Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Trojan.Injector.MSIL in Quarantäne, trotzdem funktioniert Google Chrome nicht

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 06.03.2017, 20:14   #1
BiAnka-LF
 
Trojan.Injector.MSIL in Quarantäne, trotzdem funktioniert Google Chrome nicht - Standard

Trojan.Injector.MSIL in Quarantäne, trotzdem funktioniert Google Chrome nicht



Hallo Trojanerboard, ich sichere meinen Laptop ständig mit dem McAfee Virenscanner. Er findet keine Bedrohung. Am 02.03. ging Google Chrome nicht mehr. Es hat sich nach dem Start immer wieder aufgehangen. Auch eine Neuinstallation von Chrome brachte keine Änderung.
Nach etwas googlen bin ich drauf gekommen, dass ich eventuell Mailware auf den Rechner habe und habe mir am 04.03. die kostenlose Version von Mailwarebytes heruntergeladen. 17 Bedrohungen, darunter auch ein Trojaner (Trojan.Injector.MSIL). Ich frage mich warum McAfee da nichts findet.
Gestern am 05.03. habe ich Mailwarebytes noch einmal durchlaufen lassen und es wurden zwei weitere Schad-Dateien gefunden. Die Dateien sind alle in Quarantäne. Chrome geht immer noch nicht. Was kann ich tun?

Danke für Eure Hilfe!
Bianka

Alt 06.03.2017, 20:40   #2
M-K-D-B
/// TB-Ausbilder
 
Trojan.Injector.MSIL in Quarantäne, trotzdem funktioniert Google Chrome nicht - Standard

Trojan.Injector.MSIL in Quarantäne, trotzdem funktioniert Google Chrome nicht






Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.


Bitte beachte folgende Hinweise:
  • Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
  • Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
  • Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
  • Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
  • Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
  • Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort als Administrator zu starten!
  • Einige Programme, die wir hier verwenden, können unter Umständen von deinem Antiviren- oder Anti-Malwareprogramm fälschlicherweise als Bedrohung eingestuft werden. Die Sicherheitsprogramme können aufgrund eines bestimmten Programmverhaltens nicht zwischen "gut" oder "böse" unterscheiden und schlagen Alarm. Dabei handelt es sich um Fehlalarme, welche du getrost ignorieren kannst. Gegebenenfalls musst du deine Sicherheitssoftware vor der Ausführung eines Programms deaktivieren, damit unsere Bereinigungsvorgänge nicht beeinträchtigt werden.



Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:
So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!




Zitat:
Nach etwas googlen bin ich drauf gekommen, dass ich eventuell Mailware auf den Rechner habe und habe mir am 04.03. die kostenlose Version von Mailwarebytes heruntergeladen. 17 Bedrohungen, darunter auch ein Trojaner (Trojan.Injector.MSIL)
Alles schön und gut, aber ohne die Logdateien von MBAM helfen mir solche Infos nicht.
Bitte die kompletten Logdateien von MBAM mit den Funden posten.

Gedanklich musst du dich davon verabscheiden, dass McAfee sämtliche Schadsoftware erkennt.








Zur ersten Analyse bitte FRST und TDSS-Killer ausführen:



Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)






Schritt 2
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.







Bitte poste mit deiner nächsten Antwort
  • die Logdateien von MBAM mit den Funden,
  • die Logdatei von TDSS-Killer,
  • die beiden neuen Logdateien von FRST.
__________________

__________________

Alt 06.03.2017, 21:56   #3
BiAnka-LF
 
Trojan.Injector.MSIL in Quarantäne, trotzdem funktioniert Google Chrome nicht - Standard

Trojan.Injector.MSIL in Quarantäne, trotzdem funktioniert Google Chrome nicht



FRST.txt

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 05-03-2017
durchgeführt von Bianka (Administrator) auf JENSBIANKALIEBE (06-03-2017 21:15:36)
Gestartet von C:\Users\Bianka\Desktop
Geladene Profile: Bianka (Verfügbare Profile: Bianka)
Platform: Windows 8.1 Connected (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Intel(R) Corporation) C:\Program Files\Intel Corporation\Intel(R) Technology Access\LegacyCsLoaderService.exe
(Intel(R) Corporation) C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMSvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Malwarebytes) E:\Programme\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Quick Access\QASvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Quick Access\RMSvc.exe
(Intel Security) C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McC9A94.tmp
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(acer) C:\Program Files\Packard Bell\User Experience Improvement Program\Framework\UBTService.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.EXE
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(Pokki) C:\Users\Bianka\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMLockHandler.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMTray.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Quick Access\QAEvent.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Quick Access\QAMsg.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Malwarebytes) E:\Programme\Malwarebytes\Anti-Malware\mbamtray.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerWinMonitor.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\2.3.290.0\McCSPServiceHost.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\VSCore_15_6\mcapexe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\swriter.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.bin
(McAfee, Inc.) C:\Program Files\McAfee\VirusScan\McVsShld.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672664 2014-06-30] (Realtek Semiconductor)
HKLM\...\Run: [Malwarebytes TrayApp] => E:\PROGRAMME\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2014-04-29] (Atheros Communications)
HKU\S-1-5-21-3939777714-882395854-1159617953-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27427808 2017-02-08] (Skype Technologies S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2016-08-26]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk [2014-11-21]
ShortcutTarget: Install LastPass FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk [2014-11-21]
ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe ()
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{C2DD1DA6-5C52-4B22-9AD4-AEFFB5517783}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{FDA7EFCC-8D4F-4528-998E-4C644058C139}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3939777714-882395854-1159617953-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
HKU\S-1-5-21-3939777714-882395854-1159617953-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=APJB
SearchScopes: HKLM -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKLM-x32 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3939777714-882395854-1159617953-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3939777714-882395854-1159617953-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3939777714-882395854-1159617953-1001 -> {69142CA1-E7F5-4C54-A9B4-81E7F99E8A45} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=B011DE453D20141008&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-3939777714-882395854-1159617953-1001 -> {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = hxxp://de.yhs4.search.yahoo.com/yhs/search?hspart=acer&hsimp=yhs-acer_001&p={searchTerms}
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2014-11-21] (LastPass)
BHO: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll [2014-11-21] (LastPass)
BHO-x32: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2014-11-21] (LastPass)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll [2014-11-21] (LastPass)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2017-02-10] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2017-02-10] (McAfee, Inc.)

FireFox:
========
FF ProfilePath: C:\Users\Bianka\AppData\Roaming\Mozilla\Firefox\Profiles\2ptrwtj5.default [2017-03-05]
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\2ptrwtj5.default -> Sichere Suche
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\2ptrwtj5.default -> Web Search
FF Homepage: Mozilla\Firefox\Profiles\2ptrwtj5.default -> hxxp://google.de/
FF Keyword.URL: Mozilla\Firefox\Profiles\2ptrwtj5.default -> hxxps://de.search.yahoo.com/search?fr=mcafee&type=C111DE453D20141008&p=
FF Extension: (LastPass) - C:\Users\Bianka\AppData\Roaming\Mozilla\Firefox\Profiles\2ptrwtj5.default\Extensions\support@lastpass.com [2015-09-24]
FF Extension: (Video DownloadHelper) - C:\Users\Bianka\AppData\Roaming\Mozilla\Firefox\Profiles\2ptrwtj5.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-09-20]
FF Extension: (McAfee WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2016-05-24]
FF SearchPlugin: C:\Users\Bianka\AppData\Roaming\Mozilla\Firefox\Profiles\2ptrwtj5.default\searchplugins\McSiteAdvisor.xml [2017-03-05]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2017-02-17] [ist nicht signiert]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2015-08-02]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-02-15] ()
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2014-11-21] (LastPass)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2017-02-10] ()
FF Plugin: @videolan.org/vlc,version=2.1.5 -> E:\Programme\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-15] ()
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2014-11-21] (LastPass)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2017-02-10] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-03-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-03-05] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3939777714-882395854-1159617953-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Bianka\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2016-08-31] (Citrix Online)
FF Plugin HKU\S-1-5-21-3939777714-882395854-1159617953-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\Bianka\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2017-02-28] (Zoom Video Communications, Inc.)

Chrome: 
=======
CHR HomePage: Default -> hxxp://homepage-web.com/?s=acer&m=home
CHR StartupUrls: Default -> "hxxp://google.de/"
CHR DefaultSearchKeyword: Default -> lp
CHR Profile: C:\Users\Bianka\AppData\Local\Google\Chrome\User Data\Default [2017-03-06]
CHR Extension: (Google Docs) - C:\Users\Bianka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-03-05]
CHR Extension: (Google Drive) - C:\Users\Bianka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-05]
CHR Extension: (ColorZilla) - C:\Users\Bianka\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhlhnicpbhignbdhedgjhgdocnmhomnp [2017-03-05]
CHR Extension: (YouTube) - C:\Users\Bianka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-05]
CHR Extension: (Google Docs Offline) - C:\Users\Bianka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-03-05]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Bianka\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2017-03-05]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Bianka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-05]
CHR Extension: (Google Mail) - C:\Users\Bianka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-05]
CHR Extension: (Chrome Media Router) - C:\Users\Bianka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-03-05]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-04-27]
CHR HKLM\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3939777714-882395854-1159617953-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-04-27]
CHR HKLM-x32\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx

Opera: 
=======
StartMenuInternet: (HKLM) OperaStable - E:\Programme\Opera\Launcher.exe

