas.sys
21:59:26.0367 0x1d28 megasas - ok
21:59:26.0409 0x1d28 [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\Windows\system32\drivers\megasr.sys
21:59:26.0455 0x1d28 megasr - ok
21:59:26.0503 0x1d28 [ 6820218B1C5EE9037955B337CBB4142B, 85B12BABFFB371C9FF6A20EE795DD33CD8DD784D3CBCF2DEC65E57A3D45EC029 ] mfeaack C:\Windows\system32\drivers\mfeaack.sys
21:59:26.0539 0x1d28 mfeaack - ok
21:59:26.0565 0x1d28 [ 2B1A0FF97C0E065CB83A9A897ECE9F15, 63A2CF428A3F315F9019B7C34E45AEE259BCD468D49B313A44961529581FE40D ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
21:59:26.0597 0x1d28 mfeavfk - ok
21:59:26.0639 0x1d28 [ FE970DF83C4E999998AB440ECAD7D0E7, 7394B5837C8F14A889DE228E7833C0F08FBFF8A40DCA9EA775ADB3A3D67E0178 ] mfeelamk C:\Windows\system32\drivers\mfeelamk.sys
21:59:26.0665 0x1d28 mfeelamk - ok
21:59:26.0699 0x1d28 [ 313DA2DB8E3F908980FBEBC511F30A50, FA1D3F766DED7C4765AD51B985FD1E65C03315E9ED377BF0CEF14B8D01DC7B06 ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
21:59:26.0722 0x1d28 mfefire - ok
21:59:26.0769 0x1d28 [ 472EC3FF35A7D038155F189EC62E2F72, B97E6792FB7FFF7DF356F44955DD733009D900859247F8E4CA06844E2DB9C9CB ] mfefirek C:\Windows\system32\drivers\mfefirek.sys
21:59:26.0820 0x1d28 mfefirek - ok
21:59:26.0890 0x1d28 [ F11A7C2408C4691137E33D82F61221BC, 706DC1AD05245246740CC9572700F65675276E7D550648B4DDDC6BFEFC2272CF ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
21:59:26.0941 0x1d28 mfehidk - ok
21:59:26.0992 0x1d28 [ A185B311B7053F8E9313C835D654862E, 79DA7726F887B82E98F6245B840144202D2B0CE811863DCDCE42F1912FBF6545 ] mfemms C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe
21:59:27.0022 0x1d28 mfemms - ok
21:59:27.0075 0x1d28 [ 261B1A6F691FEBC2F34057BF72010CD9, 589A18AD1C74B1766EB08D9EA5AA46224964D54A50EA7A485660C65A8CA7AEBE ] mfencbdc C:\Windows\system32\DRIVERS\mfencbdc.sys
21:59:27.0111 0x1d28 mfencbdc - ok
21:59:27.0140 0x1d28 [ 54A804B0A4E77542D2E7331F593137C3, B9C8B94D7C22B28CF8E5AADB088510D92C73154A48A51F220B4375C51DE829BE ] mfencrk C:\Windows\system32\DRIVERS\mfencrk.sys
21:59:27.0163 0x1d28 mfencrk - ok
21:59:27.0199 0x1d28 [ 7C2C87D65568F9276100E99B9D225DC4, B2AEC1D5DC528E075F80B6242907C5D2E9A0C82DB59E0FE1114E31E4D90A4533 ] mfeplk C:\Windows\system32\drivers\mfeplk.sys
21:59:27.0221 0x1d28 mfeplk - ok
21:59:27.0281 0x1d28 [ DA49A90A69B3284FD11B6F02D0209A99, 759380964E6450FF21FB9A2BD23BA0394B005EC332E714D40D47262FCDC6CFE9 ] mfesapsn C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys
21:59:27.0299 0x1d28 mfesapsn - ok
21:59:27.0333 0x1d28 [ BF65650E76D1DB5D49D0C15B79419C34, 106339F6968A33020DA3C56F31A9750DB588518C5DBCDED20A31B300905B90AF ] mfevtp C:\Windows\system32\mfevtps.exe
21:59:27.0361 0x1d28 mfevtp - ok
21:59:27.0401 0x1d28 [ 798D11CE31982A628DB55AF6A1B499FD, E6A69F45218645BF2193206FF0797E19E6BA37AC5D123762E57C8A77CE11FA6E ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys
21:59:27.0428 0x1d28 mfewfpk - ok
21:59:27.0456 0x1d28 [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS C:\Windows\system32\mmcss.dll
21:59:27.0572 0x1d28 MMCSS - ok
21:59:27.0598 0x1d28 [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\Windows\system32\drivers\modem.sys
21:59:27.0674 0x1d28 Modem - ok
21:59:27.0797 0x1d28 [ A33B71D493BA379312B176A27FB5B085, 81A4D286BAB7A51F56AD23610A2F3137BAAFC94FBCF5F3341DF136F0EEBA99D8 ] ModuleCoreService C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
21:59:27.0880 0x1d28 ModuleCoreService - ok
21:59:27.0902 0x1d28 [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\Windows\System32\drivers\monitor.sys
21:59:27.0970 0x1d28 monitor - ok
21:59:28.0003 0x1d28 [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass C:\Windows\System32\drivers\mouclass.sys
21:59:28.0026 0x1d28 mouclass - ok
21:59:28.0037 0x1d28 [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid C:\Windows\System32\drivers\mouhid.sys
21:59:28.0086 0x1d28 mouhid - ok
21:59:28.0115 0x1d28 [ 24DABC0A77FAFDC0E379AB3B30F61BB6, E66624ABBF1D742879035F9161F9D3713DE7B759B3D3CF8B96C9E397A02FCF82 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
21:59:28.0140 0x1d28 mountmgr - ok
21:59:28.0174 0x1d28 [ 0DE2474F316C515482ABAD3B697F8714, 62862AE7432F5350068E96AD466093359C6CF444EB517AE6D09134FAF78C49F5 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:59:28.0197 0x1d28 MozillaMaintenance - ok
21:59:28.0230 0x1d28 [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:59:28.0278 0x1d28 mpsdrv - ok
21:59:28.0354 0x1d28 [ D1418745A5472F3930A288E05B9E2C05, 95785F0FA7EE239459C0288DB37E9E54648029FD6FE45A61E6343526D67FFA32 ] MpsSvc C:\Windows\system32\mpssvc.dll
21:59:28.0436 0x1d28 MpsSvc - ok
21:59:28.0473 0x1d28 [ 3F818C1518DA702C8F10259095C9BDE0, B98C1A6F9A3C01A10503B2B2C45CC89AFF17B346B15990F4DB4820F68BDC62C8 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:59:28.0533 0x1d28 MRxDAV - ok
21:59:28.0580 0x1d28 [ C3B0566DE49265AE98405825938C20A1, F8BCA4A5AF21B841C998D4772DA9FF84E45F1356AA1285A1D48C06574A81CA4C ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:59:28.0621 0x1d28 mrxsmb - ok
21:59:28.0672 0x1d28 [ 15D7AF1A26CCEBA32DF21A8E2098F463, 84390806AD3A9651DAB803E9257EEE851B898ED2AB56D8936E8C9F6B41967243 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:59:28.0815 0x1d28 mrxsmb10 - ok
21:59:28.0889 0x1d28 [ 0790EEB1EC199F8BE8259E47B373ED23, F9330F43B40675CCB60804182EF04BFBA3837ED14C798788A4B27D65A646D1C7 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:59:28.0988 0x1d28 mrxsmb20 - ok
21:59:29.0028 0x1d28 [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge C:\Windows\system32\DRIVERS\bridge.sys
21:59:29.0067 0x1d28 MsBridge - ok
21:59:29.0115 0x1d28 [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC C:\Windows\System32\msdtc.exe
21:59:29.0147 0x1d28 MSDTC - ok
21:59:29.0181 0x1d28 [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:59:29.0210 0x1d28 Msfs - ok
21:59:29.0226 0x1d28 [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\Windows\System32\drivers\msgpiowin32.sys
21:59:29.0250 0x1d28 msgpiowin32 - ok
21:59:29.0273 0x1d28 [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
21:59:29.0318 0x1d28 mshidkmdf - ok
21:59:29.0338 0x1d28 [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\Windows\System32\drivers\mshidumdf.sys
21:59:29.0380 0x1d28 mshidumdf - ok
21:59:29.0412 0x1d28 [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
21:59:29.0445 0x1d28 msisadrv - ok
21:59:29.0492 0x1d28 [ A06142B3850B06972F1C89748FAA2C02, B1CCC5C8D100FEB384FCC85FED2A77F47DA4C9BA5F6889A130F4D73E30ACAA78 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:59:29.0545 0x1d28 MSiSCSI - ok
21:59:29.0553 0x1d28 msiserver - ok
21:59:29.0699 0x1d28 [ 7515D791E39C9D75714FFDB954D12494, 4B2568FB4C48F8F01FA3EE59116F669FD8FAF1AF427C9262E36491970AB1126D ] MSK80Service C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
21:59:29.0751 0x1d28 MSK80Service - ok
21:59:29.0775 0x1d28 [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:59:29.0827 0x1d28 MSKSSRV - ok
21:59:29.0860 0x1d28 [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp C:\Windows\system32\DRIVERS\mslldp.sys
21:59:29.0940 0x1d28 MsLldp - ok
21:59:29.0966 0x1d28 [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:59:30.0009 0x1d28 MSPCLOCK - ok
21:59:30.0028 0x1d28 [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:59:30.0068 0x1d28 MSPQM - ok
21:59:30.0147 0x1d28 [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:59:30.0193 0x1d28 MsRPC - ok
21:59:30.0225 0x1d28 [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\Windows\System32\drivers\mssmbios.sys
21:59:30.0248 0x1d28 mssmbios - ok
21:59:30.0261 0x1d28 [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:59:30.0312 0x1d28 MSTEE - ok
21:59:30.0331 0x1d28 [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\Windows\System32\drivers\MTConfig.sys
21:59:30.0375 0x1d28 MTConfig - ok
21:59:30.0409 0x1d28 [ 438EA7A2D8D4F9B8AFB64748ACA70BA8, AEEB7B657B645C4006C6D5E8D07ECE581DEE7AD22EA1A587C552574990CF091B ] Mup C:\Windows\system32\Drivers\mup.sys
21:59:30.0436 0x1d28 Mup - ok
21:59:30.0451 0x1d28 [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\Windows\system32\drivers\mvumis.sys
21:59:30.0477 0x1d28 mvumis - ok
21:59:30.0532 0x1d28 [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent C:\Windows\system32\qagentRT.dll
21:59:30.0587 0x1d28 napagent - ok
21:59:30.0642 0x1d28 [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:59:30.0709 0x1d28 NativeWifiP - ok
21:59:30.0750 0x1d28 [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc C:\Windows\System32\ncasvc.dll
21:59:30.0822 0x1d28 NcaSvc - ok
21:59:30.0858 0x1d28 [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService C:\Windows\System32\ncbservice.dll
21:59:30.0924 0x1d28 NcbService - ok
21:59:30.0954 0x1d28 [ 0813B71EAF097208DC76CE0605B48AF0, A93A2E6A8FB77B58AC4D580E6F8BF307A25BADC9493994F9BE235EBFB0E1DB22 ] NcdAutoSetup C:\Windows\System32\NcdAutoSetup.dll
21:59:31.0016 0x1d28 NcdAutoSetup - ok
21:59:31.0089 0x1d28 [ 97DC5967F65503213FD1F1B3E4A6F983, 3EC515856C7CE9B30032F963DC04190F66EE62402A819781DC45B7D088C84229 ] NDIS C:\Windows\system32\drivers\ndis.sys
21:59:31.0156 0x1d28 NDIS - ok
21:59:31.0191 0x1d28 [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
21:59:31.0228 0x1d28 NdisCap - ok
21:59:31.0272 0x1d28 [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform C:\Windows\system32\DRIVERS\NdisImPlatform.sys
21:59:31.0364 0x1d28 NdisImPlatform - ok
21:59:31.0395 0x1d28 [ F6CAD1FD269E8FFE4DACF0F7A653CB02, 46476469CE07348EA69202E954D969A899553A93B7B224E09882564811DD48BF ] ndisrd C:\Windows\system32\DRIVERS\ndisrfl.sys
21:59:31.0415 0x1d28 ndisrd - ok
21:59:31.0447 0x1d28 [ 82821F4EEC776B4CF11695A38F3ABA46, 23184F9D31E662855DC4D23EFE7C2FE00E5487D3762B6024704A5D8C87762E1C ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:59:31.0504 0x1d28 NdisTapi - ok
21:59:31.0538 0x1d28 [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:59:31.0593 0x1d28 Ndisuio - ok
21:59:31.0613 0x1d28 [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\Windows\System32\drivers\NdisVirtualBus.sys
21:59:31.0663 0x1d28 NdisVirtualBus - ok
21:59:31.0700 0x1d28 [ C3755FCF9A0B5C6FE8ED9E873B85D3CE, 4D3DAFAFA5FB2930522D6DA536E3A731BABE0C24613C190D2330DB415D1A6515 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:59:31.0761 0x1d28 NdisWan - ok
21:59:31.0773 0x1d28 [ C3755FCF9A0B5C6FE8ED9E873B85D3CE, 4D3DAFAFA5FB2930522D6DA536E3A731BABE0C24613C190D2330DB415D1A6515 ] NdisWanLegacy C:\Windows\system32\DRIVERS\ndiswan.sys
21:59:31.0842 0x1d28 NdisWanLegacy - ok
21:59:31.0872 0x1d28 [ DDD7F92A83F74D1476B71FBA9530A8DC, D3F94FC9F48854E09B0B77CE5E1C1DB948D54EAC63C5583437051BB893B5A386 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:59:31.0917 0x1d28 NDProxy - ok
21:59:31.0956 0x1d28 [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu C:\Windows\system32\drivers\Ndu.sys
21:59:31.0996 0x1d28 Ndu - ok
21:59:32.0047 0x1d28 [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\System32\HPZinw12.dll
21:59:32.0096 0x1d28 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
21:59:32.0096 0x1d28 Detect skipped due to KSN trusted
21:59:32.0096 0x1d28 Net Driver HPZ12 - ok
21:59:32.0122 0x1d28 [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:59:32.0171 0x1d28 NetBIOS - ok
21:59:32.0211 0x1d28 [ 9DC17B7D9D84C37C102D379FCC7D4942, D522022ED4395686837E96F57EE29F8065FB749D1195B60D2A406FB33F696C09 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
21:59:32.0338 0x1d28 NetBT - ok
21:59:32.0368 0x1d28 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon C:\Windows\system32\lsass.exe
21:59:32.0395 0x1d28 Netlogon - ok
21:59:32.0436 0x1d28 [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman C:\Windows\System32\netman.dll
21:59:32.0473 0x1d28 Netman - ok
21:59:32.0537 0x1d28 [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm C:\Windows\System32\netprofmsvc.dll
21:59:32.0594 0x1d28 netprofm - ok
21:59:32.0625 0x1d28 [ 87CFE8B5238A976E222B71572EA974BF, D54E087673E4BD40E45763AB3C199804E4B25EAFBB511301A177480F299D6539 ] NetTap630 C:\Windows\system32\DRIVERS\nettap630.sys
21:59:32.0645 0x1d28 NetTap630 - ok
21:59:32.0735 0x1d28 [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:59:32.0844 0x1d28 NetTcpPortSharing - ok
21:59:32.0878 0x1d28 [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc C:\Windows\System32\drivers\netvsc63.sys
21:59:32.0926 0x1d28 netvsc - ok
21:59:32.0967 0x1d28 [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc C:\Windows\System32\nlasvc.dll
21:59:33.0046 0x1d28 NlaSvc - ok
21:59:33.0079 0x1d28 [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:59:33.0126 0x1d28 Npfs - ok
21:59:33.0161 0x1d28 [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\Windows\System32\drivers\npsvctrig.sys
21:59:33.0219 0x1d28 npsvctrig - ok
21:59:33.0257 0x1d28 [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi C:\Windows\system32\nsisvc.dll
21:59:33.0335 0x1d28 nsi - ok
21:59:33.0371 0x1d28 [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:59:33.0412 0x1d28 nsiproxy - ok
21:59:33.0532 0x1d28 [ 9980B262DBE439AE6BDC91AA985F19EE, E998E4CAE9CD103ADA9CA3C737C4DAD017D056828BFA42A41C7B4E4E108FB13C ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:59:33.0669 0x1d28 Ntfs - ok
21:59:33.0702 0x1d28 [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\Windows\system32\drivers\Null.sys
21:59:33.0745 0x1d28 Null - ok
21:59:33.0774 0x1d28 [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\Windows\system32\drivers\nvraid.sys
21:59:33.0802 0x1d28 nvraid - ok
21:59:33.0816 0x1d28 [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\Windows\system32\drivers\nvstor.sys
21:59:33.0846 0x1d28 nvstor - ok
21:59:33.0868 0x1d28 [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
21:59:33.0895 0x1d28 nv_agp - ok
21:59:33.0941 0x1d28 [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
21:59:34.0015 0x1d28 p2pimsvc - ok
21:59:34.0123 0x1d28 [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc C:\Windows\system32\p2psvc.dll
21:59:34.0246 0x1d28 p2psvc - ok
21:59:34.0294 0x1d28 [ 57DCE4FB0467986AE78E1C6FC5240D32, F7F3ADD1B48E4D6BB0A664A2FE556F71ED7453054B4FB667A29BE050C845045B ] Parport C:\Windows\System32\drivers\parport.sys
21:59:34.0343 0x1d28 Parport - ok
21:59:34.0399 0x1d28 [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:59:34.0425 0x1d28 partmgr - ok
21:59:34.0477 0x1d28 [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc C:\Windows\System32\pcasvc.dll
21:59:34.0541 0x1d28 PcaSvc - ok
21:59:34.0586 0x1d28 [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci C:\Windows\system32\drivers\pci.sys
21:59:34.0622 0x1d28 pci - ok
21:59:34.0647 0x1d28 [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\Windows\system32\drivers\pciide.sys
21:59:34.0670 0x1d28 pciide - ok
21:59:34.0693 0x1d28 [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
21:59:34.0721 0x1d28 pcmcia - ok
21:59:34.0738 0x1d28 [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\Windows\system32\drivers\pcw.sys
21:59:34.0763 0x1d28 pcw - ok
21:59:34.0788 0x1d28 [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc C:\Windows\system32\drivers\pdc.sys
21:59:34.0814 0x1d28 pdc - ok
21:59:34.0850 0x1d28 [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:59:34.0959 0x1d28 PEAUTH - ok
21:59:35.0115 0x1d28 [ 028362370BEEBADACC881E3D4956E236, D641E431F8B41218E92C0F02A3FE9897B09E116AC8222DC0E7C4994BC0CEEA2F ] PEFService C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
21:59:35.0184 0x1d28 PEFService - ok
21:59:35.0259 0x1d28 [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\Windows\SysWow64\perfhost.exe
21:59:35.0307 0x1d28 PerfHost - ok
21:59:35.0449 0x1d28 [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla C:\Windows\system32\pla.dll
21:59:35.0573 0x1d28 pla - ok
21:59:35.0613 0x1d28 [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:59:35.0644 0x1d28 PlugPlay - ok
21:59:35.0676 0x1d28 [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\Windows\System32\HPZipm12.dll
21:59:35.0689 0x1d28 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
21:59:35.0689 0x1d28 Detect skipped due to KSN trusted
21:59:35.0689 0x1d28 Pml Driver HPZ12 - ok
21:59:35.0722 0x1d28 [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
21:59:35.0767 0x1d28 PNRPAutoReg - ok
21:59:35.0801 0x1d28 [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
21:59:35.0841 0x1d28 PNRPsvc - ok
21:59:35.0902 0x1d28 [ 0FF8507A8B901B904E98EB36B9E347EE, FE4A9A6159A8490F3155D166656748722EFDEDCDC447C09155A5AD6D9F5D294D ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:59:35.0980 0x1d28 PolicyAgent - ok
21:59:36.0020 0x1d28 [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power C:\Windows\system32\umpo.dll
21:59:36.0062 0x1d28 Power - ok
21:59:36.0284 0x1d28 [ F6EA63145C20A23732AD2CA1EBA65FA1, 0DD1164D37C1500258E9CCCE458778A3DA196D9A65919B2672E3C88383068F52 ] PrintNotify C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
21:59:36.0517 0x1d28 PrintNotify - ok
21:59:36.0569 0x1d28 [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\Windows\System32\drivers\processr.sys
21:59:36.0617 0x1d28 Processor - ok
21:59:36.0652 0x1d28 [ 6E409D818C6B342544EAE741B1422B85, B4ADFB7809FC42C432C984C3AC13FAFD1B7AD53BCC7FB16E86371DE4C829DD1A ] ProfSvc C:\Windows\system32\profsvc.dll
21:59:36.0736 0x1d28 ProfSvc - ok
21:59:36.0780 0x1d28 [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
21:59:36.0822 0x1d28 Psched - ok
21:59:36.0905 0x1d28 [ 2ACAB8C99FFCB2555A5979944D26EB50, BA0543FEBFCB50A7A379D695F110DB0C6CB5AA299D3C517FE270635044F00BFA ] QASvc C:\Program Files\Packard Bell\Packard Bell Quick Access\QASvc.exe
21:59:36.0964 0x1d28 QASvc - ok
21:59:37.0009 0x1d28 [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE C:\Windows\system32\qwave.dll
21:59:37.0084 0x1d28 QWAVE - ok
21:59:37.0118 0x1d28 [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:59:37.0156 0x1d28 QWAVEdrv - ok
21:59:37.0183 0x1d28 [ 6A52182919E25FB56D253D389F92CE98, AE6497D5CF324CB813248ADECB0F53E5CB3D6C326774E2257319E4CE7782C591 ] RadioShim C:\Windows\System32\drivers\RadioShim.sys
21:59:37.0199 0x1d28 RadioShim - ok
21:59:37.0226 0x1d28 [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:59:37.0262 0x1d28 RasAcd - ok
21:59:37.0307 0x1d28 [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto C:\Windows\System32\rasauto.dll
21:59:37.0354 0x1d28 RasAuto - ok
21:59:37.0410 0x1d28 [ 15C0034561FE5B03FA376F1A6232478B, 0F9B5C2BD7D8803FF3C5ED957D3F0859F2A59B74510E4659FBF05EDCBF230208 ] RasMan C:\Windows\System32\rasmans.dll
21:59:37.0507 0x1d28 RasMan - ok
21:59:37.0548 0x1d28 [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:59:37.0591 0x1d28 RasPppoe - ok
21:59:37.0644 0x1d28 [ D67ED4AB59D1EF66B05AD1A81AC28B26, 72E750A9A6B484D8BEDE52FA6DABEF4D95765DE491152E1F6C856D0590B50C28 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:59:37.0739 0x1d28 rdbss - ok
21:59:37.0763 0x1d28 [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\Windows\System32\drivers\rdpbus.sys
21:59:37.0826 0x1d28 rdpbus - ok
21:59:37.0855 0x1d28 [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
21:59:37.0923 0x1d28 RDPDR - ok
21:59:37.0954 0x1d28 [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
21:59:37.0977 0x1d28 RdpVideoMiniport - ok
21:59:38.0007 0x1d28 [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
21:59:38.0041 0x1d28 rdyboost - ok
21:59:38.0113 0x1d28 [ 2D39BCFA4DD1081B8F282B623456B858, DD8C433B66B6661F4DBD1784CBD334441B508BE84932DD443F7AD51CEA192BA9 ] ReFS C:\Windows\system32\drivers\ReFS.sys
21:59:38.0199 0x1d28 ReFS - ok
21:59:38.0244 0x1d28 [ DF78648AC3C8DC9D70E6714AF785382F, 56E104939ED0AB5B26AE07BAB1BBB7D15828DBD3A2AD35361423D7ADDA4BA551 ] RemoteAccess C:\Windows\System32\mprdim.dll
21:59:38.0281 0x1d28 RemoteAccess - ok
21:59:38.0330 0x1d28 [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:59:38.0397 0x1d28 RemoteRegistry - ok
21:59:38.0434 0x1d28 [ DC66AE45816614D2999DCD3834DCCC4E, 1C26225135E851DDD1307F52401DD7055B26B3F3B8FDD693B21042C2896E235A ] RFCOMM C:\Windows\System32\drivers\rfcomm.sys
21:59:38.0474 0x1d28 RFCOMM - ok
21:59:38.0566 0x1d28 [ 41DDCF1ADD1FB7DE23DCF671740DDBE6, 87ECB5C883CEFF76D126A5B4D92E069C9298FA5B62CC981870F9ECCA13C074F1 ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
21:59:38.0659 0x1d28 RichVideo - ok
21:59:38.0698 0x1d28 [ 858DB87C457D2B44DDEF876B170AAACE, E59D06DCBD94573A89D98B58C46A3DA0AD115831D2A0FBD2F7940A6694504A28 ] RMSvc C:\Program Files\Packard Bell\Packard Bell Quick Access\RMSvc.exe
21:59:38.0737 0x1d28 RMSvc - ok
21:59:38.0769 0x1d28 [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
21:59:38.0812 0x1d28 RpcEptMapper - ok
21:59:38.0850 0x1d28 [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator C:\Windows\system32\locator.exe
21:59:38.0905 0x1d28 RpcLocator - ok
21:59:38.0963 0x1d28 [ 7830CEA509693DE0817DF2F3F2D80E89, 7B1786CD225E2D6BCFA484D0BFB81DD162D5713EAEC80C53317CC6950E3D17F3 ] RpcSs C:\Windows\system32\rpcss.dll
21:59:39.0019 0x1d28 RpcSs - ok
21:59:39.0055 0x1d28 [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:59:39.0105 0x1d28 rspndr - ok
21:59:39.0165 0x1d28 [ BCDE27DA663D2F1BE1EA262F2BFDA8D0, 07744F83C41503D8C948E8D8569628C7C9D283EBA3C20CB63BC81123812A0A25 ] RSUSBVSTOR C:\Windows\System32\Drivers\RtsUVStor.sys
21:59:39.0192 0x1d28 RSUSBVSTOR - ok
21:59:39.0246 0x1d28 [ D5C3918E3EF787A41172B8E5348247F0, 033E5E6037CDFE65D26AD834ACD2B652EEED66BA48753F7B319C9FD41CE4F180 ] RTL8168 C:\Windows\system32\DRIVERS\Rt630x64.sys
21:59:39.0293 0x1d28 RTL8168 - ok
21:59:39.0312 0x1d28 [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\Windows\System32\drivers\vms3cap.sys
21:59:39.0352 0x1d28 s3cap - ok
21:59:39.0376 0x1d28 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs C:\Windows\system32\lsass.exe
21:59:39.0401 0x1d28 SamSs - ok
21:59:39.0423 0x1d28 [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
21:59:39.0450 0x1d28 sbp2port - ok
21:59:39.0483 0x1d28 [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:59:39.0534 0x1d28 SCardSvr - ok
21:59:39.0571 0x1d28 [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum C:\Windows\System32\ScDeviceEnum.dll
21:59:39.0623 0x1d28 ScDeviceEnum - ok
21:59:39.0651 0x1d28 [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
21:59:39.0688 0x1d28 scfilter - ok
21:59:39.0789 0x1d28 [ 3151A020E03DDE31AAC49F35C5EFB4DB, 5ABB1103009979F86C862357E28F37C2744979F2C99F7CF6ABB4EB1B8416B3F6 ] Schedule C:\Windows\system32\schedsvc.dll
21:59:39.0870 0x1d28 Schedule - ok
21:59:39.0912 0x1d28 [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc C:\Windows\System32\certprop.dll
21:59:39.0943 0x1d28 SCPolicySvc - ok
21:59:39.0985 0x1d28 [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus C:\Windows\System32\drivers\sdbus.sys
21:59:40.0018 0x1d28 sdbus - ok
21:59:40.0053 0x1d28 [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\Windows\System32\drivers\sdstor.sys
21:59:40.0078 0x1d28 sdstor - ok
21:59:40.0108 0x1d28 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:59:40.0155 0x1d28 secdrv - ok
21:59:40.0184 0x1d28 [ 6627154693B6C2B8A59727F5B38728E8, F08251EE3436400295F120D48F3763E6F11BBF4132D674AD3E8112B6B3538455 ] seclogon C:\Windows\system32\seclogon.dll
21:59:40.0293 0x1d28 seclogon - ok
21:59:40.0334 0x1d28 [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS C:\Windows\System32\sens.dll
21:59:40.0377 0x1d28 SENS - ok
21:59:40.0425 0x1d28 [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
21:59:40.0500 0x1d28 SensrSvc - ok
21:59:40.0535 0x1d28 [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\Windows\system32\drivers\SerCx.sys
21:59:40.0559 0x1d28 SerCx - ok
21:59:40.0583 0x1d28 [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\Windows\system32\drivers\SerCx2.sys
21:59:40.0611 0x1d28 SerCx2 - ok
21:59:40.0645 0x1d28 [ 1F0135949A6AD6025F363F80FE268251, DB2D503863143F2251E589F7B0B3E9FBF997D7333D54C55856590B5080B5513D ] Serenum C:\Windows\System32\drivers\serenum.sys
21:59:40.0705 0x1d28 Serenum - ok
21:59:40.0722 0x1d28 [ 81633C87B42B63BA484A6177179AC750, A22BA40E9EC74E88D8098CBDC954E1D63B832FCB789E3C7B731DE5DA39BEE2CA ] Serial C:\Windows\System32\drivers\serial.sys
21:59:40.0752 0x1d28 Serial - ok
21:59:40.0774 0x1d28 [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse C:\Windows\System32\drivers\sermouse.sys
21:59:40.0827 0x1d28 sermouse - ok
21:59:40.0878 0x1d28 [ 389458EA0B5FAEBA325FAC47B9ED589E, F7F37A1F1E912069F65E4629FF733F080AE675DF6FE255AF48F5E23EB47D0622 ] SessionEnv C:\Windows\system32\sessenv.dll
21:59:40.0944 0x1d28 SessionEnv - ok
21:59:40.0967 0x1d28 [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\Windows\System32\drivers\sfloppy.sys
21:59:41.0017 0x1d28 sfloppy - ok
21:59:41.0066 0x1d28 [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:59:41.0125 0x1d28 SharedAccess - ok
21:59:41.0204 0x1d28 [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:59:41.0310 0x1d28 ShellHWDetection - ok
21:59:41.0346 0x1d28 [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
21:59:41.0368 0x1d28 SiSRaid2 - ok
21:59:41.0389 0x1d28 [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
21:59:41.0416 0x1d28 SiSRaid4 - ok
21:59:41.0460 0x1d28 [ B72B80E6FF423C5011E745CB76DA9A08, 18A6B9D46E91AD4D463EB5CB832702392D2E162577F90C328B515FCE69FABD15 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
21:59:41.0501 0x1d28 SkypeUpdate - ok
21:59:41.0533 0x1d28 [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost C:\Windows\System32\smphost.dll
21:59:41.0723 0x1d28 smphost - ok
21:59:41.0771 0x1d28 [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:59:41.0800 0x1d28 SNMPTRAP - ok
21:59:41.0873 0x1d28 [ 546B88E6906EE9813EFE314DC95E3488, FC172C2DCC7ACDBBC9CE07CFCBAEDFAEAD2641A037E126174525DBE8BA660CC4 ] spaceport C:\Windows\system32\drivers\spaceport.sys
21:59:41.0916 0x1d28 spaceport - ok
21:59:41.0930 0x1d28 [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\Windows\system32\drivers\SpbCx.sys
21:59:41.0955 0x1d28 SpbCx - ok
21:59:42.0011 0x1d28 [ FCB156A6745631A67DEA61827061D483, 9275ABFA1E1E595969A71C0DA228D18D1B868BF46E097E1276142BD80F8A32C9 ] Spooler C:\Windows\System32\spoolsv.exe
21:59:42.0077 0x1d28 Spooler - ok
21:59:42.0413 0x1d28 [ F264662C057A54AA2DE41B3C7551712F, 2C123C6ACD967CDF1AD2855187CF3D8357B16A4FD9C2F18AE54CFA384165FA11 ] sppsvc C:\Windows\system32\sppsvc.exe
21:59:42.0724 0x1d28 sppsvc - ok
21:59:42.0740 0x1d28 Object required for P2P: [ F264662C057A54AA2DE41B3C7551712F ] sppsvc
21:59:43.0000 0x1d28 Object send P2P result: true
21:59:43.0081 0x1d28 [ 36B082C7A764A34FB1DC72D975870B61, 572CB632D9FDC1183F7BF8BFCBC51765C647945E0C13D1C91ADE3D0E76DF83BC ] srv C:\Windows\system32\DRIVERS\srv.sys
21:59:43.0164 0x1d28 srv - ok
21:59:43.0210 0x1d28 [ F5849909D4B29B4E3D4445F943E5C7E3, 3FCA1423753716FE1AFDD27EE1E13C4D779A3C976185B5C998EF1A9A39BFC186 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:59:43.0319 0x1d28 srv2 - ok
21:59:43.0407 0x1d28 [ FABC49666708EA562549E78E6FBF3191, BE1FEBFC259308B39C727915C41A67CD50720A6E2A68D148F4F2F926AED43B02 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:59:43.0477 0x1d28 srvnet - ok
21:59:43.0521 0x1d28 [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:59:43.0575 0x1d28 SSDPSRV - ok
21:59:43.0617 0x1d28 [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:59:43.0670 0x1d28 SstpSvc - ok
21:59:43.0723 0x1d28 [ D08FFE34AF5B7AC5F69EEA1E0E8C6ECE, CC43752CE5C879E24229C84443DBEE667CE629ECF992AD0D42F0F77FE04F6751 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
21:59:43.0752 0x1d28 ssudmdm - ok
21:59:43.0773 0x1d28 [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\Windows\system32\drivers\stexstor.sys
21:59:43.0798 0x1d28 stexstor - ok
21:59:43.0851 0x1d28 [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc C:\Windows\System32\wiaservc.dll
21:59:43.0919 0x1d28 stisvc - ok
