Windows 8 - Firefox leitet automatisch zu Yahoo weiter

gapkathl · 26.07.2017, 13:55

Hallo zusammen,

habe Firefox als Standard-Suchmaschine eingestellt, werde aber immer wieder zu Yahoo geleitet. Ist echt nervig.
In den Einstellungen habe ich nichts gefunden, was auf eine Weiterleitung schließen lässt.
Mit einer Firefox Deinstallation und Neuinstallation hat sich auch nix getan.
bei about:config bin ich mir nicht sicher, an welcher Stelle ich was ändern müsste.

Habe die gewünschten Logs erstellt. Poste ich diese direkt in diese Anfrage?

Danke für Eure Hilfe.
Kathrin

M-K-D-B · 26.07.2017, 14:11

Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.

Um die Bereinigung möchlichst effektiv und schnell gestalten zu können, bitte ich um Beachtung der folgenden Hinweise:

Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
Lies dir meine Anleitungen immer sorgfältig durch, arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste immer alle Logdateien (auch wenn nichts gefunden wurde). Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
Außerdem bitte ich dich, nicht eigenmächtig irgendwelche Sicherheitsprogramme auszuführen und damit deinen Rechner zu überprüfen/bereinigen, da ich so leicht den Überblick verlieren kann.
Außerdem hättest du dir das Eröffnen eines Themas in diesem Fall auch gleich sparen können, wenn du dann doch wieder alleine rumhantierst.
Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
Alle zu verwendenen Programme sind auf dem Desktop ( C:\users\dein Benutzername\Desktop\ ) abzuspeichern und von dort als Administrator zu starten!
Einige Programme, die wir hier verwenden, können unter Umständen von deinem Antiviren- oder Anti-Malwareprogramm fälschlicherweise als Bedrohung eingestuft werden. Die Sicherheitsprogramme können aufgrund eines bestimmten Programmverhaltens nicht zwischen "gut" oder "böse" unterscheiden und schlagen Alarm. Dabei handelt es sich um Fehlalarme, welche du getrost ignorieren kannst. Gegebenenfalls musst du deine Sicherheitssoftware vor der Ausführung eines Programms deaktivieren, damit unsere Bereinigungsvorgänge nicht beeinträchtigt werden.
Sollten die Logdateien einmal die zulässige Länge (~ 120.000 Zeichen) überschreiten, so teile die Logdateien auf mehrere Posts auf.
Zur Not kannst du die Logdateien dann auch zippen (in ein .zip Archiv packen) und als Anhang hochladen.
Bitte arbeite so lange mit mir zusammen, bis ich dir sage, dass wir fertig sind und dein Rechner "sauber" ist. Das vorzeitige Verschwinden von Symptomen heißt nicht automatisch, dass dein Rechner bereits vollständig sauber ist.
In der Regel antworte ich dir innerhalb von 24 Stunden, oft sogar wesentlich schneller.
Jedoch habe auch ich einen normalen Beruf und Familie. Ich bin daher nicht jeden Tag stundenlag hier im Forum unterwegs. Es kann unter Umständen bis zu 2 Tage dauern, bis du eine Antwort von mir erhältst. Sollte diese Zeit überschritten sein, so kannst du mir gerne eine PM als Erinnerung schicken.

Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!

Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Schritt 2
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Bitte poste mit deiner nächsten Antwort

die Logdatei von TDSS-Killer,
die beiden neuen Logdateien von FRST.

gapkathl · 26.07.2017, 17:36

Hallo Matthias,
danke für die schnelle Rückmeldung.

Nachfolgend die Logdateien:

1. FRST

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 23-07-2017
durchgeführt von Kathrin (Administrator) auf DELLBOOKKATHRIN (26-07-2017 13:54:02)
Gestartet von C:\Users\Kathrin\Downloads
Geladene Profile: Kathrin (Verfügbare Profile: Kathrin)
Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Chip Digital GmbH) C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
() C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Lavasoft Limited) C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\ModuleCore\ModuleCoreService.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect 3\creator-ws.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
() C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
(Intel) C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\VSCore_15_6\mcapexe.exe
(McAfee, Inc.) C:\Program Files\mcafee\MfeAV\MfeAVSvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\CSP\2.5.312.0\McCSPServiceHost.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel® Corporation) C:\Program Files\Intel\CCDashboard\bin\CCDashServer.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Lavasoft) C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\ModuleCore\ModuleCoreService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Dell Inc.) C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\atiw.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe
() C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
(Intel Security) C:\Program Files\Common Files\mcafee\ClientAnalytics\Legacy\McClientAnalytics.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\Core\mchost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3759504 2012-07-20] (Dell Inc.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [IntelMyWiFiDashboard] => C:\Program Files\Intel\CCDashboard\bin\CCDashServer.exe [5010224 2012-07-13] (Intel® Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-07-24] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2774256 2013-08-01] (Synaptics Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [277504 2012-07-09] (Intel Corporation)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-04] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [143888 2012-06-02] (CyberLink Corp.)
HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [556288 2017-05-31] (McAfee, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-03-20] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-85611978-3827166080-1061539791-1001\...\Run: [Facebook Update] => C:\Users\Kathrin\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-04-06] (Facebook Inc.)
HKU\S-1-5-21-85611978-3827166080-1061539791-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [1951336 2017-05-12] (Lavasoft)
HKU\S-1-5-21-85611978-3827166080-1061539791-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27716568 2017-05-04] (Skype Technologies S.A.)
HKU\S-1-5-21-85611978-3827166080-1061539791-1001\...\MountPoints2: {3c07da0d-45e7-11e7-bf09-7845c4bbb1ff} - "E:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-85611978-3827166080-1061539791-1001\...\MountPoints2: {3c07daa5-45e7-11e7-bf09-7845c4bbb1ff} - "E:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-85611978-3827166080-1061539791-1001\...\MountPoints2: {3c07db99-45e7-11e7-bf09-7845c4bbb1ff} - "E:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-85611978-3827166080-1061539791-1001\...\MountPoints2: {681dcd83-1a00-11e7-bf01-7845c4bbb1ff} - "E:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-85611978-3827166080-1061539791-1001\...\MountPoints2: {681dce3d-1a00-11e7-bf01-7845c4bbb1ff} - "E:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-85611978-3827166080-1061539791-1001\...\MountPoints2: {94a04385-4278-11e4-beaa-6036dd2f7c1c} - "E:\HTC_Sync_Manager_PC.exe" 
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk [2012-12-02]
ShortcutTarget: iSCTsysTray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray.exe (Intel Corporation)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog9 01 C:\WINDOWS\SysWOW64\LavasoftTcpService.dll [353384 2017-05-12] (Lavasoft Limited)
Winsock: Catalog9 02 C:\WINDOWS\SysWOW64\LavasoftTcpService.dll [353384 2017-05-12] (Lavasoft Limited)
Winsock: Catalog9 03 C:\WINDOWS\SysWOW64\LavasoftTcpService.dll [353384 2017-05-12] (Lavasoft Limited)
Winsock: Catalog9 04 C:\WINDOWS\SysWOW64\LavasoftTcpService.dll [353384 2017-05-12] (Lavasoft Limited)
Winsock: Catalog9 16 C:\WINDOWS\SysWOW64\LavasoftTcpService.dll [353384 2017-05-12] (Lavasoft Limited)
Winsock: Catalog9-x64 01 C:\WINDOWS\system32\LavasoftTcpService64.dll [433768 2017-05-12] (Lavasoft Limited)
Winsock: Catalog9-x64 02 C:\WINDOWS\system32\LavasoftTcpService64.dll [433768 2017-05-12] (Lavasoft Limited)
Winsock: Catalog9-x64 03 C:\WINDOWS\system32\LavasoftTcpService64.dll [433768 2017-05-12] (Lavasoft Limited)
Winsock: Catalog9-x64 04 C:\WINDOWS\system32\LavasoftTcpService64.dll [433768 2017-05-12] (Lavasoft Limited)
Winsock: Catalog9-x64 16 C:\WINDOWS\system32\LavasoftTcpService64.dll [433768 2017-05-12] (Lavasoft Limited)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{6E0427F8-072D-458E-8D74-7FDB03D1EB84}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{F4E2AC44-2A00-45ED-96F2-4710D38644B5}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKU\S-1-5-21-85611978-3827166080-1061539791-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-85611978-3827166080-1061539791-1001 -> DefaultScope {83B566A6-E037-4FD5-A2ED-8697AED21906} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
SearchScopes: HKU\S-1-5-21-85611978-3827166080-1061539791-1001 -> {83B566A6-E037-4FD5-A2ED-8697AED21906} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
BHO: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-06-19] (McAfee, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: PDF Architect 3 Helper -> {06E08260-0695-4EC1-A74B-1310D8899D93} -> C:\Program Files (x86)\PDF Architect 3\creator-ie-helper.dll [2015-04-24] (pdfforge GmbH)
BHO-x32: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-06-19] (McAfee, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Toolbar: HKLM-x32 - PDF Architect 3 Toolbar - {2DFF3579-5AA7-45B9-9328-1D38EA230861} - C:\Program Files (x86)\PDF Architect 3\creator-ie-plugin.dll [2015-04-24] (pdfforge GmbH)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-06-19] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-06-19] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-06-19] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-06-19] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2017-05-31] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2017-05-31] (McAfee, Inc.)

FireFox:
========
FF ProfilePath: C:\Users\Kathrin\AppData\Roaming\Mozilla\Firefox\Profiles\r6jeipv1.default [2017-07-26]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\r6jeipv1.default -> Bing®
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\r6jeipv1.default -> Sichere Suche
FF SearchEngineOrder.2: Mozilla\Firefox\Profiles\r6jeipv1.default -> 
FF SearchEngineOrder.US.1: Mozilla\Firefox\Profiles\r6jeipv1.default -> data:text/plain,browser.search.order.US.1=Google
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\r6jeipv1.default -> Bing®
FF NetworkProxy: Mozilla\Firefox\Profiles\r6jeipv1.default -> type", 0
FF Extension: (New Tab Override (browser.newtab.url replacement)) - C:\Users\Kathrin\AppData\Roaming\Mozilla\Firefox\Profiles\r6jeipv1.default\Extensions\newtaboverride@agenedia.com.xpi [2017-07-26]
FF Extension: (Adblock Plus) - C:\Users\Kathrin\AppData\Roaming\Mozilla\Firefox\Profiles\r6jeipv1.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-08]
FF Extension: (McAfee WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2017-04-18]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_3_conv@pdfarchitect.org] - C:\Program Files (x86)\PDF Architect 3\resources\pdfarchitect3firefoxextension
FF Extension: (PDF Architect 3 Creator) - C:\Program Files (x86)\PDF Architect 3\resources\pdfarchitect3firefoxextension [2015-06-27] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2017-06-30] [ist nicht signiert]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2015-08-04]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_137.dll [2017-07-17] ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2017-05-31] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_137.dll [2017-07-17] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2017-05-31] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-07-28] (Microsoft Corporation)
FF Plugin HKU\S-1-5-21-85611978-3827166080-1061539791-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Kathrin\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-04-22]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-04-22]

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 chip1click; C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe [91136 2016-10-27] (Chip Digital GmbH) [Datei ist nicht signiert]
R3 ClientAnalyticsService; C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe [1752992 2017-03-29] (Intel Security)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [206712 2017-06-20] (Dell Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3296632 2017-06-20] (Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [217464 2017-06-20] (Dell Inc.)
R2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [130936 2016-12-21] (Dell Inc.)
R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [230248 2017-05-01] (Dell Inc.)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2017-04-11] ()
R2 IAStorDataMgrSvc; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [7168 2012-07-09] (Intel Corporation) [Datei ist nicht signiert]
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-14] (Realsil Microelectronics Inc.) [Datei ist nicht signiert]
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [314696 2014-05-21] (Intel Corporation)
R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [193576 2012-07-20] (Intel Corporation)
R2 ISCTAgent; c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [146984 2012-07-24] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 LavasoftTcpService; C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe [2759784 2017-05-12] (Lavasoft Limited)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [179216 2017-06-19] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_15_6\McApExe.exe [984480 2017-06-03] (McAfee, Inc.)
S3 McAWFwk; C:\Program Files\mcafee\msc\McAWFwk.exe [332080 2012-01-26] (McAfee, Inc.)
R2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\2.5.312.0\\McCSPServiceHost.exe [2139832 2017-05-31] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
S4 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [241656 2017-04-30] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [390656 2017-04-30] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [343544 2017-04-30] (McAfee, Inc.)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1543248 2017-05-31] (McAfee, Inc.)
S3 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
S3 PDF Architect 3; C:\Program Files (x86)\PDF Architect 3\ws.exe [2244312 2015-04-24] (pdfforge GmbH)
S3 PDF Architect 3 CrashHandler; C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe [901336 2015-04-24] (pdfforge GmbH)
R2 PDF Architect 3 Creator; C:\Program Files (x86)\PDF Architect 3\creator-ws.exe [740568 2015-04-24] (pdfforge GmbH)
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1042288 2017-05-22] (Intel Security, Inc.)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-25] ()
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [1915480 2013-05-23] (SoftThinks SAS)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [321536 2012-07-24] (IDT, Inc.) [Datei ist nicht signiert]
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [52696 2017-06-28] (Dell Inc.)
R2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [25192 2017-05-12] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [36096 2014-07-21] (Advanced Micro Devices, Inc.)
R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [76824 2017-05-02] (McAfee, Inc.)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [32960 2017-04-11] (Dell Inc.)
R3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [32568 2017-04-11] (Dell Computer Corporation)
S3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [10752 2012-08-05] (OSR Open Systems Resources, Inc.)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2017-04-11] (Huawei Technologies Co., Ltd.)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [209608 2017-05-31] (McAfee, Inc.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2017-04-11] (Huawei Technologies Co., Ltd.)
R3 ikbevent; C:\WINDOWS\system32\DRIVERS\ikbevent.sys [20968 2012-07-24] ()
R3 imsevent; C:\WINDOWS\system32\DRIVERS\imsevent.sys [19944 2012-07-24] ()
R3 irstrtdv; C:\WINDOWS\System32\drivers\irstrtdv.sys [43800 2012-07-21] (Intel Corporation)
R3 ISCT; C:\WINDOWS\System32\drivers\ISCTD64.sys [46016 2012-07-24] ()
S3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [111544 2017-05-30] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [251832 2017-07-26] (Malwarebytes)
S3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [92096 2017-05-30] (Malwarebytes)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [476176 2017-05-02] (McAfee, Inc.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [353808 2017-05-02] (McAfee, Inc.)
U3 mfeavfk01; kein ImagePath
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [84536 2017-05-02] (McAfee, Inc.)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [504336 2017-05-02] (McAfee, Inc.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [918544 2017-05-02] (McAfee, Inc.)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [495632 2017-04-07] (McAfee, Inc.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [107544 2017-04-07] (McAfee, Inc.)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [109072 2017-05-02] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [46240 2016-06-06] (McAfee, Inc.)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [252432 2017-05-02] (McAfee, Inc.)
R3 NETwNe64; C:\WINDOWS\system32\DRIVERS\Netwew00.sys [3345376 2013-10-08] (Intel Corporation)
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-15] (Synaptics Incorporated)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-01] (Synaptics Incorporated)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
R3 WPRO_41_2001; C:\WINDOWS\System32\drivers\WPRO_41_2001.sys [34752 2017-07-26] ()

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-07-26 13:50 - 2017-07-26 13:54 - 00028654 _____ C:\Users\Kathrin\Downloads\FRST.txt
2017-07-26 13:50 - 2017-07-26 13:50 - 00037855 _____ C:\Users\Kathrin\Downloads\Addition.txt
2017-07-26 13:49 - 2017-07-26 13:54 - 00000000 ____D C:\FRST
2017-07-26 13:49 - 2017-07-26 13:49 - 02382336 _____ (Farbar) C:\Users\Kathrin\Downloads\FRST64.exe
2017-07-26 13:48 - 2017-07-26 13:48 - 00000000 _____ C:\Users\Kathrin\Downloads\FRST.exe
2017-07-26 11:12 - 2017-07-26 11:12 - 00001173 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-07-26 11:12 - 2017-07-26 11:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-07-26 11:10 - 2017-07-26 11:10 - 00030318 _____ C:\Users\Kathrin\Desktop\bookmarks-2017-07-26.json
2017-07-26 11:08 - 2017-07-26 11:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2017-07-26 10:06 - 2017-07-26 10:06 - 08162248 _____ (Malwarebytes) C:\Users\Kathrin\Downloads\adwcleaner_7.0.0.0(1).exe
2017-07-26 10:05 - 2017-07-26 10:05 - 08162248 _____ (Malwarebytes) C:\Users\Kathrin\Downloads\adwcleaner_7.0.0.0.exe
2017-07-26 09:16 - 2017-07-26 09:16 - 00003220 _____ C:\WINDOWS\System32\Tasks\BundleApplicationRepairToolLauncherTask
2017-07-24 07:50 - 2017-07-26 13:01 - 00003860 _____ C:\WINDOWS\System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse
2017-07-24 07:50 - 2017-07-26 09:16 - 00004034 _____ C:\WINDOWS\System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse
2017-07-24 07:39 - 2017-05-04 01:11 - 00103600 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-07-24 07:39 - 2017-05-03 15:43 - 01555968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-07-24 07:39 - 2017-05-03 15:43 - 01206272 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-07-24 07:39 - 2017-05-03 15:43 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-07-24 07:39 - 2017-05-03 15:43 - 00535552 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-07-24 07:39 - 2017-05-03 15:43 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-07-24 07:39 - 2017-05-03 15:43 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\centel.dll
2017-07-24 07:39 - 2017-05-03 15:43 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-07-24 07:39 - 2017-05-03 15:43 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-07-24 07:31 - 2017-07-26 11:03 - 00094656 _____ (CACE Technologies) C:\WINDOWS\system32\WPRO_41_2001woem.tmp
2017-07-18 14:41 - 2017-07-06 10:52 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2017-07-18 14:41 - 2017-06-29 08:27 - 25734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-07-18 14:41 - 2017-06-29 08:02 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-07-18 14:41 - 2017-06-29 07:50 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-07-18 14:41 - 2017-06-29 07:44 - 05975552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-07-18 14:41 - 2017-06-29 07:23 - 20270592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-07-18 14:41 - 2017-06-29 07:23 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-07-18 14:41 - 2017-06-29 07:17 - 01033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2017-07-18 14:41 - 2017-06-29 07:13 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-07-18 14:41 - 2017-06-29 07:09 - 00806912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-07-18 14:41 - 2017-06-29 06:58 - 15253504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-07-18 14:41 - 2017-06-29 06:53 - 03240960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-07-18 14:41 - 2017-06-29 06:52 - 04549632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-07-18 14:41 - 2017-06-29 06:51 - 00880640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2017-07-18 14:41 - 2017-06-29 06:47 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-07-18 14:41 - 2017-06-29 06:43 - 13663744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-07-18 14:41 - 2017-06-29 06:41 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-07-18 14:41 - 2017-06-29 06:29 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-07-18 14:41 - 2017-06-29 06:28 - 02767872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-07-18 14:41 - 2017-06-29 06:24 - 01314816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-07-18 14:41 - 2017-06-29 06:23 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-07-18 14:41 - 2017-06-27 16:29 - 07796736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-07-18 14:41 - 2017-06-27 16:29 - 07077376 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2017-07-18 14:41 - 2017-06-27 16:26 - 05274112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll
2017-07-18 14:41 - 2017-06-27 16:26 - 05268992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-07-18 14:41 - 2017-06-22 16:22 - 04169216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-07-18 14:41 - 2017-06-17 18:45 - 03631616 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-07-18 14:41 - 2017-06-17 18:34 - 02749952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-07-18 14:41 - 2017-06-17 18:11 - 02551808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-07-18 14:41 - 2017-06-17 18:05 - 01920000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-07-18 14:41 - 2017-06-16 00:02 - 00990040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2017-07-18 14:41 - 2017-06-15 15:45 - 07440728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-07-18 14:41 - 2017-06-15 15:45 - 01674520 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-07-18 14:41 - 2017-06-15 15:45 - 01534064 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-07-18 14:41 - 2017-06-15 15:45 - 01499920 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-07-18 14:41 - 2017-06-15 15:45 - 01370320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-07-18 14:41 - 2017-06-15 15:45 - 00086360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2017-07-18 14:41 - 2017-06-12 02:06 - 00376672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-07-18 14:41 - 2017-06-12 00:21 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wvc.dll
2017-07-18 14:41 - 2017-06-11 23:43 - 00371200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinfo32.exe
2017-07-18 14:41 - 2017-06-11 23:25 - 00478720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wvc.dll
2017-07-18 14:41 - 2017-06-11 23:15 - 01436672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdc.dll
2017-07-18 14:41 - 2017-06-11 23:08 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2017-07-18 14:41 - 2017-06-11 23:07 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sysmon.ocx
2017-07-18 14:41 - 2017-06-11 23:00 - 00962560 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-07-18 14:41 - 2017-06-11 22:58 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinfo32.exe
2017-07-18 14:41 - 2017-06-11 22:40 - 01323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdc.dll
2017-07-18 14:41 - 2017-06-11 22:35 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2017-07-18 14:41 - 2017-06-11 22:31 - 00781312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-07-18 14:41 - 2017-06-11 17:15 - 02013528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-07-18 14:41 - 2017-06-06 22:52 - 03120640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-07-18 14:41 - 2017-06-06 22:42 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2017-07-18 14:41 - 2017-06-06 22:38 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\cnvfat.dll
2017-07-18 14:41 - 2017-06-06 22:36 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\uudf.dll
2017-07-18 14:41 - 2017-06-06 22:36 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\convert.exe
2017-07-18 14:41 - 2017-06-06 22:35 - 00517120 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2017-07-18 14:41 - 2017-06-06 21:13 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ulib.dll
2017-07-18 14:41 - 2017-06-06 21:11 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2017-07-18 14:41 - 2017-06-06 21:11 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ifsutil.dll
2017-07-18 14:41 - 2017-06-06 21:11 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ufat.dll
2017-07-18 14:41 - 2017-06-06 21:11 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\uexfat.dll
2017-07-18 14:41 - 2017-06-06 21:08 - 02712576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-07-18 14:41 - 2017-06-06 21:03 - 00837632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2017-07-18 14:41 - 2017-06-06 20:59 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cnvfat.dll
2017-07-18 14:41 - 2017-06-06 20:57 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uudf.dll
2017-07-18 14:41 - 2017-06-06 20:56 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2017-07-18 14:41 - 2017-06-06 20:03 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ulib.dll
2017-07-18 14:41 - 2017-06-06 20:02 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2017-07-18 14:41 - 2017-06-06 20:02 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ifsutil.dll
2017-07-18 14:41 - 2017-06-06 20:02 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ufat.dll
2017-07-18 14:41 - 2017-06-06 20:02 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uexfat.dll
2017-07-18 14:41 - 2017-06-03 18:27 - 02346496 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2017-07-18 14:41 - 2017-06-03 18:03 - 01549312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2017-07-18 14:41 - 2017-05-31 23:20 - 00470360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2017-07-18 14:41 - 2017-05-16 00:09 - 00057688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2017-07-18 14:41 - 2017-05-15 22:03 - 00379744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-07-18 14:41 - 2017-05-09 16:37 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2017-07-18 14:41 - 2017-05-09 16:35 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2017-07-18 14:41 - 2017-05-09 16:29 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsdchngr.dll
2017-07-18 14:41 - 2017-05-09 16:29 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\snmptrap.exe
2017-07-18 14:41 - 2017-05-09 16:28 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2017-07-18 14:41 - 2017-05-09 16:28 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsdchngr.dll
2017-07-18 14:41 - 2017-05-09 16:12 - 00448576 _____ C:\WINDOWS\system32\ApnDatabase.xml
2017-07-18 14:41 - 2017-05-06 18:45 - 01114624 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2017-07-18 14:41 - 2017-05-06 18:41 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdsdwmdr.dll
2017-07-18 14:41 - 2017-05-02 22:09 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-07-18 14:41 - 2017-05-02 22:08 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-07-18 14:41 - 2017-05-02 22:08 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2017-07-18 14:41 - 2017-05-02 20:41 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscore.dll
2017-07-18 14:41 - 2017-05-02 20:31 - 00329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2017-07-18 14:41 - 2017-05-02 20:31 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\smbwmiv2.dll
2017-07-18 14:41 - 2017-05-02 19:35 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sscore.dll
2017-07-18 14:41 - 2017-04-30 18:48 - 00080078 _____ C:\WINDOWS\system32\normidna.nls
2017-07-18 14:41 - 2017-04-28 03:13 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe
2017-07-18 14:41 - 2017-04-28 03:11 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe
2017-07-04 21:15 - 2017-07-04 21:15 - 00003806 _____ C:\WINDOWS\System32\Tasks\Dell SupportAssistAgent AnonymousRegistration
2017-07-04 21:15 - 2017-07-04 21:15 - 00003792 _____ C:\WINDOWS\System32\Tasks\Dell SupportAssistAgent AutoUpdate
2017-07-04 21:15 - 2017-07-04 21:15 - 00000000 ____D C:\ProgramData\SupportAssistAgent
2017-07-04 21:15 - 2017-07-04 21:15 - 00000000 ____D C:\ProgramData\SupportAssist
2017-07-02 17:49 - 2017-07-02 17:59 - 00000000 ____D C:\Users\Kathrin\Desktop\Besondere
2017-06-30 20:27 - 2017-06-30 20:27 - 00000000 ____D C:\Program Files (x86)\Dell Update

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-07-26 13:12 - 2016-11-25 20:35 - 00000000 ____D C:\Users\Kathrin\AppData\LocalLow\Mozilla
2017-07-26 13:03 - 2013-04-06 18:58 - 00000968 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-85611978-3827166080-1061539791-1001UA.job
2017-07-26 11:37 - 2012-12-09 08:21 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-85611978-3827166080-1061539791-1001
2017-07-26 11:12 - 2016-12-17 22:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-07-26 11:10 - 2012-12-02 04:06 - 00000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2017-07-26 11:07 - 2014-03-18 12:03 - 01780340 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-07-26 11:07 - 2014-03-18 11:25 - 00766620 _____ C:\WINDOWS\system32\perfh007.dat
2017-07-26 11:07 - 2014-03-18 11:25 - 00159902 _____ C:\WINDOWS\system32\perfc007.dat
2017-07-26 11:07 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\Inf
2017-07-26 11:03 - 2017-05-10 08:50 - 00251832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-07-26 11:03 - 2015-05-18 14:26 - 00000000 ____D C:\Users\Kathrin\AppData\Roaming\Skype
2017-07-26 11:03 - 2014-08-15 21:38 - 00000000 ___DO C:\Users\Kathrin\OneDrive
2017-07-26 11:03 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-07-26 11:03 - 2013-08-22 15:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2017-07-26 11:03 - 2012-12-02 04:00 - 00034752 _____ C:\WINDOWS\system32\Drivers\WPRO_41_2001.sys
2017-07-26 10:17 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2017-07-26 09:39 - 2015-05-15 15:17 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-07-26 09:39 - 2012-12-02 04:05 - 00000000 ____D C:\Program Files (x86)\McAfee
2017-07-26 09:18 - 2013-03-27 09:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2017-07-26 09:18 - 2012-12-02 04:02 - 00000000 ____D C:\ProgramData\PCDr
2017-07-24 07:51 - 2016-06-01 15:45 - 00003068 _____ C:\WINDOWS\System32\Tasks\McAfeeLogon
2017-07-24 07:51 - 2013-09-19 19:04 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-07-24 07:51 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2017-07-24 07:51 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-07-24 07:49 - 2012-12-16 14:50 - 135225752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-07-24 07:49 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-07-24 07:31 - 2013-08-22 16:44 - 00419368 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-07-18 14:38 - 2017-05-10 07:42 - 00000000 __HDC C:\ProgramData\{6E35203C-6E98-4378-8362-112CFE55C2C1}
2017-07-17 10:47 - 2015-03-14 19:46 - 00004342 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-07-17 10:47 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-07-17 10:46 - 2017-06-21 13:14 - 05824512 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2017-07-17 10:46 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-07-04 21:15 - 2012-12-02 04:00 - 00000000 ____D C:\Program Files\Dell
2017-06-30 20:52 - 2012-12-02 04:05 - 00000000 ____D C:\Program Files\mcafee
2017-06-30 20:40 - 2012-12-02 04:05 - 00000000 ____D C:\ProgramData\McAfee
2017-06-30 20:40 - 2012-12-02 04:05 - 00000000 ____D C:\Program Files\Common Files\mcafee
2017-06-30 20:39 - 2012-07-26 10:12 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2017-06-30 20:38 - 2015-07-04 16:04 - 00000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2017-06-30 20:26 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2017-06-30 20:23 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2017-06-30 02:27 - 2013-08-22 17:38 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-06-30 02:27 - 2013-08-22 17:38 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-03-15 18:03 - 2015-03-15 18:04 - 0000872 _____ () C:\Users\Kathrin\AppData\Roaming\AbsoluteReminder.xml
2013-12-20 13:28 - 2014-09-24 11:28 - 0000148 _____ () C:\Users\Kathrin\AppData\Roaming\WB.CFG
2013-10-05 20:09 - 2015-12-21 22:15 - 0006144 _____ () C:\Users\Kathrin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-12-28 19:45 - 2015-12-28 19:45 - 0001553 _____ () C:\Users\Kathrin\AppData\Local\recently-used.xbel
2012-12-02 04:05 - 2012-12-02 04:05 - 0000119 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2012-12-02 04:03 - 2012-12-02 04:03 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2012-12-02 04:03 - 2012-12-02 04:04 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log
2012-12-02 04:03 - 2012-12-02 04:03 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2012-12-02 04:04 - 2012-12-02 04:05 - 0000108 _____ () C:\ProgramData\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}.log

Einige Dateien in TEMP:
====================
2015-10-26 17:52 - 2015-10-26 17:52 - 0035680 _____ () C:\Users\Kathrin\AppData\Local\Temp\i4jdel0.exe
2016-12-26 11:25 - 2016-12-26 11:25 - 0043520 ____N () C:\Users\Kathrin\AppData\Local\Temp\proxy_vole3115605042775723114.dll
2013-08-21 12:20 - 2013-10-09 13:57 - 0344355 _____ () C:\Users\Kathrin\AppData\Local\Temp\Quarantine.exe
2017-05-10 09:02 - 2017-05-10 09:02 - 14456872 _____ (Microsoft Corporation) C:\Users\Kathrin\AppData\Local\Temp\vc_redist.x86.exe
2017-05-23 20:40 - 2017-05-23 20:40 - 0733432 _____ (adaware) C:\Users\Kathrin\AppData\Local\Temp\wcupdater.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-07-26 11:37

==================== Ende von FRST.txt ============================

2. Addition:

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 23-07-2017
durchgeführt von Kathrin (26-07-2017 13:54:25)
Gestartet von C:\Users\Kathrin\Downloads
Windows 8.1 (Update) (X64) (2014-08-15 19:37:05)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-85611978-3827166080-1061539791-500 - Administrator - Disabled)
Gast (S-1-5-21-85611978-3827166080-1061539791-501 - Limited - Disabled)
Kathrin (S-1-5-21-85611978-3827166080-1061539791-1001 - Administrator - Enabled) => C:\Users\Kathrin

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Enabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC}
AS: Malwarebytes (Disabled - Out of date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee VirusScan (Enabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}
FW: McAfee Firewall (Enabled) {B3F62DDF-980B-3470-75A7-407A2E6F58C7}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Absolute Reminder (HKLM-x32\...\{40F4FF7A-B214-4453-B973-080B09CED019}) (Version: 2.1.0.8 - Absolute Software)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.137 - Adobe Systems Incorporated)
Amazon Browser App (HKLM-x32\...\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}) (Version: 1.0.0.0 - Amazon) <==== ACHTUNG
AMD Catalyst Install Manager (HKLM\...\{FDDC1039-944D-A9DD-92A7-59EE0A91C93B}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
Apple Application Support (32-Bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon MP Navigator EX 3.0 (HKLM-x32\...\MP Navigator EX 3.0) (Version:  - )
Canon MP640 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP640_series) (Version:  - )
Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 3.6.9.0 - Chip Digital GmbH)
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.5.0.0 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.5.0.0 - Dell Inc.)
Dell Customer Connect (HKLM-x32\...\{4FA72FF9-DD64-43A8-8704-6380A11F11D5}) (Version: 1.4.15.0 - Dell Inc.)
Dell SupportAssistAgent (HKLM\...\{90881C8E-6C4F-4662-9923-85AFCA058C44}) (Version: 2.0.1.7 - Dell)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 17.0.8.0 - Synaptics Incorporated)
Dell Update (HKLM-x32\...\{F91263FA-BE4D-439D-9C0A-2E7204E0E9E3}) (Version: 1.9.20.0 - Dell Inc.)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 17.4.37.20160609 - Landesfinanzdirektion Thüringen)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Fotogalerie (HKLM-x32\...\{B19E03EA-067C-412F-A81E-271720E601AB}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 1.0 - Huawei Technologies Co.,Ltd)
ifolor Designer (HKLM-x32\...\ifolor-Designer) (Version:  - Ifolor AG)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) My WiFi Dashboard (HKLM\...\{1E741267-F54B-4b3a-A7B6-1D1A156E385E}) (Version: 15.05.5000.0219 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{89478C31-5CE8-461A-9084-9A0AF059F84F}) (Version: 15.5.0.0344 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{7854AA22-A2F0-4F29-A2E9-D0C5A2B685E7}) (Version: 2.5.0.0248 - Motorola Solutions, Inc)
Intel(R) Rapid Start Technology (HKLM-x32\...\3D073343-CEEB-4ce7-85AC-A69A7631B5D6) (Version: 2.1.0.1002 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
Intel(R) Smart Connect Technology 3.0 x64 (HKLM\...\{EE21578E-DE14-46D5-83D7-EA4D347B2F9A}) (Version: 3.0.30.1526 - Intel)
Intel® PROSet/Wireless Software (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.35 - Irfan Skiljan)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Malwarebytes Version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
McAfee SecurityCenter (HKLM-x32\...\MSC) (Version: 16.0.1 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.140 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Office Home and Business 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{7F682A00-6497-4551-A2A6-063AE667D1CF}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{D71BC54E-A4E6-4E06-866C-FD6EE16EA187}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Mozilla Firefox 54.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 54.0.1 (x86 de)) (Version: 54.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 54.0.1 - Mozilla)
OnlineFotoservice (HKLM-x32\...\OnlineFotoservice) (Version: 6.2.1 - CEWE Stiftung u Co. KGaA)
PDF Architect 3 (HKLM-x32\...\PDF Architect 3) (Version: 3.0.45.22485 - pdfforge GmbH)
PDF Architect 3 Create Module (HKLM-x32\...\{38BA288B-C4F4-4C62-9237-4BFAB374F966}) (Version: 3.0.13.22993 - pdfforge GmbH) Hidden
PDF Architect 3 Edit Module (HKLM-x32\...\{5183F03D-90FA-493B-A074-F0F78B8486AD}) (Version: 3.0.13.22993 - pdfforge GmbH) Hidden
PDF Architect 3 View Module (HKLM-x32\...\{EB24E9E7-4BC1-4FD7-BF86-BDE07A7A03D7}) (Version: 3.0.13.22993 - pdfforge GmbH) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.1.2 - pdfforge)
PowerXpressHybrid (HKLM-x32\...\{51FDC2DE-0917-46B7-EAEC-5377504701DE}) (Version: 1.00.0000 - Ihr Firmenname) Hidden
PX Profile Update (HKLM-x32\...\{5C44E602-5CCC-CB4B-CF62-EF1F3A12C51E}) (Version: 1.00.1. - AMD) Hidden
Qualcomm Atheros Ethernet Controller (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.1.003 - Dell Inc.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype™ 7.36 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.36.101 - Skype Technologies S.A.)
tiptoi® Manager 3.1.6 (HKLM-x32\...\9978-5763-2995-5228) (Version: 3.1.6 - Ravensburger AG)
Web Companion (HKLM-x32\...\{b26385c7-5907-484a-bc22-1e755c8295d7}) (Version: 2.4.1558.3001 - Lavasoft)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-85611978-3827166080-1061539791-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
ContextMenuHandlers01: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2012-07-11] (Cyberlink)
ContextMenuHandlers01: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\mcafee\msc\McCtxMenuFrmWrk.dll [2017-05-31] (McAfee, Inc.)
ContextMenuHandlers01: [PDFArchitect3_PDFManagerExt] -> {7519DD38-AA6F-4250-8E81-F1576DA1A05E} =>  -> Keine Datei
ContextMenuHandlers02: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2012-07-11] (Cyberlink)
ContextMenuHandlers03: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-01-20] (Malwarebytes)
ContextMenuHandlers05: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2014-07-04] (Advanced Micro Devices, Inc.)
ContextMenuHandlers05: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Keine Datei
ContextMenuHandlers05: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2014-05-21] (Intel Corporation)
ContextMenuHandlers05: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\WINDOWS\system32\igfxOSP.dll [2014-05-21] (Intel Corporation)
ContextMenuHandlers06: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-01-20] (Malwarebytes)
ContextMenuHandlers06: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\mcafee\msc\McCtxMenuFrmWrk.dll [2017-05-31] (McAfee, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0DE5D388-FC53-4786-8AAA-CC7AD94D0382} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe
Task: {18B4A243-4C75-466B-AF54-FEA5E72E5B98} - System32\Tasks\BundleApplicationRepairToolLauncherTask => C:\Users\Kathrin\AppData\Roaming\PCDr\Repair\BundleApplicationRepairTool.exe [2017-07-26] ()
Task: {29315DC2-E945-4A23-BF7E-D55D516DFD18} - System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.50.1291.1\mcdatrep.exe [2017-02-13] (McAfee, Inc.)
Task: {3346F2AE-E1EC-4C54-AFFB-51D4143B987F} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssist.exe [2017-06-28] (Dell Inc.)
Task: {411AC239-D72C-4FDB-B5AC-93975814DD36} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe [2017-05-31] (McAfee, Inc.)
Task: {4C493B69-2697-4359-8288-269175854765} - System32\Tasks\IntelBootstrapCCDashServer => C:\Program Files\Intel\CCDashboard\bin\CCDashServer.exe [2012-07-13] (Intel® Corporation)
Task: {5E467C87-2481-40AB-8A4C-2946B3AA9301} - System32\Tasks\Dell SupportAssistAgent AnonymousRegistration => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssist.exe [2017-06-28] (Dell Inc.)
Task: {5F3FC2AD-9575-4A9F-B8F2-EBAA85480727} - System32\Tasks\Intel® Rapid Start Technology Manager => C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe [2012-07-20] (Intel)
Task: {6BEC73C4-CE06-47B5-AC6B-299327EC5032} - System32\Tasks\PCDDataUploadTask => uaclauncher.exe
Task: {8E87BCE2-092E-4537-9750-6044283C5E73} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-85611978-3827166080-1061539791-1001Core => C:\Users\Kathrin\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-04-06] (Facebook Inc.)
Task: {8E9E1FC8-A5BE-40AD-A369-056C024240E0} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {997C97A7-BF73-453A-87C1-1D7547FAD789} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {A0AA7717-B8D6-437B-82FC-FC8956A8AAF5} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {A5E57417-4C56-47EE-9058-51C36DB67062} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-07-17] (Adobe Systems Incorporated)
Task: {A9B66851-C039-4F0C-8517-50C2937B712B} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe
Task: {CB85AA55-67CF-4281-A94A-8DBB541FFA6E} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-85611978-3827166080-1061539791-1001UA => C:\Users\Kathrin\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-04-06] (Facebook Inc.)
Task: {FE7C1D05-12AB-44A5-B0C5-A77F22856266} - System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.50.1291.1\mcdatrep.exe [2017-02-13] (McAfee, Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-85611978-3827166080-1061539791-1001Core.job => C:\Users\Kathrin\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-85611978-3827166080-1061539791-1001UA.job => C:\Users\Kathrin\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-03-20 18:12 - 2015-03-20 18:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-04-11 04:17 - 2017-04-11 04:17 - 00192200 _____ () C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
2012-07-24 18:43 - 2012-07-24 18:43 - 00146984 _____ () c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2012-07-24 18:43 - 2012-07-24 18:43 - 00058920 _____ () c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2012-12-02 04:04 - 2012-04-25 04:43 - 00254512 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2017-05-10 08:45 - 2017-05-12 14:11 - 00025192 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
2017-05-10 08:45 - 2017-05-12 14:11 - 00017000 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.Service.Logger.dll
2017-05-10 08:45 - 2017-05-12 14:11 - 00036968 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WcfService.dll
2017-05-10 08:50 - 2017-03-22 10:24 - 02271520 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-06-30 20:40 - 2017-06-11 13:00 - 00583160 _____ () C:\Program Files\McAfee\MfeAV\RealProtectAMScanIf.dll
2017-06-30 20:40 - 2017-06-11 12:59 - 00574352 _____ () C:\Program Files\McAfee\MfeAV\AMEngineScan.dll
2017-06-30 20:40 - 2017-06-11 13:00 - 00571240 _____ () C:\Program Files\McAfee\MfeAV\RepairModule.dll
2017-06-28 16:49 - 2017-06-28 16:49 - 00018904 _____ () C:\Program Files\Dell\SupportAssistAgent\bin\UnityConfig.dll
2017-06-28 16:49 - 2017-06-28 16:49 - 00037336 _____ () C:\Program Files\Dell\SupportAssistAgent\bin\WorkflowEngine.dll
2017-06-28 16:49 - 2017-06-28 16:49 - 00209368 _____ () C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistHandlers.dll
2017-06-28 16:49 - 2017-06-28 16:49 - 00025048 _____ () C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistWebServer.dll
2017-06-28 16:49 - 2017-06-28 16:49 - 00071640 _____ () C:\Program Files\Dell\SupportAssistAgent\bin\SmartThreadPool.dll
2017-06-28 16:49 - 2017-06-28 16:49 - 00010712 _____ () C:\Program Files\Dell\SupportAssistAgent\bin\Owin.dll
2013-07-06 18:09 - 2013-04-20 00:51 - 00023328 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
2013-07-06 18:09 - 2013-04-20 00:52 - 00049440 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\STCommonShellIntegration.dll
2017-05-10 08:45 - 2017-05-12 14:11 - 00137320 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Utils.dll
2017-05-10 08:45 - 2017-05-12 14:11 - 00058472 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Common.Platform.dll
2017-05-10 08:45 - 2017-05-12 14:11 - 00018024 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.UpdateComponents.dll
2017-05-10 08:45 - 2017-05-12 14:11 - 00303720 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Business.dll
2017-05-10 08:45 - 2017-05-12 14:11 - 00030312 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.AvastWrapper.dll
2017-05-10 08:45 - 2017-05-12 14:11 - 00058984 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.adblocker.dll
2017-05-10 08:45 - 2017-05-12 14:11 - 00128104 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.PUP.Management.dll
2017-04-26 15:19 - 2017-04-26 15:19 - 02005976 ____R () C:\Program Files (x86)\Skype\Phone\skypert.dll
2012-12-02 04:03 - 2012-06-08 05:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 19:34 - 2012-06-08 19:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2016-12-21 11:24 - 2016-12-21 11:24 - 00134008 _____ () C:\Program Files (x86)\Dell Customer Connect\ServiceTagPlusPlus.dll
2017-05-01 15:27 - 2017-05-01 15:27 - 00133992 _____ () C:\Program Files (x86)\Dell Update\ServiceTagPlusPlus.dll
2017-06-26 21:28 - 2017-06-26 21:28 - 00016384 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PSIClient\45eab03aba84951dc2a8fd2b4c8873eb\PSIClient.ni.dll
2012-12-02 03:59 - 2012-06-25 18:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-07-06 18:09 - 2013-05-03 01:01 - 01813792 _____ () C:\Program Files (x86)\Dell Backup and Recovery\OLCoreWrapper.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-85611978-3827166080-1061539791-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-85611978-3827166080-1061539791-1001\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-85611978-3827166080-1061539791-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Kathrin\Pictures\CARE FOR RARE\VMue_Hauner_075.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{188E8844-E6E4-42AD-8C07-AC847FF0BA1E}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{E8B12A93-8860-4991-975A-7D8738EE676C}] => (Allow) C:\ProgramData\eSafe\eGdpSvc.exe
FirewallRules: [{811DA069-172B-4E38-8CCE-2D59D2D29142}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{C118666D-67C5-4B9C-9772-3EFD382DFE82}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{EA079284-CA59-4A57-98D1-1C21F801DCF7}] => (Allow) C:\Users\Kathrin\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{30482E56-3C2B-4B1E-93FC-B8B08592B042}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{0E53461D-9A6C-4A44-AF86-CB100DAD2003}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{028A8F41-5B39-4FDD-88FC-0369A76BBB12}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{CBC14812-4E49-45CA-B669-D74708E70D7D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B8A748BA-F85E-440E-9341-4A12F7078187}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{75E771D5-7A93-4F32-8C1E-C73FC56C0C42}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{5AFBF5AE-372D-4EB5-A951-9F978CF92CE2}] => (Allow) LPort=1900
FirewallRules: [{7E76E4C2-CDA0-49A1-AC27-9A3D8D4D559E}] => (Allow) LPort=2869
FirewallRules: [{E6ADD05B-D6CE-4C93-8301-DD4CAA42A5BC}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{A0C45305-A57A-4414-8C88-6768880AC727}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{3F0DA78D-FC9F-49CD-8760-1FEA33468D78}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{230296DC-9E8A-493A-A068-D2FDBEF91022}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{2D45E4C0-A767-4988-B89F-D901962A7DF0}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{8034E5C6-4EA2-4442-BD2D-87084642BD2D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{2468B071-CCD1-468E-8FA4-36ABAAF0DF7E}] => (Allow) C:\Program Files\Intel\CCDashboard\bin\CCDash.exe
FirewallRules: [{4D540E0C-0CAC-46AF-889C-1B449DBBE7B3}] => (Allow) C:\Program Files\Intel\CCDashboard\bin\CCDash.exe
FirewallRules: [{35D3388D-886A-4DA2-86D2-60750DDD7A61}] => (Allow) C:\Program Files\Intel\CCDashboard\bin\CCDashServer.exe
FirewallRules: [{A5ADA1D6-556F-46DB-ABC6-4CAC642E95F4}] => (Allow) C:\Program Files\Intel\CCDashboard\bin\CCDashServer.exe
FirewallRules: [{350AB6C7-0883-4655-B55D-7DB74B201204}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{5969C060-D095-4130-B394-FC53FC4D2594}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{85902356-C454-400C-9A9F-1DB6980946E3}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{1E7C3ECA-AED0-4BBD-BA20-6C9D7C12CFCC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8E379764-2D3F-43E2-B38E-7F8F06A6C03B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Wiederherstellungspunkte =========================

26-06-2017 21:05:05 Windows Update
21-07-2017 10:51:38 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (07/26/2017 01:01:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1250

Error: (07/26/2017 01:01:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1250

Error: (07/26/2017 01:01:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/26/2017 11:37:59 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "\\?\Volume{b933931f-ec2b-4aec-9121-6e6207e8820d}\" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)

Error: (07/26/2017 11:37:59 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "WINRETOOLS" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)

Error: (07/26/2017 11:03:17 AM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: CISCTPnpDriverApi::SetMaxWakeDuration   *****IOCTL_ISCT_SAWD(SAWD) Failed, Error=0x2

Error: (07/26/2017 10:18:35 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "\\?\Volume{b933931f-ec2b-4aec-9121-6e6207e8820d}\" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)

Error: (07/26/2017 10:18:34 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "WINRETOOLS" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)

Error: (07/26/2017 09:39:47 AM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: CISCTPnpDriverApi::SetMaxWakeDuration   *****IOCTL_ISCT_SAWD(SAWD) Failed, Error=0x2

Error: (07/24/2017 07:55:45 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2109


Systemfehler:
=============
Error: (07/26/2017 01:18:59 PM) (Source: Tcpip) (EventID: 4199) (User: )
Description: Das System hat einen Adressenkonflikt der IP-Adresse 2a02:810d:29c0:648::2 mit dem Computer mit der
Netzwerkhardwareadresse A4-67-06-4D-7C-55 ermittelt. Netzwerkvorgänge könnten daher auf diesem
System unterbrochen werden.

Error: (07/26/2017 11:03:16 AM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip 1-click download service" hat einen ungültigen aktuellen Status gemeldet: 0

Error: (07/26/2017 11:03:16 AM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip 1-click download service" hat einen ungültigen aktuellen Status gemeldet: 0

Error: (07/26/2017 09:39:45 AM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip 1-click download service" hat einen ungültigen aktuellen Status gemeldet: 0

Error: (07/26/2017 09:39:45 AM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip 1-click download service" hat einen ungültigen aktuellen Status gemeldet: 0

Error: (07/26/2017 08:54:19 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Erkennung interaktiver Dienste" wurde mit folgendem Fehler beendet: 
Unzulässige Funktion.

Error: (07/24/2017 07:53:14 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Erkennung interaktiver Dienste" wurde mit folgendem Fehler beendet: 
Unzulässige Funktion.

Error: (07/24/2017 07:52:00 AM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: Fehler "1053" in DCOM, als der Dienst "mcpltsvc" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{20966775-18A4-4299-B8E3-772C336B52A7}

Error: (07/24/2017 07:52:00 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee Platform Services" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (07/24/2017 07:52:00 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst McAfee Platform Services erreicht.


CodeIntegrity:
===================================
  Date: 2017-07-26 13:49:57.482
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imthx64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-07-26 13:49:57.224
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imapo64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-07-26 13:49:56.823
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imthx64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-07-26 13:49:56.562
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imapo64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-07-26 13:49:53.122
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imthx64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-07-26 13:49:52.855
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imapo64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-07-26 13:49:52.499
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imthx64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-07-26 13:49:52.221
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imapo64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-07-26 13:15:15.665
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imthx64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-07-26 13:15:15.393
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imapo64.dll because the set of per-page image hashes could not be found on the system.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-3517U CPU @ 1.90GHz
Prozentuale Nutzung des RAM: 49%
Installierter physikalischer RAM: 8058.5 MB
Verfügbarer physikalischer RAM: 4052.57 MB
Summe virtueller Speicher: 9338.5 MB
Verfügbarer virtueller Speicher: 4218.47 MB

==================== Laufwerke ================================

Drive c: (OS) (Fixed) (Total:216.5 GB) (Free:38.84 GB) NTFS
Drive y: (WINRETOOLS) (Fixed) (Total:0.49 GB) (Free:0.44 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 17FA38E3)

Partition: GPT.

