Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 02-06-2017
durchgeführt von Petra (05-06-2017 16:03:25)
Gestartet von C:\Users\Petra\Downloads
Windows 10 Home Version 1607 (X64) (2016-10-11 11:05:41)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2052348202-2737845524-1218338531-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2052348202-2737845524-1218338531-503 - Limited - Disabled)
Gast (S-1-5-21-2052348202-2737845524-1218338531-501 - Limited - Disabled)
Petra (S-1-5-21-2052348202-2737845524-1218338531-1001 - Administrator - Enabled) => C:\Users\Petra
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Adobe Flash Player 25 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.8.198 - Adobe Systems, Inc.)
Avast SecureLine (HKLM\...\{2CD3C92F-EDC5-4B02-9B0A-9C1D37C58EF5}_is1) (Version: 1.0.275.2 - AVAST Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
CyberLink Power Media Player 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.6.7428 - CyberLink Corp.)
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.6.4925 - CyberLink Corp.)
CyberLink PowerDirector 12 (Version: 12.0.6.4925 - Ihr Firmenname) Hidden
DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Dont Touch My Computer 2 (HKLM-x32\...\Dont Touch My Computer 2) (Version: - )
Dropbox 25 GB (HKLM-x32\...\{0867A88D-764F-366E-9E21-130DA8B472C3}) (Version: 3.1.18.0 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.)
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
HP 3D DriveGuard (HKLM-x32\...\{E8D0E2B8-B64B-44BC-8E01-00DDACBDF78A}) (Version: 6.0.28.1 - Hewlett-Packard Company)
HP CoolSense (HKLM-x32\...\{0C723C74-62DF-4B35-9490-A207546D866D}) (Version: 2.21.4 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP ePrint SW (HKLM-x32\...\{88970959-baf7-4864-a39a-69a58e8ae5cf}) (Version: 5.0.18701 - HP)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.8318.5320 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{78E2C850-ADA6-420D-BA35-2F4A9BE733CC}) (Version: 8.4.14.41 - HP)
HP Support Solutions Framework (HKLM-x32\...\{77FA4949-7EC5-43ED-8EDA-EE537D7DB878}) (Version: 12.6.14.19 - HP)
HP Sure Connect (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 1.0.0.29 - HP Inc.)
HP System Event Utility (HKLM-x32\...\{1BB20774-0FA8-4CFF-AB69-7B7AAE2DCE6C}) (Version: 1.4.19 - HP Inc.)
HP Welcome (HKLM\...\HPWelcome) (Version: 1.0 - HP Inc.)
HP Wireless Button Driver (HKLM-x32\...\{099DAD2B-56C5-4919-9F82-418C2A018CAE}) (Version: 1.1.18.1 - HP)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10608.329 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.11.1193 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4542 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.7.1051 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Secure Connection (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
Logitech Unifying-Software 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.8067.2115 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2052348202-2737845524-1218338531-1001\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 53.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 53.0.3 (x86 de)) (Version: 53.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0.2 - Mozilla)
NVIDIA GeForce Experience 2.9.1.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.9.1.22 - NVIDIA Corporation)
NVIDIA Grafiktreiber 376.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.82 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.8067.2115 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.8067.2115 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.8067.2115 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7967.2073 - Microsoft Corporation) Hidden
Password Depot 4 (HKLM-x32\...\{A748A983-311C-4D65-B570-E7764492803E}) (Version: 4.1.8 - AceBIT)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 1.0.0.51 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.21287 - Realtek Semiconduct Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.10.714.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8023 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.0.0.83 - REALTEK Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SHIELD Streaming (Version: 4.1.0260 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.9.1.22 - NVIDIA Corporation) Hidden
Stickies 7.1e (HKLM-x32\...\ZhornStickies) (Version: - Zhorn Software)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.11.37 - Synaptics Incorporated)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
WildTangent Games App für HP (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp) (Version: 4.1.1.2 - WildTangent)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0B103D40-F46D-4CE6-A424-A79165FC8BC2} - System32\Tasks\HP\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\HP\HP CoolSense\CoolSense.exe [2016-01-21] (HP Development Company, L.P.)
Task: {10AFCAF8-BF5A-4830-B9CF-3206AA94E365} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-08] (Dropbox, Inc.)
Task: {2096D2DE-51F3-41D3-8990-02956568696A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-04-07] (HP Inc.)
Task: {22B22B16-B181-4F2F-9A3D-1C1732F907A5} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2016-09-21] ()
Task: {3B23734B-400F-4B66-93A8-E0B983256A30} - System32\Tasks\HPCeeScheduleForPetra => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-01-22] (Hewlett-Packard)
Task: {3B28522A-33F3-40F9-992D-1EB18992B65B} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Petra\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {42090703-16CC-42BC-B80B-6DD36935806D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {4835542F-1B90-4704-B074-09D7B0DDED79} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-25] (Google Inc.)
Task: {4DC8A057-66C3-4D84-B330-54E924D06DD7} - System32\Tasks\Avast SecureLine => C:\Program Files\AVAST Software\SecureLine\SecureLine.exe [2016-09-23] (AVAST Software)
Task: {5A5AF07D-B26A-44C5-9E64-33B9E08DAE6E} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-08] (Dropbox, Inc.)
Task: {5AB09B29-60CE-4396-A553-43BCC67A24D3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2017-04-06] (HP Inc.)
Task: {5E515F09-E43A-4BF8-9D07-6D70641D6EF6} - System32\Tasks\avast! SL Update => C:\Program Files\AVAST Software\SecureLine\SLUpdate.exe [2016-09-23] (AVAST Software)
Task: {6223F854-91F2-46FD-8DEF-8A8C27FFA726} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-02-19] (Intel(R) Corporation)
Task: {662222A5-67A0-46A7-A440-10E947239AB9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-09-25] (Google Inc.)
Task: {7591B97C-34D5-466A-8687-542981D28C3C} - System32\Tasks\Nvbackend => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2016-03-01] (NVIDIA Corporation)
Task: {7C7D296A-DF75-40F9-A144-6C443A2784B1} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-11-07] (HP Inc.)
Task: {82F08CCC-D2A5-4EA9-9051-91F7CEF15CAA} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-12] (Adobe Systems Incorporated)
Task: {8722B439-A3FA-4E14-A6EA-3CE5C26C00C4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2017-04-06] (HP Inc.)
Task: {89DFCC76-FA96-406E-B6B8-1A22C3FBD6D3} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-05-27] ()
Task: {B224E548-E1C0-4365-BA43-FBE6C6098F87} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant printer driver installation => C:\WINDOWS\TEMP\sp79827.exe [2017-05-08] (HP Company ) <==== ACHTUNG
Task: {B344A205-A0B1-4CCD-8A75-DB4238F614D3} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Keine Datei <==== ACHTUNG
Task: {B76156F9-771F-4C0C-8BCE-8BA58D72E1D5} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-14] (Microsoft Corporation)
Task: {BE96FC69-82C7-41AF-BBBB-B8060BD3F311} - System32\Tasks\HPDAS => C:\Program
Task: {CE2134CD-B9CC-4332-A044-7F50F7BAA7FF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-04-07] (HP Inc.)
Task: {D3CA2F6F-7519-4735-B630-389691C9713C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-12-21] (HP Inc.)
Task: {DAE4E415-CDEA-4012-A836-41014472B0DE} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-05-27] ()