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 0295171488827201mcinstcleanup; C:\Windows\TEMP\029517~1.EXE [1027864 2016-11-28] (McAfee, Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [319104 2014-04-29] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert]
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [3053312 2014-06-26] (Acer Incorporated)
U4 ClientAnalyticsService; C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe [1747800 2017-02-16] (Intel Security)
R3 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [2573032 2014-06-12] (Acer Incorporated)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Datei ist nicht signiert]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315376 2014-06-09] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation)
R2 Intel(R) Technology Access Legacy CS Loader; C:\Program Files\Intel Corporation\Intel(R) Technology Access\LegacyCsLoaderService.exe [144128 2015-07-31] (Intel(R) Corporation)
R2 Intel(R) TechnologyAccessService; C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe [481536 2015-07-31] (Intel(R) Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel Corporation)
R2 LMSvc; C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMSvc.exe [466664 2014-06-10] (Acer Incorporate)
R2 MBAMService; E:\Programme\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [188352 2017-02-22] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_15_6\McApExe.exe [989632 2017-01-23] (McAfee, Inc.)
R2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\2.3.290.0\\McCSPServiceHost.exe [2054080 2017-02-04] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [1342904 2017-02-01] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [241040 2016-11-14] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [383032 2016-11-14] (McAfee, Inc.)
R3 mfevtp; C:\Windows\system32\mfevtps.exe [342768 2016-11-14] (McAfee, Inc.)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1465840 2016-12-22] (McAfee, Inc.)
R3 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1104304 2016-11-15] (Intel Security, Inc.)
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R3 QASvc; C:\Program Files\Packard Bell\Packard Bell Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 RMSvc; C:\Program Files\Packard Bell\Packard Bell Quick Access\RMSvc.exe [449768 2014-06-26] (Acer Incorporate)
R3 UEIPSvc; C:\Program Files\Packard Bell\User Experience Improvement Program\Framework\UBTService.exe [233216 2014-06-23] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S3 Intel(R) TA SAM; "C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3893248 2014-04-02] (Qualcomm Atheros Communications, Inc.)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-04-29] (Qualcomm Atheros)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [88456 2016-11-18] (McAfee, Inc.)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 GPIO; C:\Windows\System32\drivers\iaiogpioe.sys [31232 2014-06-09] (Intel Corporation)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [216704 2016-08-02] (McAfee, Inc.)
R3 iaioi2c; C:\Windows\System32\drivers\iaioi2ce.sys [69632 2014-06-09] (Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [251848 2017-03-05] (Malwarebytes)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [484576 2016-11-18] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [366320 2016-11-18] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [85048 2016-11-18] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [518184 2016-11-18] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [916432 2016-11-18] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [498152 2016-10-24] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [109336 2016-10-24] (McAfee, Inc.)
R3 mfeplk; C:\Windows\System32\drivers\mfeplk.sys [110248 2016-11-18] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [46240 2016-06-06] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [254800 2016-11-18] (McAfee, Inc.)
R1 ndisrd; C:\Windows\system32\DRIVERS\ndisrfl.sys [41688 2015-04-30] (Intel Corporation)
R3 NetTap630; C:\Windows\system32\DRIVERS\nettap630.sys [67800 2015-04-30] (Intel Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-06 21:15 - 2017-03-06 21:17 - 00026212 _____ C:\Users\Bianka\Desktop\FRST.txt
2017-03-06 21:14 - 2017-03-06 21:15 - 00000000 ____D C:\FRST
2017-03-06 21:13 - 2017-03-06 21:12 - 02423808 _____ (Farbar) C:\Users\Bianka\Desktop\FRST64.exe
2017-03-06 20:45 - 2017-03-06 20:45 - 00000119 ____H C:\Users\Bianka\Desktop\.~lock.eBookText (neu).odt#
2017-03-06 20:12 - 2017-03-06 20:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2017-03-05 22:50 - 2017-03-05 23:37 - 00015645 _____ C:\Users\Bianka\Desktop\Brotrezept.odt
2017-03-05 19:30 - 2017-03-05 19:30 - 00002251 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-03-05 19:30 - 2017-03-05 19:30 - 00002239 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-03-05 19:29 - 2017-03-05 19:29 - 00003542 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-03-05 19:29 - 2017-03-05 19:29 - 00003414 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-03-04 15:33 - 2017-03-06 20:01 - 00004034 _____ C:\Windows\System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse
2017-03-04 13:52 - 2017-03-04 13:52 - 00133640 _____ (Zoom Video Communications, Inc.) C:\Users\Bianka\Downloads\Zoom_launcher (3).exe
2017-03-04 13:52 - 2017-03-04 13:52 - 00000000 ____D C:\Users\Bianka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2017-03-04 00:18 - 2017-03-05 19:56 - 00251848 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-03-04 00:17 - 2017-03-04 00:17 - 00000925 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-03-04 00:17 - 2017-03-04 00:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-03-04 00:17 - 2017-03-04 00:17 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-03-04 00:17 - 2017-01-20 07:47 - 00077416 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-03-03 19:17 - 2017-03-03 19:18 - 01129376 _____ (Google Inc.) C:\Users\Bianka\Downloads\ChromeSetup.exe
2017-03-01 21:25 - 2017-03-01 21:26 - 439608336 _____ C:\Users\Bianka\Downloads\Interview Bianca und Katharina Kongress Lebensfreude zoom_0.mp4
2017-03-01 11:56 - 2017-03-01 11:56 - 00133640 _____ (Zoom Video Communications, Inc.) C:\Users\Bianka\Downloads\Zoom_launcher (2).exe
2017-03-01 11:26 - 2017-03-01 11:26 - 00133640 _____ (Zoom Video Communications, Inc.) C:\Users\Bianka\Downloads\Zoom_launcher (1).exe
2017-03-01 10:29 - 2017-03-05 20:32 - 00000033 _____ C:\Users\Bianka\Desktop\LP.txt
2017-03-01 08:58 - 2017-03-04 14:52 - 00000000 ____D C:\Users\Bianka\Documents\Zoom
2017-03-01 08:52 - 2017-03-04 13:53 - 00001954 _____ C:\Users\Bianka\Desktop\Zoom.lnk
2017-03-01 08:51 - 2017-03-01 08:51 - 00133640 _____ (Zoom Video Communications, Inc.) C:\Users\Bianka\Downloads\Zoom_launcher.exe
2017-02-27 21:19 - 2017-02-27 21:19 - 01629144 _____ (Skype Technologies S.A.) C:\Users\Bianka\Downloads\SkypeSetup.exe
2017-02-26 20:43 - 2017-03-05 14:25 - 00033172 _____ C:\Users\Bianka\Desktop\eBookText (neu).odt
2017-02-25 21:56 - 2017-02-26 17:32 - 00000000 ____D C:\Users\Bianka\Desktop\Pure-Lebensfreude-Online-Kongress
2017-02-25 12:30 - 2017-02-26 22:35 - 00027994 _____ C:\Users\Bianka\Desktop\Whatsapp-Chat.txt
2017-02-24 19:18 - 2017-02-24 19:19 - 00000706 _____ C:\Users\Bianka\Desktop\Onlinekongresserläuterung.txt
2017-02-23 21:59 - 2017-02-23 23:23 - 00000300 _____ C:\Users\Bianka\Desktop\Impressum.txt
2017-02-17 21:51 - 2017-02-17 21:51 - 00046655 _____ C:\Users\Bianka\Downloads\PB_KAZ_KtoNr_0092294801_07-02-2017_0928.pdf
2017-02-15 16:16 - 2017-02-15 22:57 - 00000453 _____ C:\Users\Bianka\Desktop\Karima Stockmann.txt
2017-02-15 13:22 - 2017-02-15 16:16 - 00000274 _____ C:\Users\Bianka\Desktop\Franziska Luschas.txt
2017-02-15 13:10 - 2017-02-19 17:37 - 00000670 _____ C:\Users\Bianka\Desktop\Astrid Kuby.txt
2017-02-15 11:36 - 2017-02-15 13:10 - 00000183 _____ C:\Users\Bianka\Desktop\Berge.txt
2017-02-15 10:05 - 2017-02-15 11:36 - 00000288 _____ C:\Users\Bianka\Desktop\Silvia Maria Engel.txt
2017-02-06 21:51 - 2017-02-06 21:57 - 00003772 _____ C:\Users\Bianka\Desktop\Gunnar Kessler.txt

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-06 21:14 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf
2017-03-06 20:55 - 2016-09-14 11:24 - 00000000 ____D C:\Users\Bianka\Desktop\ExpertenBilderZ
2017-03-06 20:55 - 2016-09-14 11:21 - 00000000 ____D C:\Users\Bianka\Desktop\ExpertenBilderA
2017-03-06 20:54 - 2016-09-14 10:00 - 00000000 ____D C:\Users\Bianka\Desktop\ExpertenBilderBianka
2017-03-06 20:54 - 2014-08-10 10:06 - 00765582 _____ C:\Windows\system32\perfh007.dat
2017-03-06 20:54 - 2014-08-10 10:06 - 00159366 _____ C:\Windows\system32\perfc007.dat
2017-03-06 20:54 - 2014-03-18 10:47 - 01776918 _____ C:\Windows\system32\PerfStringBackup.INI
2017-03-06 20:33 - 2016-08-31 17:57 - 00000696 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-3939777714-882395854-1159617953-1001.job
2017-03-06 20:25 - 2016-08-31 17:57 - 00000600 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3939777714-882395854-1159617953-1001.job
2017-03-06 20:25 - 2014-11-25 13:47 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-03-06 20:20 - 2014-10-08 17:47 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3939777714-882395854-1159617953-1001
2017-03-06 20:07 - 2016-06-18 11:56 - 00003068 _____ C:\Windows\System32\Tasks\McAfeeLogon
2017-03-06 20:07 - 2016-01-30 14:11 - 00000000 ____D C:\Windows\System32\Tasks\McAfee
2017-03-06 20:06 - 2016-01-30 14:09 - 00000000 ____D C:\Program Files (x86)\McAfee
2017-03-06 20:02 - 2014-10-08 17:45 - 00000000 ___DO C:\Users\Bianka\OneDrive
2017-03-06 19:41 - 2014-10-08 17:40 - 00000000 ____D C:\Users\Bianka\AppData\Local\SweetLabs App Platform
2017-03-05 23:53 - 2016-03-19 21:00 - 00000000 ____D C:\Users\Bianka\Desktop\Fotos
2017-03-05 23:37 - 2015-12-18 17:08 - 03708416 ___SH C:\Users\Bianka\Desktop\Thumbs.db
2017-03-05 19:56 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-03-05 19:30 - 2014-10-08 18:31 - 00000000 ____D C:\Users\Bianka\AppData\Local\Google
2017-03-05 19:29 - 2014-10-08 18:31 - 00000000 ____D C:\Program Files (x86)\Google
2017-03-05 18:54 - 2014-10-08 17:40 - 00000000 ____D C:\Users\Bianka
2017-03-05 15:34 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\NDF
2017-03-05 15:08 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2017-03-05 14:41 - 2014-10-08 17:59 - 00000000 __SHD C:\Users\Bianka\AppData\LocalLow\EmieUserList
2017-03-05 14:41 - 2014-10-08 17:58 - 00000000 __SHD C:\Users\Bianka\AppData\LocalLow\EmieSiteList
2017-03-05 00:08 - 2014-11-05 20:14 - 00000000 ____D C:\Users\Bianka\AppData\Roaming\vlc
2017-03-04 19:30 - 2017-01-03 00:13 - 00021862 _____ C:\Users\Bianka\Desktop\Haushaltsbuch 2017 .ods
2017-03-04 13:52 - 2016-01-19 23:01 - 00000000 ____D C:\Users\Bianka\AppData\Roaming\Zoom
2017-03-04 10:24 - 2014-11-01 18:15 - 00000000 ____D C:\Users\Bianka\AppData\Local\CrashDumps
2017-03-03 20:16 - 2017-01-18 20:49 - 00013932 _____ C:\Users\Bianka\Desktop\RechnungenUmsatzsteuerFA 2016 (neu).ods
2017-03-02 18:48 - 2014-10-08 17:45 - 00002454 _____ C:\Users\Bianka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk
2017-03-01 10:17 - 2017-01-20 18:02 - 00000790 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2017-03-01 10:17 - 2014-11-25 10:54 - 00003862 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1416909253
2017-03-01 08:41 - 2016-04-10 17:57 - 00000000 ____D C:\Program Files\Common Files\logishrd
2017-02-28 22:47 - 2016-01-18 11:01 - 00000000 ____D C:\Users\Bianka\AppData\Roaming\Skype
2017-02-28 09:51 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\LiveKernelReports
2017-02-27 22:06 - 2016-10-13 10:56 - 00019537 _____ C:\Users\Bianka\Desktop\Experten,Tel,EMail,Verein.ods
2017-02-27 21:24 - 2016-01-18 10:59 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-02-27 21:24 - 2016-01-18 10:59 - 00000000 ____D C:\ProgramData\Skype
2017-02-27 20:29 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2017-02-27 20:23 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-02-25 21:54 - 2016-09-21 10:12 - 00001913 _____ C:\Users\Bianka\Desktop\Andre Loibl.txt
2017-02-23 23:30 - 2014-11-24 12:04 - 03101184 ___SH C:\Users\Bianka\Downloads\Thumbs.db
2017-02-23 22:21 - 2014-11-09 21:16 - 00000000 ____D C:\Windows\system32\MRT
2017-02-23 22:16 - 2014-11-09 21:16 - 138020592 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-02-22 23:10 - 2015-05-01 21:23 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-02-22 19:25 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
2017-02-22 19:21 - 2014-10-08 18:30 - 00000000 ____D C:\Users\Bianka\AppData\Local\Deployment
2017-02-22 18:54 - 2014-10-08 17:59 - 00000000 __SHD C:\Users\Bianka\AppData\Local\EmieUserList
2017-02-22 18:54 - 2014-10-08 17:59 - 00000000 __SHD C:\Users\Bianka\AppData\Local\EmieSiteList
2017-02-19 21:58 - 2016-10-26 11:38 - 00015533 _____ C:\Users\Bianka\Desktop\Thomas Schmelzer.txt
2017-02-19 17:55 - 2017-01-22 15:29 - 00000300 _____ C:\Users\Bianka\Desktop\Ina Rudolph.txt
2017-02-18 20:07 - 2016-08-31 17:57 - 00003712 _____ C:\Windows\System32\Tasks\G2MUploadTask-S-1-5-21-3939777714-882395854-1159617953-1001
2017-02-18 20:07 - 2016-08-31 17:57 - 00003616 _____ C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-3939777714-882395854-1159617953-1001
2017-02-17 21:41 - 2016-01-30 14:03 - 00000000 ____D C:\ProgramData\McAfee
2017-02-17 21:40 - 2016-01-30 14:03 - 00000000 ____D C:\Program Files\Common Files\McAfee
2017-02-17 21:40 - 2013-08-22 15:44 - 00377416 _____ C:\Windows\system32\FNTCACHE.DAT
2017-02-15 10:04 - 2017-01-11 13:47 - 00001529 _____ C:\Users\Bianka\Desktop\Ralf senftleben.txt
2017-02-15 08:25 - 2014-11-25 13:47 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-02-15 08:25 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-02-15 08:25 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\Macromed
2017-02-10 22:33 - 2013-08-22 16:36 - 00000000 ___HD C:\Windows\ELAMBKUP
2017-02-09 23:32 - 2016-09-21 09:11 - 00011681 _____ C:\Users\Bianka\Desktop\Recherche Experten.txt
2017-02-06 20:41 - 2016-10-12 23:26 - 00835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-02-06 20:41 - 2016-10-12 23:26 - 00177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-02-05 23:26 - 2017-01-25 00:24 - 00000000 ____D C:\Users\Bianka\Desktop\Bilder für Freebie