==================== Ende von Addition.txt ============================

TDSSKiller folgt in meiner nächsten Mail.

gapkathl · 26.07.2017, 17:47

TDSSKiller:

Code:

ATTFilter

18:05:48.0978 0x2ac0  TDSS rootkit removing tool 3.1.0.15 Apr 18 2017 11:34:02
18:05:48.0978 0x2ac0  UEFI system
18:05:56.0932 0x2ac0  ============================================================
18:05:56.0932 0x2ac0  Current date / time: 2017/07/26 18:05:56.0932
18:05:56.0933 0x2ac0  SystemInfo:
18:05:56.0933 0x2ac0  
18:05:56.0933 0x2ac0  OS Version: 6.3.9600 ServicePack: 0.0
18:05:56.0933 0x2ac0  Product type: Workstation
18:05:56.0933 0x2ac0  ComputerName: DELLBOOKKATHRIN
18:05:56.0933 0x2ac0  UserName: Kathrin
18:05:56.0933 0x2ac0  Windows directory: C:\WINDOWS
18:05:56.0933 0x2ac0  System windows directory: C:\WINDOWS
18:05:56.0933 0x2ac0  Running under WOW64
18:05:56.0933 0x2ac0  Processor architecture: Intel x64
18:05:56.0933 0x2ac0  Number of processors: 4
18:05:56.0933 0x2ac0  Page size: 0x1000
18:05:56.0933 0x2ac0  Boot type: Normal boot
18:05:56.0933 0x2ac0  CodeIntegrityOptions = 0x00000001
18:05:56.0933 0x2ac0  ============================================================
18:05:57.0080 0x2ac0  KLMD registered as C:\WINDOWS\system32\drivers\27695379.sys
18:05:57.0080 0x2ac0  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 9600.18730, osProperties = 0x19
18:05:58.0466 0x2ac0  System UUID: {0BE75E38-7630-9DFF-D8CD-E09802706A21}
18:05:59.0074 0x2ac0  Drive \Device\Harddisk0\DR0 - Size: 0x3B9E656000 ( 238.47 Gb ), SectorSize: 0x200, Cylinders: 0x799A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:05:59.0076 0x2ac0  ============================================================
18:05:59.0076 0x2ac0  \Device\Harddisk0\DR0:
18:05:59.0077 0x2ac0  GPT partitions:
18:05:59.0078 0x2ac0  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {C887BD91-5AC5-4D87-93F9-E7E63C34EB7C}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0xFA000
18:05:59.0078 0x2ac0  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {796BADD3-6BBF-4D9F-B631-466EB71A4965}, UniqueGUID: {2C47581E-97E3-4CAE-AC35-4FF97656D965}, Name: Basic data partition, StartLBA 0xFA800, BlocksNum 0x14000
18:05:59.0078 0x2ac0  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {520AD7AC-AE5A-4F6A-B1E3-EE85D6CE44E2}, Name: Microsoft reserved partition, StartLBA 0x10E800, BlocksNum 0x40000
18:05:59.0078 0x2ac0  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {34E2C13D-BDE8-47AA-8462-8E2AB2CEBBB7}, Name: Basic data partition, StartLBA 0x14E800, BlocksNum 0xFA000
18:05:59.0078 0x2ac0  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {7619CE9C-B80C-4DA9-A91A-574F6267ADEF}, Name: Basic data partition, StartLBA 0x248800, BlocksNum 0x1B0FD800
18:05:59.0078 0x2ac0  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {B933931F-EC2B-4AEC-9121-6E6207E8820D}, Name: , StartLBA 0x1B346000, BlocksNum 0xE1000
18:05:59.0078 0x2ac0  \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {387497CB-73DC-4BFE-827C-FC5153F0BC8B}, Name: Microsoft recovery partition, StartLBA 0x1B427000, BlocksNum 0x18C9000
18:05:59.0078 0x2ac0  \Device\Harddisk0\DR0\Partition8: GPT, TypeGUID: {D3BFE2DE-3DAF-11DF-BA40-E3A556D89593}, UniqueGUID: {E3A4AC52-609E-404B-AB96-3A2965E663E2}, Name: Basic data partition, StartLBA 0x1CCF0000, BlocksNum 0x1003000
18:05:59.0078 0x2ac0  MBR partitions:
18:05:59.0078 0x2ac0  ============================================================
18:05:59.0079 0x2ac0  C: <-> \Device\Harddisk0\DR0\Partition5
18:05:59.0079 0x2ac0  ============================================================
18:05:59.0079 0x2ac0  Initialize success
18:05:59.0079 0x2ac0  ============================================================
18:06:02.0283 0x1a5c  ============================================================
18:06:02.0283 0x1a5c  Scan started
18:06:02.0283 0x1a5c  Mode: Manual; 
18:06:02.0283 0x1a5c  ============================================================
18:06:02.0283 0x1a5c  KSN ping started
18:06:05.0490 0x1a5c  KSN ping finished: true
18:06:05.0818 0x1a5c  ================ Scan system memory ========================
18:06:05.0819 0x1a5c  System memory - ok
18:06:05.0819 0x1a5c  ================ Scan services =============================
18:06:05.0875 0x1a5c  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
18:06:05.0881 0x1a5c  1394ohci - ok
18:06:05.0891 0x1a5c  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
18:06:05.0893 0x1a5c  3ware - ok
18:06:05.0911 0x1a5c  [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
18:06:05.0922 0x1a5c  ACPI - ok
18:06:05.0928 0x1a5c  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
18:06:05.0930 0x1a5c  acpiex - ok
18:06:05.0934 0x1a5c  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
18:06:05.0935 0x1a5c  acpipagr - ok
18:06:05.0939 0x1a5c  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
18:06:05.0940 0x1a5c  AcpiPmi - ok
18:06:05.0944 0x1a5c  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
18:06:05.0945 0x1a5c  acpitime - ok
18:06:05.0979 0x1a5c  [ 0DC99843E91A0313F0C6591656D650A5, 583DCD5D3BA3F470FF9F39221358EF2DF01FE62B98562FCFD1AD99FA1C01892E ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:06:05.0983 0x1a5c  AdobeFlashPlayerUpdateSvc - ok
18:06:06.0006 0x1a5c  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
18:06:06.0024 0x1a5c  ADP80XX - ok
18:06:06.0034 0x1a5c  [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc     C:\WINDOWS\System32\aelupsvc.dll
18:06:06.0038 0x1a5c  AeLookupSvc - ok
18:06:06.0056 0x1a5c  [ A460C3AF3755A2A79A3C8EFE72E147B5, 62CEA85DA53D86D3E7B5D79F94095C6126FFF3DEE1427BBF3DEF5EA366B4513B ] AFD             C:\WINDOWS\system32\drivers\afd.sys
18:06:06.0066 0x1a5c  AFD - ok
18:06:06.0073 0x1a5c  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
18:06:06.0075 0x1a5c  agp440 - ok
18:06:06.0081 0x1a5c  [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
18:06:06.0083 0x1a5c  ahcache - ok
18:06:06.0088 0x1a5c  [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG             C:\WINDOWS\System32\alg.exe
18:06:06.0090 0x1a5c  ALG - ok
18:06:06.0098 0x1a5c  [ 6CF81DD5083D7F94A7E76E50429A949C, 19240502A6406924F889D1AFA975B975A300776D8B2D0557181DF13649622E2B ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
18:06:06.0102 0x1a5c  AMD External Events Utility - ok
18:06:06.0108 0x1a5c  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
18:06:06.0111 0x1a5c  AmdK8 - ok
18:06:06.0358 0x1a5c  [ 71F8D8B977ACC5973FA042BF906E709F, 8106C5F5C8E40344CCCDB912845786DF287BDF068D7A6EF9D26B00FA1754C1BC ] amdkmdag        C:\WINDOWS\system32\DRIVERS\atikmdag.sys
18:06:06.0572 0x1a5c  amdkmdag - ok
18:06:06.0599 0x1a5c  [ 4AA027F91A8093B1CDF453B5394F6715, E6D15E959637C102A34F73F66BFDC38436575A2FEFFC3976ACF399A472F126A5 ] amdkmdap        C:\WINDOWS\system32\DRIVERS\atikmpag.sys
18:06:06.0610 0x1a5c  amdkmdap - ok
18:06:06.0615 0x1a5c  [ 8A375CB3B6D1A56A2AEEE72A5F1D0926, 03D6EA77B141675B719E66DA09D1DACC7137B19F9918C303DD6870B3F36ADEBB ] amdkmpfd        C:\WINDOWS\system32\drivers\amdkmpfd.sys
18:06:06.0615 0x1a5c  amdkmpfd - ok
18:06:06.0621 0x1a5c  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
18:06:06.0624 0x1a5c  AmdPPM - ok
18:06:06.0630 0x1a5c  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
18:06:06.0632 0x1a5c  amdsata - ok
18:06:06.0639 0x1a5c  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
18:06:06.0644 0x1a5c  amdsbs - ok
18:06:06.0649 0x1a5c  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
18:06:06.0650 0x1a5c  amdxata - ok
18:06:06.0656 0x1a5c  [ FB88245C1815EB1588DBC364A8D24522, 8DF136DE523EB39199FC993C48D850AD5B57FD9808B778FEF77FDC737F1A0026 ] AMPPAL          C:\WINDOWS\System32\drivers\AMPPAL.sys
18:06:06.0660 0x1a5c  AMPPAL - ok
18:06:06.0680 0x1a5c  [ A73CEA1B1B0A4F6D10BFD3B9AD9DC5F9, A2A4C8FA566BE06A64A34DEBF2647AA40B31BEBA677D548CAE3100EF20632EB7 ] AMPPALR3        C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
18:06:06.0690 0x1a5c  AMPPALR3 - ok
18:06:06.0696 0x1a5c  [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID           C:\WINDOWS\system32\drivers\appid.sys
18:06:06.0698 0x1a5c  AppID - ok
18:06:06.0702 0x1a5c  [ 88358135810B9DFD830A9D3A8C3D149A, DF914DA3828EE2310895D156342E3B3DF5E8C6F6F9B851C359E82A1F48180D4B ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
18:06:06.0703 0x1a5c  AppIDSvc - ok
18:06:06.0708 0x1a5c  [ 734622FBA766DBD65B1803549B24A04A, 3B6872B87A60D4DA265D3B8AB0561A929CFE2C097419183E93D3843422363C89 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
18:06:06.0711 0x1a5c  Appinfo - ok
18:06:06.0718 0x1a5c  [ 612CB66D93ED0F2F21BB109840C7D813, 75484123DA27B8942B13148FCF061C75A08A50386A095143736B593E9C772173 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:06:06.0720 0x1a5c  Apple Mobile Device Service - ok
18:06:06.0735 0x1a5c  [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
18:06:06.0744 0x1a5c  AppReadiness - ok
18:06:06.0773 0x1a5c  [ E0F846ADE7DED88981D0908DE56FF160, D8F536438091878724A5004849306ADFB96A2778A9D958ED3DCC0CD9E35160BB ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
18:06:06.0795 0x1a5c  AppXSvc - ok
18:06:06.0803 0x1a5c  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
18:06:06.0806 0x1a5c  arcsas - ok
18:06:06.0810 0x1a5c  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
18:06:06.0811 0x1a5c  atapi - ok
18:06:06.0821 0x1a5c  [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
18:06:06.0825 0x1a5c  AudioEndpointBuilder - ok
18:06:06.0845 0x1a5c  [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
18:06:06.0858 0x1a5c  Audiosrv - ok
18:06:06.0864 0x1a5c  [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
18:06:06.0867 0x1a5c  AxInstSV - ok
18:06:06.0881 0x1a5c  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
18:06:06.0890 0x1a5c  b06bdrv - ok
18:06:06.0895 0x1a5c  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
18:06:06.0897 0x1a5c  BasicDisplay - ok
18:06:06.0901 0x1a5c  [ 195BD339B4B782B42C19489DCFB4D110, E63CC0AEF1875D5D127E341CF65117DABC9E376A83E615EC8D01F6AB705DABAD ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
18:06:06.0902 0x1a5c  BasicRender - ok
18:06:06.0907 0x1a5c  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
18:06:06.0908 0x1a5c  bcmfn2 - ok
18:06:06.0918 0x1a5c  [ 174394F4EF93C117BF7BE3878046A1B1, D58E868342D1DAFC4B04384A3713F729DF07F408AA6AE4762E6A4244F976526A ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
18:06:06.0924 0x1a5c  BDESVC - ok
18:06:06.0927 0x1a5c  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
18:06:06.0928 0x1a5c  Beep - ok
18:06:06.0948 0x1a5c  [ 5059D93764340D4EAEDF49C47133118F, 26C5779469E04BEAFD290B619CA355648F3911C66D41B22D2C3DCA909FCA0F6E ] BFE             C:\WINDOWS\System32\bfe.dll
18:06:06.0961 0x1a5c  BFE - ok
18:06:06.0983 0x1a5c  [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS            C:\WINDOWS\System32\qmgr.dll
18:06:06.0998 0x1a5c  BITS - ok
18:06:07.0024 0x1a5c  [ 4AF14827F1584D084BC136A51FAA8397, B6202545E2459D648BF668F7025A139F64DB6F28F88773FD997DFF10003D9B7C ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
18:06:07.0041 0x1a5c  Bluetooth Device Monitor - ok
18:06:07.0065 0x1a5c  [ BC89A4C6A2A9C65E8E88AD0B3BF180FD, 06ECD1BF3F3526A77E389413D060BAB6BD50E5DC4C926C8EFCE2B04D56EE16E4 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
18:06:07.0083 0x1a5c  Bluetooth OBEX Service - ok
18:06:07.0098 0x1a5c  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:06:07.0105 0x1a5c  Bonjour Service - ok
18:06:07.0111 0x1a5c  [ 4938A9236300A356F97E378491EE4844, 60D892960D48EEF48F8EC4DE4F174EBD0BC0E7B28B6D8723D554CD1979EB55B4 ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
18:06:07.0114 0x1a5c  bowser - ok
18:06:07.0123 0x1a5c  [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
18:06:07.0128 0x1a5c  BrokerInfrastructure - ok
18:06:07.0135 0x1a5c  [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser         C:\WINDOWS\System32\browser.dll
18:06:07.0139 0x1a5c  Browser - ok
18:06:07.0146 0x1a5c  [ F4CB6F457D019857C8DB6F04CA2957F5, D9E7DD49AF9C38D1696045F6004E1B504A65227B41256961E28A8DCA9B068EA9 ] BthA2DP         C:\WINDOWS\system32\drivers\BthA2DP.sys
18:06:07.0150 0x1a5c  BthA2DP - ok
18:06:07.0154 0x1a5c  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
18:06:07.0155 0x1a5c  BthAvrcpTg - ok
18:06:07.0160 0x1a5c  [ 1104A31260CCF4318C884E0AE6C513BF, A8F83B558944DEF0F84414A11DC3CB90C3A92377B46760EC0A9B8BC22FB0D5C7 ] BthEnum         C:\WINDOWS\System32\drivers\BthEnum.sys
18:06:07.0161 0x1a5c  BthEnum - ok
18:06:07.0166 0x1a5c  [ 7A2E3CB427309F56C2571F0610B7ADA8, 25C178EA7FC2CE6375CA1B75057FA7A992CF71BB7821F4A71107CDE6D0F04667 ] BthHFAud        C:\WINDOWS\System32\drivers\BthHfAud.sys
18:06:07.0167 0x1a5c  BthHFAud - ok
18:06:07.0172 0x1a5c  [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
18:06:07.0174 0x1a5c  BthHFEnum - ok
18:06:07.0178 0x1a5c  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
18:06:07.0180 0x1a5c  bthhfhid - ok
18:06:07.0191 0x1a5c  [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
18:06:07.0199 0x1a5c  BthHFSrv - ok
18:06:07.0209 0x1a5c  [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum       C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys
18:06:07.0214 0x1a5c  BthLEEnum - ok
18:06:07.0220 0x1a5c  [ 66B791F6B11DC4303DD18A224A501542, 502AE4D6FFC6B0FCED081B0E0F61F699F96F20DFEE737B53828F5DEE3BD0FCB1 ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
18:06:07.0222 0x1a5c  BTHMODEM - ok
18:06:07.0229 0x1a5c  [ D0AF91AF656E25AD8617EFA5B52EF457, FD723D99A0B8466BD991648DEED1831D32FD3A5995DD0E0837390746B8A7B439 ] BthPan          C:\WINDOWS\System32\drivers\bthpan.sys
18:06:07.0232 0x1a5c  BthPan - ok
18:06:07.0262 0x1a5c  [ 0CC00ADC1B84C93FB46E1A0974E956E1, 64C759244651B916901F4D0C82C3D6034532A20714A72FD26FC9D050B99E230B ] BTHPORT         C:\WINDOWS\System32\Drivers\BTHport.sys
18:06:07.0288 0x1a5c  BTHPORT - ok
18:06:07.0294 0x1a5c  [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv         C:\WINDOWS\system32\bthserv.dll
18:06:07.0296 0x1a5c  bthserv - ok
18:06:07.0301 0x1a5c  [ 9310C81BE4D5EA33798A99355BB53E94, 127D1CC281996FD7B4359858A7B3EDB6FF4987EF463406259DA04D6F65DA1478 ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
18:06:07.0303 0x1a5c  BTHSSecurityMgr - ok
18:06:07.0309 0x1a5c  [ 08EA90955AED2D959EE67DF6EDF0E2B6, 0A70AA67E5DD24C473C66A570C0FEBA9D398A0F0AD8386FE05D01C4D16346968 ] BTHUSB          C:\WINDOWS\System32\Drivers\BTHUSB.sys
18:06:07.0311 0x1a5c  BTHUSB - ok
18:06:07.0330 0x1a5c  [ 1134650C2F97611ACCDB02BC904AD35D, 59590C7C7D79105C4ED3F610861D58F55C3D7DDA6A13BBC9145AE23A3723B482 ] btmhsf          C:\WINDOWS\system32\DRIVERS\btmhsf.sys
18:06:07.0343 0x1a5c  btmhsf - ok
18:06:07.0350 0x1a5c  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
18:06:07.0352 0x1a5c  cdfs - ok
18:06:07.0360 0x1a5c  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
18:06:07.0364 0x1a5c  cdrom - ok
18:06:07.0370 0x1a5c  [ ACFDC4EE40EC6E4A0AB91D923B8288C8, D31555AB31F504C247049219BE0ECDF26BB18E210BE7C45E8575FD166FD7EE23 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
18:06:07.0374 0x1a5c  CertPropSvc - ok
18:06:07.0378 0x1a5c  [ FB269C967C148E7EAC674718BF48E041, C5ABB51CD35360A752C2D029E1DA377865C9FF285309FDEFF6B6957095229A72 ] cfwids          C:\WINDOWS\system32\drivers\cfwids.sys
18:06:07.0380 0x1a5c  cfwids - ok
18:06:07.0385 0x1a5c  [ 59B4AB79011957DD3B83F0C2E63741BD, 5DE68785D701DBA0F98452B7D5CC407BEECD51685F39516157733CED2EF2FA19 ] chip1click      C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe
18:06:07.0387 0x1a5c  chip1click - ok
18:06:07.0392 0x1a5c  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
18:06:07.0393 0x1a5c  circlass - ok
18:06:07.0402 0x1a5c  [ B02ABFC429213E57019A56E2C204935C, 827E66D32EB078CAC6E96F7267BE91AAD78F982545D26C6758508D57F453342D ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
18:06:07.0409 0x1a5c  CLFS - ok
18:06:07.0445 0x1a5c  [ 85F31D4986E81CF3E78A5E2442C8F7AF, B6E6233D63A2C3E7AF0A9BBB62799159BF96C0F0EEBBC9B523BD227CC7A746B3 ] ClientAnalyticsService C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe
18:06:07.0471 0x1a5c  ClientAnalyticsService - ok
18:06:07.0483 0x1a5c  [ 075CCE75090786F124573A788C8656E6, AA188CFF2F8EE2D9F50701AB2315D24E15D7715FD84F5054D3FC175D4BD35734 ] CLVirtualDrive  C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys
18:06:07.0485 0x1a5c  CLVirtualDrive - ok
18:06:07.0489 0x1a5c  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
18:06:07.0490 0x1a5c  CmBatt - ok
18:06:07.0504 0x1a5c  [ C8823A6ECE66B997C8E9F413D1D671E7, D739A194BCA4C1979C5B2A71F4B8DAB0BCC1524808C50BA302847B6C82D77250 ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
18:06:07.0513 0x1a5c  CNG - ok
18:06:07.0520 0x1a5c  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\WINDOWS\System32\drivers\CompositeBus.sys
18:06:07.0521 0x1a5c  CompositeBus - ok
18:06:07.0524 0x1a5c  COMSysApp - ok
18:06:07.0529 0x1a5c  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
18:06:07.0530 0x1a5c  condrv - ok
18:06:07.0562 0x1a5c  [ 15FBADDC84ED202E59A4F1B201CC692C, A50092155B18DAD51049A72503002F08C1BB2DFDA239C4D3555360C163F2F782 ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
18:06:07.0568 0x1a5c  cphs - ok
18:06:07.0576 0x1a5c  [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
18:06:07.0578 0x1a5c  CryptSvc - ok
18:06:07.0583 0x1a5c  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\WINDOWS\system32\drivers\dam.sys
18:06:07.0585 0x1a5c  dam - ok
18:06:07.0589 0x1a5c  [ D06E443457FADC6B1AFAF3AA4B6936F6, 109B4D05E156604AFB3D63B380CC063B900AEB12F57A1D235B9F9399EE0909C7 ] dc3d            C:\WINDOWS\system32\DRIVERS\dc3d.sys
18:06:07.0591 0x1a5c  dc3d - ok
18:06:07.0614 0x1a5c  [ 20CC6E9FE25ACD34BE4FCDDB7B08364D, 295B2BBDC860A4CD65CD09C975D08CA1B8E4FE60AD0CA084CAB149A3E9D64B40 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
18:06:07.0628 0x1a5c  DcomLaunch - ok
18:06:07.0632 0x1a5c  [ A9DD971DDC793C549AFB97A6DDBD76B6, 5E35F4FFF5DC09A122DB93B760E13538AC5B6034EF72DB544815B3C6CD42DDD4 ] DDDriver        C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys
18:06:07.0634 0x1a5c  DDDriver - ok
18:06:07.0643 0x1a5c  [ 85A515EEF5625E8DEFCF798548F043D9, 1AAB1BA945A78768EFEA8E96903E51F4F18EFC78BAC24590FDB5B6425EF2698B ] DDVCollectorSvcApi C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
18:06:07.0646 0x1a5c  DDVCollectorSvcApi - ok
18:06:07.0705 0x1a5c  [ 46D8B6F60307E6D6A6367CA14EA7033C, 4DF030FC29D850A588C6FFC74FC2EDD3D0AF76B05D6601C58CAB3B981104B181 ] DDVDataCollector C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
18:06:07.0762 0x1a5c  DDVDataCollector - ok
18:06:07.0770 0x1a5c  [ B3B3F06E1B32F37BC11274B110681F32, 97AD34ECC2B21DD8EDDD40527443D61BD2DBE2424FE45B957E9730E0158272F8 ] DDVRulesProcessor C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
18:06:07.0774 0x1a5c  DDVRulesProcessor - ok
18:06:07.0787 0x1a5c  [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
18:06:07.0795 0x1a5c  defragsvc - ok
18:06:07.0802 0x1a5c  [ 04D91223860DB9B4169909A01CD66819, 0B598306E99BF9AF036908C9333D34A81F7A9FF292213A9EB583F3F4C8FE2CB1 ] Dell Customer Connect C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
18:06:07.0805 0x1a5c  Dell Customer Connect - ok
18:06:07.0809 0x1a5c  [ 8205B97AAF15AFDD2ED7D8E6C5088396, E0B3E8E2856FD06F8AC892266E00D157F55A0EC895B8FF16AC6EDE9467694985 ] DellProf        C:\WINDOWS\system32\drivers\DellProf.sys
18:06:07.0810 0x1a5c  DellProf - ok
18:06:07.0813 0x1a5c  [ DC253191A553DACA7684CFB5B03A4268, 2D651A059F1334671E875EB4FC642383DCC00710809255DA29F96C41EC2C8205 ] DellRbtn        C:\WINDOWS\System32\drivers\DellRbtn.sys
18:06:07.0814 0x1a5c  DellRbtn - ok
18:06:07.0822 0x1a5c  [ CAE8AEB8CABCC87D87763B7B97C24532, FE2EE43A44DA70CA45F783A25B94FE9D70E4B717D1BF2F28927FA1CD0A0460E9 ] DellUpdate      C:\Program Files (x86)\Dell Update\DellUpService.exe
18:06:07.0826 0x1a5c  DellUpdate - ok
18:06:07.0838 0x1a5c  [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
18:06:07.0844 0x1a5c  DeviceAssociationService - ok
18:06:07.0849 0x1a5c  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
18:06:07.0854 0x1a5c  DeviceInstall - ok
18:06:07.0861 0x1a5c  [ 4FED6AD69C9EE1EE7FD3C88437138855, 71E0863898F2E3B1F9769C8A9980E2063042961D417FE0C969B2E5B7A0013978 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
18:06:07.0864 0x1a5c  Dfsc - ok
18:06:07.0875 0x1a5c  [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
18:06:07.0881 0x1a5c  Dhcp - ok
18:06:07.0914 0x1a5c  [ 0AC9F83A5508935DE89C447473085EEA, 223782B17BACEFB0A663EB13514B68B919C95EF641CDDA7AC30CB239BC4307EC ] DiagTrack       C:\WINDOWS\system32\diagtrack.dll
18:06:07.0941 0x1a5c  DiagTrack - ok
18:06:07.0948 0x1a5c  [ 8B1E62881D5AC68E673CD94B136B34AC, A0C50F17041E43AC07B67A74F2C408820316201439F47CDEA37A4F5891CC0E6F ] disk            C:\WINDOWS\system32\drivers\disk.sys
18:06:07.0951 0x1a5c  disk - ok
18:06:07.0955 0x1a5c  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
18:06:07.0956 0x1a5c  dmvsc - ok
18:06:07.0964 0x1a5c  [ 1E365F2B4C8F6D4D9FF0D1B4A93C230C, 5CAC22131F376D55F09BF875F7CBC4D8827EBC189EEB5D713D693A3510B20077 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
18:06:07.0968 0x1a5c  Dnscache - ok
18:06:07.0976 0x1a5c  [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
18:06:07.0982 0x1a5c  dot3svc - ok
18:06:07.0989 0x1a5c  [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS             C:\WINDOWS\system32\dps.dll
18:06:07.0992 0x1a5c  DPS - ok
18:06:07.0996 0x1a5c  [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
18:06:07.0997 0x1a5c  drmkaud - ok
18:06:08.0004 0x1a5c  [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
18:06:08.0009 0x1a5c  DsmSvc - ok
18:06:08.0039 0x1a5c  [ 24C40570BAFEA48E9CB2B87008DCA152, 2D7CCBE5C354667BFBA0B6D6B8F34201AD2992273FB98767C9AD3C72D890A628 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
18:06:08.0065 0x1a5c  DXGKrnl - ok
18:06:08.0072 0x1a5c  [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
18:06:08.0075 0x1a5c  Eaphost - ok
18:06:08.0139 0x1a5c  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
18:06:08.0193 0x1a5c  ebdrv - ok
18:06:08.0201 0x1a5c  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS             C:\WINDOWS\System32\lsass.exe
18:06:08.0203 0x1a5c  EFS - ok
18:06:08.0211 0x1a5c  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
18:06:08.0212 0x1a5c  EhStorClass - ok
18:06:08.0218 0x1a5c  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
18:06:08.0222 0x1a5c  EhStorTcgDrv - ok
18:06:08.0226 0x1a5c  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
18:06:08.0227 0x1a5c  ErrDev - ok
18:06:08.0244 0x1a5c  [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem     C:\WINDOWS\system32\es.dll
18:06:08.0252 0x1a5c  EventSystem - ok
18:06:08.0268 0x1a5c  [ 21FFB87A70019E9B39C5A8469695ACBA, B41BEDB737CFD33707181DA0B69FC47C01C897AF8B42211A46B54A9FDB2B9004 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
18:06:08.0278 0x1a5c  EvtEng - ok
18:06:08.0283 0x1a5c  [ 0BF32186C3EC11315C33CC29EA8DD86C, 82B43762A5BC9C0AB7B5D1F96DC47B34700924B598070A7CCB30C92EB5EE1599 ] ew_usbccgpfilter C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys
18:06:08.0284 0x1a5c  ew_usbccgpfilter - ok
18:06:08.0291 0x1a5c  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
18:06:08.0295 0x1a5c  exfat - ok
18:06:08.0303 0x1a5c  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
18:06:08.0307 0x1a5c  fastfat - ok
18:06:08.0323 0x1a5c  [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax             C:\WINDOWS\system32\fxssvc.exe
18:06:08.0335 0x1a5c  Fax - ok
18:06:08.0339 0x1a5c  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
18:06:08.0340 0x1a5c  fdc - ok
18:06:08.0344 0x1a5c  [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
18:06:08.0345 0x1a5c  fdPHost - ok
18:06:08.0349 0x1a5c  [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
18:06:08.0351 0x1a5c  FDResPub - ok
18:06:08.0356 0x1a5c  [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
18:06:08.0359 0x1a5c  fhsvc - ok
18:06:08.0364 0x1a5c  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
18:06:08.0366 0x1a5c  FileInfo - ok
18:06:08.0370 0x1a5c  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
18:06:08.0371 0x1a5c  Filetrace - ok
18:06:08.0375 0x1a5c  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
18:06:08.0377 0x1a5c  flpydisk - ok
18:06:08.0386 0x1a5c  [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
18:06:08.0393 0x1a5c  FltMgr - ok
18:06:08.0420 0x1a5c  [ 223CD19D2F84B7B42081F4FB530B658F, 4A9D1A6688C3C8F0B866B0FE2715C9FBA62BE66D4ADCC327A8CABF9EA876A664 ] FontCache       C:\WINDOWS\system32\FntCache.dll
18:06:08.0444 0x1a5c  FontCache - ok
18:06:08.0450 0x1a5c  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:06:08.0451 0x1a5c  FontCache3.0.0.0 - ok
18:06:08.0456 0x1a5c  [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
18:06:08.0458 0x1a5c  FsDepends - ok
18:06:08.0461 0x1a5c  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
18:06:08.0463 0x1a5c  Fs_Rec - ok
18:06:08.0477 0x1a5c  [ D4AB6EE3D715BC44C00277FD934FAACF, DE8A8B14D7BA73BA1B5A833DE193CA65EDFE512A57D84F4F2CE19D9646D97F4E ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
18:06:08.0489 0x1a5c  fvevol - ok
18:06:08.0493 0x1a5c  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\WINDOWS\System32\drivers\fxppm.sys
18:06:08.0494 0x1a5c  FxPPM - ok
18:06:08.0499 0x1a5c  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
18:06:08.0500 0x1a5c  gagp30kx - ok
18:06:08.0504 0x1a5c  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
18:06:08.0506 0x1a5c  GEARAspiWDM - ok
18:06:08.0509 0x1a5c  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
18:06:08.0510 0x1a5c  gencounter - ok
18:06:08.0515 0x1a5c  [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
18:06:08.0519 0x1a5c  GPIOClx0101 - ok
18:06:08.0547 0x1a5c  [ 2DAFF4F76A90E3C523C2FE50338537E9, 625745E538208B50E8F5A9A2C09C6CD03D51E424BB16BC6C5B156CBC25373B6D ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
18:06:08.0571 0x1a5c  gpsvc - ok
18:06:08.0578 0x1a5c  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
18:06:08.0581 0x1a5c  HDAudBus - ok
18:06:08.0586 0x1a5c  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
18:06:08.0587 0x1a5c  HidBatt - ok
18:06:08.0594 0x1a5c  [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
18:06:08.0597 0x1a5c  HidBth - ok
18:06:08.0601 0x1a5c  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
18:06:08.0602 0x1a5c  hidi2c - ok
18:06:08.0607 0x1a5c  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
18:06:08.0609 0x1a5c  HidIr - ok
18:06:08.0612 0x1a5c  [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv         C:\WINDOWS\system32\hidserv.dll
18:06:08.0614 0x1a5c  hidserv - ok
18:06:08.0618 0x1a5c  [ 49676FEC898AB2A11B157F848269A56E, 011E6DDEF9570212520F92FEFD205E1F8104F198B57C40D11BE857FCBCC5F68D ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
18:06:08.0619 0x1a5c  HidUsb - ok
18:06:08.0627 0x1a5c  [ 0BC61E0F614A6E69654A23084A8D24B7, B532665B7AC45CB7C324F5BE8999088291FEB5D768A234E13C96022E14E7888F ] HipShieldK      C:\WINDOWS\system32\drivers\HipShieldK.sys
18:06:08.0631 0x1a5c  HipShieldK - ok
18:06:08.0636 0x1a5c  [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc          C:\WINDOWS\system32\kmsvc.dll
18:06:08.0640 0x1a5c  hkmsvc - ok
18:06:08.0648 0x1a5c  [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
18:06:08.0654 0x1a5c  HomeGroupListener - ok
18:06:08.0666 0x1a5c  [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
18:06:08.0674 0x1a5c  HomeGroupProvider - ok
18:06:08.0692 0x1a5c  [ A52ACBECFE7BE36E377A203B969705AE, F42FB19123C5EF404267A911305E3A86411BD22E78944FAF2F189382E364CDF2 ] HomeNetSvc      C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
18:06:08.0701 0x1a5c  HomeNetSvc - ok
18:06:08.0706 0x1a5c  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
18:06:08.0708 0x1a5c  HpSAMD - ok
18:06:08.0729 0x1a5c  [ 61C5D4EF4BE4EA271B90135490C67447, E44027338E1DF863372ECF6EFF02C881F938C7D7751C8810AABDF1E13E33DDC5 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
18:06:08.0746 0x1a5c  HTTP - ok
18:06:08.0754 0x1a5c  [ E548929868BDFD3FC13B46D99605B764, 737C8A1210442533735F10BD80AFBB3E890D0CC9068F2406CA5C577C7C58B97C ] HuaweiHiSuiteService64.exe C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
18:06:08.0757 0x1a5c  HuaweiHiSuiteService64.exe - ok
18:06:08.0762 0x1a5c  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
18:06:08.0763 0x1a5c  hwpolicy - ok
18:06:08.0769 0x1a5c  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
18:06:08.0770 0x1a5c  hyperkbd - ok
18:06:08.0774 0x1a5c  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
18:06:08.0775 0x1a5c  HyperVideo - ok
18:06:08.0781 0x1a5c  [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
18:06:08.0784 0x1a5c  i8042prt - ok
18:06:08.0790 0x1a5c  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
18:06:08.0791 0x1a5c  iaLPSSi_GPIO - ok
18:06:08.0796 0x1a5c  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
18:06:08.0799 0x1a5c  iaLPSSi_I2C - ok
18:06:08.0815 0x1a5c  [ 459016E8A4FA6426EDB5A9456A6E5E58, 92B73EE5559ABD8783EC5AF8A2B6EBDE0D937745B4BEDBEA6DF06DD8606AE56C ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
18:06:08.0825 0x1a5c  iaStorA - ok
18:06:08.0841 0x1a5c  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
18:06:08.0853 0x1a5c  iaStorAV - ok
18:06:08.0859 0x1a5c  [ 584068E03829BC5C63F54B05E6244E97, C075E8A4853C0DE09A9BF846338F9C8997FE7ACD604B4EC02AA89F0DAA1D985B ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
18:06:08.0860 0x1a5c  IAStorDataMgrSvc - ok
18:06:08.0871 0x1a5c  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
18:06:08.0879 0x1a5c  iaStorV - ok
18:06:08.0884 0x1a5c  [ 43E864824FCEBEE7119E1572B2703EB9, 8D90899F2279947AFD887567C7F60DC3264D56231F5403A64D722B3E25103202 ] iBtFltCoex      C:\WINDOWS\system32\DRIVERS\iBtFltCoex.sys
18:06:08.0885 0x1a5c  iBtFltCoex - ok
18:06:08.0933 0x1a5c  [ ABEFA4BD23329FD9BD47496BF2E58774, 9689D4C6380735EE1CC7F480696CDDC229E0FA511942AC813314D353584D82DD ] IconMan_R       C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
18:06:08.0968 0x1a5c  IconMan_R - ok
18:06:08.0975 0x1a5c  IEEtwCollectorService - ok
18:06:09.0044 0x1a5c  [ C38AFE18A40ADF005647090DD3AC24F3, 302810C31B005DD4C9143233AB5B4F332C62AD866A7C7AB0E8F8F81AE1766B11 ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
18:06:09.0106 0x1a5c  igfx - ok
18:06:09.0119 0x1a5c  [ 7A510A9AFC7955DEE63F8DC243E31292, 13906F6212F4C116BE224F2A8AFFF089ACFED8F543E26FC6208FF38463366173 ] igfxCUIService1.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
18:06:09.0125 0x1a5c  igfxCUIService1.0.0.0 - ok
18:06:09.0128 0x1a5c  [ F2C300C2E56F016B485B88080CD7D2FE, 3C4904B3BA45C0DCCD6789E9C7FC1191BCA3C6B498CDE5D77CA06359FBBDD5E7 ] ikbevent        C:\WINDOWS\system32\DRIVERS\ikbevent.sys
18:06:09.0129 0x1a5c  ikbevent - ok
18:06:09.0153 0x1a5c  [ 5697FD05EC6915A1E7193D658D8D6E05, 0179C3AF29880AA21F609CB471034EA5FA49324ACCE12736866675C037EBEC7A ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
18:06:09.0172 0x1a5c  IKEEXT - ok
18:06:09.0176 0x1a5c  [ C1A5061D6E5C328AE030C34B8AAC5C5C, 39E44C62A05F81A8B357BE0816E1D629F2A57CB3FA23D7776244423CECE3F09D ] imsevent        C:\WINDOWS\system32\DRIVERS\imsevent.sys
18:06:09.0177 0x1a5c  imsevent - ok
18:06:09.0183 0x1a5c  [ FC7C456AF9B9811499EDBD10616832EE, CA2D8B0E672D3AE449C2FF0B9E142D74E8C72FD877D11162A9F7CC51AF58220F ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
18:06:09.0183 0x1a5c  intaud_WaveExtensible - ok
18:06:09.0194 0x1a5c  [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
18:06:09.0200 0x1a5c  IntcDAud - ok
18:06:09.0218 0x1a5c  [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
18:06:09.0227 0x1a5c  Intel(R) Capability Licensing Service Interface - ok
18:06:09.0232 0x1a5c  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
18:06:09.0234 0x1a5c  intelide - ok
18:06:09.0239 0x1a5c  [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
18:06:09.0240 0x1a5c  intelpep - ok
18:06:09.0246 0x1a5c  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
18:06:09.0249 0x1a5c  intelppm - ok
18:06:09.0254 0x1a5c  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
18:06:09.0256 0x1a5c  IpFilterDriver - ok
18:06:09.0276 0x1a5c  [ B452623C1DE60544054E784D94A7AA47, 57AECDEE0AB2B80DFFE11E43608988D46E9169288CB56D644DDE2CAFED6AFD40 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
18:06:09.0296 0x1a5c  iphlpsvc - ok
18:06:09.0302 0x1a5c  [ C800DCD904016B2BF6AB541083770A3A, 95A8FB9AB2818A4F44AFCBF2715B0B3024DCE38E1406EA639F2A5ECA105D2290 ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
18:06:09.0304 0x1a5c  IPMIDRV - ok
18:06:09.0310 0x1a5c  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
18:06:09.0313 0x1a5c  IPNAT - ok
18:06:09.0328 0x1a5c  [ E61BB95A7CB49696D25A0C4EBD108156, 65D95A0DBC408AD18D5E344A5E875551E6CC044038DE438E4EA1102A234FC529 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
18:06:09.0337 0x1a5c  iPod Service - ok
18:06:09.0342 0x1a5c  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
18:06:09.0343 0x1a5c  IRENUM - ok
18:06:09.0347 0x1a5c  [ 4D9B9A794F22415B8C3E0CCFBE61BC7A, 4CF01BC95F0AD7DC42AF8A0FCE032DF00610524A98CF52F531E9DE93137E7B87 ] irstrtdv        C:\WINDOWS\System32\drivers\irstrtdv.sys
18:06:09.0349 0x1a5c  irstrtdv - ok
18:06:09.0381 0x1a5c  [ E145E934392E7A49FDC6775AC3A347F8, 8E5DBC8C34FB3B68851489E0860BA3ACE6CDF46BB5E2AEFD1DEF6E895566068B ] irstrtsv        C:\Windows\SysWOW64\irstrtsv.exe
18:06:09.0384 0x1a5c  irstrtsv - ok
18:06:09.0389 0x1a5c  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
18:06:09.0390 0x1a5c  isapnp - ok
18:06:09.0400 0x1a5c  [ 744DE92A339763C15C6B988C27439633, B566E04BB3C7BBE736158DFA19A6361ABD7E43ABC5F690CFDA6AD50405C17A94 ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
18:06:09.0407 0x1a5c  iScsiPrt - ok
18:06:09.0412 0x1a5c  [ 5AB18D8055A4280C0F377A6262F3157E, 091366AE17601407E2A882BFF7901F1970C1111DA935B913BEAA2AFA76D4EEA2 ] ISCT            C:\WINDOWS\System32\drivers\ISCTD64.sys
18:06:09.0413 0x1a5c  ISCT - ok
18:06:09.0420 0x1a5c  [ 4A5810FD46E6CB2C6E689BAB9AAB11D7, ED65754435E278DD606CACABDBB3AEEE69582C24C20AC10541234EFDDE7200D1 ] ISCTAgent       c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
18:06:09.0422 0x1a5c  ISCTAgent - ok
18:06:09.0426 0x1a5c  [ A90C843F4FDD7A07129BA73C6BE13976, A76DEA9F09E3B2F18D3B646A0DD39E2773EC62E2F3C55421BA61C12190D78C1C ] iwdbus          C:\WINDOWS\System32\drivers\iwdbus.sys
18:06:09.0428 0x1a5c  iwdbus - ok
18:06:09.0436 0x1a5c  [ 78ABBE558F57144047F10A0F50FE4B2F, 6BE608F7697D83FD6C7E6EA422AC5637933BDC96B1044C12DE9A419CE7D6F6CE ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
18:06:09.0439 0x1a5c  jhi_service - ok
18:06:09.0444 0x1a5c  [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
18:06:09.0446 0x1a5c  kbdclass - ok
18:06:09.0450 0x1a5c  [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
18:06:09.0452 0x1a5c  kbdhid - ok
18:06:09.0459 0x1a5c  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\WINDOWS\system32\DRIVERS\kdnic.sys
18:06:09.0461 0x1a5c  kdnic - ok
18:06:09.0464 0x1a5c  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso          C:\WINDOWS\system32\lsass.exe
18:06:09.0466 0x1a5c  KeyIso - ok
18:06:09.0472 0x1a5c  [ 304DA394D958BC3B62AF6DF514005B01, 8D17777C82F034E800181E82D30FCED800CBC46CD659AE2E0D972CA1381BD4C2 ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
18:06:09.0474 0x1a5c  KSecDD - ok
18:06:09.0482 0x1a5c  [ 3D4AE520CD6F6FFE549DD195C1F515BE, 2AD3E07F504CE50956C391FD4633D20B354A854C940B3563A67B79BB6E40218F ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
18:06:09.0485 0x1a5c  KSecPkg - ok
18:06:09.0489 0x1a5c  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
18:06:09.0491 0x1a5c  ksthunk - ok
18:06:09.0501 0x1a5c  [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
18:06:09.0509 0x1a5c  KtmRm - ok
18:06:09.0516 0x1a5c  [ 4E5EA006CFFB96E0BAFC767D659AAB9A, A24A334955FB98D0903971454FADAC639D535BD32BB48964BD95019C7F6C454E ] L1C             C:\WINDOWS\system32\DRIVERS\L1C63x64.sys
18:06:09.0518 0x1a5c  L1C - ok
18:06:09.0528 0x1a5c  [ A64BE9AD14BBFE9C8F540F8E9286CFC9, 60A616BFBB9A1B81CD7947A0142058825D66230BBF15EF4699FBEDF4D2D003F8 ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
18:06:09.0535 0x1a5c  LanmanServer - ok
18:06:09.0544 0x1a5c  [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
18:06:09.0550 0x1a5c  LanmanWorkstation - ok
18:06:09.0603 0x1a5c  [ 30CCAF72DE72B4C467DE29CE4723E337, A8E9DFC3ED7F21439B1B4B0EF2F9E17899AE6C6ABC4E13BDEAB68D773F21824B ] LavasoftTcpService C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe
18:06:09.0643 0x1a5c  LavasoftTcpService - ok
18:06:09.0660 0x1a5c  [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc           C:\WINDOWS\System32\GeofenceMonitorService.dll
18:06:09.0670 0x1a5c  lfsvc - ok
18:06:09.0675 0x1a5c  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\WINDOWS\system32\DRIVERS\lltdio.sys
18:06:09.0677 0x1a5c  lltdio - ok
18:06:09.0686 0x1a5c  [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
18:06:09.0692 0x1a5c  lltdsvc - ok
18:06:09.0696 0x1a5c  [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
18:06:09.0698 0x1a5c  lmhosts - ok
18:06:09.0706 0x1a5c  [ 2C24DC448DBE8DB9BE1441B824C57E79, DA2257EEC964A47D03C2BB13317FD788E51D4685E2395B303ED7B2575FEF3B19 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
18:06:09.0712 0x1a5c  LMS - ok
18:06:09.0719 0x1a5c  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
18:06:09.0721 0x1a5c  LSI_SAS - ok
18:06:09.0726 0x1a5c  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\WINDOWS\system32\drivers\lsi_sas2.sys
18:06:09.0729 0x1a5c  LSI_SAS2 - ok
18:06:09.0733 0x1a5c  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\WINDOWS\system32\drivers\lsi_sas3.sys
18:06:09.0735 0x1a5c  LSI_SAS3 - ok
18:06:09.0740 0x1a5c  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
18:06:09.0742 0x1a5c  LSI_SSS - ok
18:06:09.0760 0x1a5c  [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM             C:\WINDOWS\System32\lsm.dll
18:06:09.0773 0x1a5c  LSM - ok
18:06:09.0778 0x1a5c  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
18:06:09.0781 0x1a5c  luafv - ok
18:06:09.0786 0x1a5c  [ F9808F9763FBC7AA830B1F54C0CA1C25, C9141EF15EE6DD28829DE4BF692EE8C293B969117D681A581E2B17F4DFBFEDAD ] MBAMFarflt      C:\WINDOWS\system32\drivers\farflt.sys
18:06:09.0790 0x1a5c  MBAMFarflt - ok
18:06:09.0872 0x1a5c  [ 804E3246E3E73D4A936F2F4BCDC53A2D, BF1F9B4AC292238FA6EE541E325B220F311977F9D87D5BC7F90AD058FBF0B35A ] MBAMService     C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
18:06:09.0934 0x1a5c  MBAMService - ok
18:06:09.0946 0x1a5c  [ 53283EB9998AC9350E14C35A880989DB, 11DD963C67DB7584742810C54BEC4871584413A1BAA8209F79AC923006DE45BB ] MBAMSwissArmy   C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
18:06:09.0951 0x1a5c  MBAMSwissArmy - ok
18:06:09.0956 0x1a5c  [ 67D4521C3411E24A98B5BA0058EEC96A, EC590DBCC4D822AB47555C0AC156B0485808B4197D58C623A6C45B62C38A61E0 ] MBAMWebProtection C:\WINDOWS\system32\drivers\mwac.sys
18:06:09.0958 0x1a5c  MBAMWebProtection - ok
18:06:09.0966 0x1a5c  [ 8906928F982462555F458377060674CC, 51C5C43C012F51B8C52D62B6F0D8CF30A78B2B59381C52EAB52AAC7F47F455A2 ] McAfee SiteAdvisor Service C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
18:06:09.0969 0x1a5c  McAfee SiteAdvisor Service - ok
18:06:09.0991 0x1a5c  [ 8D9A3FE17826A78F8B7A2BFF3A2283F8, 7A61BCB81FB04278F22A7AF74AA2F985C91E3351F3D4EC6AF22CEE441FCC81AD ] McAPExe         C:\Program Files\Common Files\McAfee\VSCore_15_6\McApExe.exe
18:06:10.0006 0x1a5c  McAPExe - ok
18:06:10.0021 0x1a5c  [ 1E3AF124A3405EEE594BB9FFD4640F48, 7916D86433A6A305CC9699A8901795E74A22C99A2C6B091BAC951E30F7510FF7 ] McAWFwk         C:\Program Files\mcafee\msc\McAWFwk.exe
18:06:10.0027 0x1a5c  McAWFwk - ok
18:06:10.0044 0x1a5c  [ A52ACBECFE7BE36E377A203B969705AE, F42FB19123C5EF404267A911305E3A86411BD22E78944FAF2F189382E364CDF2 ] McBootDelayStartSvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
18:06:10.0054 0x1a5c  McBootDelayStartSvc - ok
18:06:10.0097 0x1a5c  [ 859EE4B50C89ACD15F32F9F435CB78F3, 2579B4DD3065C7FF42E937CA9FF8E69883AD9EEC25588951E2AA337AE16F1830 ] mccspsvc        C:\Program Files\Common Files\McAfee\CSP\2.5.312.0\\McCSPServiceHost.exe
18:06:10.0128 0x1a5c  mccspsvc - ok
18:06:10.0142 0x1a5c  [ A52ACBECFE7BE36E377A203B969705AE, F42FB19123C5EF404267A911305E3A86411BD22E78944FAF2F189382E364CDF2 ] McMPFSvc        C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
18:06:10.0152 0x1a5c  McMPFSvc - ok
18:06:10.0160 0x1a5c  [ F928E5E72BBA15DD0CE9A26E0413D236, D63EFA1408084F524464729C2F3BE16550E07ACE2BF8A00699A8438079AD381B ] McOobeSv        C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
18:06:10.0164 0x1a5c  McOobeSv - ok
18:06:10.0177 0x1a5c  [ A52ACBECFE7BE36E377A203B969705AE, F42FB19123C5EF404267A911305E3A86411BD22E78944FAF2F189382E364CDF2 ] mcpltsvc        C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
18:06:10.0186 0x1a5c  mcpltsvc - ok
18:06:10.0201 0x1a5c  [ A52ACBECFE7BE36E377A203B969705AE, F42FB19123C5EF404267A911305E3A86411BD22E78944FAF2F189382E364CDF2 ] McProxy         C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
18:06:10.0210 0x1a5c  McProxy - ok
18:06:10.0215 0x1a5c  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
18:06:10.0218 0x1a5c  megasas - ok
18:06:10.0232 0x1a5c  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
18:06:10.0242 0x1a5c  megasr - ok
18:06:10.0247 0x1a5c  [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64          C:\WINDOWS\System32\drivers\HECIx64.sys
18:06:10.0249 0x1a5c  MEIx64 - ok
18:06:10.0260 0x1a5c  [ 0CE0C8EDB5CCB418E59ADA42414C5D8E, 90CE5E142139576B0C9696BF04EDD6AA598C0F238F6EB96A4B514543846A917A ] mfeaack         C:\WINDOWS\system32\drivers\mfeaack.sys
18:06:10.0269 0x1a5c  mfeaack - ok
18:06:10.0279 0x1a5c  [ 9BDCE025A5742B49AE6C3E42D96CAB5E, BB550EADCBF001D57ADB79DB44CFC214A32ABC3AF7ED58B414305FDF15D8F891 ] mfeavfk         C:\WINDOWS\system32\drivers\mfeavfk.sys
18:06:10.0286 0x1a5c  mfeavfk - ok
18:06:10.0290 0x1a5c  mfeavfk01 - ok
18:06:10.0295 0x1a5c  [ 0526949EBB121F0772F39BFC595E3A6A, 1E18D4C311D02BBCCB15CDFF130DE07CB121AB10619F9C362B8F572C03A3D5E3 ] mfeelamk        C:\WINDOWS\system32\drivers\mfeelamk.sys
18:06:10.0297 0x1a5c  mfeelamk - ok
18:06:10.0305 0x1a5c  [ 4D44DAA45FD4A79E474BD824165567DC, 5CF1AB616741AA785FECABC208A52253B09387E37F36C46010404211D81E31AA ] mfefire         C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
18:06:10.0310 0x1a5c  mfefire - ok
18:06:10.0324 0x1a5c  [ 8CC68836AE8E1FC75355C41A43AEF650, 2DE9C74F4E80BBC961E563F6EC7C67F21D9150536C30AE4C47EE5DBF5707CE07 ] mfefirek        C:\WINDOWS\system32\drivers\mfefirek.sys
18:06:10.0333 0x1a5c  mfefirek - ok
18:06:10.0354 0x1a5c  [ 758B8B853FAD319F0C554A336D0F1F88, E8C6C0EF064ED1B56CF54C9F0CBD48A551B5DBCC4A85ED23DFA78C83BE9E3BA8 ] mfehidk         C:\WINDOWS\system32\drivers\mfehidk.sys
18:06:10.0369 0x1a5c  mfehidk - ok
18:06:10.0381 0x1a5c  [ 3DB8E7BF041ADD3ACDE04D3EA84B4CAA, 9CC388525C141E00B3EAB47E73263C71A1DAD990949E5ED19B6EEB9AD46EA664 ] mfemms          C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe
18:06:10.0387 0x1a5c  mfemms - ok
18:06:10.0400 0x1a5c  [ D178E04CB2B5D9BC4D46C087F7BAC7EE, 0591503155F3A61B57129779C4A0EBB0726B09E6FB975C2C674FD92B740F6AD8 ] mfencbdc        C:\WINDOWS\system32\DRIVERS\mfencbdc.sys
18:06:10.0409 0x1a5c  mfencbdc - ok
18:06:10.0414 0x1a5c  [ 7F01895D5C91CEB4D3CA952F3B752EC9, 24ED860345826218CE22ABF055821AA7F5E37DC9364C6478F71A60FDDE74050D ] mfencrk         C:\WINDOWS\system32\DRIVERS\mfencrk.sys
18:06:10.0417 0x1a5c  mfencrk - ok
18:06:10.0422 0x1a5c  [ 6B6BBD8708AF188F3C96B2DB4A527D72, 509CB1832FA4F4A973507CA0DAD86520743C786DC8C2F5B322E789A34E806D07 ] mfeplk          C:\WINDOWS\system32\drivers\mfeplk.sys