Task: {DB1FCC14-AEAD-4279-B929-FE567FCB9E69} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {E1A2ED7B-8899-43EC-9FC0-E7C40100E0A5} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_25_0_0_171_pepper.exe [2017-05-12] (Adobe Systems Incorporated)
Task: {E901094A-17EB-475B-9551-10177A65F23B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-14] (Microsoft Corporation)
Task: {FFD284C2-5958-4084-9660-D88D507467B4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2017-05-25] (HP Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForPetra.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-05-10 02:42 - 2017-04-28 02:49 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-08-15 22:23 - 2015-11-19 15:44 - 00127192 _____ () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
2016-08-15 22:27 - 2014-04-14 18:59 - 00389896 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2016-08-15 22:21 - 2016-03-01 08:28 - 00291264 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-09-23 04:31 - 2016-09-23 04:31 - 00592392 _____ () C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
2016-10-11 12:55 - 2017-02-06 13:37 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-10-11 13:49 - 2016-10-11 13:49 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-15 03:35 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-15 03:36 - 2017-03-04 08:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-15 03:36 - 2017-03-04 08:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-15 03:36 - 2017-03-04 08:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-05-10 02:42 - 2017-04-28 01:36 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-05-10 02:42 - 2017-04-28 01:36 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-05-10 02:42 - 2017-04-28 01:37 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-05-27 02:15 - 2017-05-27 02:16 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.16.595.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-05-27 02:15 - 2017-05-27 02:16 - 00201728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.16.595.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-05-27 02:15 - 2017-05-27 02:16 - 43202048 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.16.595.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-05-27 02:15 - 2017-05-27 02:16 - 02442752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.16.595.0_x64__kzf8qxf38zg5c\skypert.dll
2016-06-28 00:19 - 2016-06-28 00:19 - 00865232 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\kpcengine.2.3.dll
2016-08-15 22:21 - 2016-03-01 08:31 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-09-27 21:32 - 2016-09-27 21:32 - 00049152 _____ () C:\Program Files (x86)\Stickies\shook70.dll
2016-09-23 04:31 - 2016-09-23 04:32 - 38907672 _____ () C:\Program Files\AVAST Software\SecureLine\libcef.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Users\Petra\Documents\PA hinten.jpeg:�3or4kl4x13tuuug3Byamue2s4b [81]
AlternateDataStreams: C:\Users\Petra\Documents\PA hinten.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\Petra\Documents\PA vorn.jpeg:�3or4kl4x13tuuug3Byamue2s4b [81]
AlternateDataStreams: C:\Users\Petra\Documents\PA vorn.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2015-10-30 09:24 - 2017-02-28 21:12 - 00000826 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2052348202-2737845524-1218338531-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Petra\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKLM\...\StartupApproved\Run32: => "HPMessageService"
HKLM\...\StartupApproved\Run32: => "HPRadioMgr"
HKU\S-1-5-21-2052348202-2737845524-1218338531-1001\...\StartupApproved\Run: => "OneDrive"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{8D530745-BCE5-4CC8-9043-E1ECFE15B77C}] => (Allow) c:\Program Files\CyberLink\PowerDirector12\PDR10.EXE
FirewallRules: [{6EFF1378-D96A-44B6-ABE0-BDECA3E60DF1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B6CF5F43-C300-4FEA-93EC-4C0239E58DDA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{7E46AC11-89F2-4C73-98E5-27125741A3B0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{C0B28835-25AB-457B-85C8-EBB173B76B26}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{B3785622-13CA-41A3-8804-3528EBE16312}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{964D3A32-757F-4774-AC5B-1D47C10EA417}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{A7473A1D-EA71-48CA-B54A-5D8F2EEE3175}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{DC61AE0E-7A3D-407B-8271-F3B74F0AF363}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D874A397-1A1C-44F4-9A4D-C6244379A81C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{A1604C42-6D19-4221-BF57-B1D82402D56E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6F869C77-5E85-4E12-8FD8-C1081319532A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D2D1E04F-0DB8-4E6B-BB8E-8139826479E8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{241218CA-E259-4D3A-B5A4-97235398DC3A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{79C47520-2C3E-4F0F-B4DE-573EBA998ADE}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe
FirewallRules: [{5EFC2D41-FC87-45F1-89DD-CE9F9D57CE52}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe
FirewallRules: [{522F4452-9577-410F-B141-DE336711D6D7}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe
FirewallRules: [{98474D80-B7F0-4563-A1D8-C9D7BBDBCD18}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe
FirewallRules: [{1BFAC9DC-543E-42B9-BB43-23D0B00EA513}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{39B42E3E-0BD0-4FAB-97E4-F5F786CCB668}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
==================== Wiederherstellungspunkte =========================
23-05-2017 00:52:33 Windows Update
30-05-2017 14:24:33 Geplanter Prüfpunkt
02-06-2017 02:05:26 HPSF Applying updates
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (06/05/2017 03:51:22 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10608.329) TYPE: ERROR
DPTF Build Version: 8.1.10608.329
DPTF Build Date: May 13 2016 11:00:20
Source File: ..\..\..\..\Sources\Policies\PolicyLib\PolicyBase.cpp @ line 673
Executing Function: PolicyBase::takeControlOfOsc
Message: Failed to acquire OSC: Failure during execution of _OSC:
DPTF Build Version: 8.1.10608.329
DPTF Build Date: May 13 2016 11:00:20
Source File: ..\..\..\Sources\Manager\EsifServices.cpp @ line 473
Executing Function: EsifServices::primitiveExecuteSet
Message: Error returned from ESIF services interface function call
Participant: NoParticipant
Domain: NoDomain
ESIF Primitive: SET_OPERATING_SYSTEM_CAPABILITIES [93]
ESIF Instance: 255
ESIF Return Code: ESIF_E_UNSUPPORTED_ACTION_TYPE [1202]
Policy: Passive Policy 2 [2]
Error: (06/05/2017 03:51:22 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10608.329) TYPE: ERROR
DPTF Build Version: 8.1.10608.329
DPTF Build Date: May 13 2016 11:00:20
Source File: ..\..\..\..\Sources\Policies\PolicyLib\PolicyBase.cpp @ line 673
Executing Function: PolicyBase::takeControlOfOsc
Message: Failed to acquire OSC: Failure during execution of _OSC:
DPTF Build Version: 8.1.10608.329
DPTF Build Date: May 13 2016 11:00:20
Source File: ..\..\..\Sources\Manager\EsifServices.cpp @ line 473
Executing Function: EsifServices::primitiveExecuteSet
Message: Error returned from ESIF services interface function call
Participant: NoParticipant
Domain: NoDomain
ESIF Primitive: SET_OPERATING_SYSTEM_CAPABILITIES [93]
ESIF Instance: 255
ESIF Return Code: ESIF_E_UNSUPPORTED_ACTION_TYPE [1202]
Policy: Critical Policy [1]
Error: (06/05/2017 03:05:31 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (06/04/2017 01:05:05 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (06/03/2017 03:52:18 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-LPQ3UL45)
Description: Bei der Aktivierung der App „Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (06/03/2017 03:52:17 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-LPQ3UL45)
Description: Bei der Aktivierung der App „Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (06/03/2017 04:46:36 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15984