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-11-21 23:42 - 2014-11-21 23:42 - 14147584 _____ () C:\Program Files (x86)\Common Files\lpuninstall.exe
2014-08-10 01:06 - 2014-08-10 01:06 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-08-26 15:56 - 2016-08-26 16:06 - 0000369 _____ () C:\ProgramData\hpzinstall.log

Einige Dateien in TEMP:
====================
2014-11-25 13:50 - 2013-12-25 12:34 - 3832576 _____ (Acer Incorporated) C:\Users\Bianka\AppData\Local\Temp\AcerDocsSetup.exe
2015-02-15 04:36 - 2015-02-15 04:36 - 40696528 _____ (Intel Corporation) C:\Users\Bianka\AppData\Local\Temp\Intel_Technology_Access_Software.exe
2015-12-02 16:05 - 2015-12-02 16:05 - 0120336 _____ (McAfee, Inc.) C:\Users\Bianka\AppData\Local\Temp\McCSPInstall.dll
2015-12-28 12:03 - 2015-09-01 12:11 - 0162120 _____ (McAfee Inc.) C:\Users\Bianka\AppData\Local\Temp\mccspuninstall.exe
2015-02-25 21:34 - 2015-02-25 21:35 - 135518328 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct12DD.tmp.exe
2016-04-14 18:42 - 2016-04-14 18:42 - 63707840 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct1418.tmp.exe
2015-12-11 18:27 - 2015-12-11 18:28 - 62903592 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct15D4.tmp.exe
2015-07-19 20:04 - 2015-07-19 20:05 - 67099128 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct162A.tmp.exe
2015-12-13 20:55 - 2015-12-13 20:56 - 63066872 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct175F.tmp.exe
2015-06-01 21:18 - 2015-06-01 21:18 - 67289280 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct1ACA.tmp.exe
2016-07-29 10:58 - 2016-07-29 11:07 - 63953128 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct2AC4.tmp.exe
2015-06-01 21:12 - 2015-06-01 21:13 - 67289280 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct2CA5.tmp.exe
2015-03-15 20:41 - 2015-03-15 20:42 - 139274496 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct41EA.tmp.exe
2015-01-03 14:40 - 2015-01-03 14:41 - 87183720 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct56AC.tmp.exe
2014-12-21 17:32 - 2014-12-21 17:33 - 95168336 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct5732.tmp.exe
2015-10-10 11:31 - 2015-10-10 11:31 - 67197784 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct5807.tmp.exe
2015-01-31 18:54 - 2015-01-31 18:55 - 61865696 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct61D7.tmp.exe
2015-03-22 21:00 - 2015-03-22 21:01 - 109032712 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct6283.tmp.exe
2015-02-02 14:08 - 2015-02-02 14:08 - 61862488 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct7427.tmp.exe
2015-03-12 20:52 - 2015-03-12 20:53 - 139275384 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct8E2F.tmp.exe
2016-02-17 20:14 - 2016-02-17 20:15 - 63078856 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct95E1.tmp.exe
2015-05-30 20:40 - 2015-05-30 20:40 - 67289280 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct9687.tmp.exe
2014-11-21 22:11 - 2014-11-21 22:30 - 84041160 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct9889.tmp.exe
2015-05-09 12:23 - 2015-05-09 12:24 - 107701776 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct9CB4.tmp.exe
2015-07-25 17:53 - 2015-07-25 17:53 - 67096576 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct9CF6.tmp.exe
2015-06-01 21:09 - 2015-06-01 21:10 - 67289280 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octA56E.tmp.exe
2015-05-24 14:29 - 2015-05-24 14:29 - 66882760 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octA6A4.tmp.exe
2015-06-01 21:15 - 2015-06-01 21:15 - 67289280 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octAF39.tmp.exe
2016-07-25 14:27 - 2016-07-25 14:28 - 63953600 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octB45A.tmp.exe
2015-10-30 18:30 - 2015-10-30 18:31 - 64809432 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octB7E9.tmp.exe
2015-12-07 23:04 - 2015-12-07 23:05 - 62760704 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octBF1D.tmp.exe
2015-02-11 19:02 - 2015-02-11 19:02 - 61869384 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octC2C8.tmp.exe
2015-08-28 08:59 - 2015-08-28 09:00 - 67202952 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octC8F0.tmp.exe
2015-04-17 17:17 - 2015-04-17 17:18 - 107667040 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octCC20.tmp.exe
2016-09-20 20:37 - 2016-09-20 20:37 - 64108904 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octCD56.tmp.exe
2015-02-22 16:13 - 2015-02-22 16:14 - 135702664 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octD17A.tmp.exe
2014-12-19 19:14 - 2014-12-19 19:14 - 84724888 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octD1F5.tmp.exe
2015-02-23 22:55 - 2015-02-23 22:55 - 135702568 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octD819.tmp.exe
2015-03-16 22:58 - 2015-03-16 22:58 - 94958272 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octD8AF.tmp.exe
2016-03-15 22:21 - 2016-03-15 22:22 - 63142648 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octD992.tmp.exe
2016-03-10 23:11 - 2016-03-10 23:12 - 63143840 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octDB79.tmp.exe
2016-11-17 23:37 - 2016-11-17 23:37 - 64111920 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octDB9.tmp.exe
2014-10-08 18:23 - 2014-10-08 18:24 - 50678288 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octF10C.tmp.exe
2016-08-15 20:55 - 2016-08-15 20:55 - 7046480 _____ () C:\Users\Bianka\AppData\Local\Temp\paint.net.4.0.10.install.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-03-01 10:37

==================== Ende von FRST.txt ============================
         
Addition.txt

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 05-03-2017
durchgeführt von Bianka (06-03-2017 21:19:00)
Gestartet von C:\Users\Bianka\Desktop
Windows 8.1 Connected (Update) (X64) (2014-10-08 16:40:44)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3939777714-882395854-1159617953-500 - Administrator - Disabled)
Bianka (S-1-5-21-3939777714-882395854-1159617953-1001 - Administrator - Enabled) => C:\Users\Bianka
Gast (S-1-5-21-3939777714-882395854-1159617953-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3939777714-882395854-1159617953-1003 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}
FW: McAfee Firewall (Enabled) {B3F62DDF-980B-3470-75A7-407A2E6F58C7}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