18:06:10.0424 0x1a5c  mfeplk - ok
18:06:10.0428 0x1a5c  [ DA49A90A69B3284FD11B6F02D0209A99, 759380964E6450FF21FB9A2BD23BA0394B005EC332E714D40D47262FCDC6CFE9 ] mfesapsn        C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys
18:06:10.0429 0x1a5c  mfesapsn - ok
18:06:10.0439 0x1a5c  [ 31E7520068D87A40E7E5BA247A961A1E, D362471E0F320F887B5D1FF5F6862DA39DD5CF643B4F76CB4854DCEEC2A53ACB ] mfevtp          C:\Windows\system32\mfevtps.exe
18:06:10.0445 0x1a5c  mfevtp - ok
18:06:10.0454 0x1a5c  [ 75621FB6CEA5BB99D83162E42E19452B, F82D02CDED1D5D6AE2EB12E5A4C2E4335924A4CAD69DF8CE04E4D1CE9A195710 ] mfewfpk         C:\WINDOWS\system32\drivers\mfewfpk.sys
18:06:10.0459 0x1a5c  mfewfpk - ok
18:06:10.0463 0x1a5c  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS           C:\WINDOWS\system32\mmcss.dll
18:06:10.0466 0x1a5c  MMCSS - ok
18:06:10.0470 0x1a5c  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\WINDOWS\system32\drivers\modem.sys
18:06:10.0471 0x1a5c  Modem - ok
18:06:10.0503 0x1a5c  [ C6218FCA6A7B9F3ED5B22476DD5F6544, F33B376266035D5AD4D5C216906AEDCB16535A6A1998FD1E0F47AA53880AA7B0 ] ModuleCoreService C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
18:06:10.0527 0x1a5c  ModuleCoreService - ok
18:06:10.0533 0x1a5c  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
18:06:10.0534 0x1a5c  monitor - ok
18:06:10.0538 0x1a5c  [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
18:06:10.0540 0x1a5c  mouclass - ok
18:06:10.0544 0x1a5c  [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
18:06:10.0546 0x1a5c  mouhid - ok
18:06:10.0551 0x1a5c  [ E5E8665272EBCD87A0A632314F0D221D, 37FDC4CEB8E5FC39C10DE875676863D090CFEA708AC3A8415114DCDD94BD7A1D ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
18:06:10.0553 0x1a5c  mountmgr - ok
18:06:10.0564 0x1a5c  [ 86C9215967686BB8A6AEE8008D914BF8, 907A156AADC880F06EB7BBBC0C57EC14A205CEE43A2AD509F6BD4040CA4F327D ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:06:10.0568 0x1a5c  MozillaMaintenance - ok
18:06:10.0573 0x1a5c  [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
18:06:10.0574 0x1a5c  mpsdrv - ok
18:06:10.0593 0x1a5c  [ D1418745A5472F3930A288E05B9E2C05, 95785F0FA7EE239459C0288DB37E9E54648029FD6FE45A61E6343526D67FFA32 ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
18:06:10.0608 0x1a5c  MpsSvc - ok
18:06:10.0615 0x1a5c  [ 3F818C1518DA702C8F10259095C9BDE0, B98C1A6F9A3C01A10503B2B2C45CC89AFF17B346B15990F4DB4820F68BDC62C8 ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
18:06:10.0618 0x1a5c  MRxDAV - ok
18:06:10.0629 0x1a5c  [ E2FC654EC895E92A022794329BFC53EC, BDEFF410B8A1D213B652A86DBF53774A3EBD58C32CCB9180712F9F3777307688 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
18:06:10.0637 0x1a5c  mrxsmb - ok
18:06:10.0645 0x1a5c  [ B213149BE26DD213C44AD61DB19C1251, E28886C1E78E54BBA74DD9779BB18B20D9CB8DF1CCD387FE415F1748719EE5F6 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
18:06:10.0651 0x1a5c  mrxsmb10 - ok
18:06:10.0658 0x1a5c  [ B37B58F9F80A51098C42663D5FA5F2BA, 996E2D8344F0095C136D1670D63A476E6B6F6BBA9DD773EEE5F0FD580562B000 ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
18:06:10.0661 0x1a5c  mrxsmb20 - ok
18:06:10.0667 0x1a5c  [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge        C:\WINDOWS\system32\DRIVERS\bridge.sys
18:06:10.0670 0x1a5c  MsBridge - ok
18:06:10.0677 0x1a5c  [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
18:06:10.0681 0x1a5c  MSDTC - ok
18:06:10.0687 0x1a5c  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
18:06:10.0688 0x1a5c  Msfs - ok
18:06:10.0693 0x1a5c  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
18:06:10.0694 0x1a5c  msgpiowin32 - ok
18:06:10.0698 0x1a5c  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
18:06:10.0699 0x1a5c  mshidkmdf - ok
18:06:10.0703 0x1a5c  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
18:06:10.0704 0x1a5c  mshidumdf - ok
18:06:10.0708 0x1a5c  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
18:06:10.0709 0x1a5c  msisadrv - ok
18:06:10.0715 0x1a5c  [ A06142B3850B06972F1C89748FAA2C02, B1CCC5C8D100FEB384FCC85FED2A77F47DA4C9BA5F6889A130F4D73E30ACAA78 ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
18:06:10.0719 0x1a5c  MSiSCSI - ok
18:06:10.0723 0x1a5c  msiserver - ok
18:06:10.0737 0x1a5c  [ A52ACBECFE7BE36E377A203B969705AE, F42FB19123C5EF404267A911305E3A86411BD22E78944FAF2F189382E364CDF2 ] MSK80Service    C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
18:06:10.0747 0x1a5c  MSK80Service - ok
18:06:10.0751 0x1a5c  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
18:06:10.0752 0x1a5c  MSKSSRV - ok
18:06:10.0756 0x1a5c  [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp          C:\WINDOWS\system32\DRIVERS\mslldp.sys
18:06:10.0758 0x1a5c  MsLldp - ok
18:06:10.0762 0x1a5c  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
18:06:10.0763 0x1a5c  MSPCLOCK - ok
18:06:10.0766 0x1a5c  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
18:06:10.0767 0x1a5c  MSPQM - ok
18:06:10.0777 0x1a5c  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
18:06:10.0783 0x1a5c  MsRPC - ok
18:06:10.0789 0x1a5c  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
18:06:10.0790 0x1a5c  mssmbios - ok
18:06:10.0794 0x1a5c  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
18:06:10.0795 0x1a5c  MSTEE - ok
18:06:10.0798 0x1a5c  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
18:06:10.0799 0x1a5c  MTConfig - ok
18:06:10.0804 0x1a5c  [ 438EA7A2D8D4F9B8AFB64748ACA70BA8, AEEB7B657B645C4006C6D5E8D07ECE581DEE7AD22EA1A587C552574990CF091B ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
18:06:10.0807 0x1a5c  Mup - ok
18:06:10.0812 0x1a5c  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
18:06:10.0814 0x1a5c  mvumis - ok
18:06:10.0824 0x1a5c  [ 53EE034F83E9A7A8E421572E385F67CD, 29F718B95B9D6CBDA49D5DE14FEC46DA64D7977131D585C975B3D703559D0988 ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
18:06:10.0828 0x1a5c  MyWiFiDHCPDNS - ok
18:06:10.0841 0x1a5c  [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent        C:\WINDOWS\system32\qagentRT.dll
18:06:10.0851 0x1a5c  napagent - ok
18:06:10.0865 0x1a5c  [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
18:06:10.0874 0x1a5c  NativeWifiP - ok
18:06:10.0883 0x1a5c  [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
18:06:10.0887 0x1a5c  NcaSvc - ok
18:06:10.0894 0x1a5c  [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService      C:\WINDOWS\System32\ncbservice.dll
18:06:10.0898 0x1a5c  NcbService - ok
18:06:10.0903 0x1a5c  [ 0813B71EAF097208DC76CE0605B48AF0, A93A2E6A8FB77B58AC4D580E6F8BF307A25BADC9493994F9BE235EBFB0E1DB22 ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
18:06:10.0906 0x1a5c  NcdAutoSetup - ok
18:06:10.0929 0x1a5c  [ FFAA6C6E798FBA448FA7628A1B277F5C, 9E1F2C848A019CE6397F652A21AE43B76149EF95452BB8353249BD9E28D98083 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
18:06:10.0947 0x1a5c  NDIS - ok
18:06:10.0952 0x1a5c  [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap         C:\WINDOWS\system32\DRIVERS\ndiscap.sys
18:06:10.0954 0x1a5c  NdisCap - ok
18:06:10.0959 0x1a5c  [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform  C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
18:06:10.0962 0x1a5c  NdisImPlatform - ok
18:06:10.0965 0x1a5c  [ 82821F4EEC776B4CF11695A38F3ABA46, 23184F9D31E662855DC4D23EFE7C2FE00E5487D3762B6024704A5D8C87762E1C ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
18:06:10.0967 0x1a5c  NdisTapi - ok
18:06:10.0971 0x1a5c  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
18:06:10.0973 0x1a5c  Ndisuio - ok
18:06:10.0976 0x1a5c  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
18:06:10.0977 0x1a5c  NdisVirtualBus - ok
18:06:10.0985 0x1a5c  [ C3755FCF9A0B5C6FE8ED9E873B85D3CE, 4D3DAFAFA5FB2930522D6DA536E3A731BABE0C24613C190D2330DB415D1A6515 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:06:10.0989 0x1a5c  NdisWan - ok
18:06:10.0995 0x1a5c  [ C3755FCF9A0B5C6FE8ED9E873B85D3CE, 4D3DAFAFA5FB2930522D6DA536E3A731BABE0C24613C190D2330DB415D1A6515 ] NdisWanLegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:06:10.0998 0x1a5c  NdisWanLegacy - ok
18:06:11.0003 0x1a5c  [ DDD7F92A83F74D1476B71FBA9530A8DC, D3F94FC9F48854E09B0B77CE5E1C1DB948D54EAC63C5583437051BB893B5A386 ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
18:06:11.0005 0x1a5c  NDProxy - ok
18:06:11.0009 0x1a5c  [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
18:06:11.0012 0x1a5c  Ndu - ok
18:06:11.0016 0x1a5c  [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
18:06:11.0018 0x1a5c  NetBIOS - ok
18:06:11.0027 0x1a5c  [ 9DC17B7D9D84C37C102D379FCC7D4942, D522022ED4395686837E96F57EE29F8065FB749D1195B60D2A406FB33F696C09 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
18:06:11.0032 0x1a5c  NetBT - ok
18:06:11.0037 0x1a5c  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon        C:\WINDOWS\system32\lsass.exe
18:06:11.0039 0x1a5c  Netlogon - ok
18:06:11.0047 0x1a5c  [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman          C:\WINDOWS\System32\netman.dll
18:06:11.0053 0x1a5c  Netman - ok
18:06:11.0067 0x1a5c  [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
18:06:11.0078 0x1a5c  netprofm - ok
18:06:11.0088 0x1a5c  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:06:11.0092 0x1a5c  NetTcpPortSharing - ok
18:06:11.0096 0x1a5c  [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc          C:\WINDOWS\System32\drivers\netvsc63.sys
18:06:11.0099 0x1a5c  netvsc - ok
18:06:11.0162 0x1a5c  [ 75B9B86878CC159FBC40C4F9202ADBE3, 80D9176112BAFB42E6568E723781E5C03BD5472AB382496C1BD784DB9B2FB6E6 ] NETwNe64        C:\WINDOWS\system32\DRIVERS\Netwew00.sys
18:06:11.0216 0x1a5c  NETwNe64 - ok
18:06:11.0229 0x1a5c  [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
18:06:11.0236 0x1a5c  NlaSvc - ok
18:06:11.0241 0x1a5c  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
18:06:11.0243 0x1a5c  Npfs - ok
18:06:11.0247 0x1a5c  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
18:06:11.0248 0x1a5c  npsvctrig - ok
18:06:11.0252 0x1a5c  [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi             C:\WINDOWS\system32\nsisvc.dll
18:06:11.0254 0x1a5c  nsi - ok
18:06:11.0258 0x1a5c  [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
18:06:11.0260 0x1a5c  nsiproxy - ok
18:06:11.0302 0x1a5c  [ 275CF7F20338B2B1F5264C665033073F, 2295D5120C4750CA10771471ECEE700215289F97B4C5AFE6FBC9A90C4DEB7F87 ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
18:06:11.0335 0x1a5c  Ntfs - ok
18:06:11.0341 0x1a5c  [ 96ACBF3DDC38A52FEE115F577F36568F, DB8CB01971208C8D7A306A5FEDA39A3802195123E6B801DFB905B0E1934D3C96 ] NuidFltr        C:\WINDOWS\System32\drivers\NuidFltr.sys
18:06:11.0342 0x1a5c  NuidFltr - ok
18:06:11.0345 0x1a5c  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\WINDOWS\system32\drivers\Null.sys
18:06:11.0346 0x1a5c  Null - ok
18:06:11.0353 0x1a5c  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
18:06:11.0356 0x1a5c  nvraid - ok
18:06:11.0363 0x1a5c  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
18:06:11.0366 0x1a5c  nvstor - ok
18:06:11.0372 0x1a5c  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
18:06:11.0374 0x1a5c  nv_agp - ok
18:06:11.0380 0x1a5c  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:06:11.0383 0x1a5c  ose - ok
18:06:11.0472 0x1a5c  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:06:11.0551 0x1a5c  osppsvc - ok
18:06:11.0567 0x1a5c  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
18:06:11.0575 0x1a5c  p2pimsvc - ok
18:06:11.0586 0x1a5c  [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
18:06:11.0596 0x1a5c  p2psvc - ok
18:06:11.0603 0x1a5c  [ 57DCE4FB0467986AE78E1C6FC5240D32, F7F3ADD1B48E4D6BB0A664A2FE556F71ED7453054B4FB667A29BE050C845045B ] Parport         C:\WINDOWS\System32\drivers\parport.sys
18:06:11.0607 0x1a5c  Parport - ok
18:06:11.0611 0x1a5c  [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
18:06:11.0613 0x1a5c  partmgr - ok
18:06:11.0626 0x1a5c  [ 0A2DF1055FEEA30DFF73DAC0DA45FDE4, 497B2AE591ABBCFA8FC571D9C1D750006212F2D2DDF12F5A9E7FFA811CD707A3 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
18:06:11.0634 0x1a5c  PcaSvc - ok
18:06:11.0644 0x1a5c  [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci             C:\WINDOWS\system32\drivers\pci.sys
18:06:11.0651 0x1a5c  pci - ok
18:06:11.0655 0x1a5c  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
18:06:11.0656 0x1a5c  pciide - ok
18:06:11.0662 0x1a5c  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
18:06:11.0665 0x1a5c  pcmcia - ok
18:06:11.0670 0x1a5c  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
18:06:11.0672 0x1a5c  pcw - ok
18:06:11.0677 0x1a5c  [ 6144634D5219A9EEF02024BE6B5871A4, 12A8AC2B844AB2BBB6BDAF0B6EBDF6A2AA0C05FBC7C3CDFB6E639E017A95FB9F ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
18:06:11.0679 0x1a5c  pdc - ok
18:06:11.0723 0x1a5c  [ 501015A7570DA3E2B159B6191B37B347, C202C053ED78E956C00EDB8F265CED53344BD90D3A614FBFF789B98B0C4D7A90 ] PDF Architect 3 C:\Program Files (x86)\PDF Architect 3\ws.exe
18:06:11.0756 0x1a5c  PDF Architect 3 - ok
18:06:11.0776 0x1a5c  [ 07DA9CEDFC7441AE061DFA7E2BD825F6, 35A8060EA0E2E34EBB1EB25F40BB72A6D3B83CBA8BD8CD4BF9E427A777D42D28 ] PDF Architect 3 CrashHandler C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe
18:06:11.0793 0x1a5c  PDF Architect 3 CrashHandler - ok
18:06:11.0811 0x1a5c  [ 1234BB5F8C7EC1E52F32A3EBF65F52EA, AEE529A96C6F21D27B3F5AEF6AADF42129C676584DEE550C8F42815D1C913B0C ] PDF Architect 3 Creator C:\Program Files (x86)\PDF Architect 3\creator-ws.exe
18:06:11.0822 0x1a5c  PDF Architect 3 Creator - ok
18:06:11.0838 0x1a5c  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
18:06:11.0850 0x1a5c  PEAUTH - ok
18:06:11.0876 0x1a5c  [ D377570EEF6D4209E33F0DA40F16406C, D0F3FB99E70856A119870F594F028D3C24431BDF92DCC488F2009FC4BDA2C65D ] PEFService      C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
18:06:11.0892 0x1a5c  PEFService - ok
18:06:11.0922 0x1a5c  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
18:06:11.0924 0x1a5c  PerfHost - ok
18:06:11.0959 0x1a5c  [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla             C:\WINDOWS\system32\pla.dll
18:06:11.0986 0x1a5c  pla - ok
18:06:11.0994 0x1a5c  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
18:06:11.0998 0x1a5c  PlugPlay - ok
18:06:12.0001 0x1a5c  [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
18:06:12.0004 0x1a5c  PNRPAutoReg - ok
18:06:12.0019 0x1a5c  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
18:06:12.0026 0x1a5c  PNRPsvc - ok
18:06:12.0038 0x1a5c  [ 0FF8507A8B901B904E98EB36B9E347EE, FE4A9A6159A8490F3155D166656748722EFDEDCDC447C09155A5AD6D9F5D294D ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
18:06:12.0045 0x1a5c  PolicyAgent - ok
18:06:12.0051 0x1a5c  [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power           C:\WINDOWS\system32\umpo.dll
18:06:12.0055 0x1a5c  Power - ok
18:06:12.0121 0x1a5c  [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
18:06:12.0170 0x1a5c  PrintNotify - ok
18:06:12.0179 0x1a5c  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\WINDOWS\System32\drivers\processr.sys
18:06:12.0181 0x1a5c  Processor - ok
18:06:12.0189 0x1a5c  [ 6E409D818C6B342544EAE741B1422B85, B4ADFB7809FC42C432C984C3AC13FAFD1B7AD53BCC7FB16E86371DE4C829DD1A ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
18:06:12.0195 0x1a5c  ProfSvc - ok
18:06:12.0202 0x1a5c  [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched          C:\WINDOWS\system32\DRIVERS\pacer.sys
18:06:12.0205 0x1a5c  Psched - ok
18:06:12.0214 0x1a5c  [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE           C:\WINDOWS\system32\qwave.dll
18:06:12.0221 0x1a5c  QWAVE - ok
18:06:12.0226 0x1a5c  [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
18:06:12.0227 0x1a5c  QWAVEdrv - ok
18:06:12.0231 0x1a5c  [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
18:06:12.0232 0x1a5c  RasAcd - ok
18:06:12.0238 0x1a5c  [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
18:06:12.0242 0x1a5c  RasAuto - ok
18:06:12.0255 0x1a5c  [ 15C0034561FE5B03FA376F1A6232478B, 0F9B5C2BD7D8803FF3C5ED957D3F0859F2A59B74510E4659FBF05EDCBF230208 ] RasMan          C:\WINDOWS\System32\rasmans.dll
18:06:12.0267 0x1a5c  RasMan - ok
18:06:12.0272 0x1a5c  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
18:06:12.0274 0x1a5c  RasPppoe - ok
18:06:12.0285 0x1a5c  [ D67ED4AB59D1EF66B05AD1A81AC28B26, 72E750A9A6B484D8BEDE52FA6DABEF4D95765DE491152E1F6C856D0590B50C28 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
18:06:12.0294 0x1a5c  rdbss - ok
18:06:12.0300 0x1a5c  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
18:06:12.0301 0x1a5c  rdpbus - ok
18:06:12.0307 0x1a5c  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
18:06:12.0311 0x1a5c  RDPDR - ok
18:06:12.0319 0x1a5c  [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
18:06:12.0321 0x1a5c  RdpVideoMiniport - ok
18:06:12.0330 0x1a5c  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
18:06:12.0334 0x1a5c  rdyboost - ok
18:06:12.0355 0x1a5c  [ 2D39BCFA4DD1081B8F282B623456B858, DD8C433B66B6661F4DBD1784CBD334441B508BE84932DD443F7AD51CEA192BA9 ] ReFS            C:\WINDOWS\system32\drivers\ReFS.sys
18:06:12.0371 0x1a5c  ReFS - ok
18:06:12.0379 0x1a5c  [ 1791B1C8C72E13D193ADE659E7DB87C1, F0C1EA05283BB89ACBE721D0CDBB30FD8F1E75D5545158D29D6EC11E41B145BA ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
18:06:12.0382 0x1a5c  RegSrvc - ok
18:06:12.0390 0x1a5c  [ DF78648AC3C8DC9D70E6714AF785382F, 56E104939ED0AB5B26AE07BAB1BBB7D15828DBD3A2AD35361423D7ADDA4BA551 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
18:06:12.0396 0x1a5c  RemoteAccess - ok
18:06:12.0405 0x1a5c  [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
18:06:12.0411 0x1a5c  RemoteRegistry - ok
18:06:12.0419 0x1a5c  [ DC66AE45816614D2999DCD3834DCCC4E, 1C26225135E851DDD1307F52401DD7055B26B3F3B8FDD693B21042C2896E235A ] RFCOMM          C:\WINDOWS\System32\drivers\rfcomm.sys
18:06:12.0423 0x1a5c  RFCOMM - ok
18:06:12.0433 0x1a5c  [ 41DDCF1ADD1FB7DE23DCF671740DDBE6, 87ECB5C883CEFF76D126A5B4D92E069C9298FA5B62CC981870F9ECCA13C074F1 ] RichVideo       C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
18:06:12.0437 0x1a5c  RichVideo - ok
18:06:12.0442 0x1a5c  [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
18:06:12.0446 0x1a5c  RpcEptMapper - ok
18:06:12.0449 0x1a5c  [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator      C:\WINDOWS\system32\locator.exe
18:06:12.0451 0x1a5c  RpcLocator - ok
18:06:12.0469 0x1a5c  [ 20CC6E9FE25ACD34BE4FCDDB7B08364D, 295B2BBDC860A4CD65CD09C975D08CA1B8E4FE60AD0CA084CAB149A3E9D64B40 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
18:06:12.0483 0x1a5c  RpcSs - ok
18:06:12.0491 0x1a5c  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\WINDOWS\system32\DRIVERS\rspndr.sys
18:06:12.0493 0x1a5c  rspndr - ok
18:06:12.0503 0x1a5c  [ 8EB6DCEB7473C232D8BC9A886E3183AC, D81B089443306AD9D89F59DBC5F9C2F5B6A86112B4AB59316B97EE7D8B97D2FA ] RSUSBVSTOR      C:\WINDOWS\System32\Drivers\RtsUVStor.sys
18:06:12.0509 0x1a5c  RSUSBVSTOR - ok
18:06:12.0513 0x1a5c  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
18:06:12.0514 0x1a5c  s3cap - ok
18:06:12.0519 0x1a5c  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs           C:\WINDOWS\system32\lsass.exe
18:06:12.0521 0x1a5c  SamSs - ok
18:06:12.0527 0x1a5c  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
18:06:12.0530 0x1a5c  sbp2port - ok
18:06:12.0537 0x1a5c  [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
18:06:12.0543 0x1a5c  SCardSvr - ok
18:06:12.0549 0x1a5c  [ 92D2FA1870F4EB4A9BA767DB6E0DEF6F, AB019E17D5F330CBB7F7CAF8CEB01F3F3DBBB181CDE19E4C2354AF51E66C8291 ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
18:06:12.0554 0x1a5c  ScDeviceEnum - ok
18:06:12.0558 0x1a5c  [ FA7ABD857DEB0FE3C94CC39A4C845E66, ACD551F75E00C4EB9CFDA73B04051D0BF5FF0BA67C716E1989A21683D8777A41 ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
18:06:12.0559 0x1a5c  scfilter - ok
18:06:12.0586 0x1a5c  [ 3151A020E03DDE31AAC49F35C5EFB4DB, 5ABB1103009979F86C862357E28F37C2744979F2C99F7CF6ABB4EB1B8416B3F6 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
18:06:12.0609 0x1a5c  Schedule - ok
18:06:12.0617 0x1a5c  [ ACFDC4EE40EC6E4A0AB91D923B8288C8, D31555AB31F504C247049219BE0ECDF26BB18E210BE7C45E8575FD166FD7EE23 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
18:06:12.0620 0x1a5c  SCPolicySvc - ok
18:06:12.0630 0x1a5c  [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
18:06:12.0635 0x1a5c  sdbus - ok
18:06:12.0641 0x1a5c  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
18:06:12.0644 0x1a5c  sdstor - ok
18:06:12.0647 0x1a5c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\WINDOWS\system32\drivers\secdrv.sys
18:06:12.0648 0x1a5c  secdrv - ok
18:06:12.0652 0x1a5c  [ 6627154693B6C2B8A59727F5B38728E8, F08251EE3436400295F120D48F3763E6F11BBF4132D674AD3E8112B6B3538455 ] seclogon        C:\WINDOWS\system32\seclogon.dll
18:06:12.0655 0x1a5c  seclogon - ok
18:06:12.0661 0x1a5c  [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS            C:\WINDOWS\System32\sens.dll
18:06:12.0664 0x1a5c  SENS - ok
18:06:12.0672 0x1a5c  [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
18:06:12.0678 0x1a5c  SensrSvc - ok
18:06:12.0683 0x1a5c  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
18:06:12.0685 0x1a5c  SerCx - ok
18:06:12.0690 0x1a5c  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
18:06:12.0694 0x1a5c  SerCx2 - ok
18:06:12.0698 0x1a5c  [ 1F0135949A6AD6025F363F80FE268251, DB2D503863143F2251E589F7B0B3E9FBF997D7333D54C55856590B5080B5513D ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
18:06:12.0699 0x1a5c  Serenum - ok
18:06:12.0705 0x1a5c  [ 81633C87B42B63BA484A6177179AC750, A22BA40E9EC74E88D8098CBDC954E1D63B832FCB789E3C7B731DE5DA39BEE2CA ] Serial          C:\WINDOWS\System32\drivers\serial.sys
18:06:12.0708 0x1a5c  Serial - ok
18:06:12.0712 0x1a5c  [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
18:06:12.0713 0x1a5c  sermouse - ok
18:06:12.0728 0x1a5c  [ C42D93E4211D16EE0315D38C6618659E, CA280B8B42C4F7C47669DF3129E4FD56F861D94D8840C26EFFC669757B4EC495 ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
18:06:12.0736 0x1a5c  SessionEnv - ok
18:06:12.0740 0x1a5c  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
18:06:12.0742 0x1a5c  sfloppy - ok
18:06:12.0781 0x1a5c  [ 36930348608E6808EC0C4C00019BB611, AF4B23FA40FD85CB2A179251095261480B54F27B7737CC78CA8A84374D1AAA26 ] SftService      C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe
18:06:12.0810 0x1a5c  SftService - ok
18:06:12.0825 0x1a5c  [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
18:06:12.0834 0x1a5c  SharedAccess - ok
18:06:12.0852 0x1a5c  [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
18:06:12.0866 0x1a5c  ShellHWDetection - ok
18:06:12.0872 0x1a5c  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
18:06:12.0874 0x1a5c  SiSRaid2 - ok
18:06:12.0882 0x1a5c  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
18:06:12.0884 0x1a5c  SiSRaid4 - ok
18:06:12.0894 0x1a5c  [ E6DA1192D36D2D29FF8387917C2D70A6, 6F6AB7A2E45D7E05F5ED0B08B1ED9FFA03BDBFAF5E80F8B9E2C4D6CF6F74B851 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
18:06:12.0900 0x1a5c  SkypeUpdate - ok
18:06:12.0904 0x1a5c  [ 070E4053E3426BAD7B21937F3F0275EB, 92ACCE7E0F5A2EEC2AF931E6677885FBA8548B2876A59EBC827F569300E71631 ] SmbDrv          C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys
18:06:12.0906 0x1a5c  SmbDrv - ok
18:06:12.0910 0x1a5c  [ B6EBAD9D72DA681E1976AD51DE1B73F5, 59C9E2EB3340D9A28B9EB06379975B79D62F8239C1F0B24B3BF2D3756C58A512 ] SmbDrvI         C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys
18:06:12.0911 0x1a5c  SmbDrvI - ok
18:06:12.0915 0x1a5c  [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost         C:\WINDOWS\System32\smphost.dll
18:06:12.0918 0x1a5c  smphost - ok
18:06:12.0924 0x1a5c  [ 961507DB02D7AC0B7A7828D457143B8E, F423BE6287C65960A955EBB3BFBAC047313BEB2F54920A6E57E51FCCE855F5E0 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
18:06:12.0926 0x1a5c  SNMPTRAP - ok
18:06:12.0941 0x1a5c  [ F6AF6499C3788105EA7AF1DA27769A77, F847789B0AD498CC9C985F334F7BA0906ACB41FB356CC2EF2A00C62C75D94A79 ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
18:06:12.0951 0x1a5c  spaceport - ok
18:06:12.0956 0x1a5c  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
18:06:12.0958 0x1a5c  SpbCx - ok
18:06:12.0976 0x1a5c  [ FCB156A6745631A67DEA61827061D483, 9275ABFA1E1E595969A71C0DA228D18D1B868BF46E097E1276142BD80F8A32C9 ] Spooler         C:\WINDOWS\System32\spoolsv.exe
18:06:12.0991 0x1a5c  Spooler - ok
18:06:13.0113 0x1a5c  [ F264662C057A54AA2DE41B3C7551712F, 2C123C6ACD967CDF1AD2855187CF3D8357B16A4FD9C2F18AE54CFA384165FA11 ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
18:06:13.0227 0x1a5c  sppsvc - ok
18:06:13.0246 0x1a5c  [ 6A697F8A01C0E7C22D45091E6E8BC5A9, 3F9665219FECF0D8C6BD92ED287CEA243D17F30ABF69F484893DF0FA02B14E8A ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
18:06:13.0254 0x1a5c  srv - ok
18:06:13.0270 0x1a5c  [ 2BDC8B9E7AA11C5C1D77E4CFA27219E0, B3B186B18E0788050FB3552A7261AD5134762C4F6906C302674827954BD958C9 ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
18:06:13.0282 0x1a5c  srv2 - ok
18:06:13.0291 0x1a5c  [ BB53DBB28A7A0E64F3560FE08A8AFBB1, 10057498C452AC63F707B6FD02983C73D471AB9E937619164787EE14A70AE5E7 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
18:06:13.0296 0x1a5c  srvnet - ok
18:06:13.0305 0x1a5c  [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
18:06:13.0311 0x1a5c  SSDPSRV - ok
18:06:13.0318 0x1a5c  [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
18:06:13.0323 0x1a5c  SstpSvc - ok
18:06:13.0333 0x1a5c  [ 97F839E8AEC48EE271509BF4BC764C24, 7B9B791E987ADC8991C128CD52CB253F295E41DF502BF8933DF388994E84560D ] STacSV          C:\Program Files\IDT\WDM\STacSV64.exe
18:06:13.0338 0x1a5c  STacSV - ok
18:06:13.0342 0x1a5c  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
18:06:13.0343 0x1a5c  stexstor - ok
18:06:13.0357 0x1a5c  [ 7E89F65EB250463EE8665CFE19566FC3, 45849BAFA62E72A97103C5F02962D346D3F79DE9DB07297D1073FF355A506D9C ] STHDA           C:\WINDOWS\system32\DRIVERS\stwrt64.sys
18:06:13.0367 0x1a5c  STHDA - ok
18:06:13.0384 0x1a5c  [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
18:06:13.0397 0x1a5c  stisvc - ok
18:06:13.0403 0x1a5c  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
18:06:13.0405 0x1a5c  storahci - ok
18:06:13.0410 0x1a5c  [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys
18:06:13.0411 0x1a5c  storflt - ok
18:06:13.0416 0x1a5c  [ 1D5A045F59D216448FCDE3A8D69970E2, CEDEB0843D93339D10FE4BC209CCFCB6E12C6064FD62694DA7675082E8B8C915 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
18:06:13.0419 0x1a5c  stornvme - ok
18:06:13.0422 0x1a5c  [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
18:06:13.0425 0x1a5c  StorSvc - ok
18:06:13.0430 0x1a5c  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
18:06:13.0431 0x1a5c  storvsc - ok
18:06:13.0438 0x1a5c  [ 8854151B13B0D57700482979932B9953, 530E74C7E2B43882E5EA79F0446992D5BC600426AE1250476A5E5F64E88C56CF ] SupportAssistAgent C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
18:06:13.0439 0x1a5c  SupportAssistAgent - ok
18:06:13.0443 0x1a5c  [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc           C:\WINDOWS\system32\svsvc.dll
18:06:13.0446 0x1a5c  svsvc - ok
18:06:13.0450 0x1a5c  [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
18:06:13.0451 0x1a5c  swenum - ok
18:06:13.0470 0x1a5c  [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv           C:\WINDOWS\System32\swprv.dll
18:06:13.0484 0x1a5c  swprv - ok
18:06:13.0499 0x1a5c  [ 12A60B3636083CE621A3EF67711EA5BC, E15392025247A59967195CE5B47D34AB9155BFE9C4D88E4551D24677F2102ED2 ] SynTP           C:\WINDOWS\system32\DRIVERS\SynTP.sys
18:06:13.0508 0x1a5c  SynTP - ok
18:06:13.0534 0x1a5c  [ 7E85DB0463AD2403AE84AD162B162279, 996C42ECAFC6E24C623068AFAFCC0A2612526333AF9315F7536C6D40C2570632 ] SysMain         C:\WINDOWS\system32\sysmain.dll
18:06:13.0553 0x1a5c  SysMain - ok
18:06:13.0564 0x1a5c  [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
18:06:13.0571 0x1a5c  SystemEventsBroker - ok
18:06:13.0578 0x1a5c  [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
18:06:13.0582 0x1a5c  TabletInputService - ok
18:06:13.0592 0x1a5c  [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
18:06:13.0603 0x1a5c  TapiSrv - ok
18:06:13.0652 0x1a5c  [ 2F10C145F517419E17203632FCDA0A13, 143F5837AE79E3EDB98F17A4661ECD5BCBFEB317077286B51E765560339B53A8 ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
18:06:13.0692 0x1a5c  Tcpip - ok
18:06:13.0740 0x1a5c  [ 2F10C145F517419E17203632FCDA0A13, 143F5837AE79E3EDB98F17A4661ECD5BCBFEB317077286B51E765560339B53A8 ] TCPIP6          C:\WINDOWS\system32\DRIVERS\tcpip.sys
18:06:13.0775 0x1a5c  TCPIP6 - ok
18:06:13.0783 0x1a5c  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
18:06:13.0785 0x1a5c  tcpipreg - ok
18:06:13.0792 0x1a5c  [ 23DF7EBD9B782E1436CEC700565A4366, 70B89AA230BDD9BA73625EAF93FA21560A3D0FAFE6B015D84F910EECDCF90A70 ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
18:06:13.0794 0x1a5c  tdx - ok
18:06:13.0799 0x1a5c  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
18:06:13.0800 0x1a5c  terminpt - ok
18:06:13.0824 0x1a5c  [ 83FC6290C38166BF86026BEA21A139B0, FDFBCB3D4F7F0D97811F0D308DF515C087A8C85EAEC86BC6BE5DFE7D4F3B3524 ] TermService     C:\WINDOWS\System32\termsrv.dll
18:06:13.0845 0x1a5c  TermService - ok
18:06:13.0851 0x1a5c  [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes          C:\WINDOWS\system32\themeservice.dll
18:06:13.0854 0x1a5c  Themes - ok
18:06:13.0860 0x1a5c  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER     C:\WINDOWS\system32\mmcss.dll
18:06:13.0862 0x1a5c  THREADORDER - ok
18:06:13.0871 0x1a5c  [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
18:06:13.0877 0x1a5c  TimeBroker - ok
18:06:13.0886 0x1a5c  [ 80A2FC1A089A71F2DBE5D8394FFB009F, DEA30E751F6EA42E43E16869713FC7E37832B15DAFA0062B1798DFA476981385 ] TPM             C:\WINDOWS\system32\drivers\tpm.sys
18:06:13.0890 0x1a5c  TPM - ok
18:06:13.0896 0x1a5c  [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
18:06:13.0900 0x1a5c  TrkWks - ok
18:06:13.0905 0x1a5c  [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
18:06:13.0907 0x1a5c  TrustedInstaller - ok
18:06:13.0913 0x1a5c  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
18:06:13.0915 0x1a5c  TsUsbFlt - ok
18:06:13.0919 0x1a5c  [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
18:06:13.0920 0x1a5c  TsUsbGD - ok
18:06:13.0927 0x1a5c  [ E85916632CD3B9E9B546968DB950BF42, DECE3852C763CC6293C7D1B772296C43A0AE1E47BBCC4979C96B3B2AD70413F3 ] tunnel          C:\WINDOWS\system32\DRIVERS\tunnel.sys
18:06:13.0931 0x1a5c  tunnel - ok
18:06:13.0937 0x1a5c  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
18:06:13.0938 0x1a5c  uagp35 - ok
18:06:13.0945 0x1a5c  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
18:06:13.0948 0x1a5c  UASPStor - ok
18:06:13.0956 0x1a5c  [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000        C:\WINDOWS\System32\drivers\ucx01000.sys
18:06:13.0960 0x1a5c  UCX01000 - ok
18:06:13.0969 0x1a5c  [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
18:06:13.0976 0x1a5c  udfs - ok
18:06:13.0980 0x1a5c  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
18:06:13.0982 0x1a5c  UEFI - ok
18:06:13.0988 0x1a5c  [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
18:06:13.0992 0x1a5c  UI0Detect - ok
18:06:13.0997 0x1a5c  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
18:06:13.0999 0x1a5c  uliagpkx - ok
18:06:14.0006 0x1a5c  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
18:06:14.0008 0x1a5c  umbus - ok
18:06:14.0011 0x1a5c  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
18:06:14.0012 0x1a5c  UmPass - ok
18:06:14.0021 0x1a5c  [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
18:06:14.0028 0x1a5c  UmRdpService - ok
18:06:14.0039 0x1a5c  [ E1A119AD21F5AFE22EB516C549306D3D, 48769D5E7A78B7A2C00F1F6798AC133CF3E0B2C76F71D3719BD741DDD8F2D229 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
18:06:14.0044 0x1a5c  UNS - ok
18:06:14.0057 0x1a5c  [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost        C:\WINDOWS\System32\upnphost.dll
18:06:14.0065 0x1a5c  upnphost - ok
18:06:14.0073 0x1a5c  [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
18:06:14.0077 0x1a5c  usbccgp - ok
18:06:14.0083 0x1a5c  [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
18:06:14.0086 0x1a5c  usbcir - ok
18:06:14.0092 0x1a5c  [ C996CBEF922B5653A01E3F50DDCE2F86, 231EB5A36E7EE242197E796D3B4AB12F945D2C8570587BC8D57D45530A0C59B4 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
18:06:14.0095 0x1a5c  usbehci - ok
18:06:14.0110 0x1a5c  [ CD81683F4553677B9BF5163A922153EB, 6B304B0D68B9BFF0245EC755CDAAF9DF59DF3A081727E32CB66672929F0DBC50 ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
18:06:14.0120 0x1a5c  usbhub - ok
18:06:14.0135 0x1a5c  [ 5C90D5379B53590FBB24BBAD4FA682EE, DC036340510C1C0999AB1CB845F8E6EB8B7696BAC9BBE6E936454C0000D1E9D4 ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
18:06:14.0146 0x1a5c  USBHUB3 - ok
18:06:14.0151 0x1a5c  [ A0F0484C97D6441ED6A75D7426ECCC9E, FF928ADE1C5464E581BF929F7383D5762D110EA6C7E31A6F0887EA7357ADBEFE ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
18:06:14.0152 0x1a5c  usbohci - ok
18:06:14.0157 0x1a5c  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
18:06:14.0158 0x1a5c  usbprint - ok
18:06:14.0163 0x1a5c  [ 0F030491BA4A27BD46F8B8ACEEE83F1A, 7063855611BEF94D4D229BA1BE507ECBDD89F5861641A407EB3E2919A352F9D4 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
18:06:14.0164 0x1a5c  usbscan - ok
18:06:14.0172 0x1a5c  [ 9D168BFA334D47BE404367EB58D4E130, 23279CBE6ACBD074E7B268BA2EDA14E2255C41F8117173B2BBE653D8259ECFA2 ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
18:06:14.0176 0x1a5c  USBSTOR - ok
18:06:14.0180 0x1a5c  [ FC974B03C8B87455F44F734C8F31A3C8, D69F6EE8030F7DF96FF151D9EAA6AE65417ACAC5A267C7DB96E9611D5BC42D2C ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
18:06:14.0181 0x1a5c  usbuhci - ok
18:06:14.0191 0x1a5c  [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys
18:06:14.0196 0x1a5c  usbvideo - ok
18:06:14.0207 0x1a5c  [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
18:06:14.0214 0x1a5c  USBXHCI - ok
18:06:14.0220 0x1a5c  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc        C:\WINDOWS\system32\lsass.exe
18:06:14.0222 0x1a5c  VaultSvc - ok
18:06:14.0227 0x1a5c  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
18:06:14.0228 0x1a5c  vdrvroot - ok
18:06:14.0255 0x1a5c  [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds             C:\WINDOWS\System32\vds.exe
18:06:14.0279 0x1a5c  vds - ok
18:06:14.0287 0x1a5c  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
18:06:14.0290 0x1a5c  VerifierExt - ok
18:06:14.0307 0x1a5c  [ 8ABB4BABF59F092DF0B43778D8FD1884, 94C2100CE86448543A8DD586AD4A128AB9EB37959238D70F33EF59202270AC6C ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
18:06:14.0321 0x1a5c  vhdmp - ok
18:06:14.0325 0x1a5c  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\WINDOWS\system32\drivers\viaide.sys
18:06:14.0326 0x1a5c  viaide - ok
18:06:14.0331 0x1a5c  [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
18:06:14.0333 0x1a5c  vmbus - ok
18:06:14.0337 0x1a5c  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
18:06:14.0339 0x1a5c  VMBusHID - ok
18:06:14.0352 0x1a5c  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
18:06:14.0362 0x1a5c  vmicguestinterface - ok
18:06:14.0374 0x1a5c  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
18:06:14.0383 0x1a5c  vmicheartbeat - ok
18:06:14.0395 0x1a5c  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
18:06:14.0404 0x1a5c  vmickvpexchange - ok
18:06:14.0415 0x1a5c  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
18:06:14.0424 0x1a5c  vmicrdv - ok
18:06:14.0436 0x1a5c  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
18:06:14.0444 0x1a5c  vmicshutdown - ok
18:06:14.0456 0x1a5c  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
18:06:14.0464 0x1a5c  vmictimesync - ok
18:06:14.0476 0x1a5c  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
18:06:14.0485 0x1a5c  vmicvss - ok
18:06:14.0492 0x1a5c  [ 436E1A724E7E683F6B612D3D58F04241, 939B5EF0090DF3759295F88402FD0EA33F499DDA9F89E5D0E90D1F9AED65D491 ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
18:06:14.0494 0x1a5c  volmgr - ok
18:06:14.0507 0x1a5c  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
18:06:14.0513 0x1a5c  volmgrx - ok
18:06:14.0524 0x1a5c  [ 17F7B0F2298D97F4B6C7A69511033D3D, 5BDFC225F31553786726808FB7952940FC05CA72B3977D684056F42AFAA59565 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
18:06:14.0532 0x1a5c  volsnap - ok
18:06:14.0537 0x1a5c  [ DAC438FB5FF85A9E72806E2341D5D732, B1D1EFCA8C588A6BF53CEC941CC59702C366F15C7D5943431736EC857E57C0A2 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
18:06:14.0539 0x1a5c  vpci - ok
18:06:14.0546 0x1a5c  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
18:06:14.0550 0x1a5c  vsmraid - ok
18:06:14.0581 0x1a5c  [ D0CBA7B3531CCF2ADB985856D5F92434, 7FCBBCAF1AA85DCE8D75FB38DC4848AE12E8DD913CEBBC37BCD3D0123F0A3CAB ] VSS             C:\WINDOWS\system32\vssvc.exe
18:06:14.0607 0x1a5c  VSS - ok
18:06:14.0619 0x1a5c  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
18:06:14.0624 0x1a5c  VSTXRAID - ok
18:06:14.0628 0x1a5c  [ 71066FF95C487327E44C8AF1B72EBE8B, EA2729126B452CAE0C80D07501779D804B08E47F1217B61D53277B40869FEC25 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
18:06:14.0630 0x1a5c  vwifibus - ok
18:06:14.0635 0x1a5c  [ 29AB43937FFDA0B0FB56984226E698C6, 6A1A559964FE5D594E54988C46149969E6FFD5A8D5A6862E14648B608794CC29 ] vwififlt        C:\WINDOWS\system32\DRIVERS\vwififlt.sys
18:06:14.0637 0x1a5c  vwififlt - ok
18:06:14.0641 0x1a5c  [ 8B8624A93E3F88CB923AEB05B6313227, 2856B63CD376BF2B1A9129581E7B9207588D4EAFD29A2C8D98F176FEAFDE26A9 ] vwifimp         C:\WINDOWS\system32\DRIVERS\vwifimp.sys
18:06:14.0642 0x1a5c  vwifimp - ok
18:06:14.0653 0x1a5c  [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time         C:\WINDOWS\system32\w32time.dll
18:06:14.0662 0x1a5c  W32Time - ok
18:06:14.0666 0x1a5c  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
18:06:14.0667 0x1a5c  WacomPen - ok
18:06:14.0701 0x1a5c  [ 841345442390953CBC8801B95D3D0540, FD4F9FD2C4C60A1A580177FFF2E9035009AC6A38E78D4236B0ED4773E3B263EE ] wbengine        C:\WINDOWS\system32\wbengine.exe
18:06:14.0729 0x1a5c  wbengine - ok
18:06:14.0743 0x1a5c  [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
18:06:14.0753 0x1a5c  WbioSrvc - ok
18:06:14.0757 0x1a5c  [ 1CB5E844162845C099FA180EBB605C8E, 2BF9F5496572298EDAECFCE463BFE4A7749C994BB4D6ACC8605A4178A4DBA243 ] WCAssistantService C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
18:06:14.0758 0x1a5c  WCAssistantService - ok
18:06:14.0769 0x1a5c  [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
18:06:14.0777 0x1a5c  Wcmsvc - ok
18:06:14.0788 0x1a5c  [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
18:06:14.0798 0x1a5c  wcncsvc - ok
18:06:14.0802 0x1a5c  [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
18:06:14.0805 0x1a5c  WcsPlugInService - ok
18:06:14.0810 0x1a5c  [ F2E08D1C067FEFC3A42D21FD4810F1D3, A8AD114094D9AE3BC6F76940EF873FD21CCF130DE7F8712950F1962DCE25F1B3 ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
18:06:14.0811 0x1a5c  WdBoot - ok
18:06:14.0830 0x1a5c  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
18:06:14.0845 0x1a5c  Wdf01000 - ok
18:06:14.0855 0x1a5c  [ E234820E6B84ABA5E84E00227F505AE8, 645B809B883D8F678F2535B575AA1D595F27EBFCE0A16433E9A54CC266BD74F2 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
18:06:14.0860 0x1a5c  WdFilter - ok
18:06:14.0866 0x1a5c  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
18:06:14.0870 0x1a5c  WdiServiceHost - ok
18:06:14.0875 0x1a5c  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
18:06:14.0879 0x1a5c  WdiSystemHost - ok
18:06:14.0886 0x1a5c  [ A74AD6D80AC26E1B5DD276FC927F2BAC, F73F090D46BB2AAA6A8D148C658B2EA8C07B16201BB800A9283F4017DC249809 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
18:06:14.0889 0x1a5c  WdNisDrv - ok
18:06:14.0892 0x1a5c  WdNisSvc - ok
18:06:14.0902 0x1a5c  [ A70CAF5EA36CBA5FCA24244306D4D5C6, 76C3E20B62B89D9699A1E817377FAD70B144B877BCC5C850A5B64CC68184D8DA ] WebClient       C:\WINDOWS\System32\webclnt.dll
18:06:14.0908 0x1a5c  WebClient - ok
18:06:14.0916 0x1a5c  [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
18:06:14.0922 0x1a5c  Wecsvc - ok
18:06:14.0926 0x1a5c  [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
18:06:14.0930 0x1a5c  WEPHOSTSVC - ok
18:06:14.0935 0x1a5c  [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
18:06:14.0939 0x1a5c  wercplsupport - ok
18:06:14.0944 0x1a5c  [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
18:06:14.0948 0x1a5c  WerSvc - ok
18:06:14.0956 0x1a5c  [ 715ABA3DD164D06457A2A3C92F6EA9D5, E6F8269D2FFC4A548B65724C0A3F53756ED15E47229861FBD40B656EE40FE166 ] WFPLWFS         C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
18:06:14.0959 0x1a5c  WFPLWFS - ok
18:06:14.0965 0x1a5c  [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
18:06:14.0968 0x1a5c  WiaRpc - ok
18:06:14.0972 0x1a5c  [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
18:06:14.0974 0x1a5c  WIMMount - ok
18:06:14.0975 0x1a5c  WinDefend - ok
18:06:14.0997 0x1a5c  [ 0E70990EC2E5D2331AA5E88DB0CFB826, 79DFF565C3FCBC691E8FEB669CEC00E340FD2A2AFA4488D23A7CC63A2A98A5C1 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
18:06:15.0011 0x1a5c  WinHttpAutoProxySvc - ok
18:06:15.0024 0x1a5c  [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
18:06:15.0028 0x1a5c  Winmgmt - ok
18:06:15.0078 0x1a5c  [ B56BFFFB740D76E634DB7B4802E36E4E, 2AA84756DE882463AE4C7BA0DCDEE3E5501DDF673ADD3F37B2B814FB0342E61F ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
18:06:15.0125 0x1a5c  WinRM - ok
18:06:15.0137 0x1a5c  [ 3AF1FA17F1C4ACBDB660D8F98B1A9C13, 99B0851410B462685F6705EBF832D10943FB9634030B02D15BF5D0C66F26F2C2 ] WinUsb          C:\WINDOWS\System32\drivers\WinUsb.sys
18:06:15.0139 0x1a5c  WinUsb - ok
18:06:15.0173 0x1a5c  [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
18:06:15.0199 0x1a5c  WlanSvc - ok
18:06:15.0233 0x1a5c  [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
18:06:15.0263 0x1a5c  wlidsvc - ok
18:06:15.0270 0x1a5c  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
18:06:15.0271 0x1a5c  WmiAcpi - ok
18:06:15.0280 0x1a5c  [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
18:06:15.0284 0x1a5c  wmiApSrv - ok
18:06:15.0286 0x1a5c  WMPNetworkSvc - ok
18:06:15.0294 0x1a5c  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
18:06:15.0297 0x1a5c  Wof - ok
18:06:15.0333 0x1a5c  [ EDFA5CEDBE174FAAA4A09A6B297AEA42, 5998FE15462E4AD9C7B1444E5E2C17BD470DA3A5D474A0A118E02E47DADC678A ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
18:06:15.0363 0x1a5c  workfolderssvc - ok
18:06:15.0369 0x1a5c  [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
18:06:15.0371 0x1a5c  wpcfltr - ok
18:06:15.0376 0x1a5c  [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc          C:\WINDOWS\System32\wpcsvc.dll
18:06:15.0378 0x1a5c  WPCSvc - ok
18:06:15.0384 0x1a5c  [ 25BE82B325AC22FE563A58A1AC29F4C1, 4247BAA9A44C964446F81ED44F18B28F1F730F46851EC2B756BAC57FB9D86700 ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
18:06:15.0388 0x1a5c  WPDBusEnum - ok
18:06:15.0392 0x1a5c  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
18:06:15.0394 0x1a5c  WpdUpFltr - ok
18:06:15.0398 0x1a5c  [ 7CA09731EB7FC99B910C7F239E57720F, 502F8917A0811F37C39B2B3F5E9B4F38A0E899C30CB29D3ECD87A50FF228E536 ] WPRO_41_2001    C:\WINDOWS\system32\drivers\WPRO_41_2001.sys
18:06:15.0400 0x1a5c  WPRO_41_2001 - ok