Error: (06/03/2017 04:46:36 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15984
Error: (06/03/2017 04:46:36 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (06/03/2017 01:18:52 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Systemfehler:
=============
Error: (06/05/2017 03:53:23 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Plattformdienst für verbundene Geräte" wurde mit folgendem Fehler beendet:
Unbekannter Fehler
Error: (06/05/2017 03:50:57 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-LPQ3UL45)
Description: Der Server "{0002DF02-0000-0000-C000-000000000046}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (06/05/2017 03:50:57 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (06/05/2017 03:43:59 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (06/05/2017 03:43:22 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-LPQ3UL45)
Description: Der Server "{0002DF02-0000-0000-C000-000000000046}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (06/05/2017 03:43:22 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (06/04/2017 03:24:25 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-LPQ3UL45)
Description: Der Server "{0002DF02-0000-0000-C000-000000000046}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (06/04/2017 03:24:25 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (06/04/2017 04:43:22 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-LPQ3UL45)
Description: Der Server "{0002DF02-0000-0000-C000-000000000046}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (06/04/2017 04:43:22 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
CodeIntegrity:
===================================
Date: 2017-02-27 21:09:54.334
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\DriverStore\FileRepository\nvhmwu.inf_amd64_6cdbe0c0630ed4a3\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-02-27 21:09:54.279
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-6200U CPU @ 2.30GHz
Prozentuale Nutzung des RAM: 15%
Installierter physikalischer RAM: 16273.91 MB
Verfügbarer physikalischer RAM: 13743.4 MB
Summe virtueller Speicher: 18705.91 MB
Verfügbarer virtueller Speicher: 16219.48 MB
==================== Laufwerke ================================
Drive c: (Windows) (Fixed) (Total:118.01 GB) (Free:48.41 GB) NTFS
Drive d: (DATA) (Fixed) (Total:917.21 GB) (Free:655.92 GB) NTFS
Drive e: (RECOVERY) (Fixed) (Total:14.3 GB) (Free:1.71 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: BBAD5FB1)
Partition: GPT.
========================================================
Disk: 1 (Size: 119.2 GB) (Disk ID: 43781095)
Partition: GPT.
==================== Ende von Addition.txt ============================
Für das andere brauche ich noch etwas... die An leitung ist jja derart umfangreich und ich will nichts falsch machen. (Bin kein Profi)
Das von mir beschriebene Problem scheint weg zu sein...
Noch zwei Anmerkungen:
1. Ist im Hintergrund wohl ein Funktionsupdate von Windows geladen worden, das wohl sehr umfangreich ist, habe es aber noch nicht installiert.
2. Habe ich vor 2 Tagen mal im Ordner Geräte und Laufwerke unter "Dieser PC" geschaut.
Da war ein Laufwerk "Z" aufgeführt, beim Anklicken wurde mir der Zugriff verweigert. Ich hatte nichts weiter angeschlossen - keinen Stick, keine externes Laufwerk.
Ich habe Neustart gemacht, danach war dieses mysteriöse Laufwerk weg und ist bis jetzt nicht wieder aufgetaucht, und das anfänglich beschriebene Problem scheint auch weg zu sein.
Ich melde mich wieder, wenn ich TDSS-Killer verstanden und ausgeführt habe.
Gruß - Moa
Und hier der Rest: Code:
16:38:48.0974 0x1e98 TDSS rootkit removing tool 3.1.0.15 Apr 18 2017 11:34:02
16:38:48.0974 0x1e98 UEFI system
16:39:08.0550 0x1e98 ============================================================
16:39:08.0550 0x1e98 Current date / time: 2017/06/05 16:39:08.0550
16:39:08.0550 0x1e98 SystemInfo:
16:39:08.0550 0x1e98
16:39:08.0550 0x1e98 OS Version: 10.0.14393 ServicePack: 0.0
16:39:08.0550 0x1e98 Product type: Workstation
16:39:08.0550 0x1e98 ComputerName: LAPTOP-LPQ3UL45
16:39:08.0550 0x1e98 UserName: Petra
16:39:08.0550 0x1e98 Windows directory: C:\WINDOWS
16:39:08.0550 0x1e98 System windows directory: C:\WINDOWS
16:39:08.0550 0x1e98 Running under WOW64
16:39:08.0550 0x1e98 Processor architecture: Intel x64
16:39:08.0550 0x1e98 Number of processors: 4
16:39:08.0550 0x1e98 Page size: 0x1000
16:39:08.0550 0x1e98 Boot type: Normal boot
16:39:08.0550 0x1e98 CodeIntegrityOptions = 0x00000001
16:39:08.0550 0x1e98 ============================================================
16:39:08.0690 0x1e98 KLMD registered as C:\WINDOWS\system32\drivers\28900859.sys
16:39:08.0690 0x1e98 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.1198, osProperties = 0x19
16:39:08.0862 0x1e98 System UUID: {D61B7920-BA0E-C769-933E-87C0839C23E9}
16:39:09.0644 0x1e98 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:39:09.0644 0x1e98 Drive \Device\Harddisk1\DR1 - Size: 0x1DCF856000 ( 119.24 Gb ), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:39:09.0722 0x1e98 ============================================================
16:39:09.0722 0x1e98 \Device\Harddisk0\DR0:
16:39:09.0722 0x1e98 GPT partitions:
16:39:09.0722 0x1e98 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {EB7FF2CF-2EC7-44AA-A7CF-F2403CAC5716}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x72A6B800
16:39:09.0722 0x1e98 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {D3ADF60F-EDAB-441A-9FD9-0CAB3F3462AE}, Name: Basic data partition, StartLBA 0x72A6C000, BlocksNum 0x1C9A800
16:39:09.0722 0x1e98 MBR partitions:
16:39:09.0722 0x1e98 \Device\Harddisk1\DR1:
16:39:09.0737 0x1e98 GPT partitions:
16:39:09.0737 0x1e98 \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {DB0EC795-0C08-46DF-9C83-E876FDBC48C5}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x82000
16:39:09.0737 0x1e98 \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {4EF0E0B1-8343-4D15-9BF9-A5BE0EA2756E}, Name: Microsoft reserved partition, StartLBA 0x82800, BlocksNum 0x8000
16:39:09.0737 0x1e98 \Device\Harddisk1\DR1\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {A9FEA6D6-E7F9-4DDE-8A72-ED72A2BA4580}, Name: Basic data partition, StartLBA 0x8A800, BlocksNum 0xEC05000
16:39:09.0737 0x1e98 \Device\Harddisk1\DR1\Partition4: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {E03EF8EC-E570-4587-A233-5418F93BF683}, Name: Basic data partition, StartLBA 0xEC8F800, BlocksNum 0x1EA000
16:39:09.0737 0x1e98 MBR partitions:
16:39:09.0737 0x1e98 ============================================================
16:39:09.0737 0x1e98 C: <-> \Device\Harddisk1\DR1\Partition3
16:39:09.0753 0x1e98 D: <-> \Device\Harddisk0\DR0\Partition1
16:39:09.0784 0x1e98 E: <-> \Device\Harddisk0\DR0\Partition2
16:39:09.0784 0x1e98 ============================================================
16:39:09.0784 0x1e98 Initialize success
16:39:09.0784 0x1e98 ============================================================
16:40:55.0636 0x2154 ============================================================
16:40:55.0636 0x2154 Scan started
16:40:55.0636 0x2154 Mode: Manual; SigCheck; TDLFS;
16:40:55.0636 0x2154 ============================================================
16:40:55.0636 0x2154 KSN ping started
16:40:55.0809 0x2154 KSN ping finished: true
16:40:56.0075 0x2154 ================ Scan system memory ========================
16:40:56.0075 0x2154 System memory - ok
16:40:56.0075 0x2154 ================ Scan services =============================
16:40:56.0106 0x2154 1394ohci - ok
16:40:56.0121 0x2154 3ware - ok
16:40:56.0121 0x2154 [ 36E8D1E627D422241D903305B4008E9B, BD4BB52E98302A71A217DDE85102DBFBD04A59CEE9BAD7AF1138BF453889D6EA ] Accelerometer C:\WINDOWS\system32\DRIVERS\Accelerometer.sys
16:40:56.0184 0x2154 Accelerometer - ok
16:40:56.0199 0x2154 ACPI - ok
16:40:56.0199 0x2154 AcpiDev - ok
16:40:56.0199 0x2154 acpiex - ok
16:40:56.0215 0x2154 acpipagr - ok
16:40:56.0215 0x2154 AcpiPmi - ok
16:40:56.0215 0x2154 acpitime - ok