4500_G510af_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
4500G510af (x32 Version: 140.0.001.000 - Hewlett-Packard) Hidden
4500G510af_Software_Min (x32 Version: 140.0.001.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 20.0.0.260 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.01.2008.3 - Acer Incorporated)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bing Bar (HKLM-x32\...\{3611CA6C-5FCA-4900-A329-6A118123CCFC}) (Version: 7.1.355.0 - Microsoft Corporation)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Citrix Online Launcher (HKLM-x32\...\{09DA5EE2-7E46-4DC4-96F9-BFEE50D40659}) (Version: 1.0.408 - Citrix)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4917 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.4220 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3914.57 - CyberLink Corp.)
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden
eBay Worldwide (HKLM-x32\...\{91589413-6675-4C27-8AFC-EFB9103B90A5}) (Version: 2.4.0105 - OEM)
Fax (x32 Version: 140.0.307.000 - Hewlett-Packard) Hidden
FileZilla Client 3.23.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.23.0.2 - Tim Kosse)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
GoToMeeting 8.0.0.6441 (HKU\S-1-5-21-3939777714-882395854-1159617953-1001\...\GoToMeeting) (Version: 8.0.0.6441 - CitrixOnline)
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Host App Service (HKU\S-1-5-21-3939777714-882395854-1159617953-1001\...\SweetLabs_AP) (Version: 0.269.8.114 - Pokki)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Officejet 4500 G510a-f 14.0 Rel. 6 (HKLM\...\{A49C5804-8F24-433C-99B2-9F9F541090C7}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Support Assistant (HKLM-x32\...\{4780AF24-213D-4187-86F2-0014A6D6077B}) (Version: 8.3.50.9 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{AAE126B3-95C5-49E1-A590-7B5F6EDC7D60}) (Version: 12.5.32.203 - HP Inc.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8101 - Packard Bell)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3574 - Intel Corporation)
Intel(R) Technology Access (HKLM-x32\...\{fb74531f-28c3-4dca-9849-e6b8faa85afe}) (Version: 1.5.0.1021 - Intel Corporation)
Intel(R) Technology Access Software Asset Manager (x32 Version: 1.0.1562 - Intel Corporation) Hidden
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation)
LastPass (Nur deinstallieren) (HKLM-x32\...\LastPass) (Version:  - LastPass)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8100 - Packard Bell)
Malwarebytes Version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
McAfee Internet Security Suite (HKLM-x32\...\MSC) (Version: 14.0.12000 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.235 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0 - Mozilla)
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Opera Stable 43.0.2442.1144 (HKLM-x32\...\Opera 43.0.2442.1144) (Version: 43.0.2442.1144 - Opera Software)
Packard Bell Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Packard Bell)
Packard Bell Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8107 - Packard Bell)
Packard Bell Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8105 - Packard Bell)
Packard Bell Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3016.0 - Packard Bell)
Packard Bell Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8108 - Packard Bell)
Packard Bell User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.02.3004 - Packard Bell)
Packard Bell User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.02.3004 - Packard Bell)
paint.net (HKLM\...\{6AC1101E-7561-43C9-BEEA-4AB1D220D8FF}) (Version: 4.0.13 - dotPDN LLC)
Pokki Start Menu (HKU\S-1-5-21-3939777714-882395854-1159617953-1001\...\SweetLabs_Start_Menu) (Version: 0.269.8.114 - Pokki)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.322 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.33 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.39059 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.33.529.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7288 - Realtek Semiconductor Corp.)
Saal Design Software (HKLM-x32\...\SaalDesignSoftware) (Version: 4.0 - Saal Digital Fotoservice GmbH)
Saal Design Software (x32 Version: 4.0 - Saal Digital Fotoservice GmbH) Hidden
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype™ 7.32 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.104 - Skype Technologies S.A.)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.6.81.gd359a796 - Spotify AB)
Startfenster (HKLM-x32\...\Startfenster) (Version:  - Startfenster) <==== ACHTUNG
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
WinRAR 5.40 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-3939777714-882395854-1159617953-1001\...\ZoomUMX) (Version: 4.0 - Zoom Video Communications, Inc.)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3939777714-882395854-1159617953-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3939777714-882395854-1159617953-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Bianka\AppData\Local\Citrix\GoToMeeting\5808\G2MOutlookAddin64.dll => Keine Datei

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {05690C2D-2462-4329-A6BA-2BE6B7928391} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Packard Bell\Packard Bell Recovery Management\Notification\Notification.exe [2014-06-17] (Acer Incorporated)
Task: {085E5887-7694-4C67-B066-07CA7CF7D58F} - System32\Tasks\G2MUpdateTask-S-1-5-21-3939777714-882395854-1159617953-1001 => C:\Users\Bianka\AppData\Local\Citrix\GoToMeeting\6441\g2mupdate.exe [2017-02-18] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {106706D0-E476-400D-B4AD-2DC7B9C94E25} - System32\Tasks\UbtFrameworkService => C:\Program Files\Packard Bell\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-12] (TODO: <Company name>)
Task: {1A46170F-14F7-41FE-8E2B-E06FC3306809} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-12-07] (HP Inc.)
Task: {312CDB5A-4AC9-43C4-B4AC-C1ED6DDB1547} - System32\Tasks\IntelTA-Upgrade-56460984-97c2-4bc7-a632-d776cf817f5d => C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe 
Task: {312E43F1-DFFC-4E8B-80E0-1B5A9E39B030} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [2016-12-09] (McAfee, Inc.)
Task: {39A7FD01-C315-4367-86CF-19F05FF3FB85} - System32\Tasks\SweetLabs App Platform => C:\Users\Bianka\AppData\Local\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe [2016-11-16] (Pokki)
Task: {46C1FA8A-EAC0-4ECB-B5D6-3E90F05B0D75} - System32\Tasks\IntelTA-Upgrade-56460984-97c2-4bc7-a632-d776cf817f5d-Logon => C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe 
Task: {47FC67FC-9211-4ADE-9B00-4B50628B3137} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {52E66837-0D6C-4593-91B4-1101A2088582} - System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.50.1291.1\mcdatrep.exe [2017-02-10] (McAfee, Inc.)
Task: {6D5036F1-FF73-47A9-88E3-C0C28EB11624} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2016-12-06] (HP Inc.)
Task: {6E83697B-11FB-4B17-8751-0E153CCBE470} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)
Task: {86377B76-DC30-4084-97F1-4460C9CF88AA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {90AA8809-AAB5-4716-B4FE-8FB10A69AF5C} - System32\Tasks\Launch Manager => C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMLauncher.exe [2014-06-10] (Acer Incorporate)
Task: {9724304D-AEFF-4334-866A-49DD98ECC1FA} - System32\Tasks\Quick Access => C:\Program Files\Packard Bell\Packard Bell Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {AD342E15-C9E1-4F7F-B358-57EF5D892E15} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {B4BCE3D4-CB4C-4036-AD11-1EE7A571446D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-05] (Google Inc.)
Task: {B6CF8580-93B8-4991-A681-07047CD3D3D0} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {B924DBF1-6776-4110-AE67-4F92EA42C3C8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2017-02-23] (Microsoft Corporation)
Task: {B9635281-C472-4AE6-94D6-81F6E3902874} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Packard Bell\Packard Bell Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {D18E474C-2E57-48E5-AC50-9933F3194224} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-05] (Google Inc.)
Task: {D3C088AF-18A5-416B-B125-25A93C6FE4F3} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {D8F6BBFF-8454-4137-9B0C-E4E62002B90A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {E00F7476-48BF-48F8-A325-B88AD2C2BBFA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)
Task: {E5123DAA-931C-44A6-B9AE-C3351D3D8FF3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-15] (Adobe Systems Incorporated)
Task: {E79B1364-B9CB-42DA-886A-D57ECC9BA405} - System32\Tasks\G2MUploadTask-S-1-5-21-3939777714-882395854-1159617953-1001 => C:\Users\Bianka\AppData\Local\Citrix\GoToMeeting\6441\g2mupload.exe [2017-02-18] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {EB873949-AEBC-4FE8-8C95-39E517C105FE} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Packard Bell\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {EBDA2E4D-7745-4035-86B1-6AD1ED378541} - System32\Tasks\ALU => C:\Program Files (x86)\Packard Bell\Live Updater\updater.exe [2013-07-08] ()
Task: {EC753DFA-E68E-4D00-B974-D5C75CCCE682} - System32\Tasks\Power Management => C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTrayLauncher.exe [2014-06-12] (Acer Incorporated)
Task: {F2091015-81A7-496C-937F-94BD68A461E3} - System32\Tasks\Opera scheduled Autoupdate 1416909253 => E:\Programme\Opera\launcher.exe [2017-02-27] (Opera Software)
Task: {F33E1F55-808A-4E9E-9A4E-A30E6B322DB8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-06] (HP Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3939777714-882395854-1159617953-1001.job => C:\Users\Bianka\AppData\Local\Citrix\GoToMeeting\6441\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-3939777714-882395854-1159617953-1001.job => C:\Users\Bianka\AppData\Local\Citrix\GoToMeeting\6441\g2mupload.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-07-07 10:44 - 2015-07-07 10:44 - 00088064 _____ () C:\Program Files\Intel Corporation\Intel(R) Technology Access\libglog.dll
2015-07-07 12:41 - 2015-07-07 12:41 - 01793280 _____ () C:\Program Files\Intel Corporation\Intel(R) Technology Access\cpprest120_1_4.dll
2015-07-07 12:41 - 2015-07-07 12:41 - 00354560 _____ () C:\Program Files\Intel Corporation\Intel(R) Technology Access\JsonCpp.dll
2014-08-10 01:34 - 2012-04-24 11:43 - 00254512 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2017-03-04 00:17 - 2017-01-20 07:47 - 02264352 _____ () E:\PROGRAMME\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2014-04-29 01:38 - 2014-04-29 01:38 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2014-04-29 01:35 - 2014-04-29 01:35 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2014-04-29 01:42 - 2014-04-29 01:42 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2014-08-13 09:27 - 2014-08-13 09:27 - 00988160 _____ () C:\Program Files (x86)\OpenOffice 4\program\libxml2.dll
2014-07-29 13:34 - 2014-07-29 13:34 - 00170496 _____ () C:\Program Files (x86)\OpenOffice 4\program\libxslt.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3939777714-882395854-1159617953-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Bianka\Pictures\09_15_P5090046.JPG
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKU\S-1-5-21-3939777714-882395854-1159617953-1001\...\StartupApproved\Run: => "Skype"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{0CE5CF7B-5DBE-4DBE-B5F6-C0D5236C108B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{E3ED660B-CD44-49D0-B965-C7FD2C72FEE7}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{AA06CA47-1FBD-4BAE-BDA9-F17DB5A47C1C}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{DB6807F4-48F6-4465-A3B4-61895551CF18}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{C37C349D-8DFE-4561-B36A-85CF9C562833}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{047C4C49-8D94-48ED-A6CD-5333E2D675FD}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{3205A298-3828-4C76-B0A9-046569C8630E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{9780FBB0-5838-4E0F-A936-288E0CFC4E56}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{5EE0A4CA-D0BE-4EA2-B961-E93D647B9240}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{666D0BA6-7785-42B8-99ED-95D258FB2663}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{EE092216-6C1A-45DE-AD11-9BF91F998A41}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{0E364B41-ACCD-4053-B533-3D3F2F3E07C5}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{C726FF4D-7C57-47C4-B6B1-297B963A480D}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{0429B611-1E56-47DA-8660-859D47AB38F2}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{900309BC-45B9-48B1-9D6C-27FECD98EA9A}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{8C52154C-FC98-4DBB-9719-F5A831A6BCC2}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{7AB5AB13-626D-42DC-8262-09D02C005533}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe
FirewallRules: [{A8013614-99B6-476E-B9B5-5AD70B4858BC}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{7AFDC0C1-7808-421C-8BE6-020F292BD761}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe
FirewallRules: [{A3B9F61E-4744-43B1-9A4F-7096CC917862}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{CC8CF53F-F3B1-47A6-B1D5-7ABB4146900A}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{D4248B9E-0049-40A5-BB42-031EC16D8AD7}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{A3617924-CE0B-4875-B2CB-2DDD44475C9E}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{4FA7383E-A4E6-41F3-8E2C-B732146F8C97}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{EFB2FDA5-6759-4FF3-8C13-2E3B564B0D8C}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe
FirewallRules: [{F4F4548A-1530-4005-9F23-F33F19727C99}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{86E88A6D-4C71-4564-8DA0-2291A5C44E68}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe
FirewallRules: [{60E52576-F4C9-4AE4-93D9-0D7551A625BC}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{68C58FA2-9E5C-4DB8-9368-6140AEF7E3DB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FB29E85E-6577-4DF2-92EA-338A6A540006}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EFF9CD08-6446-405E-A96F-B23DEA208216}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3BF3FB5D-D6F7-4D19-AC48-D89A5AF2FCAD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{04E35453-A7AD-4229-BB1D-8A1F51A2859B}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{130EE2F0-33EC-4849-B4BA-49A634D3BFF9}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{BAA67CA2-CFA8-4601-8DD1-2178522EDF9D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{5DA7647D-C9ED-43E9-A43F-70D73710C335}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{F3F603E5-88BE-4FB7-9CD4-B5F3CA0AFD7C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{89ACC33D-6BEA-4541-9D4B-43930FF7E6A1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{9F59F8AC-060B-4356-ACB9-993B8EC36157}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{8155787D-16BC-4F8A-B72C-6BBA8976C8E1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{9E486F02-1EC6-438F-AC76-909EFD674784}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{3A012DC7-46F3-44D1-BE57-2A6BF389D91F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{3BBE98CC-ACB4-489A-A956-88F89D628FEA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{5F98F186-425A-43D8-9E52-16A3DF3C0D7F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{48B97D00-C251-4AEF-99B5-AB99903A5044}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{3B0555E7-D763-4DE1-8CAE-D4DEA051F35A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{0820FB7C-DB81-4A9C-8EAE-B2F9F2DE8A6E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{E427A732-8AFA-41E0-B056-13370F8CE81D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{8A2E3F81-646C-473A-BFF3-0428E8379A34}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{26770239-524E-46A3-9F4D-DF3D286F3DFA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{E1E3EEDC-D04D-47EF-B682-FEFF34E2B8A3}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{F24AE540-DC9D-4B4F-A77A-2630B81E381B}] => (Allow) E:\Programme\Opera\43.0.2442.991\opera.exe
FirewallRules: [{A052A64F-FD0E-47F6-9B34-051F42902B5E}] => (Allow) E:\Programme\Opera\43.0.2442.1144\opera.exe
FirewallRules: [{9F98E57E-2F32-433D-A9B9-2A6214A074A7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