gapkathl · 26.07.2017, 17:51

TDSSKiller - Teil 2

Code:

ATTFilter

18:06:15.0404 0x1a5c  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
18:06:15.0405 0x1a5c  ws2ifsl - ok
18:06:15.0411 0x1a5c  [ 501D5EFAB9711039479AE48401386D2B, C8C1184DE93E9D2C4E8A60E4E9980745C4E5470E5DA9B59165D18705330ADEFE ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
18:06:15.0416 0x1a5c  wscsvc - ok
18:06:15.0419 0x1a5c  [ F586F3F1BF962FE9AE4316E0D896B22F, 8D0AD48D79294567123D943D0F5B6D5A32D7A82B129A24DC821D3095AFAA100B ] WSDPrintDevice  C:\WINDOWS\System32\drivers\WSDPrint.sys
18:06:15.0420 0x1a5c  WSDPrintDevice - ok
18:06:15.0424 0x1a5c  [ 58035FD3369879E02D65989C44D27450, B9245DB5C17F7CE94FAA20AB4B0D06A4DFB6133C6E82343758CDC713EB64DFEF ] WSDScan         C:\WINDOWS\system32\DRIVERS\WSDScan.sys
18:06:15.0425 0x1a5c  WSDScan - ok
18:06:15.0428 0x1a5c  WSearch - ok
18:06:15.0496 0x1a5c  [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService       C:\WINDOWS\System32\WSService.dll
18:06:15.0554 0x1a5c  WSService - ok
18:06:15.0626 0x1a5c  [ F8AAE8C41092D195C470EE7EF2D0BB01, D02B608244D084669632F60CC977BA10A9A5F7CEA73F15A8ADE6BF9EFE8C4052 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
18:06:15.0689 0x1a5c  wuauserv - ok
18:06:15.0698 0x1a5c  [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
18:06:15.0701 0x1a5c  WudfPf - ok
18:06:15.0709 0x1a5c  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
18:06:15.0713 0x1a5c  WUDFRd - ok
18:06:15.0719 0x1a5c  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFSensorLP    C:\WINDOWS\System32\drivers\WUDFRd.sys
18:06:15.0722 0x1a5c  WUDFSensorLP - ok
18:06:15.0728 0x1a5c  [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
18:06:15.0732 0x1a5c  wudfsvc - ok
18:06:15.0743 0x1a5c  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs       C:\WINDOWS\System32\drivers\WUDFRd.sys
18:06:15.0746 0x1a5c  WUDFWpdFs - ok
18:06:15.0752 0x1a5c  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp      C:\WINDOWS\System32\drivers\WUDFRd.sys
18:06:15.0756 0x1a5c  WUDFWpdMtp - ok
18:06:15.0769 0x1a5c  [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
18:06:15.0781 0x1a5c  WwanSvc - ok
18:06:15.0848 0x1a5c  [ 2AC426C57AC3D6A226D66E5A03223C90, 45AD44153D280E4066BA62260CE7733AC3DC23D59951BBCC0F8D4F5226F97203 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
18:06:15.0899 0x1a5c  ZeroConfigService - ok
18:06:15.0909 0x1a5c  ================ Scan global ===============================
18:06:15.0914 0x1a5c  [ 3500AF0BA2EF095BF313EEB75D2366C6, C755E57B02BFA82151A182DF964349859575570EA5C3FBA81F747B8D2134A4D0 ] C:\WINDOWS\system32\basesrv.dll
18:06:15.0921 0x1a5c  [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\WINDOWS\system32\winsrv.dll
18:06:15.0929 0x1a5c  [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\WINDOWS\system32\sxssrv.dll
18:06:15.0941 0x1a5c  [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\WINDOWS\system32\services.exe
18:06:15.0951 0x1a5c  [ Global ] - ok
18:06:15.0951 0x1a5c  ================ Scan MBR ==================================
18:06:15.0953 0x1a5c  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
18:06:15.0976 0x1a5c  \Device\Harddisk0\DR0 - ok
18:06:15.0976 0x1a5c  ================ Scan VBR ==================================
18:06:15.0978 0x1a5c  [ 5AC949AD54440209546F64FA05619BDF ] \Device\Harddisk0\DR0\Partition1
18:06:15.0979 0x1a5c  \Device\Harddisk0\DR0\Partition1 - ok
18:06:15.0981 0x1a5c  [ 7A6C8F728090BBF79297C1DFD05C1F6A ] \Device\Harddisk0\DR0\Partition2
18:06:15.0982 0x1a5c  \Device\Harddisk0\DR0\Partition2 - ok
18:06:15.0984 0x1a5c  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
18:06:15.0984 0x1a5c  \Device\Harddisk0\DR0\Partition3 - ok
18:06:15.0987 0x1a5c  [ FF260C8F85C8FF184908856C16606068 ] \Device\Harddisk0\DR0\Partition4
18:06:15.0988 0x1a5c  \Device\Harddisk0\DR0\Partition4 - ok
18:06:15.0990 0x1a5c  [ FC71A7A2F775B46BA26C5D76644DD482 ] \Device\Harddisk0\DR0\Partition5
18:06:15.0991 0x1a5c  \Device\Harddisk0\DR0\Partition5 - ok
18:06:15.0994 0x1a5c  [ 5B61775B68688C84E43788BA9F3E1099 ] \Device\Harddisk0\DR0\Partition6
18:06:15.0995 0x1a5c  \Device\Harddisk0\DR0\Partition6 - ok
18:06:15.0997 0x1a5c  [ 685523B0E023FA3CC230A4D81A0F44EA ] \Device\Harddisk0\DR0\Partition7
18:06:15.0998 0x1a5c  \Device\Harddisk0\DR0\Partition7 - ok
18:06:16.0000 0x1a5c  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition8
18:06:16.0000 0x1a5c  \Device\Harddisk0\DR0\Partition8 - ok
18:06:16.0001 0x1a5c  ================ Scan generic autorun ======================
18:06:16.0070 0x1a5c  [ 18B40C7AF31127F4F0DD8BE2F8C79AFA, 6F1870E66CBAA36A2660A036B5606FC2686240286F0750F57203EE58E7D2232D ] c:\Program Files\Dell\QuickSet\QuickSet.exe
18:06:16.0126 0x1a5c  QuickSet - ok
18:06:16.0135 0x1a5c  BTMTrayAgent - ok
18:06:16.0229 0x1a5c  [ 9EC647ACB1E33073EE50A7C55D662C9D, 3F500106C13B56B091A756958D8ACFDB120271FACCF5D82317816FB57072C8CC ] C:\Program Files\Intel\CCDashboard\bin\CCDashServer.exe
18:06:16.0300 0x1a5c  IntelMyWiFiDashboard - ok
18:06:16.0338 0x1a5c  [ 94BFCE236D6340011721470E394056E3, 42A7808F6C53C268354E9E47F0689FE2B4717F61E97CBAA0ABF33E0275B908EF ] C:\Program Files\IDT\WDM\sttray64.exe
18:06:16.0359 0x1a5c  SysTrayApp - ok
18:06:16.0363 0x1a5c  SynTPEnh - ok
18:06:16.0369 0x1a5c  [ 076B3EE149E01ADBAC2DC529554A3FD9, 4F65D9D2EE44829AA2264210112851E899165C2346489BEBE679C41420CF7D07 ] C:\Program Files\iTunes\iTunesHelper.exe
18:06:16.0372 0x1a5c  iTunesHelper - ok
18:06:16.0432 0x1a5c  [ A6A21A7D544675E98C040DA18904CF50, AACB578C297C7AC9FEBDAB4AD20235E5CFF6E3F260E76E6AE18D43DC57D69672 ] C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe
18:06:16.0474 0x1a5c  Malwarebytes TrayApp - ok
18:06:16.0484 0x1a5c  [ 28BBBFCC1AD839D1EED3AB392353590F, 9273EF234AC64DBC50EC25DE2DB5B99AAB42F340D9F7327F2AD88CAAC887EDDC ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
18:06:16.0485 0x1a5c  IAStorIcon - ok
18:06:16.0491 0x1a5c  [ 724CB7A116F7E1A67009D751BCF86586, F0C4BE7451C5573AD584F5EF125C0702841E30D928909B5B3EA702831EF2FD9B ] C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
18:06:16.0493 0x1a5c  CLMLServer_For_P2G8 - ok
18:06:16.0506 0x1a5c  [ 3A632F4EA3386DFEE9D8FDE68C34EFE0, 481B3732D47E3738F74C073CEA41CAD3AF64F702FD42ECCE6551B53AFDAE72AD ] C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe
18:06:16.0513 0x1a5c  CLVirtualDrive - ok
18:06:16.0521 0x1a5c  [ 9388FBA0B9985B18B3693A32B530A16B, F3C3DCDB4D66433EB33C7BA3BD1B8B80E8E67E6B3614DDF37EE77FEA143015B3 ] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
18:06:16.0524 0x1a5c  RemoteControl10 - ok
18:06:16.0539 0x1a5c  [ 37763602F98C51ED455E0C420BB096D5, C1DAFEB7C211052F3E8C5F3D48B9223AC1D4D26A7050A08F935CDBF484DB28CB ] C:\Program Files\McAfee.com\Agent\mcagent.exe
18:06:16.0547 0x1a5c  mcui_exe - ok
18:06:16.0552 0x1a5c  [ 4275C55AA440DC08EA0267AED31D9654, A5EF4505960D9CECC45376026A8B51FF43282AE811C88617CCD8F7F1E6E56A7B ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
18:06:16.0554 0x1a5c  APSDaemon - ok
18:06:16.0577 0x1a5c  [ 73F1B07CF82235B25BCC3E9A7522ACCB, 47221B8DFF5A44050AFB0AB5A249FEECE36BE2E000D6529E099128EEDFA647DA ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe
18:06:16.0588 0x1a5c  StartCCC - ok
18:06:16.0598 0x1a5c  [ 2A3FB4C98F139038E23330D2439DB8A4, DE9253AD362B03FA5D3D4912662398E5C4AC76F7274B83E51C251A6921A5B838 ] C:\Users\Kathrin\AppData\Local\Facebook\Update\FacebookUpdate.exe
18:06:16.0601 0x1a5c  Facebook Update - ok
18:06:16.0641 0x1a5c  [ 30408F067C1F35DE86A492E55483763E, 85F8EA96BCB3D93E762D8C19D8A48CFDF49E83E50260B12B91B79422E96F5A12 ] C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
18:06:16.0668 0x1a5c  Web Companion - ok
18:06:16.0674 0x1a5c  Skype - ok
18:06:16.0688 0x1a5c  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.209.0 ), 0x60100 ( disabled : updated )
18:06:16.0688 0x1a5c  AV detected via SS2: McAfee VirusScan, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 16.1.0.0 ), 0x51000 ( enabled : updated )
18:06:16.0689 0x1a5c  FW detected via SS2: McAfee Firewall, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 16.1.0.0 ), 0x51010 ( enabled )
18:06:16.0690 0x1a5c  ============================================================
18:06:16.0690 0x1a5c  Scan finished
18:06:16.0690 0x1a5c  ============================================================
18:06:16.0696 0x2680  Detected object count: 0
18:06:16.0696 0x2680  Actual detected object count: 0
18:07:22.0684 0x27ac  ============================================================
18:07:22.0684 0x27ac  Scan started
18:07:22.0684 0x27ac  Mode: Manual; SigCheck; TDLFS; 
18:07:22.0684 0x27ac  ============================================================
18:07:22.0684 0x27ac  KSN ping started
18:07:25.0763 0x27ac  KSN ping finished: true
18:07:26.0044 0x27ac  ================ Scan system memory ========================
18:07:26.0044 0x27ac  System memory - ok
18:07:26.0044 0x27ac  ================ Scan services =============================
18:07:26.0106 0x27ac  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
18:07:26.0153 0x27ac  1394ohci - ok
18:07:26.0153 0x27ac  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
18:07:26.0169 0x27ac  3ware - ok
18:07:26.0184 0x27ac  [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
18:07:26.0200 0x27ac  ACPI - ok
18:07:26.0200 0x27ac  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
18:07:26.0216 0x27ac  acpiex - ok
18:07:26.0216 0x27ac  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
18:07:26.0232 0x27ac  acpipagr - ok
18:07:26.0232 0x27ac  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
18:07:26.0247 0x27ac  AcpiPmi - ok
18:07:26.0247 0x27ac  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
18:07:26.0263 0x27ac  acpitime - ok
18:07:26.0294 0x27ac  [ 0DC99843E91A0313F0C6591656D650A5, 583DCD5D3BA3F470FF9F39221358EF2DF01FE62B98562FCFD1AD99FA1C01892E ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:07:26.0310 0x27ac  AdobeFlashPlayerUpdateSvc - ok
18:07:26.0325 0x27ac  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
18:07:26.0341 0x27ac  ADP80XX - ok
18:07:26.0357 0x27ac  [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc     C:\WINDOWS\System32\aelupsvc.dll
18:07:26.0372 0x27ac  AeLookupSvc - ok
18:07:26.0388 0x27ac  [ A460C3AF3755A2A79A3C8EFE72E147B5, 62CEA85DA53D86D3E7B5D79F94095C6126FFF3DEE1427BBF3DEF5EA366B4513B ] AFD             C:\WINDOWS\system32\drivers\afd.sys
18:07:26.0403 0x27ac  AFD - ok
18:07:26.0403 0x27ac  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
18:07:26.0419 0x27ac  agp440 - ok
18:07:26.0419 0x27ac  [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
18:07:26.0435 0x27ac  ahcache - ok
18:07:26.0450 0x27ac  [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG             C:\WINDOWS\System32\alg.exe
18:07:26.0450 0x27ac  ALG - ok
18:07:26.0466 0x27ac  [ 6CF81DD5083D7F94A7E76E50429A949C, 19240502A6406924F889D1AFA975B975A300776D8B2D0557181DF13649622E2B ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
18:07:26.0482 0x27ac  AMD External Events Utility - ok
18:07:26.0482 0x27ac  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
18:07:26.0497 0x27ac  AmdK8 - ok
18:07:26.0732 0x27ac  [ 71F8D8B977ACC5973FA042BF906E709F, 8106C5F5C8E40344CCCDB912845786DF287BDF068D7A6EF9D26B00FA1754C1BC ] amdkmdag        C:\WINDOWS\system32\DRIVERS\atikmdag.sys
18:07:26.0982 0x27ac  amdkmdag - ok
18:07:27.0013 0x27ac  [ 4AA027F91A8093B1CDF453B5394F6715, E6D15E959637C102A34F73F66BFDC38436575A2FEFFC3976ACF399A472F126A5 ] amdkmdap        C:\WINDOWS\system32\DRIVERS\atikmpag.sys
18:07:27.0044 0x27ac  amdkmdap - ok
18:07:27.0044 0x27ac  [ 8A375CB3B6D1A56A2AEEE72A5F1D0926, 03D6EA77B141675B719E66DA09D1DACC7137B19F9918C303DD6870B3F36ADEBB ] amdkmpfd        C:\WINDOWS\system32\drivers\amdkmpfd.sys
18:07:27.0060 0x27ac  amdkmpfd - ok
18:07:27.0060 0x27ac  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
18:07:27.0075 0x27ac  AmdPPM - ok
18:07:27.0075 0x27ac  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
18:07:27.0091 0x27ac  amdsata - ok
18:07:27.0091 0x27ac  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
18:07:27.0107 0x27ac  amdsbs - ok
18:07:27.0122 0x27ac  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
18:07:27.0122 0x27ac  amdxata - ok
18:07:27.0138 0x27ac  [ FB88245C1815EB1588DBC364A8D24522, 8DF136DE523EB39199FC993C48D850AD5B57FD9808B778FEF77FDC737F1A0026 ] AMPPAL          C:\WINDOWS\System32\drivers\AMPPAL.sys
18:07:27.0138 0x27ac  AMPPAL - ok
18:07:27.0154 0x27ac  [ A73CEA1B1B0A4F6D10BFD3B9AD9DC5F9, A2A4C8FA566BE06A64A34DEBF2647AA40B31BEBA677D548CAE3100EF20632EB7 ] AMPPALR3        C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
18:07:27.0185 0x27ac  AMPPALR3 - ok
18:07:27.0185 0x27ac  [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID           C:\WINDOWS\system32\drivers\appid.sys
18:07:27.0200 0x27ac  AppID - ok
18:07:27.0200 0x27ac  [ 88358135810B9DFD830A9D3A8C3D149A, DF914DA3828EE2310895D156342E3B3DF5E8C6F6F9B851C359E82A1F48180D4B ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
18:07:27.0216 0x27ac  AppIDSvc - ok
18:07:27.0216 0x27ac  [ 734622FBA766DBD65B1803549B24A04A, 3B6872B87A60D4DA265D3B8AB0561A929CFE2C097419183E93D3843422363C89 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
18:07:27.0237 0x27ac  Appinfo - ok
18:07:27.0237 0x27ac  [ 612CB66D93ED0F2F21BB109840C7D813, 75484123DA27B8942B13148FCF061C75A08A50386A095143736B593E9C772173 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:07:27.0253 0x27ac  Apple Mobile Device Service - ok
18:07:27.0269 0x27ac  [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
18:07:27.0284 0x27ac  AppReadiness - ok
18:07:27.0315 0x27ac  [ E0F846ADE7DED88981D0908DE56FF160, D8F536438091878724A5004849306ADFB96A2778A9D958ED3DCC0CD9E35160BB ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
18:07:27.0347 0x27ac  AppXSvc - ok
18:07:27.0347 0x27ac  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
18:07:27.0362 0x27ac  arcsas - ok
18:07:27.0362 0x27ac  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
18:07:27.0378 0x27ac  atapi - ok
18:07:27.0394 0x27ac  [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
18:07:27.0394 0x27ac  AudioEndpointBuilder - ok
18:07:27.0425 0x27ac  [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
18:07:27.0440 0x27ac  Audiosrv - ok
18:07:27.0456 0x27ac  [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
18:07:27.0472 0x27ac  AxInstSV - ok
18:07:27.0472 0x27ac  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
18:07:27.0503 0x27ac  b06bdrv - ok
18:07:27.0503 0x27ac  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
18:07:27.0519 0x27ac  BasicDisplay - ok
18:07:27.0519 0x27ac  [ 195BD339B4B782B42C19489DCFB4D110, E63CC0AEF1875D5D127E341CF65117DABC9E376A83E615EC8D01F6AB705DABAD ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
18:07:27.0534 0x27ac  BasicRender - ok
18:07:27.0534 0x27ac  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
18:07:27.0550 0x27ac  bcmfn2 - ok
18:07:27.0550 0x27ac  [ 174394F4EF93C117BF7BE3878046A1B1, D58E868342D1DAFC4B04384A3713F729DF07F408AA6AE4762E6A4244F976526A ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
18:07:27.0565 0x27ac  BDESVC - ok
18:07:27.0581 0x27ac  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
18:07:27.0581 0x27ac  Beep - ok
18:07:27.0612 0x27ac  [ 5059D93764340D4EAEDF49C47133118F, 26C5779469E04BEAFD290B619CA355648F3911C66D41B22D2C3DCA909FCA0F6E ] BFE             C:\WINDOWS\System32\bfe.dll
18:07:27.0628 0x27ac  BFE - ok
18:07:27.0659 0x27ac  [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS            C:\WINDOWS\System32\qmgr.dll
18:07:27.0675 0x27ac  BITS - ok
18:07:27.0706 0x27ac  [ 4AF14827F1584D084BC136A51FAA8397, B6202545E2459D648BF668F7025A139F64DB6F28F88773FD997DFF10003D9B7C ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
18:07:27.0737 0x27ac  Bluetooth Device Monitor - ok
18:07:27.0753 0x27ac  [ BC89A4C6A2A9C65E8E88AD0B3BF180FD, 06ECD1BF3F3526A77E389413D060BAB6BD50E5DC4C926C8EFCE2B04D56EE16E4 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
18:07:27.0784 0x27ac  Bluetooth OBEX Service - ok
18:07:27.0800 0x27ac  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:07:27.0815 0x27ac  Bonjour Service - ok
18:07:27.0815 0x27ac  [ 4938A9236300A356F97E378491EE4844, 60D892960D48EEF48F8EC4DE4F174EBD0BC0E7B28B6D8723D554CD1979EB55B4 ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
18:07:27.0831 0x27ac  bowser - ok
18:07:27.0831 0x27ac  [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
18:07:27.0847 0x27ac  BrokerInfrastructure - ok
18:07:27.0862 0x27ac  [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser         C:\WINDOWS\System32\browser.dll
18:07:27.0878 0x27ac  Browser - ok
18:07:27.0878 0x27ac  [ F4CB6F457D019857C8DB6F04CA2957F5, D9E7DD49AF9C38D1696045F6004E1B504A65227B41256961E28A8DCA9B068EA9 ] BthA2DP         C:\WINDOWS\system32\drivers\BthA2DP.sys
18:07:27.0894 0x27ac  BthA2DP - ok
18:07:27.0894 0x27ac  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
18:07:27.0909 0x27ac  BthAvrcpTg - ok
18:07:27.0909 0x27ac  [ 1104A31260CCF4318C884E0AE6C513BF, A8F83B558944DEF0F84414A11DC3CB90C3A92377B46760EC0A9B8BC22FB0D5C7 ] BthEnum         C:\WINDOWS\System32\drivers\BthEnum.sys
18:07:27.0925 0x27ac  BthEnum - ok
18:07:27.0925 0x27ac  [ 7A2E3CB427309F56C2571F0610B7ADA8, 25C178EA7FC2CE6375CA1B75057FA7A992CF71BB7821F4A71107CDE6D0F04667 ] BthHFAud        C:\WINDOWS\System32\drivers\BthHfAud.sys
18:07:27.0940 0x27ac  BthHFAud - ok
18:07:27.0940 0x27ac  [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
18:07:27.0956 0x27ac  BthHFEnum - ok
18:07:27.0956 0x27ac  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
18:07:27.0972 0x27ac  bthhfhid - ok
18:07:27.0987 0x27ac  [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
18:07:28.0003 0x27ac  BthHFSrv - ok
18:07:28.0003 0x27ac  [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum       C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys
18:07:28.0019 0x27ac  BthLEEnum - ok
18:07:28.0034 0x27ac  [ 66B791F6B11DC4303DD18A224A501542, 502AE4D6FFC6B0FCED081B0E0F61F699F96F20DFEE737B53828F5DEE3BD0FCB1 ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
18:07:28.0034 0x27ac  BTHMODEM - ok
18:07:28.0050 0x27ac  [ D0AF91AF656E25AD8617EFA5B52EF457, FD723D99A0B8466BD991648DEED1831D32FD3A5995DD0E0837390746B8A7B439 ] BthPan          C:\WINDOWS\System32\drivers\bthpan.sys
18:07:28.0050 0x27ac  BthPan - ok
18:07:28.0081 0x27ac  [ 0CC00ADC1B84C93FB46E1A0974E956E1, 64C759244651B916901F4D0C82C3D6034532A20714A72FD26FC9D050B99E230B ] BTHPORT         C:\WINDOWS\System32\Drivers\BTHport.sys
18:07:28.0112 0x27ac  BTHPORT - ok
18:07:28.0128 0x27ac  [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv         C:\WINDOWS\system32\bthserv.dll
18:07:28.0128 0x27ac  bthserv - ok
18:07:28.0144 0x27ac  [ 9310C81BE4D5EA33798A99355BB53E94, 127D1CC281996FD7B4359858A7B3EDB6FF4987EF463406259DA04D6F65DA1478 ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
18:07:28.0144 0x27ac  BTHSSecurityMgr - ok
18:07:28.0159 0x27ac  [ 08EA90955AED2D959EE67DF6EDF0E2B6, 0A70AA67E5DD24C473C66A570C0FEBA9D398A0F0AD8386FE05D01C4D16346968 ] BTHUSB          C:\WINDOWS\System32\Drivers\BTHUSB.sys
18:07:28.0159 0x27ac  BTHUSB - ok
18:07:28.0190 0x27ac  [ 1134650C2F97611ACCDB02BC904AD35D, 59590C7C7D79105C4ED3F610861D58F55C3D7DDA6A13BBC9145AE23A3723B482 ] btmhsf          C:\WINDOWS\system32\DRIVERS\btmhsf.sys
18:07:28.0222 0x27ac  btmhsf - ok
18:07:28.0222 0x27ac  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
18:07:28.0237 0x27ac  cdfs - ok
18:07:28.0237 0x27ac  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
18:07:28.0253 0x27ac  cdrom - ok
18:07:28.0253 0x27ac  [ ACFDC4EE40EC6E4A0AB91D923B8288C8, D31555AB31F504C247049219BE0ECDF26BB18E210BE7C45E8575FD166FD7EE23 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
18:07:28.0269 0x27ac  CertPropSvc - ok
18:07:28.0284 0x27ac  [ FB269C967C148E7EAC674718BF48E041, C5ABB51CD35360A752C2D029E1DA377865C9FF285309FDEFF6B6957095229A72 ] cfwids          C:\WINDOWS\system32\drivers\cfwids.sys
18:07:28.0284 0x27ac  cfwids - ok
18:07:28.0300 0x27ac  [ 59B4AB79011957DD3B83F0C2E63741BD, 5DE68785D701DBA0F98452B7D5CC407BEECD51685F39516157733CED2EF2FA19 ] chip1click      C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe
18:07:28.0300 0x27ac  chip1click - detected UnsignedFile.Multi.Generic ( 1 )
18:07:28.0347 0x27ac  chip1click ( UnsignedFile.Multi.Generic ) - warning
18:07:28.0347 0x27ac  Force sending object to P2P due to detect: chip1click
18:07:28.0347 0x27ac  Object send P2P result: false
18:07:28.0362 0x27ac  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
18:07:28.0362 0x27ac  circlass - ok
18:07:28.0378 0x27ac  [ B02ABFC429213E57019A56E2C204935C, 827E66D32EB078CAC6E96F7267BE91AAD78F982545D26C6758508D57F453342D ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
18:07:28.0394 0x27ac  CLFS - ok
18:07:28.0425 0x27ac  [ 85F31D4986E81CF3E78A5E2442C8F7AF, B6E6233D63A2C3E7AF0A9BBB62799159BF96C0F0EEBBC9B523BD227CC7A746B3 ] ClientAnalyticsService C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe
18:07:28.0472 0x27ac  ClientAnalyticsService - ok
18:07:28.0487 0x27ac  [ 075CCE75090786F124573A788C8656E6, AA188CFF2F8EE2D9F50701AB2315D24E15D7715FD84F5054D3FC175D4BD35734 ] CLVirtualDrive  C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys
18:07:28.0503 0x27ac  CLVirtualDrive - ok
18:07:28.0503 0x27ac  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
18:07:28.0519 0x27ac  CmBatt - ok
18:07:28.0534 0x27ac  [ C8823A6ECE66B997C8E9F413D1D671E7, D739A194BCA4C1979C5B2A71F4B8DAB0BCC1524808C50BA302847B6C82D77250 ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
18:07:28.0550 0x27ac  CNG - ok
18:07:28.0565 0x27ac  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\WINDOWS\System32\drivers\CompositeBus.sys
18:07:28.0565 0x27ac  CompositeBus - ok
18:07:28.0581 0x27ac  COMSysApp - ok
18:07:28.0581 0x27ac  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
18:07:28.0597 0x27ac  condrv - ok
18:07:28.0628 0x27ac  [ 15FBADDC84ED202E59A4F1B201CC692C, A50092155B18DAD51049A72503002F08C1BB2DFDA239C4D3555360C163F2F782 ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
18:07:28.0644 0x27ac  cphs - ok
18:07:28.0644 0x27ac  [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
18:07:28.0659 0x27ac  CryptSvc - ok
18:07:28.0659 0x27ac  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\WINDOWS\system32\drivers\dam.sys
18:07:28.0675 0x27ac  dam - ok
18:07:28.0675 0x27ac  [ D06E443457FADC6B1AFAF3AA4B6936F6, 109B4D05E156604AFB3D63B380CC063B900AEB12F57A1D235B9F9399EE0909C7 ] dc3d            C:\WINDOWS\system32\DRIVERS\dc3d.sys
18:07:28.0690 0x27ac  dc3d - ok
18:07:28.0706 0x27ac  [ 20CC6E9FE25ACD34BE4FCDDB7B08364D, 295B2BBDC860A4CD65CD09C975D08CA1B8E4FE60AD0CA084CAB149A3E9D64B40 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
18:07:28.0737 0x27ac  DcomLaunch - ok
18:07:28.0737 0x27ac  [ A9DD971DDC793C549AFB97A6DDBD76B6, 5E35F4FFF5DC09A122DB93B760E13538AC5B6034EF72DB544815B3C6CD42DDD4 ] DDDriver        C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys
18:07:28.0753 0x27ac  DDDriver - ok
18:07:28.0753 0x27ac  [ 85A515EEF5625E8DEFCF798548F043D9, 1AAB1BA945A78768EFEA8E96903E51F4F18EFC78BAC24590FDB5B6425EF2698B ] DDVCollectorSvcApi C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
18:07:28.0769 0x27ac  DDVCollectorSvcApi - ok
18:07:28.0831 0x27ac  [ 46D8B6F60307E6D6A6367CA14EA7033C, 4DF030FC29D850A588C6FFC74FC2EDD3D0AF76B05D6601C58CAB3B981104B181 ] DDVDataCollector C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
18:07:28.0894 0x27ac  DDVDataCollector - ok
18:07:28.0909 0x27ac  [ B3B3F06E1B32F37BC11274B110681F32, 97AD34ECC2B21DD8EDDD40527443D61BD2DBE2424FE45B957E9730E0158272F8 ] DDVRulesProcessor C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
18:07:28.0925 0x27ac  DDVRulesProcessor - ok
18:07:28.0925 0x27ac  [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
18:07:28.0956 0x27ac  defragsvc - ok
18:07:28.0956 0x27ac  [ 04D91223860DB9B4169909A01CD66819, 0B598306E99BF9AF036908C9333D34A81F7A9FF292213A9EB583F3F4C8FE2CB1 ] Dell Customer Connect C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
18:07:28.0972 0x27ac  Dell Customer Connect - ok
18:07:28.0972 0x27ac  [ 8205B97AAF15AFDD2ED7D8E6C5088396, E0B3E8E2856FD06F8AC892266E00D157F55A0EC895B8FF16AC6EDE9467694985 ] DellProf        C:\WINDOWS\system32\drivers\DellProf.sys
18:07:28.0972 0x27ac  DellProf - ok
18:07:28.0987 0x27ac  [ DC253191A553DACA7684CFB5B03A4268, 2D651A059F1334671E875EB4FC642383DCC00710809255DA29F96C41EC2C8205 ] DellRbtn        C:\WINDOWS\System32\drivers\DellRbtn.sys
18:07:28.0987 0x27ac  DellRbtn - ok
18:07:29.0003 0x27ac  [ CAE8AEB8CABCC87D87763B7B97C24532, FE2EE43A44DA70CA45F783A25B94FE9D70E4B717D1BF2F28927FA1CD0A0460E9 ] DellUpdate      C:\Program Files (x86)\Dell Update\DellUpService.exe
18:07:29.0019 0x27ac  DellUpdate - ok
18:07:29.0019 0x27ac  [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
18:07:29.0034 0x27ac  DeviceAssociationService - ok
18:07:29.0050 0x27ac  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
18:07:29.0066 0x27ac  DeviceInstall - ok
18:07:29.0066 0x27ac  [ 4FED6AD69C9EE1EE7FD3C88437138855, 71E0863898F2E3B1F9769C8A9980E2063042961D417FE0C969B2E5B7A0013978 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
18:07:29.0081 0x27ac  Dfsc - ok
18:07:29.0097 0x27ac  [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
18:07:29.0112 0x27ac  Dhcp - ok
18:07:29.0144 0x27ac  [ 0AC9F83A5508935DE89C447473085EEA, 223782B17BACEFB0A663EB13514B68B919C95EF641CDDA7AC30CB239BC4307EC ] DiagTrack       C:\WINDOWS\system32\diagtrack.dll
18:07:29.0175 0x27ac  DiagTrack - ok
18:07:29.0191 0x27ac  [ 8B1E62881D5AC68E673CD94B136B34AC, A0C50F17041E43AC07B67A74F2C408820316201439F47CDEA37A4F5891CC0E6F ] disk            C:\WINDOWS\system32\drivers\disk.sys
18:07:29.0191 0x27ac  disk - ok
18:07:29.0206 0x27ac  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
18:07:29.0206 0x27ac  dmvsc - ok
18:07:29.0222 0x27ac  [ 1E365F2B4C8F6D4D9FF0D1B4A93C230C, 5CAC22131F376D55F09BF875F7CBC4D8827EBC189EEB5D713D693A3510B20077 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
18:07:29.0237 0x27ac  Dnscache - ok
18:07:29.0237 0x27ac  [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
18:07:29.0253 0x27ac  dot3svc - ok
18:07:29.0269 0x27ac  [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS             C:\WINDOWS\system32\dps.dll
18:07:29.0284 0x27ac  DPS - ok
18:07:29.0284 0x27ac  [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
18:07:29.0284 0x27ac  drmkaud - ok
18:07:29.0300 0x27ac  [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
18:07:29.0316 0x27ac  DsmSvc - ok
18:07:29.0347 0x27ac  [ 24C40570BAFEA48E9CB2B87008DCA152, 2D7CCBE5C354667BFBA0B6D6B8F34201AD2992273FB98767C9AD3C72D890A628 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
18:07:29.0378 0x27ac  DXGKrnl - ok
18:07:29.0394 0x27ac  [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
18:07:29.0409 0x27ac  Eaphost - ok
18:07:29.0456 0x27ac  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
18:07:29.0534 0x27ac  ebdrv - ok
18:07:29.0550 0x27ac  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS             C:\WINDOWS\System32\lsass.exe
18:07:29.0566 0x27ac  EFS - ok
18:07:29.0566 0x27ac  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
18:07:29.0581 0x27ac  EhStorClass - ok
18:07:29.0581 0x27ac  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
18:07:29.0597 0x27ac  EhStorTcgDrv - ok
18:07:29.0597 0x27ac  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
18:07:29.0612 0x27ac  ErrDev - ok
18:07:29.0628 0x27ac  [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem     C:\WINDOWS\system32\es.dll
18:07:29.0644 0x27ac  EventSystem - ok
18:07:29.0659 0x27ac  [ 21FFB87A70019E9B39C5A8469695ACBA, B41BEDB737CFD33707181DA0B69FC47C01C897AF8B42211A46B54A9FDB2B9004 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
18:07:29.0675 0x27ac  EvtEng - ok
18:07:29.0691 0x27ac  [ 0BF32186C3EC11315C33CC29EA8DD86C, 82B43762A5BC9C0AB7B5D1F96DC47B34700924B598070A7CCB30C92EB5EE1599 ] ew_usbccgpfilter C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys
18:07:29.0691 0x27ac  ew_usbccgpfilter - ok
18:07:29.0706 0x27ac  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
18:07:29.0722 0x27ac  exfat - ok
18:07:29.0722 0x27ac  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
18:07:29.0737 0x27ac  fastfat - ok
18:07:29.0753 0x27ac  [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax             C:\WINDOWS\system32\fxssvc.exe
18:07:29.0784 0x27ac  Fax - ok
18:07:29.0784 0x27ac  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
18:07:29.0784 0x27ac  fdc - ok
18:07:29.0800 0x27ac  [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
18:07:29.0800 0x27ac  fdPHost - ok
18:07:29.0816 0x27ac  [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
18:07:29.0816 0x27ac  FDResPub - ok
18:07:29.0831 0x27ac  [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
18:07:29.0847 0x27ac  fhsvc - ok
18:07:29.0847 0x27ac  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
18:07:29.0847 0x27ac  FileInfo - ok
18:07:29.0862 0x27ac  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
18:07:29.0878 0x27ac  Filetrace - ok
18:07:29.0878 0x27ac  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
18:07:29.0894 0x27ac  flpydisk - ok
18:07:29.0894 0x27ac  [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
18:07:29.0909 0x27ac  FltMgr - ok
18:07:29.0941 0x27ac  [ 223CD19D2F84B7B42081F4FB530B658F, 4A9D1A6688C3C8F0B866B0FE2715C9FBA62BE66D4ADCC327A8CABF9EA876A664 ] FontCache       C:\WINDOWS\system32\FntCache.dll
18:07:29.0972 0x27ac  FontCache - ok
18:07:29.0987 0x27ac  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:07:29.0987 0x27ac  FontCache3.0.0.0 - ok
18:07:30.0003 0x27ac  [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
18:07:30.0003 0x27ac  FsDepends - ok
18:07:30.0003 0x27ac  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
18:07:30.0019 0x27ac  Fs_Rec - ok
18:07:30.0034 0x27ac  [ D4AB6EE3D715BC44C00277FD934FAACF, DE8A8B14D7BA73BA1B5A833DE193CA65EDFE512A57D84F4F2CE19D9646D97F4E ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
18:07:30.0050 0x27ac  fvevol - ok
18:07:30.0066 0x27ac  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\WINDOWS\System32\drivers\fxppm.sys
18:07:30.0066 0x27ac  FxPPM - ok
18:07:30.0081 0x27ac  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
18:07:30.0081 0x27ac  gagp30kx - ok
18:07:30.0081 0x27ac  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
18:07:30.0097 0x27ac  GEARAspiWDM - ok
18:07:30.0097 0x27ac  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
18:07:30.0112 0x27ac  gencounter - ok
18:07:30.0112 0x27ac  [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
18:07:30.0128 0x27ac  GPIOClx0101 - ok
18:07:30.0159 0x27ac  [ 2DAFF4F76A90E3C523C2FE50338537E9, 625745E538208B50E8F5A9A2C09C6CD03D51E424BB16BC6C5B156CBC25373B6D ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
18:07:30.0191 0x27ac  gpsvc - ok
18:07:30.0191 0x27ac  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
18:07:30.0206 0x27ac  HDAudBus - ok
18:07:30.0206 0x27ac  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
18:07:30.0222 0x27ac  HidBatt - ok
18:07:30.0222 0x27ac  [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
18:07:30.0237 0x27ac  HidBth - ok
18:07:30.0237 0x27ac  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
18:07:30.0253 0x27ac  hidi2c - ok
18:07:30.0253 0x27ac  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
18:07:30.0269 0x27ac  HidIr - ok
18:07:30.0269 0x27ac  [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv         C:\WINDOWS\system32\hidserv.dll
18:07:30.0284 0x27ac  hidserv - ok
18:07:30.0284 0x27ac  [ 49676FEC898AB2A11B157F848269A56E, 011E6DDEF9570212520F92FEFD205E1F8104F198B57C40D11BE857FCBCC5F68D ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
18:07:30.0300 0x27ac  HidUsb - ok
18:07:30.0300 0x27ac  [ 0BC61E0F614A6E69654A23084A8D24B7, B532665B7AC45CB7C324F5BE8999088291FEB5D768A234E13C96022E14E7888F ] HipShieldK      C:\WINDOWS\system32\drivers\HipShieldK.sys
18:07:30.0316 0x27ac  HipShieldK - ok
18:07:30.0316 0x27ac  [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc          C:\WINDOWS\system32\kmsvc.dll
18:07:30.0331 0x27ac  hkmsvc - ok
18:07:30.0347 0x27ac  [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
18:07:30.0362 0x27ac  HomeGroupListener - ok
18:07:30.0378 0x27ac  [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
18:07:30.0394 0x27ac  HomeGroupProvider - ok
18:07:30.0409 0x27ac  [ A52ACBECFE7BE36E377A203B969705AE, F42FB19123C5EF404267A911305E3A86411BD22E78944FAF2F189382E364CDF2 ] HomeNetSvc      C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
18:07:30.0425 0x27ac  HomeNetSvc - ok
18:07:30.0441 0x27ac  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
18:07:30.0441 0x27ac  HpSAMD - ok
18:07:30.0456 0x27ac  [ 61C5D4EF4BE4EA271B90135490C67447, E44027338E1DF863372ECF6EFF02C881F938C7D7751C8810AABDF1E13E33DDC5 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
18:07:30.0487 0x27ac  HTTP - ok
18:07:30.0503 0x27ac  [ E548929868BDFD3FC13B46D99605B764, 737C8A1210442533735F10BD80AFBB3E890D0CC9068F2406CA5C577C7C58B97C ] HuaweiHiSuiteService64.exe C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
18:07:30.0519 0x27ac  HuaweiHiSuiteService64.exe - ok
18:07:30.0519 0x27ac  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
18:07:30.0534 0x27ac  hwpolicy - ok
18:07:30.0534 0x27ac  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
18:07:30.0550 0x27ac  hyperkbd - ok
18:07:30.0550 0x27ac  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
18:07:30.0550 0x27ac  HyperVideo - ok
18:07:30.0566 0x27ac  [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
18:07:30.0581 0x27ac  i8042prt - ok
18:07:30.0581 0x27ac  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
18:07:30.0597 0x27ac  iaLPSSi_GPIO - ok
18:07:30.0597 0x27ac  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
18:07:30.0597 0x27ac  iaLPSSi_I2C - ok
18:07:30.0612 0x27ac  [ 459016E8A4FA6426EDB5A9456A6E5E58, 92B73EE5559ABD8783EC5AF8A2B6EBDE0D937745B4BEDBEA6DF06DD8606AE56C ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
18:07:30.0644 0x27ac  iaStorA - ok
18:07:30.0659 0x27ac  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
18:07:30.0675 0x27ac  iaStorAV - ok
18:07:30.0675 0x27ac  [ 584068E03829BC5C63F54B05E6244E97, C075E8A4853C0DE09A9BF846338F9C8997FE7ACD604B4EC02AA89F0DAA1D985B ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
18:07:30.0675 0x27ac  IAStorDataMgrSvc - detected UnsignedFile.Multi.Generic ( 1 )
18:07:30.0675 0x27ac  IAStorDataMgrSvc ( UnsignedFile.Multi.Generic ) - warning
18:07:30.0691 0x27ac  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
18:07:30.0706 0x27ac  iaStorV - ok
18:07:30.0706 0x27ac  [ 43E864824FCEBEE7119E1572B2703EB9, 8D90899F2279947AFD887567C7F60DC3264D56231F5403A64D722B3E25103202 ] iBtFltCoex      C:\WINDOWS\system32\DRIVERS\iBtFltCoex.sys
18:07:30.0722 0x27ac  iBtFltCoex - ok
18:07:30.0769 0x27ac  [ ABEFA4BD23329FD9BD47496BF2E58774, 9689D4C6380735EE1CC7F480696CDDC229E0FA511942AC813314D353584D82DD ] IconMan_R       C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
18:07:30.0816 0x27ac  IconMan_R - detected UnsignedFile.Multi.Generic ( 1 )
18:07:30.0816 0x27ac  IconMan_R ( UnsignedFile.Multi.Generic ) - warning
18:07:30.0816 0x27ac  IEEtwCollectorService - ok
18:07:30.0894 0x27ac  [ C38AFE18A40ADF005647090DD3AC24F3, 302810C31B005DD4C9143233AB5B4F332C62AD866A7C7AB0E8F8F81AE1766B11 ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
18:07:30.0972 0x27ac  igfx - ok
18:07:30.0987 0x27ac  [ 7A510A9AFC7955DEE63F8DC243E31292, 13906F6212F4C116BE224F2A8AFFF089ACFED8F543E26FC6208FF38463366173 ] igfxCUIService1.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
18:07:30.0987 0x27ac  igfxCUIService1.0.0.0 - ok
18:07:31.0003 0x27ac  [ F2C300C2E56F016B485B88080CD7D2FE, 3C4904B3BA45C0DCCD6789E9C7FC1191BCA3C6B498CDE5D77CA06359FBBDD5E7 ] ikbevent        C:\WINDOWS\system32\DRIVERS\ikbevent.sys
18:07:31.0003 0x27ac  ikbevent - ok
18:07:31.0034 0x27ac  [ 5697FD05EC6915A1E7193D658D8D6E05, 0179C3AF29880AA21F609CB471034EA5FA49324ACCE12736866675C037EBEC7A ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
18:07:31.0066 0x27ac  IKEEXT - ok
18:07:31.0066 0x27ac  [ C1A5061D6E5C328AE030C34B8AAC5C5C, 39E44C62A05F81A8B357BE0816E1D629F2A57CB3FA23D7776244423CECE3F09D ] imsevent        C:\WINDOWS\system32\DRIVERS\imsevent.sys
18:07:31.0066 0x27ac  imsevent - ok
18:07:31.0081 0x27ac  [ FC7C456AF9B9811499EDBD10616832EE, CA2D8B0E672D3AE449C2FF0B9E142D74E8C72FD877D11162A9F7CC51AF58220F ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
18:07:31.0081 0x27ac  intaud_WaveExtensible - ok
18:07:31.0097 0x27ac  [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
18:07:31.0112 0x27ac  IntcDAud - ok
18:07:31.0128 0x27ac  [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
18:07:31.0144 0x27ac  Intel(R) Capability Licensing Service Interface - ok
18:07:31.0144 0x27ac  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
18:07:31.0159 0x27ac  intelide - ok
18:07:31.0159 0x27ac  [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
18:07:31.0175 0x27ac  intelpep - ok
18:07:31.0175 0x27ac  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
18:07:31.0191 0x27ac  intelppm - ok
18:07:31.0191 0x27ac  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
18:07:31.0206 0x27ac  IpFilterDriver - ok
18:07:31.0222 0x27ac  [ B452623C1DE60544054E784D94A7AA47, 57AECDEE0AB2B80DFFE11E43608988D46E9169288CB56D644DDE2CAFED6AFD40 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
18:07:31.0253 0x27ac  iphlpsvc - ok
18:07:31.0253 0x27ac  [ C800DCD904016B2BF6AB541083770A3A, 95A8FB9AB2818A4F44AFCBF2715B0B3024DCE38E1406EA639F2A5ECA105D2290 ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
18:07:31.0269 0x27ac  IPMIDRV - ok
18:07:31.0269 0x27ac  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
18:07:31.0285 0x27ac  IPNAT - ok
18:07:31.0300 0x27ac  [ E61BB95A7CB49696D25A0C4EBD108156, 65D95A0DBC408AD18D5E344A5E875551E6CC044038DE438E4EA1102A234FC529 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
18:07:31.0316 0x27ac  iPod Service - ok
18:07:31.0331 0x27ac  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
18:07:31.0331 0x27ac  IRENUM - ok
18:07:31.0347 0x27ac  [ 4D9B9A794F22415B8C3E0CCFBE61BC7A, 4CF01BC95F0AD7DC42AF8A0FCE032DF00610524A98CF52F531E9DE93137E7B87 ] irstrtdv        C:\WINDOWS\System32\drivers\irstrtdv.sys
18:07:31.0347 0x27ac  irstrtdv - ok
18:07:31.0378 0x27ac  [ E145E934392E7A49FDC6775AC3A347F8, 8E5DBC8C34FB3B68851489E0860BA3ACE6CDF46BB5E2AEFD1DEF6E895566068B ] irstrtsv        C:\Windows\SysWOW64\irstrtsv.exe
18:07:31.0394 0x27ac  irstrtsv - ok
18:07:31.0394 0x27ac  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
18:07:31.0410 0x27ac  isapnp - ok
18:07:31.0410 0x27ac  [ 744DE92A339763C15C6B988C27439633, B566E04BB3C7BBE736158DFA19A6361ABD7E43ABC5F690CFDA6AD50405C17A94 ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
18:07:31.0425 0x27ac  iScsiPrt - ok
18:07:31.0425 0x27ac  [ 5AB18D8055A4280C0F377A6262F3157E, 091366AE17601407E2A882BFF7901F1970C1111DA935B913BEAA2AFA76D4EEA2 ] ISCT            C:\WINDOWS\System32\drivers\ISCTD64.sys
18:07:31.0441 0x27ac  ISCT - ok
18:07:31.0441 0x27ac  [ 4A5810FD46E6CB2C6E689BAB9AAB11D7, ED65754435E278DD606CACABDBB3AEEE69582C24C20AC10541234EFDDE7200D1 ] ISCTAgent       c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
18:07:31.0456 0x27ac  ISCTAgent - ok
18:07:31.0456 0x27ac  [ A90C843F4FDD7A07129BA73C6BE13976, A76DEA9F09E3B2F18D3B646A0DD39E2773EC62E2F3C55421BA61C12190D78C1C ] iwdbus          C:\WINDOWS\System32\drivers\iwdbus.sys
18:07:31.0472 0x27ac  iwdbus - ok
18:07:31.0472 0x27ac  [ 78ABBE558F57144047F10A0F50FE4B2F, 6BE608F7697D83FD6C7E6EA422AC5637933BDC96B1044C12DE9A419CE7D6F6CE ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
18:07:31.0488 0x27ac  jhi_service - ok
18:07:31.0488 0x27ac  [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
18:07:31.0503 0x27ac  kbdclass - ok
18:07:31.0503 0x27ac  [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
18:07:31.0519 0x27ac  kbdhid - ok
18:07:31.0519 0x27ac  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\WINDOWS\system32\DRIVERS\kdnic.sys
18:07:31.0535 0x27ac  kdnic - ok
18:07:31.0535 0x27ac  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso          C:\WINDOWS\system32\lsass.exe
18:07:31.0550 0x27ac  KeyIso - ok
18:07:31.0550 0x27ac  [ 304DA394D958BC3B62AF6DF514005B01, 8D17777C82F034E800181E82D30FCED800CBC46CD659AE2E0D972CA1381BD4C2 ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
18:07:31.0566 0x27ac  KSecDD - ok
18:07:31.0566 0x27ac  [ 3D4AE520CD6F6FFE549DD195C1F515BE, 2AD3E07F504CE50956C391FD4633D20B354A854C940B3563A67B79BB6E40218F ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
18:07:31.0581 0x27ac  KSecPkg - ok
18:07:31.0581 0x27ac  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
18:07:31.0597 0x27ac  ksthunk - ok
18:07:31.0613 0x27ac  [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
18:07:31.0628 0x27ac  KtmRm - ok
18:07:31.0628 0x27ac  [ 4E5EA006CFFB96E0BAFC767D659AAB9A, A24A334955FB98D0903971454FADAC639D535BD32BB48964BD95019C7F6C454E ] L1C             C:\WINDOWS\system32\DRIVERS\L1C63x64.sys
18:07:31.0644 0x27ac  L1C - ok
18:07:31.0644 0x27ac  [ A64BE9AD14BBFE9C8F540F8E9286CFC9, 60A616BFBB9A1B81CD7947A0142058825D66230BBF15EF4699FBEDF4D2D003F8 ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
18:07:31.0660 0x27ac  LanmanServer - ok
18:07:31.0675 0x27ac  [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
18:07:31.0691 0x27ac  LanmanWorkstation - ok
18:07:31.0753 0x27ac  [ 30CCAF72DE72B4C467DE29CE4723E337, A8E9DFC3ED7F21439B1B4B0EF2F9E17899AE6C6ABC4E13BDEAB68D773F21824B ] LavasoftTcpService C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe
18:07:31.0800 0x27ac  LavasoftTcpService - ok
18:07:31.0816 0x27ac  [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc           C:\WINDOWS\System32\GeofenceMonitorService.dll
18:07:31.0847 0x27ac  lfsvc - ok
18:07:31.0847 0x27ac  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\WINDOWS\system32\DRIVERS\lltdio.sys
18:07:31.0863 0x27ac  lltdio - ok
18:07:31.0863 0x27ac  [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
18:07:31.0878 0x27ac  lltdsvc - ok
18:07:31.0878 0x27ac  [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
18:07:31.0894 0x27ac  lmhosts - ok
18:07:31.0910 0x27ac  [ 2C24DC448DBE8DB9BE1441B824C57E79, DA2257EEC964A47D03C2BB13317FD788E51D4685E2395B303ED7B2575FEF3B19 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
18:07:31.0910 0x27ac  LMS - ok
18:07:31.0925 0x27ac  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
18:07:31.0941 0x27ac  LSI_SAS - ok
18:07:31.0941 0x27ac  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\WINDOWS\system32\drivers\lsi_sas2.sys
18:07:31.0956 0x27ac  LSI_SAS2 - ok
18:07:31.0956 0x27ac  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\WINDOWS\system32\drivers\lsi_sas3.sys
18:07:31.0972 0x27ac  LSI_SAS3 - ok
18:07:31.0972 0x27ac  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
18:07:31.0988 0x27ac  LSI_SSS - ok
18:07:32.0003 0x27ac  [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM             C:\WINDOWS\System32\lsm.dll
18:07:32.0019 0x27ac  LSM - ok
18:07:32.0035 0x27ac  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
18:07:32.0035 0x27ac  luafv - ok
18:07:32.0050 0x27ac  [ F9808F9763FBC7AA830B1F54C0CA1C25, C9141EF15EE6DD28829DE4BF692EE8C293B969117D681A581E2B17F4DFBFEDAD ] MBAMFarflt      C:\WINDOWS\system32\drivers\farflt.sys
18:07:32.0050 0x27ac  MBAMFarflt - ok
18:07:32.0144 0x27ac  [ 804E3246E3E73D4A936F2F4BCDC53A2D, BF1F9B4AC292238FA6EE541E325B220F311977F9D87D5BC7F90AD058FBF0B35A ] MBAMService     C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
18:07:32.0222 0x27ac  MBAMService - ok
18:07:32.0238 0x27ac  [ 53283EB9998AC9350E14C35A880989DB, 11DD963C67DB7584742810C54BEC4871584413A1BAA8209F79AC923006DE45BB ] MBAMSwissArmy   C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
18:07:32.0238 0x27ac  MBAMSwissArmy - ok
18:07:32.0253 0x27ac  [ 67D4521C3411E24A98B5BA0058EEC96A, EC590DBCC4D822AB47555C0AC156B0485808B4197D58C623A6C45B62C38A61E0 ] MBAMWebProtection C:\WINDOWS\system32\drivers\mwac.sys
18:07:32.0253 0x27ac  MBAMWebProtection - ok
18:07:32.0269 0x27ac  [ 8906928F982462555F458377060674CC, 51C5C43C012F51B8C52D62B6F0D8CF30A78B2B59381C52EAB52AAC7F47F455A2 ] McAfee SiteAdvisor Service C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
18:07:32.0269 0x27ac  McAfee SiteAdvisor Service - ok
18:07:32.0300 0x27ac  [ 8D9A3FE17826A78F8B7A2BFF3A2283F8, 7A61BCB81FB04278F22A7AF74AA2F985C91E3351F3D4EC6AF22CEE441FCC81AD ] McAPExe         C:\Program Files\Common Files\McAfee\VSCore_15_6\McApExe.exe
18:07:32.0331 0x27ac  McAPExe - ok
18:07:32.0331 0x27ac  [ 1E3AF124A3405EEE594BB9FFD4640F48, 7916D86433A6A305CC9699A8901795E74A22C99A2C6B091BAC951E30F7510FF7 ] McAWFwk         C:\Program Files\mcafee\msc\McAWFwk.exe
18:07:32.0347 0x27ac  McAWFwk - ok
18:07:32.0363 0x27ac  [ A52ACBECFE7BE36E377A203B969705AE, F42FB19123C5EF404267A911305E3A86411BD22E78944FAF2F189382E364CDF2 ] McBootDelayStartSvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
18:07:32.0394 0x27ac  McBootDelayStartSvc - ok
18:07:32.0425 0x27ac  [ 859EE4B50C89ACD15F32F9F435CB78F3, 2579B4DD3065C7FF42E937CA9FF8E69883AD9EEC25588951E2AA337AE16F1830 ] mccspsvc        C:\Program Files\Common Files\McAfee\CSP\2.5.312.0\\McCSPServiceHost.exe
18:07:32.0488 0x27ac  mccspsvc - ok
18:07:32.0503 0x27ac  [ A52ACBECFE7BE36E377A203B969705AE, F42FB19123C5EF404267A911305E3A86411BD22E78944FAF2F189382E364CDF2 ] McMPFSvc        C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
18:07:32.0519 0x27ac  McMPFSvc - ok
18:07:32.0535 0x27ac  [ F928E5E72BBA15DD0CE9A26E0413D236, D63EFA1408084F524464729C2F3BE16550E07ACE2BF8A00699A8438079AD381B ] McOobeSv        C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
18:07:32.0535 0x27ac  McOobeSv - ok
18:07:32.0550 0x27ac  [ A52ACBECFE7BE36E377A203B969705AE, F42FB19123C5EF404267A911305E3A86411BD22E78944FAF2F189382E364CDF2 ] mcpltsvc        C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
18:07:32.0566 0x27ac  mcpltsvc - ok
18:07:32.0581 0x27ac  [ A52ACBECFE7BE36E377A203B969705AE, F42FB19123C5EF404267A911305E3A86411BD22E78944FAF2F189382E364CDF2 ] McProxy         C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
18:07:32.0613 0x27ac  McProxy - ok
18:07:32.0613 0x27ac  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
18:07:32.0628 0x27ac  megasas - ok
18:07:32.0644 0x27ac  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
18:07:32.0660 0x27ac  megasr - ok
18:07:32.0660 0x27ac  [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64          C:\WINDOWS\System32\drivers\HECIx64.sys
18:07:32.0675 0x27ac  MEIx64 - ok
18:07:32.0691 0x27ac  [ 0CE0C8EDB5CCB418E59ADA42414C5D8E, 90CE5E142139576B0C9696BF04EDD6AA598C0F238F6EB96A4B514543846A917A ] mfeaack         C:\WINDOWS\system32\drivers\mfeaack.sys
18:07:32.0706 0x27ac  mfeaack - ok
18:07:32.0706 0x27ac  [ 9BDCE025A5742B49AE6C3E42D96CAB5E, BB550EADCBF001D57ADB79DB44CFC214A32ABC3AF7ED58B414305FDF15D8F891 ] mfeavfk         C:\WINDOWS\system32\drivers\mfeavfk.sys
18:07:32.0722 0x27ac  mfeavfk - ok
18:07:32.0722 0x27ac  mfeavfk01 - ok
18:07:32.0738 0x27ac  [ 0526949EBB121F0772F39BFC595E3A6A, 1E18D4C311D02BBCCB15CDFF130DE07CB121AB10619F9C362B8F572C03A3D5E3 ] mfeelamk        C:\WINDOWS\system32\drivers\mfeelamk.sys
18:07:32.0738 0x27ac  mfeelamk - ok
18:07:32.0753 0x27ac  [ 4D44DAA45FD4A79E474BD824165567DC, 5CF1AB616741AA785FECABC208A52253B09387E37F36C46010404211D81E31AA ] mfefire         C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
18:07:32.0769 0x27ac  mfefire - ok
18:07:32.0769 0x27ac  [ 8CC68836AE8E1FC75355C41A43AEF650, 2DE9C74F4E80BBC961E563F6EC7C67F21D9150536C30AE4C47EE5DBF5707CE07 ] mfefirek        C:\WINDOWS\system32\drivers\mfefirek.sys
18:07:32.0800 0x27ac  mfefirek - ok
18:07:32.0816 0x27ac  [ 758B8B853FAD319F0C554A336D0F1F88, E8C6C0EF064ED1B56CF54C9F0CBD48A551B5DBCC4A85ED23DFA78C83BE9E3BA8 ] mfehidk         C:\WINDOWS\system32\drivers\mfehidk.sys
18:07:32.0831 0x27ac  mfehidk - ok
18:07:32.0847 0x27ac  [ 3DB8E7BF041ADD3ACDE04D3EA84B4CAA, 9CC388525C141E00B3EAB47E73263C71A1DAD990949E5ED19B6EEB9AD46EA664 ] mfemms          C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe
18:07:32.0863 0x27ac  mfemms - ok
18:07:32.0878 0x27ac  [ D178E04CB2B5D9BC4D46C087F7BAC7EE, 0591503155F3A61B57129779C4A0EBB0726B09E6FB975C2C674FD92B740F6AD8 ] mfencbdc        C:\WINDOWS\system32\DRIVERS\mfencbdc.sys
18:07:32.0894 0x27ac  mfencbdc - ok
18:07:32.0894 0x27ac  [ 7F01895D5C91CEB4D3CA952F3B752EC9, 24ED860345826218CE22ABF055821AA7F5E37DC9364C6478F71A60FDDE74050D ] mfencrk         C:\WINDOWS\system32\DRIVERS\mfencrk.sys
18:07:32.0910 0x27ac  mfencrk - ok
18:07:32.0910 0x27ac  [ 6B6BBD8708AF188F3C96B2DB4A527D72, 509CB1832FA4F4A973507CA0DAD86520743C786DC8C2F5B322E789A34E806D07 ] mfeplk          C:\WINDOWS\system32\drivers\mfeplk.sys
18:07:32.0925 0x27ac  mfeplk - ok
18:07:32.0925 0x27ac  [ DA49A90A69B3284FD11B6F02D0209A99, 759380964E6450FF21FB9A2BD23BA0394B005EC332E714D40D47262FCDC6CFE9 ] mfesapsn        C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys
18:07:32.0941 0x27ac  mfesapsn - ok
18:07:32.0941 0x27ac  [ 31E7520068D87A40E7E5BA247A961A1E, D362471E0F320F887B5D1FF5F6862DA39DD5CF643B4F76CB4854DCEEC2A53ACB ] mfevtp          C:\Windows\system32\mfevtps.exe
18:07:32.0957 0x27ac  mfevtp - ok
18:07:32.0972 0x27ac  [ 75621FB6CEA5BB99D83162E42E19452B, F82D02CDED1D5D6AE2EB12E5A4C2E4335924A4CAD69DF8CE04E4D1CE9A195710 ] mfewfpk         C:\WINDOWS\system32\drivers\mfewfpk.sys
18:07:32.0972 0x27ac  mfewfpk - ok
18:07:32.0988 0x27ac  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS           C:\WINDOWS\system32\mmcss.dll
18:07:32.0988 0x27ac  MMCSS - ok
18:07:33.0003 0x27ac  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\WINDOWS\system32\drivers\modem.sys
18:07:33.0003 0x27ac  Modem - ok
18:07:33.0035 0x27ac  [ C6218FCA6A7B9F3ED5B22476DD5F6544, F33B376266035D5AD4D5C216906AEDCB16535A6A1998FD1E0F47AA53880AA7B0 ] ModuleCoreService C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
18:07:33.0082 0x27ac  ModuleCoreService - ok
18:07:33.0082 0x27ac  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
18:07:33.0097 0x27ac  monitor - ok
18:07:33.0097 0x27ac  [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
18:07:33.0113 0x27ac  mouclass - ok
18:07:33.0113 0x27ac  [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
18:07:33.0128 0x27ac  mouhid - ok
18:07:33.0128 0x27ac  [ E5E8665272EBCD87A0A632314F0D221D, 37FDC4CEB8E5FC39C10DE875676863D090CFEA708AC3A8415114DCDD94BD7A1D ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
18:07:33.0144 0x27ac  mountmgr - ok
18:07:33.0144 0x27ac  [ 86C9215967686BB8A6AEE8008D914BF8, 907A156AADC880F06EB7BBBC0C57EC14A205CEE43A2AD509F6BD4040CA4F327D ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:07:33.0160 0x27ac  MozillaMaintenance - ok
18:07:33.0160 0x27ac  [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
18:07:33.0175 0x27ac  mpsdrv - ok
18:07:33.0191 0x27ac  [ D1418745A5472F3930A288E05B9E2C05, 95785F0FA7EE239459C0288DB37E9E54648029FD6FE45A61E6343526D67FFA32 ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
18:07:33.0222 0x27ac  MpsSvc - ok
18:07:33.0222 0x27ac  [ 3F818C1518DA702C8F10259095C9BDE0, B98C1A6F9A3C01A10503B2B2C45CC89AFF17B346B15990F4DB4820F68BDC62C8 ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
18:07:33.0238 0x27ac  MRxDAV - ok
18:07:33.0253 0x27ac  [ E2FC654EC895E92A022794329BFC53EC, BDEFF410B8A1D213B652A86DBF53774A3EBD58C32CCB9180712F9F3777307688 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
18:07:33.0269 0x27ac  mrxsmb - ok
18:07:33.0269 0x27ac  [ B213149BE26DD213C44AD61DB19C1251, E28886C1E78E54BBA74DD9779BB18B20D9CB8DF1CCD387FE415F1748719EE5F6 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
18:07:33.0285 0x27ac  mrxsmb10 - ok
18:07:33.0300 0x27ac  [ B37B58F9F80A51098C42663D5FA5F2BA, 996E2D8344F0095C136D1670D63A476E6B6F6BBA9DD773EEE5F0FD580562B000 ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
18:07:33.0316 0x27ac  mrxsmb20 - ok
18:07:33.0316 0x27ac  [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge        C:\WINDOWS\system32\DRIVERS\bridge.sys
18:07:33.0332 0x27ac  MsBridge - ok
18:07:33.0332 0x27ac  [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
18:07:33.0347 0x27ac  MSDTC - ok
18:07:33.0363 0x27ac  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
18:07:33.0363 0x27ac  Msfs - ok
18:07:33.0379 0x27ac  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
18:07:33.0379 0x27ac  msgpiowin32 - ok
18:07:33.0379 0x27ac  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
18:07:33.0394 0x27ac  mshidkmdf - ok
18:07:33.0394 0x27ac  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
18:07:33.0410 0x27ac  mshidumdf - ok
18:07:33.0410 0x27ac  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
18:07:33.0425 0x27ac  msisadrv - ok
18:07:33.0425 0x27ac  [ A06142B3850B06972F1C89748FAA2C02, B1CCC5C8D100FEB384FCC85FED2A77F47DA4C9BA5F6889A130F4D73E30ACAA78 ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
18:07:33.0441 0x27ac  MSiSCSI - ok
18:07:33.0441 0x27ac  msiserver - ok
18:07:33.0457 0x27ac  [ A52ACBECFE7BE36E377A203B969705AE, F42FB19123C5EF404267A911305E3A86411BD22E78944FAF2F189382E364CDF2 ] MSK80Service    C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
18:07:33.0472 0x27ac  MSK80Service - ok
18:07:33.0488 0x27ac  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
18:07:33.0488 0x27ac  MSKSSRV - ok
18:07:33.0504 0x27ac  [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp          C:\WINDOWS\system32\DRIVERS\mslldp.sys
18:07:33.0504 0x27ac  MsLldp - ok
18:07:33.0519 0x27ac  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
18:07:33.0519 0x27ac  MSPCLOCK - ok
18:07:33.0519 0x27ac  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
18:07:33.0535 0x27ac  MSPQM - ok
18:07:33.0550 0x27ac  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
18:07:33.0566 0x27ac  MsRPC - ok
18:07:33.0566 0x27ac  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
18:07:33.0582 0x27ac  mssmbios - ok
18:07:33.0582 0x27ac  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
18:07:33.0597 0x27ac  MSTEE - ok
18:07:33.0597 0x27ac  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
18:07:33.0613 0x27ac  MTConfig - ok
18:07:33.0613 0x27ac  [ 438EA7A2D8D4F9B8AFB64748ACA70BA8, AEEB7B657B645C4006C6D5E8D07ECE581DEE7AD22EA1A587C552574990CF091B ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
18:07:33.0629 0x27ac  Mup - ok
18:07:33.0629 0x27ac  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
18:07:33.0644 0x27ac  mvumis - ok
18:07:33.0644 0x27ac  [ 53EE034F83E9A7A8E421572E385F67CD, 29F718B95B9D6CBDA49D5DE14FEC46DA64D7977131D585C975B3D703559D0988 ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
18:07:33.0660 0x27ac  MyWiFiDHCPDNS - ok
18:07:33.0675 0x27ac  [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent        C:\WINDOWS\system32\qagentRT.dll
18:07:33.0691 0x27ac  napagent - ok
18:07:33.0707 0x27ac  [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
18:07:33.0722 0x27ac  NativeWifiP - ok
18:07:33.0722 0x27ac  [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
18:07:33.0738 0x27ac  NcaSvc - ok
18:07:33.0754 0x27ac  [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService      C:\WINDOWS\System32\ncbservice.dll
18:07:33.0769 0x27ac  NcbService - ok
18:07:33.0769 0x27ac  [ 0813B71EAF097208DC76CE0605B48AF0, A93A2E6A8FB77B58AC4D580E6F8BF307A25BADC9493994F9BE235EBFB0E1DB22 ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
18:07:33.0785 0x27ac  NcdAutoSetup - ok
18:07:33.0800 0x27ac  [ FFAA6C6E798FBA448FA7628A1B277F5C, 9E1F2C848A019CE6397F652A21AE43B76149EF95452BB8353249BD9E28D98083 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
18:07:33.0832 0x27ac  NDIS - ok

gapkathl · 26.07.2017, 17:53

TDSSKiller - Teil 3

Code:

ATTFilter

18:07:33.0847 0x27ac  [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap         C:\WINDOWS\system32\DRIVERS\ndiscap.sys
18:07:33.0847 0x27ac  NdisCap - ok
18:07:33.0863 0x27ac  [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform  C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
18:07:33.0863 0x27ac  NdisImPlatform - ok
18:07:33.0879 0x27ac  [ 82821F4EEC776B4CF11695A38F3ABA46, 23184F9D31E662855DC4D23EFE7C2FE00E5487D3762B6024704A5D8C87762E1C ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
18:07:33.0879 0x27ac  NdisTapi - ok
18:07:33.0894 0x27ac  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
18:07:33.0894 0x27ac  Ndisuio - ok
18:07:33.0894 0x27ac  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
18:07:33.0910 0x27ac  NdisVirtualBus - ok
18:07:33.0925 0x27ac  [ C3755FCF9A0B5C6FE8ED9E873B85D3CE, 4D3DAFAFA5FB2930522D6DA536E3A731BABE0C24613C190D2330DB415D1A6515 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:07:33.0941 0x27ac  NdisWan - ok
18:07:33.0941 0x27ac  [ C3755FCF9A0B5C6FE8ED9E873B85D3CE, 4D3DAFAFA5FB2930522D6DA536E3A731BABE0C24613C190D2330DB415D1A6515 ] NdisWanLegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:07:33.0957 0x27ac  NdisWanLegacy - ok
18:07:33.0957 0x27ac  [ DDD7F92A83F74D1476B71FBA9530A8DC, D3F94FC9F48854E09B0B77CE5E1C1DB948D54EAC63C5583437051BB893B5A386 ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
18:07:33.0972 0x27ac  NDProxy - ok
18:07:33.0972 0x27ac  [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
18:07:33.0988 0x27ac  Ndu - ok
18:07:33.0988 0x27ac  [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
18:07:34.0004 0x27ac  NetBIOS - ok
18:07:34.0004 0x27ac  [ 9DC17B7D9D84C37C102D379FCC7D4942, D522022ED4395686837E96F57EE29F8065FB749D1195B60D2A406FB33F696C09 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
18:07:34.0035 0x27ac  NetBT - ok
18:07:34.0035 0x27ac  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon        C:\WINDOWS\system32\lsass.exe
18:07:34.0050 0x27ac  Netlogon - ok
18:07:34.0050 0x27ac  [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman          C:\WINDOWS\System32\netman.dll
18:07:34.0066 0x27ac  Netman - ok
18:07:34.0082 0x27ac  [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
18:07:34.0097 0x27ac  netprofm - ok
18:07:34.0113 0x27ac  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:07:34.0129 0x27ac  NetTcpPortSharing - ok
18:07:34.0129 0x27ac  [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc          C:\WINDOWS\System32\drivers\netvsc63.sys
18:07:34.0144 0x27ac  netvsc - ok
18:07:34.0207 0x27ac  [ 75B9B86878CC159FBC40C4F9202ADBE3, 80D9176112BAFB42E6568E723781E5C03BD5472AB382496C1BD784DB9B2FB6E6 ] NETwNe64        C:\WINDOWS\system32\DRIVERS\Netwew00.sys
18:07:34.0269 0x27ac  NETwNe64 - ok
18:07:34.0285 0x27ac  [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
18:07:34.0300 0x27ac  NlaSvc - ok
18:07:34.0316 0x27ac  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
18:07:34.0316 0x27ac  Npfs - ok
18:07:34.0332 0x27ac  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
18:07:34.0332 0x27ac  npsvctrig - ok
18:07:34.0332 0x27ac  [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi             C:\WINDOWS\system32\nsisvc.dll
18:07:34.0347 0x27ac  nsi - ok
18:07:34.0347 0x27ac  [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
18:07:34.0363 0x27ac  nsiproxy - ok
18:07:34.0410 0x27ac  [ 275CF7F20338B2B1F5264C665033073F, 2295D5120C4750CA10771471ECEE700215289F97B4C5AFE6FBC9A90C4DEB7F87 ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
18:07:34.0457 0x27ac  Ntfs - ok
18:07:34.0457 0x27ac  [ 96ACBF3DDC38A52FEE115F577F36568F, DB8CB01971208C8D7A306A5FEDA39A3802195123E6B801DFB905B0E1934D3C96 ] NuidFltr        C:\WINDOWS\System32\drivers\NuidFltr.sys
18:07:34.0472 0x27ac  NuidFltr - ok
18:07:34.0472 0x27ac  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\WINDOWS\system32\drivers\Null.sys
18:07:34.0488 0x27ac  Null - ok
18:07:34.0488 0x27ac  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
18:07:34.0504 0x27ac  nvraid - ok
18:07:34.0519 0x27ac  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
18:07:34.0519 0x27ac  nvstor - ok
18:07:34.0535 0x27ac  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
18:07:34.0535 0x27ac  nv_agp - ok
18:07:34.0550 0x27ac  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:07:34.0550 0x27ac  ose - ok
18:07:34.0644 0x27ac  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:07:34.0738 0x27ac  osppsvc - ok
18:07:34.0754 0x27ac  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
18:07:34.0769 0x27ac  p2pimsvc - ok
18:07:34.0785 0x27ac  [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
18:07:34.0816 0x27ac  p2psvc - ok
18:07:34.0816 0x27ac  [ 57DCE4FB0467986AE78E1C6FC5240D32, F7F3ADD1B48E4D6BB0A664A2FE556F71ED7453054B4FB667A29BE050C845045B ] Parport         C:\WINDOWS\System32\drivers\parport.sys
18:07:34.0832 0x27ac  Parport - ok
18:07:34.0832 0x27ac  [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
18:07:34.0847 0x27ac  partmgr - ok
18:07:34.0863 0x27ac  [ 0A2DF1055FEEA30DFF73DAC0DA45FDE4, 497B2AE591ABBCFA8FC571D9C1D750006212F2D2DDF12F5A9E7FFA811CD707A3 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
18:07:34.0879 0x27ac  PcaSvc - ok
18:07:34.0894 0x27ac  [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci             C:\WINDOWS\system32\drivers\pci.sys
18:07:34.0910 0x27ac  pci - ok
18:07:34.0910 0x27ac  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
18:07:34.0925 0x27ac  pciide - ok
18:07:34.0925 0x27ac  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
18:07:34.0941 0x27ac  pcmcia - ok
18:07:34.0941 0x27ac  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
18:07:34.0941 0x27ac  pcw - ok
18:07:34.0957 0x27ac  [ 6144634D5219A9EEF02024BE6B5871A4, 12A8AC2B844AB2BBB6BDAF0B6EBDF6A2AA0C05FBC7C3CDFB6E639E017A95FB9F ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
18:07:34.0957 0x27ac  pdc - ok
18:07:35.0004 0x27ac  [ 501015A7570DA3E2B159B6191B37B347, C202C053ED78E956C00EDB8F265CED53344BD90D3A614FBFF789B98B0C4D7A90 ] PDF Architect 3 C:\Program Files (x86)\PDF Architect 3\ws.exe
18:07:35.0050 0x27ac  PDF Architect 3 - ok
18:07:35.0082 0x27ac  [ 07DA9CEDFC7441AE061DFA7E2BD825F6, 35A8060EA0E2E34EBB1EB25F40BB72A6D3B83CBA8BD8CD4BF9E427A777D42D28 ] PDF Architect 3 CrashHandler C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe
18:07:35.0097 0x27ac  PDF Architect 3 CrashHandler - ok
18:07:35.0113 0x27ac  [ 1234BB5F8C7EC1E52F32A3EBF65F52EA, AEE529A96C6F21D27B3F5AEF6AADF42129C676584DEE550C8F42815D1C913B0C ] PDF Architect 3 Creator C:\Program Files (x86)\PDF Architect 3\creator-ws.exe
18:07:35.0144 0x27ac  PDF Architect 3 Creator - ok
18:07:35.0160 0x27ac  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
18:07:35.0175 0x27ac  PEAUTH - ok
18:07:35.0191 0x27ac  [ D377570EEF6D4209E33F0DA40F16406C, D0F3FB99E70856A119870F594F028D3C24431BDF92DCC488F2009FC4BDA2C65D ] PEFService      C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
18:07:35.0222 0x27ac  PEFService - ok
18:07:35.0254 0x27ac  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
18:07:35.0269 0x27ac  PerfHost - ok
18:07:35.0301 0x27ac  [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla             C:\WINDOWS\system32\pla.dll
18:07:35.0347 0x27ac  pla - ok
18:07:35.0347 0x27ac  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
18:07:35.0363 0x27ac  PlugPlay - ok
18:07:35.0379 0x27ac  [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
18:07:35.0379 0x27ac  PNRPAutoReg - ok
18:07:35.0394 0x27ac  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
18:07:35.0410 0x27ac  PNRPsvc - ok
18:07:35.0426 0x27ac  [ 0FF8507A8B901B904E98EB36B9E347EE, FE4A9A6159A8490F3155D166656748722EFDEDCDC447C09155A5AD6D9F5D294D ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
18:07:35.0441 0x27ac  PolicyAgent - ok
18:07:35.0441 0x27ac  [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power           C:\WINDOWS\system32\umpo.dll
18:07:35.0457 0x27ac  Power - ok
18:07:35.0519 0x27ac  [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
18:07:35.0582 0x27ac  PrintNotify - ok
18:07:35.0597 0x27ac  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\WINDOWS\System32\drivers\processr.sys
18:07:35.0597 0x27ac  Processor - ok
18:07:35.0613 0x27ac  [ 6E409D818C6B342544EAE741B1422B85, B4ADFB7809FC42C432C984C3AC13FAFD1B7AD53BCC7FB16E86371DE4C829DD1A ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
18:07:35.0629 0x27ac  ProfSvc - ok
18:07:35.0644 0x27ac  [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched          C:\WINDOWS\system32\DRIVERS\pacer.sys
18:07:35.0644 0x27ac  Psched - ok
18:07:35.0660 0x27ac  [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE           C:\WINDOWS\system32\qwave.dll
18:07:35.0676 0x27ac  QWAVE - ok
18:07:35.0676 0x27ac  [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
18:07:35.0691 0x27ac  QWAVEdrv - ok
18:07:35.0691 0x27ac  [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
18:07:35.0707 0x27ac  RasAcd - ok
18:07:35.0707 0x27ac  [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
18:07:35.0722 0x27ac  RasAuto - ok
18:07:35.0738 0x27ac  [ 15C0034561FE5B03FA376F1A6232478B, 0F9B5C2BD7D8803FF3C5ED957D3F0859F2A59B74510E4659FBF05EDCBF230208 ] RasMan          C:\WINDOWS\System32\rasmans.dll
18:07:35.0754 0x27ac  RasMan - ok
18:07:35.0769 0x27ac  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
18:07:35.0785 0x27ac  RasPppoe - ok
18:07:35.0785 0x27ac  [ D67ED4AB59D1EF66B05AD1A81AC28B26, 72E750A9A6B484D8BEDE52FA6DABEF4D95765DE491152E1F6C856D0590B50C28 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
18:07:35.0816 0x27ac  rdbss - ok
18:07:35.0816 0x27ac  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
18:07:35.0832 0x27ac  rdpbus - ok
18:07:35.0832 0x27ac  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
18:07:35.0847 0x27ac  RDPDR - ok
18:07:35.0847 0x27ac  [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
18:07:35.0863 0x27ac  RdpVideoMiniport - ok
18:07:35.0879 0x27ac  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
18:07:35.0879 0x27ac  rdyboost - ok
18:07:35.0910 0x27ac  [ 2D39BCFA4DD1081B8F282B623456B858, DD8C433B66B6661F4DBD1784CBD334441B508BE84932DD443F7AD51CEA192BA9 ] ReFS            C:\WINDOWS\system32\drivers\ReFS.sys
18:07:35.0941 0x27ac  ReFS - ok
18:07:35.0941 0x27ac  [ 1791B1C8C72E13D193ADE659E7DB87C1, F0C1EA05283BB89ACBE721D0CDBB30FD8F1E75D5545158D29D6EC11E41B145BA ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
18:07:35.0957 0x27ac  RegSrvc - ok
18:07:35.0957 0x27ac  [ DF78648AC3C8DC9D70E6714AF785382F, 56E104939ED0AB5B26AE07BAB1BBB7D15828DBD3A2AD35361423D7ADDA4BA551 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
18:07:35.0972 0x27ac  RemoteAccess - ok
18:07:35.0988 0x27ac  [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
18:07:35.0988 0x27ac  RemoteRegistry - ok
18:07:36.0004 0x27ac  [ DC66AE45816614D2999DCD3834DCCC4E, 1C26225135E851DDD1307F52401DD7055B26B3F3B8FDD693B21042C2896E235A ] RFCOMM          C:\WINDOWS\System32\drivers\rfcomm.sys
18:07:36.0019 0x27ac  RFCOMM - ok
18:07:36.0019 0x27ac  [ 41DDCF1ADD1FB7DE23DCF671740DDBE6, 87ECB5C883CEFF76D126A5B4D92E069C9298FA5B62CC981870F9ECCA13C074F1 ] RichVideo       C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
18:07:36.0035 0x27ac  RichVideo - ok
18:07:36.0035 0x27ac  [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
18:07:36.0051 0x27ac  RpcEptMapper - ok
18:07:36.0051 0x27ac  [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator      C:\WINDOWS\system32\locator.exe
18:07:36.0066 0x27ac  RpcLocator - ok
18:07:36.0082 0x27ac  [ 20CC6E9FE25ACD34BE4FCDDB7B08364D, 295B2BBDC860A4CD65CD09C975D08CA1B8E4FE60AD0CA084CAB149A3E9D64B40 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
18:07:36.0113 0x27ac  RpcSs - ok
18:07:36.0113 0x27ac  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\WINDOWS\system32\DRIVERS\rspndr.sys
18:07:36.0129 0x27ac  rspndr - ok
18:07:36.0144 0x27ac  [ 8EB6DCEB7473C232D8BC9A886E3183AC, D81B089443306AD9D89F59DBC5F9C2F5B6A86112B4AB59316B97EE7D8B97D2FA ] RSUSBVSTOR      C:\WINDOWS\System32\Drivers\RtsUVStor.sys
18:07:36.0160 0x27ac  RSUSBVSTOR - ok
18:07:36.0160 0x27ac  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
18:07:36.0176 0x27ac  s3cap - ok
18:07:36.0176 0x27ac  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs           C:\WINDOWS\system32\lsass.exe
18:07:36.0191 0x27ac  SamSs - ok
18:07:36.0191 0x27ac  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
18:07:36.0207 0x27ac  sbp2port - ok
18:07:36.0207 0x27ac  [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
18:07:36.0222 0x27ac  SCardSvr - ok
18:07:36.0222 0x27ac  [ 92D2FA1870F4EB4A9BA767DB6E0DEF6F, AB019E17D5F330CBB7F7CAF8CEB01F3F3DBBB181CDE19E4C2354AF51E66C8291 ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
18:07:36.0238 0x27ac  ScDeviceEnum - ok
18:07:36.0254 0x27ac  [ FA7ABD857DEB0FE3C94CC39A4C845E66, ACD551F75E00C4EB9CFDA73B04051D0BF5FF0BA67C716E1989A21683D8777A41 ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
18:07:36.0254 0x27ac  scfilter - ok
18:07:36.0285 0x27ac  [ 3151A020E03DDE31AAC49F35C5EFB4DB, 5ABB1103009979F86C862357E28F37C2744979F2C99F7CF6ABB4EB1B8416B3F6 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
18:07:36.0316 0x27ac  Schedule - ok
18:07:36.0332 0x27ac  [ ACFDC4EE40EC6E4A0AB91D923B8288C8, D31555AB31F504C247049219BE0ECDF26BB18E210BE7C45E8575FD166FD7EE23 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
18:07:36.0347 0x27ac  SCPolicySvc - ok
18:07:36.0347 0x27ac  [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
18:07:36.0363 0x27ac  sdbus - ok
18:07:36.0379 0x27ac  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
18:07:36.0379 0x27ac  sdstor - ok
18:07:36.0379 0x27ac  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\WINDOWS\system32\drivers\secdrv.sys
18:07:36.0394 0x27ac  secdrv - ok
18:07:36.0394 0x27ac  [ 6627154693B6C2B8A59727F5B38728E8, F08251EE3436400295F120D48F3763E6F11BBF4132D674AD3E8112B6B3538455 ] seclogon        C:\WINDOWS\system32\seclogon.dll
18:07:36.0410 0x27ac  seclogon - ok
18:07:36.0410 0x27ac  [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS            C:\WINDOWS\System32\sens.dll
18:07:36.0426 0x27ac  SENS - ok
18:07:36.0441 0x27ac  [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
18:07:36.0457 0x27ac  SensrSvc - ok
18:07:36.0457 0x27ac  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
18:07:36.0472 0x27ac  SerCx - ok
18:07:36.0472 0x27ac  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
18:07:36.0488 0x27ac  SerCx2 - ok
18:07:36.0488 0x27ac  [ 1F0135949A6AD6025F363F80FE268251, DB2D503863143F2251E589F7B0B3E9FBF997D7333D54C55856590B5080B5513D ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
18:07:36.0504 0x27ac  Serenum - ok
18:07:36.0504 0x27ac  [ 81633C87B42B63BA484A6177179AC750, A22BA40E9EC74E88D8098CBDC954E1D63B832FCB789E3C7B731DE5DA39BEE2CA ] Serial          C:\WINDOWS\System32\drivers\serial.sys
18:07:36.0519 0x27ac  Serial - ok
18:07:36.0519 0x27ac  [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
18:07:36.0535 0x27ac  sermouse - ok
18:07:36.0551 0x27ac  [ C42D93E4211D16EE0315D38C6618659E, CA280B8B42C4F7C47669DF3129E4FD56F861D94D8840C26EFFC669757B4EC495 ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
18:07:36.0566 0x27ac  SessionEnv - ok
18:07:36.0566 0x27ac  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
18:07:36.0582 0x27ac  sfloppy - ok
18:07:36.0613 0x27ac  [ 36930348608E6808EC0C4C00019BB611, AF4B23FA40FD85CB2A179251095261480B54F27B7737CC78CA8A84374D1AAA26 ] SftService      C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe
18:07:36.0660 0x27ac  SftService - ok
18:07:36.0676 0x27ac  [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
18:07:36.0691 0x27ac  SharedAccess - ok
18:07:36.0707 0x27ac  [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
18:07:36.0738 0x27ac  ShellHWDetection - ok
18:07:36.0738 0x27ac  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
18:07:36.0754 0x27ac  SiSRaid2 - ok
18:07:36.0754 0x27ac  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
18:07:36.0769 0x27ac  SiSRaid4 - ok
18:07:36.0769 0x27ac  [ E6DA1192D36D2D29FF8387917C2D70A6, 6F6AB7A2E45D7E05F5ED0B08B1ED9FFA03BDBFAF5E80F8B9E2C4D6CF6F74B851 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
18:07:36.0801 0x27ac  SkypeUpdate - ok
18:07:36.0801 0x27ac  [ 070E4053E3426BAD7B21937F3F0275EB, 92ACCE7E0F5A2EEC2AF931E6677885FBA8548B2876A59EBC827F569300E71631 ] SmbDrv          C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys
18:07:36.0801 0x27ac  SmbDrv - ok
18:07:36.0816 0x27ac  [ B6EBAD9D72DA681E1976AD51DE1B73F5, 59C9E2EB3340D9A28B9EB06379975B79D62F8239C1F0B24B3BF2D3756C58A512 ] SmbDrvI         C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys
18:07:36.0816 0x27ac  SmbDrvI - ok
18:07:36.0816 0x27ac  [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost         C:\WINDOWS\System32\smphost.dll
18:07:36.0832 0x27ac  smphost - ok
18:07:36.0832 0x27ac  [ 961507DB02D7AC0B7A7828D457143B8E, F423BE6287C65960A955EBB3BFBAC047313BEB2F54920A6E57E51FCCE855F5E0 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
18:07:36.0848 0x27ac  SNMPTRAP - ok
18:07:36.0863 0x27ac  [ F6AF6499C3788105EA7AF1DA27769A77, F847789B0AD498CC9C985F334F7BA0906ACB41FB356CC2EF2A00C62C75D94A79 ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
18:07:36.0879 0x27ac  spaceport - ok
18:07:36.0894 0x27ac  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
18:07:36.0894 0x27ac  SpbCx - ok
18:07:36.0926 0x27ac  [ FCB156A6745631A67DEA61827061D483, 9275ABFA1E1E595969A71C0DA228D18D1B868BF46E097E1276142BD80F8A32C9 ] Spooler         C:\WINDOWS\System32\spoolsv.exe
18:07:36.0941 0x27ac  Spooler - ok
18:07:37.0082 0x27ac  [ F264662C057A54AA2DE41B3C7551712F, 2C123C6ACD967CDF1AD2855187CF3D8357B16A4FD9C2F18AE54CFA384165FA11 ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
18:07:37.0238 0x27ac  sppsvc - ok
18:07:37.0254 0x27ac  [ 6A697F8A01C0E7C22D45091E6E8BC5A9, 3F9665219FECF0D8C6BD92ED287CEA243D17F30ABF69F484893DF0FA02B14E8A ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
18:07:37.0269 0x27ac  srv - ok
18:07:37.0301 0x27ac  [ 2BDC8B9E7AA11C5C1D77E4CFA27219E0, B3B186B18E0788050FB3552A7261AD5134762C4F6906C302674827954BD958C9 ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
18:07:37.0316 0x27ac  srv2 - ok
18:07:37.0316 0x27ac  [ BB53DBB28A7A0E64F3560FE08A8AFBB1, 10057498C452AC63F707B6FD02983C73D471AB9E937619164787EE14A70AE5E7 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
18:07:37.0332 0x27ac  srvnet - ok
18:07:37.0348 0x27ac  [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
18:07:37.0363 0x27ac  SSDPSRV - ok
18:07:37.0363 0x27ac  [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
18:07:37.0379 0x27ac  SstpSvc - ok
18:07:37.0394 0x27ac  [ 97F839E8AEC48EE271509BF4BC764C24, 7B9B791E987ADC8991C128CD52CB253F295E41DF502BF8933DF388994E84560D ] STacSV          C:\Program Files\IDT\WDM\STacSV64.exe
18:07:37.0394 0x27ac  STacSV - detected UnsignedFile.Multi.Generic ( 1 )
18:07:37.0394 0x27ac  STacSV ( UnsignedFile.Multi.Generic ) - warning
18:07:37.0410 0x27ac  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
18:07:37.0410 0x27ac  stexstor - ok
18:07:37.0426 0x27ac  [ 7E89F65EB250463EE8665CFE19566FC3, 45849BAFA62E72A97103C5F02962D346D3F79DE9DB07297D1073FF355A506D9C ] STHDA           C:\WINDOWS\system32\DRIVERS\stwrt64.sys
18:07:37.0457 0x27ac  STHDA - ok
18:07:37.0473 0x27ac  [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
18:07:37.0488 0x27ac  stisvc - ok
18:07:37.0504 0x27ac  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
18:07:37.0504 0x27ac  storahci - ok
18:07:37.0519 0x27ac  [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys
18:07:37.0519 0x27ac  storflt - ok
18:07:37.0535 0x27ac  [ 1D5A045F59D216448FCDE3A8D69970E2, CEDEB0843D93339D10FE4BC209CCFCB6E12C6064FD62694DA7675082E8B8C915 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
18:07:37.0535 0x27ac  stornvme - ok
18:07:37.0535 0x27ac  [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
18:07:37.0551 0x27ac  StorSvc - ok
18:07:37.0551 0x27ac  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
18:07:37.0566 0x27ac  storvsc - ok
18:07:37.0566 0x27ac  [ 8854151B13B0D57700482979932B9953, 530E74C7E2B43882E5EA79F0446992D5BC600426AE1250476A5E5F64E88C56CF ] SupportAssistAgent C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
18:07:37.0582 0x27ac  SupportAssistAgent - ok
18:07:37.0582 0x27ac  [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc           C:\WINDOWS\system32\svsvc.dll
18:07:37.0598 0x27ac  svsvc - ok
18:07:37.0598 0x27ac  [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
18:07:37.0613 0x27ac  swenum - ok
18:07:37.0629 0x27ac  [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv           C:\WINDOWS\System32\swprv.dll
18:07:37.0644 0x27ac  swprv - ok
18:07:37.0660 0x27ac  [ 12A60B3636083CE621A3EF67711EA5BC, E15392025247A59967195CE5B47D34AB9155BFE9C4D88E4551D24677F2102ED2 ] SynTP           C:\WINDOWS\system32\DRIVERS\SynTP.sys
18:07:37.0676 0x27ac  SynTP - ok
18:07:37.0707 0x27ac  [ 7E85DB0463AD2403AE84AD162B162279, 996C42ECAFC6E24C623068AFAFCC0A2612526333AF9315F7536C6D40C2570632 ] SysMain         C:\WINDOWS\system32\sysmain.dll
18:07:37.0738 0x27ac  SysMain - ok
18:07:37.0754 0x27ac  [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
18:07:37.0769 0x27ac  SystemEventsBroker - ok
18:07:37.0785 0x27ac  [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
18:07:37.0801 0x27ac  TabletInputService - ok
18:07:37.0801 0x27ac  [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
18:07:37.0816 0x27ac  TapiSrv - ok
18:07:37.0879 0x27ac  [ 2F10C145F517419E17203632FCDA0A13, 143F5837AE79E3EDB98F17A4661ECD5BCBFEB317077286B51E765560339B53A8 ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
18:07:37.0941 0x27ac  Tcpip - ok
18:07:37.0988 0x27ac  [ 2F10C145F517419E17203632FCDA0A13, 143F5837AE79E3EDB98F17A4661ECD5BCBFEB317077286B51E765560339B53A8 ] TCPIP6          C:\WINDOWS\system32\DRIVERS\tcpip.sys
18:07:38.0051 0x27ac  TCPIP6 - ok
18:07:38.0066 0x27ac  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
18:07:38.0066 0x27ac  tcpipreg - ok
18:07:38.0082 0x27ac  [ 23DF7EBD9B782E1436CEC700565A4366, 70B89AA230BDD9BA73625EAF93FA21560A3D0FAFE6B015D84F910EECDCF90A70 ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
18:07:38.0098 0x27ac  tdx - ok
18:07:38.0098 0x27ac  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
18:07:38.0098 0x27ac  terminpt - ok
18:07:38.0129 0x27ac  [ 83FC6290C38166BF86026BEA21A139B0, FDFBCB3D4F7F0D97811F0D308DF515C087A8C85EAEC86BC6BE5DFE7D4F3B3524 ] TermService     C:\WINDOWS\System32\termsrv.dll
18:07:38.0160 0x27ac  TermService - ok
18:07:38.0176 0x27ac  [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes          C:\WINDOWS\system32\themeservice.dll
18:07:38.0176 0x27ac  Themes - ok
18:07:38.0191 0x27ac  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER     C:\WINDOWS\system32\mmcss.dll
18:07:38.0191 0x27ac  THREADORDER - ok
18:07:38.0207 0x27ac  [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
18:07:38.0223 0x27ac  TimeBroker - ok
18:07:38.0223 0x27ac  [ 80A2FC1A089A71F2DBE5D8394FFB009F, DEA30E751F6EA42E43E16869713FC7E37832B15DAFA0062B1798DFA476981385 ] TPM             C:\WINDOWS\system32\drivers\tpm.sys
18:07:38.0238 0x27ac  TPM - ok
18:07:38.0254 0x27ac  [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
18:07:38.0254 0x27ac  TrkWks - ok
18:07:38.0269 0x27ac  [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
18:07:38.0269 0x27ac  TrustedInstaller - ok
18:07:38.0285 0x27ac  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
18:07:38.0285 0x27ac  TsUsbFlt - ok
18:07:38.0301 0x27ac  [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
18:07:38.0301 0x27ac  TsUsbGD - ok
18:07:38.0316 0x27ac  [ E85916632CD3B9E9B546968DB950BF42, DECE3852C763CC6293C7D1B772296C43A0AE1E47BBCC4979C96B3B2AD70413F3 ] tunnel          C:\WINDOWS\system32\DRIVERS\tunnel.sys
18:07:38.0316 0x27ac  tunnel - ok
18:07:38.0332 0x27ac  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
18:07:38.0332 0x27ac  uagp35 - ok
18:07:38.0348 0x27ac  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
18:07:38.0348 0x27ac  UASPStor - ok
18:07:38.0363 0x27ac  [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000        C:\WINDOWS\System32\drivers\ucx01000.sys
18:07:38.0379 0x27ac  UCX01000 - ok
18:07:38.0379 0x27ac  [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
18:07:38.0394 0x27ac  udfs - ok
18:07:38.0394 0x27ac  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
18:07:38.0410 0x27ac  UEFI - ok
18:07:38.0410 0x27ac  [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
18:07:38.0426 0x27ac  UI0Detect - ok
18:07:38.0441 0x27ac  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
18:07:38.0441 0x27ac  uliagpkx - ok
18:07:38.0441 0x27ac  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
18:07:38.0457 0x27ac  umbus - ok
18:07:38.0457 0x27ac  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
18:07:38.0473 0x27ac  UmPass - ok
18:07:38.0488 0x27ac  [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
18:07:38.0504 0x27ac  UmRdpService - ok
18:07:38.0504 0x27ac  [ E1A119AD21F5AFE22EB516C549306D3D, 48769D5E7A78B7A2C00F1F6798AC133CF3E0B2C76F71D3719BD741DDD8F2D229 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
18:07:38.0519 0x27ac  UNS - ok
18:07:38.0535 0x27ac  [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost        C:\WINDOWS\System32\upnphost.dll
18:07:38.0551 0x27ac  upnphost - ok
18:07:38.0566 0x27ac  [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
18:07:38.0566 0x27ac  usbccgp - ok
18:07:38.0582 0x27ac  [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
18:07:38.0598 0x27ac  usbcir - ok
18:07:38.0598 0x27ac  [ C996CBEF922B5653A01E3F50DDCE2F86, 231EB5A36E7EE242197E796D3B4AB12F945D2C8570587BC8D57D45530A0C59B4 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
18:07:38.0613 0x27ac  usbehci - ok
18:07:38.0629 0x27ac  [ CD81683F4553677B9BF5163A922153EB, 6B304B0D68B9BFF0245EC755CDAAF9DF59DF3A081727E32CB66672929F0DBC50 ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
18:07:38.0644 0x27ac  usbhub - ok
18:07:38.0660 0x27ac  [ 5C90D5379B53590FBB24BBAD4FA682EE, DC036340510C1C0999AB1CB845F8E6EB8B7696BAC9BBE6E936454C0000D1E9D4 ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
18:07:38.0676 0x27ac  USBHUB3 - ok
18:07:38.0676 0x27ac  [ A0F0484C97D6441ED6A75D7426ECCC9E, FF928ADE1C5464E581BF929F7383D5762D110EA6C7E31A6F0887EA7357ADBEFE ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
18:07:38.0691 0x27ac  usbohci - ok
18:07:38.0691 0x27ac  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
18:07:38.0707 0x27ac  usbprint - ok
18:07:38.0707 0x27ac  [ 0F030491BA4A27BD46F8B8ACEEE83F1A, 7063855611BEF94D4D229BA1BE507ECBDD89F5861641A407EB3E2919A352F9D4 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
18:07:38.0723 0x27ac  usbscan - ok
18:07:38.0738 0x27ac  [ 9D168BFA334D47BE404367EB58D4E130, 23279CBE6ACBD074E7B268BA2EDA14E2255C41F8117173B2BBE653D8259ECFA2 ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
18:07:38.0738 0x27ac  USBSTOR - ok
18:07:38.0754 0x27ac  [ FC974B03C8B87455F44F734C8F31A3C8, D69F6EE8030F7DF96FF151D9EAA6AE65417ACAC5A267C7DB96E9611D5BC42D2C ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
18:07:38.0754 0x27ac  usbuhci - ok
18:07:38.0769 0x27ac  [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys
18:07:38.0785 0x27ac  usbvideo - ok
18:07:38.0801 0x27ac  [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
18:07:38.0816 0x27ac  USBXHCI - ok
18:07:38.0816 0x27ac  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc        C:\WINDOWS\system32\lsass.exe
18:07:38.0832 0x27ac  VaultSvc - ok
18:07:38.0832 0x27ac  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
18:07:38.0832 0x27ac  vdrvroot - ok
18:07:38.0863 0x27ac  [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds             C:\WINDOWS\System32\vds.exe
18:07:38.0910 0x27ac  vds - ok
18:07:38.0910 0x27ac  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
18:07:38.0926 0x27ac  VerifierExt - ok
18:07:38.0941 0x27ac  [ 8ABB4BABF59F092DF0B43778D8FD1884, 94C2100CE86448543A8DD586AD4A128AB9EB37959238D70F33EF59202270AC6C ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
18:07:38.0957 0x27ac  vhdmp - ok
18:07:38.0973 0x27ac  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\WINDOWS\system32\drivers\viaide.sys
18:07:38.0973 0x27ac  viaide - ok
18:07:38.0988 0x27ac  [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
18:07:38.0988 0x27ac  vmbus - ok
18:07:39.0004 0x27ac  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
18:07:39.0004 0x27ac  VMBusHID - ok
18:07:39.0020 0x27ac  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
18:07:39.0035 0x27ac  vmicguestinterface - ok
18:07:39.0051 0x27ac  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
18:07:39.0066 0x27ac  vmicheartbeat - ok
18:07:39.0082 0x27ac  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
18:07:39.0098 0x27ac  vmickvpexchange - ok
18:07:39.0113 0x27ac  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
18:07:39.0129 0x27ac  vmicrdv - ok
18:07:39.0145 0x27ac  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
18:07:39.0160 0x27ac  vmicshutdown - ok
18:07:39.0176 0x27ac  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
18:07:39.0191 0x27ac  vmictimesync - ok
18:07:39.0207 0x27ac  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
18:07:39.0223 0x27ac  vmicvss - ok
18:07:39.0238 0x27ac  [ 436E1A724E7E683F6B612D3D58F04241, 939B5EF0090DF3759295F88402FD0EA33F499DDA9F89E5D0E90D1F9AED65D491 ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
18:07:39.0254 0x27ac  volmgr - ok
18:07:39.0254 0x27ac  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
18:07:39.0270 0x27ac  volmgrx - ok
18:07:39.0285 0x27ac  [ 17F7B0F2298D97F4B6C7A69511033D3D, 5BDFC225F31553786726808FB7952940FC05CA72B3977D684056F42AFAA59565 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
18:07:39.0301 0x27ac  volsnap - ok
18:07:39.0301 0x27ac  [ DAC438FB5FF85A9E72806E2341D5D732, B1D1EFCA8C588A6BF53CEC941CC59702C366F15C7D5943431736EC857E57C0A2 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
18:07:39.0316 0x27ac  vpci - ok
18:07:39.0316 0x27ac  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
18:07:39.0332 0x27ac  vsmraid - ok
18:07:39.0363 0x27ac  [ D0CBA7B3531CCF2ADB985856D5F92434, 7FCBBCAF1AA85DCE8D75FB38DC4848AE12E8DD913CEBBC37BCD3D0123F0A3CAB ] VSS             C:\WINDOWS\system32\vssvc.exe
18:07:39.0410 0x27ac  VSS - ok
18:07:39.0410 0x27ac  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
18:07:39.0426 0x27ac  VSTXRAID - ok
18:07:39.0441 0x27ac  [ 71066FF95C487327E44C8AF1B72EBE8B, EA2729126B452CAE0C80D07501779D804B08E47F1217B61D53277B40869FEC25 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
18:07:39.0441 0x27ac  vwifibus - ok
18:07:39.0457 0x27ac  [ 29AB43937FFDA0B0FB56984226E698C6, 6A1A559964FE5D594E54988C46149969E6FFD5A8D5A6862E14648B608794CC29 ] vwififlt        C:\WINDOWS\system32\DRIVERS\vwififlt.sys
18:07:39.0457 0x27ac  vwififlt - ok
18:07:39.0473 0x27ac  [ 8B8624A93E3F88CB923AEB05B6313227, 2856B63CD376BF2B1A9129581E7B9207588D4EAFD29A2C8D98F176FEAFDE26A9 ] vwifimp         C:\WINDOWS\system32\DRIVERS\vwifimp.sys
18:07:39.0473 0x27ac  vwifimp - ok
18:07:39.0488 0x27ac  [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time         C:\WINDOWS\system32\w32time.dll
18:07:39.0504 0x27ac  W32Time - ok
18:07:39.0504 0x27ac  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
18:07:39.0520 0x27ac  WacomPen - ok
18:07:39.0551 0x27ac  [ 841345442390953CBC8801B95D3D0540, FD4F9FD2C4C60A1A580177FFF2E9035009AC6A38E78D4236B0ED4773E3B263EE ] wbengine        C:\WINDOWS\system32\wbengine.exe
18:07:39.0598 0x27ac  wbengine - ok
18:07:39.0613 0x27ac  [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
18:07:39.0629 0x27ac  WbioSrvc - ok
18:07:39.0629 0x27ac  [ 1CB5E844162845C099FA180EBB605C8E, 2BF9F5496572298EDAECFCE463BFE4A7749C994BB4D6ACC8605A4178A4DBA243 ] WCAssistantService C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
18:07:39.0645 0x27ac  WCAssistantService - ok
18:07:39.0660 0x27ac  [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
18:07:39.0676 0x27ac  Wcmsvc - ok
18:07:39.0691 0x27ac  [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
18:07:39.0707 0x27ac  wcncsvc - ok
18:07:39.0707 0x27ac  [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
18:07:39.0723 0x27ac  WcsPlugInService - ok
18:07:39.0738 0x27ac  [ F2E08D1C067FEFC3A42D21FD4810F1D3, A8AD114094D9AE3BC6F76940EF873FD21CCF130DE7F8712950F1962DCE25F1B3 ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
18:07:39.0738 0x27ac  WdBoot - ok
18:07:39.0770 0x27ac  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
18:07:39.0785 0x27ac  Wdf01000 - ok
18:07:39.0801 0x27ac  [ E234820E6B84ABA5E84E00227F505AE8, 645B809B883D8F678F2535B575AA1D595F27EBFCE0A16433E9A54CC266BD74F2 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
18:07:39.0816 0x27ac  WdFilter - ok
18:07:39.0816 0x27ac  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
18:07:39.0832 0x27ac  WdiServiceHost - ok
18:07:39.0832 0x27ac  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
18:07:39.0848 0x27ac  WdiSystemHost - ok
18:07:39.0848 0x27ac  [ A74AD6D80AC26E1B5DD276FC927F2BAC, F73F090D46BB2AAA6A8D148C658B2EA8C07B16201BB800A9283F4017DC249809 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
18:07:39.0863 0x27ac  WdNisDrv - ok
18:07:39.0863 0x27ac  WdNisSvc - ok
18:07:39.0879 0x27ac  [ A70CAF5EA36CBA5FCA24244306D4D5C6, 76C3E20B62B89D9699A1E817377FAD70B144B877BCC5C850A5B64CC68184D8DA ] WebClient       C:\WINDOWS\System32\webclnt.dll
18:07:39.0895 0x27ac  WebClient - ok
18:07:39.0895 0x27ac  [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
18:07:39.0910 0x27ac  Wecsvc - ok
18:07:39.0926 0x27ac  [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
18:07:39.0926 0x27ac  WEPHOSTSVC - ok
18:07:39.0941 0x27ac  [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
18:07:39.0957 0x27ac  wercplsupport - ok
18:07:39.0957 0x27ac  [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
18:07:39.0973 0x27ac  WerSvc - ok
18:07:39.0973 0x27ac  [ 715ABA3DD164D06457A2A3C92F6EA9D5, E6F8269D2FFC4A548B65724C0A3F53756ED15E47229861FBD40B656EE40FE166 ] WFPLWFS         C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
18:07:39.0988 0x27ac  WFPLWFS - ok
18:07:39.0988 0x27ac  [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
18:07:40.0004 0x27ac  WiaRpc - ok
18:07:40.0004 0x27ac  [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
18:07:40.0020 0x27ac  WIMMount - ok
18:07:40.0020 0x27ac  WinDefend - ok
18:07:40.0051 0x27ac  [ 0E70990EC2E5D2331AA5E88DB0CFB826, 79DFF565C3FCBC691E8FEB669CEC00E340FD2A2AFA4488D23A7CC63A2A98A5C1 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
18:07:40.0066 0x27ac  WinHttpAutoProxySvc - ok
18:07:40.0082 0x27ac  [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
18:07:40.0098 0x27ac  Winmgmt - ok
18:07:40.0145 0x27ac  [ B56BFFFB740D76E634DB7B4802E36E4E, 2AA84756DE882463AE4C7BA0DCDEE3E5501DDF673ADD3F37B2B814FB0342E61F ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
18:07:40.0207 0x27ac  WinRM - ok
18:07:40.0223 0x27ac  [ 3AF1FA17F1C4ACBDB660D8F98B1A9C13, 99B0851410B462685F6705EBF832D10943FB9634030B02D15BF5D0C66F26F2C2 ] WinUsb          C:\WINDOWS\System32\drivers\WinUsb.sys
18:07:40.0238 0x27ac  WinUsb - ok
18:07:40.0270 0x27ac  [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
18:07:40.0317 0x27ac  WlanSvc - ok
18:07:40.0348 0x27ac  [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
18:07:40.0379 0x27ac  wlidsvc - ok
18:07:40.0395 0x27ac  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
18:07:40.0410 0x27ac  WmiAcpi - ok
18:07:40.0410 0x27ac  [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
18:07:40.0426 0x27ac  wmiApSrv - ok
18:07:40.0426 0x27ac  WMPNetworkSvc - ok
18:07:40.0442 0x27ac  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
18:07:40.0442 0x27ac  Wof - ok
18:07:40.0488 0x27ac  [ EDFA5CEDBE174FAAA4A09A6B297AEA42, 5998FE15462E4AD9C7B1444E5E2C17BD470DA3A5D474A0A118E02E47DADC678A ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
18:07:40.0520 0x27ac  workfolderssvc - ok
18:07:40.0535 0x27ac  [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
18:07:40.0535 0x27ac  wpcfltr - ok
18:07:40.0551 0x27ac  [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc          C:\WINDOWS\System32\wpcsvc.dll
18:07:40.0551 0x27ac  WPCSvc - ok
18:07:40.0567 0x27ac  [ 25BE82B325AC22FE563A58A1AC29F4C1, 4247BAA9A44C964446F81ED44F18B28F1F730F46851EC2B756BAC57FB9D86700 ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
18:07:40.0567 0x27ac  WPDBusEnum - ok
18:07:40.0582 0x27ac  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
18:07:40.0582 0x27ac  WpdUpFltr - ok
18:07:40.0598 0x27ac  [ 7CA09731EB7FC99B910C7F239E57720F, 502F8917A0811F37C39B2B3F5E9B4F38A0E899C30CB29D3ECD87A50FF228E536 ] WPRO_41_2001    C:\WINDOWS\system32\drivers\WPRO_41_2001.sys
18:07:40.0598 0x27ac  WPRO_41_2001 - ok
18:07:40.0598 0x27ac  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
18:07:40.0613 0x27ac  ws2ifsl - ok
18:07:40.0613 0x27ac  [ 501D5EFAB9711039479AE48401386D2B, C8C1184DE93E9D2C4E8A60E4E9980745C4E5470E5DA9B59165D18705330ADEFE ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
18:07:40.0629 0x27ac  wscsvc - ok
18:07:40.0645 0x27ac  [ F586F3F1BF962FE9AE4316E0D896B22F, 8D0AD48D79294567123D943D0F5B6D5A32D7A82B129A24DC821D3095AFAA100B ] WSDPrintDevice  C:\WINDOWS\System32\drivers\WSDPrint.sys
18:07:40.0645 0x27ac  WSDPrintDevice - ok
18:07:40.0645 0x27ac  [ 58035FD3369879E02D65989C44D27450, B9245DB5C17F7CE94FAA20AB4B0D06A4DFB6133C6E82343758CDC713EB64DFEF ] WSDScan         C:\WINDOWS\system32\DRIVERS\WSDScan.sys
18:07:40.0660 0x27ac  WSDScan - ok
18:07:40.0660 0x27ac  WSearch - ok
18:07:40.0738 0x27ac  [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService       C:\WINDOWS\System32\WSService.dll
18:07:40.0817 0x27ac  WSService - ok
18:07:40.0895 0x27ac  [ F8AAE8C41092D195C470EE7EF2D0BB01, D02B608244D084669632F60CC977BA10A9A5F7CEA73F15A8ADE6BF9EFE8C4052 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
18:07:40.0973 0x27ac  wuauserv - ok
18:07:40.0988 0x27ac  [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
18:07:40.0988 0x27ac  WudfPf - ok
18:07:41.0004 0x27ac  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
18:07:41.0020 0x27ac  WUDFRd - ok
18:07:41.0020 0x27ac  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFSensorLP    C:\WINDOWS\System32\drivers\WUDFRd.sys
18:07:41.0035 0x27ac  WUDFSensorLP - ok
18:07:41.0035 0x27ac  [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
18:07:41.0051 0x27ac  wudfsvc - ok
18:07:41.0067 0x27ac  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs       C:\WINDOWS\System32\drivers\WUDFRd.sys
18:07:41.0067 0x27ac  WUDFWpdFs - ok
18:07:41.0082 0x27ac  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp      C:\WINDOWS\System32\drivers\WUDFRd.sys
18:07:41.0098 0x27ac  WUDFWpdMtp - ok
18:07:41.0098 0x27ac  [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
18:07:41.0129 0x27ac  WwanSvc - ok
18:07:41.0192 0x27ac  [ 2AC426C57AC3D6A226D66E5A03223C90, 45AD44153D280E4066BA62260CE7733AC3DC23D59951BBCC0F8D4F5226F97203 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
18:07:41.0254 0x27ac  ZeroConfigService - ok
18:07:41.0270 0x27ac  ================ Scan global ===============================
18:07:41.0270 0x27ac  [ 3500AF0BA2EF095BF313EEB75D2366C6, C755E57B02BFA82151A182DF964349859575570EA5C3FBA81F747B8D2134A4D0 ] C:\WINDOWS\system32\basesrv.dll
18:07:41.0285 0x27ac  [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\WINDOWS\system32\winsrv.dll
18:07:41.0285 0x27ac  [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\WINDOWS\system32\sxssrv.dll
18:07:41.0301 0x27ac  [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\WINDOWS\system32\services.exe
18:07:41.0301 0x27ac  [ Global ] - ok
18:07:41.0301 0x27ac  ================ Scan MBR ==================================
18:07:41.0301 0x27ac  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
18:07:41.0348 0x27ac  \Device\Harddisk0\DR0 - ok
18:07:41.0348 0x27ac  ================ Scan VBR ==================================
18:07:41.0348 0x27ac  [ 5AC949AD54440209546F64FA05619BDF ] \Device\Harddisk0\DR0\Partition1
18:07:41.0348 0x27ac  \Device\Harddisk0\DR0\Partition1 - ok
18:07:41.0363 0x27ac  [ 7A6C8F728090BBF79297C1DFD05C1F6A ] \Device\Harddisk0\DR0\Partition2
18:07:41.0363 0x27ac  \Device\Harddisk0\DR0\Partition2 - ok
18:07:41.0363 0x27ac  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
18:07:41.0363 0x27ac  \Device\Harddisk0\DR0\Partition3 - ok
18:07:41.0363 0x27ac  [ FF260C8F85C8FF184908856C16606068 ] \Device\Harddisk0\DR0\Partition4
18:07:41.0363 0x27ac  \Device\Harddisk0\DR0\Partition4 - ok
18:07:41.0363 0x27ac  [ FC71A7A2F775B46BA26C5D76644DD482 ] \Device\Harddisk0\DR0\Partition5
18:07:41.0363 0x27ac  \Device\Harddisk0\DR0\Partition5 - ok
18:07:41.0363 0x27ac  [ 5B61775B68688C84E43788BA9F3E1099 ] \Device\Harddisk0\DR0\Partition6
18:07:41.0379 0x27ac  \Device\Harddisk0\DR0\Partition6 - ok
18:07:41.0379 0x27ac  [ 685523B0E023FA3CC230A4D81A0F44EA ] \Device\Harddisk0\DR0\Partition7
18:07:41.0379 0x27ac  \Device\Harddisk0\DR0\Partition7 - ok
18:07:41.0379 0x27ac  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition8
18:07:41.0379 0x27ac  \Device\Harddisk0\DR0\Partition8 - ok
18:07:41.0379 0x27ac  ================ Scan generic autorun ======================
18:07:41.0442 0x27ac  [ 18B40C7AF31127F4F0DD8BE2F8C79AFA, 6F1870E66CBAA36A2660A036B5606FC2686240286F0750F57203EE58E7D2232D ] c:\Program Files\Dell\QuickSet\QuickSet.exe
18:07:41.0520 0x27ac  QuickSet - ok
18:07:41.0520 0x27ac  BTMTrayAgent - ok
18:07:41.0613 0x27ac  [ 9EC647ACB1E33073EE50A7C55D662C9D, 3F500106C13B56B091A756958D8ACFDB120271FACCF5D82317816FB57072C8CC ] C:\Program Files\Intel\CCDashboard\bin\CCDashServer.exe
18:07:41.0692 0x27ac  IntelMyWiFiDashboard - ok
18:07:41.0738 0x27ac  [ 94BFCE236D6340011721470E394056E3, 42A7808F6C53C268354E9E47F0689FE2B4717F61E97CBAA0ABF33E0275B908EF ] C:\Program Files\IDT\WDM\sttray64.exe
18:07:41.0754 0x27ac  SysTrayApp - detected UnsignedFile.Multi.Generic ( 1 )
18:07:41.0754 0x27ac  SysTrayApp ( UnsignedFile.Multi.Generic ) - warning
18:07:41.0770 0x27ac  SynTPEnh - ok
18:07:41.0770 0x27ac  [ 076B3EE149E01ADBAC2DC529554A3FD9, 4F65D9D2EE44829AA2264210112851E899165C2346489BEBE679C41420CF7D07 ] C:\Program Files\iTunes\iTunesHelper.exe
18:07:41.0785 0x27ac  iTunesHelper - ok
18:07:41.0832 0x27ac  [ A6A21A7D544675E98C040DA18904CF50, AACB578C297C7AC9FEBDAB4AD20235E5CFF6E3F260E76E6AE18D43DC57D69672 ] C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe
18:07:41.0879 0x27ac  Malwarebytes TrayApp - ok
18:07:41.0895 0x27ac  [ 28BBBFCC1AD839D1EED3AB392353590F, 9273EF234AC64DBC50EC25DE2DB5B99AAB42F340D9F7327F2AD88CAAC887EDDC ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
18:07:41.0895 0x27ac  IAStorIcon - ok
18:07:41.0910 0x27ac  [ 724CB7A116F7E1A67009D751BCF86586, F0C4BE7451C5573AD584F5EF125C0702841E30D928909B5B3EA702831EF2FD9B ] C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
18:07:41.0910 0x27ac  CLMLServer_For_P2G8 - ok
18:07:41.0926 0x27ac  [ 3A632F4EA3386DFEE9D8FDE68C34EFE0, 481B3732D47E3738F74C073CEA41CAD3AF64F702FD42ECCE6551B53AFDAE72AD ] C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe
18:07:41.0942 0x27ac  CLVirtualDrive - ok
18:07:41.0942 0x27ac  [ 9388FBA0B9985B18B3693A32B530A16B, F3C3DCDB4D66433EB33C7BA3BD1B8B80E8E67E6B3614DDF37EE77FEA143015B3 ] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
18:07:41.0957 0x27ac  RemoteControl10 - ok
18:07:41.0973 0x27ac  [ 37763602F98C51ED455E0C420BB096D5, C1DAFEB7C211052F3E8C5F3D48B9223AC1D4D26A7050A08F935CDBF484DB28CB ] C:\Program Files\McAfee.com\Agent\mcagent.exe
18:07:41.0989 0x27ac  mcui_exe - ok
18:07:41.0989 0x27ac  [ 4275C55AA440DC08EA0267AED31D9654, A5EF4505960D9CECC45376026A8B51FF43282AE811C88617CCD8F7F1E6E56A7B ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
18:07:42.0004 0x27ac  APSDaemon - ok
18:07:42.0020 0x27ac  [ 73F1B07CF82235B25BCC3E9A7522ACCB, 47221B8DFF5A44050AFB0AB5A249FEECE36BE2E000D6529E099128EEDFA647DA ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe
18:07:42.0035 0x27ac  StartCCC - ok
18:07:42.0051 0x27ac  [ 2A3FB4C98F139038E23330D2439DB8A4, DE9253AD362B03FA5D3D4912662398E5C4AC76F7274B83E51C251A6921A5B838 ] C:\Users\Kathrin\AppData\Local\Facebook\Update\FacebookUpdate.exe
18:07:42.0051 0x27ac  Facebook Update - ok
18:07:42.0082 0x27ac  [ 30408F067C1F35DE86A492E55483763E, 85F8EA96BCB3D93E762D8C19D8A48CFDF49E83E50260B12B91B79422E96F5A12 ] C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
18:07:42.0129 0x27ac  Web Companion - ok
18:07:42.0129 0x27ac  Skype - ok
18:07:42.0145 0x27ac  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.209.0 ), 0x60100 ( disabled : updated )
18:07:42.0145 0x27ac  AV detected via SS2: McAfee VirusScan, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 16.1.0.0 ), 0x51000 ( enabled : updated )
18:07:42.0145 0x27ac  FW detected via SS2: McAfee Firewall, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 16.1.0.0 ), 0x51010 ( enabled )
18:07:42.0145 0x27ac  ============================================================
18:07:42.0145 0x27ac  Scan finished
18:07:42.0145 0x27ac  ============================================================
18:07:42.0145 0x0c08  Detected object count: 5
18:07:42.0145 0x0c08  Actual detected object count: 5
18:16:01.0978 0x0c08  chip1click ( UnsignedFile.Multi.Generic ) - skipped by user
18:16:01.0978 0x0c08  chip1click ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:16:01.0978 0x0c08  IAStorDataMgrSvc ( UnsignedFile.Multi.Generic ) - skipped by user
18:16:01.0978 0x0c08  IAStorDataMgrSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:16:01.0978 0x0c08  IconMan_R ( UnsignedFile.Multi.Generic ) - skipped by user
18:16:01.0978 0x0c08  IconMan_R ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:16:01.0978 0x0c08  STacSV ( UnsignedFile.Multi.Generic ) - skipped by user
18:16:01.0978 0x0c08  STacSV ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:16:01.0978 0x0c08  SysTrayApp ( UnsignedFile.Multi.Generic ) - skipped by user
18:16:01.0978 0x0c08  SysTrayApp ( UnsignedFile.Multi.Generic ) - User select action: Skip

M-K-D-B · 26.07.2017, 20:19

Servus,

Schritt 1
Downloade Dir bitte AdwCleaner auf deinen Desktop (Bebilderte Anleitung).

Schließe alle offenen Programme und Browser.
Starte die adwcleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Werkzeuge > Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- Tracing Schlüssel
- Prefetch Dateien
- Proxy
- Winsock
- Firewall
- Internet Explorer Richtlinien
- Chrome Richtlinien
Bestätige die Auswahl mit Ok.
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen (auch dann wenn AdwCleaner sagt, dass nichts gefunden wurde) und bestätige auftretende Hinweise mit Ok.
Klicke am Ende der Bereinigung auf Jetzt neu starten. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 2
Downloade Dir bitte Malwarebytes Anti-Malware 3 (Bebilderte Anleitung)

Installiere das Programm in den vorgegebenen Pfad.
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scan, wähle den Bedrohungs-Scan aus und klicke auf Scan starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Ausgewählte Elemente in die Quarantäne verschieben.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM nach dem Neustart, klicke auf Berichte.
Wähle den neuesten Scan-Bericht aus, klicke auf Bericht anzeigen und dann auf Export.
Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 3

Starte die FRST.exe erneut. Vergewissere dich, dass vor Addition.txt ein Haken gesetzt ist und drücke auf Untersuchen.
FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Bitte poste mit deiner nächsten Antwort

die Logdatei von AdwCleaner,
die Logdatei von MBAM,
die zwei neuen Logdateien von FRST.

gapkathl · 26.07.2017, 21:18

Servus auch,

danke für die schnelle Antwort!

Nachfolgend die neuen Logdateien....