21:59:43.0947 0x1d28 [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\Windows\system32\drivers\storahci.sys
21:59:43.0974 0x1d28 storahci - ok
21:59:44.0000 0x1d28 [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
21:59:44.0026 0x1d28 storflt - ok
21:59:44.0068 0x1d28 [ 0EDD1F4D470C775740625B06A60C9DD5, 94964D0A793B1C984E87095249EE383A5E669D05BA6BF9F655587887E6CE3C19 ] stornvme C:\Windows\system32\drivers\stornvme.sys
21:59:44.0093 0x1d28 stornvme - ok
21:59:44.0115 0x1d28 [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc C:\Windows\system32\storsvc.dll
21:59:44.0164 0x1d28 StorSvc - ok
21:59:44.0196 0x1d28 [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\Windows\system32\drivers\storvsc.sys
21:59:44.0218 0x1d28 storvsc - ok
21:59:44.0265 0x1d28 [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc C:\Windows\system32\svsvc.dll
21:59:44.0305 0x1d28 svsvc - ok
21:59:44.0351 0x1d28 [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum C:\Windows\System32\drivers\swenum.sys
21:59:44.0373 0x1d28 swenum - ok
21:59:44.0432 0x1d28 [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv C:\Windows\System32\swprv.dll
21:59:44.0495 0x1d28 swprv - ok
21:59:44.0587 0x1d28 [ 7E85DB0463AD2403AE84AD162B162279, 996C42ECAFC6E24C623068AFAFCC0A2612526333AF9315F7536C6D40C2570632 ] SysMain C:\Windows\system32\sysmain.dll
21:59:44.0732 0x1d28 SysMain - ok
21:59:44.0798 0x1d28 [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
21:59:44.0868 0x1d28 SystemEventsBroker - ok
21:59:44.0911 0x1d28 [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:59:44.0979 0x1d28 TabletInputService - ok
21:59:45.0030 0x1d28 [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv C:\Windows\System32\tapisrv.dll
21:59:45.0119 0x1d28 TapiSrv - ok
21:59:45.0312 0x1d28 [ 2F10C145F517419E17203632FCDA0A13, 143F5837AE79E3EDB98F17A4661ECD5BCBFEB317077286B51E765560339B53A8 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:59:45.0436 0x1d28 Tcpip - ok
21:59:45.0546 0x1d28 [ 2F10C145F517419E17203632FCDA0A13, 143F5837AE79E3EDB98F17A4661ECD5BCBFEB317077286B51E765560339B53A8 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
21:59:45.0672 0x1d28 TCPIP6 - ok
21:59:45.0705 0x1d28 [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:59:45.0759 0x1d28 tcpipreg - ok
21:59:45.0812 0x1d28 [ E0BD2D83875464FEEEB242CBA8B7E073, A3067165128F36035FA9F3CBA55CFED736E180C495497FA7332B3D97908C3D90 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:59:45.0860 0x1d28 tdx - ok
21:59:45.0883 0x1d28 [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\Windows\System32\drivers\terminpt.sys
21:59:45.0906 0x1d28 terminpt - ok
21:59:45.0981 0x1d28 [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService C:\Windows\System32\termsrv.dll
21:59:46.0084 0x1d28 TermService - ok
21:59:46.0121 0x1d28 [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes C:\Windows\system32\themeservice.dll
21:59:46.0173 0x1d28 Themes - ok
21:59:46.0209 0x1d28 [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER C:\Windows\system32\mmcss.dll
21:59:46.0252 0x1d28 THREADORDER - ok
21:59:46.0301 0x1d28 [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker C:\Windows\System32\TimeBrokerServer.dll
21:59:46.0385 0x1d28 TimeBroker - ok
21:59:46.0426 0x1d28 [ 80A2FC1A089A71F2DBE5D8394FFB009F, DEA30E751F6EA42E43E16869713FC7E37832B15DAFA0062B1798DFA476981385 ] TPM C:\Windows\system32\drivers\tpm.sys
21:59:46.0457 0x1d28 TPM - ok
21:59:46.0491 0x1d28 [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks C:\Windows\System32\trkwks.dll
21:59:46.0542 0x1d28 TrkWks - ok
21:59:46.0589 0x1d28 [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:59:46.0701 0x1d28 TrustedInstaller - ok
21:59:46.0737 0x1d28 [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
21:59:46.0810 0x1d28 TsUsbFlt - ok
21:59:46.0843 0x1d28 [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD C:\Windows\System32\drivers\TsUsbGD.sys
21:59:46.0920 0x1d28 TsUsbGD - ok
21:59:46.0950 0x1d28 [ E85916632CD3B9E9B546968DB950BF42, DECE3852C763CC6293C7D1B772296C43A0AE1E47BBCC4979C96B3B2AD70413F3 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:59:47.0013 0x1d28 tunnel - ok
21:59:47.0043 0x1d28 [ E624283C1A2F9BB4688A002914CC00A7, B6908C1FFDD6BCFFC5C2FC0C429FC3E237E340F891F80CFD737BE41E5EF7E328 ] TXEIx64 C:\Windows\System32\drivers\TXEIx64.sys
21:59:47.0065 0x1d28 TXEIx64 - ok
21:59:47.0089 0x1d28 [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
21:59:47.0115 0x1d28 uagp35 - ok
21:59:47.0140 0x1d28 [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\Windows\System32\drivers\uaspstor.sys
21:59:47.0165 0x1d28 UASPStor - ok
21:59:47.0202 0x1d28 [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000 C:\Windows\System32\drivers\ucx01000.sys
21:59:47.0232 0x1d28 UCX01000 - ok
21:59:47.0270 0x1d28 [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:59:47.0330 0x1d28 udfs - ok
21:59:47.0352 0x1d28 [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\Windows\System32\drivers\UEFI.sys
21:59:47.0375 0x1d28 UEFI - ok
21:59:47.0418 0x1d28 [ EE33325429532937D51AC3F54DC93589, D861B541E42F41EDC69A2A3B44860E40164D797D11B4343495DE6281D33F718C ] UEIPSvc C:\Program Files\Packard Bell\User Experience Improvement Program\Framework\UBTService.exe
21:59:47.0443 0x1d28 UEIPSvc - ok
21:59:47.0484 0x1d28 [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:59:47.0533 0x1d28 UI0Detect - ok
21:59:47.0564 0x1d28 [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
21:59:47.0589 0x1d28 uliagpkx - ok
21:59:47.0606 0x1d28 [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\Windows\System32\drivers\umbus.sys
21:59:47.0654 0x1d28 umbus - ok
21:59:47.0676 0x1d28 [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\Windows\System32\drivers\umpass.sys
21:59:47.0720 0x1d28 UmPass - ok
21:59:47.0762 0x1d28 [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService C:\Windows\System32\umrdp.dll
21:59:47.0852 0x1d28 UmRdpService - ok
21:59:47.0911 0x1d28 [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost C:\Windows\System32\upnphost.dll
21:59:47.0984 0x1d28 upnphost - ok
21:59:48.0027 0x1d28 [ DF355EB0199198728027962DCFCDE5FB, 9E158BD07389B4CFF99674716647FA3AABEECBD1A98EDF20E544E099A99A8768 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
21:59:48.0081 0x1d28 usbaudio - ok
21:59:48.0105 0x1d28 [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp C:\Windows\System32\drivers\usbccgp.sys
21:59:48.0136 0x1d28 usbccgp - ok
21:59:48.0168 0x1d28 [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir C:\Windows\System32\drivers\usbcir.sys
21:59:48.0205 0x1d28 usbcir - ok
21:59:48.0232 0x1d28 [ C996CBEF922B5653A01E3F50DDCE2F86, 231EB5A36E7EE242197E796D3B4AB12F945D2C8570587BC8D57D45530A0C59B4 ] usbehci C:\Windows\System32\drivers\usbehci.sys
21:59:48.0258 0x1d28 usbehci - ok
21:59:48.0303 0x1d28 [ CD81683F4553677B9BF5163A922153EB, 6B304B0D68B9BFF0245EC755CDAAF9DF59DF3A081727E32CB66672929F0DBC50 ] usbhub C:\Windows\System32\drivers\usbhub.sys
21:59:48.0352 0x1d28 usbhub - ok
21:59:48.0533 0x1d28 [ 5C90D5379B53590FBB24BBAD4FA682EE, DC036340510C1C0999AB1CB845F8E6EB8B7696BAC9BBE6E936454C0000D1E9D4 ] USBHUB3 C:\Windows\System32\drivers\UsbHub3.sys
21:59:48.0588 0x1d28 USBHUB3 - ok
21:59:48.0628 0x1d28 [ A0F0484C97D6441ED6A75D7426ECCC9E, FF928ADE1C5464E581BF929F7383D5762D110EA6C7E31A6F0887EA7357ADBEFE ] usbohci C:\Windows\System32\drivers\usbohci.sys
21:59:48.0706 0x1d28 usbohci - ok
21:59:48.0738 0x1d28 [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\Windows\System32\drivers\usbprint.sys
21:59:48.0791 0x1d28 usbprint - ok
21:59:48.0825 0x1d28 [ 9D168BFA334D47BE404367EB58D4E130, 23279CBE6ACBD074E7B268BA2EDA14E2255C41F8117173B2BBE653D8259ECFA2 ] USBSTOR C:\Windows\System32\drivers\USBSTOR.SYS
21:59:48.0853 0x1d28 USBSTOR - ok
21:59:48.0884 0x1d28 [ FC974B03C8B87455F44F734C8F31A3C8, D69F6EE8030F7DF96FF151D9EAA6AE65417ACAC5A267C7DB96E9611D5BC42D2C ] usbuhci C:\Windows\System32\drivers\usbuhci.sys
21:59:48.0914 0x1d28 usbuhci - ok
21:59:48.0953 0x1d28 [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
21:59:49.0008 0x1d28 usbvideo - ok
21:59:49.0047 0x1d28 [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI C:\Windows\System32\drivers\USBXHCI.SYS
21:59:49.0082 0x1d28 USBXHCI - ok
21:59:49.0106 0x1d28 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc C:\Windows\system32\lsass.exe
21:59:49.0131 0x1d28 VaultSvc - ok
21:59:49.0157 0x1d28 [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
21:59:49.0181 0x1d28 vdrvroot - ok
21:59:49.0262 0x1d28 [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds C:\Windows\System32\vds.exe
21:59:49.0361 0x1d28 vds - ok
21:59:49.0393 0x1d28 [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\Windows\system32\drivers\VerifierExt.sys
21:59:49.0422 0x1d28 VerifierExt - ok
21:59:49.0483 0x1d28 [ 8ABB4BABF59F092DF0B43778D8FD1884, 94C2100CE86448543A8DD586AD4A128AB9EB37959238D70F33EF59202270AC6C ] vhdmp C:\Windows\System32\drivers\vhdmp.sys
21:59:49.0551 0x1d28 vhdmp - ok
21:59:49.0570 0x1d28 [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\Windows\system32\drivers\viaide.sys
21:59:49.0595 0x1d28 viaide - ok
21:59:49.0618 0x1d28 [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus C:\Windows\system32\drivers\vmbus.sys
21:59:49.0642 0x1d28 vmbus - ok
21:59:49.0658 0x1d28 [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\Windows\System32\drivers\VMBusHID.sys
21:59:49.0702 0x1d28 VMBusHID - ok
21:59:49.0754 0x1d28 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\Windows\System32\ICSvc.dll
21:59:49.0814 0x1d28 vmicguestinterface - ok
21:59:49.0841 0x1d28 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat C:\Windows\System32\ICSvc.dll
21:59:49.0887 0x1d28 vmicheartbeat - ok
21:59:49.0916 0x1d28 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
21:59:49.0962 0x1d28 vmickvpexchange - ok
21:59:49.0991 0x1d28 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv C:\Windows\System32\ICSvc.dll
21:59:50.0037 0x1d28 vmicrdv - ok
21:59:50.0061 0x1d28 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown C:\Windows\System32\ICSvc.dll
21:59:50.0107 0x1d28 vmicshutdown - ok
21:59:50.0133 0x1d28 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync C:\Windows\System32\ICSvc.dll
21:59:50.0180 0x1d28 vmictimesync - ok
21:59:50.0208 0x1d28 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss C:\Windows\System32\ICSvc.dll
21:59:50.0252 0x1d28 vmicvss - ok
21:59:50.0279 0x1d28 [ 436E1A724E7E683F6B612D3D58F04241, 939B5EF0090DF3759295F88402FD0EA33F499DDA9F89E5D0E90D1F9AED65D491 ] volmgr C:\Windows\system32\drivers\volmgr.sys
21:59:50.0306 0x1d28 volmgr - ok
21:59:50.0353 0x1d28 [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:59:50.0399 0x1d28 volmgrx - ok
21:59:50.0447 0x1d28 [ 17F7B0F2298D97F4B6C7A69511033D3D, 5BDFC225F31553786726808FB7952940FC05CA72B3977D684056F42AFAA59565 ] volsnap C:\Windows\system32\drivers\volsnap.sys
21:59:50.0482 0x1d28 volsnap - ok
21:59:50.0512 0x1d28 [ DAC438FB5FF85A9E72806E2341D5D732, B1D1EFCA8C588A6BF53CEC941CC59702C366F15C7D5943431736EC857E57C0A2 ] vpci C:\Windows\System32\drivers\vpci.sys
21:59:50.0537 0x1d28 vpci - ok
21:59:50.0565 0x1d28 [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
21:59:50.0596 0x1d28 vsmraid - ok
21:59:50.0681 0x1d28 [ D0CBA7B3531CCF2ADB985856D5F92434, 7FCBBCAF1AA85DCE8D75FB38DC4848AE12E8DD913CEBBC37BCD3D0123F0A3CAB ] VSS C:\Windows\system32\vssvc.exe
21:59:50.0796 0x1d28 VSS - ok
21:59:50.0831 0x1d28 [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\Windows\system32\drivers\vstxraid.sys
21:59:50.0869 0x1d28 VSTXRAID - ok
21:59:50.0908 0x1d28 [ 71066FF95C487327E44C8AF1B72EBE8B, EA2729126B452CAE0C80D07501779D804B08E47F1217B61D53277B40869FEC25 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
21:59:50.0964 0x1d28 vwifibus - ok
21:59:51.0004 0x1d28 [ 29AB43937FFDA0B0FB56984226E698C6, 6A1A559964FE5D594E54988C46149969E6FFD5A8D5A6862E14648B608794CC29 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
21:59:51.0061 0x1d28 vwififlt - ok
21:59:51.0084 0x1d28 [ 8B8624A93E3F88CB923AEB05B6313227, 2856B63CD376BF2B1A9129581E7B9207588D4EAFD29A2C8D98F176FEAFDE26A9 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
21:59:51.0125 0x1d28 vwifimp - ok
21:59:51.0181 0x1d28 [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time C:\Windows\system32\w32time.dll
21:59:51.0257 0x1d28 W32Time - ok
21:59:51.0283 0x1d28 [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\Windows\System32\drivers\wacompen.sys
21:59:51.0326 0x1d28 WacomPen - ok
21:59:51.0440 0x1d28 [ 841345442390953CBC8801B95D3D0540, FD4F9FD2C4C60A1A580177FFF2E9035009AC6A38E78D4236B0ED4773E3B263EE ] wbengine C:\Windows\system32\wbengine.exe
21:59:51.0564 0x1d28 wbengine - ok
21:59:51.0626 0x1d28 [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
21:59:51.0701 0x1d28 WbioSrvc - ok
21:59:51.0760 0x1d28 [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc C:\Windows\System32\wcmsvc.dll
21:59:51.0836 0x1d28 Wcmsvc - ok
21:59:51.0875 0x1d28 [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:59:51.0940 0x1d28 wcncsvc - ok
21:59:51.0986 0x1d28 [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:59:52.0057 0x1d28 WcsPlugInService - ok
21:59:52.0105 0x1d28 [ 81285DDC994F03379DB46419300B2DCB, 98D3622E11F375718AEA1DE3B5F0104DDAB4F96B6D4C19788C14F7B338A6F235 ] WdBoot C:\Windows\system32\drivers\WdBoot.sys
21:59:52.0130 0x1d28 WdBoot - ok
21:59:52.0183 0x1d28 [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:59:52.0243 0x1d28 Wdf01000 - ok
21:59:52.0270 0x1d28 [ 26B8FED3F3B85F5F0C4BD03FD00B9941, 7F94FE7954498223B33C025258DB588A3AC9FF25C58EEAD204514FD20652FE40 ] WdFilter C:\Windows\system32\drivers\WdFilter.sys
21:59:52.0305 0x1d28 WdFilter - ok
21:59:52.0339 0x1d28 [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:59:52.0386 0x1d28 WdiServiceHost - ok
21:59:52.0400 0x1d28 [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:59:52.0447 0x1d28 WdiSystemHost - ok
21:59:52.0479 0x1d28 [ CE67080F00E0AF32755096CEA6430ABA, 0E5D626F9F76C0BC63B2D246AD66D9CBF7D92F34B56398417BCFD0C331DBD282 ] WdNisDrv C:\Windows\system32\Drivers\WdNisDrv.sys
21:59:52.0512 0x1d28 WdNisDrv - ok
21:59:52.0533 0x1d28 WdNisSvc - ok
21:59:52.0566 0x1d28 [ A70CAF5EA36CBA5FCA24244306D4D5C6, 76C3E20B62B89D9699A1E817377FAD70B144B877BCC5C850A5B64CC68184D8DA ] WebClient C:\Windows\System32\webclnt.dll
21:59:52.0637 0x1d28 WebClient - ok
21:59:52.0678 0x1d28 [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:59:52.0732 0x1d28 Wecsvc - ok
21:59:52.0760 0x1d28 [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC C:\Windows\system32\wephostsvc.dll
21:59:52.0803 0x1d28 WEPHOSTSVC - ok
21:59:52.0839 0x1d28 [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:59:52.0883 0x1d28 wercplsupport - ok
21:59:52.0920 0x1d28 [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc C:\Windows\System32\WerSvc.dll
21:59:52.0953 0x1d28 WerSvc - ok
21:59:52.0984 0x1d28 [ 715ABA3DD164D06457A2A3C92F6EA9D5, E6F8269D2FFC4A548B65724C0A3F53756ED15E47229861FBD40B656EE40FE166 ] WFPLWFS C:\Windows\system32\DRIVERS\wfplwfs.sys
21:59:53.0012 0x1d28 WFPLWFS - ok
21:59:53.0053 0x1d28 [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc C:\Windows\System32\wiarpc.dll
21:59:53.0094 0x1d28 WiaRpc - ok
21:59:53.0132 0x1d28 [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
21:59:53.0155 0x1d28 WIMMount - ok
21:59:53.0160 0x1d28 WinDefend - ok
21:59:53.0240 0x1d28 [ 0E70990EC2E5D2331AA5E88DB0CFB826, 79DFF565C3FCBC691E8FEB669CEC00E340FD2A2AFA4488D23A7CC63A2A98A5C1 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
21:59:53.0334 0x1d28 WinHttpAutoProxySvc - ok
21:59:53.0396 0x1d28 [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:59:53.0448 0x1d28 Winmgmt - ok
21:59:53.0570 0x1d28 [ 427873F889F2F508BE8BE982219CE578, CA8DCFB774BF0F747295A7A0CB46A6177DE12AD6BD58266182206C41A3C9001E ] WinRM C:\Windows\system32\WsmSvc.dll
21:59:53.0761 0x1d28 WinRM - ok
21:59:53.0821 0x1d28 [ 3AF1FA17F1C4ACBDB660D8F98B1A9C13, 99B0851410B462685F6705EBF832D10943FB9634030B02D15BF5D0C66F26F2C2 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
21:59:53.0882 0x1d28 WinUsb - ok
21:59:54.0030 0x1d28 [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc C:\Windows\System32\wlansvc.dll
21:59:54.0149 0x1d28 WlanSvc - ok
21:59:54.0231 0x1d28 [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc C:\Windows\system32\wlidsvc.dll
21:59:54.0342 0x1d28 wlidsvc - ok
21:59:54.0377 0x1d28 [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\Windows\System32\drivers\wmiacpi.sys
21:59:54.0410 0x1d28 WmiAcpi - ok
21:59:54.0463 0x1d28 [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:59:54.0506 0x1d28 wmiApSrv - ok
21:59:54.0530 0x1d28 WMPNetworkSvc - ok
21:59:54.0563 0x1d28 [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof C:\Windows\system32\drivers\Wof.sys
21:59:54.0591 0x1d28 Wof - ok
21:59:54.0690 0x1d28 [ EDFA5CEDBE174FAAA4A09A6B297AEA42, 5998FE15462E4AD9C7B1444E5E2C17BD470DA3A5D474A0A118E02E47DADC678A ] workfolderssvc C:\Windows\system32\workfolderssvc.dll
21:59:54.0801 0x1d28 workfolderssvc - ok
21:59:54.0831 0x1d28 [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr C:\Windows\system32\DRIVERS\wpcfltr.sys
21:59:54.0855 0x1d28 wpcfltr - ok
21:59:54.0892 0x1d28 [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:59:54.0948 0x1d28 WPCSvc - ok
21:59:54.0981 0x1d28 [ DBDCE2378F65F0A07D4644AC103037E7, 99714F0CD31297C9831BAF04768F467F6E0BF710C859CEDCA83069226BF1A68A ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:59:55.0049 0x1d28 WPDBusEnum - ok
21:59:55.0081 0x1d28 [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\Windows\system32\drivers\WpdUpFltr.sys
21:59:55.0102 0x1d28 WpdUpFltr - ok
21:59:55.0121 0x1d28 [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:59:55.0173 0x1d28 ws2ifsl - ok
21:59:55.0203 0x1d28 [ 501D5EFAB9711039479AE48401386D2B, C8C1184DE93E9D2C4E8A60E4E9980745C4E5470E5DA9B59165D18705330ADEFE ] wscsvc C:\Windows\System32\wscsvc.dll
21:59:55.0248 0x1d28 wscsvc - ok
21:59:55.0266 0x1d28 WSearch - ok
21:59:55.0670 0x1d28 [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService C:\Windows\System32\WSService.dll
21:59:55.0846 0x1d28 WSService - ok
21:59:56.0139 0x1d28 [ F3F60C88A6BBC8D0C68FE5B1C91181AF, AF9A4D282CD4BB1127BC3F48AB89DC294408D96F7906553C636F37D1503CFA48 ] wuauserv C:\Windows\system32\wuaueng.dll
21:59:56.0316 0x1d28 wuauserv - ok
21:59:56.0366 0x1d28 [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
21:59:56.0420 0x1d28 WudfPf - ok
21:59:56.0461 0x1d28 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd C:\Windows\System32\drivers\WUDFRd.sys
21:59:56.0504 0x1d28 WUDFRd - ok
21:59:56.0545 0x1d28 [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:59:56.0592 0x1d28 wudfsvc - ok
21:59:56.0616 0x1d28 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs C:\Windows\System32\drivers\WUDFRd.sys
21:59:56.0652 0x1d28 WUDFWpdFs - ok
21:59:56.0668 0x1d28 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp C:\Windows\system32\DRIVERS\WUDFRd.sys
21:59:56.0703 0x1d28 WUDFWpdMtp - ok
21:59:56.0764 0x1d28 [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc C:\Windows\System32\wwansvc.dll
21:59:56.0824 0x1d28 WwanSvc - ok
21:59:56.0853 0x1d28 ================ Scan global ===============================
21:59:56.0904 0x1d28 [ 3500AF0BA2EF095BF313EEB75D2366C6, C755E57B02BFA82151A182DF964349859575570EA5C3FBA81F747B8D2134A4D0 ] C:\Windows\system32\basesrv.dll
21:59:56.0949 0x1d28 [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\Windows\system32\winsrv.dll
21:59:57.0009 0x1d28 [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\Windows\system32\sxssrv.dll
21:59:57.0063 0x1d28 [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\Windows\system32\services.exe
21:59:57.0078 0x1d28 [ Global ] - ok
21:59:57.0079 0x1d28 ================ Scan MBR ==================================
21:59:57.0092 0x1d28 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
21:59:57.0198 0x1d28 \Device\Harddisk0\DR0 - ok
21:59:57.0201 0x1d28 ================ Scan VBR ==================================
21:59:57.0217 0x1d28 [ 0DB6C855F2008A699F70690D677CD1A0 ] \Device\Harddisk0\DR0\Partition1
21:59:57.0226 0x1d28 \Device\Harddisk0\DR0\Partition1 - ok
21:59:57.0268 0x1d28 [ 53DD2AAFE995F7E3A4BCE458A80A02D1 ] \Device\Harddisk0\DR0\Partition2
21:59:57.0274 0x1d28 \Device\Harddisk0\DR0\Partition2 - ok
21:59:57.0304 0x1d28 [ 9DF6EE3B3D77B2C80E2646ADE55EB073 ] \Device\Harddisk0\DR0\Partition3
21:59:57.0305 0x1d28 \Device\Harddisk0\DR0\Partition3 - ok
21:59:57.0331 0x1d28 [ 126FBAD101823976579A05DFC74FDF77 ] \Device\Harddisk0\DR0\Partition4
21:59:57.0338 0x1d28 \Device\Harddisk0\DR0\Partition4 - ok
21:59:57.0374 0x1d28 [ 89EB7DB2C993D1C17FB8B8427D3EA510 ] \Device\Harddisk0\DR0\Partition5
21:59:57.0381 0x1d28 \Device\Harddisk0\DR0\Partition5 - ok
21:59:57.0411 0x1d28 [ 6C1A715066525046F764F0878CB09349 ] \Device\Harddisk0\DR0\Partition6
21:59:57.0418 0x1d28 \Device\Harddisk0\DR0\Partition6 - ok
21:59:57.0420 0x1d28 ================ Scan generic autorun ======================
21:59:58.0039 0x1d28 [ DA2D7BED47EF71BDFEEDDEEE76C965FD, 79DB43FB6E84AD492E45DD7F58235D65DF0750AED8E1CEF287D9D1379106A953 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
21:59:58.0506 0x1d28 RTHDVCPL - ok
21:59:58.0743 0x1d28 [ A6A21A7D544675E98C040DA18904CF50, AACB578C297C7AC9FEBDAB4AD20235E5CFF6E3F260E76E6AE18D43DC57D69672 ] E:\PROGRAMME\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe
21:59:58.0851 0x1d28 Malwarebytes TrayApp - ok
21:59:58.0926 0x1d28 [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
21:59:58.0946 0x1d28 HP Software Update - ok
21:59:58.0978 0x1d28 Skype - ok
21:59:58.0991 0x1d28 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.207.0 ), 0x60110 ( disabled : outofdate )
21:59:58.0994 0x1d28 AV detected via SS2: McAfee Anti-Virus und Anti-Spyware, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 15.3.0.0 ), 0x51000 ( enabled : updated )
21:59:58.0996 0x1d28 FW detected via SS2: McAfee Firewall, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 15.3.0.0 ), 0x51010 ( enabled )
21:59:59.0073 0x1d28 ============================================================
21:59:59.0074 0x1d28 Scan finished
21:59:59.0074 0x1d28 ============================================================
21:59:59.0112 0x1da4 Detected object count: 0
21:59:59.0113 0x1da4 Actual detected object count: 0
Code:
ATTFilter Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 04.03.17
Scan-Zeit: 00:19
Protokolldatei: MBAM Scan1.txt
Administrator: Ja
-Softwaredaten-
Version: 3.0.6.1469
Komponentenversion: 1.0.50
Version des Aktualisierungspakets: 1.0.1064
Lizenz: Kostenlos
-Systemdaten-
Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: JENSBIANKALIEBE\Bianka
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 377715
Abgelaufene Zeit: 12 Min., 2 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)
Modul: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 1
PUP.Optional.HomePageHelper, HKU\S-1-5-21-3939777714-882395854-1159617953-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{00B03AEA-3904-11E5-827D-206A8ADE4140}, In Quarantäne, [14882], [185504],1.0.1064
Registrierungswert: 4
PUP.Optional.HomePageHelper, HKU\S-1-5-21-3939777714-882395854-1159617953-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{00B03AEA-3904-11E5-827D-206A8ADE4140}|FAVICONURL, In Quarantäne, [14882], [185504],1.0.1064
PUP.Optional.HomePageHelper, HKU\S-1-5-21-3939777714-882395854-1159617953-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{00B03AEA-3904-11E5-827D-206A8ADE4140}|FAVICONURLFALLBACK, In Quarantäne, [14882], [185504],1.0.1064
PUP.Optional.HomePageHelper, HKU\S-1-5-21-3939777714-882395854-1159617953-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{00B03AEA-3904-11E5-827D-206A8ADE4140}|TOPRESULTURL, In Quarantäne, [14882], [185504],1.0.1064
PUP.Optional.HomePageHelper, HKU\S-1-5-21-3939777714-882395854-1159617953-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{00B03AEA-3904-11E5-827D-206A8ADE4140}|URL, In Quarantäne, [14882], [185504],1.0.1064
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 1
PUP.Optional.Booking, C:\PROGRAM FILES\Booking.COM, In Quarantäne, [504], [310593],1.0.1064
Datei: 11
PUP.Optional.StartFenster.ShrtCln, C:\USERS\BIANKA\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\STARTFENSTER.LNK, In Quarantäne, [2687], [349853],1.0.1064
PUP.Optional.StartFenster.ShrtCln, C:\USERS\BIANKA\APPDATA\ROAMING\MICROSOFT\INTERNET EXPLORER\QUICK LAUNCH\STARTFENSTER.LNK, In Quarantäne, [2687], [349850],1.0.1064
PUP.Optional.Booking, C:\Program Files\Booking.COM\Booking.com.lnk, In Quarantäne, [504], [310593],1.0.1064
PUP.Optional.Booking, C:\Program Files\Booking.COM\Booking.ico, In Quarantäne, [504], [310593],1.0.1064
PUP.Optional.Booking, C:\Program Files\Booking.COM\StartURL.exe, In Quarantäne, [504], [310593],1.0.1064
PUP.Optional.Booking, C:\Program Files\Booking.COM\Version.txt, In Quarantäne, [504], [310593],1.0.1064
Trojan.Injector.MSIL, C:\USERS\BIANKA\APPDATA\LOCAL\TEMP\DMR\DMR_72.EXE, In Quarantäne, [32], [282333],1.0.1064
PUP.Optional.StartFenster.ShrtCln, C:\USERS\BIANKA\FAVORITES\STARTFENSTER.LNK, In Quarantäne, [2687], [349859],1.0.1064
PUP.Optional.WebSearch, C:\USERS\BIANKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2PTRWTJ5.DEFAULT\SEARCHPLUGINS\WEB SEARCH.XML, In Quarantäne, [10854], [244856],1.0.1064
PUP.Optional.StartFenster.ShrtCln, C:\USERS\BIANKA\FAVORITES\LINKS\STARTFENSTER.LNK, In Quarantäne, [2687], [349856],1.0.1064
PUP.Optional.StartFenster, C:\USERS\BIANKA\APPDATA\ROAMING\MICROSOFT\INTERNET EXPLORER\QUICK LAUNCH\USER PINNED\TASKBAR\STARTFENSTER.LNK, In Quarantäne, [2650], [350517],1.0.1064
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
(end)
Code:
ATTFilter Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 05.03.17
Scan-Zeit: 18:58
Protokolldatei: MBAM Scan2.txt
Administrator: Ja
-Softwaredaten-
Version: 3.0.6.1469
Komponentenversion: 1.0.50
Version des Aktualisierungspakets: 1.0.1432
Lizenz: Kostenlos
-Systemdaten-
Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: JENSBIANKALIEBE\Bianka
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 383956
Abgelaufene Zeit: 11 Min., 5 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)
Modul: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)
Registrierungswert: 0
(keine bösartigen Elemente erkannt)
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 1
Adware.ChinAd, C:\USERS\BIANKA\APPDATA\LOCAL\TEMP\DMR, In Quarantäne, [1416], [375557],1.0.1432
Datei: 1
Adware.ChinAd, C:\USERS\BIANKA\APPDATA\LOCAL\TEMP\DMR\CLFYAWKDOPHZKOIY.DAT, In Quarantäne, [1416], [375557],1.0.1432
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
(end)
Code:
ATTFilter Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 05.03.17
Scan-Zeit: 22:43
Protokolldatei: MBAM Scan3.txt
Administrator: Ja
-Softwaredaten-
Version: 3.0.6.1469
Komponentenversion: 1.0.50
Version des Aktualisierungspakets: 1.0.1434
Lizenz: Kostenlos
-Systemdaten-
Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: JENSBIANKALIEBE\Bianka
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 383973
Abgelaufene Zeit: 9 Min., 52 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)
Modul: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)
Registrierungswert: 0
(keine bösartigen Elemente erkannt)
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 0
(keine bösartigen Elemente erkannt)
Datei: 0
(keine bösartigen Elemente erkannt)
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
(end)
Danke, dass Du Dich darum kümmerst Matthias! Liebe Grüße! Bianka |
|
07.03.2017, 20:57
| #9 |
| /// TB-Ausbilder | Trojan.Injector.MSIL in Quarantäne, trotzdem funktioniert Google Chrome nicht Servus, Schritt 1 Downloade Dir bitte AdwCleaner auf deinen Desktop.