18-02-2017 11:29:32 Intel(R) Technology Access
22-02-2017 19:23:43 Windows Update
05-03-2017 18:00:06 Geplanter Prüfpunkt

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (03/05/2017 10:33:19 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm chrome.exe, Version 56.0.2924.87 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 798

Startzeit: 01d295f7d10b632c

Endzeit: 60000

Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Berichts-ID: 2bcfd2a7-01eb-11e7-82ad-206a8ade4140

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (03/05/2017 10:27:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm chrome.exe, Version 56.0.2924.87 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 944

Startzeit: 01d295edc61a864a

Endzeit: 4294967295

Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Berichts-ID: d6027a12-01e1-11e7-82ad-206a8ade4140

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (03/05/2017 09:05:05 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm chrome.exe, Version 56.0.2924.87 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1f80

Startzeit: 01d295e8dc786c13

Endzeit: 31

Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Berichts-ID: 9bf5cb8f-01dd-11e7-82ad-206a8ade4140

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (03/05/2017 08:39:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm chrome.exe, Version 56.0.2924.87 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 914

Startzeit: 01d295e7e4fd2b35

Endzeit: 60000

Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Berichts-ID: 39f5cc66-01db-11e7-82ad-206a8ade4140

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (03/05/2017 08:32:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm chrome.exe, Version 56.0.2924.87 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1190

Startzeit: 01d295e4085babc6

Endzeit: 18

Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Berichts-ID: c0bab5a6-01d8-11e7-82ad-206a8ade4140

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (03/05/2017 07:43:48 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm chrome.exe, Version 56.0.2924.87 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1114

Startzeit: 01d295de94b8bb6c

Endzeit: 4294967295

Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Berichts-ID: 4200e56c-01d2-11e7-82ac-206a8ade4140

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (03/05/2017 06:45:01 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm chrome.exe, Version 56.0.2924.87 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: ee0

Startzeit: 01d295d39358a55e

Endzeit: 60000

Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Berichts-ID: 46769ae2-01cb-11e7-82ab-206a8ade4140

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (03/05/2017 02:38:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Notification.exe, Version: 6.0.3012.0, Zeitstempel: 0x53281d82
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.18340, Zeitstempel: 0x57366075
Ausnahmecode: 0xe0434352
Fehleroffset: 0x0000000000008a5c
ID des fehlerhaften Prozesses: 0x2044
Startzeit der fehlerhaften Anwendung: 0x01d295b5cb3ec928
Pfad der fehlerhaften Anwendung: C:\Program Files\Packard Bell\Packard Bell Recovery Management\Notification\Notification.exe
Pfad des fehlerhaften Moduls: C:\Windows\system32\KERNELBASE.dll
Berichtskennung: 0a84fac5-01a9-11e7-82aa-206a8ade4140
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (03/05/2017 02:38:40 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Notification.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.InvalidOperationException
   bei System.Diagnostics.Process.GetProcessHandle(Int32, Boolean)
   bei System.Diagnostics.Process.OpenProcessHandle(Int32)
   bei System.Diagnostics.Process.get_Handle()
   bei Notification.Form1.CheckAppContainer(System.Diagnostics.Process)
   bei Notification.Form1.CheckResolution()
   bei Notification.Form1..ctor()
   bei Notification.Program.Main()

Error: (03/05/2017 02:33:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm chrome.exe, Version 56.0.2924.87 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 2180

Startzeit: 01d295a96502212f

Endzeit: 4294967295

Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Berichts-ID: e45e5607-01a6-11e7-82aa-206a8ade4140

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:


Systemfehler:
=============
Error: (03/06/2017 08:08:35 PM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: Fehler "1053" in DCOM, als der Dienst "mcpltsvc" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{20966775-18A4-4299-B8E3-772C336B52A7}

Error: (03/06/2017 08:08:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee Platform Services" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (03/06/2017 08:08:35 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst McAfee Platform Services erreicht.

Error: (03/06/2017 08:08:34 PM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: Fehler "1053" in DCOM, als der Dienst "mcpltsvc" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{20966775-18A4-4299-B8E3-772C336B52A7}

Error: (03/06/2017 08:08:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee Platform Services" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (03/06/2017 08:08:34 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst McAfee Platform Services erreicht.

Error: (03/06/2017 08:08:34 PM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: Fehler "1053" in DCOM, als der Dienst "mcpltsvc" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{20966775-18A4-4299-B8E3-772C336B52A7}

Error: (03/06/2017 08:08:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee Platform Services" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (03/06/2017 08:08:34 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst McAfee Platform Services erreicht.

Error: (03/06/2017 08:08:34 PM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: Fehler "1053" in DCOM, als der Dienst "mcpltsvc" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{20966775-18A4-4299-B8E3-772C336B52A7}


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Celeron(R) CPU N2840 @ 2.16GHz
Prozentuale Nutzung des RAM: 43%
Installierter physikalischer RAM: 3977.98 MB
Verfügbarer physikalischer RAM: 2254.21 MB
Summe virtueller Speicher: 5321.98 MB
Verfügbarer virtueller Speicher: 3581.5 MB

==================== Laufwerke ================================

Drive c: (Packard Bell) (Fixed) (Total:205.07 GB) (Free:146.81 GB) NTFS
Drive e: (Volume) (Fixed) (Total:244.14 GB) (Free:66.41 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: B4119404)

Partition: GPT.

==================== Ende von Addition.txt ============================
         
Kaspersky TDSSKiller hat nichts gefunden!
__________________

Alt 07.03.2017, 15:58   #4
M-K-D-B
/// TB-Ausbilder
 
Trojan.Injector.MSIL in Quarantäne, trotzdem funktioniert Google Chrome nicht - Standard

Trojan.Injector.MSIL in Quarantäne, trotzdem funktioniert Google Chrome nicht



Servus,


es fehlen noch die Logdateien von TDSS-Killer und MBAM (mit den Funden).
__________________
Gruß
M-K-D-B


==========================================================
offline vom 22.12.2018 bis 01.01.2019
==========================================================

Das Trojaner-Board unterstützen

Alt 07.03.2017, 17:16   #5
BiAnka-LF
 
Trojan.Injector.MSIL in Quarantäne, trotzdem funktioniert Google Chrome nicht - Standard