16:40:56.0231 0x2154 [ 99CE7A1C3AB82125EE3FDB446418865B, 00668D732E69F108ABA4FA84355F61935385C0CF83027339162E997ADD804D3A ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:40:56.0246 0x2154 AdobeFlashPlayerUpdateSvc - ok
16:40:56.0262 0x2154 ADP80XX - ok
16:40:56.0262 0x2154 AFD - ok
16:40:56.0262 0x2154 ahcache - ok
16:40:56.0262 0x2154 AJRouter - ok
16:40:56.0278 0x2154 ALG - ok
16:40:56.0278 0x2154 AmdK8 - ok
16:40:56.0278 0x2154 AmdPPM - ok
16:40:56.0278 0x2154 amdsata - ok
16:40:56.0278 0x2154 amdsbs - ok
16:40:56.0278 0x2154 amdxata - ok
16:40:56.0293 0x2154 AppHostSvc - ok
16:40:56.0293 0x2154 AppID - ok
16:40:56.0293 0x2154 AppIDSvc - ok
16:40:56.0293 0x2154 Appinfo - ok
16:40:56.0293 0x2154 applockerfltr - ok
16:40:56.0309 0x2154 AppReadiness - ok
16:40:56.0309 0x2154 AppXSvc - ok
16:40:56.0309 0x2154 arcsas - ok
16:40:56.0324 0x2154 aspnet_state - ok
16:40:56.0324 0x2154 AsyncMac - ok
16:40:56.0324 0x2154 atapi - ok
16:40:56.0324 0x2154 AudioEndpointBuilder - ok
16:40:56.0340 0x2154 Audiosrv - ok
16:40:56.0340 0x2154 [ 03B45C52179E8DAE51A0F685C30D06D6, E06F066B4BFE5344BBF5749B9B8B8CFBA0C02920FD2B9C73BDDA7E34F1785DA7 ] AVP17.0.0 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe
16:40:56.0356 0x2154 AVP17.0.0 - ok
16:40:56.0356 0x2154 AxInstSV - ok
16:40:56.0356 0x2154 b06bdrv - ok
16:40:56.0371 0x2154 BasicDisplay - ok
16:40:56.0371 0x2154 BasicRender - ok
16:40:56.0371 0x2154 bcmfn - ok
16:40:56.0371 0x2154 bcmfn2 - ok
16:40:56.0387 0x2154 BDESVC - ok
16:40:56.0387 0x2154 Beep - ok
16:40:56.0387 0x2154 BFE - ok
16:40:56.0387 0x2154 BITS - ok
16:40:56.0403 0x2154 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:40:56.0418 0x2154 Bonjour Service - ok
16:40:56.0418 0x2154 bowser - ok
16:40:56.0418 0x2154 BrokerInfrastructure - ok
16:40:56.0418 0x2154 Browser - ok
16:40:56.0434 0x2154 [ 0958E70CD38E2020B767DC5237E041BE, F6CB7FC7331D0224591C46F4752207EA5B13E30737D410E39A1B4F19FC9EF9C2 ] BTDevManager C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
16:40:56.0434 0x2154 BTDevManager - ok
16:40:56.0449 0x2154 BthAvrcpTg - ok
16:40:56.0449 0x2154 BthHFEnum - ok
16:40:56.0449 0x2154 bthhfhid - ok
16:40:56.0449 0x2154 BthHFSrv - ok
16:40:56.0449 0x2154 BTHMODEM - ok
16:40:56.0465 0x2154 BTHPORT - ok
16:40:56.0465 0x2154 bthserv - ok
16:40:56.0465 0x2154 BTHUSB - ok
16:40:56.0465 0x2154 buttonconverter - ok
16:40:56.0465 0x2154 CapImg - ok
16:40:56.0481 0x2154 cdfs - ok
16:40:56.0481 0x2154 CDPSvc - ok
16:40:56.0481 0x2154 CDPUserSvc - ok
16:40:56.0481 0x2154 cdrom - ok
16:40:56.0481 0x2154 CertPropSvc - ok
16:40:56.0496 0x2154 cht4iscsi - ok
16:40:56.0496 0x2154 cht4vbd - ok
16:40:56.0496 0x2154 circlass - ok
16:40:56.0496 0x2154 CLFS - ok
16:40:56.0590 0x2154 [ F6ED2A874E4FC4FC95F544088F0523F4, F5F239A666288373ED93C6F13EC14FC4AC7257ABF117A7DD97F20070F8EC2205 ] ClickToRunSvc C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
16:40:56.0668 0x2154 ClickToRunSvc - ok
16:40:56.0684 0x2154 ClipSVC - ok
16:40:56.0684 0x2154 clreg - ok
16:40:56.0684 0x2154 CmBatt - ok
16:40:56.0699 0x2154 [ B29A764A1E76473CD9D64C9438705C19, CD0497EB84DE60E1E491CA495AF981A8DFC4949BB373C1978CAF1BCF4321D30E ] cm_km C:\WINDOWS\system32\DRIVERS\cm_km.sys
16:40:56.0715 0x2154 cm_km - ok
16:40:56.0715 0x2154 CNG - ok
16:40:56.0715 0x2154 cnghwassist - ok
16:40:56.0731 0x2154 CompositeBus - ok
16:40:56.0731 0x2154 COMSysApp - ok
16:40:56.0731 0x2154 condrv - ok
16:40:56.0746 0x2154 CoreMessagingRegistrar - ok
16:40:56.0762 0x2154 [ 98B3066540C43BF5349BDB4B5C4CE04F, 97DA0394C77E41360D7F6A4F998D00642DF665384C20E0029D63C99922E9906D ] cphs C:\WINDOWS\System32\DriverStore\FileRepository\120322.inf_amd64_496b556827a662cb\IntelCpHeciSvc.exe
16:40:56.0778 0x2154 cphs - ok
16:40:56.0793 0x2154 [ 943D29E61044350319CCC5BE0E1A9329, 7269A08BAB6B790A717790118C0CD1EC51DC994CBEFA49AE036477651C83E79B ] cplspcon C:\WINDOWS\System32\DriverStore\FileRepository\120322.inf_amd64_496b556827a662cb\IntelCpHDCPSvc.exe
16:40:56.0809 0x2154 cplspcon - ok
16:40:56.0809 0x2154 CryptSvc - ok
16:40:56.0809 0x2154 dam - ok
16:40:56.0824 0x2154 [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdate C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
16:40:56.0824 0x2154 dbupdate - ok
16:40:56.0840 0x2154 [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdatem C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
16:40:56.0840 0x2154 dbupdatem - ok
16:40:56.0856 0x2154 DcomLaunch - ok
16:40:56.0856 0x2154 DcpSvc - ok
16:40:56.0856 0x2154 defragsvc - ok
16:40:56.0856 0x2154 DeviceAssociationService - ok
16:40:56.0856 0x2154 DeviceInstall - ok
16:40:56.0856 0x2154 DevQueryBroker - ok
16:40:56.0871 0x2154 Dfsc - ok
16:40:56.0871 0x2154 [ 9593475FBC857A05D93BFF4FA7323C2B, D2A958AF5EFDC6136A6ABB7F8D5FE1F84C967E79BEA96C5BE3661A0145DEB907 ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys
16:40:56.0903 0x2154 dg_ssudbus - ok
16:40:56.0903 0x2154 Dhcp - ok
16:40:56.0918 0x2154 diagnosticshub.standardcollector.service - ok
16:40:56.0918 0x2154 DiagTrack - ok
16:40:56.0918 0x2154 disk - ok
16:40:56.0918 0x2154 DmEnrollmentSvc - ok
16:40:56.0918 0x2154 dmvsc - ok
16:40:56.0934 0x2154 dmwappushservice - ok
16:40:56.0934 0x2154 Dnscache - ok
16:40:56.0934 0x2154 dot3svc - ok
16:40:56.0934 0x2154 DPS - ok
16:40:56.0934 0x2154 [ 86F979BAEEEE3C6253346F1E9DBFFBA6, 2167D44E2A07DC1FB72A854EB7C2B3F96B4DE21959D0254BA330478AD0E12B41 ] dptf_cpu C:\WINDOWS\System32\drivers\dptf_cpu.sys
16:40:56.0950 0x2154 dptf_cpu - ok
16:40:56.0950 0x2154 drmkaud - ok
16:40:56.0950 0x2154 DsmSvc - ok
16:40:56.0965 0x2154 DsSvc - ok
16:40:56.0965 0x2154 DXGKrnl - ok
16:40:56.0965 0x2154 EapHost - ok
16:40:56.0965 0x2154 ebdrv - ok
16:40:56.0965 0x2154 EFS - ok
16:40:56.0981 0x2154 EhStorClass - ok
16:40:56.0981 0x2154 EhStorTcgDrv - ok
16:40:56.0981 0x2154 embeddedmode - ok
16:40:56.0981 0x2154 EntAppSvc - ok
16:40:56.0981 0x2154 ErrDev - ok
16:40:57.0028 0x2154 [ DE0ABDE7578ABA5F473298AD9DBAF159, F4A0BB0142C730B3436AA1D82820F0F0107EFE88D9EC2C4D02F30AAD6D028736 ] esifsvc C:\WINDOWS\SysWoW64\esif_uf.exe
16:40:57.0121 0x2154 esifsvc - ok
16:40:57.0137 0x2154 [ EF867FCF03A5182AD17FB196B06132B2, E7E9BB0B4D68F5F88B40B35A218EEABAFB94700D5ED6440BDA61CFBF982B5C97 ] esif_lf C:\WINDOWS\system32\DRIVERS\esif_lf.sys
16:40:57.0153 0x2154 esif_lf - ok
16:40:57.0153 0x2154 EventSystem - ok
16:40:57.0168 0x2154 exfat - ok
16:40:57.0168 0x2154 fastfat - ok
16:40:57.0168 0x2154 Fax - ok
16:40:57.0168 0x2154 fdc - ok
16:40:57.0168 0x2154 fdPHost - ok
16:40:57.0184 0x2154 FDResPub - ok
16:40:57.0184 0x2154 fhsvc - ok
16:40:57.0184 0x2154 FileCrypt - ok
16:40:57.0184 0x2154 FileInfo - ok
16:40:57.0184 0x2154 Filetrace - ok
16:40:57.0200 0x2154 flpydisk - ok
16:40:57.0200 0x2154 FltMgr - ok
16:40:57.0200 0x2154 FontCache - ok
16:40:57.0200 0x2154 FontCache3.0.0.0 - ok
16:40:57.0200 0x2154 FrameServer - ok
16:40:57.0200 0x2154 FsDepends - ok
16:40:57.0215 0x2154 Fs_Rec - ok
16:40:57.0215 0x2154 fvevol - ok
16:40:57.0231 0x2154 [ 0D1F9F6D9173D26506683DD5B0BAF4C8, DEC8DCFA03392690ED8399BF4C4AFC56EB26D052B831D2977575240C346382AE ] GamesAppIntegrationService C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
16:40:57.0246 0x2154 GamesAppIntegrationService - ok
16:40:57.0246 0x2154 [ 02E29C74417D7D1403651BF242C9DD57, 5636C2642EA6A738302982DE1563ED8568B096650ADF416D66372C65ADEDDC4C ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
16:40:57.0262 0x2154 GamesAppService - ok
16:40:57.0262 0x2154 gencounter - ok
16:40:57.0262 0x2154 genericusbfn - ok
16:40:57.0293 0x2154 [ 061CC5C12C39899D7398CFEBFD19F69F, 62319596863A74665FA801C305C952A0F20AAA0F1CDC2195F2F69D662790C80B ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
16:40:57.0325 0x2154 GfExperienceService - ok
16:40:57.0325 0x2154 GPIOClx0101 - ok
16:40:57.0325 0x2154 gpsvc - ok
16:40:57.0325 0x2154 GpuEnergyDrv - ok
16:40:57.0340 0x2154 [ A8FD9222E4D72596BB37DA8BE95C0BA4, 52FC3AA9F704300041E486E57FE863218E4CDF4C8EEE05CA6B99A296EFEE5737 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:40:57.0340 0x2154 gupdate - ok