Schritt 2 Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Schritt 3
Bitte poste mit deiner nächsten Antwort
|
|
07.03.2017, 22:29
| #10 |
| | AdwCleanerCode:
ATTFilter # AdwCleaner v6.044 - Bericht erstellt am 07/03/2017 um 21:17:12
# Aktualisiert am 28/02/2017 von Malwarebytes
# Datenbank : 2017-03-07.1 [Server]
# Betriebssystem : Windows 8.1 Connected (X64)
# Benutzername : Bianka - JENSBIANKALIEBE
# Gestartet von : C:\Users\Bianka\Desktop\AdwCleaner_6.044.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support
***** [ Dienste ] *****
***** [ Ordner ] *****
[-] Ordner gelöscht: C:\Users\Bianka\AppData\Local\SweetLabs App Platform
[-] Ordner gelöscht: C:\ProgramData\Pokki
[#] Ordner mit Neustart gelöscht: C:\ProgramData\Application Data\Pokki
[-] Ordner gelöscht: C:\Program Files (x86)\Startfenster
[-] Ordner gelöscht: C:\Users\Default User\AppData\Local\Pokki
[#] Ordner mit Neustart gelöscht: C:\Users\Default\AppData\Local\Pokki
[-] Ordner gelöscht: C:\Users\Public\Pokki
***** [ Dateien ] *****
[-] Datei gelöscht: C:\Users\Bianka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki Start Menu.lnk
[-] Datei gelöscht: C:\Users\Bianka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
[-] Aufgabe gelöscht: SweetLabs App Platform
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel gelöscht: HKU\S-1-5-21-3939777714-882395854-1159617953-1001\Software\Classes\pokki
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Classes\pokki
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\pokki
[-] Schlüssel gelöscht: HKU\S-1-5-21-3939777714-882395854-1159617953-1001\Software\SweetLabs App Platform
[-] Schlüssel gelöscht: HKU\S-1-5-21-3939777714-882395854-1159617953-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_AP
[-] Schlüssel gelöscht: HKU\S-1-5-21-3939777714-882395854-1159617953-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_Start_Menu
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\SweetLabs App Platform
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_AP
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_Start_Menu
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Startfenster
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\SweetLabs App Platform
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_AP
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_Start_Menu
[-] Schlüssel gelöscht: HKU\S-1-5-21-3939777714-882395854-1159617953-1001\Software\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
[-] Schlüssel gelöscht: HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
[-] Schlüssel gelöscht: HKCU\Software\Classes\Directory\shell\pokki
[-] Schlüssel gelöscht: HKCU\Software\Classes\Drive\shell\pokki
[-] Schlüssel gelöscht: HKCU\Software\Classes\lnkfile\shell\pokki
***** [ Browser ] *****
[-] Firefox Einstellungen bereinigt: "browser.search.selectedEngine" - "Web Search"
[-] [C:\Users\Bianka\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Gelöscht: de.yhs4.search.yahoo.com
[-] [C:\Users\Bianka\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Gelöscht: homepage-web.com
[-] [C:\Users\Bianka\AppData\Local\Google\Chrome\User Data\Default] [homepage] Gelöscht: hxxp://homepage-web.com/?s=acer&m=home
*************************
:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: "Image File Execution Options" Schlüssel gelöscht
:: "Prefetch" Dateien gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Firewall Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
:: Chrome Einstellungen zurückgesetzt: C:\Users\Bianka\AppData\Local\Google\Chrome\User Data\Default
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [4673 Bytes] - [07/03/2017 21:17:12]
C:\AdwCleaner\AdwCleaner[S0].txt - [4312 Bytes] - [07/03/2017 21:07:28]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [4819 Bytes] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.1 (02.11.2017)
Operating System: Windows 8.1 Connected x64
Ran by Bianka (Administrator) on 07.03.2017 at 21:44:04,12
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 0
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 07.03.2017 at 21:49:46,50
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 05-03-2017
durchgeführt von Bianka (Administrator) auf JENSBIANKALIEBE (07-03-2017 21:53:08)
Gestartet von C:\Users\Bianka\Desktop
Geladene Profile: Bianka (Verfügbare Profile: Bianka)
Platform: Windows 8.1 Connected (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BBSvc.EXE
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Intel(R) Corporation) C:\Program Files\Intel Corporation\Intel(R) Technology Access\LegacyCsLoaderService.exe
(Intel(R) Corporation) C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMSvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Malwarebytes) E:\Programme\Malwarebytes\Anti-Malware\MBAMService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Quick Access\QASvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(Malwarebytes) E:\Programme\Malwarebytes\Anti-Malware\mbamtray.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\VSCore_15_6\mcapexe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\2.3.290.0\McCSPServiceHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Quick Access\RMSvc.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(acer) C:\Program Files\Packard Bell\User Experience Improvement Program\Framework\UBTService.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(McAfee, Inc.) C:\Program Files\McAfee\VirusScan\McVsShld.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.EXE
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672664 2014-06-30] (Realtek Semiconductor)
HKLM\...\Run: [Malwarebytes TrayApp] => E:\PROGRAMME\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2014-04-29] (Atheros Communications)
HKU\S-1-5-21-3939777714-882395854-1159617953-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27427808 2017-02-08] (Skype Technologies S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2016-08-26]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk [2014-11-21]
ShortcutTarget: Install LastPass FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk [2014-11-21]
ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe ()
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{C2DD1DA6-5C52-4B22-9AD4-AEFFB5517783}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{FDA7EFCC-8D4F-4528-998E-4C644058C139}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3939777714-882395854-1159617953-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
HKU\S-1-5-21-3939777714-882395854-1159617953-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=APJB
SearchScopes: HKU\S-1-5-21-3939777714-882395854-1159617953-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3939777714-882395854-1159617953-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3939777714-882395854-1159617953-1001 -> {69142CA1-E7F5-4C54-A9B4-81E7F99E8A45} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=B011DE453D20141008&p={SearchTerms}
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2014-11-21] (LastPass)
BHO: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll [2014-11-21] (LastPass)
BHO-x32: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2014-11-21] (LastPass)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll [2014-11-21] (LastPass)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2017-02-10] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2017-02-10] (McAfee, Inc.)
FireFox:
========
FF ProfilePath: C:\Users\Bianka\AppData\Roaming\Mozilla\Firefox\Profiles\2ptrwtj5.default [2017-03-05]
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\2ptrwtj5.default -> Sichere Suche
FF Homepage: Mozilla\Firefox\Profiles\2ptrwtj5.default -> hxxp://google.de/
FF Keyword.URL: Mozilla\Firefox\Profiles\2ptrwtj5.default -> hxxps://de.search.yahoo.com/search?fr=mcafee&type=C111DE453D20141008&p=
FF Extension: (LastPass) - C:\Users\Bianka\AppData\Roaming\Mozilla\Firefox\Profiles\2ptrwtj5.default\Extensions\support@lastpass.com [2015-09-24]
FF Extension: (Video DownloadHelper) - C:\Users\Bianka\AppData\Roaming\Mozilla\Firefox\Profiles\2ptrwtj5.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-09-20]
FF Extension: (McAfee WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2016-05-24]
FF SearchPlugin: C:\Users\Bianka\AppData\Roaming\Mozilla\Firefox\Profiles\2ptrwtj5.default\searchplugins\McSiteAdvisor.xml [2017-03-05]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2017-02-17] [ist nicht signiert]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2015-08-02]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-02-15] ()
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2014-11-21] (LastPass)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2017-02-10] ()
FF Plugin: @videolan.org/vlc,version=2.1.5 -> E:\Programme\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-15] ()
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2014-11-21] (LastPass)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2017-02-10] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-03-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-03-05] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3939777714-882395854-1159617953-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Bianka\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2016-08-31] (Citrix Online)
FF Plugin HKU\S-1-5-21-3939777714-882395854-1159617953-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\Bianka\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2017-02-28] (Zoom Video Communications, Inc.)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-04-27]
CHR HKLM\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3939777714-882395854-1159617953-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-04-27]
CHR HKLM-x32\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx
Opera:
=======
StartMenuInternet: (HKLM) OperaStable - E:\Programme\Opera\Launcher.exe
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [319104 2014-04-29] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert]
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [3053312 2014-06-26] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [2573032 2014-06-12] (Acer Incorporated)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Datei ist nicht signiert]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315376 2014-06-09] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation)
R2 Intel(R) Technology Access Legacy CS Loader; C:\Program Files\Intel Corporation\Intel(R) Technology Access\LegacyCsLoaderService.exe [144128 2015-07-31] (Intel(R) Corporation)
R2 Intel(R) TechnologyAccessService; C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe [481536 2015-07-31] (Intel(R) Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel Corporation)
R2 LMSvc; C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMSvc.exe [466664 2014-06-10] (Acer Incorporate)
R2 MBAMService; E:\Programme\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [188352 2017-02-22] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_15_6\McApExe.exe [989632 2017-01-23] (McAfee, Inc.)
R2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\2.3.290.0\\McCSPServiceHost.exe [2054080 2017-02-04] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [1342904 2017-02-01] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [241040 2016-11-14] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [383032 2016-11-14] (McAfee, Inc.)
R3 mfevtp; C:\Windows\system32\mfevtps.exe [342768 2016-11-14] (McAfee, Inc.)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1465840 2016-12-22] (McAfee, Inc.)
S3 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1104304 2016-11-15] (Intel Security, Inc.)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R3 QASvc; C:\Program Files\Packard Bell\Packard Bell Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 RMSvc; C:\Program Files\Packard Bell\Packard Bell Quick Access\RMSvc.exe [449768 2014-06-26] (Acer Incorporate)
R3 UEIPSvc; C:\Program Files\Packard Bell\User Experience Improvement Program\Framework\UBTService.exe [233216 2014-06-23] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S3 Intel(R) TA SAM; "C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe" [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3893248 2014-04-02] (Qualcomm Atheros Communications, Inc.)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-04-29] (Qualcomm Atheros)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [88456 2016-11-18] (McAfee, Inc.)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 GPIO; C:\Windows\System32\drivers\iaiogpioe.sys [31232 2014-06-09] (Intel Corporation)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [216704 2016-08-02] (McAfee, Inc.)
R3 iaioi2c; C:\Windows\System32\drivers\iaioi2ce.sys [69632 2014-06-09] (Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [251848 2017-03-07] (Malwarebytes)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [484576 2016-11-18] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [366320 2016-11-18] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [85048 2016-11-18] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [518184 2016-11-18] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [916432 2016-11-18] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [498152 2016-10-24] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [109336 2016-10-24] (McAfee, Inc.)
R3 mfeplk; C:\Windows\System32\drivers\mfeplk.sys [110248 2016-11-18] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [46240 2016-06-06] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [254800 2016-11-18] (McAfee, Inc.)
R1 ndisrd; C:\Windows\system32\DRIVERS\ndisrfl.sys [41688 2015-04-30] (Intel Corporation)
R3 NetTap630; C:\Windows\system32\DRIVERS\nettap630.sys [67800 2015-04-30] (Intel Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-03-07 21:49 - 2017-03-07 21:49 - 00000554 _____ C:\Users\Bianka\Desktop\JRT.txt
2017-03-07 21:44 - 2017-03-07 21:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2017-03-07 21:02 - 2017-03-07 21:17 - 00000000 ____D C:\AdwCleaner
2017-03-07 21:02 - 2017-03-07 21:00 - 01663736 _____ (Malwarebytes) C:\Users\Bianka\Desktop\JRT.exe
2017-03-07 21:02 - 2017-03-07 20:59 - 04031440 _____ C:\Users\Bianka\Desktop\AdwCleaner_6.044.exe
2017-03-07 17:03 - 2017-03-07 17:03 - 00001388 _____ C:\Users\Bianka\Desktop\MBAM Scan2.txt
2017-03-07 17:03 - 2017-03-07 17:03 - 00001247 _____ C:\Users\Bianka\Desktop\MBAM Scan3.txt
2017-03-07 16:47 - 2017-03-07 16:47 - 00003774 _____ C:\Users\Bianka\Desktop\MBAM Scan1.txt
2017-03-06 22:01 - 2017-03-06 22:02 - 00353729 _____ C:\Users\Bianka\Desktop\tdss-Killer.txt
2017-03-06 21:48 - 2017-03-06 23:06 - 00707548 _____ C:\TDSSKiller.3.1.0.12_06.03.2017_21.48.50_log.txt
2017-03-06 21:48 - 2017-03-06 21:14 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Bianka\Desktop\tdsskiller.exe
2017-03-06 21:19 - 2017-03-06 21:22 - 00042407 _____ C:\Users\Bianka\Desktop\Addition.txt
2017-03-06 21:15 - 2017-03-07 21:53 - 00021703 _____ C:\Users\Bianka\Desktop\FRST.txt
2017-03-06 21:14 - 2017-03-07 21:53 - 00000000 ____D C:\FRST
2017-03-06 21:13 - 2017-03-06 21:12 - 02423808 _____ (Farbar) C:\Users\Bianka\Desktop\FRST64.exe
2017-03-05 22:50 - 2017-03-05 23:37 - 00015645 _____ C:\Users\Bianka\Desktop\Brotrezept.odt
2017-03-05 19:30 - 2017-03-05 19:30 - 00002251 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-03-05 19:30 - 2017-03-05 19:30 - 00002239 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-03-05 19:29 - 2017-03-05 19:29 - 00003542 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-03-05 19:29 - 2017-03-05 19:29 - 00003414 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-03-04 13:52 - 2017-03-04 13:52 - 00133640 _____ (Zoom Video Communications, Inc.) C:\Users\Bianka\Downloads\Zoom_launcher (3).exe
2017-03-04 13:52 - 2017-03-04 13:52 - 00000000 ____D C:\Users\Bianka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2017-03-04 00:18 - 2017-03-07 21:41 - 00251848 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-03-04 00:17 - 2017-03-04 00:17 - 00000925 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-03-04 00:17 - 2017-03-04 00:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-03-04 00:17 - 2017-03-04 00:17 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-03-04 00:17 - 2017-01-20 07:47 - 00077416 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-03-03 19:17 - 2017-03-03 19:18 - 01129376 _____ (Google Inc.) C:\Users\Bianka\Downloads\ChromeSetup.exe
2017-03-01 21:25 - 2017-03-01 21:26 - 439608336 _____ C:\Users\Bianka\Downloads\Interview Bianca und Katharina Kongress Lebensfreude zoom_0.mp4
2017-03-01 11:56 - 2017-03-01 11:56 - 00133640 _____ (Zoom Video Communications, Inc.) C:\Users\Bianka\Downloads\Zoom_launcher (2).exe
2017-03-01 11:26 - 2017-03-01 11:26 - 00133640 _____ (Zoom Video Communications, Inc.) C:\Users\Bianka\Downloads\Zoom_launcher (1).exe
2017-03-01 10:29 - 2017-03-06 22:47 - 00000068 _____ C:\Users\Bianka\Desktop\LP.txt
2017-03-01 08:58 - 2017-03-04 14:52 - 00000000 ____D C:\Users\Bianka\Documents\Zoom
2017-03-01 08:52 - 2017-03-04 13:53 - 00001954 _____ C:\Users\Bianka\Desktop\Zoom.lnk
2017-03-01 08:51 - 2017-03-01 08:51 - 00133640 _____ (Zoom Video Communications, Inc.) C:\Users\Bianka\Downloads\Zoom_launcher.exe
2017-02-27 21:19 - 2017-02-27 21:19 - 01629144 _____ (Skype Technologies S.A.) C:\Users\Bianka\Downloads\SkypeSetup.exe
2017-02-26 20:43 - 2017-03-05 14:25 - 00033172 _____ C:\Users\Bianka\Desktop\eBookText (neu).odt
2017-02-25 21:56 - 2017-02-26 17:32 - 00000000 ____D C:\Users\Bianka\Desktop\Pure-Lebensfreude-Online-Kongress
2017-02-25 12:30 - 2017-02-26 22:35 - 00027994 _____ C:\Users\Bianka\Desktop\Whatsapp-Chat.txt
2017-02-24 19:18 - 2017-02-24 19:19 - 00000706 _____ C:\Users\Bianka\Desktop\Onlinekongresserläuterung.txt
2017-02-23 21:59 - 2017-02-23 23:23 - 00000300 _____ C:\Users\Bianka\Desktop\Impressum.txt
2017-02-17 21:51 - 2017-02-17 21:51 - 00046655 _____ C:\Users\Bianka\Downloads\PB_KAZ_KtoNr_0092294801_07-02-2017_0928.pdf
2017-02-15 16:16 - 2017-02-15 22:57 - 00000453 _____ C:\Users\Bianka\Desktop\Karima Stockmann.txt
2017-02-15 13:22 - 2017-02-15 16:16 - 00000274 _____ C:\Users\Bianka\Desktop\Franziska Luschas.txt
2017-02-15 13:10 - 2017-02-19 17:37 - 00000670 _____ C:\Users\Bianka\Desktop\Astrid Kuby.txt
2017-02-15 11:36 - 2017-02-15 13:10 - 00000183 _____ C:\Users\Bianka\Desktop\Berge.txt
2017-02-15 10:05 - 2017-02-15 11:36 - 00000288 _____ C:\Users\Bianka\Desktop\Silvia Maria Engel.txt
2017-02-06 21:51 - 2017-02-06 21:57 - 00003772 _____ C:\Users\Bianka\Desktop\Gunnar Kessler.txt
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-03-07 21:51 - 2014-10-08 17:47 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3939777714-882395854-1159617953-1001
2017-03-07 21:41 - 2016-01-30 14:09 - 00000000 ____D C:\Program Files (x86)\McAfee
2017-03-07 21:41 - 2014-10-08 17:45 - 00000000 ___DO C:\Users\Bianka\OneDrive
2017-03-07 21:41 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-03-07 21:39 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf
2017-03-07 21:25 - 2016-08-31 17:57 - 00000600 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3939777714-882395854-1159617953-1001.job
2017-03-07 21:25 - 2014-11-25 13:47 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-03-07 20:56 - 2014-08-10 10:06 - 00765582 _____ C:\Windows\system32\perfh007.dat
2017-03-07 20:56 - 2014-08-10 10:06 - 00159366 _____ C:\Windows\system32\perfc007.dat
2017-03-07 20:56 - 2014-03-18 10:47 - 01776918 _____ C:\Windows\system32\PerfStringBackup.INI
2017-03-07 20:54 - 2016-10-13 10:56 - 00019543 _____ C:\Users\Bianka\Desktop\Experten,Tel,EMail,Verein.ods
2017-03-07 20:54 - 2015-12-18 17:08 - 03708928 ___SH C:\Users\Bianka\Desktop\Thumbs.db
2017-03-07 20:33 - 2016-08-31 17:57 - 00000696 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-3939777714-882395854-1159617953-1001.job
2017-03-07 20:24 - 2017-01-03 00:13 - 00021942 _____ C:\Users\Bianka\Desktop\Haushaltsbuch 2017 .ods
2017-03-06 20:55 - 2016-09-14 11:24 - 00000000 ____D C:\Users\Bianka\Desktop\ExpertenBilderZ
2017-03-06 20:55 - 2016-09-14 11:21 - 00000000 ____D C:\Users\Bianka\Desktop\ExpertenBilderA
2017-03-06 20:54 - 2016-09-14 10:00 - 00000000 ____D C:\Users\Bianka\Desktop\ExpertenBilderBianka
2017-03-06 20:07 - 2016-06-18 11:56 - 00003068 _____ C:\Windows\System32\Tasks\McAfeeLogon
2017-03-06 20:07 - 2016-01-30 14:11 - 00000000 ____D C:\Windows\System32\Tasks\McAfee
2017-03-05 23:53 - 2016-03-19 21:00 - 00000000 ____D C:\Users\Bianka\Desktop\Fotos
2017-03-05 19:30 - 2014-10-08 18:31 - 00000000 ____D C:\Users\Bianka\AppData\Local\Google
2017-03-05 19:29 - 2014-10-08 18:31 - 00000000 ____D C:\Program Files (x86)\Google
2017-03-05 18:54 - 2014-10-08 17:40 - 00000000 ____D C:\Users\Bianka
2017-03-05 15:34 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\NDF
2017-03-05 15:08 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2017-03-05 14:41 - 2014-10-08 17:59 - 00000000 __SHD C:\Users\Bianka\AppData\LocalLow\EmieUserList
2017-03-05 14:41 - 2014-10-08 17:58 - 00000000 __SHD C:\Users\Bianka\AppData\LocalLow\EmieSiteList
2017-03-05 00:08 - 2014-11-05 20:14 - 00000000 ____D C:\Users\Bianka\AppData\Roaming\vlc
2017-03-04 13:52 - 2016-01-19 23:01 - 00000000 ____D C:\Users\Bianka\AppData\Roaming\Zoom
2017-03-04 10:24 - 2014-11-01 18:15 - 00000000 ____D C:\Users\Bianka\AppData\Local\CrashDumps
2017-03-03 20:16 - 2017-01-18 20:49 - 00013932 _____ C:\Users\Bianka\Desktop\RechnungenUmsatzsteuerFA 2016 (neu).ods
2017-03-01 10:17 - 2017-01-20 18:02 - 00000790 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2017-03-01 10:17 - 2014-11-25 10:54 - 00003862 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1416909253
2017-03-01 08:41 - 2016-04-10 17:57 - 00000000 ____D C:\Program Files\Common Files\logishrd
2017-02-28 22:47 - 2016-01-18 11:01 - 00000000 ____D C:\Users\Bianka\AppData\Roaming\Skype
2017-02-28 09:51 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\LiveKernelReports
2017-02-27 21:24 - 2016-01-18 10:59 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-02-27 21:24 - 2016-01-18 10:59 - 00000000 ____D C:\ProgramData\Skype
2017-02-27 20:29 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2017-02-27 20:23 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-02-25 21:54 - 2016-09-21 10:12 - 00001913 _____ C:\Users\Bianka\Desktop\Andre Loibl.txt
2017-02-23 23:30 - 2014-11-24 12:04 - 03101184 ___SH C:\Users\Bianka\Downloads\Thumbs.db
2017-02-23 22:21 - 2014-11-09 21:16 - 00000000 ____D C:\Windows\system32\MRT
2017-02-23 22:16 - 2014-11-09 21:16 - 138020592 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-02-22 23:10 - 2015-05-01 21:23 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-02-22 19:25 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
2017-02-22 19:21 - 2014-10-08 18:30 - 00000000 ____D C:\Users\Bianka\AppData\Local\Deployment
2017-02-22 18:54 - 2014-10-08 17:59 - 00000000 __SHD C:\Users\Bianka\AppData\Local\EmieUserList
2017-02-22 18:54 - 2014-10-08 17:59 - 00000000 __SHD C:\Users\Bianka\AppData\Local\EmieSiteList
2017-02-19 21:58 - 2016-10-26 11:38 - 00015533 _____ C:\Users\Bianka\Desktop\Thomas Schmelzer.txt
2017-02-19 17:55 - 2017-01-22 15:29 - 00000300 _____ C:\Users\Bianka\Desktop\Ina Rudolph.txt
2017-02-18 20:07 - 2016-08-31 17:57 - 00003712 _____ C:\Windows\System32\Tasks\G2MUploadTask-S-1-5-21-3939777714-882395854-1159617953-1001
2017-02-18 20:07 - 2016-08-31 17:57 - 00003616 _____ C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-3939777714-882395854-1159617953-1001
2017-02-17 21:41 - 2016-01-30 14:03 - 00000000 ____D C:\ProgramData\McAfee
2017-02-17 21:40 - 2016-01-30 14:03 - 00000000 ____D C:\Program Files\Common Files\McAfee
2017-02-17 21:40 - 2013-08-22 15:44 - 00377416 _____ C:\Windows\system32\FNTCACHE.DAT
2017-02-15 10:04 - 2017-01-11 13:47 - 00001529 _____ C:\Users\Bianka\Desktop\Ralf senftleben.txt
2017-02-15 08:25 - 2014-11-25 13:47 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-02-15 08:25 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-02-15 08:25 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\Macromed
2017-02-10 22:33 - 2013-08-22 16:36 - 00000000 ___HD C:\Windows\ELAMBKUP
2017-02-09 23:32 - 2016-09-21 09:11 - 00011681 _____ C:\Users\Bianka\Desktop\Recherche Experten.txt
2017-02-06 20:41 - 2016-10-12 23:26 - 00835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-02-06 20:41 - 2016-10-12 23:26 - 00177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-02-05 23:26 - 2017-01-25 00:24 - 00000000 ____D C:\Users\Bianka\Desktop\Bilder für Freebie
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-11-21 23:42 - 2014-11-21 23:42 - 14147584 _____ () C:\Program Files (x86)\Common Files\lpuninstall.exe
2014-08-10 01:06 - 2014-08-10 01:06 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-08-26 15:56 - 2016-08-26 16:06 - 0000369 _____ () C:\ProgramData\hpzinstall.log
Einige Dateien in TEMP:
====================
2014-11-25 13:50 - 2013-12-25 12:34 - 3832576 _____ (Acer Incorporated) C:\Users\Bianka\AppData\Local\Temp\AcerDocsSetup.exe
2015-02-15 04:36 - 2015-02-15 04:36 - 40696528 _____ (Intel Corporation) C:\Users\Bianka\AppData\Local\Temp\Intel_Technology_Access_Software.exe
2015-12-02 16:05 - 2015-12-02 16:05 - 0120336 _____ (McAfee, Inc.) C:\Users\Bianka\AppData\Local\Temp\McCSPInstall.dll
2015-12-28 12:03 - 2015-09-01 12:11 - 0162120 _____ (McAfee Inc.) C:\Users\Bianka\AppData\Local\Temp\mccspuninstall.exe
2015-02-25 21:34 - 2015-02-25 21:35 - 135518328 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct12DD.tmp.exe
2016-04-14 18:42 - 2016-04-14 18:42 - 63707840 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct1418.tmp.exe
2015-12-11 18:27 - 2015-12-11 18:28 - 62903592 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct15D4.tmp.exe
2015-07-19 20:04 - 2015-07-19 20:05 - 67099128 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct162A.tmp.exe
2015-12-13 20:55 - 2015-12-13 20:56 - 63066872 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct175F.tmp.exe
2015-06-01 21:18 - 2015-06-01 21:18 - 67289280 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct1ACA.tmp.exe
2016-07-29 10:58 - 2016-07-29 11:07 - 63953128 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct2AC4.tmp.exe
2015-06-01 21:12 - 2015-06-01 21:13 - 67289280 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct2CA5.tmp.exe
2015-03-15 20:41 - 2015-03-15 20:42 - 139274496 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct41EA.tmp.exe
2015-01-03 14:40 - 2015-01-03 14:41 - 87183720 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct56AC.tmp.exe
2014-12-21 17:32 - 2014-12-21 17:33 - 95168336 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct5732.tmp.exe
2015-10-10 11:31 - 2015-10-10 11:31 - 67197784 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct5807.tmp.exe
2015-01-31 18:54 - 2015-01-31 18:55 - 61865696 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct61D7.tmp.exe
2015-03-22 21:00 - 2015-03-22 21:01 - 109032712 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct6283.tmp.exe
2015-02-02 14:08 - 2015-02-02 14:08 - 61862488 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct7427.tmp.exe
2015-03-12 20:52 - 2015-03-12 20:53 - 139275384 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct8E2F.tmp.exe
2016-02-17 20:14 - 2016-02-17 20:15 - 63078856 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct95E1.tmp.exe
2015-05-30 20:40 - 2015-05-30 20:40 - 67289280 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct9687.tmp.exe
2014-11-21 22:11 - 2014-11-21 22:30 - 84041160 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct9889.tmp.exe
2015-05-09 12:23 - 2015-05-09 12:24 - 107701776 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct9CB4.tmp.exe
2015-07-25 17:53 - 2015-07-25 17:53 - 67096576 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct9CF6.tmp.exe
2015-06-01 21:09 - 2015-06-01 21:10 - 67289280 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octA56E.tmp.exe
2015-05-24 14:29 - 2015-05-24 14:29 - 66882760 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octA6A4.tmp.exe
2015-06-01 21:15 - 2015-06-01 21:15 - 67289280 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octAF39.tmp.exe
2016-07-25 14:27 - 2016-07-25 14:28 - 63953600 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octB45A.tmp.exe
2015-10-30 18:30 - 2015-10-30 18:31 - 64809432 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octB7E9.tmp.exe
2015-12-07 23:04 - 2015-12-07 23:05 - 62760704 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octBF1D.tmp.exe
2015-02-11 19:02 - 2015-02-11 19:02 - 61869384 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octC2C8.tmp.exe
2015-08-28 08:59 - 2015-08-28 09:00 - 67202952 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octC8F0.tmp.exe
2015-04-17 17:17 - 2015-04-17 17:18 - 107667040 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octCC20.tmp.exe
2016-09-20 20:37 - 2016-09-20 20:37 - 64108904 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octCD56.tmp.exe
2015-02-22 16:13 - 2015-02-22 16:14 - 135702664 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octD17A.tmp.exe
2014-12-19 19:14 - 2014-12-19 19:14 - 84724888 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octD1F5.tmp.exe
2015-02-23 22:55 - 2015-02-23 22:55 - 135702568 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octD819.tmp.exe
2015-03-16 22:58 - 2015-03-16 22:58 - 94958272 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octD8AF.tmp.exe
2016-03-15 22:21 - 2016-03-15 22:22 - 63142648 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octD992.tmp.exe
2016-03-10 23:11 - 2016-03-10 23:12 - 63143840 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octDB79.tmp.exe
2016-11-17 23:37 - 2016-11-17 23:37 - 64111920 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octDB9.tmp.exe
2014-10-08 18:23 - 2014-10-08 18:24 - 50678288 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octF10C.tmp.exe
2016-08-15 20:55 - 2016-08-15 20:55 - 7046480 _____ () C:\Users\Bianka\AppData\Local\Temp\paint.net.4.0.10.install.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-03-01 10:37
==================== Ende von FRST.txt ============================
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 05-03-2017
durchgeführt von Bianka (Administrator) auf JENSBIANKALIEBE (07-03-2017 21:53:08)
Gestartet von C:\Users\Bianka\Desktop
Geladene Profile: Bianka (Verfügbare Profile: Bianka)
Platform: Windows 8.1 Connected (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BBSvc.EXE
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Intel(R) Corporation) C:\Program Files\Intel Corporation\Intel(R) Technology Access\LegacyCsLoaderService.exe
(Intel(R) Corporation) C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMSvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Malwarebytes) E:\Programme\Malwarebytes\Anti-Malware\MBAMService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Quick Access\QASvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(Malwarebytes) E:\Programme\Malwarebytes\Anti-Malware\mbamtray.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\VSCore_15_6\mcapexe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\2.3.290.0\McCSPServiceHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Quick Access\RMSvc.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(acer) C:\Program Files\Packard Bell\User Experience Improvement Program\Framework\UBTService.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(McAfee, Inc.) C:\Program Files\McAfee\VirusScan\McVsShld.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.EXE
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672664 2014-06-30] (Realtek Semiconductor)
HKLM\...\Run: [Malwarebytes TrayApp] => E:\PROGRAMME\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2014-04-29] (Atheros Communications)
HKU\S-1-5-21-3939777714-882395854-1159617953-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27427808 2017-02-08] (Skype Technologies S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2016-08-26]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk [2014-11-21]
ShortcutTarget: Install LastPass FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk [2014-11-21]
ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe ()
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{C2DD1DA6-5C52-4B22-9AD4-AEFFB5517783}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{FDA7EFCC-8D4F-4528-998E-4C644058C139}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3939777714-882395854-1159617953-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
HKU\S-1-5-21-3939777714-882395854-1159617953-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=APJB
SearchScopes: HKU\S-1-5-21-3939777714-882395854-1159617953-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3939777714-882395854-1159617953-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3939777714-882395854-1159617953-1001 -> {69142CA1-E7F5-4C54-A9B4-81E7F99E8A45} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=B011DE453D20141008&p={SearchTerms}
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2014-11-21] (LastPass)
BHO: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll [2014-11-21] (LastPass)
BHO-x32: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2014-11-21] (LastPass)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll [2014-11-21] (LastPass)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2017-02-10] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2017-02-10] (McAfee, Inc.)