KDSSKiller - Teil1



Code:
ATTFilter
21:48:50.0120 0x1a94  TDSS rootkit removing tool 3.1.0.12 Nov  7 2016 07:10:01
21:48:50.0120 0x1a94  UEFI system
21:49:32.0311 0x1a94  ============================================================
21:49:32.0312 0x1a94  Current date / time: 2017/03/06 21:49:32.0311
21:49:32.0312 0x1a94  SystemInfo:
21:49:32.0312 0x1a94  
21:49:32.0312 0x1a94  OS Version: 6.3.9600 ServicePack: 0.0
21:49:32.0312 0x1a94  Product type: Workstation
21:49:32.0312 0x1a94  ComputerName: JENSBIANKALIEBE
21:49:32.0312 0x1a94  UserName: Bianka
21:49:32.0312 0x1a94  Windows directory: C:\Windows
21:49:32.0312 0x1a94  System windows directory: C:\Windows
21:49:32.0312 0x1a94  Running under WOW64
21:49:32.0312 0x1a94  Processor architecture: Intel x64
21:49:32.0312 0x1a94  Number of processors: 2
21:49:32.0312 0x1a94  Page size: 0x1000
21:49:32.0312 0x1a94  Boot type: Normal boot
21:49:32.0312 0x1a94  CodeIntegrityOptions = 0x00000001
21:49:32.0313 0x1a94  ============================================================
21:49:32.0709 0x1a94  KLMD registered as C:\Windows\system32\drivers\99402334.sys
21:49:32.0710 0x1a94  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 9600.18505, osProperties = 0x19
21:49:33.0242 0x1a94  System UUID: {1AC36CBE-FF5E-C7D2-70E0-F345C98149D7}
21:49:34.0585 0x1a94  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:49:34.0635 0x1a94  ============================================================
21:49:34.0635 0x1a94  \Device\Harddisk0\DR0:
21:49:34.0636 0x1a94  GPT partitions:
21:49:34.0637 0x1a94  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {D3266109-50EA-4BD6-8C0D-0779033B4DFC}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x12C000
21:49:34.0637 0x1a94  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {67A6D2DC-1F60-476C-9F7D-D8FBC0AAC9AD}, Name: EFI system partition, StartLBA 0x12C800, BlocksNum 0x96000
21:49:34.0638 0x1a94  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {A1BC1AC1-A930-4066-AD4C-7DE7BC3FAAA9}, Name: Microsoft reserved partition, StartLBA 0x1C2800, BlocksNum 0x40000
21:49:34.0638 0x1a94  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {9130F390-B044-4E07-833A-7FA61E06CAC0}, Name: Basic data partition, StartLBA 0x202800, BlocksNum 0x19A26000
21:49:34.0639 0x1a94  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {3455B00D-F535-4B0A-8690-8A0DDF917BC6}, Name: Basic data partition, StartLBA 0x19C28800, BlocksNum 0x1E847800
21:49:34.0639 0x1a94  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {75A62438-8E5C-4CC2-A58C-860A3936C112}, Name: Basic data partition, StartLBA 0x38470800, BlocksNum 0x1F15800
21:49:34.0639 0x1a94  MBR partitions:
21:49:34.0639 0x1a94  ============================================================
21:49:34.0658 0x1a94  C: <-> \Device\Harddisk0\DR0\Partition4
21:49:34.0700 0x1a94  E: <-> \Device\Harddisk0\DR0\Partition5
21:49:34.0700 0x1a94  ============================================================
21:49:34.0700 0x1a94  Initialize success
21:49:34.0700 0x1a94  ============================================================
21:49:40.0510 0x024c  ============================================================
21:49:40.0511 0x024c  Scan started
21:49:40.0511 0x024c  Mode: Manual; 
21:49:40.0511 0x024c  ============================================================
21:49:40.0511 0x024c  KSN ping started
21:49:40.0711 0x024c  KSN ping finished: true
21:49:43.0646 0x024c  ================ Scan system memory ========================
21:49:43.0646 0x024c  System memory - ok
21:49:43.0650 0x024c  ================ Scan services =============================
21:49:43.0774 0x024c  0295171488827201mcinstcleanup - ok
21:49:43.0977 0x024c  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys
21:49:43.0998 0x024c  1394ohci - ok
21:49:44.0128 0x024c  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\Windows\system32\drivers\3ware.sys
21:49:44.0140 0x024c  3ware - ok
21:49:44.0233 0x024c  [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
21:49:44.0261 0x024c  ACPI - ok
21:49:44.0282 0x024c  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\Windows\system32\Drivers\acpiex.sys
21:49:44.0286 0x024c  acpiex - ok
21:49:44.0308 0x024c  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\Windows\System32\drivers\acpipagr.sys
21:49:44.0309 0x024c  acpipagr - ok
21:49:44.0317 0x024c  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\Windows\System32\drivers\acpipmi.sys
21:49:44.0319 0x024c  AcpiPmi - ok
21:49:44.0328 0x024c  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\Windows\System32\drivers\acpitime.sys
21:49:44.0330 0x024c  acpitime - ok
21:49:44.0397 0x024c  [ B932E0EE190778D840F1442DFC0F9612, 8780963F14D57279FDD585BE945ED40F24590D32676C7A9EF94002D38B8BA643 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:49:44.0412 0x024c  AdobeARMservice - ok
21:49:44.0591 0x024c  [ 89ECFB35517F62C3802B227F288B750E, 47B329FEC98DC634A9068D6B88A331B323D99E9C21D3FE330352210841E715CA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:49:44.0642 0x024c  AdobeFlashPlayerUpdateSvc - ok
21:49:44.0724 0x024c  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\Windows\system32\drivers\ADP80XX.SYS
21:49:44.0766 0x024c  ADP80XX - ok
21:49:44.0810 0x024c  [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
21:49:44.0818 0x024c  AeLookupSvc - ok
21:49:44.0886 0x024c  [ A460C3AF3755A2A79A3C8EFE72E147B5, 62CEA85DA53D86D3E7B5D79F94095C6126FFF3DEE1427BBF3DEF5EA366B4513B ] AFD             C:\Windows\system32\drivers\afd.sys
21:49:44.0916 0x024c  AFD - ok
21:49:44.0944 0x024c  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\Windows\system32\drivers\agp440.sys
21:49:44.0948 0x024c  agp440 - ok
21:49:44.0984 0x024c  [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache         C:\Windows\system32\DRIVERS\ahcache.sys
21:49:44.0989 0x024c  ahcache - ok
21:49:45.0029 0x024c  [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG             C:\Windows\System32\alg.exe
21:49:45.0040 0x024c  ALG - ok
21:49:45.0082 0x024c  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\Windows\System32\drivers\amdk8.sys
21:49:45.0143 0x024c  AmdK8 - ok
21:49:45.0192 0x024c  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\Windows\System32\drivers\amdppm.sys
21:49:45.0207 0x024c  AmdPPM - ok
21:49:45.0237 0x024c  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
21:49:45.0243 0x024c  amdsata - ok
21:49:45.0283 0x024c  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
21:49:45.0335 0x024c  amdsbs - ok
21:49:45.0365 0x024c  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
21:49:45.0368 0x024c  amdxata - ok
21:49:45.0411 0x024c  [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID           C:\Windows\system32\drivers\appid.sys
21:49:45.0417 0x024c  AppID - ok
21:49:45.0454 0x024c  [ 88358135810B9DFD830A9D3A8C3D149A, DF914DA3828EE2310895D156342E3B3DF5E8C6F6F9B851C359E82A1F48180D4B ] AppIDSvc        C:\Windows\System32\appidsvc.dll
21:49:45.0461 0x024c  AppIDSvc - ok
21:49:45.0501 0x024c  [ 734622FBA766DBD65B1803549B24A04A, 3B6872B87A60D4DA265D3B8AB0561A929CFE2C097419183E93D3843422363C89 ] Appinfo         C:\Windows\System32\appinfo.dll
21:49:45.0511 0x024c  Appinfo - ok
21:49:45.0590 0x024c  [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness    C:\Windows\system32\AppReadiness.dll
21:49:45.0628 0x024c  AppReadiness - ok
21:49:45.0726 0x024c  [ E0F846ADE7DED88981D0908DE56FF160, D8F536438091878724A5004849306ADFB96A2778A9D958ED3DCC0CD9E35160BB ] AppXSvc         C:\Windows\system32\appxdeploymentserver.dll
21:49:45.0798 0x024c  AppXSvc - ok
21:49:45.0832 0x024c  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\Windows\system32\drivers\arcsas.sys
21:49:45.0838 0x024c  arcsas - ok
21:49:45.0860 0x024c  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\Windows\system32\drivers\atapi.sys
21:49:45.0863 0x024c  atapi - ok
21:49:45.0898 0x024c  [ 8302D313DCC5536FE6BFB85165D9BB1E, CD9101D9CFE34F0D6CF5A6AD5C997CC5D32CCF5135B78604D0C3CD7252117C2D ] AthBTPort       C:\Windows\system32\DRIVERS\btath_flt.sys
21:49:45.0904 0x024c  AthBTPort - ok
21:49:45.0996 0x024c  [ 23C3686D98C650878602066093BAFDCA, 8D5B6D5ADB7A8706D84A4F16915290B50FCF76330954387D0964CD67C3BD1727 ] AtherosSvc      C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe
21:49:46.0025 0x024c  AtherosSvc - ok
21:49:46.0252 0x024c  [ 60EFDC0EE93A51C63C159C3BD06D25F3, 7108F32496E935FEB0C030A0BFCECC1A8D6BEF5BB8129E5B7D9309321E96C3EB ] athr            C:\Windows\system32\DRIVERS\athwbx.sys
21:49:46.0451 0x024c  athr - ok
21:49:46.0504 0x024c  [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
21:49:46.0524 0x024c  AudioEndpointBuilder - ok
21:49:46.0614 0x024c  [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
21:49:46.0657 0x024c  Audiosrv - ok
21:49:46.0693 0x024c  [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
21:49:46.0702 0x024c  AxInstSV - ok
21:49:46.0772 0x024c  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
21:49:46.0802 0x024c  b06bdrv - ok
21:49:46.0839 0x024c  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\Windows\System32\drivers\BasicDisplay.sys
21:49:46.0844 0x024c  BasicDisplay - ok
21:49:46.0871 0x024c  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender     C:\Windows\System32\drivers\BasicRender.sys
21:49:46.0875 0x024c  BasicRender - ok
21:49:46.0947 0x024c  [ 4BEFF67C1775D353A16A62347E727874, 62363C5E5F4BF049A3E49FADA8CB17269945056ACADB319FDC4F05B74E2553C8 ] BBSvc           C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BBSvc.exe
21:49:46.0989 0x024c  BBSvc - ok