16:40:57.0356 0x2154 [ A8FD9222E4D72596BB37DA8BE95C0BA4, 52FC3AA9F704300041E486E57FE863218E4CDF4C8EEE05CA6B99A296EFEE5737 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:40:57.0356 0x2154 gupdatem - ok
16:40:57.0356 0x2154 HdAudAddService - ok
16:40:57.0356 0x2154 HDAudBus - ok
16:40:57.0371 0x2154 HidBatt - ok
16:40:57.0371 0x2154 HidBth - ok
16:40:57.0371 0x2154 hidi2c - ok
16:40:57.0371 0x2154 hidinterrupt - ok
16:40:57.0387 0x2154 HidIr - ok
16:40:57.0387 0x2154 hidserv - ok
16:40:57.0387 0x2154 HidUsb - ok
16:40:57.0387 0x2154 HomeGroupListener - ok
16:40:57.0387 0x2154 HomeGroupProvider - ok
16:40:57.0418 0x2154 [ 8002A736D30BACEDB23AD7A3B96A0BC3, EA35F5F9F7A6A0AF17E07EDE8739B2EDB9B80413F187C4E2A197F39A1383F1E7 ] HP Comm Recover C:\Program Files\HPCommRecovery\HPCommRecovery.exe
16:40:57.0465 0x2154 HP Comm Recover - detected UnsignedFile.Multi.Generic ( 1 )
16:40:57.0793 0x2154 HP Comm Recover ( UnsignedFile.Multi.Generic ) - warning
16:40:57.0793 0x2154 Force sending object to P2P due to detect: HP Comm Recover
16:40:57.0934 0x2154 Object send P2P result: true
16:40:58.0059 0x2154 [ 3E28EE56DEC5678EC088752B91C05ADF, 1F80E7162BF80C66C5E58DD40513877579324FE4387044DC2A335F4320E8DFC7 ] hpdskflt C:\WINDOWS\system32\DRIVERS\hpdskflt.sys
16:40:58.0090 0x2154 hpdskflt - ok
16:40:58.0106 0x2154 [ 7B7DE6B3DC30F3246958F42C67A6F7BB, 4B66B90CFEC2231B905B21DECC4EC7C6500E546F080A452EF67E724EDF37ADD9 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
16:40:58.0137 0x2154 hpqwmiex - ok
16:40:58.0137 0x2154 HpSAMD - ok
16:40:58.0153 0x2154 [ 2456CAA57C1DBF8DD4AAB89A293F9F26, 8996E639C3FB13D90DC6304563C69F7C46EC5E053BAFEE0E0A9F999093FC31E9 ] hpsrv C:\WINDOWS\system32\Hpservice.exe
16:40:58.0231 0x2154 hpsrv - ok
16:40:58.0231 0x2154 [ 91ADA2CF99A0C28A231763E033FD6F98, 80F6ABD22D018EBF5AC3FD5BEE941962B29B1517EACE0C7730C00D7DE17CEFAC ] HPSupportSolutionsFrameworkService C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
16:40:58.0247 0x2154 HPSupportSolutionsFrameworkService - ok
16:40:58.0262 0x2154 [ 2FBF223E05917CA73FD52AE8E2213CB6, 330230A89AC67CFEFD02486FC7B0A8E3755854E6DB9A31DC4C0AC993B35A07B2 ] HPWMISVC C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
16:40:58.0278 0x2154 HPWMISVC - ok
16:40:58.0278 0x2154 HTTP - ok
16:40:58.0293 0x2154 HvHost - ok
16:40:58.0293 0x2154 hvservice - ok
16:40:58.0293 0x2154 hwpolicy - ok
16:40:58.0293 0x2154 hyperkbd - ok
16:40:58.0293 0x2154 i8042prt - ok
16:40:58.0309 0x2154 iagpio - ok
16:40:58.0309 0x2154 iai2c - ok
16:40:58.0309 0x2154 iaLPSS2i_GPIO2 - ok
16:40:58.0309 0x2154 iaLPSS2i_I2C - ok
16:40:58.0309 0x2154 iaLPSSi_GPIO - ok
16:40:58.0325 0x2154 iaLPSSi_I2C - ok
16:40:58.0356 0x2154 [ 0609694A9C4D6C71319732FA82C6E5C5, 5507D20AB9C86B11564C953C6F535976A0D201295C642EA0CABF435DAD908251 ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys
16:40:58.0387 0x2154 iaStorA - ok
16:40:58.0387 0x2154 iaStorAV - ok
16:40:58.0387 0x2154 [ E091D765D9292E56C493D609A53C38DF, 4CC5B97F3CCA51BB803D199936B3C5E9754E0639BDE8CC6480E2874BAF84A925 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
16:40:58.0403 0x2154 IAStorDataMgrSvc - ok
16:40:58.0403 0x2154 iaStorV - ok
16:40:58.0418 0x2154 ibbus - ok
16:40:58.0418 0x2154 icssvc - ok
16:40:58.0653 0x2154 [ 0A136D4B31D5B6CCA29B913BE080B73F, 5795BC0B93927E1004BA46C105C3E8412DB80B505958E36DF86EC4570C1EA0E6 ] igfx C:\WINDOWS\System32\DriverStore\FileRepository\120322.inf_amd64_496b556827a662cb\igdkmd64.sys
16:40:58.0872 0x2154 igfx - ok
16:40:58.0887 0x2154 [ 936B5DBBC861245A6319F18EA64A99F9, FC1EF74E77D99714AE563A3CF585C9D09F50A664181E99BD2E972C51CC7D3F63 ] igfxCUIService2.0.0.0 C:\WINDOWS\System32\DriverStore\FileRepository\120322.inf_amd64_496b556827a662cb\igfxCUIService.exe
16:40:58.0903 0x2154 igfxCUIService2.0.0.0 - ok
16:40:58.0903 0x2154 IKEEXT - ok
16:40:58.0918 0x2154 IndirectKmd - ok
16:40:59.0028 0x2154 [ 7B57A995D7AA2C2E6DBDE9511E903F1E, 515E46755868D99FB5502301EA1A57BBB92E9EF91631BB5891F2A894029380AB ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
16:40:59.0137 0x2154 IntcAzAudAddService - ok
16:40:59.0168 0x2154 [ A6087A824507CAB1ED568895F8081950, 53ADFCC6E795D47A7197AC372DB53E4F95B10409E5AFA7A40CC252ADBE84E8F4 ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
16:40:59.0200 0x2154 IntcDAud - ok
16:40:59.0215 0x2154 [ AE32376564771525DCDD2F0280619E1A, 233B7B272DCD9080DE7C9593EB7993745D1037EA87B69617E7176F074DFD5968 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
16:40:59.0247 0x2154 Intel(R) Capability Licensing Service TCP IP Interface - ok
16:40:59.0262 0x2154 intelide - ok
16:40:59.0262 0x2154 intelpep - ok
16:40:59.0262 0x2154 intelppm - ok
16:40:59.0262 0x2154 iorate - ok
16:40:59.0262 0x2154 IpFilterDriver - ok
16:40:59.0278 0x2154 iphlpsvc - ok
16:40:59.0278 0x2154 IPMIDRV - ok
16:40:59.0278 0x2154 IPNAT - ok
16:40:59.0278 0x2154 irda - ok
16:40:59.0278 0x2154 IRENUM - ok
16:40:59.0293 0x2154 irmon - ok
16:40:59.0293 0x2154 isapnp - ok
16:40:59.0293 0x2154 iScsiPrt - ok
16:40:59.0293 0x2154 [ 735E3E8507957F426CB7D93B35741C91, 386956AD22513DF3A10C7BA7C9503F2DBD5262A3CBD0C4EEFE540E3CFC27D348 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
16:40:59.0309 0x2154 jhi_service - ok
16:40:59.0309 0x2154 kbdclass - ok
16:40:59.0325 0x2154 kbdhid - ok
16:40:59.0325 0x2154 kdnic - ok
16:40:59.0325 0x2154 KeyIso - ok
16:40:59.0340 0x2154 [ 97E3E8F35632EECD0ABD2DE6519A9666, ABE96FDEB1076E380D7FB4975C020B43ED4E821097EFC6AFE8C75D764167D6E8 ] kl1 C:\WINDOWS\system32\DRIVERS\kl1.sys
16:40:59.0356 0x2154 kl1 - ok
16:40:59.0356 0x2154 [ B01AD8DA034EE42D4C2282F77FDB03AE, 3FF55F3CEE4A0E5D559F04F5A639297EA0F36580720E94CF9DD56DEBF2E98F39 ] klbackupdisk C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys
16:40:59.0372 0x2154 klbackupdisk - ok
16:40:59.0372 0x2154 [ 10549B5BFD9A3DCF4FFA6287236FA959, 6BDFA335A8E3A69425CB23230660D3168CB82911ACB3AAAF85C19263511EAF51 ] klbackupflt C:\WINDOWS\system32\DRIVERS\klbackupflt.sys
16:40:59.0387 0x2154 klbackupflt - ok
16:40:59.0387 0x2154 [ 7DAA9047F50BF5A3F8C147719FC520AF, 0740387075AF46DB1E9AEE3B12C65A06EDFE58EADB8B562C36CB1FEFF9905C26 ] kldisk C:\WINDOWS\system32\DRIVERS\kldisk.sys
16:40:59.0403 0x2154 kldisk - ok
16:40:59.0403 0x2154 [ 5766A27C85EE813029831D125D2EFB45, BB5BAFD5A58E80C7F0B8D24121352E0386B3422FFC16B56F1D1B1C6A482AC9F0 ] klelam C:\WINDOWS\system32\DRIVERS\klelam.sys
16:40:59.0419 0x2154 klelam - ok
16:40:59.0419 0x2154 [ FA0253329B8951509D9B5A476CCD41D4, 1981BFCBEB8AF7D677791E1D46AD4434DA3CE0AC2A5CFB26916821FAB45EA757 ] klflt C:\WINDOWS\system32\DRIVERS\klflt.sys
16:40:59.0434 0x2154 klflt - ok
16:40:59.0450 0x2154 [ C2AED7EDBC43E8316513251C633FF546, F4C714DA34D65838065CAA0C54E8455FB52F0A1374F571900E1BFE42F144014D ] klhk C:\WINDOWS\System32\drivers\klhk.sys
16:40:59.0465 0x2154 klhk - ok
16:40:59.0481 0x2154 [ 5760DA02C78CF275D7980C87D724B221, AF724342F8A8F83163DCC0D106B2ACA3E73765F1628DB1EEA5BEDA1B2D6AF1CE ] klids C:\ProgramData\Kaspersky Lab\AVP17.0.0\Bases\klids.sys
16:40:59.0481 0x2154 klids - ok
16:40:59.0512 0x2154 [ 4DF87FF594381901C224866A61A25B7B, AFAF93F4C08B481F0203ECFB2B4F0997728E9C91B694CB2BF9BBBF4889EFC48B ] KLIF C:\WINDOWS\system32\DRIVERS\klif.sys
16:40:59.0528 0x2154 KLIF - ok
16:40:59.0543 0x2154 [ 6357C533C30650361110DBAF59A25DF8, FA8CF6292CCBC7E23527D968E54CD773706CF091E35563B0CF9F8A1DF0B724B9 ] KLIM6 C:\WINDOWS\system32\DRIVERS\klim6.sys
16:40:59.0543 0x2154 KLIM6 - ok
16:40:59.0543 0x2154 [ 5480CC93737F48282552C84FA7EBA59B, B7D92424399B647132F6B9409FE75EAA310C984F796FC0B65BBE2EA180110968 ] klkbdflt C:\WINDOWS\system32\DRIVERS\klkbdflt.sys
16:40:59.0559 0x2154 klkbdflt - ok
16:40:59.0559 0x2154 [ FD47C92A63B6EADEA830BFA96C06EAEE, C15C39B6FA53CBD01A2F95243845C4B706B4229F8FFB75C7128819B9CEE5B2CB ] klmouflt C:\WINDOWS\system32\DRIVERS\klmouflt.sys
16:40:59.0575 0x2154 klmouflt - ok
16:40:59.0575 0x2154 [ 6B0C605591C892CBB683F63EA47822DC, E74C0A0501A1B4B56B417402108521F34DA6A23FCD1C05E4E524E41EBA0906FF ] klpd C:\WINDOWS\system32\DRIVERS\klpd.sys
16:40:59.0590 0x2154 klpd - ok
16:40:59.0590 0x2154 [ 828B042A95F055648DA190DF6C7AB1B6, 0457B0EF03BCB4CC1297EB25A25C162937F456BF406EC7B1A5E9A0AA13A9BCD7 ] kltap C:\WINDOWS\System32\drivers\kltap.sys