Code:

ATTFilter

# AdwCleaner 7.0.0.0 - Logfile created on Wed Jul 26 19:36:27 2017
# Updated on 2017/17/07 by Malwarebytes 
# Running on Windows 8.1 (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

Deleted: LavasoftTcpService
Deleted: WCAssistantService


***** [ Folders ] *****

Deleted: C:\ProgramData\lavasoft\web companion
Deleted: C:\ProgramData\Application Data\lavasoft\web companion
Deleted: C:\Program Files (x86)\lavasoft\web companion
Deleted: C:\Users\All Users\lavasoft\web companion
Deleted: C:\Users\Kathrin\AppData\Roaming\lavasoft\web companion
Deleted: C:\Program Files (x86)\Chip Digital GmbH
Deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft\WebCompanion
Deleted: C:\Windows\System32\config\systemprofile\AppData\Local\LavasoftTcpService
Deleted: C:/ProgramData\155f528f-da73-48ec-9cbf-1dfac160cf7a


***** [ Files ] *****

Deleted: C:\Windows\System32\lavasofttcpservice.dll
Deleted: C:\Windows\System32\LavasoftTcpServiceOff.ini
Deleted: C:\Windows\SysNative\LavasoftTcpServiceOff.ini
Deleted: C:\Windows\SysNative\LavasoftTcpService64.dll


***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\v9.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\v9.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.v9.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.v9.com
Deleted: [Value] - HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|{E8B12A93-8860-4991-975A-7D8738EE676C}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}
Deleted: [Key] - HKLM\SOFTWARE\Lavasoft\Web Companion
Deleted: [Key] - HKU\S-1-5-21-85611978-3827166080-1061539791-1001\Software\Lavasoft\Web Companion
Deleted: [Key] - HKCU\Software\Lavasoft\Web Companion
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{29494049-211F-4F5C-8545-7DA8BF7A6CF8}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C4BEF720-313C-420A-ACF6-77DD95D8F553}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{0015CAC9-FC30-4CD0-BFAA-7412CC2C4DD9}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{26C7AFDB-3690-449E-B979-B0AF5CC56DD4}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{3A5A5381-DAAF-4C0D-B032-2C66B3EE4A8D}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{472EF1D2-4AAE-470D-AE85-6AF8177916FD}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{8F010D54-C023-457F-AF03-497EACB6D519}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{9A754403-27B1-4ED7-96D7-588F07888EBF}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{CB31FF8F-BF80-4D2B-ADBE-12C6F5347890}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{FCAA532B-E807-4027-940C-BA16B9D50105}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{ED62BC6E-64F1-46BE-866F-4C8DC0DF7057}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C3F6D7A0BA2FDE84EB329997B1FF786D
Deleted: [Key] - HKLM\SOFTWARE\Classes\Installer\Features\C3F6D7A0BA2FDE84EB329997B1FF786D
Deleted: [Key] - HKLM\SOFTWARE\Classes\Installer\Products\C3F6D7A0BA2FDE84EB329997B1FF786D
Deleted: [Value] - HKU\S-1-5-21-85611978-3827166080-1061539791-1001\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion
Deleted: [Value] - HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BonanzaDealsLive.exe
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted: [Key] - HKLM\SOFTWARE\Classes\MIME\Database\Content Type\application/x-vnd.bdliveupdate.oneclickctrl.9
Deleted: [Key] - HKLM\SOFTWARE\Classes\MIME\Database\Content Type\application/x-vnd.bdliveupdate.update3webcontrol.3
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{2CE0F1DC-C504-4B7B-A385-D94A2531DFFB}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\LavasoftTcpService.exe


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Prefetch files deleted
::Proxy settings cleared
::Firewall rules cleared
::IE policies deleted
::Chrome policies deleted
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [4179 B] - [2013/10/17 20:26:57]
C:/AdwCleaner/AdwCleaner[S1].txt - [1085 B] - [2015/9/22 17:18:6]
C:/AdwCleaner/AdwCleaner[S2].txt - [5477 B] - [2017/7/26 19:35:37]


########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########

Code:

ATTFilter

Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 26.07.17
Scan-Zeit: 21:54
Protokolldatei: MBAM.txt
Administrator: Ja

-Softwaredaten-
Version: 3.1.2.1733
Komponentenversion: 1.0.160
Version des Aktualisierungspakets: 1.0.2443
Lizenz: Kostenlos

-Systemdaten-
Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: DELLBOOKKATHRIN\Kathrin

-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 393441
Erkannte Bedrohungen: 0
(keine bösartigen Elemente erkannt)
In die Quarantäne verschobene Bedrohungen: 0
(keine bösartigen Elemente erkannt)
Abgelaufene Zeit: 4 Min., 36 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)

Modul: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswert: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Datei: 0
(keine bösartigen Elemente erkannt)

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)


(end)

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 26-07-2017
durchgeführt von Kathrin (Administrator) auf DELLBOOKKATHRIN (26-07-2017 22:05:25)
Gestartet von C:\Users\Kathrin\Downloads
Geladene Profile: Kathrin (Verfügbare Profile: Kathrin)
Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
() C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\ModuleCore\ModuleCoreService.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect 3\creator-ws.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(McAfee, Inc.) C:\Program Files\mcafee\MfeAV\MfeAVSvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\VSCore_15_6\mcapexe.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\CSP\2.5.312.0\McCSPServiceHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel) C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Intel® Corporation) C:\Program Files\Intel\CCDashboard\bin\CCDashServer.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\ModuleCore\ModuleCoreService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Dell Inc.) C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\atiw.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe
() C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Intel Security) C:\Program Files\Common Files\mcafee\ClientAnalytics\Legacy\McClientAnalytics.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(Farbar) C:\Users\Kathrin\Downloads\FRST64(1).exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3759504 2012-07-20] (Dell Inc.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [IntelMyWiFiDashboard] => C:\Program Files\Intel\CCDashboard\bin\CCDashServer.exe [5010224 2012-07-13] (Intel® Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-07-24] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2774256 2013-08-01] (Synaptics Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [277504 2012-07-09] (Intel Corporation)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-04] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [143888 2012-06-02] (CyberLink Corp.)
HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [556288 2017-05-31] (McAfee, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-03-20] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-85611978-3827166080-1061539791-1001\...\Run: [Facebook Update] => C:\Users\Kathrin\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-04-06] (Facebook Inc.)
HKU\S-1-5-21-85611978-3827166080-1061539791-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27716568 2017-05-04] (Skype Technologies S.A.)
HKU\S-1-5-21-85611978-3827166080-1061539791-1001\...\MountPoints2: {3c07da0d-45e7-11e7-bf09-7845c4bbb1ff} - "E:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-85611978-3827166080-1061539791-1001\...\MountPoints2: {3c07daa5-45e7-11e7-bf09-7845c4bbb1ff} - "E:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-85611978-3827166080-1061539791-1001\...\MountPoints2: {3c07db99-45e7-11e7-bf09-7845c4bbb1ff} - "E:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-85611978-3827166080-1061539791-1001\...\MountPoints2: {681dcd83-1a00-11e7-bf01-7845c4bbb1ff} - "E:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-85611978-3827166080-1061539791-1001\...\MountPoints2: {681dce3d-1a00-11e7-bf01-7845c4bbb1ff} - "E:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-85611978-3827166080-1061539791-1001\...\MountPoints2: {94a04385-4278-11e4-beaa-6036dd2f7c1c} - "E:\HTC_Sync_Manager_PC.exe" 
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk [2012-12-02]
ShortcutTarget: iSCTsysTray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray.exe (Intel Corporation)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{6E0427F8-072D-458E-8D74-7FDB03D1EB84}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{F4E2AC44-2A00-45ED-96F2-4710D38644B5}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKU\S-1-5-21-85611978-3827166080-1061539791-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-85611978-3827166080-1061539791-1001 -> DefaultScope {83B566A6-E037-4FD5-A2ED-8697AED21906} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
SearchScopes: HKU\S-1-5-21-85611978-3827166080-1061539791-1001 -> {83B566A6-E037-4FD5-A2ED-8697AED21906} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
BHO: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-06-19] (McAfee, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: PDF Architect 3 Helper -> {06E08260-0695-4EC1-A74B-1310D8899D93} -> C:\Program Files (x86)\PDF Architect 3\creator-ie-helper.dll [2015-04-24] (pdfforge GmbH)
BHO-x32: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-06-19] (McAfee, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Toolbar: HKLM-x32 - PDF Architect 3 Toolbar - {2DFF3579-5AA7-45B9-9328-1D38EA230861} - C:\Program Files (x86)\PDF Architect 3\creator-ie-plugin.dll [2015-04-24] (pdfforge GmbH)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-06-19] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-06-19] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-06-19] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-06-19] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2017-05-31] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2017-05-31] (McAfee, Inc.)

FireFox:
========
FF ProfilePath: C:\Users\Kathrin\AppData\Roaming\Mozilla\Firefox\Profiles\r6jeipv1.default [2017-07-26]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\r6jeipv1.default -> Bing®
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\r6jeipv1.default -> Sichere Suche
FF SearchEngineOrder.2: Mozilla\Firefox\Profiles\r6jeipv1.default -> 
FF SearchEngineOrder.US.1: Mozilla\Firefox\Profiles\r6jeipv1.default -> data:text/plain,browser.search.order.US.1=Google
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\r6jeipv1.default -> Bing®
FF Homepage: Mozilla\Firefox\Profiles\r6jeipv1.default -> hxxps://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1501095284&rver=6.7.6643.0&wp=MBI_SSL_SHARED&wreply=hxxps:%2F%2Fmail.live.com%2Fdefault.aspx%3Frru%3Dinbox&lc=1031&id=64855&mkt=de-DE&cbcxt=mai
hxxps://www.google.de/?gws_rd=ssl
FF NetworkProxy: Mozilla\Firefox\Profiles\r6jeipv1.default -> type", 0
FF Extension: (New Tab Override (browser.newtab.url replacement)) - C:\Users\Kathrin\AppData\Roaming\Mozilla\Firefox\Profiles\r6jeipv1.default\Extensions\newtaboverride@agenedia.com.xpi [2017-07-26]
FF Extension: (Adblock Plus) - C:\Users\Kathrin\AppData\Roaming\Mozilla\Firefox\Profiles\r6jeipv1.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-08]
FF Extension: (McAfee WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2017-04-18]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_3_conv@pdfarchitect.org] - C:\Program Files (x86)\PDF Architect 3\resources\pdfarchitect3firefoxextension
FF Extension: (PDF Architect 3 Creator) - C:\Program Files (x86)\PDF Architect 3\resources\pdfarchitect3firefoxextension [2015-06-27] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2017-06-30] [ist nicht signiert]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2015-08-04]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_137.dll [2017-07-17] ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2017-05-31] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_137.dll [2017-07-17] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2017-05-31] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-07-28] (Microsoft Corporation)
FF Plugin HKU\S-1-5-21-85611978-3827166080-1061539791-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Kathrin\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-04-22]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-04-22]

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R3 ClientAnalyticsService; C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe [1752992 2017-03-29] (Intel Security)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [206712 2017-06-20] (Dell Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3296632 2017-06-20] (Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [217464 2017-06-20] (Dell Inc.)
R2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [130936 2016-12-21] (Dell Inc.)
R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [230248 2017-05-01] (Dell Inc.)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2017-04-11] ()
R2 IAStorDataMgrSvc; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [7168 2012-07-09] (Intel Corporation) [Datei ist nicht signiert]
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-14] (Realsil Microelectronics Inc.) [Datei ist nicht signiert]
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [314696 2014-05-21] (Intel Corporation)
R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [193576 2012-07-20] (Intel Corporation)
R2 ISCTAgent; c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [146984 2012-07-24] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [179216 2017-06-19] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_15_6\McApExe.exe [984480 2017-06-03] (McAfee, Inc.)
S3 McAWFwk; C:\Program Files\mcafee\msc\McAWFwk.exe [332080 2012-01-26] (McAfee, Inc.)
R2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\2.5.312.0\\McCSPServiceHost.exe [2139832 2017-05-31] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
S4 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [241656 2017-04-30] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [390656 2017-04-30] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [343544 2017-04-30] (McAfee, Inc.)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1543248 2017-05-31] (McAfee, Inc.)
S3 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
S3 PDF Architect 3; C:\Program Files (x86)\PDF Architect 3\ws.exe [2244312 2015-04-24] (pdfforge GmbH)
S3 PDF Architect 3 CrashHandler; C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe [901336 2015-04-24] (pdfforge GmbH)
R2 PDF Architect 3 Creator; C:\Program Files (x86)\PDF Architect 3\creator-ws.exe [740568 2015-04-24] (pdfforge GmbH)
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1042288 2017-05-22] (Intel Security, Inc.)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-25] ()
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [1915480 2013-05-23] (SoftThinks SAS)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [321536 2012-07-24] (IDT, Inc.) [Datei ist nicht signiert]
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [52696 2017-06-28] (Dell Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)
S2 chip1click; "C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [36096 2014-07-21] (Advanced Micro Devices, Inc.)
R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [76824 2017-05-02] (McAfee, Inc.)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [32960 2017-04-11] (Dell Inc.)
R3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [32568 2017-04-11] (Dell Computer Corporation)
S3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [10752 2012-08-05] (OSR Open Systems Resources, Inc.)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2017-04-11] (Huawei Technologies Co., Ltd.)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [209608 2017-05-31] (McAfee, Inc.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2017-04-11] (Huawei Technologies Co., Ltd.)
R3 ikbevent; C:\WINDOWS\system32\DRIVERS\ikbevent.sys [20968 2012-07-24] ()
R3 imsevent; C:\WINDOWS\system32\DRIVERS\imsevent.sys [19944 2012-07-24] ()
R3 irstrtdv; C:\WINDOWS\System32\drivers\irstrtdv.sys [43800 2012-07-21] (Intel Corporation)
R3 ISCT; C:\WINDOWS\System32\drivers\ISCTD64.sys [46016 2012-07-24] ()
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [253856 2017-07-26] (Malwarebytes)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [476176 2017-05-02] (McAfee, Inc.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [353808 2017-05-02] (McAfee, Inc.)
U3 mfeavfk01; kein ImagePath
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [84536 2017-05-02] (McAfee, Inc.)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [504336 2017-05-02] (McAfee, Inc.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [918544 2017-05-02] (McAfee, Inc.)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [495632 2017-04-07] (McAfee, Inc.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [107544 2017-04-07] (McAfee, Inc.)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [109072 2017-05-02] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [46240 2016-06-06] (McAfee, Inc.)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [252432 2017-05-02] (McAfee, Inc.)
R3 NETwNe64; C:\WINDOWS\system32\DRIVERS\Netwew00.sys [3345376 2013-10-08] (Intel Corporation)
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-15] (Synaptics Incorporated)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-01] (Synaptics Incorporated)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
R3 WPRO_41_2001; C:\WINDOWS\System32\drivers\WPRO_41_2001.sys [34752 2017-07-26] ()

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-07-26 22:03 - 2017-07-26 22:04 - 02382848 _____ (Farbar) C:\Users\Kathrin\Downloads\FRST64(1).exe
2017-07-26 21:53 - 2017-07-26 21:53 - 00253856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-07-26 21:53 - 2017-07-26 21:53 - 00001885 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-07-26 21:53 - 2017-07-26 21:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-07-26 21:53 - 2017-07-26 21:53 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-07-26 21:53 - 2017-06-27 12:06 - 00077376 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-07-26 21:48 - 2017-07-26 21:52 - 65033984 _____ (Malwarebytes ) C:\Users\Kathrin\Downloads\mb3-setup-consumer-3.1.2.1733-1.0.160-1.0.2251(1).exe
2017-07-26 21:43 - 2017-07-26 21:43 - 00002090 _____ C:\Users\Public\Desktop\SupportAssist.lnk
2017-07-26 21:43 - 2017-07-26 21:43 - 00000000 ____D C:\ProgramData\PC-Doctor for Windows
2017-07-26 21:43 - 2017-07-26 21:43 - 00000000 ____D C:\Program Files\Dell Support Center
2017-07-26 21:41 - 2017-07-26 21:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2017-07-26 21:38 - 2017-07-26 21:43 - 65033984 _____ (Malwarebytes ) C:\Users\Kathrin\Downloads\mb3-setup-consumer-3.1.2.1733-1.0.160-1.0.2251.exe
2017-07-26 21:37 - 2017-07-26 22:03 - 00000000 ____D C:\Users\Kathrin\Desktop\Trojaner-Board
2017-07-26 21:27 - 2017-07-26 21:28 - 08162248 _____ (Malwarebytes) C:\Users\Kathrin\Downloads\adwcleaner_7.0.0.0(2).exe
2017-07-26 18:20 - 2017-07-26 18:16 - 00507926 _____ C:\Users\Kathrin\Desktop\TDSSKiller.3.1.0.15_26.07.2017_18.05.48_log.txt
2017-07-26 18:05 - 2017-07-26 18:21 - 00508014 _____ C:\TDSSKiller.3.1.0.15_26.07.2017_18.05.48_log.txt
2017-07-26 18:04 - 2017-07-26 18:05 - 04922400 _____ (AO Kaspersky Lab) C:\Users\Kathrin\Downloads\tdsskiller.exe
2017-07-26 14:53 - 2017-07-26 14:53 - 00018084 _____ C:\Users\Kathrin\Desktop\Scan Malwarebytes.txt
2017-07-26 14:00 - 2017-07-26 14:00 - 00001251 _____ C:\Users\Kathrin\Desktop\Malwarebytes.txt
2017-07-26 13:55 - 2017-07-26 13:55 - 00049575 _____ C:\Users\Kathrin\Desktop\FRST.txt
2017-07-26 13:55 - 2017-07-26 13:55 - 00037861 _____ C:\Users\Kathrin\Desktop\Addition.txt
2017-07-26 13:50 - 2017-07-26 22:05 - 00026740 _____ C:\Users\Kathrin\Downloads\FRST.txt
2017-07-26 13:50 - 2017-07-26 13:54 - 00037858 _____ C:\Users\Kathrin\Downloads\Addition.txt
2017-07-26 13:49 - 2017-07-26 22:05 - 00000000 ____D C:\FRST
2017-07-26 13:49 - 2017-07-26 13:49 - 02382336 _____ (Farbar) C:\Users\Kathrin\Downloads\FRST64.exe
2017-07-26 13:48 - 2017-07-26 13:48 - 00000000 _____ C:\Users\Kathrin\Downloads\FRST.exe
2017-07-26 11:12 - 2017-07-26 11:12 - 00001173 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-07-26 11:12 - 2017-07-26 11:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-07-26 11:10 - 2017-07-26 11:10 - 00030318 _____ C:\Users\Kathrin\Desktop\bookmarks-2017-07-26.json
2017-07-26 10:06 - 2017-07-26 10:06 - 08162248 _____ (Malwarebytes) C:\Users\Kathrin\Downloads\adwcleaner_7.0.0.0(1).exe
2017-07-26 10:05 - 2017-07-26 10:05 - 08162248 _____ (Malwarebytes) C:\Users\Kathrin\Downloads\adwcleaner_7.0.0.0.exe
2017-07-26 09:16 - 2017-07-26 09:16 - 00003220 _____ C:\WINDOWS\System32\Tasks\BundleApplicationRepairToolLauncherTask
2017-07-24 07:50 - 2017-07-26 21:36 - 00003860 _____ C:\WINDOWS\System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse
2017-07-24 07:50 - 2017-07-26 19:08 - 00004034 _____ C:\WINDOWS\System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse
2017-07-24 07:39 - 2017-05-04 01:11 - 00103600 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-07-24 07:39 - 2017-05-03 15:43 - 01555968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-07-24 07:39 - 2017-05-03 15:43 - 01206272 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-07-24 07:39 - 2017-05-03 15:43 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-07-24 07:39 - 2017-05-03 15:43 - 00535552 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-07-24 07:39 - 2017-05-03 15:43 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-07-24 07:39 - 2017-05-03 15:43 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\centel.dll
2017-07-24 07:39 - 2017-05-03 15:43 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-07-24 07:39 - 2017-05-03 15:43 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-07-24 07:31 - 2017-07-26 21:36 - 00094656 _____ (CACE Technologies) C:\WINDOWS\system32\WPRO_41_2001woem.tmp
2017-07-18 14:41 - 2017-07-06 10:52 - 00119296 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2017-07-18 14:41 - 2017-06-29 08:27 - 25734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-07-18 14:41 - 2017-06-29 08:02 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-07-18 14:41 - 2017-06-29 07:50 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-07-18 14:41 - 2017-06-29 07:44 - 05975552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-07-18 14:41 - 2017-06-29 07:23 - 20270592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-07-18 14:41 - 2017-06-29 07:23 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-07-18 14:41 - 2017-06-29 07:17 - 01033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2017-07-18 14:41 - 2017-06-29 07:13 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-07-18 14:41 - 2017-06-29 07:09 - 00806912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-07-18 14:41 - 2017-06-29 06:58 - 15253504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-07-18 14:41 - 2017-06-29 06:53 - 03240960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-07-18 14:41 - 2017-06-29 06:52 - 04549632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-07-18 14:41 - 2017-06-29 06:51 - 00880640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2017-07-18 14:41 - 2017-06-29 06:47 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-07-18 14:41 - 2017-06-29 06:43 - 13663744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-07-18 14:41 - 2017-06-29 06:41 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-07-18 14:41 - 2017-06-29 06:29 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-07-18 14:41 - 2017-06-29 06:28 - 02767872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-07-18 14:41 - 2017-06-29 06:24 - 01314816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-07-18 14:41 - 2017-06-29 06:23 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-07-18 14:41 - 2017-06-27 16:29 - 07796736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-07-18 14:41 - 2017-06-27 16:29 - 07077376 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2017-07-18 14:41 - 2017-06-27 16:26 - 05274112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll
2017-07-18 14:41 - 2017-06-27 16:26 - 05268992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-07-18 14:41 - 2017-06-22 16:22 - 04169216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-07-18 14:41 - 2017-06-17 18:45 - 03631616 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-07-18 14:41 - 2017-06-17 18:34 - 02749952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-07-18 14:41 - 2017-06-17 18:11 - 02551808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-07-18 14:41 - 2017-06-17 18:05 - 01920000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-07-18 14:41 - 2017-06-16 00:02 - 00990040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2017-07-18 14:41 - 2017-06-15 15:45 - 07440728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-07-18 14:41 - 2017-06-15 15:45 - 01674520 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-07-18 14:41 - 2017-06-15 15:45 - 01534064 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-07-18 14:41 - 2017-06-15 15:45 - 01499920 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-07-18 14:41 - 2017-06-15 15:45 - 01370320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-07-18 14:41 - 2017-06-15 15:45 - 00086360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2017-07-18 14:41 - 2017-06-12 02:06 - 00376672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-07-18 14:41 - 2017-06-12 00:21 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wvc.dll
2017-07-18 14:41 - 2017-06-11 23:43 - 00371200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinfo32.exe
2017-07-18 14:41 - 2017-06-11 23:25 - 00478720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wvc.dll
2017-07-18 14:41 - 2017-06-11 23:15 - 01436672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdc.dll
2017-07-18 14:41 - 2017-06-11 23:08 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2017-07-18 14:41 - 2017-06-11 23:07 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sysmon.ocx
2017-07-18 14:41 - 2017-06-11 23:00 - 00962560 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-07-18 14:41 - 2017-06-11 22:58 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinfo32.exe
2017-07-18 14:41 - 2017-06-11 22:40 - 01323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdc.dll
2017-07-18 14:41 - 2017-06-11 22:35 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2017-07-18 14:41 - 2017-06-11 22:31 - 00781312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-07-18 14:41 - 2017-06-11 17:15 - 02013528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-07-18 14:41 - 2017-06-06 22:52 - 03120640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-07-18 14:41 - 2017-06-06 22:42 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2017-07-18 14:41 - 2017-06-06 22:38 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\cnvfat.dll
2017-07-18 14:41 - 2017-06-06 22:36 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\uudf.dll
2017-07-18 14:41 - 2017-06-06 22:36 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\convert.exe
2017-07-18 14:41 - 2017-06-06 22:35 - 00517120 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2017-07-18 14:41 - 2017-06-06 21:13 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ulib.dll
2017-07-18 14:41 - 2017-06-06 21:11 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2017-07-18 14:41 - 2017-06-06 21:11 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ifsutil.dll
2017-07-18 14:41 - 2017-06-06 21:11 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ufat.dll
2017-07-18 14:41 - 2017-06-06 21:11 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\uexfat.dll
2017-07-18 14:41 - 2017-06-06 21:08 - 02712576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-07-18 14:41 - 2017-06-06 21:03 - 00837632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2017-07-18 14:41 - 2017-06-06 20:59 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cnvfat.dll
2017-07-18 14:41 - 2017-06-06 20:57 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uudf.dll
2017-07-18 14:41 - 2017-06-06 20:56 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2017-07-18 14:41 - 2017-06-06 20:03 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ulib.dll
2017-07-18 14:41 - 2017-06-06 20:02 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2017-07-18 14:41 - 2017-06-06 20:02 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ifsutil.dll
2017-07-18 14:41 - 2017-06-06 20:02 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ufat.dll
2017-07-18 14:41 - 2017-06-06 20:02 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uexfat.dll
2017-07-18 14:41 - 2017-06-03 18:27 - 02346496 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2017-07-18 14:41 - 2017-06-03 18:03 - 01549312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2017-07-18 14:41 - 2017-05-31 23:20 - 00470360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2017-07-18 14:41 - 2017-05-16 00:09 - 00057688 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2017-07-18 14:41 - 2017-05-15 22:03 - 00379744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-07-18 14:41 - 2017-05-09 16:37 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2017-07-18 14:41 - 2017-05-09 16:35 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2017-07-18 14:41 - 2017-05-09 16:29 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsdchngr.dll
2017-07-18 14:41 - 2017-05-09 16:29 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\snmptrap.exe
2017-07-18 14:41 - 2017-05-09 16:28 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2017-07-18 14:41 - 2017-05-09 16:28 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsdchngr.dll
2017-07-18 14:41 - 2017-05-09 16:12 - 00448576 _____ C:\WINDOWS\system32\ApnDatabase.xml
2017-07-18 14:41 - 2017-05-06 18:45 - 01114624 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2017-07-18 14:41 - 2017-05-06 18:41 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdsdwmdr.dll
2017-07-18 14:41 - 2017-05-02 22:09 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-07-18 14:41 - 2017-05-02 22:08 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-07-18 14:41 - 2017-05-02 22:08 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2017-07-18 14:41 - 2017-05-02 20:41 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscore.dll
2017-07-18 14:41 - 2017-05-02 20:31 - 00329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2017-07-18 14:41 - 2017-05-02 20:31 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\smbwmiv2.dll
2017-07-18 14:41 - 2017-05-02 19:35 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sscore.dll
2017-07-18 14:41 - 2017-04-30 18:48 - 00080078 _____ C:\WINDOWS\system32\normidna.nls
2017-07-18 14:41 - 2017-04-28 03:13 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe
2017-07-18 14:41 - 2017-04-28 03:11 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe
2017-07-04 21:15 - 2017-07-04 21:15 - 00003806 _____ C:\WINDOWS\System32\Tasks\Dell SupportAssistAgent AnonymousRegistration
2017-07-04 21:15 - 2017-07-04 21:15 - 00003792 _____ C:\WINDOWS\System32\Tasks\Dell SupportAssistAgent AutoUpdate
2017-07-04 21:15 - 2017-07-04 21:15 - 00000000 ____D C:\ProgramData\SupportAssistAgent
2017-07-04 21:15 - 2017-07-04 21:15 - 00000000 ____D C:\ProgramData\SupportAssist
2017-07-02 17:49 - 2017-07-02 17:59 - 00000000 ____D C:\Users\Kathrin\Desktop\Besondere
2017-06-30 20:27 - 2017-06-30 20:27 - 00000000 ____D C:\Program Files (x86)\Dell Update

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-07-26 22:03 - 2013-04-06 18:58 - 00000968 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-85611978-3827166080-1061539791-1001UA.job
2017-07-26 21:58 - 2012-12-09 08:21 - 00003594 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-85611978-3827166080-1061539791-1001
2017-07-26 21:46 - 2014-03-18 12:03 - 01780340 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-07-26 21:46 - 2014-03-18 11:25 - 00766620 _____ C:\WINDOWS\system32\perfh007.dat
2017-07-26 21:46 - 2014-03-18 11:25 - 00159902 _____ C:\WINDOWS\system32\perfc007.dat
2017-07-26 21:46 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\Inf
2017-07-26 21:44 - 2012-12-02 04:06 - 00000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2017-07-26 21:43 - 2013-03-27 09:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2017-07-26 21:37 - 2016-11-25 20:35 - 00000000 ____D C:\Users\Kathrin\AppData\LocalLow\Mozilla
2017-07-26 21:37 - 2015-05-18 14:26 - 00000000 ____D C:\Users\Kathrin\AppData\Roaming\Skype
2017-07-26 21:37 - 2014-08-15 21:38 - 00000000 ___DO C:\Users\Kathrin\OneDrive
2017-07-26 21:36 - 2017-05-10 08:45 - 00000000 ____D C:\Users\Kathrin\AppData\Roaming\Lavasoft
2017-07-26 21:36 - 2017-05-10 08:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2017-07-26 21:36 - 2017-05-10 08:45 - 00000000 ____D C:\ProgramData\Lavasoft
2017-07-26 21:36 - 2017-05-10 08:45 - 00000000 ____D C:\Program Files (x86)\Lavasoft
2017-07-26 21:36 - 2013-10-17 22:18 - 00000000 ____D C:\AdwCleaner
2017-07-26 21:36 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-07-26 21:36 - 2012-12-02 04:00 - 00034752 _____ C:\WINDOWS\system32\Drivers\WPRO_41_2001.sys
2017-07-26 19:03 - 2013-04-06 18:58 - 00000946 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-85611978-3827166080-1061539791-1001Core.job
2017-07-26 11:12 - 2016-12-17 22:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-07-26 11:03 - 2013-08-22 15:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2017-07-26 10:17 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2017-07-26 09:39 - 2015-05-15 15:17 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-07-26 09:39 - 2012-12-02 04:05 - 00000000 ____D C:\Program Files (x86)\McAfee
2017-07-26 09:18 - 2012-12-02 04:02 - 00000000 ____D C:\ProgramData\PCDr
2017-07-24 07:51 - 2016-06-01 15:45 - 00003068 _____ C:\WINDOWS\System32\Tasks\McAfeeLogon
2017-07-24 07:51 - 2013-09-19 19:04 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-07-24 07:51 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2017-07-24 07:51 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-07-24 07:49 - 2012-12-16 14:50 - 135225752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-07-24 07:49 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-07-24 07:31 - 2013-08-22 16:44 - 00419368 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-07-18 14:38 - 2017-05-10 07:42 - 00000000 __HDC C:\ProgramData\{6E35203C-6E98-4378-8362-112CFE55C2C1}
2017-07-17 10:47 - 2015-03-14 19:46 - 00004342 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-07-17 10:47 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-07-17 10:46 - 2017-06-21 13:14 - 05824512 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2017-07-17 10:46 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-07-04 21:15 - 2012-12-02 04:00 - 00000000 ____D C:\Program Files\Dell
2017-06-30 20:52 - 2012-12-02 04:05 - 00000000 ____D C:\Program Files\mcafee
2017-06-30 20:40 - 2012-12-02 04:05 - 00000000 ____D C:\ProgramData\McAfee
2017-06-30 20:40 - 2012-12-02 04:05 - 00000000 ____D C:\Program Files\Common Files\mcafee
2017-06-30 20:39 - 2012-07-26 10:12 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2017-06-30 20:38 - 2015-07-04 16:04 - 00000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2017-06-30 20:26 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2017-06-30 20:23 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2017-06-30 02:27 - 2013-08-22 17:38 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-06-30 02:27 - 2013-08-22 17:38 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-03-15 18:03 - 2015-03-15 18:04 - 0000872 _____ () C:\Users\Kathrin\AppData\Roaming\AbsoluteReminder.xml
2013-12-20 13:28 - 2014-09-24 11:28 - 0000148 _____ () C:\Users\Kathrin\AppData\Roaming\WB.CFG
2013-10-05 20:09 - 2015-12-21 22:15 - 0006144 _____ () C:\Users\Kathrin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-12-28 19:45 - 2015-12-28 19:45 - 0001553 _____ () C:\Users\Kathrin\AppData\Local\recently-used.xbel
2012-12-02 04:05 - 2012-12-02 04:05 - 0000119 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2012-12-02 04:03 - 2012-12-02 04:03 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2012-12-02 04:03 - 2012-12-02 04:04 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log
2012-12-02 04:03 - 2012-12-02 04:03 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2012-12-02 04:04 - 2012-12-02 04:05 - 0000108 _____ () C:\ProgramData\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}.log

Einige Dateien in TEMP:
====================
2015-10-26 17:52 - 2015-10-26 17:52 - 0035680 _____ () C:\Users\Kathrin\AppData\Local\Temp\i4jdel0.exe
2016-12-26 11:25 - 2016-12-26 11:25 - 0043520 ____N () C:\Users\Kathrin\AppData\Local\Temp\proxy_vole3115605042775723114.dll
2013-08-21 12:20 - 2013-10-09 13:57 - 0344355 _____ () C:\Users\Kathrin\AppData\Local\Temp\Quarantine.exe
2017-05-10 09:02 - 2017-05-10 09:02 - 14456872 _____ (Microsoft Corporation) C:\Users\Kathrin\AppData\Local\Temp\vc_redist.x86.exe
2017-05-23 20:40 - 2017-05-23 20:40 - 0733432 _____ (adaware) C:\Users\Kathrin\AppData\Local\Temp\wcupdater.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-07-26 11:37

==================== Ende von FRST.txt ============================

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 26-07-2017
durchgeführt von Kathrin (26-07-2017 22:05:51)
Gestartet von C:\Users\Kathrin\Downloads
Windows 8.1 (Update) (X64) (2014-08-15 19:37:05)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-85611978-3827166080-1061539791-500 - Administrator - Disabled)
Gast (S-1-5-21-85611978-3827166080-1061539791-501 - Limited - Disabled)
Kathrin (S-1-5-21-85611978-3827166080-1061539791-1001 - Administrator - Enabled) => C:\Users\Kathrin

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Enabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC}
AS: Malwarebytes (Disabled - Out of date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee VirusScan (Enabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}
FW: McAfee Firewall (Enabled) {B3F62DDF-980B-3470-75A7-407A2E6F58C7}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Absolute Reminder (HKLM-x32\...\{40F4FF7A-B214-4453-B973-080B09CED019}) (Version: 2.1.0.8 - Absolute Software)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.137 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{FDDC1039-944D-A9DD-92A7-59EE0A91C93B}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
Apple Application Support (32-Bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon MP Navigator EX 3.0 (HKLM-x32\...\MP Navigator EX 3.0) (Version:  - )
Canon MP640 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP640_series) (Version:  - )
Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 3.6.9.0 - Chip Digital GmbH)
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.5.0.0 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.5.0.0 - Dell Inc.)
Dell Customer Connect (HKLM-x32\...\{4FA72FF9-DD64-43A8-8704-6380A11F11D5}) (Version: 1.4.15.0 - Dell Inc.)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 2.0.6875.402 - Dell)
Dell SupportAssistAgent (HKLM\...\{90881C8E-6C4F-4662-9923-85AFCA058C44}) (Version: 2.0.1.7 - Dell)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 17.0.8.0 - Synaptics Incorporated)
Dell Update (HKLM-x32\...\{F91263FA-BE4D-439D-9C0A-2E7204E0E9E3}) (Version: 1.9.20.0 - Dell Inc.)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 17.4.37.20160609 - Landesfinanzdirektion Thüringen)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Fotogalerie (HKLM-x32\...\{B19E03EA-067C-412F-A81E-271720E601AB}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 1.0 - Huawei Technologies Co.,Ltd)
ifolor Designer (HKLM-x32\...\ifolor-Designer) (Version:  - Ifolor AG)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) My WiFi Dashboard (HKLM\...\{1E741267-F54B-4b3a-A7B6-1D1A156E385E}) (Version: 15.05.5000.0219 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{89478C31-5CE8-461A-9084-9A0AF059F84F}) (Version: 15.5.0.0344 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{7854AA22-A2F0-4F29-A2E9-D0C5A2B685E7}) (Version: 2.5.0.0248 - Motorola Solutions, Inc)
Intel(R) Rapid Start Technology (HKLM-x32\...\3D073343-CEEB-4ce7-85AC-A69A7631B5D6) (Version: 2.1.0.1002 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
Intel(R) Smart Connect Technology 3.0 x64 (HKLM\...\{EE21578E-DE14-46D5-83D7-EA4D347B2F9A}) (Version: 3.0.30.1526 - Intel)
Intel® PROSet/Wireless Software (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.35 - Irfan Skiljan)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Malwarebytes Version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
McAfee SecurityCenter (HKLM-x32\...\MSC) (Version: 16.0.1 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.140 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Office Home and Business 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{7F682A00-6497-4551-A2A6-063AE667D1CF}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{D71BC54E-A4E6-4E06-866C-FD6EE16EA187}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Mozilla Firefox 54.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 54.0.1 (x86 de)) (Version: 54.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 54.0.1 - Mozilla)
OnlineFotoservice (HKLM-x32\...\OnlineFotoservice) (Version: 6.2.1 - CEWE Stiftung u Co. KGaA)
PDF Architect 3 (HKLM-x32\...\PDF Architect 3) (Version: 3.0.45.22485 - pdfforge GmbH)
PDF Architect 3 Create Module (HKLM-x32\...\{38BA288B-C4F4-4C62-9237-4BFAB374F966}) (Version: 3.0.13.22993 - pdfforge GmbH) Hidden
PDF Architect 3 Edit Module (HKLM-x32\...\{5183F03D-90FA-493B-A074-F0F78B8486AD}) (Version: 3.0.13.22993 - pdfforge GmbH) Hidden
PDF Architect 3 View Module (HKLM-x32\...\{EB24E9E7-4BC1-4FD7-BF86-BDE07A7A03D7}) (Version: 3.0.13.22993 - pdfforge GmbH) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.1.2 - pdfforge)
PowerXpressHybrid (HKLM-x32\...\{51FDC2DE-0917-46B7-EAEC-5377504701DE}) (Version: 1.00.0000 - Ihr Firmenname) Hidden
PX Profile Update (HKLM-x32\...\{5C44E602-5CCC-CB4B-CF62-EF1F3A12C51E}) (Version: 1.00.1. - AMD) Hidden
Qualcomm Atheros Ethernet Controller (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.1.003 - Dell Inc.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype™ 7.36 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.36.101 - Skype Technologies S.A.)
tiptoi® Manager 3.1.6 (HKLM-x32\...\9978-5763-2995-5228) (Version: 3.1.6 - Ravensburger AG)
Web Companion (HKLM-x32\...\{b26385c7-5907-484a-bc22-1e755c8295d7}) (Version: 2.4.1558.3001 - Lavasoft)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-85611978-3827166080-1061539791-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
ContextMenuHandlers01: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2012-07-11] (Cyberlink)
ContextMenuHandlers01: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\mcafee\msc\McCtxMenuFrmWrk.dll [2017-05-31] (McAfee, Inc.)
ContextMenuHandlers01: [PDFArchitect3_PDFManagerExt] -> {7519DD38-AA6F-4250-8E81-F1576DA1A05E} =>  -> Keine Datei
ContextMenuHandlers02: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2012-07-11] (Cyberlink)
ContextMenuHandlers03: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers05: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2014-07-04] (Advanced Micro Devices, Inc.)
ContextMenuHandlers05: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Keine Datei
ContextMenuHandlers05: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2014-05-21] (Intel Corporation)
ContextMenuHandlers05: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\WINDOWS\system32\igfxOSP.dll [2014-05-21] (Intel Corporation)
ContextMenuHandlers06: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers06: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\mcafee\msc\McCtxMenuFrmWrk.dll [2017-05-31] (McAfee, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0DE5D388-FC53-4786-8AAA-CC7AD94D0382} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2017-05-29] (PC-Doctor, Inc.)
Task: {18B4A243-4C75-466B-AF54-FEA5E72E5B98} - System32\Tasks\BundleApplicationRepairToolLauncherTask => C:\Users\Kathrin\AppData\Roaming\PCDr\Repair\BundleApplicationRepairTool.exe [2017-07-26] ()
Task: {3346F2AE-E1EC-4C54-AFFB-51D4143B987F} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssist.exe [2017-06-28] (Dell Inc.)
Task: {411AC239-D72C-4FDB-B5AC-93975814DD36} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe [2017-05-31] (McAfee, Inc.)
Task: {4C493B69-2697-4359-8288-269175854765} - System32\Tasks\IntelBootstrapCCDashServer => C:\Program Files\Intel\CCDashboard\bin\CCDashServer.exe [2012-07-13] (Intel® Corporation)
Task: {5E467C87-2481-40AB-8A4C-2946B3AA9301} - System32\Tasks\Dell SupportAssistAgent AnonymousRegistration => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssist.exe [2017-06-28] (Dell Inc.)
Task: {5F3FC2AD-9575-4A9F-B8F2-EBAA85480727} - System32\Tasks\Intel® Rapid Start Technology Manager => C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe [2012-07-20] (Intel)
Task: {6BEC73C4-CE06-47B5-AC6B-299327EC5032} - System32\Tasks\PCDDataUploadTask => uaclauncher.exe
Task: {8E87BCE2-092E-4537-9750-6044283C5E73} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-85611978-3827166080-1061539791-1001Core => C:\Users\Kathrin\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-04-06] (Facebook Inc.)
Task: {8E9E1FC8-A5BE-40AD-A369-056C024240E0} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {997C97A7-BF73-453A-87C1-1D7547FAD789} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {A0AA7717-B8D6-437B-82FC-FC8956A8AAF5} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {A5E57417-4C56-47EE-9058-51C36DB67062} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-07-17] (Adobe Systems Incorporated)
Task: {A9B66851-C039-4F0C-8517-50C2937B712B} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2017-05-29] (PC-Doctor, Inc.)
Task: {CB85AA55-67CF-4281-A94A-8DBB541FFA6E} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-85611978-3827166080-1061539791-1001UA => C:\Users\Kathrin\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-04-06] (Facebook Inc.)
Task: {E7EAADD1-2E98-498B-A5C7-849EC1F24F03} - System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.50.1291.1\mcdatrep.exe [2017-02-13] (McAfee, Inc.)
Task: {EF45ECCC-E931-4E46-BAC2-A5343A09DA97} - System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.50.1291.1\mcdatrep.exe [2017-02-13] (McAfee, Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-85611978-3827166080-1061539791-1001Core.job => C:\Users\Kathrin\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-85611978-3827166080-1061539791-1001UA.job => C:\Users\Kathrin\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-03-20 18:12 - 2015-03-20 18:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-04-11 04:17 - 2017-04-11 04:17 - 00192200 _____ () C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
2012-07-24 18:43 - 2012-07-24 18:43 - 00146984 _____ () c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2012-07-24 18:43 - 2012-07-24 18:43 - 00058920 _____ () c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2012-12-02 04:04 - 2012-04-25 04:43 - 00254512 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2017-06-30 20:40 - 2017-06-11 13:00 - 00583160 _____ () C:\Program Files\McAfee\MfeAV\RealProtectAMScanIf.dll
2017-06-30 20:40 - 2017-06-11 12:59 - 00574352 _____ () C:\Program Files\McAfee\MfeAV\AMEngineScan.dll
2017-06-30 20:40 - 2017-06-11 13:00 - 00571240 _____ () C:\Program Files\McAfee\MfeAV\RepairModule.dll
2017-06-28 16:49 - 2017-06-28 16:49 - 00018904 _____ () C:\Program Files\Dell\SupportAssistAgent\bin\UnityConfig.dll
2017-06-28 16:49 - 2017-06-28 16:49 - 00037336 _____ () C:\Program Files\Dell\SupportAssistAgent\bin\WorkflowEngine.dll
2017-06-28 16:49 - 2017-06-28 16:49 - 00209368 _____ () C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistHandlers.dll
2017-06-28 16:49 - 2017-06-28 16:49 - 00025048 _____ () C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistWebServer.dll
2017-06-28 16:49 - 2017-06-28 16:49 - 00071640 _____ () C:\Program Files\Dell\SupportAssistAgent\bin\SmartThreadPool.dll
2017-06-28 16:49 - 2017-06-28 16:49 - 00010712 _____ () C:\Program Files\Dell\SupportAssistAgent\bin\Owin.dll
2013-07-06 18:09 - 2013-04-20 00:51 - 00023328 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
2013-07-06 18:09 - 2013-04-20 00:52 - 00049440 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\STCommonShellIntegration.dll
2017-04-26 15:19 - 2017-04-26 15:19 - 02005976 ____R () C:\Program Files (x86)\Skype\Phone\skypert.dll
2012-12-02 04:03 - 2012-06-08 05:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 19:34 - 2012-06-08 19:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2016-12-21 11:24 - 2016-12-21 11:24 - 00134008 _____ () C:\Program Files (x86)\Dell Customer Connect\ServiceTagPlusPlus.dll
2017-05-01 15:27 - 2017-05-01 15:27 - 00133992 _____ () C:\Program Files (x86)\Dell Update\ServiceTagPlusPlus.dll
2017-06-26 21:28 - 2017-06-26 21:28 - 00016384 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PSIClient\45eab03aba84951dc2a8fd2b4c8873eb\PSIClient.ni.dll
2012-12-02 03:59 - 2012-06-25 18:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-07-06 18:09 - 2013-05-03 01:01 - 01813792 _____ () C:\Program Files (x86)\Dell Backup and Recovery\OLCoreWrapper.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-85611978-3827166080-1061539791-1001\...\localhost -> localhost

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-85611978-3827166080-1061539791-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Kathrin\Pictures\CARE FOR RARE\VMue_Hauner_075.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Wiederherstellungspunkte =========================

26-06-2017 21:05:05 Windows Update
21-07-2017 10:51:38 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (07/26/2017 09:36:54 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: CISCTPnpDriverApi::SetMaxWakeDuration   *****IOCTL_ISCT_SAWD(SAWD) Failed, Error=0x2

Error: (07/26/2017 09:36:19 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: CISCTPnpDriverApi::SetMaxWakeDuration   *****IOCTL_ISCT_SAWD(SAWD) Failed, Error=0x2

Error: (07/26/2017 09:09:47 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-AUTORITÄT)
Description: There was an error with the Windows Location Provider database

Error: (07/26/2017 08:41:10 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20911 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 26a0

Startzeit: 01d306131a1fd917

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: fabc3806-7231-11e7-bf0f-7845c4bbb1ff

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (07/26/2017 07:25:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2125

Error: (07/26/2017 07:25:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2125

Error: (07/26/2017 07:25:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/26/2017 07:25:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1062

Error: (07/26/2017 07:25:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1062

Error: (07/26/2017 07:25:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


Systemfehler:
=============
Error: (07/26/2017 09:36:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "chip 1-click download service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (07/26/2017 09:36:36 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\WINDOWS\System32\IWMSSvc.dll

Error: (07/26/2017 09:36:36 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\WINDOWS\System32\IWMSSvc.dll

Error: (07/26/2017 09:36:32 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\WINDOWS\System32\IWMSSvc.dll

Error: (07/26/2017 09:36:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/26/2017 09:36:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Dell Customer Connect" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/26/2017 09:36:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Dell SupportAssist Agent" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 32767 Millisekunden durchgeführt: Aufführung des konfigurierten Wiederherstellungsp.

Error: (07/26/2017 09:36:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "WC Assistant" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/26/2017 09:36:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/26/2017 09:36:14 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage-Technologie" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


CodeIntegrity:
===================================
  Date: 2017-07-26 22:05:15.545
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imthx64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-07-26 22:05:15.310
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imapo64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-07-26 22:05:14.967
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imthx64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-07-26 22:05:14.748
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imapo64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-07-26 22:05:14.482
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imthx64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-07-26 22:05:14.263
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imapo64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-07-26 22:05:13.904
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imthx64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-07-26 22:05:13.685
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imapo64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-07-26 21:53:08.349
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imthx64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-07-26 21:53:08.119
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imapo64.dll because the set of per-page image hashes could not be found on the system.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-3517U CPU @ 1.90GHz
Prozentuale Nutzung des RAM: 37%
Installierter physikalischer RAM: 8058.5 MB
Verfügbarer physikalischer RAM: 5076.48 MB
Summe virtueller Speicher: 9338.5 MB
Verfügbarer virtueller Speicher: 6086.62 MB

==================== Laufwerke ================================

Drive c: (OS) (Fixed) (Total:216.5 GB) (Free:38.08 GB) NTFS
Drive y: (WINRETOOLS) (Fixed) (Total:0.49 GB) (Free:0.44 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 17FA38E3)

Partition: GPT.

==================== Ende von Addition.txt ============================

M-K-D-B · 27.07.2017, 15:13

Servus,

Starte FRST erneut.
Kopiere den Inhalt der folgenden Code-Box in die Zeile "Suche":
Code:
ATTFilter
```
web companion;LavasoftTcpService;webcompanion;
         
```
Drücke auf Registry-Suche.
FRST beginnt mit dem Suchlauf. Dies kann einige Zeit dauern.
Am Ende erstellt FRST eine Textdatei SearchReg.txt.
Poste mir deren Inhalt mit deiner nächsten Antwort.

gapkathl · 27.07.2017, 17:22

Code:

ATTFilter

Farbar Recovery Scan Tool (x64) Version: 26-07-2017
durchgeführt von Kathrin (27-07-2017 18:15:23)
Gestartet von C:\Users\Kathrin\Downloads
Start-Modus: Normal

================== Registry-Suche: "web companion;LavasoftTcpService;webcompanion" ===========


===================== Suchergebnis für "web companion" ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{b26385c7-5907-484a-bc22-1e755c8295d7}]
"DisplayName"="Web Companion"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{b26385c7-5907-484a-bc22-1e755c8295d7}]
"DisplayIcon"="C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanionIcon.ico"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{b26385c7-5907-484a-bc22-1e755c8295d7}]
"UninstallString"="C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanionInstaller.exe --uninstall"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\AppId_Catalog\2A1442DD]
"AppFullPath"="C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe"


===================== Suchergebnis für "LavasoftTcpService" ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer\CurVer]
""="LavasoftTcpServiceLib.DataContainer.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer.1]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController\CurVer]
""="LavasoftTcpServiceLib.DataController.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController.1]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable\CurVer]
""="LavasoftTcpServiceLib.DataTable.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable.1]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields\CurVer]
""="LavasoftTcpServiceLib.DataTableFields.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields.1]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder\CurVer]
""="LavasoftTcpServiceLib.DataTableHolder.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder.1]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic\CurVer]
""="LavasoftTcpServiceLib.LSPLogic.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic.1]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager\CurVer]
""="LavasoftTcpServiceLib.ReadOnlyManager.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager.1]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController]

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController\CurVer]
""="LavasoftTcpServiceLib.WFPController.1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController.1]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\AppId_Catalog\2A1442DD]
"AppFullPath"="C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe"


===================== Suchergebnis für "webcompanion" ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications\WebCompanion.exe]

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{b26385c7-5907-484a-bc22-1e755c8295d7}]
"DisplayIcon"="C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanionIcon.ico"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{b26385c7-5907-484a-bc22-1e755c8295d7}]
"UninstallString"="C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanionInstaller.exe --uninstall"

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com]

====== Ende von Suche ======

Danke!!!

M-K-D-B · 28.07.2017, 19:53

Servus,

wir entfernen noch ein bisschen was und kontrollieren nochmal alles.

Hinweis: Der Suchlauf mit ESET kann länger dauern.

Schritt 1

Kopiere den Inhalt der folgenden Code-Box:

Code:

ATTFilter

Start::
CloseProcesses:
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{b26385c7-5907-484a-bc22-1e755c8295d7}
DeleteKey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\AppId_Catalog\2A1442DD
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer.1
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController.1
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable.1
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields.1
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder.1
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic.1
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager.1
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController.1
DeleteKey: HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
End::

Starte nun FRST und klicke den Entfernen Button.
Das Tool führt die gewünschten Schritte aus und erstellt eine fixlog.txt im selben Verzeichnis, in dem sich die FRST/FRST64.exe befindet.
Gegebenenfalls muss dein Rechner dafür neu gestartet werden.
Poste mir den Inhalt der fixlog.txt mit deiner nächsten Antwort.

Schritt 2
Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.

Starte die HitmanPro.exe
Klicke auf
Entferne den Haken bei
Klicke auf
und
Akzeptiere die Lizenzbedingungen und klicke auf
Klicke auf

und auf
Wenn der Scan beendet wurde, nichts löschen lassen etc. sondern wähle unten links auf der Button-Leiste
und speichere die Logdatei auf Deinem Desktop.
Schließe HitmanPro und poste mir das Log.

Schritt 3
Downloade Dir bitte ESET Online Scanner (Bebilderte Anleitung)

Starte die Installationsdatei.
Akzeptiere die Nutzungsbedingungen.
Wähle Erkennung evtl. unerwünschter Anwendungen aktivieren aus und klicke auf Scannen.
Zuerst werden die notwendigen Signaturen heruntergeladen, anschließend startet ESET automatisch den Suchlauf.
Am Ende des Suchlaufs werden gegebenenfalls die gefundenen Elemente aufgelistet.
Wähle In Textdatei speichern... aus und speichere die Datei als eset.txt auf deinem Desktop ab.
Füge den Inhalt der eset.txt mit deiner nächsten Antwort hinzu.
Sollte ESET nichts finden, so kann auch keine Logdatei erstellt werden. Teile uns das dann unbedingt mit.
Schließe den ESET Online Scanner rechts oben [ X ] und klicke anschließend auf Schließen.

Schritt 4

Starte die FRST.exe erneut. Vergewissere dich, dass vor Addition.txt ein Haken gesetzt ist und drücke auf Untersuchen.
FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Gibt es jetzt noch Probleme mit dem PC oder mit deinen Internet Browsern? Wenn ja, welche?

Bitte poste mit deiner nächsten Antwort

die Logdatei des FRST-Fix,
die Logdatei von HitmanPro,
die Logdatei von ESET,
die beiden neuen Logdateien von FRST,
die Beantwortung der gestellten Fragen.

gapkathl · 29.07.2017, 23:25

Servus mal wieder,

vielen Dank für Deine Bemühungen, nachfolgend die nächsten Logdateien.

Gruß, K

Code:

ATTFilter

Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 29-07-2017
durchgeführt von Kathrin (29-07-2017 22:11:22) Run:1
Gestartet von C:\Users\Kathrin\Downloads
Geladene Profile: Kathrin (Verfügbare Profile: Kathrin)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************

CloseProcesses:
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{b26385c7-5907-484a-bc22-1e755c8295d7}
DeleteKey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\AppId_Catalog\2A1442DD
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer.1
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController.1
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable.1
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields.1
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder.1
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic.1
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager.1
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController.1
DeleteKey: HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:

*****************

Prozesse erfolgreich geschlossen.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{b26385c7-5907-484a-bc22-1e755c8295d7} => Fehler: Kein automatisierter Fix für diesen Eintrag gefunden.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\AppId_Catalog\2A1442DD => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataContainer.1 => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataController.1 => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTable.1 => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableFields.1 => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.DataTableHolder.1 => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.LSPLogic.1 => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.ReadOnlyManager.1 => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LavasoftTcpServiceLib.WFPController.1 => Schlüssel erfolgreich entfernt
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com => Schlüssel erfolgreich entfernt

========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-85611978-3827166080-1061539791-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-85611978-3827166080-1061539791-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt


========= Ende von RemoveProxy: =========


========= ipconfig /flushdns =========


Windows-IP-Konfiguration

Der DNS-Aufl”sungscache wurde geleert.

========= Ende von CMD: =========


========= netsh winsock reset =========


Der Winsock-Katalog wurde zurckgesetzt.
Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen.


========= Ende von CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 1505800935 B
Java, Flash, Steam htmlcache => 9584 B
Windows/system/drivers => 327300771 B
Edge => 0 B
Chrome => 0 B
Firefox => 216400466 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 572930 B
systemprofile32 => 128 B
LocalService => 1806908 B
NetworkService => 54836 B
Kathrin => 450385045 B

RecycleBin => 3575307549 B
EmptyTemp: => 5.7 GB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 22:11:47 ====

Code:

ATTFilter


	Code: 

 ATTFilter

  
	HitmanPro 3.7.20.286
www.hitmanpro.com

   Computer name . . . . : DELLBOOKKATHRIN
   Windows . . . . . . . : 6.3.0.9600.X64/4
   User name . . . . . . : DELLBOOKKATHRIN\Kathrin
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free

   Scan date . . . . . . : 2017-07-29 22:19:54
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 1m 20s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 2
   Traces  . . . . . . . : 27

   Objects scanned . . . : 2.170.715
   Files scanned . . . . : 86.093
   Remnants scanned  . . : 681.837 files / 1.402.785 keys

Malware _____________________________________________________________________

   C:\Users\Kathrin\Downloads\Malwarebytes Malware Scanner - CHIP-Installer(1).exe
      Size . . . . . . . : 1.496.584 bytes
      Age  . . . . . . . : 80.6 days (2017-05-10 08:30:34)
      Entropy  . . . . . : 7.1
      SHA-256  . . . . . : AFEB88715B0FCC32A9F48849A0DEA170DEFBD17F09CEF84FDB83E06F2ED8A278
      Needs elevation  . : Yes
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
    > Kaspersky  . . . . : not-a-virus:HEUR:Downloader.MSIL.DownloadSponsor.gen
      Fuzzy  . . . . . . : 103.0

   C:\Users\Kathrin\Downloads\Malwarebytes Malware Scanner - CHIP-Installer.exe
      Size . . . . . . . : 1.496.584 bytes
      Age  . . . . . . . : 80.6 days (2017-05-10 08:29:25)
      Entropy  . . . . . : 7.1
      SHA-256  . . . . . : 7617C36B94269ADF38BB6B2F4CB76FA0930204ECF7ABE47BA99E8AE90690FE42
      Needs elevation  . : Yes
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
    > Kaspersky  . . . . : not-a-virus:HEUR:Downloader.MSIL.DownloadSponsor.gen
      Fuzzy  . . . . . . : 103.0


Suspicious files ____________________________________________________________

   C:\Users\Kathrin\Downloads\FRST-OlderVersion\FRST64(1).exe
      Size . . . . . . . : 2.382.848 bytes
      Age  . . . . . . . : 3.0 days (2017-07-26 22:03:43)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 1CCAE951E8F8387F76346B874D9597CF8961470B62E213C70EBD6372882F0BAD
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.