FireFox:
========
FF ProfilePath: C:\Users\Bianka\AppData\Roaming\Mozilla\Firefox\Profiles\2ptrwtj5.default [2017-03-05]
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\2ptrwtj5.default -> Sichere Suche
FF Homepage: Mozilla\Firefox\Profiles\2ptrwtj5.default -> hxxp://google.de/
FF Keyword.URL: Mozilla\Firefox\Profiles\2ptrwtj5.default -> hxxps://de.search.yahoo.com/search?fr=mcafee&type=C111DE453D20141008&p=
FF Extension: (LastPass) - C:\Users\Bianka\AppData\Roaming\Mozilla\Firefox\Profiles\2ptrwtj5.default\Extensions\support@lastpass.com [2015-09-24]
FF Extension: (Video DownloadHelper) - C:\Users\Bianka\AppData\Roaming\Mozilla\Firefox\Profiles\2ptrwtj5.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-09-20]
FF Extension: (McAfee WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2016-05-24]
FF SearchPlugin: C:\Users\Bianka\AppData\Roaming\Mozilla\Firefox\Profiles\2ptrwtj5.default\searchplugins\McSiteAdvisor.xml [2017-03-05]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2017-02-17] [ist nicht signiert]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2015-08-02]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-02-15] ()
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2014-11-21] (LastPass)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2017-02-10] ()
FF Plugin: @videolan.org/vlc,version=2.1.5 -> E:\Programme\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-15] ()
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2014-11-21] (LastPass)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2017-02-10] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-03-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-03-05] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3939777714-882395854-1159617953-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Bianka\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2016-08-31] (Citrix Online)
FF Plugin HKU\S-1-5-21-3939777714-882395854-1159617953-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\Bianka\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2017-02-28] (Zoom Video Communications, Inc.)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-04-27]
CHR HKLM\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3939777714-882395854-1159617953-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-04-27]
CHR HKLM-x32\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx
Opera:
=======
StartMenuInternet: (HKLM) OperaStable - E:\Programme\Opera\Launcher.exe
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [319104 2014-04-29] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert]
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [3053312 2014-06-26] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [2573032 2014-06-12] (Acer Incorporated)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Datei ist nicht signiert]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315376 2014-06-09] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation)
R2 Intel(R) Technology Access Legacy CS Loader; C:\Program Files\Intel Corporation\Intel(R) Technology Access\LegacyCsLoaderService.exe [144128 2015-07-31] (Intel(R) Corporation)
R2 Intel(R) TechnologyAccessService; C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe [481536 2015-07-31] (Intel(R) Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel Corporation)
R2 LMSvc; C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMSvc.exe [466664 2014-06-10] (Acer Incorporate)
R2 MBAMService; E:\Programme\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [188352 2017-02-22] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_15_6\McApExe.exe [989632 2017-01-23] (McAfee, Inc.)
R2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\2.3.290.0\\McCSPServiceHost.exe [2054080 2017-02-04] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [1342904 2017-02-01] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [241040 2016-11-14] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [383032 2016-11-14] (McAfee, Inc.)
R3 mfevtp; C:\Windows\system32\mfevtps.exe [342768 2016-11-14] (McAfee, Inc.)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1465840 2016-12-22] (McAfee, Inc.)
S3 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1104304 2016-11-15] (Intel Security, Inc.)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R3 QASvc; C:\Program Files\Packard Bell\Packard Bell Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 RMSvc; C:\Program Files\Packard Bell\Packard Bell Quick Access\RMSvc.exe [449768 2014-06-26] (Acer Incorporate)
R3 UEIPSvc; C:\Program Files\Packard Bell\User Experience Improvement Program\Framework\UBTService.exe [233216 2014-06-23] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S3 Intel(R) TA SAM; "C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe" [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3893248 2014-04-02] (Qualcomm Atheros Communications, Inc.)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-04-29] (Qualcomm Atheros)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [88456 2016-11-18] (McAfee, Inc.)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 GPIO; C:\Windows\System32\drivers\iaiogpioe.sys [31232 2014-06-09] (Intel Corporation)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [216704 2016-08-02] (McAfee, Inc.)
R3 iaioi2c; C:\Windows\System32\drivers\iaioi2ce.sys [69632 2014-06-09] (Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [251848 2017-03-07] (Malwarebytes)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [484576 2016-11-18] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [366320 2016-11-18] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [85048 2016-11-18] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [518184 2016-11-18] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [916432 2016-11-18] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [498152 2016-10-24] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [109336 2016-10-24] (McAfee, Inc.)
R3 mfeplk; C:\Windows\System32\drivers\mfeplk.sys [110248 2016-11-18] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [46240 2016-06-06] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [254800 2016-11-18] (McAfee, Inc.)
R1 ndisrd; C:\Windows\system32\DRIVERS\ndisrfl.sys [41688 2015-04-30] (Intel Corporation)
R3 NetTap630; C:\Windows\system32\DRIVERS\nettap630.sys [67800 2015-04-30] (Intel Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-03-07 21:49 - 2017-03-07 21:49 - 00000554 _____ C:\Users\Bianka\Desktop\JRT.txt
2017-03-07 21:44 - 2017-03-07 21:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2017-03-07 21:02 - 2017-03-07 21:17 - 00000000 ____D C:\AdwCleaner
2017-03-07 21:02 - 2017-03-07 21:00 - 01663736 _____ (Malwarebytes) C:\Users\Bianka\Desktop\JRT.exe
2017-03-07 21:02 - 2017-03-07 20:59 - 04031440 _____ C:\Users\Bianka\Desktop\AdwCleaner_6.044.exe
2017-03-07 17:03 - 2017-03-07 17:03 - 00001388 _____ C:\Users\Bianka\Desktop\MBAM Scan2.txt
2017-03-07 17:03 - 2017-03-07 17:03 - 00001247 _____ C:\Users\Bianka\Desktop\MBAM Scan3.txt
2017-03-07 16:47 - 2017-03-07 16:47 - 00003774 _____ C:\Users\Bianka\Desktop\MBAM Scan1.txt
2017-03-06 22:01 - 2017-03-06 22:02 - 00353729 _____ C:\Users\Bianka\Desktop\tdss-Killer.txt
2017-03-06 21:48 - 2017-03-06 23:06 - 00707548 _____ C:\TDSSKiller.3.1.0.12_06.03.2017_21.48.50_log.txt
2017-03-06 21:48 - 2017-03-06 21:14 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Bianka\Desktop\tdsskiller.exe
2017-03-06 21:19 - 2017-03-06 21:22 - 00042407 _____ C:\Users\Bianka\Desktop\Addition.txt
2017-03-06 21:15 - 2017-03-07 21:53 - 00021703 _____ C:\Users\Bianka\Desktop\FRST.txt
2017-03-06 21:14 - 2017-03-07 21:53 - 00000000 ____D C:\FRST
2017-03-06 21:13 - 2017-03-06 21:12 - 02423808 _____ (Farbar) C:\Users\Bianka\Desktop\FRST64.exe
2017-03-05 22:50 - 2017-03-05 23:37 - 00015645 _____ C:\Users\Bianka\Desktop\Brotrezept.odt
2017-03-05 19:30 - 2017-03-05 19:30 - 00002251 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-03-05 19:30 - 2017-03-05 19:30 - 00002239 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-03-05 19:29 - 2017-03-05 19:29 - 00003542 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-03-05 19:29 - 2017-03-05 19:29 - 00003414 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-03-04 13:52 - 2017-03-04 13:52 - 00133640 _____ (Zoom Video Communications, Inc.) C:\Users\Bianka\Downloads\Zoom_launcher (3).exe
2017-03-04 13:52 - 2017-03-04 13:52 - 00000000 ____D C:\Users\Bianka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2017-03-04 00:18 - 2017-03-07 21:41 - 00251848 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-03-04 00:17 - 2017-03-04 00:17 - 00000925 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-03-04 00:17 - 2017-03-04 00:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-03-04 00:17 - 2017-03-04 00:17 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-03-04 00:17 - 2017-01-20 07:47 - 00077416 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-03-03 19:17 - 2017-03-03 19:18 - 01129376 _____ (Google Inc.) C:\Users\Bianka\Downloads\ChromeSetup.exe
2017-03-01 21:25 - 2017-03-01 21:26 - 439608336 _____ C:\Users\Bianka\Downloads\Interview Bianca und Katharina Kongress Lebensfreude zoom_0.mp4
2017-03-01 11:56 - 2017-03-01 11:56 - 00133640 _____ (Zoom Video Communications, Inc.) C:\Users\Bianka\Downloads\Zoom_launcher (2).exe
2017-03-01 11:26 - 2017-03-01 11:26 - 00133640 _____ (Zoom Video Communications, Inc.) C:\Users\Bianka\Downloads\Zoom_launcher (1).exe
2017-03-01 10:29 - 2017-03-06 22:47 - 00000068 _____ C:\Users\Bianka\Desktop\LP.txt
2017-03-01 08:58 - 2017-03-04 14:52 - 00000000 ____D C:\Users\Bianka\Documents\Zoom
2017-03-01 08:52 - 2017-03-04 13:53 - 00001954 _____ C:\Users\Bianka\Desktop\Zoom.lnk
2017-03-01 08:51 - 2017-03-01 08:51 - 00133640 _____ (Zoom Video Communications, Inc.) C:\Users\Bianka\Downloads\Zoom_launcher.exe
2017-02-27 21:19 - 2017-02-27 21:19 - 01629144 _____ (Skype Technologies S.A.) C:\Users\Bianka\Downloads\SkypeSetup.exe
2017-02-26 20:43 - 2017-03-05 14:25 - 00033172 _____ C:\Users\Bianka\Desktop\eBookText (neu).odt
2017-02-25 21:56 - 2017-02-26 17:32 - 00000000 ____D C:\Users\Bianka\Desktop\Pure-Lebensfreude-Online-Kongress
2017-02-25 12:30 - 2017-02-26 22:35 - 00027994 _____ C:\Users\Bianka\Desktop\Whatsapp-Chat.txt
2017-02-24 19:18 - 2017-02-24 19:19 - 00000706 _____ C:\Users\Bianka\Desktop\Onlinekongresserläuterung.txt
2017-02-23 21:59 - 2017-02-23 23:23 - 00000300 _____ C:\Users\Bianka\Desktop\Impressum.txt
2017-02-17 21:51 - 2017-02-17 21:51 - 00046655 _____ C:\Users\Bianka\Downloads\PB_KAZ_KtoNr_0092294801_07-02-2017_0928.pdf
2017-02-15 16:16 - 2017-02-15 22:57 - 00000453 _____ C:\Users\Bianka\Desktop\Karima Stockmann.txt
2017-02-15 13:22 - 2017-02-15 16:16 - 00000274 _____ C:\Users\Bianka\Desktop\Franziska Luschas.txt
2017-02-15 13:10 - 2017-02-19 17:37 - 00000670 _____ C:\Users\Bianka\Desktop\Astrid Kuby.txt
2017-02-15 11:36 - 2017-02-15 13:10 - 00000183 _____ C:\Users\Bianka\Desktop\Berge.txt
2017-02-15 10:05 - 2017-02-15 11:36 - 00000288 _____ C:\Users\Bianka\Desktop\Silvia Maria Engel.txt
2017-02-06 21:51 - 2017-02-06 21:57 - 00003772 _____ C:\Users\Bianka\Desktop\Gunnar Kessler.txt
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-03-07 21:51 - 2014-10-08 17:47 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3939777714-882395854-1159617953-1001
2017-03-07 21:41 - 2016-01-30 14:09 - 00000000 ____D C:\Program Files (x86)\McAfee
2017-03-07 21:41 - 2014-10-08 17:45 - 00000000 ___DO C:\Users\Bianka\OneDrive
2017-03-07 21:41 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-03-07 21:39 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf
2017-03-07 21:25 - 2016-08-31 17:57 - 00000600 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3939777714-882395854-1159617953-1001.job
2017-03-07 21:25 - 2014-11-25 13:47 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-03-07 20:56 - 2014-08-10 10:06 - 00765582 _____ C:\Windows\system32\perfh007.dat
2017-03-07 20:56 - 2014-08-10 10:06 - 00159366 _____ C:\Windows\system32\perfc007.dat
2017-03-07 20:56 - 2014-03-18 10:47 - 01776918 _____ C:\Windows\system32\PerfStringBackup.INI
2017-03-07 20:54 - 2016-10-13 10:56 - 00019543 _____ C:\Users\Bianka\Desktop\Experten,Tel,EMail,Verein.ods
2017-03-07 20:54 - 2015-12-18 17:08 - 03708928 ___SH C:\Users\Bianka\Desktop\Thumbs.db
2017-03-07 20:33 - 2016-08-31 17:57 - 00000696 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-3939777714-882395854-1159617953-1001.job
2017-03-07 20:24 - 2017-01-03 00:13 - 00021942 _____ C:\Users\Bianka\Desktop\Haushaltsbuch 2017 .ods
2017-03-06 20:55 - 2016-09-14 11:24 - 00000000 ____D C:\Users\Bianka\Desktop\ExpertenBilderZ
2017-03-06 20:55 - 2016-09-14 11:21 - 00000000 ____D C:\Users\Bianka\Desktop\ExpertenBilderA
2017-03-06 20:54 - 2016-09-14 10:00 - 00000000 ____D C:\Users\Bianka\Desktop\ExpertenBilderBianka
2017-03-06 20:07 - 2016-06-18 11:56 - 00003068 _____ C:\Windows\System32\Tasks\McAfeeLogon
2017-03-06 20:07 - 2016-01-30 14:11 - 00000000 ____D C:\Windows\System32\Tasks\McAfee
2017-03-05 23:53 - 2016-03-19 21:00 - 00000000 ____D C:\Users\Bianka\Desktop\Fotos
2017-03-05 19:30 - 2014-10-08 18:31 - 00000000 ____D C:\Users\Bianka\AppData\Local\Google
2017-03-05 19:29 - 2014-10-08 18:31 - 00000000 ____D C:\Program Files (x86)\Google
2017-03-05 18:54 - 2014-10-08 17:40 - 00000000 ____D C:\Users\Bianka
2017-03-05 15:34 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\NDF
2017-03-05 15:08 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2017-03-05 14:41 - 2014-10-08 17:59 - 00000000 __SHD C:\Users\Bianka\AppData\LocalLow\EmieUserList
2017-03-05 14:41 - 2014-10-08 17:58 - 00000000 __SHD C:\Users\Bianka\AppData\LocalLow\EmieSiteList
2017-03-05 00:08 - 2014-11-05 20:14 - 00000000 ____D C:\Users\Bianka\AppData\Roaming\vlc
2017-03-04 13:52 - 2016-01-19 23:01 - 00000000 ____D C:\Users\Bianka\AppData\Roaming\Zoom
2017-03-04 10:24 - 2014-11-01 18:15 - 00000000 ____D C:\Users\Bianka\AppData\Local\CrashDumps
2017-03-03 20:16 - 2017-01-18 20:49 - 00013932 _____ C:\Users\Bianka\Desktop\RechnungenUmsatzsteuerFA 2016 (neu).ods
2017-03-01 10:17 - 2017-01-20 18:02 - 00000790 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2017-03-01 10:17 - 2014-11-25 10:54 - 00003862 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1416909253
2017-03-01 08:41 - 2016-04-10 17:57 - 00000000 ____D C:\Program Files\Common Files\logishrd
2017-02-28 22:47 - 2016-01-18 11:01 - 00000000 ____D C:\Users\Bianka\AppData\Roaming\Skype
2017-02-28 09:51 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\LiveKernelReports
2017-02-27 21:24 - 2016-01-18 10:59 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-02-27 21:24 - 2016-01-18 10:59 - 00000000 ____D C:\ProgramData\Skype
2017-02-27 20:29 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2017-02-27 20:23 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-02-25 21:54 - 2016-09-21 10:12 - 00001913 _____ C:\Users\Bianka\Desktop\Andre Loibl.txt
2017-02-23 23:30 - 2014-11-24 12:04 - 03101184 ___SH C:\Users\Bianka\Downloads\Thumbs.db
2017-02-23 22:21 - 2014-11-09 21:16 - 00000000 ____D C:\Windows\system32\MRT
2017-02-23 22:16 - 2014-11-09 21:16 - 138020592 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-02-22 23:10 - 2015-05-01 21:23 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-02-22 19:25 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
2017-02-22 19:21 - 2014-10-08 18:30 - 00000000 ____D C:\Users\Bianka\AppData\Local\Deployment
2017-02-22 18:54 - 2014-10-08 17:59 - 00000000 __SHD C:\Users\Bianka\AppData\Local\EmieUserList
2017-02-22 18:54 - 2014-10-08 17:59 - 00000000 __SHD C:\Users\Bianka\AppData\Local\EmieSiteList
2017-02-19 21:58 - 2016-10-26 11:38 - 00015533 _____ C:\Users\Bianka\Desktop\Thomas Schmelzer.txt
2017-02-19 17:55 - 2017-01-22 15:29 - 00000300 _____ C:\Users\Bianka\Desktop\Ina Rudolph.txt
2017-02-18 20:07 - 2016-08-31 17:57 - 00003712 _____ C:\Windows\System32\Tasks\G2MUploadTask-S-1-5-21-3939777714-882395854-1159617953-1001
2017-02-18 20:07 - 2016-08-31 17:57 - 00003616 _____ C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-3939777714-882395854-1159617953-1001
2017-02-17 21:41 - 2016-01-30 14:03 - 00000000 ____D C:\ProgramData\McAfee
2017-02-17 21:40 - 2016-01-30 14:03 - 00000000 ____D C:\Program Files\Common Files\McAfee
2017-02-17 21:40 - 2013-08-22 15:44 - 00377416 _____ C:\Windows\system32\FNTCACHE.DAT
2017-02-15 10:04 - 2017-01-11 13:47 - 00001529 _____ C:\Users\Bianka\Desktop\Ralf senftleben.txt
2017-02-15 08:25 - 2014-11-25 13:47 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-02-15 08:25 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-02-15 08:25 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\Macromed
2017-02-10 22:33 - 2013-08-22 16:36 - 00000000 ___HD C:\Windows\ELAMBKUP
2017-02-09 23:32 - 2016-09-21 09:11 - 00011681 _____ C:\Users\Bianka\Desktop\Recherche Experten.txt
2017-02-06 20:41 - 2016-10-12 23:26 - 00835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-02-06 20:41 - 2016-10-12 23:26 - 00177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-02-05 23:26 - 2017-01-25 00:24 - 00000000 ____D C:\Users\Bianka\Desktop\Bilder für Freebie
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-11-21 23:42 - 2014-11-21 23:42 - 14147584 _____ () C:\Program Files (x86)\Common Files\lpuninstall.exe
2014-08-10 01:06 - 2014-08-10 01:06 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-08-26 15:56 - 2016-08-26 16:06 - 0000369 _____ () C:\ProgramData\hpzinstall.log
Einige Dateien in TEMP:
====================
2014-11-25 13:50 - 2013-12-25 12:34 - 3832576 _____ (Acer Incorporated) C:\Users\Bianka\AppData\Local\Temp\AcerDocsSetup.exe
2015-02-15 04:36 - 2015-02-15 04:36 - 40696528 _____ (Intel Corporation) C:\Users\Bianka\AppData\Local\Temp\Intel_Technology_Access_Software.exe
2015-12-02 16:05 - 2015-12-02 16:05 - 0120336 _____ (McAfee, Inc.) C:\Users\Bianka\AppData\Local\Temp\McCSPInstall.dll
2015-12-28 12:03 - 2015-09-01 12:11 - 0162120 _____ (McAfee Inc.) C:\Users\Bianka\AppData\Local\Temp\mccspuninstall.exe
2015-02-25 21:34 - 2015-02-25 21:35 - 135518328 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct12DD.tmp.exe
2016-04-14 18:42 - 2016-04-14 18:42 - 63707840 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct1418.tmp.exe
2015-12-11 18:27 - 2015-12-11 18:28 - 62903592 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct15D4.tmp.exe
2015-07-19 20:04 - 2015-07-19 20:05 - 67099128 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct162A.tmp.exe
2015-12-13 20:55 - 2015-12-13 20:56 - 63066872 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct175F.tmp.exe
2015-06-01 21:18 - 2015-06-01 21:18 - 67289280 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct1ACA.tmp.exe
2016-07-29 10:58 - 2016-07-29 11:07 - 63953128 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct2AC4.tmp.exe
2015-06-01 21:12 - 2015-06-01 21:13 - 67289280 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct2CA5.tmp.exe
2015-03-15 20:41 - 2015-03-15 20:42 - 139274496 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct41EA.tmp.exe
2015-01-03 14:40 - 2015-01-03 14:41 - 87183720 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct56AC.tmp.exe
2014-12-21 17:32 - 2014-12-21 17:33 - 95168336 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct5732.tmp.exe
2015-10-10 11:31 - 2015-10-10 11:31 - 67197784 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct5807.tmp.exe
2015-01-31 18:54 - 2015-01-31 18:55 - 61865696 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct61D7.tmp.exe
2015-03-22 21:00 - 2015-03-22 21:01 - 109032712 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct6283.tmp.exe
2015-02-02 14:08 - 2015-02-02 14:08 - 61862488 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct7427.tmp.exe
2015-03-12 20:52 - 2015-03-12 20:53 - 139275384 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct8E2F.tmp.exe
2016-02-17 20:14 - 2016-02-17 20:15 - 63078856 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct95E1.tmp.exe
2015-05-30 20:40 - 2015-05-30 20:40 - 67289280 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct9687.tmp.exe
2014-11-21 22:11 - 2014-11-21 22:30 - 84041160 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct9889.tmp.exe
2015-05-09 12:23 - 2015-05-09 12:24 - 107701776 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct9CB4.tmp.exe
2015-07-25 17:53 - 2015-07-25 17:53 - 67096576 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct9CF6.tmp.exe
2015-06-01 21:09 - 2015-06-01 21:10 - 67289280 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octA56E.tmp.exe
2015-05-24 14:29 - 2015-05-24 14:29 - 66882760 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octA6A4.tmp.exe
2015-06-01 21:15 - 2015-06-01 21:15 - 67289280 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octAF39.tmp.exe
2016-07-25 14:27 - 2016-07-25 14:28 - 63953600 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octB45A.tmp.exe
2015-10-30 18:30 - 2015-10-30 18:31 - 64809432 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octB7E9.tmp.exe
2015-12-07 23:04 - 2015-12-07 23:05 - 62760704 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octBF1D.tmp.exe
2015-02-11 19:02 - 2015-02-11 19:02 - 61869384 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octC2C8.tmp.exe
2015-08-28 08:59 - 2015-08-28 09:00 - 67202952 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octC8F0.tmp.exe
2015-04-17 17:17 - 2015-04-17 17:18 - 107667040 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octCC20.tmp.exe
2016-09-20 20:37 - 2016-09-20 20:37 - 64108904 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octCD56.tmp.exe
2015-02-22 16:13 - 2015-02-22 16:14 - 135702664 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octD17A.tmp.exe
2014-12-19 19:14 - 2014-12-19 19:14 - 84724888 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octD1F5.tmp.exe
2015-02-23 22:55 - 2015-02-23 22:55 - 135702568 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octD819.tmp.exe
2015-03-16 22:58 - 2015-03-16 22:58 - 94958272 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octD8AF.tmp.exe
2016-03-15 22:21 - 2016-03-15 22:22 - 63142648 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octD992.tmp.exe
2016-03-10 23:11 - 2016-03-10 23:12 - 63143840 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octDB79.tmp.exe
2016-11-17 23:37 - 2016-11-17 23:37 - 64111920 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octDB9.tmp.exe
2014-10-08 18:23 - 2014-10-08 18:24 - 50678288 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octF10C.tmp.exe
2016-08-15 20:55 - 2016-08-15 20:55 - 7046480 _____ () C:\Users\Bianka\AppData\Local\Temp\paint.net.4.0.10.install.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-03-01 10:37
==================== Ende von FRST.txt ============================
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.1 (02.11.2017)
Operating System: Windows 8.1 Connected x64
Ran by Bianka (Administrator) on 07.03.2017 at 22:10:00,66
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 0
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 07.03.2017 at 22:13:41,46
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
07.03.2017, 22:30
| #11 |
| | FRST.txtCode:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 05-03-2017
durchgeführt von Bianka (Administrator) auf JENSBIANKALIEBE (07-03-2017 22:14:40)
Gestartet von C:\Users\Bianka\Desktop
Geladene Profile: Bianka (Verfügbare Profile: Bianka)
Platform: Windows 8.1 Connected (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Intel(R) Corporation) C:\Program Files\Intel Corporation\Intel(R) Technology Access\LegacyCsLoaderService.exe
(Intel(R) Corporation) C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMSvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Malwarebytes) E:\Programme\Malwarebytes\Anti-Malware\MBAMService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Quick Access\QASvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(Malwarebytes) E:\Programme\Malwarebytes\Anti-Malware\mbamtray.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\VSCore_15_6\mcapexe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\2.3.290.0\McCSPServiceHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Quick Access\RMSvc.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(acer) C:\Program Files\Packard Bell\User Experience Improvement Program\Framework\UBTService.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.EXE
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672664 2014-06-30] (Realtek Semiconductor)
HKLM\...\Run: [Malwarebytes TrayApp] => E:\PROGRAMME\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2014-04-29] (Atheros Communications)
HKU\S-1-5-21-3939777714-882395854-1159617953-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27427808 2017-02-08] (Skype Technologies S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2016-08-26]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk [2014-11-21]
ShortcutTarget: Install LastPass FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk [2014-11-21]
ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe ()
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{C2DD1DA6-5C52-4B22-9AD4-AEFFB5517783}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{FDA7EFCC-8D4F-4528-998E-4C644058C139}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3939777714-882395854-1159617953-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
HKU\S-1-5-21-3939777714-882395854-1159617953-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=APJB
SearchScopes: HKU\S-1-5-21-3939777714-882395854-1159617953-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3939777714-882395854-1159617953-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3939777714-882395854-1159617953-1001 -> {69142CA1-E7F5-4C54-A9B4-81E7F99E8A45} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=B011DE453D20141008&p={SearchTerms}
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2014-11-21] (LastPass)
BHO: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll [2014-11-21] (LastPass)
BHO-x32: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2014-11-21] (LastPass)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll [2014-11-21] (LastPass)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2017-02-10] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2017-02-10] (McAfee, Inc.)
FireFox:
========
FF ProfilePath: C:\Users\Bianka\AppData\Roaming\Mozilla\Firefox\Profiles\2ptrwtj5.default [2017-03-05]
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\2ptrwtj5.default -> Sichere Suche
FF Homepage: Mozilla\Firefox\Profiles\2ptrwtj5.default -> hxxp://google.de/
FF Keyword.URL: Mozilla\Firefox\Profiles\2ptrwtj5.default -> hxxps://de.search.yahoo.com/search?fr=mcafee&type=C111DE453D20141008&p=
FF Extension: (LastPass) - C:\Users\Bianka\AppData\Roaming\Mozilla\Firefox\Profiles\2ptrwtj5.default\Extensions\support@lastpass.com [2015-09-24]
FF Extension: (Video DownloadHelper) - C:\Users\Bianka\AppData\Roaming\Mozilla\Firefox\Profiles\2ptrwtj5.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-09-20]
FF Extension: (McAfee WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2016-05-24]
FF SearchPlugin: C:\Users\Bianka\AppData\Roaming\Mozilla\Firefox\Profiles\2ptrwtj5.default\searchplugins\McSiteAdvisor.xml [2017-03-05]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2017-02-17] [ist nicht signiert]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2015-08-02]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-02-15] ()
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2014-11-21] (LastPass)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2017-02-10] ()
FF Plugin: @videolan.org/vlc,version=2.1.5 -> E:\Programme\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-15] ()
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2014-11-21] (LastPass)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2017-02-10] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-03-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-03-05] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3939777714-882395854-1159617953-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Bianka\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2016-08-31] (Citrix Online)
FF Plugin HKU\S-1-5-21-3939777714-882395854-1159617953-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\Bianka\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2017-02-28] (Zoom Video Communications, Inc.)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-04-27]
CHR HKLM\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3939777714-882395854-1159617953-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-04-27]
CHR HKLM-x32\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx
Opera:
=======
StartMenuInternet: (HKLM) OperaStable - E:\Programme\Opera\Launcher.exe
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [319104 2014-04-29] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert]
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [3053312 2014-06-26] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [2573032 2014-06-12] (Acer Incorporated)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Datei ist nicht signiert]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315376 2014-06-09] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation)
R2 Intel(R) Technology Access Legacy CS Loader; C:\Program Files\Intel Corporation\Intel(R) Technology Access\LegacyCsLoaderService.exe [144128 2015-07-31] (Intel(R) Corporation)
R2 Intel(R) TechnologyAccessService; C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe [481536 2015-07-31] (Intel(R) Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel Corporation)
R2 LMSvc; C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMSvc.exe [466664 2014-06-10] (Acer Incorporate)
R2 MBAMService; E:\Programme\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [188352 2017-02-22] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_15_6\McApExe.exe [989632 2017-01-23] (McAfee, Inc.)
R2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\2.3.290.0\\McCSPServiceHost.exe [2054080 2017-02-04] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [1342904 2017-02-01] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [241040 2016-11-14] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [383032 2016-11-14] (McAfee, Inc.)
R3 mfevtp; C:\Windows\system32\mfevtps.exe [342768 2016-11-14] (McAfee, Inc.)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1465840 2016-12-22] (McAfee, Inc.)
S3 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1104304 2016-11-15] (Intel Security, Inc.)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R3 QASvc; C:\Program Files\Packard Bell\Packard Bell Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 RMSvc; C:\Program Files\Packard Bell\Packard Bell Quick Access\RMSvc.exe [449768 2014-06-26] (Acer Incorporate)
R3 UEIPSvc; C:\Program Files\Packard Bell\User Experience Improvement Program\Framework\UBTService.exe [233216 2014-06-23] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S3 Intel(R) TA SAM; "C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe" [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3893248 2014-04-02] (Qualcomm Atheros Communications, Inc.)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-04-29] (Qualcomm Atheros)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [88456 2016-11-18] (McAfee, Inc.)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 GPIO; C:\Windows\System32\drivers\iaiogpioe.sys [31232 2014-06-09] (Intel Corporation)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [216704 2016-08-02] (McAfee, Inc.)
R3 iaioi2c; C:\Windows\System32\drivers\iaioi2ce.sys [69632 2014-06-09] (Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [251848 2017-03-07] (Malwarebytes)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [484576 2016-11-18] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [366320 2016-11-18] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [85048 2016-11-18] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [518184 2016-11-18] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [916432 2016-11-18] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [498152 2016-10-24] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [109336 2016-10-24] (McAfee, Inc.)
R3 mfeplk; C:\Windows\System32\drivers\mfeplk.sys [110248 2016-11-18] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [46240 2016-06-06] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [254800 2016-11-18] (McAfee, Inc.)