21:49:47.0034 0x024c  [ A6DAAD3EA93DBDBD07FA821BCED133F6, 8F33D4E4B82091D09E62FD5487C88F3DF0DAC31FCBB846183CC4020533A131DE ] BBUpdate        C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.exe
21:49:47.0056 0x024c  BBUpdate - ok
21:49:47.0078 0x024c  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\Windows\System32\drivers\bcmfn2.sys
21:49:47.0081 0x024c  bcmfn2 - ok
21:49:47.0132 0x024c  [ 174394F4EF93C117BF7BE3878046A1B1, D58E868342D1DAFC4B04384A3713F729DF07F408AA6AE4762E6A4244F976526A ] BDESVC          C:\Windows\System32\bdesvc.dll
21:49:47.0199 0x024c  BDESVC - ok
21:49:47.0228 0x024c  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\Windows\system32\drivers\Beep.sys
21:49:47.0230 0x024c  Beep - ok
21:49:47.0324 0x024c  [ 5059D93764340D4EAEDF49C47133118F, 26C5779469E04BEAFD290B619CA355648F3911C66D41B22D2C3DCA909FCA0F6E ] BFE             C:\Windows\System32\bfe.dll
21:49:47.0374 0x024c  BFE - ok
21:49:47.0462 0x024c  [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS            C:\Windows\System32\qmgr.dll
21:49:47.0512 0x024c  BITS - ok
21:49:47.0568 0x024c  [ 4938A9236300A356F97E378491EE4844, 60D892960D48EEF48F8EC4DE4F174EBD0BC0E7B28B6D8723D554CD1979EB55B4 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
21:49:47.0578 0x024c  bowser - ok
21:49:47.0633 0x024c  [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
21:49:47.0670 0x024c  BrokerInfrastructure - ok
21:49:47.0714 0x024c  [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser         C:\Windows\System32\browser.dll
21:49:47.0728 0x024c  Browser - ok
21:49:47.0782 0x024c  [ 15BE0FCECAE5BC00FB3D339D3D1CF4E4, 7F77C73404044270AA0A4C9D6BD838564B5356ACA935982390A6EA11FA653AE0 ] BTATH_A2DP      C:\Windows\system32\drivers\btath_a2dp.sys
21:49:47.0824 0x024c  BTATH_A2DP - ok
21:49:47.0857 0x024c  [ 1FFA5E05F2DE32D9E65CFDA4B33D50FD, 9EC578F563A90C60F893817548195781893405AC8ED7F87C3B5F94F9842161A5 ] btath_avdt      C:\Windows\system32\drivers\btath_avdt.sys
21:49:47.0867 0x024c  btath_avdt - ok
21:49:47.0897 0x024c  [ AF7DEA6A0E93AF8517A310D189B656BE, 008FE5102EE6B73A8D9AFC2B0E563C6A3567167380FCEDC538278240D2AE1FD4 ] BTATH_BUS       C:\Windows\system32\drivers\btath_bus.sys
21:49:47.0899 0x024c  BTATH_BUS - ok
21:49:47.0924 0x024c  [ 785C38070043BEEE9E9D591DE4067244, 1C8D15B8A9E80A2799E7094C4AE111FEA9FBC6EAA4A61B13EFE59314C9794949 ] BTATH_LWFLT     C:\Windows\system32\DRIVERS\btath_lwflt.sys
21:49:47.0928 0x024c  BTATH_LWFLT - ok
21:49:47.0968 0x024c  [ 859A116D748FBA603AF94C251DC5CF97, D64061721BE01F86386C4B0168B166C6AD076630B2229036E1D368D877389D46 ] BTATH_RCP       C:\Windows\System32\drivers\btath_rcp.sys
21:49:47.0978 0x024c  BTATH_RCP - ok
21:49:48.0037 0x024c  [ 6BAA2BD613DB6440C8D2C864CA0EA5D7, 0B0C268BA443FFBB07A3ADC215669F911839A665F5DD3E4C7C21760B6365F5F2 ] BtFilter        C:\Windows\system32\DRIVERS\btfilter.sys
21:49:48.0067 0x024c  BtFilter - ok
21:49:48.0095 0x024c  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\Windows\System32\drivers\BthAvrcpTg.sys
21:49:48.0098 0x024c  BthAvrcpTg - ok
21:49:48.0137 0x024c  [ 1104A31260CCF4318C884E0AE6C513BF, A8F83B558944DEF0F84414A11DC3CB90C3A92377B46760EC0A9B8BC22FB0D5C7 ] BthEnum         C:\Windows\System32\drivers\BthEnum.sys
21:49:48.0141 0x024c  BthEnum - ok
21:49:48.0193 0x024c  [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum       C:\Windows\System32\drivers\bthhfenum.sys
21:49:48.0207 0x024c  BthHFEnum - ok
21:49:48.0227 0x024c  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\Windows\System32\drivers\BthHFHid.sys
21:49:48.0232 0x024c  bthhfhid - ok
21:49:48.0300 0x024c  [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv        C:\Windows\System32\BthHFSrv.dll
21:49:48.0327 0x024c  BthHFSrv - ok
21:49:48.0351 0x024c  [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum       C:\Windows\system32\DRIVERS\BthLEEnum.sys
21:49:48.0361 0x024c  BthLEEnum - ok
21:49:48.0386 0x024c  [ 66B791F6B11DC4303DD18A224A501542, 502AE4D6FFC6B0FCED081B0E0F61F699F96F20DFEE737B53828F5DEE3BD0FCB1 ] BTHMODEM        C:\Windows\System32\drivers\bthmodem.sys
21:49:48.0390 0x024c  BTHMODEM - ok
21:49:48.0431 0x024c  [ FEA8FC81431AD93F44D5FBFBBF096AA7, C0581DF6B2AD24836604B083F4866F93A3F4D9091D382029948A5E6221EDF788 ] BthPan          C:\Windows\System32\drivers\bthpan.sys
21:49:48.0442 0x024c  BthPan - ok
21:49:48.0550 0x024c  [ 0CC00ADC1B84C93FB46E1A0974E956E1, 64C759244651B916901F4D0C82C3D6034532A20714A72FD26FC9D050B99E230B ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
21:49:48.0594 0x024c  BTHPORT - ok
21:49:48.0637 0x024c  [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv         C:\Windows\system32\bthserv.dll
21:49:48.0641 0x024c  bthserv - ok
21:49:48.0689 0x024c  [ 08EA90955AED2D959EE67DF6EDF0E2B6, 0A70AA67E5DD24C473C66A570C0FEBA9D398A0F0AD8386FE05D01C4D16346968 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
21:49:48.0698 0x024c  BTHUSB - ok
21:49:48.0923 0x024c  [ C85FD6135D9D1C0B4391CC05759FD014, 1756AC9CB0C2FE57EF4BF9378540B9BA7AE4153EDE4BB9366A936B863A1D328D ] CCDMonitorService C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
21:49:49.0069 0x024c  CCDMonitorService - ok
21:49:49.0101 0x024c  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
21:49:49.0105 0x024c  cdfs - ok
21:49:49.0130 0x024c  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\Windows\System32\drivers\cdrom.sys
21:49:49.0139 0x024c  cdrom - ok
21:49:49.0181 0x024c  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc     C:\Windows\System32\certprop.dll
21:49:49.0195 0x024c  CertPropSvc - ok
21:49:49.0246 0x024c  [ 06FB15E8F933F22A59C79E5D87B41F64, 26FE8291AFBD0242171A17252B74800304F338A31B674190EDAA39D20DC00FF3 ] cfwids          C:\Windows\system32\drivers\cfwids.sys
21:49:49.0258 0x024c  cfwids - ok
21:49:49.0278 0x024c  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\Windows\System32\drivers\circlass.sys
21:49:49.0283 0x024c  circlass - ok
21:49:49.0364 0x024c  [ 9DA497AEAF35AA7BF7710132FC2A9906, D38DF749222BD0B6E8E6442CC79D56CF827A1430ACAB4F85F7FC469DD31A211C ] CLFS            C:\Windows\system32\drivers\CLFS.sys
21:49:49.0408 0x024c  CLFS - ok
21:49:49.0656 0x024c  [ C0252538508FE7E831B4C0D8CF7989BB, 7D53BB51E9315978FDF769784B9C526DB2740642F807FF4807E73E6DC80D6561 ] ClientAnalyticsService C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe
21:49:49.0745 0x024c  ClientAnalyticsService - ok
21:49:49.0784 0x024c  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\Windows\System32\drivers\CmBatt.sys
21:49:49.0787 0x024c  CmBatt - ok
21:49:49.0864 0x024c  [ EFC79D3224D19FD926FFEA0A24729FEF, 41B0B41F7270C82691453679E03194845B9AF08C28800BF39D3CEB7CB1530BB8 ] CNG             C:\Windows\system32\Drivers\cng.sys
21:49:49.0905 0x024c  CNG - ok
21:49:49.0946 0x024c  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\Windows\System32\drivers\CompositeBus.sys
21:49:49.0949 0x024c  CompositeBus - ok
21:49:49.0959 0x024c  COMSysApp - ok
21:49:49.0982 0x024c  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\Windows\system32\drivers\condrv.sys
21:49:49.0984 0x024c  condrv - ok
21:49:50.0059 0x024c  [ C5082FFE65B0672D06CCE39F45C3FF87, 21D38D7588A1BA628257D80EDA2103C9B7DD2DF6546420C6DD15F0E87BA773B5 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
21:49:50.0075 0x024c  cphs - ok
21:49:50.0130 0x024c  [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
21:49:50.0158 0x024c  CryptSvc - ok
21:49:50.0191 0x024c  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\Windows\system32\drivers\dam.sys
21:49:50.0197 0x024c  dam - ok
21:49:50.0322 0x024c  [ 7830CEA509693DE0817DF2F3F2D80E89, 7B1786CD225E2D6BCFA484D0BFB81DD162D5713EAEC80C53317CC6950E3D17F3 ] DcomLaunch      C:\Windows\system32\rpcss.dll
21:49:50.0354 0x024c  DcomLaunch - ok
21:49:50.0404 0x024c  [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc       C:\Windows\System32\defragsvc.dll
21:49:50.0427 0x024c  defragsvc - ok
21:49:50.0483 0x024c  [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\Windows\system32\das.dll
21:49:50.0508 0x024c  DeviceAssociationService - ok
21:49:50.0545 0x024c  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall   C:\Windows\system32\umpnpmgr.dll
21:49:50.0553 0x024c  DeviceInstall - ok
21:49:50.0597 0x024c  [ FBFF94FC1FE0699A6BC5ACE270AB9EA1, 7D67E7BE539D9D515A1A6B9282C72114310E874DD1FE51E71F002DBB0E1439FB ] Dfsc            C:\Windows\system32\Drivers\dfsc.sys
21:49:50.0607 0x024c  Dfsc - ok
21:49:50.0643 0x024c  [ 0F4A5D01156B948B54550375498B08A2, 1CAE3D744429A06E9C9EC46AC6B216AB68154EF8FACDD0721C47902B83820F56 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
21:49:50.0650 0x024c  dg_ssudbus - ok
21:49:50.0716 0x024c  [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp            C:\Windows\system32\dhcpcore.dll
21:49:50.0748 0x024c  Dhcp - ok
21:49:50.0871 0x024c  [ 0AC9F83A5508935DE89C447473085EEA, 223782B17BACEFB0A663EB13514B68B919C95EF641CDDA7AC30CB239BC4307EC ] DiagTrack       C:\Windows\system32\diagtrack.dll
21:49:50.0950 0x024c  DiagTrack - ok
21:49:50.0990 0x024c  [ 8B1E62881D5AC68E673CD94B136B34AC, A0C50F17041E43AC07B67A74F2C408820316201439F47CDEA37A4F5891CC0E6F ] disk            C:\Windows\system32\drivers\disk.sys
21:49:50.0994 0x024c  disk - ok
21:49:51.0028 0x024c  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\Windows\System32\drivers\dmvsc.sys
21:49:51.0030 0x024c  dmvsc - ok
21:49:51.0095 0x024c  [ 561CBB163EB3C8221D9B1D7D1E5CA477, 4D235E73CC127769A257B31A92180552276EC8DDD991F1106815FADEF385E72D ] Dnscache        C:\Windows\System32\dnsrslvr.dll
21:49:51.0155 0x024c  Dnscache - ok