   C:\Users\Kathrin\Downloads\FRST-OlderVersion\FRST64.exe
      Size . . . . . . . : 2.382.336 bytes
      Age  . . . . . . . : 3.4 days (2017-07-26 13:49:19)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 26753FE07EEC338038AFF8BCBDEBD47D52DDD927DBE8DBF32AF5F35D2EA7418E
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.

   C:\Users\Kathrin\Downloads\FRST64(1).exe
      Size . . . . . . . : 2.381.312 bytes
      Age  . . . . . . . : 0.0 days (2017-07-29 22:09:41)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : C3A6BD98301AA29B4AB85D8C1C79B77C9C03D88E4406F552FDBE690D70229B0F
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
      Forensic Cluster
         -0.5s C:\Users\Kathrin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\9EC3B71635F8BA3FC68DE181A104A0EF_F6C39EF89D8A3A72327D8412589658B2
         -0.5s C:\Users\Kathrin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\9EC3B71635F8BA3FC68DE181A104A0EF_F6C39EF89D8A3A72327D8412589658B2
         -0.3s C:\Users\Kathrin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\64DCC9872C5635B1B7891B30665E0558_5552C20A2631357820903FD38A8C0F9F
         -0.3s C:\Users\Kathrin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\64DCC9872C5635B1B7891B30665E0558_5552C20A2631357820903FD38A8C0F9F
          0.0s C:\Users\Kathrin\Downloads\FRST64(1).exe


Potential Unwanted Programs _________________________________________________

   HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{078FA2D5-DE68-416E-BA7F-894A4A4EAB6C}\ (BonanzaDeals)
   HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{0AD8FD27-9029-43A1-B9D5-C54FF18C3DD7}\ (BonanzaDeals)
   HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{1D7BEA54-B699-4A4D-83D7-D10875B8D7FD}\ (BonanzaDeals)
   HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{2203FA35-9590-4CBA-8AFF-CC53930B7F5C}\ (BonanzaDeals)
   HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{349385B4-83FC-4BE1-9DBF-DC0195C65DB4}\ (BonanzaDeals)
   HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{39FB51B1-8784-4BD5-A411-F1B7A5DB4D67}\ (BonanzaDeals)
   HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{3C8BE759-0A8F-4C0D-8CAD-0E5898EAE6AF}\ (BonanzaDeals)
   HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{41AC4A66-D0C5-4646-BFAE-1041584C43DE}\ (BonanzaDeals)
   HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{45C2D25B-0816-419A-B74B-CD4D7024FB71}\ (BonanzaDeals)
   HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{4E695B8D-101C-4F95-B5C7-A7D9D2E975EF}\ (BonanzaDeals)
   HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{54AFDC23-353C-4789-84F5-9C955AD44AC5}\ (BonanzaDeals)
   HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{558F32DF-FA22-4656-B0D2-64DD9EB41F8F}\ (BonanzaDeals)
   HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{6BD95127-7C32-4C10-ACF0-1C4687629C85}\ (BonanzaDeals)
   HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{74009D24-8B75-4783-9E69-4566B239FB30}\ (BonanzaDeals)
   HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{75CF0360-C187-4E6E-AB01-6FA65F3DA6CB}\ (BonanzaDeals)
   HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{9566B021-2079-4C32-8F1F-A26911954C8B}\ (BonanzaDeals)
   HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{BBA36C2E-EC79-494A-988D-19398D9222A2}\ (BonanzaDeals)
   HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{C3FD9F92-09FA-493C-8C1F-2A3D7DD55DDD}\ (BonanzaDeals)
   HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{C8B204C2-D508-4B71-9CC5-AED5E1302A86}\ (BonanzaDeals)
   HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{EC5A8488-566B-442C-9E5E-259031985B7A}\ (BonanzaDeals)
   HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{F340A9AB-C377-4855-A106-0DAC2893A1A8}\ (BonanzaDeals)
   HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{FFC65EC8-C373-4E11-9882-905817219E16}\ (BonanzaDeals)

[CODE]C:\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe.vir Win32/DealPly.L eventuell unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\BonanzaDealsLive.exe.vir Win32/DealPly.L eventuell unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\BonanzaDealsLiveBroker.exe.vir Win32/DealPly.L eventuell unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\BonanzaDealsLiveHandler.exe.vir Win32/DealPly.L eventuell unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\BonanzaDealsLiveOnDemand.exe.vir Variante von Win32/DealPly.L eventuell unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\goopdate.dll.vir Win32/DealPly.L eventuell unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll.vir Win32/DealPly.N eventuell unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\psmachine.dll.vir Win32/DealPly.L eventuell unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\psuser.dll.vir Variante von Win32/DealPly.L eventuell unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files (x86)\MyPC Backup\MPCBClient.dll.vir Variante von Win32/MyPCBackup.D eventuell unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files (x86)\MyPC Backup\MyPC Backup.exe.vir MSIL/MyPCBackup.A eventuell unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Program Files (x86)\MyPC Backup\Updater.exe.vir Variante von MSIL/MyPCBackup.I eventuell unerwünschte Anwendung
C:\AdwCleaner\Quarantine\C\Users\Kathrin\AppData\Local\Temp\eIntaller\F534637C725247899F2A09FABC323984\newtab.crx.vir JS/Lightning.B eventuell unerwünschte Anwendung
C:\Users\Kathrin\Downloads\Malwarebytes Malware Scanner - CHIP-Installer(1).exe Variante von Win32/DownloadSponsor.C eventuell unerwünschte Anwendung
C:\Users\Kathrin\Downloads\Malwarebytes Malware Scanner - CHIP-Installer.exe Variante von Win32/DownloadSponsor.C eventuell unerwünschte Anwendung
C:\Users\Kathrin\Downloads\PDFCreator-2_1_2-setup.exe Win32/InstallMonetizer.AQ eventuell unerwünschte Anwendung,ist OK
[CODE]

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 29-07-2017
durchgeführt von Kathrin (30-07-2017 00:05:51)
Gestartet von C:\Users\Kathrin\Downloads
Windows 8.1 (Update) (X64) (2014-08-15 19:37:05)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-85611978-3827166080-1061539791-500 - Administrator - Disabled)
Gast (S-1-5-21-85611978-3827166080-1061539791-501 - Limited - Disabled)
Kathrin (S-1-5-21-85611978-3827166080-1061539791-1001 - Administrator - Enabled) => C:\Users\Kathrin

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Enabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC}
AS: Malwarebytes (Disabled - Out of date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee VirusScan (Enabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}
FW: McAfee Firewall (Enabled) {B3F62DDF-980B-3470-75A7-407A2E6F58C7}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Absolute Reminder (HKLM-x32\...\{40F4FF7A-B214-4453-B973-080B09CED019}) (Version: 2.1.0.8 - Absolute Software)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.137 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{FDDC1039-944D-A9DD-92A7-59EE0A91C93B}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
Apple Application Support (32-Bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon MP Navigator EX 3.0 (HKLM-x32\...\MP Navigator EX 3.0) (Version:  - )
Canon MP640 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP640_series) (Version:  - )
Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 3.6.9.0 - Chip Digital GmbH)
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.5.0.0 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.5.0.0 - Dell Inc.)
Dell Customer Connect (HKLM-x32\...\{4FA72FF9-DD64-43A8-8704-6380A11F11D5}) (Version: 1.4.15.0 - Dell Inc.)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 2.0.6875.402 - Dell)
Dell SupportAssistAgent (HKLM\...\{90881C8E-6C4F-4662-9923-85AFCA058C44}) (Version: 2.0.1.7 - Dell)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 17.0.8.0 - Synaptics Incorporated)
Dell Update (HKLM-x32\...\{F91263FA-BE4D-439D-9C0A-2E7204E0E9E3}) (Version: 1.9.20.0 - Dell Inc.)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 17.4.37.20160609 - Landesfinanzdirektion Thüringen)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Fotogalerie (HKLM-x32\...\{B19E03EA-067C-412F-A81E-271720E601AB}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 1.0 - Huawei Technologies Co.,Ltd)
ifolor Designer (HKLM-x32\...\ifolor-Designer) (Version:  - Ifolor AG)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) My WiFi Dashboard (HKLM\...\{1E741267-F54B-4b3a-A7B6-1D1A156E385E}) (Version: 15.05.5000.0219 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{89478C31-5CE8-461A-9084-9A0AF059F84F}) (Version: 15.5.0.0344 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{7854AA22-A2F0-4F29-A2E9-D0C5A2B685E7}) (Version: 2.5.0.0248 - Motorola Solutions, Inc)
Intel(R) Rapid Start Technology (HKLM-x32\...\3D073343-CEEB-4ce7-85AC-A69A7631B5D6) (Version: 2.1.0.1002 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
Intel(R) Smart Connect Technology 3.0 x64 (HKLM\...\{EE21578E-DE14-46D5-83D7-EA4D347B2F9A}) (Version: 3.0.30.1526 - Intel)
Intel® PROSet/Wireless Software (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.35 - Irfan Skiljan)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Malwarebytes Version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
McAfee SecurityCenter (HKLM-x32\...\MSC) (Version: 16.0.1 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.149 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Office Home and Business 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{7F682A00-6497-4551-A2A6-063AE667D1CF}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{D71BC54E-A4E6-4E06-866C-FD6EE16EA187}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Mozilla Firefox 54.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 54.0.1 (x86 de)) (Version: 54.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 54.0.1 - Mozilla)
OnlineFotoservice (HKLM-x32\...\OnlineFotoservice) (Version: 6.2.1 - CEWE Stiftung u Co. KGaA)
PDF Architect 3 (HKLM-x32\...\PDF Architect 3) (Version: 3.0.45.22485 - pdfforge GmbH)
PDF Architect 3 Create Module (HKLM-x32\...\{38BA288B-C4F4-4C62-9237-4BFAB374F966}) (Version: 3.0.13.22993 - pdfforge GmbH) Hidden
PDF Architect 3 Edit Module (HKLM-x32\...\{5183F03D-90FA-493B-A074-F0F78B8486AD}) (Version: 3.0.13.22993 - pdfforge GmbH) Hidden
PDF Architect 3 View Module (HKLM-x32\...\{EB24E9E7-4BC1-4FD7-BF86-BDE07A7A03D7}) (Version: 3.0.13.22993 - pdfforge GmbH) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.1.2 - pdfforge)
PowerXpressHybrid (HKLM-x32\...\{51FDC2DE-0917-46B7-EAEC-5377504701DE}) (Version: 1.00.0000 - Ihr Firmenname) Hidden
PX Profile Update (HKLM-x32\...\{5C44E602-5CCC-CB4B-CF62-EF1F3A12C51E}) (Version: 1.00.1. - AMD) Hidden
Qualcomm Atheros Ethernet Controller (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.1.003 - Dell Inc.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype™ 7.36 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.36.101 - Skype Technologies S.A.)
tiptoi® Manager 3.1.6 (HKLM-x32\...\9978-5763-2995-5228) (Version: 3.1.6 - Ravensburger AG)
Web Companion (HKLM-x32\...\{b26385c7-5907-484a-bc22-1e755c8295d7}) (Version: 2.4.1558.3001 - Lavasoft)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-85611978-3827166080-1061539791-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2012-07-11] (Cyberlink)
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\mcafee\msc\McCtxMenuFrmWrk.dll [2017-05-31] (McAfee, Inc.)
ContextMenuHandlers1-x32: [PDFArchitect3_PDFManagerExt] -> {7519DD38-AA6F-4250-8E81-F1576DA1A05E} => C:\Program Files (x86)\PDF Architect 3\creator-context-menu.dll [2015-04-24] (pdfforge GmbH)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2012-07-11] (Cyberlink)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2014-07-04] (Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2014-05-21] (Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\WINDOWS\system32\igfxOSP.dll [2014-05-21] (Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\mcafee\msc\McCtxMenuFrmWrk.dll [2017-05-31] (McAfee, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0DE5D388-FC53-4786-8AAA-CC7AD94D0382} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2017-05-29] (PC-Doctor, Inc.)
Task: {18B4A243-4C75-466B-AF54-FEA5E72E5B98} - System32\Tasks\BundleApplicationRepairToolLauncherTask => C:\Users\Kathrin\AppData\Roaming\PCDr\Repair\BundleApplicationRepairTool.exe [2017-07-26] ()
Task: {3346F2AE-E1EC-4C54-AFFB-51D4143B987F} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssist.exe [2017-06-28] (Dell Inc.)
Task: {411AC239-D72C-4FDB-B5AC-93975814DD36} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe [2017-05-31] (McAfee, Inc.)
Task: {4C493B69-2697-4359-8288-269175854765} - System32\Tasks\IntelBootstrapCCDashServer => C:\Program Files\Intel\CCDashboard\bin\CCDashServer.exe [2012-07-13] (Intel® Corporation)
Task: {5E467C87-2481-40AB-8A4C-2946B3AA9301} - System32\Tasks\Dell SupportAssistAgent AnonymousRegistration => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssist.exe [2017-06-28] (Dell Inc.)
Task: {5F3FC2AD-9575-4A9F-B8F2-EBAA85480727} - System32\Tasks\Intel® Rapid Start Technology Manager => C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe [2012-07-20] (Intel)
Task: {6BEC73C4-CE06-47B5-AC6B-299327EC5032} - System32\Tasks\PCDDataUploadTask => uaclauncher.exe
Task: {8E87BCE2-092E-4537-9750-6044283C5E73} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-85611978-3827166080-1061539791-1001Core => C:\Users\Kathrin\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-04-06] (Facebook Inc.)
Task: {8E9E1FC8-A5BE-40AD-A369-056C024240E0} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {997C97A7-BF73-453A-87C1-1D7547FAD789} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {A0AA7717-B8D6-437B-82FC-FC8956A8AAF5} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {A5E57417-4C56-47EE-9058-51C36DB67062} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-07-17] (Adobe Systems Incorporated)
Task: {A9B66851-C039-4F0C-8517-50C2937B712B} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2017-05-29] (PC-Doctor, Inc.)
Task: {AA5C19F3-AA0F-41D3-87A2-58E5685AF7D7} - System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.50.1291.1\mcdatrep.exe [2017-02-13] (McAfee, Inc.)
Task: {CB85AA55-67CF-4281-A94A-8DBB541FFA6E} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-85611978-3827166080-1061539791-1001UA => C:\Users\Kathrin\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-04-06] (Facebook Inc.)
Task: {D2BD0C75-C23A-4FEB-9806-562B51556844} - System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.50.1291.1\mcdatrep.exe [2017-02-13] (McAfee, Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-85611978-3827166080-1061539791-1001Core.job => C:\Users\Kathrin\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-85611978-3827166080-1061539791-1001UA.job => C:\Users\Kathrin\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-03-20 18:12 - 2015-03-20 18:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-04-11 04:17 - 2017-04-11 04:17 - 00192200 _____ () C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
2012-07-24 18:43 - 2012-07-24 18:43 - 00146984 _____ () c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2012-07-24 18:43 - 2012-07-24 18:43 - 00058920 _____ () c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2012-12-02 04:04 - 2012-04-25 04:43 - 00254512 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2017-06-30 20:40 - 2017-06-11 13:00 - 00583160 _____ () C:\Program Files\McAfee\MfeAV\RealProtectAMScanIf.dll
2017-06-30 20:40 - 2017-06-11 12:59 - 00574352 _____ () C:\Program Files\McAfee\MfeAV\AMEngineScan.dll
2017-06-30 20:40 - 2017-06-11 13:00 - 00571240 _____ () C:\Program Files\McAfee\MfeAV\RepairModule.dll
2017-06-28 16:49 - 2017-06-28 16:49 - 00018904 _____ () C:\Program Files\Dell\SupportAssistAgent\bin\UnityConfig.dll
2017-06-28 16:49 - 2017-06-28 16:49 - 00037336 _____ () C:\Program Files\Dell\SupportAssistAgent\bin\WorkflowEngine.dll
2017-06-28 16:49 - 2017-06-28 16:49 - 00209368 _____ () C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistHandlers.dll
2017-06-28 16:49 - 2017-06-28 16:49 - 00025048 _____ () C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistWebServer.dll
2017-06-28 16:49 - 2017-06-28 16:49 - 00071640 _____ () C:\Program Files\Dell\SupportAssistAgent\bin\SmartThreadPool.dll
2017-06-28 16:49 - 2017-06-28 16:49 - 00010712 _____ () C:\Program Files\Dell\SupportAssistAgent\bin\Owin.dll
2013-07-06 18:09 - 2013-04-20 00:51 - 00023328 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
2013-07-06 18:09 - 2013-04-20 00:52 - 00049440 _____ () C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\STCommonShellIntegration.dll
2017-04-26 15:19 - 2017-04-26 15:19 - 02005976 ____R () C:\Program Files (x86)\Skype\Phone\skypert.dll
2012-12-02 04:03 - 2012-06-08 05:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 19:34 - 2012-06-08 19:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2016-12-21 11:24 - 2016-12-21 11:24 - 00134008 _____ () C:\Program Files (x86)\Dell Customer Connect\ServiceTagPlusPlus.dll
2017-05-01 15:27 - 2017-05-01 15:27 - 00133992 _____ () C:\Program Files (x86)\Dell Update\ServiceTagPlusPlus.dll
2017-06-26 21:28 - 2017-06-26 21:28 - 00016384 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PSIClient\45eab03aba84951dc2a8fd2b4c8873eb\PSIClient.ni.dll
2012-12-02 03:59 - 2012-06-25 18:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-07-06 18:09 - 2013-05-03 01:01 - 01813792 _____ () C:\Program Files (x86)\Dell Backup and Recovery\OLCoreWrapper.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-85611978-3827166080-1061539791-1001\...\localhost -> localhost

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-85611978-3827166080-1061539791-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Kathrin\Pictures\CARE FOR RARE\VMue_Hauner_075.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Wiederherstellungspunkte =========================

26-06-2017 21:05:05 Windows Update
21-07-2017 10:51:38 Windows Update
29-07-2017 08:51:59 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (07/29/2017 10:12:27 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: CISCTPnpDriverApi::SetMaxWakeDuration   *****IOCTL_ISCT_SAWD(SAWD) Failed, Error=0x2

Error: (07/29/2017 10:11:28 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: CISCTPnpDriverApi::SetMaxWakeDuration   *****IOCTL_ISCT_SAWD(SAWD) Failed, Error=0x2

Error: (07/28/2017 08:50:49 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "\\?\Volume{b933931f-ec2b-4aec-9121-6e6207e8820d}\" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)

Error: (07/28/2017 08:50:48 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "WINRETOOLS" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)

Error: (07/28/2017 08:39:52 AM) (Source: ATIeRecord) (EventID: 16386) (User: )
Description: ATI EEU Client has failed to start

Error: (07/27/2017 01:11:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1234

Error: (07/27/2017 01:11:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1234

Error: (07/27/2017 01:11:18 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/26/2017 09:36:54 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: CISCTPnpDriverApi::SetMaxWakeDuration   *****IOCTL_ISCT_SAWD(SAWD) Failed, Error=0x2

Error: (07/26/2017 09:36:19 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: CISCTPnpDriverApi::SetMaxWakeDuration   *****IOCTL_ISCT_SAWD(SAWD) Failed, Error=0x2


Systemfehler:
=============
Error: (07/29/2017 10:25:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (07/29/2017 10:25:23 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Kathrin\AppData\Local\Temp\ehdrv.sys

Error: (07/29/2017 10:25:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (07/29/2017 10:25:23 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Kathrin\AppData\Local\Temp\ehdrv.sys

Error: (07/29/2017 10:25:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (07/29/2017 10:25:23 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Kathrin\AppData\Local\Temp\ehdrv.sys

Error: (07/29/2017 10:12:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "chip 1-click download service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (07/29/2017 10:12:10 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\WINDOWS\System32\IWMSSvc.dll

Error: (07/29/2017 10:12:10 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\WINDOWS\System32\IWMSSvc.dll

Error: (07/29/2017 10:12:05 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\WINDOWS\System32\IWMSSvc.dll


CodeIntegrity:
===================================
  Date: 2017-07-30 00:05:16.473
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imthx64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-07-30 00:05:16.176
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imapo64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-07-30 00:01:17.203
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imthx64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-07-30 00:01:16.969
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imapo64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-07-30 00:01:16.516
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imthx64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-07-30 00:01:16.188
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imapo64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-07-29 22:25:12.422
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imthx64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-07-29 22:25:12.174
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imapo64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-07-29 22:19:17.991
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imthx64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-07-29 22:19:17.773
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imapo64.dll because the set of per-page image hashes could not be found on the system.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-3517U CPU @ 1.90GHz
Prozentuale Nutzung des RAM: 43%
Installierter physikalischer RAM: 8058.5 MB
Verfügbarer physikalischer RAM: 4553.27 MB
Summe virtueller Speicher: 9338.5 MB
Verfügbarer virtueller Speicher: 5524.43 MB

==================== Laufwerke ================================

Drive c: (OS) (Fixed) (Total:216.5 GB) (Free:41.48 GB) NTFS
Drive y: (WINRETOOLS) (Fixed) (Total:0.49 GB) (Free:0.44 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 17FA38E3)

Partition: GPT.

==================== Ende von Addition.txt ============================

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 29-07-2017
durchgeführt von Kathrin (Administrator) auf DELLBOOKKATHRIN (30-07-2017 00:05:22)
Gestartet von C:\Users\Kathrin\Downloads
Geladene Profile: Kathrin (Verfügbare Profile: Kathrin)
Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
() C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\ModuleCore\ModuleCoreService.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect 3\creator-ws.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(McAfee, Inc.) C:\Program Files\mcafee\MfeAV\MfeAVSvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\VSCore_15_6\mcapexe.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(Intel) C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\CSP\2.5.312.0\McCSPServiceHost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\ModuleCore\ModuleCoreService.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel® Corporation) C:\Program Files\Intel\CCDashboard\bin\CCDashServer.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Dell Inc.) C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\atiw.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Toaster.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell Backup and Recovery\Components\DBRUpdate\DBRUpd.exe
() C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRCrawler.exe
(Intel Security) C:\Program Files\Common Files\mcafee\ClientAnalytics\Legacy\McClientAnalytics.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(Farbar) C:\Users\Kathrin\Downloads\FRST64(1).exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3759504 2012-07-20] (Dell Inc.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [IntelMyWiFiDashboard] => C:\Program Files\Intel\CCDashboard\bin\CCDashServer.exe [5010224 2012-07-13] (Intel® Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-07-24] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2774256 2013-08-01] (Synaptics Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [277504 2012-07-09] (Intel Corporation)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-04] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [143888 2012-06-02] (CyberLink Corp.)
HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [556288 2017-05-31] (McAfee, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-03-20] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-85611978-3827166080-1061539791-1001\...\Run: [Facebook Update] => C:\Users\Kathrin\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-04-06] (Facebook Inc.)
HKU\S-1-5-21-85611978-3827166080-1061539791-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27716568 2017-05-04] (Skype Technologies S.A.)
HKU\S-1-5-21-85611978-3827166080-1061539791-1001\...\MountPoints2: {3c07da0d-45e7-11e7-bf09-7845c4bbb1ff} - "E:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-85611978-3827166080-1061539791-1001\...\MountPoints2: {3c07daa5-45e7-11e7-bf09-7845c4bbb1ff} - "E:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-85611978-3827166080-1061539791-1001\...\MountPoints2: {3c07db99-45e7-11e7-bf09-7845c4bbb1ff} - "E:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-85611978-3827166080-1061539791-1001\...\MountPoints2: {681dcd83-1a00-11e7-bf01-7845c4bbb1ff} - "E:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-85611978-3827166080-1061539791-1001\...\MountPoints2: {681dce3d-1a00-11e7-bf01-7845c4bbb1ff} - "E:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-85611978-3827166080-1061539791-1001\...\MountPoints2: {94a04385-4278-11e4-beaa-6036dd2f7c1c} - "E:\HTC_Sync_Manager_PC.exe" 
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk [2012-12-02]
ShortcutTarget: iSCTsysTray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray.exe (Intel Corporation)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{6E0427F8-072D-458E-8D74-7FDB03D1EB84}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{F4E2AC44-2A00-45ED-96F2-4710D38644B5}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKU\S-1-5-21-85611978-3827166080-1061539791-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-85611978-3827166080-1061539791-1001 -> DefaultScope {83B566A6-E037-4FD5-A2ED-8697AED21906} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
SearchScopes: HKU\S-1-5-21-85611978-3827166080-1061539791-1001 -> {83B566A6-E037-4FD5-A2ED-8697AED21906} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
BHO: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-07-25] (McAfee, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: PDF Architect 3 Helper -> {06E08260-0695-4EC1-A74B-1310D8899D93} -> C:\Program Files (x86)\PDF Architect 3\creator-ie-helper.dll [2015-04-24] (pdfforge GmbH)
BHO-x32: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-07-25] (McAfee, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Toolbar: HKLM-x32 - PDF Architect 3 Toolbar - {2DFF3579-5AA7-45B9-9328-1D38EA230861} - C:\Program Files (x86)\PDF Architect 3\creator-ie-plugin.dll [2015-04-24] (pdfforge GmbH)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-07-25] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-07-25] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-07-25] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-07-25] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2017-05-31] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2017-05-31] (McAfee, Inc.)

FireFox:
========
FF ProfilePath: C:\Users\Kathrin\AppData\Roaming\Mozilla\Firefox\Profiles\r6jeipv1.default [2017-07-30]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\r6jeipv1.default -> Bing®
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\r6jeipv1.default -> Sichere Suche
FF SearchEngineOrder.2: Mozilla\Firefox\Profiles\r6jeipv1.default -> 
FF SearchEngineOrder.US.1: Mozilla\Firefox\Profiles\r6jeipv1.default -> data:text/plain,browser.search.order.US.1=Google
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\r6jeipv1.default -> Bing®
FF Homepage: Mozilla\Firefox\Profiles\r6jeipv1.default -> hxxps://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&ct=1501095284&rver=6.7.6643.0&wp=MBI_SSL_SHARED&wreply=hxxps:%2F%2Fmail.live.com%2Fdefault.aspx%3Frru%3Dinbox&lc=1031&id=64855&mkt=de-DE&cbcxt=mai
hxxps://www.google.de/?gws_rd=ssl
FF NetworkProxy: Mozilla\Firefox\Profiles\r6jeipv1.default -> type", 0
FF Extension: (New Tab Override (browser.newtab.url replacement)) - C:\Users\Kathrin\AppData\Roaming\Mozilla\Firefox\Profiles\r6jeipv1.default\Extensions\newtaboverride@agenedia.com.xpi [2017-07-26]
FF Extension: (Adblock Plus) - C:\Users\Kathrin\AppData\Roaming\Mozilla\Firefox\Profiles\r6jeipv1.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-08]
FF Extension: (McAfee WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2017-07-20]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_3_conv@pdfarchitect.org] - C:\Program Files (x86)\PDF Architect 3\resources\pdfarchitect3firefoxextension
FF Extension: (PDF Architect 3 Creator) - C:\Program Files (x86)\PDF Architect 3\resources\pdfarchitect3firefoxextension [2015-06-27] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2017-06-30] [ist nicht signiert]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2015-08-04]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_137.dll [2017-07-17] ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2017-05-31] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_137.dll [2017-07-17] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2017-05-31] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-07-28] (Microsoft Corporation)
FF Plugin HKU\S-1-5-21-85611978-3827166080-1061539791-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Kathrin\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-04-22]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-04-22]

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R3 ClientAnalyticsService; C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe [1752992 2017-03-29] (Intel Security)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [206712 2017-06-20] (Dell Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3296632 2017-06-20] (Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [217464 2017-06-20] (Dell Inc.)
R2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [130936 2016-12-21] (Dell Inc.)
R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [230248 2017-05-01] (Dell Inc.)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2017-04-11] ()
R2 IAStorDataMgrSvc; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [7168 2012-07-09] (Intel Corporation) [Datei ist nicht signiert]
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-14] (Realsil Microelectronics Inc.) [Datei ist nicht signiert]
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [314696 2014-05-21] (Intel Corporation)
R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [193576 2012-07-20] (Intel Corporation)
R2 ISCTAgent; c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [146984 2012-07-24] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [590880 2017-07-25] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_15_6\McApExe.exe [984480 2017-06-03] (McAfee, Inc.)
S3 McAWFwk; C:\Program Files\mcafee\msc\McAWFwk.exe [332080 2012-01-26] (McAfee, Inc.)
R2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\2.5.312.0\\McCSPServiceHost.exe [2139832 2017-05-31] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
S4 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [241656 2017-04-30] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [390656 2017-04-30] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [343544 2017-04-30] (McAfee, Inc.)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1543248 2017-05-31] (McAfee, Inc.)
S3 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
S3 PDF Architect 3; C:\Program Files (x86)\PDF Architect 3\ws.exe [2244312 2015-04-24] (pdfforge GmbH)
S3 PDF Architect 3 CrashHandler; C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe [901336 2015-04-24] (pdfforge GmbH)
R2 PDF Architect 3 Creator; C:\Program Files (x86)\PDF Architect 3\creator-ws.exe [740568 2015-04-24] (pdfforge GmbH)
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1042288 2017-05-22] (Intel Security, Inc.)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-25] ()
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [1915480 2013-05-23] (SoftThinks SAS)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [321536 2012-07-24] (IDT, Inc.) [Datei ist nicht signiert]
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [52696 2017-06-28] (Dell Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)
S2 0317811501310639mcinstcleanup; C:\WINDOWS\TEMP\031781~1.EXE -cleanup -nolog [X]
S2 chip1click; "C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [36096 2014-07-21] (Advanced Micro Devices, Inc.)
R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [76824 2017-05-02] (McAfee, Inc.)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [32960 2017-04-11] (Dell Inc.)
R3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [32568 2017-04-11] (Dell Computer Corporation)
S3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [10752 2012-08-05] (OSR Open Systems Resources, Inc.)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2017-04-11] (Huawei Technologies Co., Ltd.)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [209608 2017-05-31] (McAfee, Inc.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2017-04-11] (Huawei Technologies Co., Ltd.)
R3 ikbevent; C:\WINDOWS\system32\DRIVERS\ikbevent.sys [20968 2012-07-24] ()
R3 imsevent; C:\WINDOWS\system32\DRIVERS\imsevent.sys [19944 2012-07-24] ()
R3 irstrtdv; C:\WINDOWS\System32\drivers\irstrtdv.sys [43800 2012-07-21] (Intel Corporation)
R3 ISCT; C:\WINDOWS\System32\drivers\ISCTD64.sys [46016 2012-07-24] ()
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [253856 2017-07-29] (Malwarebytes)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [476176 2017-05-02] (McAfee, Inc.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [353808 2017-05-02] (McAfee, Inc.)
U3 mfeavfk01; kein ImagePath
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [84536 2017-05-02] (McAfee, Inc.)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [504336 2017-05-02] (McAfee, Inc.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [918544 2017-05-02] (McAfee, Inc.)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [495632 2017-04-07] (McAfee, Inc.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [107544 2017-04-07] (McAfee, Inc.)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [109072 2017-05-02] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [111608 2017-02-14] (McAfee, Inc.)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [252432 2017-05-02] (McAfee, Inc.)
R3 NETwNe64; C:\WINDOWS\system32\DRIVERS\Netwew00.sys [3345376 2013-10-08] (Intel Corporation)
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-15] (Synaptics Incorporated)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-01] (Synaptics Incorporated)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
R3 WPRO_41_2001; C:\WINDOWS\System32\drivers\WPRO_41_2001.sys [34752 2017-07-29] ()

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-07-29 22:25 - 2017-07-29 22:25 - 00000000 ____D C:\Users\Kathrin\AppData\Local\ESET
2017-07-29 22:24 - 2017-07-29 22:24 - 06760064 _____ (ESET spol. s r.o.) C:\Users\Kathrin\Downloads\esetonlinescanner_deu.exe
2017-07-29 22:20 - 2017-07-29 22:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2017-07-29 22:19 - 2017-07-29 22:21 - 00000000 ____D C:\ProgramData\HitmanPro
2017-07-29 22:17 - 2017-07-29 22:18 - 11584088 _____ (SurfRight B.V.) C:\Users\Kathrin\Downloads\HitmanPro_x64.exe
2017-07-29 22:12 - 2017-07-29 22:12 - 00094656 _____ (CACE Technologies) C:\WINDOWS\system32\WPRO_41_2001woem.tmp
2017-07-29 22:11 - 2017-07-29 22:11 - 00006227 _____ C:\Users\Kathrin\Downloads\Fixlog.txt
2017-07-29 22:09 - 2017-07-29 22:09 - 00000000 ____D C:\Users\Kathrin\Downloads\FRST-OlderVersion
2017-07-27 18:15 - 2017-07-27 18:15 - 00004505 _____ C:\Users\Kathrin\Downloads\SearchReg.txt
2017-07-27 09:41 - 2017-07-27 09:41 - 00670024 _____ C:\Users\Kathrin\Downloads\Friedhofsplan Westfriedhof.pdf
2017-07-26 22:03 - 2017-07-29 22:09 - 02381312 _____ (Farbar) C:\Users\Kathrin\Downloads\FRST64(1).exe
2017-07-26 21:53 - 2017-07-29 22:12 - 00253856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-07-26 21:53 - 2017-07-26 21:53 - 00001885 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-07-26 21:53 - 2017-07-26 21:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-07-26 21:53 - 2017-07-26 21:53 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-07-26 21:53 - 2017-06-27 12:06 - 00077376 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-07-26 21:48 - 2017-07-26 21:52 - 65033984 _____ (Malwarebytes ) C:\Users\Kathrin\Downloads\mb3-setup-consumer-3.1.2.1733-1.0.160-1.0.2251(1).exe
2017-07-26 21:43 - 2017-07-26 21:43 - 00002090 _____ C:\Users\Public\Desktop\SupportAssist.lnk
2017-07-26 21:43 - 2017-07-26 21:43 - 00000000 ____D C:\ProgramData\PC-Doctor for Windows
2017-07-26 21:43 - 2017-07-26 21:43 - 00000000 ____D C:\Program Files\Dell Support Center
2017-07-26 21:38 - 2017-07-26 21:43 - 65033984 _____ (Malwarebytes ) C:\Users\Kathrin\Downloads\mb3-setup-consumer-3.1.2.1733-1.0.160-1.0.2251.exe
2017-07-26 21:37 - 2017-07-30 00:02 - 00000000 ____D C:\Users\Kathrin\Desktop\Trojaner-Board
2017-07-26 21:27 - 2017-07-26 21:28 - 08162248 _____ (Malwarebytes) C:\Users\Kathrin\Downloads\adwcleaner_7.0.0.0(2).exe
2017-07-26 18:20 - 2017-07-26 18:16 - 00507926 _____ C:\Users\Kathrin\Desktop\TDSSKiller.3.1.0.15_26.07.2017_18.05.48_log.txt
2017-07-26 18:05 - 2017-07-26 18:21 - 00508014 _____ C:\TDSSKiller.3.1.0.15_26.07.2017_18.05.48_log.txt
2017-07-26 18:04 - 2017-07-26 18:05 - 04922400 _____ (AO Kaspersky Lab) C:\Users\Kathrin\Downloads\tdsskiller.exe
2017-07-26 14:53 - 2017-07-26 14:53 - 00018084 _____ C:\Users\Kathrin\Desktop\Scan Malwarebytes.txt
2017-07-26 14:00 - 2017-07-26 14:00 - 00001251 _____ C:\Users\Kathrin\Desktop\Malwarebytes.txt
2017-07-26 13:55 - 2017-07-26 13:55 - 00049575 _____ C:\Users\Kathrin\Desktop\FRST.txt
2017-07-26 13:55 - 2017-07-26 13:55 - 00037861 _____ C:\Users\Kathrin\Desktop\Addition.txt
2017-07-26 13:50 - 2017-07-30 00:05 - 00026892 _____ C:\Users\Kathrin\Downloads\FRST.txt
2017-07-26 13:50 - 2017-07-26 22:06 - 00033418 _____ C:\Users\Kathrin\Downloads\Addition.txt
2017-07-26 13:49 - 2017-07-30 00:05 - 00000000 ____D C:\FRST
2017-07-26 11:12 - 2017-07-26 11:12 - 00001173 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-07-26 11:12 - 2017-07-26 11:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-07-26 11:10 - 2017-07-26 11:10 - 00030318 _____ C:\Users\Kathrin\Desktop\bookmarks-2017-07-26.json
2017-07-26 10:06 - 2017-07-26 10:06 - 08162248 _____ (Malwarebytes) C:\Users\Kathrin\Downloads\adwcleaner_7.0.0.0(1).exe
2017-07-26 10:05 - 2017-07-26 10:05 - 08162248 _____ (Malwarebytes) C:\Users\Kathrin\Downloads\adwcleaner_7.0.0.0.exe
2017-07-26 09:16 - 2017-07-26 09:16 - 00003220 _____ C:\WINDOWS\System32\Tasks\BundleApplicationRepairToolLauncherTask
2017-07-24 07:50 - 2017-07-29 23:48 - 00003860 _____ C:\WINDOWS\System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse
2017-07-24 07:50 - 2017-07-29 23:08 - 00004034 _____ C:\WINDOWS\System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse
2017-07-24 07:39 - 2017-05-04 01:11 - 00103600 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-07-24 07:39 - 2017-05-03 15:43 - 01555968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-07-24 07:39 - 2017-05-03 15:43 - 01206272 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-07-24 07:39 - 2017-05-03 15:43 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-07-24 07:39 - 2017-05-03 15:43 - 00535552 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-07-24 07:39 - 2017-05-03 15:43 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-07-24 07:39 - 2017-05-03 15:43 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\centel.dll
2017-07-24 07:39 - 2017-05-03 15:43 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-07-24 07:39 - 2017-05-03 15:43 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-07-18 14:41 - 2017-07-06 10:52 - 00119296 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2017-07-18 14:41 - 2017-06-29 08:27 - 25734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-07-18 14:41 - 2017-06-29 08:02 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-07-18 14:41 - 2017-06-29 07:50 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-07-18 14:41 - 2017-06-29 07:44 - 05975552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-07-18 14:41 - 2017-06-29 07:23 - 20270592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-07-18 14:41 - 2017-06-29 07:23 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-07-18 14:41 - 2017-06-29 07:17 - 01033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2017-07-18 14:41 - 2017-06-29 07:13 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-07-18 14:41 - 2017-06-29 07:09 - 00806912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-07-18 14:41 - 2017-06-29 06:58 - 15253504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-07-18 14:41 - 2017-06-29 06:53 - 03240960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-07-18 14:41 - 2017-06-29 06:52 - 04549632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-07-18 14:41 - 2017-06-29 06:51 - 00880640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2017-07-18 14:41 - 2017-06-29 06:47 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-07-18 14:41 - 2017-06-29 06:43 - 13663744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-07-18 14:41 - 2017-06-29 06:41 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-07-18 14:41 - 2017-06-29 06:29 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-07-18 14:41 - 2017-06-29 06:28 - 02767872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-07-18 14:41 - 2017-06-29 06:24 - 01314816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-07-18 14:41 - 2017-06-29 06:23 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-07-18 14:41 - 2017-06-27 16:29 - 07796736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-07-18 14:41 - 2017-06-27 16:29 - 07077376 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2017-07-18 14:41 - 2017-06-27 16:26 - 05274112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll
2017-07-18 14:41 - 2017-06-27 16:26 - 05268992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-07-18 14:41 - 2017-06-22 16:22 - 04169216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-07-18 14:41 - 2017-06-17 18:45 - 03631616 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-07-18 14:41 - 2017-06-17 18:34 - 02749952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-07-18 14:41 - 2017-06-17 18:11 - 02551808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-07-18 14:41 - 2017-06-17 18:05 - 01920000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-07-18 14:41 - 2017-06-16 00:02 - 00990040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2017-07-18 14:41 - 2017-06-15 15:45 - 07440728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-07-18 14:41 - 2017-06-15 15:45 - 01674520 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-07-18 14:41 - 2017-06-15 15:45 - 01534064 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-07-18 14:41 - 2017-06-15 15:45 - 01499920 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-07-18 14:41 - 2017-06-15 15:45 - 01370320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-07-18 14:41 - 2017-06-15 15:45 - 00086360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2017-07-18 14:41 - 2017-06-12 02:06 - 00376672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-07-18 14:41 - 2017-06-12 00:21 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wvc.dll
2017-07-18 14:41 - 2017-06-11 23:43 - 00371200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinfo32.exe
2017-07-18 14:41 - 2017-06-11 23:25 - 00478720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wvc.dll
2017-07-18 14:41 - 2017-06-11 23:15 - 01436672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdc.dll
2017-07-18 14:41 - 2017-06-11 23:08 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2017-07-18 14:41 - 2017-06-11 23:07 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sysmon.ocx
2017-07-18 14:41 - 2017-06-11 23:00 - 00962560 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-07-18 14:41 - 2017-06-11 22:58 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinfo32.exe
2017-07-18 14:41 - 2017-06-11 22:40 - 01323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdc.dll
2017-07-18 14:41 - 2017-06-11 22:35 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2017-07-18 14:41 - 2017-06-11 22:31 - 00781312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-07-18 14:41 - 2017-06-11 17:15 - 02013528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-07-18 14:41 - 2017-06-06 22:52 - 03120640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-07-18 14:41 - 2017-06-06 22:42 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2017-07-18 14:41 - 2017-06-06 22:38 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\cnvfat.dll
2017-07-18 14:41 - 2017-06-06 22:36 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\uudf.dll
2017-07-18 14:41 - 2017-06-06 22:36 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\convert.exe
2017-07-18 14:41 - 2017-06-06 22:35 - 00517120 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2017-07-18 14:41 - 2017-06-06 21:13 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ulib.dll
2017-07-18 14:41 - 2017-06-06 21:11 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2017-07-18 14:41 - 2017-06-06 21:11 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ifsutil.dll
2017-07-18 14:41 - 2017-06-06 21:11 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ufat.dll
2017-07-18 14:41 - 2017-06-06 21:11 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\uexfat.dll
2017-07-18 14:41 - 2017-06-06 21:08 - 02712576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-07-18 14:41 - 2017-06-06 21:03 - 00837632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2017-07-18 14:41 - 2017-06-06 20:59 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cnvfat.dll
2017-07-18 14:41 - 2017-06-06 20:57 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uudf.dll
2017-07-18 14:41 - 2017-06-06 20:56 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2017-07-18 14:41 - 2017-06-06 20:03 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ulib.dll
2017-07-18 14:41 - 2017-06-06 20:02 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2017-07-18 14:41 - 2017-06-06 20:02 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ifsutil.dll
2017-07-18 14:41 - 2017-06-06 20:02 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ufat.dll
2017-07-18 14:41 - 2017-06-06 20:02 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uexfat.dll
2017-07-18 14:41 - 2017-06-03 18:27 - 02346496 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2017-07-18 14:41 - 2017-06-03 18:03 - 01549312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2017-07-18 14:41 - 2017-05-31 23:20 - 00470360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2017-07-18 14:41 - 2017-05-16 00:09 - 00057688 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2017-07-18 14:41 - 2017-05-15 22:03 - 00379744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-07-18 14:41 - 2017-05-09 16:37 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2017-07-18 14:41 - 2017-05-09 16:35 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2017-07-18 14:41 - 2017-05-09 16:29 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsdchngr.dll
2017-07-18 14:41 - 2017-05-09 16:29 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\snmptrap.exe
2017-07-18 14:41 - 2017-05-09 16:28 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2017-07-18 14:41 - 2017-05-09 16:28 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsdchngr.dll
2017-07-18 14:41 - 2017-05-09 16:12 - 00448576 _____ C:\WINDOWS\system32\ApnDatabase.xml
2017-07-18 14:41 - 2017-05-06 18:45 - 01114624 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2017-07-18 14:41 - 2017-05-06 18:41 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdsdwmdr.dll
2017-07-18 14:41 - 2017-05-02 22:09 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-07-18 14:41 - 2017-05-02 22:08 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-07-18 14:41 - 2017-05-02 22:08 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2017-07-18 14:41 - 2017-05-02 20:41 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscore.dll
2017-07-18 14:41 - 2017-05-02 20:31 - 00329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2017-07-18 14:41 - 2017-05-02 20:31 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\smbwmiv2.dll
2017-07-18 14:41 - 2017-05-02 19:35 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sscore.dll
2017-07-18 14:41 - 2017-04-30 18:48 - 00080078 _____ C:\WINDOWS\system32\normidna.nls
2017-07-18 14:41 - 2017-04-28 03:13 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe
2017-07-18 14:41 - 2017-04-28 03:11 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe
2017-07-04 21:15 - 2017-07-04 21:15 - 00003806 _____ C:\WINDOWS\System32\Tasks\Dell SupportAssistAgent AnonymousRegistration
2017-07-04 21:15 - 2017-07-04 21:15 - 00003792 _____ C:\WINDOWS\System32\Tasks\Dell SupportAssistAgent AutoUpdate
2017-07-04 21:15 - 2017-07-04 21:15 - 00000000 ____D C:\ProgramData\SupportAssistAgent
2017-07-04 21:15 - 2017-07-04 21:15 - 00000000 ____D C:\ProgramData\SupportAssist
2017-07-02 17:49 - 2017-07-02 17:59 - 00000000 ____D C:\Users\Kathrin\Desktop\Besondere
2017-06-30 20:27 - 2017-06-30 20:27 - 00000000 ____D C:\Program Files (x86)\Dell Update

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-07-29 22:29 - 2012-12-09 08:21 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-85611978-3827166080-1061539791-1001
2017-07-29 22:21 - 2014-03-18 12:03 - 01780340 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-07-29 22:21 - 2014-03-18 11:25 - 00766620 _____ C:\WINDOWS\system32\perfh007.dat
2017-07-29 22:21 - 2014-03-18 11:25 - 00159902 _____ C:\WINDOWS\system32\perfc007.dat
2017-07-29 22:21 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\Inf
2017-07-29 22:19 - 2012-12-02 04:06 - 00000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2017-07-29 22:13 - 2016-11-25 20:35 - 00000000 ____D C:\Users\Kathrin\AppData\LocalLow\Mozilla
2017-07-29 22:13 - 2015-05-18 14:26 - 00000000 ____D C:\Users\Kathrin\AppData\Roaming\Skype
2017-07-29 22:13 - 2014-08-15 21:38 - 00000000 __RDO C:\Users\Kathrin\OneDrive
2017-07-29 22:12 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-07-29 22:12 - 2013-08-22 15:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2017-07-29 22:12 - 2012-12-02 04:02 - 00000000 ____D C:\ProgramData\PCDr
2017-07-29 22:12 - 2012-12-02 04:00 - 00034752 _____ C:\WINDOWS\system32\Drivers\WPRO_41_2001.sys
2017-07-29 08:52 - 2012-07-26 07:26 - 00000199 _____ C:\WINDOWS\win.ini
2017-07-29 08:43 - 2012-12-02 04:05 - 00000000 ____D C:\Program Files (x86)\McAfee
2017-07-28 10:03 - 2013-04-06 18:58 - 00000968 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-85611978-3827166080-1061539791-1001UA.job
2017-07-26 21:43 - 2013-03-27 09:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2017-07-26 21:36 - 2017-05-10 08:45 - 00000000 ____D C:\Users\Kathrin\AppData\Roaming\Lavasoft
2017-07-26 21:36 - 2017-05-10 08:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2017-07-26 21:36 - 2017-05-10 08:45 - 00000000 ____D C:\ProgramData\Lavasoft
2017-07-26 21:36 - 2017-05-10 08:45 - 00000000 ____D C:\Program Files (x86)\Lavasoft
2017-07-26 21:36 - 2013-10-17 22:18 - 00000000 ____D C:\AdwCleaner
2017-07-26 19:03 - 2013-04-06 18:58 - 00000946 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-85611978-3827166080-1061539791-1001Core.job
2017-07-26 11:12 - 2016-12-17 22:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-07-26 10:17 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2017-07-26 09:39 - 2015-05-15 15:17 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-07-24 07:51 - 2016-06-01 15:45 - 00003068 _____ C:\WINDOWS\System32\Tasks\McAfeeLogon
2017-07-24 07:51 - 2013-09-19 19:04 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-07-24 07:51 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2017-07-24 07:51 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-07-24 07:49 - 2012-12-16 14:50 - 135225752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-07-24 07:49 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-07-24 07:31 - 2013-08-22 16:44 - 00419368 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-07-18 14:38 - 2017-05-10 07:42 - 00000000 __HDC C:\ProgramData\{6E35203C-6E98-4378-8362-112CFE55C2C1}
2017-07-17 10:47 - 2015-03-14 19:46 - 00004342 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-07-17 10:47 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-07-17 10:46 - 2017-06-21 13:14 - 05824512 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2017-07-17 10:46 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-07-04 21:15 - 2012-12-02 04:00 - 00000000 ____D C:\Program Files\Dell
2017-06-30 20:52 - 2012-12-02 04:05 - 00000000 ____D C:\Program Files\mcafee
2017-06-30 20:40 - 2012-12-02 04:05 - 00000000 ____D C:\ProgramData\McAfee
2017-06-30 20:40 - 2012-12-02 04:05 - 00000000 ____D C:\Program Files\Common Files\mcafee
2017-06-30 20:39 - 2012-07-26 10:12 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2017-06-30 20:38 - 2015-07-04 16:04 - 00000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2017-06-30 20:26 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2017-06-30 20:23 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2017-06-30 02:27 - 2013-08-22 17:38 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-06-30 02:27 - 2013-08-22 17:38 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-03-15 18:03 - 2015-03-15 18:04 - 0000872 _____ () C:\Users\Kathrin\AppData\Roaming\AbsoluteReminder.xml
2013-12-20 13:28 - 2014-09-24 11:28 - 0000148 _____ () C:\Users\Kathrin\AppData\Roaming\WB.CFG
2013-10-05 20:09 - 2015-12-21 22:15 - 0006144 _____ () C:\Users\Kathrin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-12-28 19:45 - 2015-12-28 19:45 - 0001553 _____ () C:\Users\Kathrin\AppData\Local\recently-used.xbel
2012-12-02 04:05 - 2012-12-02 04:05 - 0000119 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2012-12-02 04:03 - 2012-12-02 04:03 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2012-12-02 04:03 - 2012-12-02 04:04 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log
2012-12-02 04:03 - 2012-12-02 04:03 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2012-12-02 04:04 - 2012-12-02 04:05 - 0000108 _____ () C:\ProgramData\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}.log

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-07-28 08:50

==================== Ende von FRST.txt ============================

Hallo Matthias,

die Aufgaben sind erledigt, nur mit der Suche klappt es noch nicht.
Es ist noch immer so, dass ich auf Yahoo-Search weiter geleitet werde, sobald ich oben im Firefox Adressfeld eine Suche eingebe, obwohl ich google als Standardsuchmaschine gesetzt habe. (direkt in der google-Suche klappt es aber)

... danke für die weitere Hilfe!

K

M-K-D-B · 30.07.2017, 10:28

Servus,

Schritt 1

Kopiere den Inhalt der folgenden Code-Box:

Code:

ATTFilter

Start::
CloseProcesses:
DeleteKey: HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{078FA2D5-DE68-416E-BA7F-894A4A4EAB6C}
DeleteKey: HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{0AD8FD27-9029-43A1-B9D5-C54FF18C3DD7}
DeleteKey: HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{1D7BEA54-B699-4A4D-83D7-D10875B8D7FD}
DeleteKey: HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{2203FA35-9590-4CBA-8AFF-CC53930B7F5C}
DeleteKey: HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{349385B4-83FC-4BE1-9DBF-DC0195C65DB4}
DeleteKey: HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{39FB51B1-8784-4BD5-A411-F1B7A5DB4D67}
DeleteKey: HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{3C8BE759-0A8F-4C0D-8CAD-0E5898EAE6AF}
DeleteKey: HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{41AC4A66-D0C5-4646-BFAE-1041584C43DE}
DeleteKey: HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{45C2D25B-0816-419A-B74B-CD4D7024FB71}
DeleteKey: HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{4E695B8D-101C-4F95-B5C7-A7D9D2E975EF}
DeleteKey: HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{54AFDC23-353C-4789-84F5-9C955AD44AC5}
DeleteKey: HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{558F32DF-FA22-4656-B0D2-64DD9EB41F8F}
DeleteKey: HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{6BD95127-7C32-4C10-ACF0-1C4687629C85}
DeleteKey: HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{74009D24-8B75-4783-9E69-4566B239FB30}
DeleteKey: HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{75CF0360-C187-4E6E-AB01-6FA65F3DA6CB}
DeleteKey: HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{9566B021-2079-4C32-8F1F-A26911954C8B}
DeleteKey: HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{BBA36C2E-EC79-494A-988D-19398D9222A2}
DeleteKey: HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{C3FD9F92-09FA-493C-8C1F-2A3D7DD55DDD}
DeleteKey: HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{C8B204C2-D508-4B71-9CC5-AED5E1302A86}
DeleteKey: HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{EC5A8488-566B-442C-9E5E-259031985B7A}
DeleteKey: HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{F340A9AB-C377-4855-A106-0DAC2893A1A8}
DeleteKey: HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{FFC65EC8-C373-4E11-9882-905817219E16}
C:\Users\Kathrin\Downloads\*CHIP-Installer*.exe
C:\Users\Kathrin\Downloads\PDFCreator-2_1_2-setup.exe
EmptyTemp:
End::

Starte nun FRST und klicke den Entfernen Button.
Das Tool führt die gewünschten Schritte aus und erstellt eine fixlog.txt im selben Verzeichnis, in dem sich die FRST/FRST64.exe befindet.
Gegebenenfalls muss dein Rechner dafür neu gestartet werden.
Poste mir den Inhalt der fixlog.txt mit deiner nächsten Antwort.

Schritt 2
Bitte setze deine Brower wie folgt zurück:

IE :::
Setze folgendermassen den Internet Explorer zurück:

Öffne den Internet Explorer und gehe zu Extras -> Internetoptionen.
Klicke in der Registerkarte Erweitert unter "Internet Explorer-Einstellungen zurücksetzen" auf Zurücksetzen...
Klicke im Dialogfeld "Internet Explorer-Einstellungen zurücksetzen" zum Bestätigen auf Zurücksetzen.

(Hier findest du die bebilderte Anleitung.)