R1 ndisrd; C:\Windows\system32\DRIVERS\ndisrfl.sys [41688 2015-04-30] (Intel Corporation)
R3 NetTap630; C:\Windows\system32\DRIVERS\nettap630.sys [67800 2015-04-30] (Intel Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-03-07 21:49 - 2017-03-07 22:13 - 00000554 _____ C:\Users\Bianka\Desktop\JRT.txt
2017-03-07 21:44 - 2017-03-07 21:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2017-03-07 21:02 - 2017-03-07 21:17 - 00000000 ____D C:\AdwCleaner
2017-03-07 21:02 - 2017-03-07 21:00 - 01663736 _____ (Malwarebytes) C:\Users\Bianka\Desktop\JRT.exe
2017-03-07 21:02 - 2017-03-07 20:59 - 04031440 _____ C:\Users\Bianka\Desktop\AdwCleaner_6.044.exe
2017-03-07 17:03 - 2017-03-07 17:03 - 00001388 _____ C:\Users\Bianka\Desktop\MBAM Scan2.txt
2017-03-07 17:03 - 2017-03-07 17:03 - 00001247 _____ C:\Users\Bianka\Desktop\MBAM Scan3.txt
2017-03-07 16:47 - 2017-03-07 16:47 - 00003774 _____ C:\Users\Bianka\Desktop\MBAM Scan1.txt
2017-03-06 22:01 - 2017-03-06 22:02 - 00353729 _____ C:\Users\Bianka\Desktop\tdss-Killer.txt
2017-03-06 21:48 - 2017-03-06 23:06 - 00707548 _____ C:\TDSSKiller.3.1.0.12_06.03.2017_21.48.50_log.txt
2017-03-06 21:48 - 2017-03-06 21:14 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Bianka\Desktop\tdsskiller.exe
2017-03-06 21:19 - 2017-03-07 21:56 - 00033939 _____ C:\Users\Bianka\Desktop\Addition.txt
2017-03-06 21:15 - 2017-03-07 22:14 - 00021553 _____ C:\Users\Bianka\Desktop\FRST.txt
2017-03-06 21:14 - 2017-03-07 22:14 - 00000000 ____D C:\FRST
2017-03-06 21:13 - 2017-03-06 21:12 - 02423808 _____ (Farbar) C:\Users\Bianka\Desktop\FRST64.exe
2017-03-05 22:50 - 2017-03-05 23:37 - 00015645 _____ C:\Users\Bianka\Desktop\Brotrezept.odt
2017-03-05 19:30 - 2017-03-05 19:30 - 00002251 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-03-05 19:30 - 2017-03-05 19:30 - 00002239 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-03-05 19:29 - 2017-03-05 19:29 - 00003542 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-03-05 19:29 - 2017-03-05 19:29 - 00003414 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-03-04 13:52 - 2017-03-04 13:52 - 00133640 _____ (Zoom Video Communications, Inc.) C:\Users\Bianka\Downloads\Zoom_launcher (3).exe
2017-03-04 13:52 - 2017-03-04 13:52 - 00000000 ____D C:\Users\Bianka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2017-03-04 00:18 - 2017-03-07 21:41 - 00251848 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-03-04 00:17 - 2017-03-04 00:17 - 00000925 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-03-04 00:17 - 2017-03-04 00:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-03-04 00:17 - 2017-03-04 00:17 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-03-04 00:17 - 2017-01-20 07:47 - 00077416 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-03-03 19:17 - 2017-03-03 19:18 - 01129376 _____ (Google Inc.) C:\Users\Bianka\Downloads\ChromeSetup.exe
2017-03-01 21:25 - 2017-03-01 21:26 - 439608336 _____ C:\Users\Bianka\Downloads\Interview Bianca und Katharina Kongress Lebensfreude zoom_0.mp4
2017-03-01 11:56 - 2017-03-01 11:56 - 00133640 _____ (Zoom Video Communications, Inc.) C:\Users\Bianka\Downloads\Zoom_launcher (2).exe
2017-03-01 11:26 - 2017-03-01 11:26 - 00133640 _____ (Zoom Video Communications, Inc.) C:\Users\Bianka\Downloads\Zoom_launcher (1).exe
2017-03-01 10:29 - 2017-03-06 22:47 - 00000068 _____ C:\Users\Bianka\Desktop\LP.txt
2017-03-01 08:58 - 2017-03-04 14:52 - 00000000 ____D C:\Users\Bianka\Documents\Zoom
2017-03-01 08:52 - 2017-03-04 13:53 - 00001954 _____ C:\Users\Bianka\Desktop\Zoom.lnk
2017-03-01 08:51 - 2017-03-01 08:51 - 00133640 _____ (Zoom Video Communications, Inc.) C:\Users\Bianka\Downloads\Zoom_launcher.exe
2017-02-27 21:19 - 2017-02-27 21:19 - 01629144 _____ (Skype Technologies S.A.) C:\Users\Bianka\Downloads\SkypeSetup.exe
2017-02-26 20:43 - 2017-03-05 14:25 - 00033172 _____ C:\Users\Bianka\Desktop\eBookText (neu).odt
2017-02-25 21:56 - 2017-02-26 17:32 - 00000000 ____D C:\Users\Bianka\Desktop\Pure-Lebensfreude-Online-Kongress
2017-02-25 12:30 - 2017-02-26 22:35 - 00027994 _____ C:\Users\Bianka\Desktop\Whatsapp-Chat.txt
2017-02-24 19:18 - 2017-02-24 19:19 - 00000706 _____ C:\Users\Bianka\Desktop\Onlinekongresserläuterung.txt
2017-02-23 21:59 - 2017-02-23 23:23 - 00000300 _____ C:\Users\Bianka\Desktop\Impressum.txt
2017-02-17 21:51 - 2017-02-17 21:51 - 00046655 _____ C:\Users\Bianka\Downloads\PB_KAZ_KtoNr_0092294801_07-02-2017_0928.pdf
2017-02-15 16:16 - 2017-02-15 22:57 - 00000453 _____ C:\Users\Bianka\Desktop\Karima Stockmann.txt
2017-02-15 13:22 - 2017-02-15 16:16 - 00000274 _____ C:\Users\Bianka\Desktop\Franziska Luschas.txt
2017-02-15 13:10 - 2017-02-19 17:37 - 00000670 _____ C:\Users\Bianka\Desktop\Astrid Kuby.txt
2017-02-15 11:36 - 2017-02-15 13:10 - 00000183 _____ C:\Users\Bianka\Desktop\Berge.txt
2017-02-15 10:05 - 2017-02-15 11:36 - 00000288 _____ C:\Users\Bianka\Desktop\Silvia Maria Engel.txt
2017-02-06 21:51 - 2017-02-06 21:57 - 00003772 _____ C:\Users\Bianka\Desktop\Gunnar Kessler.txt
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-03-07 21:57 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf
2017-03-07 21:51 - 2014-10-08 17:47 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3939777714-882395854-1159617953-1001
2017-03-07 21:41 - 2016-01-30 14:09 - 00000000 ____D C:\Program Files (x86)\McAfee
2017-03-07 21:41 - 2014-10-08 17:45 - 00000000 ___DO C:\Users\Bianka\OneDrive
2017-03-07 21:41 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-03-07 21:25 - 2016-08-31 17:57 - 00000600 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3939777714-882395854-1159617953-1001.job
2017-03-07 21:25 - 2014-11-25 13:47 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-03-07 20:56 - 2014-08-10 10:06 - 00765582 _____ C:\Windows\system32\perfh007.dat
2017-03-07 20:56 - 2014-08-10 10:06 - 00159366 _____ C:\Windows\system32\perfc007.dat
2017-03-07 20:56 - 2014-03-18 10:47 - 01776918 _____ C:\Windows\system32\PerfStringBackup.INI
2017-03-07 20:54 - 2016-10-13 10:56 - 00019543 _____ C:\Users\Bianka\Desktop\Experten,Tel,EMail,Verein.ods
2017-03-07 20:54 - 2015-12-18 17:08 - 03708928 ___SH C:\Users\Bianka\Desktop\Thumbs.db
2017-03-07 20:33 - 2016-08-31 17:57 - 00000696 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-3939777714-882395854-1159617953-1001.job
2017-03-07 20:24 - 2017-01-03 00:13 - 00021942 _____ C:\Users\Bianka\Desktop\Haushaltsbuch 2017 .ods
2017-03-06 20:55 - 2016-09-14 11:24 - 00000000 ____D C:\Users\Bianka\Desktop\ExpertenBilderZ
2017-03-06 20:55 - 2016-09-14 11:21 - 00000000 ____D C:\Users\Bianka\Desktop\ExpertenBilderA
2017-03-06 20:54 - 2016-09-14 10:00 - 00000000 ____D C:\Users\Bianka\Desktop\ExpertenBilderBianka
2017-03-06 20:07 - 2016-06-18 11:56 - 00003068 _____ C:\Windows\System32\Tasks\McAfeeLogon
2017-03-06 20:07 - 2016-01-30 14:11 - 00000000 ____D C:\Windows\System32\Tasks\McAfee
2017-03-05 23:53 - 2016-03-19 21:00 - 00000000 ____D C:\Users\Bianka\Desktop\Fotos
2017-03-05 19:30 - 2014-10-08 18:31 - 00000000 ____D C:\Users\Bianka\AppData\Local\Google
2017-03-05 19:29 - 2014-10-08 18:31 - 00000000 ____D C:\Program Files (x86)\Google
2017-03-05 18:54 - 2014-10-08 17:40 - 00000000 ____D C:\Users\Bianka
2017-03-05 15:34 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\NDF
2017-03-05 15:08 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2017-03-05 14:41 - 2014-10-08 17:59 - 00000000 __SHD C:\Users\Bianka\AppData\LocalLow\EmieUserList
2017-03-05 14:41 - 2014-10-08 17:58 - 00000000 __SHD C:\Users\Bianka\AppData\LocalLow\EmieSiteList
2017-03-05 00:08 - 2014-11-05 20:14 - 00000000 ____D C:\Users\Bianka\AppData\Roaming\vlc
2017-03-04 13:52 - 2016-01-19 23:01 - 00000000 ____D C:\Users\Bianka\AppData\Roaming\Zoom
2017-03-04 10:24 - 2014-11-01 18:15 - 00000000 ____D C:\Users\Bianka\AppData\Local\CrashDumps
2017-03-03 20:16 - 2017-01-18 20:49 - 00013932 _____ C:\Users\Bianka\Desktop\RechnungenUmsatzsteuerFA 2016 (neu).ods
2017-03-01 10:17 - 2017-01-20 18:02 - 00000790 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2017-03-01 10:17 - 2014-11-25 10:54 - 00003862 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1416909253
2017-03-01 08:41 - 2016-04-10 17:57 - 00000000 ____D C:\Program Files\Common Files\logishrd
2017-02-28 22:47 - 2016-01-18 11:01 - 00000000 ____D C:\Users\Bianka\AppData\Roaming\Skype
2017-02-28 09:51 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\LiveKernelReports
2017-02-27 21:24 - 2016-01-18 10:59 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-02-27 21:24 - 2016-01-18 10:59 - 00000000 ____D C:\ProgramData\Skype
2017-02-27 20:29 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2017-02-27 20:23 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-02-25 21:54 - 2016-09-21 10:12 - 00001913 _____ C:\Users\Bianka\Desktop\Andre Loibl.txt
2017-02-23 23:30 - 2014-11-24 12:04 - 03101184 ___SH C:\Users\Bianka\Downloads\Thumbs.db
2017-02-23 22:21 - 2014-11-09 21:16 - 00000000 ____D C:\Windows\system32\MRT
2017-02-23 22:16 - 2014-11-09 21:16 - 138020592 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-02-22 23:10 - 2015-05-01 21:23 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-02-22 19:25 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
2017-02-22 19:21 - 2014-10-08 18:30 - 00000000 ____D C:\Users\Bianka\AppData\Local\Deployment
2017-02-22 18:54 - 2014-10-08 17:59 - 00000000 __SHD C:\Users\Bianka\AppData\Local\EmieUserList
2017-02-22 18:54 - 2014-10-08 17:59 - 00000000 __SHD C:\Users\Bianka\AppData\Local\EmieSiteList
2017-02-19 21:58 - 2016-10-26 11:38 - 00015533 _____ C:\Users\Bianka\Desktop\Thomas Schmelzer.txt
2017-02-19 17:55 - 2017-01-22 15:29 - 00000300 _____ C:\Users\Bianka\Desktop\Ina Rudolph.txt
2017-02-18 20:07 - 2016-08-31 17:57 - 00003712 _____ C:\Windows\System32\Tasks\G2MUploadTask-S-1-5-21-3939777714-882395854-1159617953-1001
2017-02-18 20:07 - 2016-08-31 17:57 - 00003616 _____ C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-3939777714-882395854-1159617953-1001
2017-02-17 21:41 - 2016-01-30 14:03 - 00000000 ____D C:\ProgramData\McAfee
2017-02-17 21:40 - 2016-01-30 14:03 - 00000000 ____D C:\Program Files\Common Files\McAfee
2017-02-17 21:40 - 2013-08-22 15:44 - 00377416 _____ C:\Windows\system32\FNTCACHE.DAT
2017-02-15 10:04 - 2017-01-11 13:47 - 00001529 _____ C:\Users\Bianka\Desktop\Ralf senftleben.txt
2017-02-15 08:25 - 2014-11-25 13:47 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-02-15 08:25 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-02-15 08:25 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\Macromed
2017-02-10 22:33 - 2013-08-22 16:36 - 00000000 ___HD C:\Windows\ELAMBKUP
2017-02-09 23:32 - 2016-09-21 09:11 - 00011681 _____ C:\Users\Bianka\Desktop\Recherche Experten.txt
2017-02-06 20:41 - 2016-10-12 23:26 - 00835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-02-06 20:41 - 2016-10-12 23:26 - 00177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-02-05 23:26 - 2017-01-25 00:24 - 00000000 ____D C:\Users\Bianka\Desktop\Bilder für Freebie
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-11-21 23:42 - 2014-11-21 23:42 - 14147584 _____ () C:\Program Files (x86)\Common Files\lpuninstall.exe
2014-08-10 01:06 - 2014-08-10 01:06 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-08-26 15:56 - 2016-08-26 16:06 - 0000369 _____ () C:\ProgramData\hpzinstall.log
Einige Dateien in TEMP:
====================
2014-11-25 13:50 - 2013-12-25 12:34 - 3832576 _____ (Acer Incorporated) C:\Users\Bianka\AppData\Local\Temp\AcerDocsSetup.exe
2015-02-15 04:36 - 2015-02-15 04:36 - 40696528 _____ (Intel Corporation) C:\Users\Bianka\AppData\Local\Temp\Intel_Technology_Access_Software.exe
2015-12-02 16:05 - 2015-12-02 16:05 - 0120336 _____ (McAfee, Inc.) C:\Users\Bianka\AppData\Local\Temp\McCSPInstall.dll
2015-12-28 12:03 - 2015-09-01 12:11 - 0162120 _____ (McAfee Inc.) C:\Users\Bianka\AppData\Local\Temp\mccspuninstall.exe
2015-02-25 21:34 - 2015-02-25 21:35 - 135518328 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct12DD.tmp.exe
2016-04-14 18:42 - 2016-04-14 18:42 - 63707840 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct1418.tmp.exe
2015-12-11 18:27 - 2015-12-11 18:28 - 62903592 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct15D4.tmp.exe
2015-07-19 20:04 - 2015-07-19 20:05 - 67099128 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct162A.tmp.exe
2015-12-13 20:55 - 2015-12-13 20:56 - 63066872 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct175F.tmp.exe
2015-06-01 21:18 - 2015-06-01 21:18 - 67289280 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct1ACA.tmp.exe
2016-07-29 10:58 - 2016-07-29 11:07 - 63953128 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct2AC4.tmp.exe
2015-06-01 21:12 - 2015-06-01 21:13 - 67289280 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct2CA5.tmp.exe
2015-03-15 20:41 - 2015-03-15 20:42 - 139274496 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct41EA.tmp.exe
2015-01-03 14:40 - 2015-01-03 14:41 - 87183720 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct56AC.tmp.exe
2014-12-21 17:32 - 2014-12-21 17:33 - 95168336 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct5732.tmp.exe
2015-10-10 11:31 - 2015-10-10 11:31 - 67197784 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct5807.tmp.exe
2015-01-31 18:54 - 2015-01-31 18:55 - 61865696 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct61D7.tmp.exe
2015-03-22 21:00 - 2015-03-22 21:01 - 109032712 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct6283.tmp.exe
2015-02-02 14:08 - 2015-02-02 14:08 - 61862488 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct7427.tmp.exe
2015-03-12 20:52 - 2015-03-12 20:53 - 139275384 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct8E2F.tmp.exe
2016-02-17 20:14 - 2016-02-17 20:15 - 63078856 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct95E1.tmp.exe
2015-05-30 20:40 - 2015-05-30 20:40 - 67289280 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct9687.tmp.exe
2014-11-21 22:11 - 2014-11-21 22:30 - 84041160 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct9889.tmp.exe
2015-05-09 12:23 - 2015-05-09 12:24 - 107701776 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct9CB4.tmp.exe
2015-07-25 17:53 - 2015-07-25 17:53 - 67096576 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct9CF6.tmp.exe
2015-06-01 21:09 - 2015-06-01 21:10 - 67289280 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octA56E.tmp.exe
2015-05-24 14:29 - 2015-05-24 14:29 - 66882760 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octA6A4.tmp.exe
2015-06-01 21:15 - 2015-06-01 21:15 - 67289280 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octAF39.tmp.exe
2016-07-25 14:27 - 2016-07-25 14:28 - 63953600 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octB45A.tmp.exe
2015-10-30 18:30 - 2015-10-30 18:31 - 64809432 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octB7E9.tmp.exe
2015-12-07 23:04 - 2015-12-07 23:05 - 62760704 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octBF1D.tmp.exe
2015-02-11 19:02 - 2015-02-11 19:02 - 61869384 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octC2C8.tmp.exe
2015-08-28 08:59 - 2015-08-28 09:00 - 67202952 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octC8F0.tmp.exe
2015-04-17 17:17 - 2015-04-17 17:18 - 107667040 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octCC20.tmp.exe
2016-09-20 20:37 - 2016-09-20 20:37 - 64108904 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octCD56.tmp.exe
2015-02-22 16:13 - 2015-02-22 16:14 - 135702664 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octD17A.tmp.exe
2014-12-19 19:14 - 2014-12-19 19:14 - 84724888 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octD1F5.tmp.exe
2015-02-23 22:55 - 2015-02-23 22:55 - 135702568 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octD819.tmp.exe
2015-03-16 22:58 - 2015-03-16 22:58 - 94958272 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octD8AF.tmp.exe
2016-03-15 22:21 - 2016-03-15 22:22 - 63142648 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octD992.tmp.exe
2016-03-10 23:11 - 2016-03-10 23:12 - 63143840 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octDB79.tmp.exe
2016-11-17 23:37 - 2016-11-17 23:37 - 64111920 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octDB9.tmp.exe
2014-10-08 18:23 - 2014-10-08 18:24 - 50678288 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octF10C.tmp.exe
2016-08-15 20:55 - 2016-08-15 20:55 - 7046480 _____ () C:\Users\Bianka\AppData\Local\Temp\paint.net.4.0.10.install.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-03-01 10:37
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 05-03-2017
durchgeführt von Bianka (07-03-2017 22:15:36)
Gestartet von C:\Users\Bianka\Desktop
Windows 8.1 Connected (Update) (X64) (2014-10-08 16:40:44)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3939777714-882395854-1159617953-500 - Administrator - Disabled)
Bianka (S-1-5-21-3939777714-882395854-1159617953-1001 - Administrator - Enabled) => C:\Users\Bianka
Gast (S-1-5-21-3939777714-882395854-1159617953-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3939777714-882395854-1159617953-1003 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee Anti-Virus und Anti-Spyware (Disabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus und Anti-Spyware (Disabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}
FW: McAfee Firewall (Disabled) {B3F62DDF-980B-3470-75A7-407A2E6F58C7}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
4500_G510af_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
4500G510af (x32 Version: 140.0.001.000 - Hewlett-Packard) Hidden
4500G510af_Software_Min (x32 Version: 140.0.001.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 20.0.0.260 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.01.2008.3 - Acer Incorporated)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bing Bar (HKLM-x32\...\{3611CA6C-5FCA-4900-A329-6A118123CCFC}) (Version: 7.1.355.0 - Microsoft Corporation)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Citrix Online Launcher (HKLM-x32\...\{09DA5EE2-7E46-4DC4-96F9-BFEE50D40659}) (Version: 1.0.408 - Citrix)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4917 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.4220 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3914.57 - CyberLink Corp.)
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden
eBay Worldwide (HKLM-x32\...\{91589413-6675-4C27-8AFC-EFB9103B90A5}) (Version: 2.4.0105 - OEM)
Fax (x32 Version: 140.0.307.000 - Hewlett-Packard) Hidden
FileZilla Client 3.23.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.23.0.2 - Tim Kosse)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
GoToMeeting 8.0.0.6441 (HKU\S-1-5-21-3939777714-882395854-1159617953-1001\...\GoToMeeting) (Version: 8.0.0.6441 - CitrixOnline)
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Officejet 4500 G510a-f 14.0 Rel. 6 (HKLM\...\{A49C5804-8F24-433C-99B2-9F9F541090C7}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Support Assistant (HKLM-x32\...\{4780AF24-213D-4187-86F2-0014A6D6077B}) (Version: 8.3.50.9 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{AAE126B3-95C5-49E1-A590-7B5F6EDC7D60}) (Version: 12.5.32.203 - HP Inc.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8101 - Packard Bell)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3574 - Intel Corporation)
Intel(R) Technology Access (HKLM-x32\...\{fb74531f-28c3-4dca-9849-e6b8faa85afe}) (Version: 1.5.0.1021 - Intel Corporation)
Intel(R) Technology Access Software Asset Manager (x32 Version: 1.0.1562 - Intel Corporation) Hidden
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation)
LastPass (Nur deinstallieren) (HKLM-x32\...\LastPass) (Version: - LastPass)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8100 - Packard Bell)
Malwarebytes Version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
McAfee Internet Security Suite (HKLM-x32\...\MSC) (Version: 14.0.12000 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.235 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0 - Mozilla)
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Opera Stable 43.0.2442.1144 (HKLM-x32\...\Opera 43.0.2442.1144) (Version: 43.0.2442.1144 - Opera Software)
Packard Bell Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Packard Bell)
Packard Bell Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8107 - Packard Bell)
Packard Bell Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8105 - Packard Bell)
Packard Bell Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3016.0 - Packard Bell)
Packard Bell Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8108 - Packard Bell)
Packard Bell User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.02.3004 - Packard Bell)
Packard Bell User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.02.3004 - Packard Bell)
paint.net (HKLM\...\{6AC1101E-7561-43C9-BEEA-4AB1D220D8FF}) (Version: 4.0.13 - dotPDN LLC)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.322 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.33 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.39059 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.33.529.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7288 - Realtek Semiconductor Corp.)
Saal Design Software (HKLM-x32\...\SaalDesignSoftware) (Version: 4.0 - Saal Digital Fotoservice GmbH)
Saal Design Software (x32 Version: 4.0 - Saal Digital Fotoservice GmbH) Hidden
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype™ 7.32 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.104 - Skype Technologies S.A.)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.6.81.gd359a796 - Spotify AB)
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
WinRAR 5.40 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-3939777714-882395854-1159617953-1001\...\ZoomUMX) (Version: 4.0 - Zoom Video Communications, Inc.)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3939777714-882395854-1159617953-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3939777714-882395854-1159617953-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Bianka\AppData\Local\Citrix\GoToMeeting\5808\G2MOutlookAddin64.dll => Keine Datei
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {05690C2D-2462-4329-A6BA-2BE6B7928391} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Packard Bell\Packard Bell Recovery Management\Notification\Notification.exe [2014-06-17] (Acer Incorporated)
Task: {085E5887-7694-4C67-B066-07CA7CF7D58F} - System32\Tasks\G2MUpdateTask-S-1-5-21-3939777714-882395854-1159617953-1001 => C:\Users\Bianka\AppData\Local\Citrix\GoToMeeting\6441\g2mupdate.exe [2017-02-18] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {106706D0-E476-400D-B4AD-2DC7B9C94E25} - System32\Tasks\UbtFrameworkService => C:\Program Files\Packard Bell\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-12] (TODO: <Company name>)
Task: {1A46170F-14F7-41FE-8E2B-E06FC3306809} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-12-07] (HP Inc.)
Task: {312CDB5A-4AC9-43C4-B4AC-C1ED6DDB1547} - System32\Tasks\IntelTA-Upgrade-56460984-97c2-4bc7-a632-d776cf817f5d => C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe
Task: {312E43F1-DFFC-4E8B-80E0-1B5A9E39B030} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [2016-12-09] (McAfee, Inc.)
Task: {46C1FA8A-EAC0-4ECB-B5D6-3E90F05B0D75} - System32\Tasks\IntelTA-Upgrade-56460984-97c2-4bc7-a632-d776cf817f5d-Logon => C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe
Task: {47FC67FC-9211-4ADE-9B00-4B50628B3137} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {6D5036F1-FF73-47A9-88E3-C0C28EB11624} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2016-12-06] (HP Inc.)
Task: {6E83697B-11FB-4B17-8751-0E153CCBE470} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)
Task: {86377B76-DC30-4084-97F1-4460C9CF88AA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {90AA8809-AAB5-4716-B4FE-8FB10A69AF5C} - System32\Tasks\Launch Manager => C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMLauncher.exe [2014-06-10] (Acer Incorporate)
Task: {9724304D-AEFF-4334-866A-49DD98ECC1FA} - System32\Tasks\Quick Access => C:\Program Files\Packard Bell\Packard Bell Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {AD342E15-C9E1-4F7F-B358-57EF5D892E15} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {B4BCE3D4-CB4C-4036-AD11-1EE7A571446D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-05] (Google Inc.)
Task: {B6CF8580-93B8-4991-A681-07047CD3D3D0} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {B924DBF1-6776-4110-AE67-4F92EA42C3C8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2017-02-23] (Microsoft Corporation)
Task: {B9635281-C472-4AE6-94D6-81F6E3902874} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Packard Bell\Packard Bell Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {D18E474C-2E57-48E5-AC50-9933F3194224} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-05] (Google Inc.)
Task: {D3C088AF-18A5-416B-B125-25A93C6FE4F3} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {D8F6BBFF-8454-4137-9B0C-E4E62002B90A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {E00F7476-48BF-48F8-A325-B88AD2C2BBFA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)
Task: {E5123DAA-931C-44A6-B9AE-C3351D3D8FF3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-15] (Adobe Systems Incorporated)
Task: {E79B1364-B9CB-42DA-886A-D57ECC9BA405} - System32\Tasks\G2MUploadTask-S-1-5-21-3939777714-882395854-1159617953-1001 => C:\Users\Bianka\AppData\Local\Citrix\GoToMeeting\6441\g2mupload.exe [2017-02-18] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {EB873949-AEBC-4FE8-8C95-39E517C105FE} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Packard Bell\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {EBDA2E4D-7745-4035-86B1-6AD1ED378541} - System32\Tasks\ALU => C:\Program Files (x86)\Packard Bell\Live Updater\updater.exe [2013-07-08] ()
Task: {EC753DFA-E68E-4D00-B974-D5C75CCCE682} - System32\Tasks\Power Management => C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTrayLauncher.exe [2014-06-12] (Acer Incorporated)
Task: {F2091015-81A7-496C-937F-94BD68A461E3} - System32\Tasks\Opera scheduled Autoupdate 1416909253 => E:\Programme\Opera\launcher.exe [2017-02-27] (Opera Software)
Task: {F33E1F55-808A-4E9E-9A4E-A30E6B322DB8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-06] (HP Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3939777714-882395854-1159617953-1001.job => C:\Users\Bianka\AppData\Local\Citrix\GoToMeeting\6441\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-3939777714-882395854-1159617953-1001.job => C:\Users\Bianka\AppData\Local\Citrix\GoToMeeting\6441\g2mupload.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-07-07 10:44 - 2015-07-07 10:44 - 00088064 _____ () C:\Program Files\Intel Corporation\Intel(R) Technology Access\libglog.dll
2015-07-07 12:41 - 2015-07-07 12:41 - 01793280 _____ () C:\Program Files\Intel Corporation\Intel(R) Technology Access\cpprest120_1_4.dll
2015-07-07 12:41 - 2015-07-07 12:41 - 00354560 _____ () C:\Program Files\Intel Corporation\Intel(R) Technology Access\JsonCpp.dll
2014-08-10 01:34 - 2012-04-24 11:43 - 00254512 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2017-03-04 00:17 - 2017-01-20 07:47 - 02264352 _____ () E:\PROGRAMME\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3939777714-882395854-1159617953-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Bianka\Pictures\09_15_P5090046.JPG
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKU\S-1-5-21-3939777714-882395854-1159617953-1001\...\StartupApproved\Run: => "Skype"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
18-02-2017 11:29:32 Intel(R) Technology Access
22-02-2017 19:23:43 Windows Update
05-03-2017 18:00:06 Geplanter Prüfpunkt
07-03-2017 21:44:10 JRT Pre-Junkware Removal
07-03-2017 22:10:00 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (03/05/2017 10:33:19 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm chrome.exe, Version 56.0.2924.87 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 798
Startzeit: 01d295f7d10b632c
Endzeit: 60000
Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Berichts-ID: 2bcfd2a7-01eb-11e7-82ad-206a8ade4140
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (03/05/2017 10:27:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm chrome.exe, Version 56.0.2924.87 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 944
Startzeit: 01d295edc61a864a
Endzeit: 4294967295
Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Berichts-ID: d6027a12-01e1-11e7-82ad-206a8ade4140
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (03/05/2017 09:05:05 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm chrome.exe, Version 56.0.2924.87 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1f80
Startzeit: 01d295e8dc786c13
Endzeit: 31
Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Berichts-ID: 9bf5cb8f-01dd-11e7-82ad-206a8ade4140
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (03/05/2017 08:39:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm chrome.exe, Version 56.0.2924.87 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 914
Startzeit: 01d295e7e4fd2b35
Endzeit: 60000
Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Berichts-ID: 39f5cc66-01db-11e7-82ad-206a8ade4140
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (03/05/2017 08:32:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm chrome.exe, Version 56.0.2924.87 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1190
Startzeit: 01d295e4085babc6
Endzeit: 18
Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Berichts-ID: c0bab5a6-01d8-11e7-82ad-206a8ade4140
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (03/05/2017 07:43:48 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm chrome.exe, Version 56.0.2924.87 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1114
Startzeit: 01d295de94b8bb6c
Endzeit: 4294967295
Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Berichts-ID: 4200e56c-01d2-11e7-82ac-206a8ade4140
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (03/05/2017 06:45:01 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm chrome.exe, Version 56.0.2924.87 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: ee0
Startzeit: 01d295d39358a55e
Endzeit: 60000
Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Berichts-ID: 46769ae2-01cb-11e7-82ab-206a8ade4140
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (03/05/2017 02:38:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Notification.exe, Version: 6.0.3012.0, Zeitstempel: 0x53281d82
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.18340, Zeitstempel: 0x57366075
Ausnahmecode: 0xe0434352
Fehleroffset: 0x0000000000008a5c
ID des fehlerhaften Prozesses: 0x2044
Startzeit der fehlerhaften Anwendung: 0x01d295b5cb3ec928
Pfad der fehlerhaften Anwendung: C:\Program Files\Packard Bell\Packard Bell Recovery Management\Notification\Notification.exe
Pfad des fehlerhaften Moduls: C:\Windows\system32\KERNELBASE.dll
Berichtskennung: 0a84fac5-01a9-11e7-82aa-206a8ade4140
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (03/05/2017 02:38:40 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Notification.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.InvalidOperationException
bei System.Diagnostics.Process.GetProcessHandle(Int32, Boolean)
bei System.Diagnostics.Process.OpenProcessHandle(Int32)
bei System.Diagnostics.Process.get_Handle()
bei Notification.Form1.CheckAppContainer(System.Diagnostics.Process)
bei Notification.Form1.CheckResolution()
bei Notification.Form1..ctor()
bei Notification.Program.Main()
Error: (03/05/2017 02:33:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm chrome.exe, Version 56.0.2924.87 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 2180
Startzeit: 01d295a96502212f
Endzeit: 4294967295
Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Berichts-ID: e45e5607-01a6-11e7-82aa-206a8ade4140
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Systemfehler:
=============
Error: (03/07/2017 09:11:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 3000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (03/07/2017 09:11:55 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "BBUpdate" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/07/2017 09:11:55 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "User Experience Improvement Program" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/07/2017 09:11:55 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (03/07/2017 09:11:55 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "HP Support Solutions Framework Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/07/2017 09:11:54 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Quick Access RadioMgr Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/07/2017 09:11:54 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "ePower Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/07/2017 09:11:54 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (03/07/2017 09:11:54 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Quick Access Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/07/2017 09:11:54 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Celeron(R) CPU N2840 @ 2.16GHz
Prozentuale Nutzung des RAM: 34%
Installierter physikalischer RAM: 3977.98 MB
Verfügbarer physikalischer RAM: 2623.86 MB
Summe virtueller Speicher: 5321.98 MB
Verfügbarer virtueller Speicher: 3802.51 MB
==================== Laufwerke ================================
Drive c: (Packard Bell) (Fixed) (Total:205.07 GB) (Free:146.48 GB) NTFS
Drive e: (Volume) (Fixed) (Total:244.14 GB) (Free:66.41 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: B4119404)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
08.03.2017, 15:04
| #12 |
| /// TB-Ausbilder | Trojan.Injector.MSIL in Quarantäne, trotzdem funktioniert Google Chrome nicht Servus, Schritt 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter start
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
CMD: dir "%ProgramFiles%"
CMD: dir "%ProgramFiles(x86)%"
CMD: dir "%ProgramData%"
CMD: dir "%Appdata%"
CMD: dir "%LocalAppdata%"
CMD: dir "%CommonProgramFiles(x86)%"
CMD: dir "%CommonProgramW6432%"
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 2 Lade dir die passende Version von SystemLook vom folgenden Spiegel herunter und speichere das Tool auf dem Desktop: SystemLook (32 bit) | SystemLook (64 bit)
Schritt 3
Bitte poste mit deiner nächsten Antwort
|
|
08.03.2017, 23:24
| #13 |
| | Fixlog.txtCode:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 08-03-2017
durchgeführt von Bianka (08-03-2017 22:37:45) Run:1
Gestartet von C:\Users\Bianka\Desktop
Geladene Profile: Bianka (Verfügbare Profile: Bianka)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
start
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
CMD: dir "%ProgramFiles%"
CMD: dir "%ProgramFiles(x86)%"
CMD: dir "%ProgramData%"
CMD: dir "%Appdata%"
CMD: dir "%LocalAppdata%"
CMD: dir "%CommonProgramFiles(x86)%"
CMD: dir "%CommonProgramW6432%"
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
*****************
Prozesse erfolgreich geschlossen.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Wert erfolgreich entfernt
========= dir "%ProgramFiles%" =========
Datentr„ger in Laufwerk C: ist Packard Bell
Volumeseriennummer: 009B-8E63
Verzeichnis von C:\Program Files
04.03.2017 00:32 <DIR> .
04.03.2017 00:32 <DIR> ..
10.04.2016 17:57 <DIR> Common Files
30.01.2016 14:01 <DIR> Emsisoft Anti-Malware
10.08.2014 01:09 <DIR> Intel
25.02.2015 21:33 <DIR> Intel Corporation
09.11.2016 01:07 <DIR> Internet Explorer
17.01.2017 22:51 <DIR> McAfee
30.01.2016 14:09 <DIR> McAfee.com
18.07.2014 04:13 <DIR> MSBuild
10.08.2014 01:42 <DIR> Packard Bell
14.12.2016 12:10 <DIR> paint.net
10.08.2014 01:06 <DIR> Realtek
18.07.2014 04:13 <DIR> Reference Assemblies
17.08.2015 22:21 <DIR> Windows Defender
15.03.2015 21:10 <DIR> Windows Mail
15.03.2015 21:10 <DIR> Windows Media Player
15.03.2015 21:10 <DIR> Windows Multimedia Platform
22.08.2013 16:36 <DIR> Windows NT
15.03.2015 21:10 <DIR> Windows Photo Viewer
15.03.2015 21:10 <DIR> Windows Portable Devices
15.03.2015 21:08 <DIR> WindowsPowerShell
0 Datei(en), 0 Bytes
22 Verzeichnis(se), 157.253.734.400 Bytes frei
========= Ende von CMD: =========
========= dir "%ProgramFiles(x86)%" =========
Datentr„ger in Laufwerk C: ist Packard Bell
Volumeseriennummer: 009B-8E63
Verzeichnis von C:\Program Files (x86)
07.03.2017 21:15 <DIR> .