16:40:59.0590 0x2154 kltap - ok
16:40:59.0606 0x2154 [ 097D722294B9C1FA6E514A088F2E6B6E, FB0492CAF45FDF7F656CFF6662309435679C946269577ECF76A3077B7D7F940B ] klupd_klif_arkmon C:\WINDOWS\system32\Drivers\klupd_klif_arkmon.sys
16:40:59.0606 0x2154 klupd_klif_arkmon - ok
16:40:59.0622 0x2154 [ A7E26109DE0E310EEE5CFEEA9E821DCA, D81C23CA254F9B96AF59A719BE8F7FB822D6272CF9A8DADACAC39C24008FDC00 ] klupd_klif_kimul C:\WINDOWS\system32\Drivers\klupd_klif_kimul.sys
16:40:59.0622 0x2154 klupd_klif_kimul - ok
16:40:59.0637 0x2154 [ 6A80ECDC10138AC34E48A4BE684E06F9, DF8BD9139B82614614D9E1B5DAEA74E4DF4D5CE95F11ED503FD3B8E07722A1CA ] klupd_klif_klark C:\WINDOWS\system32\Drivers\klupd_klif_klark.sys
16:40:59.0653 0x2154 klupd_klif_klark - ok
16:40:59.0653 0x2154 [ EBC5ACF5F373981161752650BC17DD4E, 892A6758F5C7589D38A6A01D08F7B3F6D144591E0D3337C0E4B2CA9B66C70C37 ] klupd_klif_klbg C:\WINDOWS\system32\Drivers\klupd_klif_klbg.sys
16:40:59.0668 0x2154 klupd_klif_klbg - ok
16:40:59.0668 0x2154 [ D0B29808F37C6F6373AB16B716D9A1F8, 82E5760F0A313E43E3B9AF44E2A811021B84E7954CB5DC1462C7033AAEA8AF4B ] klupd_klif_mark C:\WINDOWS\system32\Drivers\klupd_klif_mark.sys
16:40:59.0684 0x2154 klupd_klif_mark - ok
16:40:59.0684 0x2154 [ D7F0B46844565E2ED68AC99AF0F4263F, AB419CBC29F96703237127AC4178A5365D4CCA010BAB1BD66D100D635E6E89B8 ] klvssbrigde64 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\vssbridge64.exe
16:40:59.0700 0x2154 klvssbrigde64 - ok
16:40:59.0700 0x2154 [ 4C5305295B51BA72FC9C8CDAB32F95C3, 0E5850AC4CA14D971E7B04FED23CB2F6CEEE2796E905AADA0104677982ECD58A ] klwfp C:\WINDOWS\system32\DRIVERS\klwfp.sys
16:40:59.0700 0x2154 klwfp - ok
16:40:59.0715 0x2154 [ 4799405773BB400A2FF96663CF0EE4A2, F7650B80AC388675724D9A43D709FF9CCDE99374D7C5E3B900F61FC61D6816D2 ] Klwtp C:\WINDOWS\system32\DRIVERS\klwtp.sys
16:40:59.0715 0x2154 Klwtp - ok
16:40:59.0731 0x2154 [ 098D3EBDC599E05449A3BFB5BB519FE0, 00A02DE53312D4DF52E26E14E0E803255DF5AFAE95455EAE5A004F9E84C8B2F5 ] kneps C:\WINDOWS\system32\DRIVERS\kneps.sys
16:40:59.0747 0x2154 kneps - ok
16:40:59.0747 0x2154 [ EFF5EA6088DB81C6EF6EDCDA5EE79909, 4D364B0BF012C335FA3B25BDF042D4AF672D961B9B48CB7C5BE34FCFD1D64979 ] KSDE1.0.0 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe
16:40:59.0762 0x2154 KSDE1.0.0 - ok
16:40:59.0762 0x2154 KSecDD - ok
16:40:59.0762 0x2154 KSecPkg - ok
16:40:59.0762 0x2154 ksthunk - ok
16:40:59.0778 0x2154 KtmRm - ok
16:40:59.0778 0x2154 LanmanServer - ok
16:40:59.0778 0x2154 LanmanWorkstation - ok
16:40:59.0778 0x2154 lfsvc - ok
16:40:59.0778 0x2154 LicenseManager - ok
16:40:59.0794 0x2154 lltdio - ok
16:40:59.0794 0x2154 lltdsvc - ok
16:40:59.0794 0x2154 lmhosts - ok
16:40:59.0794 0x2154 LSI_SAS - ok
16:40:59.0794 0x2154 LSI_SAS2i - ok
16:40:59.0809 0x2154 LSI_SAS3i - ok
16:40:59.0809 0x2154 LSI_SSS - ok
16:40:59.0809 0x2154 LSM - ok
16:40:59.0809 0x2154 luafv - ok
16:40:59.0809 0x2154 MapsBroker - ok
16:40:59.0825 0x2154 megasas - ok
16:40:59.0825 0x2154 megasas2i - ok
16:40:59.0825 0x2154 megasr - ok
16:40:59.0825 0x2154 [ 8EC6459491D8508BBA5E3CEC5C930914, E01AEE2E6F569429BC5582AEB63A2CB288499A878B0806D21CC9D78F00E0B284 ] MEIx64 C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys
16:40:59.0840 0x2154 MEIx64 - ok
16:40:59.0856 0x2154 MessagingService - ok
16:40:59.0856 0x2154 mlx4_bus - ok
16:40:59.0856 0x2154 MMCSS - ok
16:40:59.0856 0x2154 Modem - ok
16:40:59.0872 0x2154 monitor - ok
16:40:59.0872 0x2154 mouclass - ok
16:40:59.0872 0x2154 mouhid - ok
16:40:59.0872 0x2154 mountmgr - ok
16:40:59.0887 0x2154 [ 65C0F9AE99ECCCA7C5C3CEFA7ED80904, AABEBEAED256318B5B8C1BC36A2E365CB942ED591C78E78EC6C55EF94A522342 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:40:59.0887 0x2154 MozillaMaintenance - ok
16:40:59.0887 0x2154 mpsdrv - ok
16:40:59.0903 0x2154 MpsSvc - ok
16:40:59.0903 0x2154 MRxDAV - ok
16:40:59.0903 0x2154 mrxsmb - ok
16:40:59.0903 0x2154 mrxsmb10 - ok
16:40:59.0919 0x2154 mrxsmb20 - ok
16:40:59.0919 0x2154 MsBridge - ok
16:40:59.0919 0x2154 MSDTC - ok
16:40:59.0919 0x2154 Msfs - ok
16:40:59.0919 0x2154 msgpiowin32 - ok
16:40:59.0934 0x2154 mshidkmdf - ok
16:40:59.0934 0x2154 mshidumdf - ok
16:40:59.0934 0x2154 msisadrv - ok
16:40:59.0934 0x2154 MSiSCSI - ok
16:40:59.0934 0x2154 msiserver - ok
16:40:59.0950 0x2154 MSKSSRV - ok
16:40:59.0950 0x2154 MsLldp - ok
16:40:59.0950 0x2154 MSPCLOCK - ok
16:40:59.0950 0x2154 MSPQM - ok
16:40:59.0950 0x2154 MsRPC - ok
16:40:59.0965 0x2154 mssmbios - ok
16:40:59.0965 0x2154 MSTEE - ok
16:40:59.0965 0x2154 MTConfig - ok
16:40:59.0965 0x2154 Mup - ok
16:40:59.0965 0x2154 mvumis - ok
16:40:59.0965 0x2154 NativeWifiP - ok
16:40:59.0981 0x2154 NcaSvc - ok
16:40:59.0981 0x2154 NcbService - ok
16:40:59.0981 0x2154 NcdAutoSetup - ok
16:40:59.0981 0x2154 ndfltr - ok
16:40:59.0981 0x2154 NDIS - ok
16:40:59.0997 0x2154 NdisCap - ok
16:40:59.0997 0x2154 NdisImPlatform - ok
16:40:59.0997 0x2154 NdisTapi - ok
16:40:59.0997 0x2154 Ndisuio - ok
16:41:00.0012 0x2154 NdisVirtualBus - ok
16:41:00.0012 0x2154 NdisWan - ok
16:41:00.0012 0x2154 ndiswanlegacy - ok
16:41:00.0012 0x2154 ndproxy - ok
16:41:00.0012 0x2154 Ndu - ok
16:41:00.0028 0x2154 NetAdapterCx - ok
16:41:00.0028 0x2154 NetBIOS - ok
16:41:00.0028 0x2154 NetBT - ok
16:41:00.0028 0x2154 Netlogon - ok
16:41:00.0028 0x2154 Netman - ok
16:41:00.0028 0x2154 netprofm - ok
16:41:00.0044 0x2154 NetSetupSvc - ok
16:41:00.0044 0x2154 NetTcpPortSharing - ok
16:41:00.0044 0x2154 NgcCtnrSvc - ok
16:41:00.0059 0x2154 NgcSvc - ok
16:41:00.0059 0x2154 NlaSvc - ok
16:41:00.0059 0x2154 Npfs - ok
16:41:00.0059 0x2154 npsvctrig - ok
16:41:00.0059 0x2154 nsi - ok
16:41:00.0059 0x2154 nsiproxy - ok
16:41:00.0075 0x2154 NTFS - ok
16:41:00.0075 0x2154 Null - ok
16:41:00.0372 0x2154 [ 3093347508E88AA61C490D1E5E47A28A, F1AC22F640BE95C8299330FCF5F26051F972CA5DCB8DF041D53241C160BD3C26 ] nvlddmkm C:\WINDOWS\System32\DriverStore\FileRepository\nvhm.inf_amd64_7c553af4468727c1\nvlddmkm.sys
16:41:00.0653 0x2154 nvlddmkm - ok
16:41:00.0700 0x2154 [ 1E3277F1C9F62F90488D02869A9522B7, 464870ACE9BDF7A6A9C46701209BEED5C33454CFF44CDABEAF871E06F23FEF17 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
16:41:00.0747 0x2154 NvNetworkService - ok
16:41:00.0747 0x2154 nvraid - ok
16:41:00.0762 0x2154 nvstor - ok
16:41:00.0762 0x2154 [ 59A8DE923619F3DC0C6C63DC33FB231E, 29D20EA3EB9599DE829A0630F2063D5DFD2263E9222CD4E3559725792D1454A5 ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
16:41:00.0762 0x2154 NvStreamKms - ok
16:41:00.0887 0x2154 [ 9B4B3747C6756F49B986398A46EC1FE0, D0A25F07CBFB39B86DCB148A2EC8F01FDDD9B6D994418C54F49AA2B782CE9811 ] NvStreamNetworkSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
16:41:01.0028 0x2154 NvStreamNetworkSvc - ok
16:41:01.0122 0x2154 [ 266512CCC3B2E195CDE3A7A2C98A353A, DCB6C88A32FE3EE11D4FF242DE6E52B3C576C2EA4E4A5A245B4451CDEDCE94B0 ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
16:41:01.0216 0x2154 NvStreamSvc - ok
16:41:01.0231 0x2154 [ 64E8275CEAD43D3CA8E3A311B2F4B64A, 99E683890B9AF3243100B387317760B5F91745EF9F7FF2ABA2DC7B6551A6EAB6 ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
16:41:01.0231 0x2154 nvvad_WaveExtensible - ok
16:41:01.0247 0x2154 OneSyncSvc - ok
16:41:01.0247 0x2154 [ CBC25009133730EB00BFAD4E37A6D387, AC93BEBD1E13336F9A6A4AB699A34127A31EC949A9EC5930B21BA80A3A6AF916 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:41:01.0262 0x2154 ose - ok
16:41:01.0356 0x2154 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:41:01.0466 0x2154 osppsvc - ok
16:41:01.0481 0x2154 p2pimsvc - ok
16:41:01.0481 0x2154 p2psvc - ok
16:41:01.0481 0x2154 Parport - ok
16:41:01.0481 0x2154 partmgr - ok
16:41:01.0481 0x2154 PcaSvc - ok
16:41:01.0497 0x2154 pci - ok
16:41:01.0497 0x2154 pciide - ok
16:41:01.0497 0x2154 pcmcia - ok
16:41:01.0497 0x2154 pcw - ok
16:41:01.0497 0x2154 pdc - ok
16:41:01.0512 0x2154 PEAUTH - ok
16:41:01.0512 0x2154 percsas2i - ok
16:41:01.0512 0x2154 percsas3i - ok
16:41:01.0528 0x2154 PerfHost - ok
16:41:01.0528 0x2154 PhoneSvc - ok
16:41:01.0544 0x2154 PimIndexMaintenanceSvc - ok