EDGE :::
Edge zurücksetzen

FF :::
Firefox zurücksetzen

CHR:::
Chrome zurücksetzen

OPR::
Opera zurücksetzen

Schritt 3

Starte die FRST.exe erneut. Vergewissere dich, dass vor Addition.txt ein Haken gesetzt ist und drücke auf Untersuchen.
FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Bitte poste mit deiner nächsten Antwort

die Logdatei des FRST-Fix,
die beiden neuen Logdateien von FRST (FRST.txt und Addition.txt).

gapkathl · 30.07.2017, 19:13

Code:

ATTFilter

Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 30-07-2017
durchgeführt von Kathrin (30-07-2017 19:53:26) Run:2
Gestartet von C:\Users\Kathrin\Downloads
Geladene Profile: Kathrin (Verfügbare Profile: Kathrin)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************

CloseProcesses:
DeleteKey: HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{078FA2D5-DE68-416E-BA7F-894A4A4EAB6C}
DeleteKey: HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{0AD8FD27-9029-43A1-B9D5-C54FF18C3DD7}
DeleteKey: HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{1D7BEA54-B699-4A4D-83D7-D10875B8D7FD}
DeleteKey: HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{2203FA35-9590-4CBA-8AFF-CC53930B7F5C}
DeleteKey: HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{349385B4-83FC-4BE1-9DBF-DC0195C65DB4}
DeleteKey: HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{39FB51B1-8784-4BD5-A411-F1B7A5DB4D67}
DeleteKey: HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{3C8BE759-0A8F-4C0D-8CAD-0E5898EAE6AF}
DeleteKey: HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{41AC4A66-D0C5-4646-BFAE-1041584C43DE}
DeleteKey: HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{45C2D25B-0816-419A-B74B-CD4D7024FB71}
DeleteKey: HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{4E695B8D-101C-4F95-B5C7-A7D9D2E975EF}
DeleteKey: HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{54AFDC23-353C-4789-84F5-9C955AD44AC5}
DeleteKey: HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{558F32DF-FA22-4656-B0D2-64DD9EB41F8F}
DeleteKey: HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{6BD95127-7C32-4C10-ACF0-1C4687629C85}
DeleteKey: HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{74009D24-8B75-4783-9E69-4566B239FB30}
DeleteKey: HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{75CF0360-C187-4E6E-AB01-6FA65F3DA6CB}
DeleteKey: HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{9566B021-2079-4C32-8F1F-A26911954C8B}
DeleteKey: HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{BBA36C2E-EC79-494A-988D-19398D9222A2}
DeleteKey: HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{C3FD9F92-09FA-493C-8C1F-2A3D7DD55DDD}
DeleteKey: HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{C8B204C2-D508-4B71-9CC5-AED5E1302A86}
DeleteKey: HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{EC5A8488-566B-442C-9E5E-259031985B7A}
DeleteKey: HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{F340A9AB-C377-4855-A106-0DAC2893A1A8}
DeleteKey: HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{FFC65EC8-C373-4E11-9882-905817219E16}
C:\Users\Kathrin\Downloads\*CHIP-Installer*.exe
C:\Users\Kathrin\Downloads\PDFCreator-2_1_2-setup.exe
EmptyTemp:

*****************

Prozesse erfolgreich geschlossen.
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{078FA2D5-DE68-416E-BA7F-894A4A4EAB6C} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{0AD8FD27-9029-43A1-B9D5-C54FF18C3DD7} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{1D7BEA54-B699-4A4D-83D7-D10875B8D7FD} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{2203FA35-9590-4CBA-8AFF-CC53930B7F5C} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{349385B4-83FC-4BE1-9DBF-DC0195C65DB4} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{39FB51B1-8784-4BD5-A411-F1B7A5DB4D67} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{3C8BE759-0A8F-4C0D-8CAD-0E5898EAE6AF} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{41AC4A66-D0C5-4646-BFAE-1041584C43DE} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{45C2D25B-0816-419A-B74B-CD4D7024FB71} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{4E695B8D-101C-4F95-B5C7-A7D9D2E975EF} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{54AFDC23-353C-4789-84F5-9C955AD44AC5} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{558F32DF-FA22-4656-B0D2-64DD9EB41F8F} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{6BD95127-7C32-4C10-ACF0-1C4687629C85} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{74009D24-8B75-4783-9E69-4566B239FB30} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{75CF0360-C187-4E6E-AB01-6FA65F3DA6CB} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{9566B021-2079-4C32-8F1F-A26911954C8B} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{BBA36C2E-EC79-494A-988D-19398D9222A2} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{C3FD9F92-09FA-493C-8C1F-2A3D7DD55DDD} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{C8B204C2-D508-4B71-9CC5-AED5E1302A86} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{EC5A8488-566B-442C-9E5E-259031985B7A} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{F340A9AB-C377-4855-A106-0DAC2893A1A8} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{FFC65EC8-C373-4E11-9882-905817219E16} => Schlüssel erfolgreich entfernt

=========== "C:\Users\Kathrin\Downloads\*CHIP-Installer*.exe" ==========

C:\Users\Kathrin\Downloads\Malwarebytes Malware Scanner - CHIP-Installer(1).exe => erfolgreich verschoben
C:\Users\Kathrin\Downloads\Malwarebytes Malware Scanner - CHIP-Installer.exe => erfolgreich verschoben

========= Ende -> "C:\Users\Kathrin\Downloads\*CHIP-Installer*.exe" ========

C:\Users\Kathrin\Downloads\PDFCreator-2_1_2-setup.exe => erfolgreich verschoben

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 6323056 B
Java, Flash, Steam htmlcache => 1135 B
Windows/system/drivers => 1216 B
Edge => 0 B
Chrome => 0 B
Firefox => 41399052 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 6578 B
NetworkService => 0 B
Kathrin => 2963217 B

RecycleBin => 2605371 B
EmptyTemp: => 58.8 MB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 19:53:29 ====

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 30-07-2017
durchgeführt von Kathrin (Administrator) auf DELLBOOKKATHRIN (30-07-2017 20:00:50)
Gestartet von C:\Users\Kathrin\Downloads
Geladene Profile: Kathrin &  (Verfügbare Profile: Kathrin)
Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
() C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\ModuleCore\ModuleCoreService.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect 3\creator-ws.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
(Intel) C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\VSCore_15_6\mcapexe.exe
(McAfee, Inc.) C:\Program Files\mcafee\MfeAV\MfeAVSvc.exe
(Intel Security) C:\Program Files\Common Files\mcafee\ClientAnalytics\Legacy\McClientAnalytics.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\CSP\2.5.312.0\McCSPServiceHost.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel® Corporation) C:\Program Files\Intel\CCDashboard\bin\CCDashServer.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\ModuleCore\ModuleCoreService.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\MSM\McSmtFwk.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Dell Inc.) C:\Program Files (x86)\Dell Customer Connect\DCCService.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(Dell Inc.) C:\Program Files (x86)\Dell Update\DellUpTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe
(Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\atiw.exe
(PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssist\uaclauncher.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(McAfee, Inc.) C:\Program Files\mcafee.com\agent\mcupdate.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(Farbar) C:\Users\Kathrin\Downloads\FRST64(1).exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3759504 2012-07-20] (Dell Inc.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [IntelMyWiFiDashboard] => C:\Program Files\Intel\CCDashboard\bin\CCDashServer.exe [5010224 2012-07-13] (Intel® Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-07-24] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2774256 2013-08-01] (Synaptics Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [277504 2012-07-09] (Intel Corporation)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-04] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [143888 2012-06-02] (CyberLink Corp.)
HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [556288 2017-05-31] (McAfee, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-03-20] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-85611978-3827166080-1061539791-1001\...\Run: [Facebook Update] => C:\Users\Kathrin\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-04-06] (Facebook Inc.)
HKU\S-1-5-21-85611978-3827166080-1061539791-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27716568 2017-05-04] (Skype Technologies S.A.)
HKU\S-1-5-21-85611978-3827166080-1061539791-1001\...\MountPoints2: {3c07da0d-45e7-11e7-bf09-7845c4bbb1ff} - "E:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-85611978-3827166080-1061539791-1001\...\MountPoints2: {3c07daa5-45e7-11e7-bf09-7845c4bbb1ff} - "E:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-85611978-3827166080-1061539791-1001\...\MountPoints2: {3c07db99-45e7-11e7-bf09-7845c4bbb1ff} - "E:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-85611978-3827166080-1061539791-1001\...\MountPoints2: {681dcd83-1a00-11e7-bf01-7845c4bbb1ff} - "E:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-85611978-3827166080-1061539791-1001\...\MountPoints2: {681dce3d-1a00-11e7-bf01-7845c4bbb1ff} - "E:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-85611978-3827166080-1061539791-1001\...\MountPoints2: {94a04385-4278-11e4-beaa-6036dd2f7c1c} - "E:\HTC_Sync_Manager_PC.exe" 
HKU\S-1-5-21-85611978-3827166080-1061539791-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07302017195527824\...\Run: [Facebook Update] => C:\Users\Kathrin\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-04-06] (Facebook Inc.)
HKU\S-1-5-21-85611978-3827166080-1061539791-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07302017195527824\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27716568 2017-05-04] (Skype Technologies S.A.)
HKU\S-1-5-21-85611978-3827166080-1061539791-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07302017195527824\...\MountPoints2: {3c07da0d-45e7-11e7-bf09-7845c4bbb1ff} - "E:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-85611978-3827166080-1061539791-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07302017195527824\...\MountPoints2: {3c07daa5-45e7-11e7-bf09-7845c4bbb1ff} - "E:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-85611978-3827166080-1061539791-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07302017195527824\...\MountPoints2: {3c07db99-45e7-11e7-bf09-7845c4bbb1ff} - "E:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-85611978-3827166080-1061539791-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07302017195527824\...\MountPoints2: {681dcd83-1a00-11e7-bf01-7845c4bbb1ff} - "E:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-85611978-3827166080-1061539791-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07302017195527824\...\MountPoints2: {681dce3d-1a00-11e7-bf01-7845c4bbb1ff} - "E:\HiSuiteDownLoader.exe" 
HKU\S-1-5-21-85611978-3827166080-1061539791-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07302017195527824\...\MountPoints2: {94a04385-4278-11e4-beaa-6036dd2f7c1c} - "E:\HTC_Sync_Manager_PC.exe" 
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk [2012-12-02]
ShortcutTarget: iSCTsysTray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray.exe (Intel Corporation)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{6E0427F8-072D-458E-8D74-7FDB03D1EB84}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{F4E2AC44-2A00-45ED-96F2-4710D38644B5}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKU\S-1-5-21-85611978-3827166080-1061539791-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-85611978-3827166080-1061539791-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07302017195527824\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-85611978-3827166080-1061539791-1001 -> DefaultScope {83B566A6-E037-4FD5-A2ED-8697AED21906} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
SearchScopes: HKU\S-1-5-21-85611978-3827166080-1061539791-1001 -> {83B566A6-E037-4FD5-A2ED-8697AED21906} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
SearchScopes: HKU\S-1-5-21-85611978-3827166080-1061539791-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07302017195527824 -> DefaultScope {83B566A6-E037-4FD5-A2ED-8697AED21906} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
SearchScopes: HKU\S-1-5-21-85611978-3827166080-1061539791-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07302017195527824 -> {83B566A6-E037-4FD5-A2ED-8697AED21906} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
BHO: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-07-25] (McAfee, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: PDF Architect 3 Helper -> {06E08260-0695-4EC1-A74B-1310D8899D93} -> C:\Program Files (x86)\PDF Architect 3\creator-ie-helper.dll [2015-04-24] (pdfforge GmbH)
BHO-x32: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-07-25] (McAfee, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Toolbar: HKLM-x32 - PDF Architect 3 Toolbar - {2DFF3579-5AA7-45B9-9328-1D38EA230861} - C:\Program Files (x86)\PDF Architect 3\creator-ie-plugin.dll [2015-04-24] (pdfforge GmbH)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-07-25] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-07-25] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-07-25] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-07-25] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2017-05-31] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2017-05-31] (McAfee, Inc.)

FireFox:
========
FF DefaultProfile: tmzi3gvy.default-1501437532707
FF ProfilePath: C:\Users\Kathrin\AppData\Roaming\Mozilla\Firefox\Profiles\tmzi3gvy.default-1501437532707 [2017-07-30]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF Extension: (McAfee WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2017-07-20]
FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_3_conv@pdfarchitect.org] - C:\Program Files (x86)\PDF Architect 3\resources\pdfarchitect3firefoxextension
FF Extension: (PDF Architect 3 Creator) - C:\Program Files (x86)\PDF Architect 3\resources\pdfarchitect3firefoxextension [2015-06-27] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2017-06-30] [ist nicht signiert]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2015-08-04]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_137.dll [2017-07-17] ()
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2017-05-31] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_137.dll [2017-07-17] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2017-05-31] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-07-28] (Microsoft Corporation)
FF Plugin HKU\S-1-5-21-85611978-3827166080-1061539791-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Kathrin\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-85611978-3827166080-1061539791-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07302017195527824: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Kathrin\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-04-22]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-04-22]

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R3 ClientAnalyticsService; C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe [1752992 2017-03-29] (Intel Security)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [206712 2017-06-20] (Dell Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3296632 2017-06-20] (Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [217464 2017-06-20] (Dell Inc.)
R2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [130936 2016-12-21] (Dell Inc.)
R2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [230248 2017-05-01] (Dell Inc.)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2017-04-11] ()
R2 IAStorDataMgrSvc; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [7168 2012-07-09] (Intel Corporation) [Datei ist nicht signiert]
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-14] (Realsil Microelectronics Inc.) [Datei ist nicht signiert]
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [314696 2014-05-21] (Intel Corporation)
R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [193576 2012-07-20] (Intel Corporation)
R2 ISCTAgent; c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [146984 2012-07-24] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [590880 2017-07-25] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_15_6\McApExe.exe [984480 2017-06-03] (McAfee, Inc.)
S3 McAWFwk; C:\Program Files\mcafee\msc\McAWFwk.exe [332080 2012-01-26] (McAfee, Inc.)
R2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\2.5.312.0\\McCSPServiceHost.exe [2139832 2017-05-31] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
S4 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [241656 2017-04-30] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [390656 2017-04-30] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [343544 2017-04-30] (McAfee, Inc.)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1543248 2017-05-31] (McAfee, Inc.)
S3 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2017-02-22] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
S3 PDF Architect 3; C:\Program Files (x86)\PDF Architect 3\ws.exe [2244312 2015-04-24] (pdfforge GmbH)
S3 PDF Architect 3 CrashHandler; C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe [901336 2015-04-24] (pdfforge GmbH)
R2 PDF Architect 3 Creator; C:\Program Files (x86)\PDF Architect 3\creator-ws.exe [740568 2015-04-24] (pdfforge GmbH)
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1042288 2017-05-22] (Intel Security, Inc.)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-25] ()
R2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe [1915480 2013-05-23] (SoftThinks SAS)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [321536 2012-07-24] (IDT, Inc.) [Datei ist nicht signiert]
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [52696 2017-06-28] (Dell Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)
S2 0317811501310639mcinstcleanup; C:\WINDOWS\TEMP\031781~1.EXE -cleanup -nolog [X]
S2 chip1click; "C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [36096 2014-07-21] (Advanced Micro Devices, Inc.)
R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [76824 2017-05-02] (McAfee, Inc.)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 DDDriver; C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys [32960 2017-04-11] (Dell Inc.)
R3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [32568 2017-04-11] (Dell Computer Corporation)
S3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [10752 2012-08-05] (OSR Open Systems Resources, Inc.)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2017-04-11] (Huawei Technologies Co., Ltd.)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [209608 2017-05-31] (McAfee, Inc.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2017-04-11] (Huawei Technologies Co., Ltd.)
R3 ikbevent; C:\WINDOWS\system32\DRIVERS\ikbevent.sys [20968 2012-07-24] ()
R3 imsevent; C:\WINDOWS\system32\DRIVERS\imsevent.sys [19944 2012-07-24] ()
R3 irstrtdv; C:\WINDOWS\System32\drivers\irstrtdv.sys [43800 2012-07-21] (Intel Corporation)
R3 ISCT; C:\WINDOWS\System32\drivers\ISCTD64.sys [46016 2012-07-24] ()
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [253856 2017-07-30] (Malwarebytes)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [476176 2017-05-02] (McAfee, Inc.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [353808 2017-05-02] (McAfee, Inc.)
U3 mfeavfk01; kein ImagePath
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [84536 2017-05-02] (McAfee, Inc.)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [504336 2017-05-02] (McAfee, Inc.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [918544 2017-05-02] (McAfee, Inc.)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [495632 2017-04-07] (McAfee, Inc.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [107544 2017-04-07] (McAfee, Inc.)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [109072 2017-05-02] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [111608 2017-02-14] (McAfee, Inc.)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [252432 2017-05-02] (McAfee, Inc.)
R3 NETwNe64; C:\WINDOWS\system32\DRIVERS\Netwew00.sys [3345376 2013-10-08] (Intel Corporation)
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-15] (Synaptics Incorporated)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-01] (Synaptics Incorporated)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
R3 WPRO_41_2001; C:\WINDOWS\System32\drivers\WPRO_41_2001.sys [34752 2017-07-30] ()

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-07-30 19:58 - 2017-07-30 19:58 - 000000000 ____D C:\Users\Kathrin\Desktop\Alte Firefox-Daten
2017-07-30 19:58 - 2017-07-30 19:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2017-07-29 22:25 - 2017-07-29 22:25 - 000000000 ____D C:\Users\Kathrin\AppData\Local\ESET
2017-07-29 22:24 - 2017-07-29 22:24 - 006760064 _____ (ESET spol. s r.o.) C:\Users\Kathrin\Downloads\esetonlinescanner_deu.exe
2017-07-29 22:19 - 2017-07-29 22:21 - 000000000 ____D C:\ProgramData\HitmanPro
2017-07-29 22:17 - 2017-07-29 22:18 - 011584088 _____ (SurfRight B.V.) C:\Users\Kathrin\Downloads\HitmanPro_x64.exe
2017-07-29 22:12 - 2017-07-30 19:53 - 000094656 _____ (CACE Technologies) C:\WINDOWS\system32\WPRO_41_2001woem.tmp
2017-07-29 22:11 - 2017-07-30 19:53 - 000006410 _____ C:\Users\Kathrin\Downloads\Fixlog.txt
2017-07-29 22:09 - 2017-07-30 19:52 - 000000000 ____D C:\Users\Kathrin\Downloads\FRST-OlderVersion
2017-07-27 18:15 - 2017-07-27 18:15 - 000004505 _____ C:\Users\Kathrin\Downloads\SearchReg.txt
2017-07-27 09:41 - 2017-07-27 09:41 - 000670024 _____ C:\Users\Kathrin\Downloads\Friedhofsplan Westfriedhof.pdf
2017-07-26 22:03 - 2017-07-30 19:52 - 002381312 _____ (Farbar) C:\Users\Kathrin\Downloads\FRST64(1).exe
2017-07-26 21:53 - 2017-07-30 19:54 - 000253856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-07-26 21:53 - 2017-07-26 21:53 - 000001885 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-07-26 21:53 - 2017-07-26 21:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-07-26 21:53 - 2017-07-26 21:53 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-07-26 21:53 - 2017-06-27 12:06 - 000077376 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-07-26 21:48 - 2017-07-26 21:52 - 065033984 _____ (Malwarebytes ) C:\Users\Kathrin\Downloads\mb3-setup-consumer-3.1.2.1733-1.0.160-1.0.2251(1).exe
2017-07-26 21:43 - 2017-07-26 21:43 - 000002090 _____ C:\Users\Public\Desktop\SupportAssist.lnk
2017-07-26 21:43 - 2017-07-26 21:43 - 000000000 ____D C:\ProgramData\PC-Doctor for Windows
2017-07-26 21:43 - 2017-07-26 21:43 - 000000000 ____D C:\Program Files\Dell Support Center
2017-07-26 21:38 - 2017-07-26 21:43 - 065033984 _____ (Malwarebytes ) C:\Users\Kathrin\Downloads\mb3-setup-consumer-3.1.2.1733-1.0.160-1.0.2251.exe
2017-07-26 21:37 - 2017-07-30 00:02 - 000000000 ____D C:\Users\Kathrin\Desktop\Trojaner-Board
2017-07-26 21:27 - 2017-07-26 21:28 - 008162248 _____ (Malwarebytes) C:\Users\Kathrin\Downloads\adwcleaner_7.0.0.0(2).exe
2017-07-26 18:05 - 2017-07-26 18:21 - 000508014 _____ C:\TDSSKiller.3.1.0.15_26.07.2017_18.05.48_log.txt
2017-07-26 18:04 - 2017-07-26 18:05 - 004922400 _____ (AO Kaspersky Lab) C:\Users\Kathrin\Downloads\tdsskiller.exe
2017-07-26 13:50 - 2017-07-30 20:00 - 000028422 _____ C:\Users\Kathrin\Downloads\FRST.txt
2017-07-26 13:50 - 2017-07-30 00:06 - 000032384 _____ C:\Users\Kathrin\Downloads\Addition.txt
2017-07-26 13:49 - 2017-07-30 20:00 - 000000000 ____D C:\FRST
2017-07-26 11:12 - 2017-07-26 11:12 - 000001173 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-07-26 11:12 - 2017-07-26 11:12 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-07-26 11:10 - 2017-07-26 11:10 - 000030318 _____ C:\Users\Kathrin\Desktop\bookmarks-2017-07-26.json
2017-07-26 10:06 - 2017-07-26 10:06 - 008162248 _____ (Malwarebytes) C:\Users\Kathrin\Downloads\adwcleaner_7.0.0.0(1).exe
2017-07-26 10:05 - 2017-07-26 10:05 - 008162248 _____ (Malwarebytes) C:\Users\Kathrin\Downloads\adwcleaner_7.0.0.0.exe
2017-07-24 07:50 - 2017-07-30 19:29 - 000003860 _____ C:\WINDOWS\System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse
2017-07-24 07:50 - 2017-07-29 23:08 - 000004034 _____ C:\WINDOWS\System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse
2017-07-24 07:39 - 2017-05-04 01:11 - 000103600 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-07-24 07:39 - 2017-05-03 15:43 - 001555968 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-07-24 07:39 - 2017-05-03 15:43 - 001206272 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-07-24 07:39 - 2017-05-03 15:43 - 000620544 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-07-24 07:39 - 2017-05-03 15:43 - 000535552 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-07-24 07:39 - 2017-05-03 15:43 - 000325632 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-07-24 07:39 - 2017-05-03 15:43 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\centel.dll
2017-07-24 07:39 - 2017-05-03 15:43 - 000217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-07-24 07:39 - 2017-05-03 15:43 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-07-18 14:41 - 2017-07-06 10:52 - 000119296 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2017-07-18 14:41 - 2017-06-29 08:27 - 025734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-07-18 14:41 - 2017-06-29 08:02 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-07-18 14:41 - 2017-06-29 07:50 - 000817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-07-18 14:41 - 2017-06-29 07:44 - 005975552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-07-18 14:41 - 2017-06-29 07:23 - 020270592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-07-18 14:41 - 2017-06-29 07:23 - 000499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-07-18 14:41 - 2017-06-29 07:17 - 001033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2017-07-18 14:41 - 2017-06-29 07:13 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-07-18 14:41 - 2017-06-29 07:09 - 000806912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-07-18 14:41 - 2017-06-29 06:58 - 015253504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-07-18 14:41 - 2017-06-29 06:53 - 003240960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-07-18 14:41 - 2017-06-29 06:52 - 004549632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-07-18 14:41 - 2017-06-29 06:51 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2017-07-18 14:41 - 2017-06-29 06:47 - 000693248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-07-18 14:41 - 2017-06-29 06:43 - 013663744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-07-18 14:41 - 2017-06-29 06:41 - 001545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-07-18 14:41 - 2017-06-29 06:29 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-07-18 14:41 - 2017-06-29 06:28 - 002767872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-07-18 14:41 - 2017-06-29 06:24 - 001314816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-07-18 14:41 - 2017-06-29 06:23 - 000710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-07-18 14:41 - 2017-06-27 16:29 - 007796736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-07-18 14:41 - 2017-06-27 16:29 - 007077376 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2017-07-18 14:41 - 2017-06-27 16:26 - 005274112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll
2017-07-18 14:41 - 2017-06-27 16:26 - 005268992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-07-18 14:41 - 2017-06-22 16:22 - 004169216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-07-18 14:41 - 2017-06-17 18:45 - 003631616 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-07-18 14:41 - 2017-06-17 18:34 - 002749952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-07-18 14:41 - 2017-06-17 18:11 - 002551808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-07-18 14:41 - 2017-06-17 18:05 - 001920000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-07-18 14:41 - 2017-06-16 00:02 - 000990040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2017-07-18 14:41 - 2017-06-15 15:45 - 007440728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-07-18 14:41 - 2017-06-15 15:45 - 001674520 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-07-18 14:41 - 2017-06-15 15:45 - 001534064 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-07-18 14:41 - 2017-06-15 15:45 - 001499920 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-07-18 14:41 - 2017-06-15 15:45 - 001370320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-07-18 14:41 - 2017-06-15 15:45 - 000086360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2017-07-18 14:41 - 2017-06-12 02:06 - 000376672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-07-18 14:41 - 2017-06-12 00:21 - 000590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wvc.dll
2017-07-18 14:41 - 2017-06-11 23:43 - 000371200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinfo32.exe
2017-07-18 14:41 - 2017-06-11 23:25 - 000478720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wvc.dll
2017-07-18 14:41 - 2017-06-11 23:15 - 001436672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdc.dll
2017-07-18 14:41 - 2017-06-11 23:08 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2017-07-18 14:41 - 2017-06-11 23:07 - 000416256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sysmon.ocx
2017-07-18 14:41 - 2017-06-11 23:00 - 000962560 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-07-18 14:41 - 2017-06-11 22:58 - 000334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinfo32.exe
2017-07-18 14:41 - 2017-06-11 22:40 - 001323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdc.dll
2017-07-18 14:41 - 2017-06-11 22:35 - 000325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2017-07-18 14:41 - 2017-06-11 22:31 - 000781312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-07-18 14:41 - 2017-06-11 17:15 - 002013528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-07-18 14:41 - 2017-06-06 22:52 - 003120640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-07-18 14:41 - 2017-06-06 22:42 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2017-07-18 14:41 - 2017-06-06 22:38 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\cnvfat.dll
2017-07-18 14:41 - 2017-06-06 22:36 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\uudf.dll
2017-07-18 14:41 - 2017-06-06 22:36 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\convert.exe
2017-07-18 14:41 - 2017-06-06 22:35 - 000517120 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2017-07-18 14:41 - 2017-06-06 21:13 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ulib.dll
2017-07-18 14:41 - 2017-06-06 21:11 - 000557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2017-07-18 14:41 - 2017-06-06 21:11 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ifsutil.dll
2017-07-18 14:41 - 2017-06-06 21:11 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ufat.dll
2017-07-18 14:41 - 2017-06-06 21:11 - 000088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\uexfat.dll
2017-07-18 14:41 - 2017-06-06 21:08 - 002712576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-07-18 14:41 - 2017-06-06 21:03 - 000837632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2017-07-18 14:41 - 2017-06-06 20:59 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cnvfat.dll
2017-07-18 14:41 - 2017-06-06 20:57 - 000141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uudf.dll
2017-07-18 14:41 - 2017-06-06 20:56 - 000375296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2017-07-18 14:41 - 2017-06-06 20:03 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ulib.dll
2017-07-18 14:41 - 2017-06-06 20:02 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2017-07-18 14:41 - 2017-06-06 20:02 - 000197120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ifsutil.dll
2017-07-18 14:41 - 2017-06-06 20:02 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ufat.dll
2017-07-18 14:41 - 2017-06-06 20:02 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uexfat.dll
2017-07-18 14:41 - 2017-06-03 18:27 - 002346496 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2017-07-18 14:41 - 2017-06-03 18:03 - 001549312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2017-07-18 14:41 - 2017-05-31 23:20 - 000470360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2017-07-18 14:41 - 2017-05-16 00:09 - 000057688 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2017-07-18 14:41 - 2017-05-15 22:03 - 000379744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-07-18 14:41 - 2017-05-09 16:37 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2017-07-18 14:41 - 2017-05-09 16:35 - 000555520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2017-07-18 14:41 - 2017-05-09 16:29 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsdchngr.dll
2017-07-18 14:41 - 2017-05-09 16:29 - 000014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\snmptrap.exe
2017-07-18 14:41 - 2017-05-09 16:28 - 000193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2017-07-18 14:41 - 2017-05-09 16:28 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsdchngr.dll
2017-07-18 14:41 - 2017-05-09 16:12 - 000448576 _____ C:\WINDOWS\system32\ApnDatabase.xml
2017-07-18 14:41 - 2017-05-06 18:45 - 001114624 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2017-07-18 14:41 - 2017-05-06 18:41 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdsdwmdr.dll
2017-07-18 14:41 - 2017-05-02 22:09 - 000686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-07-18 14:41 - 2017-05-02 22:08 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-07-18 14:41 - 2017-05-02 22:08 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2017-07-18 14:41 - 2017-05-02 20:41 - 000044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscore.dll
2017-07-18 14:41 - 2017-05-02 20:31 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2017-07-18 14:41 - 2017-05-02 20:31 - 000207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\smbwmiv2.dll
2017-07-18 14:41 - 2017-05-02 19:35 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sscore.dll
2017-07-18 14:41 - 2017-04-30 18:48 - 000080078 _____ C:\WINDOWS\system32\normidna.nls
2017-07-18 14:41 - 2017-04-28 03:13 - 001292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe
2017-07-18 14:41 - 2017-04-28 03:11 - 001060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe
2017-07-04 21:15 - 2017-07-04 21:15 - 000003806 _____ C:\WINDOWS\System32\Tasks\Dell SupportAssistAgent AnonymousRegistration
2017-07-04 21:15 - 2017-07-04 21:15 - 000003792 _____ C:\WINDOWS\System32\Tasks\Dell SupportAssistAgent AutoUpdate
2017-07-04 21:15 - 2017-07-04 21:15 - 000000000 ____D C:\ProgramData\SupportAssistAgent
2017-07-04 21:15 - 2017-07-04 21:15 - 000000000 ____D C:\ProgramData\SupportAssist
2017-07-02 17:49 - 2017-07-02 17:59 - 000000000 ____D C:\Users\Kathrin\Desktop\Besondere
2017-06-30 20:27 - 2017-06-30 20:27 - 000000000 ____D C:\Program Files (x86)\Dell Update

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-07-30 19:59 - 2014-03-18 12:03 - 001780340 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-07-30 19:59 - 2014-03-18 11:25 - 000766620 _____ C:\WINDOWS\system32\perfh007.dat
2017-07-30 19:59 - 2014-03-18 11:25 - 000159902 _____ C:\WINDOWS\system32\perfc007.dat
2017-07-30 19:59 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\Inf
2017-07-30 19:59 - 2012-12-09 08:21 - 000003594 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-85611978-3827166080-1061539791-1001
2017-07-30 19:58 - 2016-11-25 20:35 - 000000000 ____D C:\Users\Kathrin\AppData\LocalLow\Mozilla
2017-07-30 19:56 - 2012-12-02 04:06 - 000000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2017-07-30 19:54 - 2015-05-18 14:26 - 000000000 ____D C:\Users\Kathrin\AppData\Roaming\Skype
2017-07-30 19:54 - 2014-08-15 21:38 - 000000000 __RDO C:\Users\Kathrin\OneDrive
2017-07-30 19:53 - 2013-08-22 16:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-07-30 19:53 - 2013-08-22 15:25 - 000524288 ___SH C:\WINDOWS\system32\config\BBI
2017-07-30 19:53 - 2012-12-02 04:00 - 000034752 _____ C:\WINDOWS\system32\Drivers\WPRO_41_2001.sys
2017-07-30 00:15 - 2012-12-02 04:02 - 000000000 ____D C:\ProgramData\PCDr
2017-07-29 08:52 - 2012-07-26 07:26 - 000000199 _____ C:\WINDOWS\win.ini
2017-07-29 08:43 - 2012-12-02 04:05 - 000000000 ____D C:\Program Files (x86)\McAfee
2017-07-28 10:03 - 2013-04-06 18:58 - 000000968 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-85611978-3827166080-1061539791-1001UA.job
2017-07-26 21:43 - 2013-03-27 09:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2017-07-26 21:36 - 2017-05-10 08:45 - 000000000 ____D C:\Users\Kathrin\AppData\Roaming\Lavasoft
2017-07-26 21:36 - 2017-05-10 08:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2017-07-26 21:36 - 2017-05-10 08:45 - 000000000 ____D C:\ProgramData\Lavasoft
2017-07-26 21:36 - 2017-05-10 08:45 - 000000000 ____D C:\Program Files (x86)\Lavasoft
2017-07-26 21:36 - 2013-10-17 22:18 - 000000000 ____D C:\AdwCleaner
2017-07-26 19:03 - 2013-04-06 18:58 - 000000946 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-85611978-3827166080-1061539791-1001Core.job
2017-07-26 11:12 - 2016-12-17 22:54 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-07-26 10:17 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\rescache
2017-07-26 09:39 - 2015-05-15 15:17 - 000000000 ____D C:\WINDOWS\system32\appraiser
2017-07-24 07:51 - 2016-06-01 15:45 - 000003068 _____ C:\WINDOWS\System32\Tasks\McAfeeLogon
2017-07-24 07:51 - 2013-09-19 19:04 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-07-24 07:51 - 2013-08-22 17:36 - 000000000 ___HD C:\Program Files\WindowsApps
2017-07-24 07:51 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-07-24 07:49 - 2012-12-16 14:50 - 135225752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-07-24 07:49 - 2012-07-26 09:59 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-07-24 07:31 - 2013-08-22 16:44 - 000419368 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-07-18 14:38 - 2017-05-10 07:42 - 000000000 __HDC C:\ProgramData\{6E35203C-6E98-4378-8362-112CFE55C2C1}
2017-07-17 10:47 - 2015-03-14 19:46 - 000004342 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-07-17 10:47 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-07-17 10:46 - 2017-06-21 13:14 - 005824512 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2017-07-17 10:46 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-07-04 21:15 - 2012-12-02 04:00 - 000000000 ____D C:\Program Files\Dell
2017-06-30 20:52 - 2012-12-02 04:05 - 000000000 ____D C:\Program Files\mcafee
2017-06-30 20:40 - 2012-12-02 04:05 - 000000000 ____D C:\ProgramData\McAfee
2017-06-30 20:40 - 2012-12-02 04:05 - 000000000 ____D C:\Program Files\Common Files\mcafee
2017-06-30 20:39 - 2012-07-26 10:12 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2017-06-30 20:38 - 2015-07-04 16:04 - 000000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2017-06-30 20:26 - 2013-08-22 15:25 - 000262144 ___SH C:\WINDOWS\system32\config\ELAM
2017-06-30 20:23 - 2013-08-22 17:36 - 000000000 ___RD C:\WINDOWS\ToastData
2017-06-30 02:27 - 2013-08-22 17:38 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-06-30 02:27 - 2013-08-22 17:38 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-03-15 18:03 - 2015-03-15 18:04 - 000000872 _____ () C:\Users\Kathrin\AppData\Roaming\AbsoluteReminder.xml
2013-12-20 13:28 - 2014-09-24 11:28 - 000000148 _____ () C:\Users\Kathrin\AppData\Roaming\WB.CFG
2013-10-05 20:09 - 2015-12-21 22:15 - 000006144 _____ () C:\Users\Kathrin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-12-28 19:45 - 2015-12-28 19:45 - 000001553 _____ () C:\Users\Kathrin\AppData\Local\recently-used.xbel
2012-12-02 04:05 - 2012-12-02 04:05 - 000000119 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2012-12-02 04:03 - 2012-12-02 04:03 - 000000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2012-12-02 04:03 - 2012-12-02 04:04 - 000000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log
2012-12-02 04:03 - 2012-12-02 04:03 - 000000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2012-12-02 04:04 - 2012-12-02 04:05 - 000000108 _____ () C:\ProgramData\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}.log

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-07-30 19:40

==================== Ende von FRST.txt ============================

FRST Additions Logfile:

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 30-07-2017
durchgeführt von Kathrin (30-07-2017 20:01:20)
Gestartet von C:\Users\Kathrin\Downloads
Windows 8.1 (Update) (X64) (2014-08-15 19:37:05)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-85611978-3827166080-1061539791-500 - Administrator - Disabled)
Gast (S-1-5-21-85611978-3827166080-1061539791-501 - Limited - Disabled)
Kathrin (S-1-5-21-85611978-3827166080-1061539791-1001 - Administrator - Enabled) => C:\Users\Kathrin

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Enabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC}
AS: Malwarebytes (Disabled - Out of date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee VirusScan (Enabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}
FW: McAfee Firewall (Enabled) {B3F62DDF-980B-3470-75A7-407A2E6F58C7}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Absolute Reminder (HKLM-x32\...\{40F4FF7A-B214-4453-B973-080B09CED019}) (Version: 2.1.0.8 - Absolute Software)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.137 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{FDDC1039-944D-A9DD-92A7-59EE0A91C93B}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
Apple Application Support (32-Bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon MP Navigator EX 3.0 (HKLM-x32\...\MP Navigator EX 3.0) (Version:  - )
Canon MP640 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP640_series) (Version:  - )
Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 3.6.9.0 - Chip Digital GmbH)
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.5.0.0 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.5.0.0 - Dell Inc.)
Dell Customer Connect (HKLM-x32\...\{4FA72FF9-DD64-43A8-8704-6380A11F11D5}) (Version: 1.4.15.0 - Dell Inc.)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 2.0.6875.402 - Dell)
Dell SupportAssistAgent (HKLM\...\{90881C8E-6C4F-4662-9923-85AFCA058C44}) (Version: 2.0.1.7 - Dell)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 17.0.8.0 - Synaptics Incorporated)
Dell Update (HKLM-x32\...\{F91263FA-BE4D-439D-9C0A-2E7204E0E9E3}) (Version: 1.9.20.0 - Dell Inc.)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 17.4.37.20160609 - Landesfinanzdirektion Thüringen)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Fotogalerie (HKLM-x32\...\{B19E03EA-067C-412F-A81E-271720E601AB}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 1.0 - Huawei Technologies Co.,Ltd)
ifolor Designer (HKLM-x32\...\ifolor-Designer) (Version:  - Ifolor AG)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) My WiFi Dashboard (HKLM\...\{1E741267-F54B-4b3a-A7B6-1D1A156E385E}) (Version: 15.05.5000.0219 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{89478C31-5CE8-461A-9084-9A0AF059F84F}) (Version: 15.5.0.0344 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{7854AA22-A2F0-4F29-A2E9-D0C5A2B685E7}) (Version: 2.5.0.0248 - Motorola Solutions, Inc)
Intel(R) Rapid Start Technology (HKLM-x32\...\3D073343-CEEB-4ce7-85AC-A69A7631B5D6) (Version: 2.1.0.1002 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
Intel(R) Smart Connect Technology 3.0 x64 (HKLM\...\{EE21578E-DE14-46D5-83D7-EA4D347B2F9A}) (Version: 3.0.30.1526 - Intel)
Intel® PROSet/Wireless Software (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.35 - Irfan Skiljan)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Malwarebytes Version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
McAfee SecurityCenter (HKLM-x32\...\MSC) (Version: 16.0.1 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.149 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Office Home and Business 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{7F682A00-6497-4551-A2A6-063AE667D1CF}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{D71BC54E-A4E6-4E06-866C-FD6EE16EA187}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Mozilla Firefox 54.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 54.0.1 (x86 de)) (Version: 54.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 54.0.1 - Mozilla)
OnlineFotoservice (HKLM-x32\...\OnlineFotoservice) (Version: 6.2.1 - CEWE Stiftung u Co. KGaA)
PDF Architect 3 (HKLM-x32\...\PDF Architect 3) (Version: 3.0.45.22485 - pdfforge GmbH)
PDF Architect 3 Create Module (HKLM-x32\...\{38BA288B-C4F4-4C62-9237-4BFAB374F966}) (Version: 3.0.13.22993 - pdfforge GmbH) Hidden
PDF Architect 3 Edit Module (HKLM-x32\...\{5183F03D-90FA-493B-A074-F0F78B8486AD}) (Version: 3.0.13.22993 - pdfforge GmbH) Hidden
PDF Architect 3 View Module (HKLM-x32\...\{EB24E9E7-4BC1-4FD7-BF86-BDE07A7A03D7}) (Version: 3.0.13.22993 - pdfforge GmbH) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.1.2 - pdfforge)
PowerXpressHybrid (HKLM-x32\...\{51FDC2DE-0917-46B7-EAEC-5377504701DE}) (Version: 1.00.0000 - Ihr Firmenname) Hidden
PX Profile Update (HKLM-x32\...\{5C44E602-5CCC-CB4B-CF62-EF1F3A12C51E}) (Version: 1.00.1. - AMD) Hidden
Qualcomm Atheros Ethernet Controller (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.1.003 - Dell Inc.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype™ 7.36 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.36.101 - Skype Technologies S.A.)
tiptoi® Manager 3.1.6 (HKLM-x32\...\9978-5763-2995-5228) (Version: 3.1.6 - Ravensburger AG)
Web Companion (HKLM-x32\...\{b26385c7-5907-484a-bc22-1e755c8295d7}) (Version: 2.4.1558.3001 - Lavasoft)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-85611978-3827166080-1061539791-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07302017195527824_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-85611978-3827166080-1061539791-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2012-07-11] (Cyberlink)
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\mcafee\msc\McCtxMenuFrmWrk.dll [2017-05-31] (McAfee, Inc.)
ContextMenuHandlers1-x32: [PDFArchitect3_PDFManagerExt] -> {7519DD38-AA6F-4250-8E81-F1576DA1A05E} => C:\Program Files (x86)\PDF Architect 3\creator-context-menu.dll [2015-04-24] (pdfforge GmbH)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2012-07-11] (Cyberlink)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2014-07-04] (Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2014-05-21] (Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\WINDOWS\system32\igfxOSP.dll [2014-05-21] (Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-05-09] (Malwarebytes)
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => c:\Program Files\mcafee\msc\McCtxMenuFrmWrk.dll [2017-05-31] (McAfee, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0DE5D388-FC53-4786-8AAA-CC7AD94D0382} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2017-05-29] (PC-Doctor, Inc.)
Task: {3346F2AE-E1EC-4C54-AFFB-51D4143B987F} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssist.exe [2017-06-28] (Dell Inc.)
Task: {411AC239-D72C-4FDB-B5AC-93975814DD36} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe [2017-05-31] (McAfee, Inc.)
Task: {4C493B69-2697-4359-8288-269175854765} - System32\Tasks\IntelBootstrapCCDashServer => C:\Program Files\Intel\CCDashboard\bin\CCDashServer.exe [2012-07-13] (Intel® Corporation)
Task: {5E467C87-2481-40AB-8A4C-2946B3AA9301} - System32\Tasks\Dell SupportAssistAgent AnonymousRegistration => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssist.exe [2017-06-28] (Dell Inc.)
Task: {5F3FC2AD-9575-4A9F-B8F2-EBAA85480727} - System32\Tasks\Intel® Rapid Start Technology Manager => C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe [2012-07-20] (Intel)
Task: {6BEC73C4-CE06-47B5-AC6B-299327EC5032} - System32\Tasks\PCDDataUploadTask => uaclauncher.exe
Task: {8E87BCE2-092E-4537-9750-6044283C5E73} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-85611978-3827166080-1061539791-1001Core => C:\Users\Kathrin\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-04-06] (Facebook Inc.)
Task: {8E9E1FC8-A5BE-40AD-A369-056C024240E0} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {997C97A7-BF73-453A-87C1-1D7547FAD789} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {A0AA7717-B8D6-437B-82FC-FC8956A8AAF5} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {A5E57417-4C56-47EE-9058-51C36DB67062} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-07-17] (Adobe Systems Incorporated)
Task: {A9B66851-C039-4F0C-8517-50C2937B712B} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2017-05-29] (PC-Doctor, Inc.)
Task: {AA5C19F3-AA0F-41D3-87A2-58E5685AF7D7} - System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.50.1291.1\mcdatrep.exe [2017-02-13] (McAfee, Inc.)
Task: {C2AD9EC4-02D0-4E68-A22B-A79E0F068E61} - System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.50.1291.1\mcdatrep.exe [2017-02-13] (McAfee, Inc.)
Task: {CB85AA55-67CF-4281-A94A-8DBB541FFA6E} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-85611978-3827166080-1061539791-1001UA => C:\Users\Kathrin\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-04-06] (Facebook Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-85611978-3827166080-1061539791-1001Core.job => C:\Users\Kathrin\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-85611978-3827166080-1061539791-1001UA.job => C:\Users\Kathrin\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-03-20 18:12 - 2015-03-20 18:12 - 000085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 001346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-04-11 04:17 - 2017-04-11 04:17 - 000192200 _____ () C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
2012-07-24 18:43 - 2012-07-24 18:43 - 000146984 _____ () c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2012-07-24 18:43 - 2012-07-24 18:43 - 000058920 _____ () c:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2012-12-02 04:04 - 2012-04-25 04:43 - 000254512 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2017-06-30 20:40 - 2017-06-11 13:00 - 000583160 _____ () C:\Program Files\McAfee\MfeAV\RealProtectAMScanIf.dll
2017-06-30 20:40 - 2017-06-11 12:59 - 000574352 _____ () C:\Program Files\McAfee\MfeAV\AMEngineScan.dll
2017-06-30 20:40 - 2017-06-11 13:00 - 000571240 _____ () C:\Program Files\McAfee\MfeAV\RepairModule.dll
2017-06-28 16:49 - 2017-06-28 16:49 - 000018904 _____ () C:\Program Files\Dell\SupportAssistAgent\bin\UnityConfig.dll
2017-06-28 16:49 - 2017-06-28 16:49 - 000037336 _____ () C:\Program Files\Dell\SupportAssistAgent\bin\WorkflowEngine.dll
2017-06-28 16:49 - 2017-06-28 16:49 - 000209368 _____ () C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistHandlers.dll
2017-06-28 16:49 - 2017-06-28 16:49 - 000025048 _____ () C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistWebServer.dll
2017-06-28 16:49 - 2017-06-28 16:49 - 000071640 _____ () C:\Program Files\Dell\SupportAssistAgent\bin\SmartThreadPool.dll
2017-06-28 16:49 - 2017-06-28 16:49 - 000010712 _____ () C:\Program Files\Dell\SupportAssistAgent\bin\Owin.dll
2017-04-26 15:19 - 2017-04-26 15:19 - 002005976 ____R () C:\Program Files (x86)\Skype\Phone\skypert.dll
2012-12-02 04:03 - 2012-06-08 05:34 - 000627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 19:34 - 2012-06-08 19:34 - 000016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2016-12-21 11:24 - 2016-12-21 11:24 - 000134008 _____ () C:\Program Files (x86)\Dell Customer Connect\ServiceTagPlusPlus.dll
2017-05-01 15:27 - 2017-05-01 15:27 - 000133992 _____ () C:\Program Files (x86)\Dell Update\ServiceTagPlusPlus.dll
2017-06-26 21:28 - 2017-06-26 21:28 - 000016384 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PSIClient\45eab03aba84951dc2a8fd2b4c8873eb\PSIClient.ni.dll
2012-12-02 03:59 - 2012-06-25 18:41 - 001198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-07-06 18:09 - 2013-05-03 01:01 - 001813792 _____ () C:\Program Files (x86)\Dell Backup and Recovery\OLCoreWrapper.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-85611978-3827166080-1061539791-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-85611978-3827166080-1061539791-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07302017195527824\...\localhost -> localhost

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2013-08-22 15:25 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-85611978-3827166080-1061539791-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Kathrin\Pictures\CARE FOR RARE\VMue_Hauner_075.jpg
HKU\S-1-5-21-85611978-3827166080-1061539791-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-07302017195527824\Control Panel\Desktop\\Wallpaper -> C:\Users\Kathrin\Pictures\CARE FOR RARE\VMue_Hauner_075.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Wiederherstellungspunkte =========================

26-06-2017 21:05:05 Windows Update
21-07-2017 10:51:38 Windows Update
29-07-2017 08:51:59 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (07/30/2017 07:53:54 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: CISCTPnpDriverApi::SetMaxWakeDuration   *****IOCTL_ISCT_SAWD(SAWD) Failed, Error=0x2

Error: (07/30/2017 07:53:34 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: CISCTPnpDriverApi::SetMaxWakeDuration   *****IOCTL_ISCT_SAWD(SAWD) Failed, Error=0x2

Error: (07/30/2017 07:47:46 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "\\?\Volume{b933931f-ec2b-4aec-9121-6e6207e8820d}\" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)

Error: (07/30/2017 07:47:46 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "WINRETOOLS" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)

Error: (07/30/2017 12:11:01 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.

Error: (07/30/2017 12:09:35 AM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: CISCTPnpDriverApi::SetMaxWakeDuration   *****IOCTL_ISCT_SAWD(SAWD) Failed, Error=0x2

Error: (07/29/2017 10:12:27 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: CISCTPnpDriverApi::SetMaxWakeDuration   *****IOCTL_ISCT_SAWD(SAWD) Failed, Error=0x2

Error: (07/29/2017 10:11:28 PM) (Source: ISCTAgent) (EventID: 1000) (User: )
Description: CISCTPnpDriverApi::SetMaxWakeDuration   *****IOCTL_ISCT_SAWD(SAWD) Failed, Error=0x2

Error: (07/28/2017 08:50:49 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "\\?\Volume{b933931f-ec2b-4aec-9121-6e6207e8820d}\" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)

Error: (07/28/2017 08:50:48 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "WINRETOOLS" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)


Systemfehler:
=============
Error: (07/30/2017 07:53:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "chip 1-click download service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (07/30/2017 07:53:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Intel(R) Management and Security Application Local Management Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Die Pipe wurde beendet.

Error: (07/30/2017 07:53:36 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Superfetch" wurde mit folgendem Fehler beendet: 
Der Dienst wurde nicht gestartet.

Error: (07/30/2017 07:53:36 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\WINDOWS\System32\IWMSSvc.dll

Error: (07/30/2017 07:53:36 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\WINDOWS\System32\IWMSSvc.dll

Error: (07/30/2017 07:53:34 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\WINDOWS\System32\IWMSSvc.dll

Error: (07/30/2017 07:53:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Dell Data Vault Collector" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/30/2017 07:53:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Dell Data Vault Service API" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/30/2017 07:53:29 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Dell SupportAssist Agent" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 32767 Millisekunden durchgeführt: Aufführung des konfigurierten Wiederherstellungsp.

Error: (07/30/2017 07:53:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Dell Data Vault Processor" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


CodeIntegrity:
===================================
  Date: 2017-07-30 20:00:48.474
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imthx64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-07-30 20:00:48.228
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imapo64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-07-30 19:52:55.946
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imthx64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-07-30 19:52:55.716
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imapo64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-07-30 00:26:17.722
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imthx64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-07-30 00:26:17.519
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imapo64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-07-30 00:26:17.159
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imthx64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-07-30 00:26:16.956
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imapo64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-07-30 00:13:07.306
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imthx64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-07-30 00:13:07.064
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imapo64.dll because the set of per-page image hashes could not be found on the system.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-3517U CPU @ 1.90GHz
Prozentuale Nutzung des RAM: 39%
Installierter physikalischer RAM: 8058.5 MB
Verfügbarer physikalischer RAM: 4844.44 MB
Summe virtueller Speicher: 9338.5 MB
Verfügbarer virtueller Speicher: 5889.27 MB

==================== Laufwerke ================================

Drive c: (OS) (Fixed) (Total:216.5 GB) (Free:39.3 GB) NTFS
Drive y: (WINRETOOLS) (Fixed) (Total:0.49 GB) (Free:0.44 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 17FA38E3)

Partition: GPT.

==================== Ende von Addition.txt ============================

--- --- ---

Hallo Matthias,

juhuu.... es scheint, als ob das Problem verschwunden ist :-)

Falls Du in den letzten Log-Dateien die ich Dir geschickt habe auch keine Fehler mehr findest, dann haben wir's geschafft. Danke vielmals!!

Finds echt lässig, dass mir so unkompliziert und verständlich geholfen wurde

Grüße, Kathrin

M-K-D-B · 30.07.2017, 21:03

Dann wären wir durch!
Wenn du keine Probleme mehr mit Malware hast, dann sind wir hier fertig. Deine Logdateien sind sauber.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...

Vielleicht möchtest du das Forum mit einer kleinen Spende unterstützen.

Hinweise:
Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann.
Zum Schluss müssen wir noch ein paar abschließende Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern.

Cleanup
Alle Logs gepostet? Dann lade Dir bitte

DelFix herunter.

Schließe alle offenen Programme.
Starte die delfix.exe mit einem Doppelklick.
Setze vor jede Funktion ein Häkchen.
Klicke auf Start.
Starte deinen Rechner zum Abschluss neu auf.

Hinweis:
DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte deinen Rechner anschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst du diese bedenkenlos löschen.

Virenscanner + Firewall
Vorab sei erwähnt, dass man niemals die Schutzwirkung eines Virenscanners überbewerten darf! Kein Antivirusprogramm erkennt 100% der Schadsoftware.

Sofern du noch unentschieden bist, verwende MAXIMAL EIN EINZIGES der folgenden Antivirusprogramme mit Echtzeitscanner und stets aktueller Signaturendatenbank:

Emsisoft Anti-Malware (kostenpflichtig)
ESET NOD32 Antivirus (kostenpflichtig)
Microsoft Security Essentials (kostenlos)

Microsoft Security Essentials (MSE) / Windows Defender (WD) ist ab Windows 8 fest eingebaut, wenn du also Windows 8, 8.1 oder 10 und dich für MSE/WD entschieden hast, brauchst du nicht extra MSE/WD zu installieren. Bei Windows 7 muss es aber manuell installiert oder über die Windows Updates als optionales Update bezogen werden. Selbstverständlich ist ein legales/aktiviertes Windows Voraussetzung dafür.

Verwende immer nur reine Virenscanner (keine Produkte mit "Suite", "Internet Security", "Endpoint" oder "Total Security" in Namen, denn diese bringen kontraproduktive Firewalls mit - die Windows-Firewall ist alles was benötigt wird)

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware , AdwCleaner und mit dem ESET Online Scanner scannen.
Diese Programme sind alle kostenlos und stören nicht den Betrieb deines Antivirenprogramms.

Absicherungen
Beim Betriebsystem Windows ist es wichtig, die automatischen Updates zu aktivieren.
Auch sicherheitsrelevante Software sollte immer in aktueller Version vorliegen.

Das zeitnahe Einspielen von Updates ist erforderlich, damit Sicherheitslücken geschlossen werden. Sicherheitslücken werden beispielsweise dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.

Besonders aufpassen bzgl. der Aktualität musst du insbesondere bei folgender Software - sofern diese überhaupt benötigt wird:

Browser (Internet Explorer, Edge, Firefox, Chrome, Opera, etc.)
Flash-Player
Java
Adobe Reader

Optionale Browsererweiterungen

Adblock Plus oder uBlock Origin (Firefox - Chrome) - können Banner, Pop-ups, Videowerbung, Tracking und Malware-Seiten blockieren
NoScript - verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen. NoScript kann gerade bei technisch nicht allzu versierten Nutzern beim Surfen zum Nervfaktor werden; ob das Tool geeignet ist, muss jeder selbst mal ausprobieren und dann für sich entscheiden.

Grundsätzliches

Ändere regelmäßig deine Online-Passwörter und erstelle regelmäßig Backups deiner wichtigen Dateien oder des Systems. Genaueres dazu findest du unten im Lesestoff zu Backups.
Lade keine Software von Chip, Softonic, SourceForge oder VLC.de. Die dort angebotene Software wird häufig mit einem sog. "Installer" verteilt, mit dem man sich nur unerwünschte Software oder Adware installiert.
Lade Software von einem sauberen Portal wie oder direkt beim jeweiligen Hersteller / Entwickler.
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne die Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten bis nicht belegbar. Selbst Microsoft unterstützt sog. Registry-Cleaner nicht.
Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.

Lesestoff:
Backup-/Image-Tools

IMHO sind Wiederherstellungspunkte nix weiter als eine Notlösung, wer sich auf was Funktionierendes verlassen will und muss, kommt um echte Backup/Imaging Software nicht herum. Ich nehme unter Windows immer Drive Snapshot - Disk Image Backup for Windows NT/2000/XP/2003/X64

Damit man sinnvolle Backups hat, muss man regelmäßig (z. B. wöchentlich) ein Image auf eine separate externe Festplatte erstellen. Diese externe Festplatte wird nur dann angeschlossen, wenn man das Backup erstellen will (oder etwas wiederherstellen muss), sonsten bleibt sie aus Sicherheitsgründen sicher im Schrank verwahrt - allein schon aus dem Grund, die Backups vor Krypto-Trojaner zu schützen.

Option 1: Drivesnapshot

Offizielle TB-Anleitung --> http://www.trojaner-board.de/186299-...esnapshot.html

Drive Snapshot - Disk Image Backup for Windows NT/2000/XP/2003/X64
Download (32-Bit) => http://www.drivesnapshot.de/download/snapshot.exe
Download (64-Bit) => http://www.drivesnapshot.de/download/snapshot64.exe

Es gibt da auch leicht abgespeckte Versionen von Acronis TrueImage gratis wenn man Platten von Seagate und/oder Western Digital hat. Vllt sagen diese Programme dir mehr zu. Mein Favorit aber ist das kleine o.g. Drivesnapshot.

Option 2: Seagate DiscWizard
Download => Seagate DiscWizard - Download - Filepony

Screenshots:
http://filepony.de/screenshot/seagate_discwizard5.jpg
http://filepony.de/screenshot/seagate_discwizard4.png
http://filepony.de/screenshot/seagate_discwizard3.jpg

Option 3: Acronis TrueImage WD Edition
Download => Acronis True Image WD Edition - Download - Filepony

Screenshots:
http://filepony.de/screenshot/acroni...d_edition1.jpg
http://filepony.de/screenshot/acroni...d_edition2.jpg