07.03.2017 21:15 <DIR> ..
25.11.2014 14:15 <DIR> Acer
12.02.2016 22:33 <DIR> Adobe
25.11.2014 10:50 <DIR> Apple Software Update
27.02.2017 21:24 <DIR> Common Files
10.08.2014 01:40 <DIR> CyberLink
05.03.2017 19:29 <DIR> Google
17.01.2017 22:48 <DIR> Hewlett-Packard
26.08.2016 16:02 <DIR> HP
25.02.2015 21:34 <DIR> Intel
28.12.2015 12:10 <DIR> Intel Corporation
09.11.2016 01:07 <DIR> Internet Explorer
21.11.2014 23:42 <DIR> LastPass
07.03.2017 21:41 <DIR> McAfee
30.01.2016 14:11 <DIR> McAfee.com
26.08.2016 16:03 <DIR> Microsoft
10.08.2014 01:38 <DIR> Microsoft Office
22.08.2013 16:36 <DIR> Microsoft.NET
17.11.2015 18:35 <DIR> Mozilla Firefox
18.11.2015 20:09 <DIR> Mozilla Maintenance Service
18.07.2014 04:13 <DIR> MSBuild
08.10.2014 17:42 <DIR> OEM
25.11.2014 11:40 <DIR> OpenOffice 4
18.07.2014 05:03 <DIR> Packard Bell
10.08.2014 01:15 <DIR> Qualcomm Atheros
10.08.2014 01:10 <DIR> Realtek
18.07.2014 04:13 <DIR> Reference Assemblies
27.02.2017 21:24 <DIR> Skype
10.08.2014 01:34 <DIR> Spotify
18.07.2014 05:05 <DIR> SymSilent
01.05.2015 21:26 <DIR> VideoLAN
25.11.2014 14:22 <DIR> WildTangent Games
17.08.2015 22:21 <DIR> Windows Defender
15.03.2015 21:08 <DIR> Windows Mail
15.03.2015 21:08 <DIR> Windows Media Player
15.03.2015 21:08 <DIR> Windows Multimedia Platform
22.08.2013 16:36 <DIR> Windows NT
15.03.2015 21:08 <DIR> Windows Photo Viewer
15.03.2015 21:08 <DIR> Windows Portable Devices
22.08.2013 16:36 <DIR> WindowsPowerShell
0 Datei(en), 0 Bytes
41 Verzeichnis(se), 157.253.734.400 Bytes frei
========= Ende von CMD: =========
========= dir "%ProgramData%" =========
Datentr„ger in Laufwerk C: ist Packard Bell
Volumeseriennummer: 009B-8E63
Verzeichnis von C:\ProgramData
10.08.2014 01:43 <DIR> acer
12.02.2016 22:33 <DIR> Adobe
25.11.2014 10:50 <DIR> Apple
25.11.2014 10:51 <DIR> Apple Computer
10.08.2014 01:20 <DIR> Atheros
10.08.2014 01:41 <DIR> CLSK
29.04.2016 20:47 <DIR> CyberLink
28.12.2015 12:28 <DIR> Emsisoft
17.01.2017 22:48 <DIR> Hewlett-Packard
26.08.2016 16:02 <DIR> HP
26.08.2016 16:02 <DIR> HP Product Assistant
26.08.2016 16:06 369 hpzinstall.log
10.08.2014 01:41 <DIR> install_clap
19.08.2015 10:24 <DIR> Intel
28.02.2016 13:31 <DIR> Intel Security
07.10.2016 16:18 <DIR> Intel(R) Update Manager
04.03.2017 00:17 <DIR> Malwarebytes
17.02.2017 21:41 <DIR> McAfee
08.10.2014 18:41 <DIR> Mozilla
08.10.2014 18:19 <DIR> Norton
18.07.2014 05:03 <DIR> NortonInstaller
08.10.2014 17:53 <DIR> oem
08.10.2014 17:41 <DIR> OEM_YAHOO
01.09.2015 22:21 <DIR> Package Cache
18.07.2014 04:54 <DIR> Packard Bell
10.08.2014 01:12 <DIR> Qualcomm Atheros
10.08.2014 01:38 <DIR> regid.1991-06.com.microsoft
27.02.2017 21:24 <DIR> Skype
10.08.2014 01:40 <DIR> Temp
25.11.2014 14:22 <DIR> WildTangent
10.08.2014 01:12 <DIR> {69533018-33A8-4C46-869A-11AA2CDF4EDC}
1 Datei(en), 369 Bytes
30 Verzeichnis(se), 157.253.730.304 Bytes frei
========= Ende von CMD: =========
========= dir "%Appdata%" =========
Datentr„ger in Laufwerk C: ist Packard Bell
Volumeseriennummer: 009B-8E63
Verzeichnis von C:\Users\Bianka\AppData\Roaming
08.03.2017 22:29 <DIR> .
08.03.2017 22:29 <DIR> ..
12.02.2016 22:31 <DIR> Adobe
25.11.2014 11:55 <DIR> Apple Computer
08.10.2014 17:43 <DIR> Atheros
29.04.2016 20:46 <DIR> CyberLink
28.03.2015 00:26 <DIR> dvdcss
17.12.2016 11:48 <DIR> FileZilla
17.01.2017 22:55 <DIR> Hewlett-Packard
03.12.2016 00:04 <DIR> HP
17.01.2017 22:46 <DIR> hpqLog
02.09.2016 20:22 <DIR> HpUpdate
16.03.2015 12:33 <DIR> Identities
21.11.2014 23:41 <DIR> Local
08.10.2014 17:59 <DIR> Macromedia
08.10.2014 18:42 <DIR> Mozilla
26.11.2014 07:48 <DIR> OpenOffice
25.11.2014 10:54 <DIR> Opera Software
12.02.2016 22:33 <DIR> SaalDesignSoftware
28.02.2017 22:47 <DIR> Skype
05.03.2017 00:08 <DIR> vlc
25.11.2014 14:22 <DIR> WildTangent
16.12.2016 22:56 <DIR> WinRAR
04.03.2017 13:52 <DIR> Zoom
0 Datei(en), 0 Bytes
24 Verzeichnis(se), 157.253.734.400 Bytes frei
========= Ende von CMD: =========
========= dir "%LocalAppdata%" =========
Datentr„ger in Laufwerk C: ist Packard Bell
Volumeseriennummer: 009B-8E63
Verzeichnis von C:\Users\Bianka\AppData\Local
08.03.2017 22:29 <DIR> .
08.03.2017 22:29 <DIR> ..
25.11.2014 14:13 <DIR> Acer
08.10.2014 18:30 <DIR> Acer Aspire R7 Tutorial
12.02.2016 22:31 <DIR> Adobe
08.10.2014 17:43 <DIR> AOP SDK
25.11.2014 10:50 <DIR> Apple
25.11.2014 12:00 <DIR> Apple Computer
08.10.2014 18:30 <DIR> Apps
25.07.2015 17:51 <DIR> CEF
31.08.2016 17:57 <DIR> Citrix
25.11.2014 14:13 <DIR> clear.fi
04.03.2017 10:24 <DIR> CrashDumps
29.04.2016 20:46 <DIR> CyberLink
22.02.2017 19:21 <DIR> Deployment
05.03.2017 15:25 <DIR> Diagnostics
08.12.2016 09:58 <DIR> FileZilla
05.03.2017 19:30 <DIR> Google
02.07.2015 22:12 <DIR> GWX
17.01.2017 23:45 <DIR> Hewlett-Packard
08.10.2014 17:42 <DIR> iGware
25.11.2014 14:06 <DIR> Macromedia
29.04.2016 20:47 <DIR> MediaShow
16.03.2015 12:33 <DIR> Microsoft
08.10.2014 18:42 <DIR> Mozilla
08.10.2014 17:40 <DIR> OEM
25.11.2014 10:54 <DIR> Opera Software
26.08.2016 15:59 <DIR> Packages
24.11.2014 12:05 <DIR> paint.net
28.12.2015 12:15 <DIR> Programs
08.03.2017 22:29 <DIR> Temp
25.11.2014 12:01 <DIR> VirtualStore
0 Datei(en), 0 Bytes
32 Verzeichnis(se), 157.253.734.400 Bytes frei
========= Ende von CMD: =========
========= dir "%CommonProgramFiles(x86)%" =========
Datentr„ger in Laufwerk C: ist Packard Bell
Volumeseriennummer: 009B-8E63
Verzeichnis von C:\Program Files (x86)\Common Files
27.02.2017 21:24 <DIR> .
27.02.2017 21:24 <DIR> ..
01.05.2015 21:23 <DIR> Adobe
12.02.2016 22:33 <DIR> Adobe AIR
10.08.2014 01:12 <DIR> Atheros
26.08.2016 16:00 <DIR> Hewlett-Packard
26.08.2016 16:00 <DIR> HP
01.11.2015 17:56 <DIR> InstallShield
10.08.2014 00:31 <DIR> Intel
01.03.2017 08:41 <DIR> logishrd
21.11.2014 23:42 14.147.584 lpuninstall.exe
17.01.2017 22:34 <DIR> McAfee
09.11.2014 21:43 <DIR> Microsoft Shared
10.08.2014 01:30 <DIR> Nikon
22.08.2013 16:36 <DIR> Services
27.02.2017 21:24 <DIR> Skype
08.10.2014 18:15 <DIR> Symantec Shared
15.03.2015 21:08 <DIR> System
1 Datei(en), 14.147.584 Bytes
17 Verzeichnis(se), 157.253.726.208 Bytes frei
========= Ende von CMD: =========
========= dir "%CommonProgramW6432%" =========
Datentr„ger in Laufwerk C: ist Packard Bell
Volumeseriennummer: 009B-8E63
Verzeichnis von C:\Program Files\Common Files
10.04.2016 17:57 <DIR> .
10.04.2016 17:57 <DIR> ..
30.01.2016 14:09 <DIR> AV
28.02.2016 13:30 <DIR> Intel Security
01.03.2017 08:41 <DIR> logishrd
17.02.2017 21:40 <DIR> McAfee
27.02.2017 20:23 <DIR> microsoft shared
10.08.2014 01:13 <DIR> QCA_Bluetooth
22.08.2013 16:36 <DIR> Services
15.03.2015 21:10 <DIR> System
0 Datei(en), 0 Bytes
10 Verzeichnis(se), 157.253.730.304 Bytes frei
========= Ende von CMD: =========
========= RemoveProxy: =========
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-3939777714-882395854-1159617953-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-3939777714-882395854-1159617953-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
========= Ende von RemoveProxy: =========
========= ipconfig /flushdns =========
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
========= Ende von CMD: =========
========= netsh winsock reset =========
Der Winsock-Katalog wurde zurckgesetzt.
Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen.
========= Ende von CMD: =========
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 130884659 B
Java, Flash, Steam htmlcache => 3955 B
Windows/system/drivers => 308818970 B
Edge => 0 B
Chrome => 26779062 B
Firefox => 366118731 B
Opera => 106777135 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 400962 B
systemprofile32 => 560 B
LocalService => 642580 B
NetworkService => 17062 B
Bianka => 5495542169 B
RecycleBin => 162151351 B
EmptyTemp: => 6.2 GB temporäre Dateien entfernt.
================================
Das System musste neu gestartet werden.
==== Ende von Fixlog 22:41:16 ====
Log created at 22:55 on 08/03/2017 by Bianka Administrator - Elevation successful ========== filefind ========== Searching for "*pokki*" C:\AdwCleaner\quarantine\files\bsuocncdibbcwrbqgsgyxdyetnictxdk\Engine\libPokki.dll --a---- 49324544 bytes [20:15 07/03/2017] [19:10 29/04/2014] 99EBD057BADEAF5F4A2A3573B7190DEA C:\AdwCleaner\quarantine\files\bsuocncdibbcwrbqgsgyxdyetnictxdk\Engine\sysapps\notifications\assets\scripts\platform\templates\pokkiApp.handlebars --a---- 511 bytes [20:16 07/03/2017] [16:06 17/01/2014] 9FBCA64AA76DF50BE494A33C3EBC8E18 C:\AdwCleaner\quarantine\files\bsuocncdibbcwrbqgsgyxdyetnictxdk\Engine\sysapps\notifications\assets\scripts\platform\views\pokkiApp.js --a---- 4908 bytes [20:16 07/03/2017] [18:21 24/02/2014] D382AE873AB82AE575910EF79F8EF018 C:\AdwCleaner\quarantine\files\bsuocncdibbcwrbqgsgyxdyetnictxdk\Pokkies\f22abfeae27a67446927d078890381efc546d3e1\js\pokkistore.js --a---- 594 bytes [20:16 07/03/2017] [16:07 17/01/2014] 16FCB9D66D5E7D25F0A59D7AF809A306 C:\AdwCleaner\quarantine\files\bsuocncdibbcwrbqgsgyxdyetnictxdk\Pokkies\f22abfeae27a67446927d078890381efc546d3e1\js\lib\pokkiHelper.js --a---- 6470 bytes [20:16 07/03/2017] [16:07 17/01/2014] 82C56D3875D29FAF35867873F0761526 C:\AdwCleaner\quarantine\files\bsuocncdibbcwrbqgsgyxdyetnictxdk\Pokkies\f22abfeae27a67446927d078890381efc546d3e1\js\lib\pokkiHostedFramework-2.1.1.js --a---- 19835 bytes [20:16 07/03/2017] [16:07 17/01/2014] 7D60EFD1316202268585B90D28845883 C:\AdwCleaner\quarantine\files\bsuocncdibbcwrbqgsgyxdyetnictxdk\Pokkies\f22abfeae27a67446927d078890381efc546d3e1\js\lib\pokkiHostedFramework-2.1.1.min.js --a---- 9448 bytes [20:16 07/03/2017] [16:06 17/01/2014] 80A4C29A34DA7768DDFC978E0777E53C C:\AdwCleaner\quarantine\files\kswxmgooksanuayiceknhaqxunrveaeg\Engine\libPokki.dll --a---- 49324032 bytes [20:13 07/03/2017] [23:36 15/11/2016] BA3DF129CC4E78FB1EC89C5AFD204213 C:\AdwCleaner\quarantine\files\kswxmgooksanuayiceknhaqxunrveaeg\Engine\sysapps\notifications\assets\scripts\platform\templates\pokkiApp.handlebars --a---- 521 bytes [20:13 07/03/2017] [23:03 15/11/2016] 0D4B0E9649D137842B8DCAAF6195DC94 C:\AdwCleaner\quarantine\files\kswxmgooksanuayiceknhaqxunrveaeg\Engine\sysapps\notifications\assets\scripts\platform\views\pokkiApp.js --a---- 5048 bytes [20:13 07/03/2017] [23:03 15/11/2016] A94B2C45F902A8AAEED9771475E6BA48 C:\AdwCleaner\quarantine\files\kswxmgooksanuayiceknhaqxunrveaeg\Pokkies\installed_pokkies.db --a---- 7168 bytes [20:14 07/03/2017] [17:48 02/03/2017] BBB701E5FA919B96E9428D9A6014D60D C:\AdwCleaner\quarantine\files\kswxmgooksanuayiceknhaqxunrveaeg\Pokkies\f22abfeae27a67446927d078890381efc546d3e1\4d484f720bb6153028337ec6ae059939f411a 383\js\pokkistore.js --a---- 594 bytes [20:14 07/03/2017] [17:48 02/03/2017] 16FCB9D66D5E7D25F0A59D7AF809A306 C:\AdwCleaner\quarantine\files\kswxmgooksanuayiceknhaqxunrveaeg\Pokkies\f22abfeae27a67446927d078890381efc546d3e1\4d484f720bb6153028337ec6ae059939f411a 383\js\lib\pokkiHelper.js --a---- 6470 bytes [20:14 07/03/2017] [17:48 02/03/2017] 82C56D3875D29FAF35867873F0761526 C:\AdwCleaner\quarantine\files\kswxmgooksanuayiceknhaqxunrveaeg\Pokkies\f22abfeae27a67446927d078890381efc546d3e1\4d484f720bb6153028337ec6ae059939f411a 383\js\lib\pokkiHostedFramework-2.1.1.js --a---- 19835 bytes [20:14 07/03/2017] [17:48 02/03/2017] 7D60EFD1316202268585B90D28845883 C:\AdwCleaner\quarantine\files\kswxmgooksanuayiceknhaqxunrveaeg\Pokkies\f22abfeae27a67446927d078890381efc546d3e1\4d484f720bb6153028337ec6ae059939f411a 383\js\lib\pokkiHostedFramework-2.1.1.min.js --a---- 9448 bytes [20:14 07/03/2017] [17:48 02/03/2017] 80A4C29A34DA7768DDFC978E0777E53C C:\AdwCleaner\quarantine\files\vcklydlpyfvpzjfbefcqtczrekwtmpps\Pokki Start Menu.lnk --a---- 2166 bytes [20:14 07/03/2017] [16:06 17/01/2014] 429B98F9B8CD93423C2C639E3BF12560 Searching for "*SweetLabs*" No files found. Searching for "*Startfenster*" C:\AdwCleaner\quarantine\files\yxfaubykkixjhmiyxwiplmkodfbwpggw\startfenster.ico --a---- 99678 bytes [20:15 07/03/2017] [15:46 06/12/2010] BDCF63C89B22A44CDF5B1BE184714A26 Searching for "*homepage-web*" No files found. ========== folderfind ========== Searching for "*pokki*" C:\AdwCleaner\quarantine\files\bsuocncdibbcwrbqgsgyxdyetnictxdk\Pokkies d------ [20:16 07/03/2017] C:\AdwCleaner\quarantine\files\kswxmgooksanuayiceknhaqxunrveaeg\Pokkies d------ [20:14 07/03/2017] Searching for "*SweetLabs*" No folders found. Searching for "*Startfenster*" No folders found. Searching for "*homepage-web*" No folders found. ========== regfind ========== Searching for "pokki" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\TBDEn] "SBOEM2"="%ALLUSERSPROFILE%\Pokki\Pokki Start Menu.lnk" Searching for "SweetLabs" No data found. Searching for "Startfenster" No data found. Searching for "homepage-web" No data found. -= EOF =- sorry Code:
ATTFilter SystemLook 30.07.11 by jpshortstuff
Log created at 22:55 on 08/03/2017 by Bianka
Administrator - Elevation successful
========== filefind ==========
Searching for "*pokki*"
C:\AdwCleaner\quarantine\files\bsuocncdibbcwrbqgsgyxdyetnictxdk\Engine\libPokki.dll --a---- 49324544 bytes [20:15 07/03/2017] [19:10 29/04/2014] 99EBD057BADEAF5F4A2A3573B7190DEA
C:\AdwCleaner\quarantine\files\bsuocncdibbcwrbqgsgyxdyetnictxdk\Engine\sysapps\notifications\assets\scripts\platform\templates\pokkiApp.handlebars --a---- 511 bytes [20:16 07/03/2017] [16:06 17/01/2014] 9FBCA64AA76DF50BE494A33C3EBC8E18
C:\AdwCleaner\quarantine\files\bsuocncdibbcwrbqgsgyxdyetnictxdk\Engine\sysapps\notifications\assets\scripts\platform\views\pokkiApp.js --a---- 4908 bytes [20:16 07/03/2017] [18:21 24/02/2014] D382AE873AB82AE575910EF79F8EF018
C:\AdwCleaner\quarantine\files\bsuocncdibbcwrbqgsgyxdyetnictxdk\Pokkies\f22abfeae27a67446927d078890381efc546d3e1\js\pokkistore.js --a---- 594 bytes [20:16 07/03/2017] [16:07 17/01/2014] 16FCB9D66D5E7D25F0A59D7AF809A306
C:\AdwCleaner\quarantine\files\bsuocncdibbcwrbqgsgyxdyetnictxdk\Pokkies\f22abfeae27a67446927d078890381efc546d3e1\js\lib\pokkiHelper.js --a---- 6470 bytes [20:16 07/03/2017] [16:07 17/01/2014] 82C56D3875D29FAF35867873F0761526
C:\AdwCleaner\quarantine\files\bsuocncdibbcwrbqgsgyxdyetnictxdk\Pokkies\f22abfeae27a67446927d078890381efc546d3e1\js\lib\pokkiHostedFramework-2.1.1.js --a---- 19835 bytes [20:16 07/03/2017] [16:07 17/01/2014] 7D60EFD1316202268585B90D28845883
C:\AdwCleaner\quarantine\files\bsuocncdibbcwrbqgsgyxdyetnictxdk\Pokkies\f22abfeae27a67446927d078890381efc546d3e1\js\lib\pokkiHostedFramework-2.1.1.min.js --a---- 9448 bytes [20:16 07/03/2017] [16:06 17/01/2014] 80A4C29A34DA7768DDFC978E0777E53C
C:\AdwCleaner\quarantine\files\kswxmgooksanuayiceknhaqxunrveaeg\Engine\libPokki.dll --a---- 49324032 bytes [20:13 07/03/2017] [23:36 15/11/2016] BA3DF129CC4E78FB1EC89C5AFD204213
C:\AdwCleaner\quarantine\files\kswxmgooksanuayiceknhaqxunrveaeg\Engine\sysapps\notifications\assets\scripts\platform\templates\pokkiApp.handlebars --a---- 521 bytes [20:13 07/03/2017] [23:03 15/11/2016] 0D4B0E9649D137842B8DCAAF6195DC94
C:\AdwCleaner\quarantine\files\kswxmgooksanuayiceknhaqxunrveaeg\Engine\sysapps\notifications\assets\scripts\platform\views\pokkiApp.js --a---- 5048 bytes [20:13 07/03/2017] [23:03 15/11/2016] A94B2C45F902A8AAEED9771475E6BA48
C:\AdwCleaner\quarantine\files\kswxmgooksanuayiceknhaqxunrveaeg\Pokkies\installed_pokkies.db --a---- 7168 bytes [20:14 07/03/2017] [17:48 02/03/2017] BBB701E5FA919B96E9428D9A6014D60D
C:\AdwCleaner\quarantine\files\kswxmgooksanuayiceknhaqxunrveaeg\Pokkies\f22abfeae27a67446927d078890381efc546d3e1\4d484f720bb6153028337ec6ae059939f411a383\js\pokkistore.js --a---- 594 bytes [20:14 07/03/2017] [17:48 02/03/2017] 16FCB9D66D5E7D25F0A59D7AF809A306
C:\AdwCleaner\quarantine\files\kswxmgooksanuayiceknhaqxunrveaeg\Pokkies\f22abfeae27a67446927d078890381efc546d3e1\4d484f720bb6153028337ec6ae059939f411a383\js\lib\pokkiHelper.js --a---- 6470 bytes [20:14 07/03/2017] [17:48 02/03/2017] 82C56D3875D29FAF35867873F0761526
C:\AdwCleaner\quarantine\files\kswxmgooksanuayiceknhaqxunrveaeg\Pokkies\f22abfeae27a67446927d078890381efc546d3e1\4d484f720bb6153028337ec6ae059939f411a383\js\lib\pokkiHostedFramework-2.1.1.js --a---- 19835 bytes [20:14 07/03/2017] [17:48 02/03/2017] 7D60EFD1316202268585B90D28845883
C:\AdwCleaner\quarantine\files\kswxmgooksanuayiceknhaqxunrveaeg\Pokkies\f22abfeae27a67446927d078890381efc546d3e1\4d484f720bb6153028337ec6ae059939f411a383\js\lib\pokkiHostedFramework-2.1.1.min.js --a---- 9448 bytes [20:14 07/03/2017] [17:48 02/03/2017] 80A4C29A34DA7768DDFC978E0777E53C
C:\AdwCleaner\quarantine\files\vcklydlpyfvpzjfbefcqtczrekwtmpps\Pokki Start Menu.lnk --a---- 2166 bytes [20:14 07/03/2017] [16:06 17/01/2014] 429B98F9B8CD93423C2C639E3BF12560
Searching for "*SweetLabs*"
No files found.
Searching for "*Startfenster*"
C:\AdwCleaner\quarantine\files\yxfaubykkixjhmiyxwiplmkodfbwpggw\startfenster.ico --a---- 99678 bytes [20:15 07/03/2017] [15:46 06/12/2010] BDCF63C89B22A44CDF5B1BE184714A26
Searching for "*homepage-web*"
No files found.
========== folderfind ==========
Searching for "*pokki*"
C:\AdwCleaner\quarantine\files\bsuocncdibbcwrbqgsgyxdyetnictxdk\Pokkies d------ [20:16 07/03/2017]
C:\AdwCleaner\quarantine\files\kswxmgooksanuayiceknhaqxunrveaeg\Pokkies d------ [20:14 07/03/2017]
Searching for "*SweetLabs*"
No folders found.
Searching for "*Startfenster*"
No folders found.
Searching for "*homepage-web*"
No folders found.
========== regfind ==========
Searching for "pokki"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\TBDEn]
"SBOEM2"="%ALLUSERSPROFILE%\Pokki\Pokki Start Menu.lnk"
Searching for "SweetLabs"
No data found.
Searching for "Startfenster"
No data found.
Searching for "homepage-web"
No data found.
-= EOF =-
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 08-03-2017
durchgeführt von Bianka (Administrator) auf JENSBIANKALIEBE (08-03-2017 23:13:51)
Gestartet von C:\Users\Bianka\Desktop
Geladene Profile: Bianka (Verfügbare Profile: Bianka)
Platform: Windows 8.1 Connected (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Intel(R) Corporation) C:\Program Files\Intel Corporation\Intel(R) Technology Access\LegacyCsLoaderService.exe
(Intel(R) Corporation) C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMSvc.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Malwarebytes) E:\Programme\Malwarebytes\Anti-Malware\MBAMService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\VSCore_15_6\mcapexe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\2.3.290.0\McCSPServiceHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMLockHandler.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Quick Access\QASvc.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Quick Access\QAEvent.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMTray.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Quick Access\QAMsg.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Malwarebytes) E:\Programme\Malwarebytes\Anti-Malware\mbamtray.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerWinMonitor.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Quick Access\RMSvc.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(acer) C:\Program Files\Packard Bell\User Experience Improvement Program\Framework\UBTService.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.EXE
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672664 2014-06-30] (Realtek Semiconductor)
HKLM\...\Run: [Malwarebytes TrayApp] => E:\PROGRAMME\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2014-04-29] (Atheros Communications)
HKU\S-1-5-21-3939777714-882395854-1159617953-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27427808 2017-02-08] (Skype Technologies S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2016-08-26]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk [2014-11-21]
ShortcutTarget: Install LastPass FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk [2014-11-21]
ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe ()
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{C2DD1DA6-5C52-4B22-9AD4-AEFFB5517783}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{FDA7EFCC-8D4F-4528-998E-4C644058C139}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3939777714-882395854-1159617953-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
HKU\S-1-5-21-3939777714-882395854-1159617953-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=APJB
SearchScopes: HKU\S-1-5-21-3939777714-882395854-1159617953-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3939777714-882395854-1159617953-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3939777714-882395854-1159617953-1001 -> {69142CA1-E7F5-4C54-A9B4-81E7F99E8A45} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=B011DE453D20141008&p={SearchTerms}
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2014-11-21] (LastPass)
BHO: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll [2014-11-21] (LastPass)
BHO-x32: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2014-11-21] (LastPass)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll [2014-11-21] (LastPass)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2017-02-10] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2017-02-10] (McAfee, Inc.)
FireFox:
========
FF ProfilePath: C:\Users\Bianka\AppData\Roaming\Mozilla\Firefox\Profiles\2ptrwtj5.default [2017-03-08]
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\2ptrwtj5.default -> Sichere Suche
FF Homepage: Mozilla\Firefox\Profiles\2ptrwtj5.default -> hxxp://google.de/
FF Keyword.URL: Mozilla\Firefox\Profiles\2ptrwtj5.default -> hxxps://de.search.yahoo.com/search?fr=mcafee&type=C111DE453D20141008&p=
FF Extension: (LastPass) - C:\Users\Bianka\AppData\Roaming\Mozilla\Firefox\Profiles\2ptrwtj5.default\Extensions\support@lastpass.com [2015-09-24]
FF Extension: (Video DownloadHelper) - C:\Users\Bianka\AppData\Roaming\Mozilla\Firefox\Profiles\2ptrwtj5.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-09-20]
FF Extension: (McAfee WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2016-05-24]
FF SearchPlugin: C:\Users\Bianka\AppData\Roaming\Mozilla\Firefox\Profiles\2ptrwtj5.default\searchplugins\McSiteAdvisor.xml [2017-03-05]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2017-02-17] [ist nicht signiert]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2015-08-02]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-02-15] ()
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2014-11-21] (LastPass)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2017-02-10] ()
FF Plugin: @videolan.org/vlc,version=2.1.5 -> E:\Programme\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-15] ()
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2014-11-21] (LastPass)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2017-02-10] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-03-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-03-05] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3939777714-882395854-1159617953-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Bianka\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2016-08-31] (Citrix Online)
FF Plugin HKU\S-1-5-21-3939777714-882395854-1159617953-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\Bianka\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2017-02-28] (Zoom Video Communications, Inc.)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-04-27]
CHR HKLM\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3939777714-882395854-1159617953-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-04-27]
CHR HKLM-x32\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx
Opera:
=======
StartMenuInternet: (HKLM) OperaStable - E:\Programme\Opera\Launcher.exe
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [319104 2014-04-29] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert]
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [3053312 2014-06-26] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [2573032 2014-06-12] (Acer Incorporated)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Datei ist nicht signiert]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315376 2014-06-09] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation)
R2 Intel(R) Technology Access Legacy CS Loader; C:\Program Files\Intel Corporation\Intel(R) Technology Access\LegacyCsLoaderService.exe [144128 2015-07-31] (Intel(R) Corporation)
R2 Intel(R) TechnologyAccessService; C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe [481536 2015-07-31] (Intel(R) Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel Corporation)
R2 LMSvc; C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMSvc.exe [466664 2014-06-10] (Acer Incorporate)
R2 MBAMService; E:\Programme\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [188352 2017-02-22] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_15_6\McApExe.exe [989632 2017-01-23] (McAfee, Inc.)
R2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\2.3.290.0\\McCSPServiceHost.exe [2054080 2017-02-04] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [1342904 2017-02-01] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [241040 2016-11-14] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [383032 2016-11-14] (McAfee, Inc.)
R3 mfevtp; C:\Windows\system32\mfevtps.exe [342768 2016-11-14] (McAfee, Inc.)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1465840 2016-12-22] (McAfee, Inc.)
S3 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1104304 2016-11-15] (Intel Security, Inc.)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R3 QASvc; C:\Program Files\Packard Bell\Packard Bell Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 RMSvc; C:\Program Files\Packard Bell\Packard Bell Quick Access\RMSvc.exe [449768 2014-06-26] (Acer Incorporate)
R3 UEIPSvc; C:\Program Files\Packard Bell\User Experience Improvement Program\Framework\UBTService.exe [233216 2014-06-23] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S3 Intel(R) TA SAM; "C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe" [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3893248 2014-04-02] (Qualcomm Atheros Communications, Inc.)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-04-29] (Qualcomm Atheros)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [88456 2016-11-18] (McAfee, Inc.)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 GPIO; C:\Windows\System32\drivers\iaiogpioe.sys [31232 2014-06-09] (Intel Corporation)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [216704 2016-08-02] (McAfee, Inc.)
R3 iaioi2c; C:\Windows\System32\drivers\iaioi2ce.sys [69632 2014-06-09] (Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [251840 2017-03-08] (Malwarebytes)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [484576 2016-11-18] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [366320 2016-11-18] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [85048 2016-11-18] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [518184 2016-11-18] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [916432 2016-11-18] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [498152 2016-10-24] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [109336 2016-10-24] (McAfee, Inc.)
R3 mfeplk; C:\Windows\System32\drivers\mfeplk.sys [110248 2016-11-18] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [46240 2016-06-06] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [254800 2016-11-18] (McAfee, Inc.)