16:41:01.0544 0x2154 pla - ok
16:41:01.0544 0x2154 PlugPlay - ok
16:41:01.0544 0x2154 PNRPAutoReg - ok
16:41:01.0544 0x2154 PNRPsvc - ok
16:41:01.0559 0x2154 PolicyAgent - ok
16:41:01.0559 0x2154 Power - ok
16:41:01.0559 0x2154 PptpMiniport - ok
16:41:01.0637 0x2154 [ 30AA256A85C1A7B17A590B1C5244D28E, 2C1FB30DEF53C37CA0D0CA54B65CB8572C53DDFB430DE57F964253F1082ACEA0 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
16:41:01.0763 0x2154 PrintNotify - ok
16:41:01.0763 0x2154 Processor - ok
16:41:01.0763 0x2154 ProfSvc - ok
16:41:01.0763 0x2154 Psched - ok
16:41:01.0778 0x2154 QWAVE - ok
16:41:01.0778 0x2154 QWAVEdrv - ok
16:41:01.0778 0x2154 RasAcd - ok
16:41:01.0778 0x2154 RasAgileVpn - ok
16:41:01.0778 0x2154 RasAuto - ok
16:41:01.0794 0x2154 Rasl2tp - ok
16:41:01.0794 0x2154 RasMan - ok
16:41:01.0794 0x2154 RasPppoe - ok
16:41:01.0794 0x2154 RasSstp - ok
16:41:01.0794 0x2154 rdbss - ok
16:41:01.0809 0x2154 rdpbus - ok
16:41:01.0809 0x2154 RDPDR - ok
16:41:01.0809 0x2154 RdpVideoMiniport - ok
16:41:01.0809 0x2154 rdyboost - ok
16:41:01.0825 0x2154 ReFSv1 - ok
16:41:01.0825 0x2154 RemoteAccess - ok
16:41:01.0825 0x2154 RemoteRegistry - ok
16:41:01.0825 0x2154 RetailDemo - ok
16:41:01.0841 0x2154 [ 9E18DF158751CF968E7DF83256D70233, 89385DA5ABD283F289E37D7D9E33358B06216E9B3659B2E70F19FD5BA49C7F90 ] RichVideo64 C:\Program Files\CyberLink\Shared files\RichVideo64.exe
16:41:01.0856 0x2154 RichVideo64 - ok
16:41:01.0856 0x2154 RmSvc - ok
16:41:01.0856 0x2154 RpcEptMapper - ok
16:41:01.0856 0x2154 RpcLocator - ok
16:41:01.0856 0x2154 RpcSs - ok
16:41:01.0872 0x2154 rspndr - ok
16:41:01.0887 0x2154 [ 71F5B9CB97B9D0B5AAC6DD036FD48C41, 50127A133E3754D5C57B59F559C1CE3B31E186C212D7291CF17867B3784F4399 ] rt640x64 C:\WINDOWS\System32\drivers\rt640x64.sys
16:41:01.0919 0x2154 rt640x64 - ok
16:41:01.0934 0x2154 [ 39853301FF0FA55B485AD2DC817AF73F, 1EA309624BF2D2A485E49332EB8E4826C04A2BAB817222FFB70DF4C60E8B13C2 ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
16:41:01.0934 0x2154 RtkAudioService - ok
16:41:01.0950 0x2154 [ 9EE464BA49FC0836BAF5D6B6F1EFD43E, BED49D9FAE25570C91020D4C792033F6F91E12B1F35DEE7C9793BAE64E874474 ] RtkBtFilter C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys
16:41:01.0981 0x2154 RtkBtFilter - ok
16:41:01.0997 0x2154 [ 1AD7DCCDACD8C48CD68CFA51AE805156, 2E6B7B52C7E137B35C149B9835115468A7B94CFA470CA92446F123D2F99E04CF ] RTSPER C:\WINDOWS\system32\DRIVERS\RtsPer.sys
16:41:02.0012 0x2154 RTSPER - ok
16:41:02.0028 0x2154 [ AE4607D7C7AA83A863BFA214483E8EE4, 828CC9F40BAB2F65AF75608D37ED17EF608E73E911132DD085F0685F163EFEC6 ] RTSUER C:\WINDOWS\system32\Drivers\RtsUer.sys
16:41:02.0044 0x2154 RTSUER - ok
16:41:02.0169 0x2154 [ 64831D347B164F3B5006DCE8BB2F2356, 2001616B6E0314C78CE5B1C96B08403C30906AD639F0794FC276894A3E379F2D ] RTWlanE C:\WINDOWS\System32\drivers\rtwlane.sys
16:41:02.0309 0x2154 RTWlanE - ok
16:41:02.0309 0x2154 s3cap - ok
16:41:02.0325 0x2154 SamSs - ok
16:41:02.0325 0x2154 sbp2port - ok
16:41:02.0325 0x2154 SCardSvr - ok
16:41:02.0325 0x2154 ScDeviceEnum - ok
16:41:02.0325 0x2154 scfilter - ok
16:41:02.0341 0x2154 Schedule - ok
16:41:02.0341 0x2154 scmbus - ok
16:41:02.0341 0x2154 scmdisk0101 - ok
16:41:02.0341 0x2154 SCPolicySvc - ok
16:41:02.0341 0x2154 sdbus - ok
16:41:02.0356 0x2154 SDRSVC - ok
16:41:02.0356 0x2154 sdstor - ok
16:41:02.0356 0x2154 seclogon - ok
16:41:02.0372 0x2154 [ EA160DB2589350DFF52C7ACCD7763187, 1EA4C33AE67EE0EC0748D892D402AD49832FE752F6864AF99AFCA52873D6F4A4 ] SecureLine C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
16:41:02.0388 0x2154 SecureLine - ok
16:41:02.0388 0x2154 SENS - ok
16:41:02.0403 0x2154 SensorDataService - ok
16:41:02.0403 0x2154 SensorService - ok
16:41:02.0403 0x2154 SensrSvc - ok
16:41:02.0403 0x2154 SerCx - ok
16:41:02.0403 0x2154 SerCx2 - ok
16:41:02.0419 0x2154 Serenum - ok
16:41:02.0419 0x2154 Serial - ok
16:41:02.0419 0x2154 sermouse - ok
16:41:02.0419 0x2154 SessionEnv - ok
16:41:02.0434 0x2154 sfloppy - ok
16:41:02.0434 0x2154 SharedAccess - ok
16:41:02.0434 0x2154 ShellHWDetection - ok
16:41:02.0450 0x2154 shpamsvc - ok
16:41:02.0450 0x2154 SiSRaid2 - ok
16:41:02.0450 0x2154 SiSRaid4 - ok
16:41:02.0450 0x2154 [ 66E2BCD2DD5559F72E0E977B2D977536, 70452F44B6DBF578D28DEB14A0CF50E7136DEA7A108915464648A1FAC0474DD8 ] SmbDrv C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys
16:41:02.0466 0x2154 SmbDrv - ok
16:41:02.0466 0x2154 [ A4DB86E8C2EA8F82364F2DB4D3ED64F5, 6D3CA6DEC43E99044353E80CC9391AE5BBBA516D13DF1CE51C508BF219404CF7 ] SmbDrvI C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys
16:41:02.0481 0x2154 SmbDrvI - ok
16:41:02.0481 0x2154 smphost - ok
16:41:02.0481 0x2154 SmsRouter - ok
16:41:02.0497 0x2154 SNMPTRAP - ok
16:41:02.0497 0x2154 spaceport - ok
16:41:02.0497 0x2154 SpbCx - ok
16:41:02.0497 0x2154 Spooler - ok
16:41:02.0513 0x2154 sppsvc - ok
16:41:02.0513 0x2154 srv - ok
16:41:02.0513 0x2154 srv2 - ok
16:41:02.0513 0x2154 srvnet - ok
16:41:02.0513 0x2154 SSDPSRV - ok
16:41:02.0528 0x2154 SstpSvc - ok
16:41:02.0528 0x2154 [ 592FF34A2FD6C6351B8A3AA76B2C0A9E, 152B7472DE531AC45492F562DD470B2CE33F1EEF13BC78F26046AE5ABF54E32F ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
16:41:02.0544 0x2154 ssudmdm - ok
16:41:02.0544 0x2154 StateRepository - ok
16:41:02.0544 0x2154 stexstor - ok
16:41:02.0544 0x2154 stisvc - ok
16:41:02.0559 0x2154 storahci - ok
16:41:02.0559 0x2154 storflt - ok
16:41:02.0559 0x2154 stornvme - ok
16:41:02.0559 0x2154 storqosflt - ok
16:41:02.0575 0x2154 StorSvc - ok
16:41:02.0575 0x2154 storufs - ok
16:41:02.0575 0x2154 storvsc - ok
16:41:02.0575 0x2154 svsvc - ok
16:41:02.0575 0x2154 swenum - ok
16:41:02.0575 0x2154 swprv - ok
16:41:02.0591 0x2154 Synth3dVsc - ok
16:41:02.0606 0x2154 [ EA5C1537D4F320A0F69C3144628D2C58, 52471E6EF8BA086671BC1CF3AA680DC07D319B7A8A60A170A1CB28F5EEFE7DE6 ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
16:41:02.0638 0x2154 SynTP - ok
16:41:02.0653 0x2154 [ EE36B286D7677E5FAEC66C76F09CC9BA, 5136FBBC54847A6D49256E2589DE5B35607F1627BBBBDD41D01ACC0ECE314478 ] SynTPEnhService C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
16:41:02.0669 0x2154 SynTPEnhService - ok
16:41:02.0669 0x2154 SysMain - ok
16:41:02.0684 0x2154 SystemEventsBroker - ok
16:41:02.0684 0x2154 TabletInputService - ok
16:41:02.0684 0x2154 TapiSrv - ok
16:41:02.0684 0x2154 Tcpip - ok
16:41:02.0684 0x2154 Tcpip6 - ok
16:41:02.0700 0x2154 tcpipreg - ok
16:41:02.0700 0x2154 tdx - ok
16:41:02.0700 0x2154 terminpt - ok
16:41:02.0700 0x2154 TermService - ok
16:41:02.0716 0x2154 Themes - ok
16:41:02.0716 0x2154 TieringEngineService - ok
16:41:02.0716 0x2154 tiledatamodelsvc - ok
16:41:02.0716 0x2154 TimeBrokerSvc - ok
16:41:02.0731 0x2154 TPM - ok
16:41:02.0731 0x2154 TrkWks - ok
16:41:02.0731 0x2154 TrustedInstaller - ok
16:41:02.0731 0x2154 tsusbflt - ok
16:41:02.0731 0x2154 TsUsbGD - ok
16:41:02.0747 0x2154 tunnel - ok
16:41:02.0747 0x2154 tzautoupdate - ok
16:41:02.0747 0x2154 UASPStor - ok
16:41:02.0747 0x2154 UcmCx0101 - ok
16:41:02.0747 0x2154 UcmTcpciCx0101 - ok
16:41:02.0763 0x2154 UcmUcsi - ok
16:41:02.0763 0x2154 Ucx01000 - ok
16:41:02.0763 0x2154 UdeCx - ok
16:41:02.0763 0x2154 udfs - ok
16:41:02.0763 0x2154 UEFI - ok
16:41:02.0778 0x2154 Ufx01000 - ok
16:41:02.0778 0x2154 UfxChipidea - ok
16:41:02.0778 0x2154 ufxsynopsys - ok
16:41:02.0778 0x2154 UI0Detect - ok
16:41:02.0794 0x2154 umbus - ok
16:41:02.0794 0x2154 UmPass - ok
16:41:02.0794 0x2154 UmRdpService - ok
16:41:02.0794 0x2154 UnistoreSvc - ok
16:41:02.0809 0x2154 upnphost - ok
16:41:02.0809 0x2154 UrsChipidea - ok
16:41:02.0809 0x2154 UrsCx01000 - ok
16:41:02.0809 0x2154 UrsSynopsys - ok
16:41:02.0825 0x2154 usbccgp - ok
16:41:02.0825 0x2154 usbcir - ok
16:41:02.0825 0x2154 usbehci - ok
16:41:02.0825 0x2154 usbhub - ok
16:41:02.0825 0x2154 USBHUB3 - ok
16:41:02.0841 0x2154 usbohci - ok
16:41:02.0841 0x2154 usbprint - ok
16:41:02.0841 0x2154 [ 2EC7B2C8123236B1233A77281D378DF7, D97DB59C9CAE2B8B33C707E8CEA7A65BF88712842CC715D270F7432A99D21BB6 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
16:41:02.0856 0x2154 usbscan - ok