R1 ndisrd; C:\Windows\system32\DRIVERS\ndisrfl.sys [41688 2015-04-30] (Intel Corporation)
R3 NetTap630; C:\Windows\system32\DRIVERS\nettap630.sys [67800 2015-04-30] (Intel Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-03-08 22:55 - 2017-03-08 23:12 - 00009856 _____ C:\Users\Bianka\Desktop\SystemLook.txt
2017-03-08 22:54 - 2017-03-08 22:38 - 00165376 _____ C:\Users\Bianka\Desktop\SystemLook_x64.exe
2017-03-08 22:53 - 2017-03-08 22:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2017-03-08 22:37 - 2017-03-08 22:41 - 00013492 _____ C:\Users\Bianka\Desktop\Fixlog.txt
2017-03-08 22:37 - 2017-03-08 22:37 - 00000000 ____D C:\Users\Bianka\Desktop\FRST-OlderVersion
2017-03-07 21:49 - 2017-03-07 22:13 - 00000554 _____ C:\Users\Bianka\Desktop\JRT.txt
2017-03-07 21:02 - 2017-03-07 21:17 - 00000000 ____D C:\AdwCleaner
2017-03-07 21:02 - 2017-03-07 21:00 - 01663736 _____ (Malwarebytes) C:\Users\Bianka\Desktop\JRT.exe
2017-03-07 21:02 - 2017-03-07 20:59 - 04031440 _____ C:\Users\Bianka\Desktop\AdwCleaner_6.044.exe
2017-03-07 17:03 - 2017-03-07 17:03 - 00001388 _____ C:\Users\Bianka\Desktop\MBAM Scan2.txt
2017-03-07 17:03 - 2017-03-07 17:03 - 00001247 _____ C:\Users\Bianka\Desktop\MBAM Scan3.txt
2017-03-07 16:47 - 2017-03-07 16:47 - 00003774 _____ C:\Users\Bianka\Desktop\MBAM Scan1.txt
2017-03-06 22:01 - 2017-03-06 22:02 - 00353729 _____ C:\Users\Bianka\Desktop\tdss-Killer.txt
2017-03-06 21:48 - 2017-03-06 23:06 - 00707548 _____ C:\TDSSKiller.3.1.0.12_06.03.2017_21.48.50_log.txt
2017-03-06 21:48 - 2017-03-06 21:14 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Bianka\Desktop\tdsskiller.exe
2017-03-06 21:19 - 2017-03-07 22:16 - 00033988 _____ C:\Users\Bianka\Desktop\Addition.txt
2017-03-06 21:15 - 2017-03-08 23:13 - 00022810 _____ C:\Users\Bianka\Desktop\FRST.txt
2017-03-06 21:14 - 2017-03-08 23:13 - 00000000 ____D C:\FRST
2017-03-06 21:13 - 2017-03-08 22:37 - 02423808 _____ (Farbar) C:\Users\Bianka\Desktop\FRST64.exe
2017-03-05 22:50 - 2017-03-05 23:37 - 00015645 _____ C:\Users\Bianka\Desktop\Brotrezept.odt
2017-03-05 19:30 - 2017-03-05 19:30 - 00002251 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-03-05 19:30 - 2017-03-05 19:30 - 00002239 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-03-05 19:29 - 2017-03-05 19:29 - 00003542 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-03-05 19:29 - 2017-03-05 19:29 - 00003414 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-03-04 13:52 - 2017-03-04 13:52 - 00133640 _____ (Zoom Video Communications, Inc.) C:\Users\Bianka\Downloads\Zoom_launcher (3).exe
2017-03-04 13:52 - 2017-03-04 13:52 - 00000000 ____D C:\Users\Bianka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2017-03-04 00:18 - 2017-03-08 22:44 - 00251840 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-03-04 00:17 - 2017-03-08 09:27 - 00077408 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-03-04 00:17 - 2017-03-04 00:17 - 00000925 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-03-04 00:17 - 2017-03-04 00:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-03-04 00:17 - 2017-03-04 00:17 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-03-03 19:17 - 2017-03-03 19:18 - 01129376 _____ (Google Inc.) C:\Users\Bianka\Downloads\ChromeSetup.exe
2017-03-01 21:25 - 2017-03-01 21:26 - 439608336 _____ C:\Users\Bianka\Downloads\Interview Bianca und Katharina Kongress Lebensfreude zoom_0.mp4
2017-03-01 11:56 - 2017-03-01 11:56 - 00133640 _____ (Zoom Video Communications, Inc.) C:\Users\Bianka\Downloads\Zoom_launcher (2).exe
2017-03-01 11:26 - 2017-03-01 11:26 - 00133640 _____ (Zoom Video Communications, Inc.) C:\Users\Bianka\Downloads\Zoom_launcher (1).exe
2017-03-01 10:29 - 2017-03-06 22:47 - 00000068 _____ C:\Users\Bianka\Desktop\LP.txt
2017-03-01 08:58 - 2017-03-04 14:52 - 00000000 ____D C:\Users\Bianka\Documents\Zoom
2017-03-01 08:52 - 2017-03-04 13:53 - 00001954 _____ C:\Users\Bianka\Desktop\Zoom.lnk
2017-03-01 08:51 - 2017-03-01 08:51 - 00133640 _____ (Zoom Video Communications, Inc.) C:\Users\Bianka\Downloads\Zoom_launcher.exe
2017-02-27 21:19 - 2017-02-27 21:19 - 01629144 _____ (Skype Technologies S.A.) C:\Users\Bianka\Downloads\SkypeSetup.exe
2017-02-26 20:43 - 2017-03-08 11:45 - 00033145 _____ C:\Users\Bianka\Desktop\eBookText (neu).odt
2017-02-25 21:56 - 2017-02-26 17:32 - 00000000 ____D C:\Users\Bianka\Desktop\Pure-Lebensfreude-Online-Kongress
2017-02-25 12:30 - 2017-02-26 22:35 - 00027994 _____ C:\Users\Bianka\Desktop\Whatsapp-Chat.txt
2017-02-24 19:18 - 2017-02-24 19:19 - 00000706 _____ C:\Users\Bianka\Desktop\Onlinekongresserläuterung.txt
2017-02-23 21:59 - 2017-02-23 23:23 - 00000300 _____ C:\Users\Bianka\Desktop\Impressum.txt
2017-02-17 21:51 - 2017-02-17 21:51 - 00046655 _____ C:\Users\Bianka\Downloads\PB_KAZ_KtoNr_0092294801_07-02-2017_0928.pdf
2017-02-15 16:16 - 2017-02-15 22:57 - 00000453 _____ C:\Users\Bianka\Desktop\Karima Stockmann.txt
2017-02-15 13:22 - 2017-02-15 16:16 - 00000274 _____ C:\Users\Bianka\Desktop\Franziska Luschas.txt
2017-02-15 13:10 - 2017-02-19 17:37 - 00000670 _____ C:\Users\Bianka\Desktop\Astrid Kuby.txt
2017-02-15 11:36 - 2017-02-15 13:10 - 00000183 _____ C:\Users\Bianka\Desktop\Berge.txt
2017-02-15 10:05 - 2017-02-15 11:36 - 00000288 _____ C:\Users\Bianka\Desktop\Silvia Maria Engel.txt
2017-02-06 21:51 - 2017-02-06 21:57 - 00003772 _____ C:\Users\Bianka\Desktop\Gunnar Kessler.txt
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-03-08 23:05 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf
2017-03-08 22:55 - 2014-10-08 17:47 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3939777714-882395854-1159617953-1001
2017-03-08 22:50 - 2015-12-18 17:08 - 03722240 ___SH C:\Users\Bianka\Desktop\Thumbs.db
2017-03-08 22:50 - 2014-10-08 17:45 - 00000000 ___DO C:\Users\Bianka\OneDrive
2017-03-08 22:44 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-03-08 22:34 - 2014-08-10 10:06 - 00765582 _____ C:\Windows\system32\perfh007.dat
2017-03-08 22:34 - 2014-08-10 10:06 - 00159366 _____ C:\Windows\system32\perfc007.dat
2017-03-08 22:34 - 2014-03-18 10:47 - 01776918 _____ C:\Windows\system32\PerfStringBackup.INI
2017-03-08 22:32 - 2016-08-31 17:57 - 00000696 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-3939777714-882395854-1159617953-1001.job
2017-03-08 21:25 - 2014-11-25 13:47 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-03-08 21:17 - 2016-08-31 17:57 - 00000600 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3939777714-882395854-1159617953-1001.job
2017-03-08 14:25 - 2016-08-31 17:57 - 00003712 _____ C:\Windows\System32\Tasks\G2MUploadTask-S-1-5-21-3939777714-882395854-1159617953-1001
2017-03-08 14:25 - 2016-08-31 17:57 - 00003616 _____ C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-3939777714-882395854-1159617953-1001
2017-03-08 09:26 - 2017-01-03 00:13 - 00022598 _____ C:\Users\Bianka\Desktop\Haushaltsbuch 2017 .ods
2017-03-07 22:32 - 2016-09-14 11:24 - 00000000 ____D C:\Users\Bianka\Desktop\ExpertenBilderZ
2017-03-07 21:41 - 2016-01-30 14:09 - 00000000 ____D C:\Program Files (x86)\McAfee
2017-03-07 20:54 - 2016-10-13 10:56 - 00019543 _____ C:\Users\Bianka\Desktop\Experten,Tel,EMail,Verein.ods
2017-03-06 20:55 - 2016-09-14 11:21 - 00000000 ____D C:\Users\Bianka\Desktop\ExpertenBilderA
2017-03-06 20:54 - 2016-09-14 10:00 - 00000000 ____D C:\Users\Bianka\Desktop\ExpertenBilderBianka
2017-03-06 20:07 - 2016-06-18 11:56 - 00003068 _____ C:\Windows\System32\Tasks\McAfeeLogon
2017-03-06 20:07 - 2016-01-30 14:11 - 00000000 ____D C:\Windows\System32\Tasks\McAfee
2017-03-05 23:53 - 2016-03-19 21:00 - 00000000 ____D C:\Users\Bianka\Desktop\Fotos
2017-03-05 19:30 - 2014-10-08 18:31 - 00000000 ____D C:\Users\Bianka\AppData\Local\Google
2017-03-05 19:29 - 2014-10-08 18:31 - 00000000 ____D C:\Program Files (x86)\Google
2017-03-05 18:54 - 2014-10-08 17:40 - 00000000 ____D C:\Users\Bianka
2017-03-05 15:34 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\NDF
2017-03-05 15:08 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2017-03-05 14:41 - 2014-10-08 17:59 - 00000000 __SHD C:\Users\Bianka\AppData\LocalLow\EmieUserList
2017-03-05 14:41 - 2014-10-08 17:58 - 00000000 __SHD C:\Users\Bianka\AppData\LocalLow\EmieSiteList
2017-03-05 00:08 - 2014-11-05 20:14 - 00000000 ____D C:\Users\Bianka\AppData\Roaming\vlc
2017-03-04 13:52 - 2016-01-19 23:01 - 00000000 ____D C:\Users\Bianka\AppData\Roaming\Zoom
2017-03-04 10:24 - 2014-11-01 18:15 - 00000000 ____D C:\Users\Bianka\AppData\Local\CrashDumps
2017-03-03 20:16 - 2017-01-18 20:49 - 00013932 _____ C:\Users\Bianka\Desktop\RechnungenUmsatzsteuerFA 2016 (neu).ods
2017-03-01 10:17 - 2017-01-20 18:02 - 00000790 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2017-03-01 10:17 - 2014-11-25 10:54 - 00003862 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1416909253
2017-03-01 08:41 - 2016-04-10 17:57 - 00000000 ____D C:\Program Files\Common Files\logishrd
2017-02-28 22:47 - 2016-01-18 11:01 - 00000000 ____D C:\Users\Bianka\AppData\Roaming\Skype
2017-02-28 09:51 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\LiveKernelReports
2017-02-27 21:24 - 2016-01-18 10:59 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-02-27 21:24 - 2016-01-18 10:59 - 00000000 ____D C:\ProgramData\Skype
2017-02-27 20:29 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2017-02-27 20:23 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-02-25 21:54 - 2016-09-21 10:12 - 00001913 _____ C:\Users\Bianka\Desktop\Andre Loibl.txt
2017-02-23 23:30 - 2014-11-24 12:04 - 03101184 ___SH C:\Users\Bianka\Downloads\Thumbs.db
2017-02-23 22:21 - 2014-11-09 21:16 - 00000000 ____D C:\Windows\system32\MRT
2017-02-23 22:16 - 2014-11-09 21:16 - 138020592 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-02-22 23:10 - 2015-05-01 21:23 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-02-22 19:25 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
2017-02-22 19:21 - 2014-10-08 18:30 - 00000000 ____D C:\Users\Bianka\AppData\Local\Deployment
2017-02-22 18:54 - 2014-10-08 17:59 - 00000000 __SHD C:\Users\Bianka\AppData\Local\EmieUserList
2017-02-22 18:54 - 2014-10-08 17:59 - 00000000 __SHD C:\Users\Bianka\AppData\Local\EmieSiteList
2017-02-19 21:58 - 2016-10-26 11:38 - 00015533 _____ C:\Users\Bianka\Desktop\Thomas Schmelzer.txt
2017-02-19 17:55 - 2017-01-22 15:29 - 00000300 _____ C:\Users\Bianka\Desktop\Ina Rudolph.txt
2017-02-17 21:41 - 2016-01-30 14:03 - 00000000 ____D C:\ProgramData\McAfee
2017-02-17 21:40 - 2016-01-30 14:03 - 00000000 ____D C:\Program Files\Common Files\McAfee
2017-02-17 21:40 - 2013-08-22 15:44 - 00377416 _____ C:\Windows\system32\FNTCACHE.DAT
2017-02-15 10:04 - 2017-01-11 13:47 - 00001529 _____ C:\Users\Bianka\Desktop\Ralf senftleben.txt
2017-02-15 08:25 - 2014-11-25 13:47 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-02-15 08:25 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-02-15 08:25 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\Macromed
2017-02-10 22:33 - 2013-08-22 16:36 - 00000000 ___HD C:\Windows\ELAMBKUP
2017-02-09 23:32 - 2016-09-21 09:11 - 00011681 _____ C:\Users\Bianka\Desktop\Recherche Experten.txt
2017-02-06 20:41 - 2016-10-12 23:26 - 00835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-02-06 20:41 - 2016-10-12 23:26 - 00177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-11-21 23:42 - 2014-11-21 23:42 - 14147584 _____ () C:\Program Files (x86)\Common Files\lpuninstall.exe
2014-08-10 01:06 - 2014-08-10 01:06 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-08-26 15:56 - 2016-08-26 16:06 - 0000369 _____ () C:\ProgramData\hpzinstall.log
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-03-01 10:37
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 08-03-2017
durchgeführt von Bianka (08-03-2017 23:15:30)
Gestartet von C:\Users\Bianka\Desktop
Windows 8.1 Connected (Update) (X64) (2014-10-08 16:40:44)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3939777714-882395854-1159617953-500 - Administrator - Disabled)
Bianka (S-1-5-21-3939777714-882395854-1159617953-1001 - Administrator - Enabled) => C:\Users\Bianka
Gast (S-1-5-21-3939777714-882395854-1159617953-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3939777714-882395854-1159617953-1003 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}
FW: McAfee Firewall (Enabled) {B3F62DDF-980B-3470-75A7-407A2E6F58C7}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
4500_G510af_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
4500G510af (x32 Version: 140.0.001.000 - Hewlett-Packard) Hidden
4500G510af_Software_Min (x32 Version: 140.0.001.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 20.0.0.260 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.01.2008.3 - Acer Incorporated)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bing Bar (HKLM-x32\...\{3611CA6C-5FCA-4900-A329-6A118123CCFC}) (Version: 7.1.355.0 - Microsoft Corporation)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Citrix Online Launcher (HKLM-x32\...\{09DA5EE2-7E46-4DC4-96F9-BFEE50D40659}) (Version: 1.0.408 - Citrix)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4917 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.4220 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3914.57 - CyberLink Corp.)
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden
eBay Worldwide (HKLM-x32\...\{91589413-6675-4C27-8AFC-EFB9103B90A5}) (Version: 2.4.0105 - OEM)
Fax (x32 Version: 140.0.307.000 - Hewlett-Packard) Hidden
FileZilla Client 3.23.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.23.0.2 - Tim Kosse)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
GoToMeeting 8.1.0.6519 (HKU\S-1-5-21-3939777714-882395854-1159617953-1001\...\GoToMeeting) (Version: 8.1.0.6519 - CitrixOnline)
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Officejet 4500 G510a-f 14.0 Rel. 6 (HKLM\...\{A49C5804-8F24-433C-99B2-9F9F541090C7}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Support Assistant (HKLM-x32\...\{4780AF24-213D-4187-86F2-0014A6D6077B}) (Version: 8.3.50.9 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{AAE126B3-95C5-49E1-A590-7B5F6EDC7D60}) (Version: 12.5.32.203 - HP Inc.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8101 - Packard Bell)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3574 - Intel Corporation)
Intel(R) Technology Access (HKLM-x32\...\{fb74531f-28c3-4dca-9849-e6b8faa85afe}) (Version: 1.5.0.1021 - Intel Corporation)
Intel(R) Technology Access Software Asset Manager (x32 Version: 1.0.1562 - Intel Corporation) Hidden
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation)
LastPass (Nur deinstallieren) (HKLM-x32\...\LastPass) (Version: - LastPass)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8100 - Packard Bell)
Malwarebytes Version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
McAfee Internet Security Suite (HKLM-x32\...\MSC) (Version: 14.0.12000 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.235 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0 - Mozilla)
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Opera Stable 43.0.2442.1144 (HKLM-x32\...\Opera 43.0.2442.1144) (Version: 43.0.2442.1144 - Opera Software)
Packard Bell Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Packard Bell)
Packard Bell Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8107 - Packard Bell)
Packard Bell Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8105 - Packard Bell)
Packard Bell Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3016.0 - Packard Bell)
Packard Bell Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8108 - Packard Bell)
Packard Bell User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.02.3004 - Packard Bell)
Packard Bell User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.02.3004 - Packard Bell)
paint.net (HKLM\...\{6AC1101E-7561-43C9-BEEA-4AB1D220D8FF}) (Version: 4.0.13 - dotPDN LLC)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.322 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.33 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.39059 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.33.529.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7288 - Realtek Semiconductor Corp.)
Saal Design Software (HKLM-x32\...\SaalDesignSoftware) (Version: 4.0 - Saal Digital Fotoservice GmbH)
Saal Design Software (x32 Version: 4.0 - Saal Digital Fotoservice GmbH) Hidden
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype™ 7.32 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.104 - Skype Technologies S.A.)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.6.81.gd359a796 - Spotify AB)
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
WinRAR 5.40 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-3939777714-882395854-1159617953-1001\...\ZoomUMX) (Version: 4.0 - Zoom Video Communications, Inc.)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3939777714-882395854-1159617953-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3939777714-882395854-1159617953-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Bianka\AppData\Local\Citrix\GoToMeeting\5808\G2MOutlookAddin64.dll => Keine Datei
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {05690C2D-2462-4329-A6BA-2BE6B7928391} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Packard Bell\Packard Bell Recovery Management\Notification\Notification.exe [2014-06-17] (Acer Incorporated)
Task: {085E5887-7694-4C67-B066-07CA7CF7D58F} - System32\Tasks\G2MUpdateTask-S-1-5-21-3939777714-882395854-1159617953-1001 => C:\Users\Bianka\AppData\Local\Citrix\GoToMeeting\6519\g2mupdate.exe [2017-03-08] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {106706D0-E476-400D-B4AD-2DC7B9C94E25} - System32\Tasks\UbtFrameworkService => C:\Program Files\Packard Bell\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-12] (TODO: <Company name>)
Task: {1A46170F-14F7-41FE-8E2B-E06FC3306809} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-12-07] (HP Inc.)
Task: {312CDB5A-4AC9-43C4-B4AC-C1ED6DDB1547} - System32\Tasks\IntelTA-Upgrade-56460984-97c2-4bc7-a632-d776cf817f5d => C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe
Task: {312E43F1-DFFC-4E8B-80E0-1B5A9E39B030} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [2016-12-09] (McAfee, Inc.)
Task: {46C1FA8A-EAC0-4ECB-B5D6-3E90F05B0D75} - System32\Tasks\IntelTA-Upgrade-56460984-97c2-4bc7-a632-d776cf817f5d-Logon => C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe
Task: {47FC67FC-9211-4ADE-9B00-4B50628B3137} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {6D5036F1-FF73-47A9-88E3-C0C28EB11624} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2016-12-06] (HP Inc.)
Task: {6E83697B-11FB-4B17-8751-0E153CCBE470} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)
Task: {86377B76-DC30-4084-97F1-4460C9CF88AA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {90AA8809-AAB5-4716-B4FE-8FB10A69AF5C} - System32\Tasks\Launch Manager => C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMLauncher.exe [2014-06-10] (Acer Incorporate)
Task: {9724304D-AEFF-4334-866A-49DD98ECC1FA} - System32\Tasks\Quick Access => C:\Program Files\Packard Bell\Packard Bell Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {AD342E15-C9E1-4F7F-B358-57EF5D892E15} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {B4BCE3D4-CB4C-4036-AD11-1EE7A571446D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-05] (Google Inc.)
Task: {B6CF8580-93B8-4991-A681-07047CD3D3D0} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {B924DBF1-6776-4110-AE67-4F92EA42C3C8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2017-02-23] (Microsoft Corporation)
Task: {B9635281-C472-4AE6-94D6-81F6E3902874} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Packard Bell\Packard Bell Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {D18E474C-2E57-48E5-AC50-9933F3194224} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-05] (Google Inc.)
Task: {D3C088AF-18A5-416B-B125-25A93C6FE4F3} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {D8F6BBFF-8454-4137-9B0C-E4E62002B90A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {E00F7476-48BF-48F8-A325-B88AD2C2BBFA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)
Task: {E5123DAA-931C-44A6-B9AE-C3351D3D8FF3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-15] (Adobe Systems Incorporated)
Task: {E79B1364-B9CB-42DA-886A-D57ECC9BA405} - System32\Tasks\G2MUploadTask-S-1-5-21-3939777714-882395854-1159617953-1001 => C:\Users\Bianka\AppData\Local\Citrix\GoToMeeting\6519\g2mupload.exe [2017-03-08] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {EB873949-AEBC-4FE8-8C95-39E517C105FE} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Packard Bell\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {EBDA2E4D-7745-4035-86B1-6AD1ED378541} - System32\Tasks\ALU => C:\Program Files (x86)\Packard Bell\Live Updater\updater.exe [2013-07-08] ()
Task: {EC753DFA-E68E-4D00-B974-D5C75CCCE682} - System32\Tasks\Power Management => C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTrayLauncher.exe [2014-06-12] (Acer Incorporated)
Task: {F2091015-81A7-496C-937F-94BD68A461E3} - System32\Tasks\Opera scheduled Autoupdate 1416909253 => E:\Programme\Opera\launcher.exe [2017-02-27] (Opera Software)
Task: {F33E1F55-808A-4E9E-9A4E-A30E6B322DB8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-06] (HP Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3939777714-882395854-1159617953-1001.job => C:\Users\Bianka\AppData\Local\Citrix\GoToMeeting\6519\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-3939777714-882395854-1159617953-1001.job => C:\Users\Bianka\AppData\Local\Citrix\GoToMeeting\6519\g2mupload.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-07-07 10:44 - 2015-07-07 10:44 - 00088064 _____ () C:\Program Files\Intel Corporation\Intel(R) Technology Access\libglog.dll
2015-07-07 12:41 - 2015-07-07 12:41 - 01793280 _____ () C:\Program Files\Intel Corporation\Intel(R) Technology Access\cpprest120_1_4.dll
2015-07-07 12:41 - 2015-07-07 12:41 - 00354560 _____ () C:\Program Files\Intel Corporation\Intel(R) Technology Access\JsonCpp.dll
2014-08-10 01:34 - 2012-04-24 11:43 - 00254512 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2017-03-04 00:17 - 2017-03-08 09:27 - 02264352 _____ () E:\PROGRAMME\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2014-04-29 01:38 - 2014-04-29 01:38 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2014-04-29 01:35 - 2014-04-29 01:35 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2014-04-29 01:42 - 2014-04-29 01:42 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2014-08-10 01:43 - 2014-01-03 13:13 - 00111872 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2016-12-06 17:17 - 2016-12-06 17:17 - 00052400 _____ () E:\Programme\FileZilla\fzshellext_64.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3939777714-882395854-1159617953-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Bianka\Pictures\09_15_P5090046.JPG
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKU\S-1-5-21-3939777714-882395854-1159617953-1001\...\StartupApproved\Run: => "Skype"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
18-02-2017 11:29:32 Intel(R) Technology Access
22-02-2017 19:23:43 Windows Update
05-03-2017 18:00:06 Geplanter Prüfpunkt
07-03-2017 21:44:10 JRT Pre-Junkware Removal
07-03-2017 22:10:00 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (03/05/2017 10:33:19 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm chrome.exe, Version 56.0.2924.87 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 798
Startzeit: 01d295f7d10b632c
Endzeit: 60000
Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Berichts-ID: 2bcfd2a7-01eb-11e7-82ad-206a8ade4140
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (03/05/2017 10:27:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm chrome.exe, Version 56.0.2924.87 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 944
Startzeit: 01d295edc61a864a
Endzeit: 4294967295
Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Berichts-ID: d6027a12-01e1-11e7-82ad-206a8ade4140
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (03/05/2017 09:05:05 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm chrome.exe, Version 56.0.2924.87 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1f80
Startzeit: 01d295e8dc786c13
Endzeit: 31
Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Berichts-ID: 9bf5cb8f-01dd-11e7-82ad-206a8ade4140
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (03/05/2017 08:39:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm chrome.exe, Version 56.0.2924.87 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 914
Startzeit: 01d295e7e4fd2b35
Endzeit: 60000
Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Berichts-ID: 39f5cc66-01db-11e7-82ad-206a8ade4140
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (03/05/2017 08:32:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm chrome.exe, Version 56.0.2924.87 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1190
Startzeit: 01d295e4085babc6
Endzeit: 18
Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Berichts-ID: c0bab5a6-01d8-11e7-82ad-206a8ade4140
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (03/05/2017 07:43:48 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm chrome.exe, Version 56.0.2924.87 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1114
Startzeit: 01d295de94b8bb6c
Endzeit: 4294967295
Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Berichts-ID: 4200e56c-01d2-11e7-82ac-206a8ade4140
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (03/05/2017 06:45:01 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm chrome.exe, Version 56.0.2924.87 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: ee0
Startzeit: 01d295d39358a55e
Endzeit: 60000
Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Berichts-ID: 46769ae2-01cb-11e7-82ab-206a8ade4140
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (03/05/2017 02:38:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Notification.exe, Version: 6.0.3012.0, Zeitstempel: 0x53281d82
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.18340, Zeitstempel: 0x57366075
Ausnahmecode: 0xe0434352
Fehleroffset: 0x0000000000008a5c
ID des fehlerhaften Prozesses: 0x2044
Startzeit der fehlerhaften Anwendung: 0x01d295b5cb3ec928
Pfad der fehlerhaften Anwendung: C:\Program Files\Packard Bell\Packard Bell Recovery Management\Notification\Notification.exe
Pfad des fehlerhaften Moduls: C:\Windows\system32\KERNELBASE.dll
Berichtskennung: 0a84fac5-01a9-11e7-82aa-206a8ade4140
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (03/05/2017 02:38:40 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Notification.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.InvalidOperationException
bei System.Diagnostics.Process.GetProcessHandle(Int32, Boolean)
bei System.Diagnostics.Process.OpenProcessHandle(Int32)
bei System.Diagnostics.Process.get_Handle()
bei Notification.Form1.CheckAppContainer(System.Diagnostics.Process)
bei Notification.Form1.CheckResolution()
bei Notification.Form1..ctor()
bei Notification.Program.Main()
Error: (03/05/2017 02:33:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm chrome.exe, Version 56.0.2924.87 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 2180
Startzeit: 01d295a96502212f
Endzeit: 4294967295
Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Berichts-ID: e45e5607-01a6-11e7-82aa-206a8ade4140
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Systemfehler:
=============
Error: (03/08/2017 10:38:17 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
Es wird bereits eine Instanz des Dienstes ausgeführt.
Error: (03/08/2017 10:37:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "ePower Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/08/2017 10:37:47 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (03/08/2017 10:37:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "HP Support Solutions Framework Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/08/2017 10:37:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Quick Access RadioMgr Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/08/2017 10:37:47 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 3000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (03/08/2017 10:37:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "User Experience Improvement Program" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/08/2017 10:37:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Malwarebytes Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/08/2017 10:37:47 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error: (03/08/2017 10:37:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "BBUpdate" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Celeron(R) CPU N2840 @ 2.16GHz
Prozentuale Nutzung des RAM: 42%
Installierter physikalischer RAM: 3977.98 MB
Verfügbarer physikalischer RAM: 2282.96 MB
Summe virtueller Speicher: 5321.98 MB
Verfügbarer virtueller Speicher: 3781.81 MB
==================== Laufwerke ================================
Drive c: (Packard Bell) (Fixed) (Total:205.07 GB) (Free:152.26 GB) NTFS
Drive e: (Volume) (Fixed) (Total:244.14 GB) (Free:66.35 GB) NTFS
Drive f: (VON-JENS) (Removable) (Total:1.87 GB) (Free:1.58 GB) FAT32
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: B4119404)
Partition: GPT.
========================================================
Disk: 1 (Size: 1.9 GB) (Disk ID: 0042FF8C)
Partition 1: (Active) - (Size=1.9 GB) - (Type=0B)
==================== Ende von Addition.txt ============================
|
|
09.03.2017, 15:56
| #14 |
| /// TB-Ausbilder | Trojan.Injector.MSIL in Quarantäne, trotzdem funktioniert Google Chrome nicht Servus, wir entfernen die letzten Reste und kontrollieren nochmal alles.  Hinweis: Der Suchlauf mit ESET kann länger dauern. Schritt 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter start
CloseProcesses:
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\TBDEn|SBOEM2
EmptyTemp:
end
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 2 ESET Online Scanner
Schritt 3 Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.
Schritt 4
Gibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?Bitte poste mit deiner nächsten Antwort
|
|
09.03.2017, 22:44
| #15 |
| | Trojan.Injector.MSIL in Quarantäne, trotzdem funktioniert Google Chrome nichtCode:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 08-03-2017
durchgeführt von Bianka (09-03-2017 17:19:48) Run:2
Gestartet von C:\Users\Bianka\Desktop
Geladene Profile: Bianka (Verfügbare Profile: Bianka)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
start
CloseProcesses:
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\TBDEn|SBOEM2
EmptyTemp:
end
*****************
Prozesse erfolgreich geschlossen.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\TBDEn\\SBOEM2 => Wert erfolgreich entfernt
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 14700032 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 81227 B
Edge => 0 B
Chrome => 0 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 128 B
LocalService => 2456 B
NetworkService => 0 B
Bianka => 1761705 B
RecycleBin => 0 B
EmptyTemp: => 23.8 MB temporäre Dateien entfernt.
================================
Das System musste neu gestartet werden.
==== Ende von Fixlog 17:19:54 ====
Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=cc635e9b9fb0fd48aff18cb9f5e26a8b
# end=init
# utc_time=2017-03-09 04:24:36
# local_time=2017-03-09 05:24:36 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 32661
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=cc635e9b9fb0fd48aff18cb9f5e26a8b
# end=updated
# utc_time=2017-03-09 04:27:50
# local_time=2017-03-09 05:27:50 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=cc635e9b9fb0fd48aff18cb9f5e26a8b
# engine=32661
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2017-03-09 07:40:22
# local_time=2017-03-09 08:40:22 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1='*McAfee*'
# compatibility_mode=5135 16777214 85 100 169172 74048208 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 66 85 49241954 52877992 0 0
# scanned=285341
# found=0
# cleaned=0
# scan_time=11552
Code:
ATTFilter
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 08-03-2017
durchgeführt von Bianka (Administrator) auf JENSBIANKALIEBE (09-03-2017 22:35:03)
Gestartet von C:\Users\Bianka\Desktop
Geladene Profile: Bianka (Verfügbare Profile: Bianka)
Platform: Windows 8.1 Connected (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Intel(R) Corporation) C:\Program Files\Intel Corporation\Intel(R) Technology Access\LegacyCsLoaderService.exe
(Intel(R) Corporation) C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMSvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Malwarebytes) E:\Programme\Malwarebytes\Anti-Malware\MBAMService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMLockHandler.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Quick Access\QASvc.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Quick Access\QAEvent.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMTray.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Quick Access\QAMsg.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\VSCore_15_6\mcapexe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(Malwarebytes) E:\Programme\Malwarebytes\Anti-Malware\mbamtray.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerWinMonitor.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\2.3.290.0\McCSPServiceHost.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Quick Access\RMSvc.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(acer) C:\Program Files\Packard Bell\User Experience Improvement Program\Framework\UBTService.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.EXE
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(McAfee, Inc.) C:\Program Files\McAfee\VUL\McVulCtr.exe
(McAfee, Inc.) C:\Program Files\McAfee\VUL\McVulAlert.exe
(McAfee, Inc.) C:\Program Files\McAfee\VirusScan\McVsShld.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672664 2014-06-30] (Realtek Semiconductor)
HKLM\...\Run: [Malwarebytes TrayApp] => E:\PROGRAMME\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2014-04-29] (Atheros Communications)
HKU\S-1-5-21-3939777714-882395854-1159617953-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27427808 2017-02-08] (Skype Technologies S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2016-08-26]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk [2014-11-21]
ShortcutTarget: Install LastPass FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk [2014-11-21]
ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe ()
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{C2DD1DA6-5C52-4B22-9AD4-AEFFB5517783}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{FDA7EFCC-8D4F-4528-998E-4C644058C139}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3939777714-882395854-1159617953-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
HKU\S-1-5-21-3939777714-882395854-1159617953-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=APJB
SearchScopes: HKU\S-1-5-21-3939777714-882395854-1159617953-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3939777714-882395854-1159617953-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3939777714-882395854-1159617953-1001 -> {69142CA1-E7F5-4C54-A9B4-81E7F99E8A45} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=B011DE453D20141008&p={SearchTerms}
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2014-11-21] (LastPass)
BHO: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll [2014-11-21] (LastPass)
BHO-x32: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2014-11-21] (LastPass)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll [2014-11-21] (LastPass)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2017-02-10] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2017-02-10] (McAfee, Inc.)
FireFox:
========
FF ProfilePath: C:\Users\Bianka\AppData\Roaming\Mozilla\Firefox\Profiles\2ptrwtj5.default [2017-03-08]
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\2ptrwtj5.default -> Sichere Suche
FF Homepage: Mozilla\Firefox\Profiles\2ptrwtj5.default -> hxxp://google.de/
FF Keyword.URL: Mozilla\Firefox\Profiles\2ptrwtj5.default -> hxxps://de.search.yahoo.com/search?fr=mcafee&type=C111DE453D20141008&p=
FF Extension: (LastPass) - C:\Users\Bianka\AppData\Roaming\Mozilla\Firefox\Profiles\2ptrwtj5.default\Extensions\support@lastpass.com [2015-09-24]
FF Extension: (Video DownloadHelper) - C:\Users\Bianka\AppData\Roaming\Mozilla\Firefox\Profiles\2ptrwtj5.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-09-20]
FF Extension: (McAfee WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2016-05-24]
FF SearchPlugin: C:\Users\Bianka\AppData\Roaming\Mozilla\Firefox\Profiles\2ptrwtj5.default\searchplugins\McSiteAdvisor.xml [2017-03-05]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2017-02-17] [ist nicht signiert]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2015-08-02]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-02-15] ()
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2014-11-21] (LastPass)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2017-02-10] ()
FF Plugin: @videolan.org/vlc,version=2.1.5 -> E:\Programme\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-15] ()
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2014-11-21] (LastPass)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2017-02-10] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-03-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-03-05] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3939777714-882395854-1159617953-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Bianka\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2016-08-31] (Citrix Online)
FF Plugin HKU\S-1-5-21-3939777714-882395854-1159617953-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\Bianka\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2017-02-28] (Zoom Video Communications, Inc.)
Chrome:
=======
CHR Profile: C:\Users\Bianka\AppData\Local\Google\Chrome\User Data\Default [2017-03-09]
CHR Extension: (Kein Name) - C:\Users\Bianka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-03-05]
CHR Extension: (Kein Name) - C:\Users\Bianka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-05]
CHR Extension: (ColorZilla) - C:\Users\Bianka\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhlhnicpbhignbdhedgjhgdocnmhomnp [2017-03-05]
CHR Extension: (Kein Name) - C:\Users\Bianka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-05]
CHR Extension: (Kein Name) - C:\Users\Bianka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-03-05]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Bianka\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2017-03-05]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Bianka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-05]
CHR Extension: (Kein Name) - C:\Users\Bianka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-05]
CHR Extension: (Chrome Media Router) - C:\Users\Bianka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-03-05]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-04-27]
CHR HKLM\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3939777714-882395854-1159617953-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-04-27]
CHR HKLM-x32\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx
Opera:
=======
StartMenuInternet: (HKLM) OperaStable - E:\Programme\Opera\Launcher.exe
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [319104 2014-04-29] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert]
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [3053312 2014-06-26] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [2573032 2014-06-12] (Acer Incorporated)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Datei ist nicht signiert]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315376 2014-06-09] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation)
R2 Intel(R) Technology Access Legacy CS Loader; C:\Program Files\Intel Corporation\Intel(R) Technology Access\LegacyCsLoaderService.exe [144128 2015-07-31] (Intel(R) Corporation)
R2 Intel(R) TechnologyAccessService; C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe [481536 2015-07-31] (Intel(R) Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel Corporation)
R2 LMSvc; C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMSvc.exe [466664 2014-06-10] (Acer Incorporate)
R2 MBAMService; E:\Programme\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [188352 2017-02-22] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_15_6\McApExe.exe [989632 2017-01-23] (McAfee, Inc.)
R2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\2.3.290.0\\McCSPServiceHost.exe [2054080 2017-02-04] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [1342904 2017-02-01] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [241040 2016-11-14] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [383032 2016-11-14] (McAfee, Inc.)
R3 mfevtp; C:\Windows\system32\mfevtps.exe [342768 2016-11-14] (McAfee, Inc.)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1465840 2016-12-22] (McAfee, Inc.)
S3 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1104304 2016-11-15] (Intel Security, Inc.)
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R3 QASvc; C:\Program Files\Packard Bell\Packard Bell Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 RMSvc; C:\Program Files\Packard Bell\Packard Bell Quick Access\RMSvc.exe [449768 2014-06-26] (Acer Incorporate)
R3 UEIPSvc; C:\Program Files\Packard Bell\User Experience Improvement Program\Framework\UBTService.exe [233216 2014-06-23] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S3 Intel(R) TA SAM; "C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe" [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3893248 2014-04-02] (Qualcomm Atheros Communications, Inc.)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-04-29] (Qualcomm Atheros)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [88456 2016-11-18] (McAfee, Inc.)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 GPIO; C:\Windows\System32\drivers\iaiogpioe.sys [31232 2014-06-09] (Intel Corporation)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [216704 2016-08-02] (McAfee, Inc.)
R3 iaioi2c; C:\Windows\System32\drivers\iaioi2ce.sys [69632 2014-06-09] (Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [251840 2017-03-09] (Malwarebytes)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [484576 2016-11-18] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [366320 2016-11-18] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [85048 2016-11-18] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [518184 2016-11-18] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [916432 2016-11-18] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [498152 2016-10-24] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [109336 2016-10-24] (McAfee, Inc.)
R3 mfeplk; C:\Windows\System32\drivers\mfeplk.sys [110248 2016-11-18] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [46240 2016-06-06] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [254800 2016-11-18] (McAfee, Inc.)
R1 ndisrd; C:\Windows\system32\DRIVERS\ndisrfl.sys [41688 2015-04-30] (Intel Corporation)
R3 NetTap630; C:\Windows\system32\DRIVERS\nettap630.sys [67800 2015-04-30] (Intel Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-03-09 22:24 - 2017-03-09 22:33 - 00000000 ____D C:\ProgramData\HitmanPro
2017-03-09 20:02 - 2017-03-09 20:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2017-03-09 19:33 - 2017-03-09 21:14 - 00003860 _____ C:\Windows\System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse
2017-03-09 19:33 - 2017-03-09 19:33 - 00004034 _____ C:\Windows\System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse
2017-03-09 17:16 - 2017-03-09 17:15 - 11581544 _____ (SurfRight B.V.) C:\Users\Bianka\Desktop\HitmanPro_x64.exe
2017-03-09 17:16 - 2017-03-09 17:10 - 00000136 _____ C:\Users\Bianka\Desktop\Schritt1_neu.txt
2017-03-08 22:55 - 2017-03-08 23:12 - 00009856 _____ C:\Users\Bianka\Desktop\SystemLook.txt
2017-03-08 22:54 - 2017-03-08 22:38 - 00165376 _____ C:\Users\Bianka\Desktop\SystemLook_x64.exe
2017-03-08 22:37 - 2017-03-09 17:19 - 00001342 _____ C:\Users\Bianka\Desktop\Fixlog.txt
2017-03-08 22:37 - 2017-03-08 22:37 - 00000000 ____D C:\Users\Bianka\Desktop\FRST-OlderVersion
2017-03-07 21:49 - 2017-03-07 22:13 - 00000554 _____ C:\Users\Bianka\Desktop\JRT.txt
2017-03-07 21:02 - 2017-03-07 21:17 - 00000000 ____D C:\AdwCleaner
2017-03-07 21:02 - 2017-03-07 21:00 - 01663736 _____ (Malwarebytes) C:\Users\Bianka\Desktop\JRT.exe
2017-03-07 21:02 - 2017-03-07 20:59 - 04031440 _____ C:\Users\Bianka\Desktop\AdwCleaner_6.044.exe
2017-03-07 17:03 - 2017-03-07 17:03 - 00001388 _____ C:\Users\Bianka\Desktop\MBAM Scan2.txt
2017-03-07 17:03 - 2017-03-07 17:03 - 00001247 _____ C:\Users\Bianka\Desktop\MBAM Scan3.txt
2017-03-07 16:47 - 2017-03-07 16:47 - 00003774 _____ C:\Users\Bianka\Desktop\MBAM Scan1.txt
2017-03-06 22:01 - 2017-03-06 22:02 - 00353729 _____ C:\Users\Bianka\Desktop\tdss-Killer.txt
2017-03-06 21:48 - 2017-03-06 23:06 - 00707548 _____ C:\TDSSKiller.3.1.0.12_06.03.2017_21.48.50_log.txt
2017-03-06 21:48 - 2017-03-06 21:14 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Bianka\Desktop\tdsskiller.exe
2017-03-06 21:19 - 2017-03-08 23:16 - 00034934 _____ C:\Users\Bianka\Desktop\Addition.txt
2017-03-06 21:15 - 2017-03-09 22:35 - 00024546 _____ C:\Users\Bianka\Desktop\FRST.txt
2017-03-06 21:14 - 2017-03-09 22:35 - 00000000 ____D C:\FRST
2017-03-06 21:13 - 2017-03-08 22:37 - 02423808 _____ (Farbar) C:\Users\Bianka\Desktop\FRST64.exe
2017-03-05 22:50 - 2017-03-05 23:37 - 00015645 _____ C:\Users\Bianka\Desktop\Brotrezept.odt
2017-03-05 19:30 - 2017-03-05 19:30 - 00002251 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-03-05 19:30 - 2017-03-05 19:30 - 00002239 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-03-05 19:29 - 2017-03-05 19:29 - 00003542 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-03-05 19:29 - 2017-03-05 19:29 - 00003414 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-03-04 13:52 - 2017-03-04 13:52 - 00133640 _____ (Zoom Video Communications, Inc.) C:\Users\Bianka\Downloads\Zoom_launcher (3).exe
2017-03-04 13:52 - 2017-03-04 13:52 - 00000000 ____D C:\Users\Bianka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2017-03-04 00:18 - 2017-03-09 17:21 - 00251840 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-03-04 00:17 - 2017-03-08 09:27 - 00077408 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-03-04 00:17 - 2017-03-04 00:17 - 00000925 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-03-04 00:17 - 2017-03-04 00:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-03-04 00:17 - 2017-03-04 00:17 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-03-03 19:17 - 2017-03-03 19:18 - 01129376 _____ (Google Inc.) C:\Users\Bianka\Downloads\ChromeSetup.exe
2017-03-01 21:25 - 2017-03-01 21:26 - 439608336 _____ C:\Users\Bianka\Downloads\Interview Bianca und Katharina Kongress Lebensfreude zoom_0.mp4
2017-03-01 11:56 - 2017-03-01 11:56 - 00133640 _____ (Zoom Video Communications, Inc.) C:\Users\Bianka\Downloads\Zoom_launcher (2).exe
2017-03-01 11:26 - 2017-03-01 11:26 - 00133640 _____ (Zoom Video Communications, Inc.) C:\Users\Bianka\Downloads\Zoom_launcher (1).exe
2017-03-01 10:29 - 2017-03-06 22:47 - 00000068 _____ C:\Users\Bianka\Desktop\LP.txt
2017-03-01 08:58 - 2017-03-04 14:52 - 00000000 ____D C:\Users\Bianka\Documents\Zoom
2017-03-01 08:52 - 2017-03-04 13:53 - 00001954 _____ C:\Users\Bianka\Desktop\Zoom.lnk
2017-03-01 08:51 - 2017-03-01 08:51 - 00133640 _____ (Zoom Video Communications, Inc.) C:\Users\Bianka\Downloads\Zoom_launcher.exe
2017-02-27 21:19 - 2017-02-27 21:19 - 01629144 _____ (Skype Technologies S.A.) C:\Users\Bianka\Downloads\SkypeSetup.exe
2017-02-26 20:43 - 2017-03-08 11:45 - 00033145 _____ C:\Users\Bianka\Desktop\eBookText (neu).odt
2017-02-25 21:56 - 2017-02-26 17:32 - 00000000 ____D C:\Users\Bianka\Desktop\Pure-Lebensfreude-Online-Kongress
2017-02-25 12:30 - 2017-02-26 22:35 - 00027994 _____ C:\Users\Bianka\Desktop\Whatsapp-Chat.txt
2017-02-24 19:18 - 2017-02-24 19:19 - 00000706 _____ C:\Users\Bianka\Desktop\Onlinekongresserläuterung.txt
2017-02-23 21:59 - 2017-02-23 23:23 - 00000300 _____ C:\Users\Bianka\Desktop\Impressum.txt
2017-02-17 21:51 - 2017-02-17 21:51 - 00046655 _____ C:\Users\Bianka\Downloads\PB_KAZ_KtoNr_0092294801_07-02-2017_0928.pdf
2017-02-15 16:16 - 2017-02-15 22:57 - 00000453 _____ C:\Users\Bianka\Desktop\Karima Stockmann.txt
2017-02-15 13:22 - 2017-02-15 16:16 - 00000274 _____ C:\Users\Bianka\Desktop\Franziska Luschas.txt
2017-02-15 13:10 - 2017-02-19 17:37 - 00000670 _____ C:\Users\Bianka\Desktop\Astrid Kuby.txt
2017-02-15 11:36 - 2017-02-15 13:10 - 00000183 _____ C:\Users\Bianka\Desktop\Berge.txt
2017-02-15 10:05 - 2017-02-15 11:36 - 00000288 _____ C:\Users\Bianka\Desktop\Silvia Maria Engel.txt
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-03-09 22:34 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf
2017-03-09 22:32 - 2016-08-31 17:57 - 00000696 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-3939777714-882395854-1159617953-1001.job
2017-03-09 22:25 - 2014-11-25 13:47 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-03-09 22:17 - 2016-08-31 17:57 - 00000600 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3939777714-882395854-1159617953-1001.job
2017-03-09 20:41 - 2014-10-08 17:47 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3939777714-882395854-1159617953-1001
2017-03-09 20:30 - 2014-08-10 10:06 - 00765582 _____ C:\Windows\system32\perfh007.dat
2017-03-09 20:30 - 2014-08-10 10:06 - 00159366 _____ C:\Windows\system32\perfc007.dat
2017-03-09 20:30 - 2014-03-18 10:47 - 01776918 _____ C:\Windows\system32\PerfStringBackup.INI
2017-03-09 17:21 - 2015-12-18 17:08 - 03722240 ___SH C:\Users\Bianka\Desktop\Thumbs.db
2017-03-09 17:21 - 2014-10-08 17:45 - 00000000 ___DO C:\Users\Bianka\OneDrive
2017-03-09 17:20 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-03-08 14:25 - 2016-08-31 17:57 - 00003712 _____ C:\Windows\System32\Tasks\G2MUploadTask-S-1-5-21-3939777714-882395854-1159617953-1001
2017-03-08 14:25 - 2016-08-31 17:57 - 00003616 _____ C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-3939777714-882395854-1159617953-1001
2017-03-08 09:26 - 2017-01-03 00:13 - 00022598 _____ C:\Users\Bianka\Desktop\Haushaltsbuch 2017 .ods
2017-03-07 22:32 - 2016-09-14 11:24 - 00000000 ____D C:\Users\Bianka\Desktop\ExpertenBilderZ
2017-03-07 21:41 - 2016-01-30 14:09 - 00000000 ____D C:\Program Files (x86)\McAfee
2017-03-07 20:54 - 2016-10-13 10:56 - 00019543 _____ C:\Users\Bianka\Desktop\Experten,Tel,EMail,Verein.ods
2017-03-06 20:55 - 2016-09-14 11:21 - 00000000 ____D C:\Users\Bianka\Desktop\ExpertenBilderA
2017-03-06 20:54 - 2016-09-14 10:00 - 00000000 ____D C:\Users\Bianka\Desktop\ExpertenBilderBianka
2017-03-06 20:07 - 2016-06-18 11:56 - 00003068 _____ C:\Windows\System32\Tasks\McAfeeLogon
2017-03-06 20:07 - 2016-01-30 14:11 - 00000000 ____D C:\Windows\System32\Tasks\McAfee
2017-03-05 23:53 - 2016-03-19 21:00 - 00000000 ____D C:\Users\Bianka\Desktop\Fotos
2017-03-05 19:30 - 2014-10-08 18:31 - 00000000 ____D C:\Users\Bianka\AppData\Local\Google
2017-03-05 19:29 - 2014-10-08 18:31 - 00000000 ____D C:\Program Files (x86)\Google
2017-03-05 18:54 - 2014-10-08 17:40 - 00000000 ____D C:\Users\Bianka
2017-03-05 15:34 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\NDF
2017-03-05 15:08 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2017-03-05 14:41 - 2014-10-08 17:59 - 00000000 __SHD C:\Users\Bianka\AppData\LocalLow\EmieUserList
2017-03-05 14:41 - 2014-10-08 17:58 - 00000000 __SHD C:\Users\Bianka\AppData\LocalLow\EmieSiteList
2017-03-05 00:08 - 2014-11-05 20:14 - 00000000 ____D C:\Users\Bianka\AppData\Roaming\vlc
2017-03-04 13:52 - 2016-01-19 23:01 - 00000000 ____D C:\Users\Bianka\AppData\Roaming\Zoom
2017-03-04 10:24 - 2014-11-01 18:15 - 00000000 ____D C:\Users\Bianka\AppData\Local\CrashDumps
2017-03-03 20:16 - 2017-01-18 20:49 - 00013932 _____ C:\Users\Bianka\Desktop\RechnungenUmsatzsteuerFA 2016 (neu).ods
2017-03-01 10:17 - 2017-01-20 18:02 - 00000790 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2017-03-01 10:17 - 2014-11-25 10:54 - 00003862 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1416909253
2017-03-01 08:41 - 2016-04-10 17:57 - 00000000 ____D C:\Program Files\Common Files\logishrd
2017-02-28 22:47 - 2016-01-18 11:01 - 00000000 ____D C:\Users\Bianka\AppData\Roaming\Skype
2017-02-28 09:51 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\LiveKernelReports
2017-02-27 21:24 - 2016-01-18 10:59 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-02-27 21:24 - 2016-01-18 10:59 - 00000000 ____D C:\ProgramData\Skype
2017-02-27 20:29 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2017-02-27 20:23 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-02-25 21:54 - 2016-09-21 10:12 - 00001913 _____ C:\Users\Bianka\Desktop\Andre Loibl.txt
2017-02-23 23:30 - 2014-11-24 12:04 - 03101184 ___SH C:\Users\Bianka\Downloads\Thumbs.db
2017-02-23 22:21 - 2014-11-09 21:16 - 00000000 ____D C:\Windows\system32\MRT
2017-02-23 22:16 - 2014-11-09 21:16 - 138020592 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-02-22 23:10 - 2015-05-01 21:23 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-02-22 19:25 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
2017-02-22 19:21 - 2014-10-08 18:30 - 00000000 ____D C:\Users\Bianka\AppData\Local\Deployment
2017-02-22 18:54 - 2014-10-08 17:59 - 00000000 __SHD C:\Users\Bianka\AppData\Local\EmieUserList
2017-02-22 18:54 - 2014-10-08 17:59 - 00000000 __SHD C:\Users\Bianka\AppData\Local\EmieSiteList
2017-02-19 21:58 - 2016-10-26 11:38 - 00015533 _____ C:\Users\Bianka\Desktop\Thomas Schmelzer.txt
2017-02-19 17:55 - 2017-01-22 15:29 - 00000300 _____ C:\Users\Bianka\Desktop\Ina Rudolph.txt
2017-02-17 21:41 - 2016-01-30 14:03 - 00000000 ____D C:\ProgramData\McAfee
2017-02-17 21:40 - 2016-01-30 14:03 - 00000000 ____D C:\Program Files\Common Files\McAfee
2017-02-17 21:40 - 2013-08-22 15:44 - 00377416 _____ C:\Windows\system32\FNTCACHE.DAT
2017-02-15 10:04 - 2017-01-11 13:47 - 00001529 _____ C:\Users\Bianka\Desktop\Ralf senftleben.txt
2017-02-15 08:25 - 2014-11-25 13:47 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-02-15 08:25 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-02-15 08:25 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\Macromed
2017-02-10 22:33 - 2013-08-22 16:36 - 00000000 ___HD C:\Windows\ELAMBKUP
2017-02-09 23:32 - 2016-09-21 09:11 - 00011681 _____ C:\Users\Bianka\Desktop\Recherche Experten.txt
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-11-21 23:42 - 2014-11-21 23:42 - 14147584 _____ () C:\Program Files (x86)\Common Files\lpuninstall.exe
2014-08-10 01:06 - 2014-08-10 01:06 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-08-26 15:56 - 2016-08-26 16:06 - 0000369 _____ () C:\ProgramData\hpzinstall.log
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-03-09 20:41
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 08-03-2017
durchgeführt von Bianka (09-03-2017 22:36:38)
Gestartet von C:\Users\Bianka\Desktop
Windows 8.1 Connected (Update) (X64) (2014-10-08 16:40:44)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3939777714-882395854-1159617953-500 - Administrator - Disabled)
Bianka (S-1-5-21-3939777714-882395854-1159617953-1001 - Administrator - Enabled) => C:\Users\Bianka
Gast (S-1-5-21-3939777714-882395854-1159617953-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3939777714-882395854-1159617953-1003 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}
FW: McAfee Firewall (Enabled) {B3F62DDF-980B-3470-75A7-407A2E6F58C7}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
4500_G510af_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
4500G510af (x32 Version: 140.0.001.000 - Hewlett-Packard) Hidden
4500G510af_Software_Min (x32 Version: 140.0.001.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 20.0.0.260 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.01.2008.3 - Acer Incorporated)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bing Bar (HKLM-x32\...\{3611CA6C-5FCA-4900-A329-6A118123CCFC}) (Version: 7.1.355.0 - Microsoft Corporation)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Citrix Online Launcher (HKLM-x32\...\{09DA5EE2-7E46-4DC4-96F9-BFEE50D40659}) (Version: 1.0.408 - Citrix)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4917 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.4220 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3914.57 - CyberLink Corp.)
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden
eBay Worldwide (HKLM-x32\...\{91589413-6675-4C27-8AFC-EFB9103B90A5}) (Version: 2.4.0105 - OEM)
Fax (x32 Version: 140.0.307.000 - Hewlett-Packard) Hidden
FileZilla Client 3.23.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.23.0.2 - Tim Kosse)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
GoToMeeting 8.1.0.6519 (HKU\S-1-5-21-3939777714-882395854-1159617953-1001\...\GoToMeeting) (Version: 8.1.0.6519 - CitrixOnline)
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Officejet 4500 G510a-f 14.0 Rel. 6 (HKLM\...\{A49C5804-8F24-433C-99B2-9F9F541090C7}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Support Assistant (HKLM-x32\...\{4780AF24-213D-4187-86F2-0014A6D6077B}) (Version: 8.3.50.9 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{AAE126B3-95C5-49E1-A590-7B5F6EDC7D60}) (Version: 12.5.32.203 - HP Inc.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8101 - Packard Bell)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3574 - Intel Corporation)
Intel(R) Technology Access (HKLM-x32\...\{fb74531f-28c3-4dca-9849-e6b8faa85afe}) (Version: 1.5.0.1021 - Intel Corporation)
Intel(R) Technology Access Software Asset Manager (x32 Version: 1.0.1562 - Intel Corporation) Hidden
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation)
LastPass (Nur deinstallieren) (HKLM-x32\...\LastPass) (Version: - LastPass)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8100 - Packard Bell)
Malwarebytes Version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
McAfee Internet Security Suite (HKLM-x32\...\MSC) (Version: 14.0.12000 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.235 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0 - Mozilla)
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Opera Stable 43.0.2442.1144 (HKLM-x32\...\Opera 43.0.2442.1144) (Version: 43.0.2442.1144 - Opera Software)
Packard Bell Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Packard Bell)
Packard Bell Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8107 - Packard Bell)
Packard Bell Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8105 - Packard Bell)
Packard Bell Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3016.0 - Packard Bell)
Packard Bell Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8108 - Packard Bell)
Packard Bell User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.02.3004 - Packard Bell)
Packard Bell User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.02.3004 - Packard Bell)
paint.net (HKLM\...\{6AC1101E-7561-43C9-BEEA-4AB1D220D8FF}) (Version: 4.0.13 - dotPDN LLC)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.322 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.33 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.39059 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.33.529.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7288 - Realtek Semiconductor Corp.)
Saal Design Software (HKLM-x32\...\SaalDesignSoftware) (Version: 4.0 - Saal Digital Fotoservice GmbH)
Saal Design Software (x32 Version: 4.0 - Saal Digital Fotoservice GmbH) Hidden
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype™ 7.32 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.104 - Skype Technologies S.A.)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.6.81.gd359a796 - Spotify AB)
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
WinRAR 5.40 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-3939777714-882395854-1159617953-1001\...\ZoomUMX) (Version: 4.0 - Zoom Video Communications, Inc.)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3939777714-882395854-1159617953-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3939777714-882395854-1159617953-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Bianka\AppData\Local\Citrix\GoToMeeting\5808\G2MOutlookAddin64.dll => Keine Datei
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {05690C2D-2462-4329-A6BA-2BE6B7928391} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Packard Bell\Packard Bell Recovery Management\Notification\Notification.exe [2014-06-17] (Acer Incorporated)
Task: {085E5887-7694-4C67-B066-07CA7CF7D58F} - System32\Tasks\G2MUpdateTask-S-1-5-21-3939777714-882395854-1159617953-1001 => C:\Users\Bianka\AppData\Local\Citrix\GoToMeeting\6519\g2mupdate.exe [2017-03-08] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {106706D0-E476-400D-B4AD-2DC7B9C94E25} - System32\Tasks\UbtFrameworkService => C:\Program Files\Packard Bell\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-12] (TODO: <Company name>)
Task: {1A46170F-14F7-41FE-8E2B-E06FC3306809} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-12-07] (HP Inc.)
Task: {312CDB5A-4AC9-43C4-B4AC-C1ED6DDB1547} - System32\Tasks\IntelTA-Upgrade-56460984-97c2-4bc7-a632-d776cf817f5d => C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe
Task: {312E43F1-DFFC-4E8B-80E0-1B5A9E39B030} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [2016-12-09] (McAfee, Inc.)
Task: {46C1FA8A-EAC0-4ECB-B5D6-3E90F05B0D75} - System32\Tasks\IntelTA-Upgrade-56460984-97c2-4bc7-a632-d776cf817f5d-Logon => C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe
Task: {47FC67FC-9211-4ADE-9B00-4B50628B3137} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {48CA9C9E-B3DB-4B8B-9370-BD1AE7BE8A6B} - System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.50.1291.1\mcdatrep.exe [2017-02-10] (McAfee, Inc.)
Task: {6D5036F1-FF73-47A9-88E3-C0C28EB11624} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2016-12-06] (HP Inc.)
Task: {6E83697B-11FB-4B17-8751-0E153CCBE470} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)
Task: {86377B76-DC30-4084-97F1-4460C9CF88AA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {90AA8809-AAB5-4716-B4FE-8FB10A69AF5C} - System32\Tasks\Launch Manager => C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMLauncher.exe [2014-06-10] (Acer Incorporate)
Task: {95B08CAA-FBA7-4CB9-B5B4-6BE5D88E732A} - System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.50.1291.1\mcdatrep.exe [2017-02-10] (McAfee, Inc.)
Task: {9724304D-AEFF-4334-866A-49DD98ECC1FA} - System32\Tasks\Quick Access => C:\Program Files\Packard Bell\Packard Bell Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {AD342E15-C9E1-4F7F-B358-57EF5D892E15} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {B4BCE3D4-CB4C-4036-AD11-1EE7A571446D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-05] (Google Inc.)
Task: {B6CF8580-93B8-4991-A681-07047CD3D3D0} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {B924DBF1-6776-4110-AE67-4F92EA42C3C8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2017-02-23] (Microsoft Corporation)
Task: {B9635281-C472-4AE6-94D6-81F6E3902874} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Packard Bell\Packard Bell Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {D18E474C-2E57-48E5-AC50-9933F3194224} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-05] (Google Inc.)
Task: {D3C088AF-18A5-416B-B125-25A93C6FE4F3} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {D8F6BBFF-8454-4137-9B0C-E4E62002B90A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {E00F7476-48BF-48F8-A325-B88AD2C2BBFA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)
Task: {E5123DAA-931C-44A6-B9AE-C3351D3D8FF3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-15] (Adobe Systems Incorporated)
Task: {E79B1364-B9CB-42DA-886A-D57ECC9BA405} - System32\Tasks\G2MUploadTask-S-1-5-21-3939777714-882395854-1159617953-1001 => C:\Users\Bianka\AppData\Local\Citrix\GoToMeeting\6519\g2mupload.exe [2017-03-08] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {EB873949-AEBC-4FE8-8C95-39E517C105FE} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Packard Bell\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {EBDA2E4D-7745-4035-86B1-6AD1ED378541} - System32\Tasks\ALU => C:\Program Files (x86)\Packard Bell\Live Updater\updater.exe [2013-07-08] ()
Task: {EC753DFA-E68E-4D00-B974-D5C75CCCE682} - System32\Tasks\Power Management => C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTrayLauncher.exe [2014-06-12] (Acer Incorporated)
Task: {F2091015-81A7-496C-937F-94BD68A461E3} - System32\Tasks\Opera scheduled Autoupdate 1416909253 => E:\Programme\Opera\launcher.exe [2017-02-27] (Opera Software)
Task: {F33E1F55-808A-4E9E-9A4E-A30E6B322DB8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-06] (HP Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3939777714-882395854-1159617953-1001.job => C:\Users\Bianka\AppData\Local\Citrix\GoToMeeting\6519\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-3939777714-882395854-1159617953-1001.job => C:\Users\Bianka\AppData\Local\Citrix\GoToMeeting\6519\g2mupload.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-07-07 10:44 - 2015-07-07 10:44 - 00088064 _____ () C:\Program Files\Intel Corporation\Intel(R) Technology Access\libglog.dll
2015-07-07 12:41 - 2015-07-07 12:41 - 01793280 _____ () C:\Program Files\Intel Corporation\Intel(R) Technology Access\cpprest120_1_4.dll
2015-07-07 12:41 - 2015-07-07 12:41 - 00354560 _____ () C:\Program Files\Intel Corporation\Intel(R) Technology Access\JsonCpp.dll
2014-08-10 01:34 - 2012-04-24 11:43 - 00254512 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2017-03-04 00:17 - 2017-03-08 09:27 - 02264352 _____ () E:\PROGRAMME\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2014-08-10 01:43 - 2014-01-03 13:13 - 00111872 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2016-12-06 17:17 - 2016-12-06 17:17 - 00052400 _____ () E:\Programme\FileZilla\fzshellext_64.dll
2014-04-29 01:38 - 2014-04-29 01:38 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2014-04-29 01:35 - 2014-04-29 01:35 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2014-04-29 01:42 - 2014-04-29 01:42 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3939777714-882395854-1159617953-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Bianka\Pictures\09_15_P5090046.JPG
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKU\S-1-5-21-3939777714-882395854-1159617953-1001\...\StartupApproved\Run: => "Skype"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
22-02-2017 19:23:43 Windows Update
05-03-2017 18:00:06 Geplanter Prüfpunkt
07-03-2017 21:44:10 JRT Pre-Junkware Removal
07-03-2017 22:10:00 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (03/09/2017 10:19:23 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (03/09/2017 10:18:07 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (03/09/2017 10:17:18 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\eset\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (03/09/2017 05:26:17 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (03/09/2017 05:25:15 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (03/09/2017 05:24:32 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Bianka\Desktop\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (03/09/2017 05:24:29 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Bianka\Desktop\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (03/09/2017 05:24:08 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Bianka\Desktop\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (03/09/2017 05:24:08 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Bianka\Desktop\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Error: (03/09/2017 05:16:36 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Bianka\Desktop\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Systemfehler:
=============
Error: (03/09/2017 07:55:33 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Erkennung interaktiver Dienste" wurde mit folgendem Fehler beendet:
Unzulässige Funktion.
Error: (03/09/2017 05:25:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (03/09/2017 05:25:51 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Bianka\AppData\Local\Temp\ehdrv.sys
Error: (03/09/2017 05:25:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (03/09/2017 05:25:50 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Bianka\AppData\Local\Temp\ehdrv.sys
Error: (03/09/2017 05:25:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (03/09/2017 05:25:50 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Bianka\AppData\Local\Temp\ehdrv.sys
Error: (03/09/2017 05:23:14 PM) (Source: DCOM) (EventID: 10010) (User: JENSBIANKALIEBE)
Description: Der Server "{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (03/09/2017 05:19:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (03/09/2017 05:19:50 PM) (Source: DCOM) (EventID: 10010) (User: JENSBIANKALIEBE)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Celeron(R) CPU N2840 @ 2.16GHz
Prozentuale Nutzung des RAM: 37%
Installierter physikalischer RAM: 3977.98 MB
Verfügbarer physikalischer RAM: 2494.69 MB
Summe virtueller Speicher: 5321.98 MB
Verfügbarer virtueller Speicher: 3585.75 MB
==================== Laufwerke ================================
Drive c: (Packard Bell) (Fixed) (Total:205.07 GB) (Free:148.74 GB) NTFS
Drive e: (Volume) (Fixed) (Total:244.14 GB) (Free:66.35 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: B4119404)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
| Themen zu Trojan.Injector.MSIL in Quarantäne, trotzdem funktioniert Google Chrome nicht |
| bedrohungen, chrome, chrome startet nicht, frage, funktionier, funktioniert, gefunde, google, google chrome, googlen, immer wieder, kostenlose, laptop, mailware, mcafee, neuinstallation, nichts, quarantäne, rechner, scan, sichere, start, troja, trojan.injector.msil, trojanerboard, version, virenscan |
und 
und speichere die Logdatei auf Deinem Desktop.
Linear-Darstellung