16:41:02.0856 0x2154 usbser - ok
16:41:02.0856 0x2154 USBSTOR - ok
16:41:02.0872 0x2154 usbuhci - ok
16:41:02.0872 0x2154 usbvideo - ok
16:41:02.0872 0x2154 USBXHCI - ok
16:41:02.0872 0x2154 usb_rndisx - ok
16:41:02.0888 0x2154 UserDataSvc - ok
16:41:02.0888 0x2154 UserManager - ok
16:41:02.0888 0x2154 UsoSvc - ok
16:41:02.0888 0x2154 VaultSvc - ok
16:41:02.0888 0x2154 vdrvroot - ok
16:41:02.0903 0x2154 vds - ok
16:41:02.0903 0x2154 VerifierExt - ok
16:41:02.0903 0x2154 vhdmp - ok
16:41:02.0903 0x2154 vhf - ok
16:41:02.0919 0x2154 vmbus - ok
16:41:02.0919 0x2154 VMBusHID - ok
16:41:02.0919 0x2154 vmgid - ok
16:41:02.0919 0x2154 vmicguestinterface - ok
16:41:02.0919 0x2154 vmicheartbeat - ok
16:41:02.0934 0x2154 vmickvpexchange - ok
16:41:02.0934 0x2154 vmicrdv - ok
16:41:02.0934 0x2154 vmicshutdown - ok
16:41:02.0934 0x2154 vmictimesync - ok
16:41:02.0934 0x2154 vmicvmsession - ok
16:41:02.0950 0x2154 vmicvss - ok
16:41:02.0950 0x2154 volmgr - ok
16:41:02.0950 0x2154 volmgrx - ok
16:41:02.0950 0x2154 volsnap - ok
16:41:02.0950 0x2154 volume - ok
16:41:02.0966 0x2154 vpci - ok
16:41:02.0966 0x2154 vsmraid - ok
16:41:02.0966 0x2154 VSS - ok
16:41:02.0966 0x2154 VSTXRAID - ok
16:41:02.0981 0x2154 vwifibus - ok
16:41:02.0981 0x2154 vwififlt - ok
16:41:02.0981 0x2154 vwifimp - ok
16:41:02.0981 0x2154 W32Time - ok
16:41:02.0981 0x2154 w3logsvc - ok
16:41:02.0997 0x2154 WacomPen - ok
16:41:02.0997 0x2154 WalletService - ok
16:41:02.0997 0x2154 wanarp - ok
16:41:02.0997 0x2154 wanarpv6 - ok
16:41:02.0997 0x2154 WAS - ok
16:41:03.0013 0x2154 wbengine - ok
16:41:03.0013 0x2154 WbioSrvc - ok
16:41:03.0013 0x2154 wcifs - ok
16:41:03.0013 0x2154 Wcmsvc - ok
16:41:03.0028 0x2154 wcncsvc - ok
16:41:03.0028 0x2154 wcnfs - ok
16:41:03.0028 0x2154 WdBoot - ok
16:41:03.0028 0x2154 Wdf01000 - ok
16:41:03.0028 0x2154 WdFilter - ok
16:41:03.0044 0x2154 WdiServiceHost - ok
16:41:03.0044 0x2154 WdiSystemHost - ok
16:41:03.0044 0x2154 wdiwifi - ok
16:41:03.0044 0x2154 WdNisDrv - ok
16:41:03.0044 0x2154 WdNisSvc - ok
16:41:03.0059 0x2154 WebClient - ok
16:41:03.0059 0x2154 Wecsvc - ok
16:41:03.0059 0x2154 WEPHOSTSVC - ok
16:41:03.0059 0x2154 wercplsupport - ok
16:41:03.0075 0x2154 WerSvc - ok
16:41:03.0075 0x2154 WFPLWFS - ok
16:41:03.0075 0x2154 WiaRpc - ok
16:41:03.0075 0x2154 WIMMount - ok
16:41:03.0075 0x2154 WinDefend - ok
16:41:03.0091 0x2154 WindowsTrustedRT - ok
16:41:03.0091 0x2154 WindowsTrustedRTProxy - ok
16:41:03.0091 0x2154 WinHttpAutoProxySvc - ok
16:41:03.0106 0x2154 WinMad - ok
16:41:03.0106 0x2154 Winmgmt - ok
16:41:03.0106 0x2154 WinRM - ok
16:41:03.0122 0x2154 WINUSB - ok
16:41:03.0122 0x2154 WinVerbs - ok
16:41:03.0122 0x2154 [ F3E427DB8ED545879AE6716F7FA9B85E, 7999E9D1D003AEF9A82BFD76C1BEA4F41CACD207B9A696EBBD28187E0AE9497E ] WirelessButtonDriver64 C:\WINDOWS\system32\DRIVERS\WirelessButtonDriver64.sys
16:41:03.0138 0x2154 WirelessButtonDriver64 - ok
16:41:03.0138 0x2154 wisvc - ok
16:41:03.0138 0x2154 WlanSvc - ok
16:41:03.0138 0x2154 wlidsvc - ok
16:41:03.0153 0x2154 WmiAcpi - ok
16:41:03.0153 0x2154 wmiApSrv - ok
16:41:03.0153 0x2154 WMPNetworkSvc - ok
16:41:03.0169 0x2154 Wof - ok
16:41:03.0169 0x2154 workfolderssvc - ok
16:41:03.0169 0x2154 WPDBusEnum - ok
16:41:03.0169 0x2154 WpdUpFltr - ok
16:41:03.0184 0x2154 WpnService - ok
16:41:03.0184 0x2154 WpnUserService - ok
16:41:03.0184 0x2154 ws2ifsl - ok
16:41:03.0184 0x2154 wscsvc - ok
16:41:03.0200 0x2154 WSearch - ok
16:41:03.0200 0x2154 wuauserv - ok
16:41:03.0200 0x2154 WudfPf - ok
16:41:03.0200 0x2154 WUDFRd - ok
16:41:03.0216 0x2154 wudfsvc - ok
16:41:03.0216 0x2154 WUDFWpdFs - ok
16:41:03.0216 0x2154 WUDFWpdMtp - ok
16:41:03.0216 0x2154 WwanSvc - ok
16:41:03.0216 0x2154 XblAuthManager - ok
16:41:03.0231 0x2154 XblGameSave - ok
16:41:03.0231 0x2154 xboxgip - ok
16:41:03.0231 0x2154 XboxNetApiSvc - ok
16:41:03.0231 0x2154 xinputhid - ok
16:41:03.0247 0x2154 ================ Scan global ===============================
16:41:03.0247 0x2154 [ Global ] - ok
16:41:03.0247 0x2154 ================ Scan MBR ==================================
16:41:03.0263 0x2154 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
16:41:03.0622 0x2154 \Device\Harddisk0\DR0 - ok
16:41:03.0638 0x2154 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
16:41:03.0685 0x2154 \Device\Harddisk1\DR1 - ok
16:41:03.0685 0x2154 ================ Scan VBR ==================================
16:41:03.0685 0x2154 [ 66FE755CC3166A1CA7B612346898BD28 ] \Device\Harddisk0\DR0\Partition1
16:41:03.0685 0x2154 \Device\Harddisk0\DR0\Partition1 - ok
16:41:03.0685 0x2154 [ 5A9CE215A4A038F001E5ED7C639C7824 ] \Device\Harddisk0\DR0\Partition2
16:41:03.0700 0x2154 \Device\Harddisk0\DR0\Partition2 - ok
16:41:03.0700 0x2154 [ 82AFD368E7FE7E965946CB6D6403A4B1 ] \Device\Harddisk1\DR1\Partition1
16:41:03.0700 0x2154 \Device\Harddisk1\DR1\Partition1 - ok
16:41:03.0700 0x2154 [ 2D524F05766D084E9BC1747B63390F77 ] \Device\Harddisk1\DR1\Partition2
16:41:03.0700 0x2154 \Device\Harddisk1\DR1\Partition2 - ok
16:41:03.0700 0x2154 [ 2AA21EA5771D8FF533D8FEB1F76836B1 ] \Device\Harddisk1\DR1\Partition3
16:41:03.0700 0x2154 \Device\Harddisk1\DR1\Partition3 - ok
16:41:03.0700 0x2154 [ 31E24280C869699B39C62CA3FF6C3257 ] \Device\Harddisk1\DR1\Partition4
16:41:03.0700 0x2154 \Device\Harddisk1\DR1\Partition4 - ok
16:41:03.0700 0x2154 ================ Scan generic autorun ======================
16:41:03.0888 0x2154 [ 48611A1B3953EAB7731C3E2F625754FA, 366675B25B2A4E0188CE584ACBE095C71B45EF413E6076DE12B4A38B6E626330 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
16:41:04.0060 0x2154 RTHDVCPL - ok
16:41:04.0075 0x2154 ShadowPlay - ok
16:41:04.0075 0x2154 [ 1ACD6F295A09260BE8E2D4DE99C79338, 6C62C69C243667D813ACDEDA7B192C0370E97472C48E2AD4D00A7DC329554063 ] C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe
16:41:04.0091 0x2154 BtServer - ok
16:41:04.0091 0x2154 Logitech Download Assistant - ok
16:41:04.0106 0x2154 [ F4BC46AD4FC1F2F3372EBF8505D00436, 94F752406AC4968A917691A2E2A09C2EBAAA24E549E3BC0F5F256A8233DF86D5 ] C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe
16:41:04.0106 0x2154 AccelerometerSysTrayApplet - ok
16:41:04.0106 0x2154 [ 1F820480D5608D4E92CFAAB5AF31E476, B55AE657EF8E6FA3FB70FCA42C28E65CC65B75049B0534C2A142F5B5ACD0A8A7 ] C:\Program Files (x86)\HP\HP Wireless Button Driver\HPRadioMgr64.exe
16:41:04.0122 0x2154 HPRadioMgr - ok
16:41:04.0153 0x2154 [ AABDF172AAFD3B133C8CD9DE3477FC46, 34C6EA3C7EC3443FBA06B9E21A3E58314BDF0656EA2AA6CD714361B2E2BC6EF5 ] C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
16:41:04.0169 0x2154 HPMessageService - ok
16:41:04.0185 0x2154 OneDriveSetup - ok
16:41:04.0185 0x2154 OneDriveSetup - ok
16:41:04.0231 0x2154 [ 642102CCB9EF737E188D136B93AB9A1F, 9BF47F3B3DAD7938C804C951FC81AC5C1EA8BDD94AB29630D5080CE797F3CC0F ] C:\Users\Petra\AppData\Local\Microsoft\OneDrive\OneDrive.exe
16:41:04.0263 0x2154 OneDrive - ok
16:41:04.0278 0x2154 Waiting for KSN requests completion. In queue: 89
16:41:05.0302 0x2154 AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\wmiav.exe ( 17.0.0.727 ), 0x41000 ( enabled : updated )
16:41:05.0302 0x2154 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.1198 ), 0x60100 ( disabled : updated )
16:41:05.0302 0x2154 FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\wmiav.exe ( 17.0.0.727 ), 0x41010 ( enabled )
16:41:05.0412 0x2154 ============================================================
16:41:05.0412 0x2154 Scan finished
16:41:05.0412 0x2154 ============================================================
16:41:05.0427 0x214c Detected object count: 1
16:41:05.0427 0x214c Actual detected object count: 1
16:46:12.0754 0x214c HP Comm Recover ( UnsignedFile.Multi.Generic ) - skipped by user
16:46:12.0754 0x214c HP Comm Recover ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:49:06.0942 0x1f10 Deinitialize success
Benannt war das Objekt: Unsigned file
Service: HP Comm Recover
Suspicios objekt, medium risk
Ich hoffe, ich habe alles erforderliche gepostet.
Gruß - Moa |
So funktioniert es:
FRST 32-Bit | FRST 64-Bit
TDSSKiller.exe und speichere diese Datei auf dem Desktop