21:49:51.0209 0x024c  [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc         C:\Windows\System32\dot3svc.dll
21:49:51.0240 0x024c  dot3svc - ok
21:49:51.0289 0x024c  [ 27069CFFF29B7F04F4B1BB10154BE52B, 6869626F9A1D3F64224883C5E661638CEE893A3E29651C7B9302A03E52180415 ] dot4            C:\Windows\system32\DRIVERS\Dot4.sys
21:49:51.0301 0x024c  dot4 - ok
21:49:51.0339 0x024c  [ 0BD906A79F9CE3013F7D9D0AC45F9F9D, 2F7D5082E7E226D5EBEA164A8ACEE0A447C96EB1829224A6EFA3E7B4EFEE1D14 ] Dot4Print       C:\Windows\System32\drivers\Dot4Prt.sys
21:49:51.0343 0x024c  Dot4Print - ok
21:49:51.0386 0x024c  [ B7D595F2F464F7B628AD53F06547792C, F5D06A91EF54FBF56305FCC882B854350B266B2A005D80CC77AEBC2929440729 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
21:49:51.0401 0x024c  dot4usb - ok
21:49:51.0478 0x024c  [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS             C:\Windows\system32\dps.dll
21:49:51.0510 0x024c  DPS - ok
21:49:51.0552 0x024c  [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
21:49:51.0556 0x024c  drmkaud - ok
21:49:51.0603 0x024c  [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc          C:\Windows\System32\DeviceSetupManager.dll
21:49:51.0634 0x024c  DsmSvc - ok
21:49:51.0771 0x024c  [ F74B839FA0F4E6060CA1DA6B8DA17941, EF493E1F55FCD6A8C32B3D5D5809B7EFCCC9829E9A347522D1E6FE080D41BF37 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
21:49:51.0831 0x024c  DXGKrnl - ok
21:49:51.0871 0x024c  [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost         C:\Windows\System32\eapsvc.dll
21:49:51.0879 0x024c  Eaphost - ok
21:49:52.0082 0x024c  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
21:49:52.0279 0x024c  ebdrv - ok
21:49:52.0315 0x024c  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS             C:\Windows\System32\lsass.exe
21:49:52.0319 0x024c  EFS - ok
21:49:52.0342 0x024c  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\Windows\system32\drivers\EhStorClass.sys
21:49:52.0347 0x024c  EhStorClass - ok
21:49:52.0380 0x024c  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\Windows\system32\drivers\EhStorTcgDrv.sys
21:49:52.0388 0x024c  EhStorTcgDrv - ok
21:49:52.0615 0x024c  [ F800FEA3F6865E506AC2B218F25F1E38, 25E8EE3D009D52EDEF9F67587EA8E9E0FFD6094F3971B9470B0A7AC018AD469D ] ePowerSvc       C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
21:49:52.0755 0x024c  ePowerSvc - ok
21:49:52.0777 0x024c  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\Windows\System32\drivers\errdev.sys
21:49:52.0779 0x024c  ErrDev - ok
21:49:52.0858 0x024c  [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem     C:\Windows\system32\es.dll
21:49:52.0879 0x024c  EventSystem - ok
21:49:52.0938 0x024c  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\Windows\system32\drivers\exfat.sys
21:49:52.0949 0x024c  exfat - ok
21:49:52.0981 0x024c  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
21:49:52.0992 0x024c  fastfat - ok
21:49:53.0059 0x024c  [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax             C:\Windows\system32\fxssvc.exe
21:49:53.0099 0x024c  Fax - ok
21:49:53.0109 0x024c  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\Windows\System32\drivers\fdc.sys
21:49:53.0112 0x024c  fdc - ok
21:49:53.0143 0x024c  [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost         C:\Windows\system32\fdPHost.dll
21:49:53.0146 0x024c  fdPHost - ok
21:49:53.0182 0x024c  [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub        C:\Windows\system32\fdrespub.dll
21:49:53.0187 0x024c  FDResPub - ok
21:49:53.0239 0x024c  [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc           C:\Windows\system32\fhsvc.dll
21:49:53.0259 0x024c  fhsvc - ok
21:49:53.0295 0x024c  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
21:49:53.0306 0x024c  FileInfo - ok
21:49:53.0336 0x024c  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
21:49:53.0342 0x024c  Filetrace - ok
21:49:53.0367 0x024c  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\Windows\System32\drivers\flpydisk.sys
21:49:53.0373 0x024c  flpydisk - ok
21:49:53.0435 0x024c  [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
21:49:53.0470 0x024c  FltMgr - ok
21:49:53.0592 0x024c  [ 1EFEF3B4EF2B241263F0F791EA128598, B6CADC254B0779E43E0D6AB6125A7E7ED8FF50C3158911681BA7B43160A08176 ] FontCache       C:\Windows\system32\FntCache.dll
21:49:53.0674 0x024c  FontCache - ok
21:49:53.0751 0x024c  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:49:53.0761 0x024c  FontCache3.0.0.0 - ok
21:49:53.0811 0x024c  [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
21:49:53.0818 0x024c  FsDepends - ok
21:49:53.0844 0x024c  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
21:49:53.0847 0x024c  Fs_Rec - ok
21:49:53.0928 0x024c  [ D4AB6EE3D715BC44C00277FD934FAACF, DE8A8B14D7BA73BA1B5A833DE193CA65EDFE512A57D84F4F2CE19D9646D97F4E ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
21:49:53.0973 0x024c  fvevol - ok
21:49:53.0999 0x024c  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\Windows\System32\drivers\fxppm.sys
21:49:54.0002 0x024c  FxPPM - ok
21:49:54.0024 0x024c  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
21:49:54.0028 0x024c  gagp30kx - ok
21:49:54.0065 0x024c  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\Windows\System32\drivers\vmgencounter.sys
21:49:54.0069 0x024c  gencounter - ok
21:49:54.0109 0x024c  [ 794F13178118C609BA4F59111EDB6758, 9B79A3E3ECA4493AE25231C7B158B41571A2960458E0F2DEBE3C8BF40F708188 ] GPIO            C:\Windows\System32\drivers\iaiogpioe.sys
21:49:54.0113 0x024c  GPIO - ok
21:49:54.0161 0x024c  [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101     C:\Windows\system32\Drivers\msgpioclx.sys
21:49:54.0182 0x024c  GPIOClx0101 - ok
21:49:54.0394 0x024c  [ 9678FD4747A4F2E2318245EE6099482E, C76AE30E8BA77DC330F9CFE5ECEA58FAE0995396742923B564A2257DE24D7B32 ] gpsvc           C:\Windows\System32\gpsvc.dll
21:49:54.0460 0x024c  gpsvc - ok
21:49:54.0575 0x024c  [ 2D8BBF6C7241AAD9EDE7708EBB7B43A4, 51AF8150C6CF738AF14F502E6BDAD1035773DD45980770E06393814B75259EF8 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:49:54.0621 0x024c  gupdate - ok
21:49:54.0660 0x024c  [ 2D8BBF6C7241AAD9EDE7708EBB7B43A4, 51AF8150C6CF738AF14F502E6BDAD1035773DD45980770E06393814B75259EF8 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:49:54.0674 0x024c  gupdatem - ok
21:49:54.0733 0x024c  [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:49:54.0755 0x024c  HdAudAddService - ok
21:49:54.0789 0x024c  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\Windows\System32\drivers\HDAudBus.sys
21:49:54.0796 0x024c  HDAudBus - ok
21:49:54.0816 0x024c  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\Windows\System32\drivers\HidBatt.sys
21:49:54.0819 0x024c  HidBatt - ok
21:49:54.0852 0x024c  [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth          C:\Windows\System32\drivers\hidbth.sys
21:49:54.0860 0x024c  HidBth - ok
21:49:54.0881 0x024c  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\Windows\System32\drivers\hidi2c.sys
21:49:54.0885 0x024c  hidi2c - ok
21:49:54.0914 0x024c  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\Windows\System32\drivers\hidir.sys
21:49:54.0918 0x024c  HidIr - ok
21:49:54.0966 0x024c  [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv         C:\Windows\system32\hidserv.dll
21:49:54.0977 0x024c  hidserv - ok
21:49:55.0018 0x024c  [ 49676FEC898AB2A11B157F848269A56E, 011E6DDEF9570212520F92FEFD205E1F8104F198B57C40D11BE857FCBCC5F68D ] HidUsb          C:\Windows\System32\drivers\hidusb.sys
21:49:55.0025 0x024c  HidUsb - ok
21:49:55.0088 0x024c  [ F60E629BADC03B5BCCF8AAE022651A64, 08D3BA75F3A43843F8F13D7EEA263E46A9452FAB3B30BFD389E4B0477675CB3B ] HipShieldK      C:\Windows\system32\drivers\HipShieldK.sys
21:49:55.0113 0x024c  HipShieldK - ok
21:49:55.0155 0x024c  [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc          C:\Windows\system32\kmsvc.dll
21:49:55.0180 0x024c  hkmsvc - ok
21:49:55.0264 0x024c  [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:49:55.0308 0x024c  HomeGroupListener - ok
21:49:55.0389 0x024c  [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:49:55.0432 0x024c  HomeGroupProvider - ok
21:49:55.0621 0x024c  [ 7515D791E39C9D75714FFDB954D12494, 4B2568FB4C48F8F01FA3EE59116F669FD8FAF1AF427C9262E36491970AB1126D ] HomeNetSvc      C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
21:49:55.0678 0x024c  HomeNetSvc - ok
21:49:55.0805 0x024c  [ 0D0213498683414DDE29B1686A4C08D5, E9B64406C04B6E55CBD17E7C47B023CEA11FEE07B791154129D6F4F29D15AB7F ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
21:49:55.0862 0x024c  hpqcxs08 - ok
21:49:55.0914 0x024c  [ EE281DD6843F3F697C1AD7933EEB1E9B, 1ECE31C2150B92DDC1DCBBCECFE3E979F2C60B3F106280E3167BEC0269BF7A41 ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
21:49:55.0938 0x024c  hpqddsvc - ok
21:49:55.0980 0x024c  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
21:49:55.0989 0x024c  HpSAMD - ok
21:49:56.0074 0x024c  [ EC80F3ECC5F8543E22BBCB037D837CA9, 23A4AE80A6C317CE77BD9D352CD9CED8649E3AD98A7C0A2044138BB20B46F398 ] HPSupportSolutionsFrameworkService C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
21:49:56.0082 0x024c  HPSupportSolutionsFrameworkService - ok
21:49:56.0219 0x024c  [ 76A6FDA32A21515B67633497D8FDB1E4, 7DCAEC3186EAFDD4A53BCD8AAE9B82CBA8871C89B929FFD3BA43E675B95B2495 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
21:49:56.0262 0x024c  HTTP - ok
21:49:56.0283 0x024c  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
21:49:56.0285 0x024c  hwpolicy - ok
21:49:56.0301 0x024c  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\Windows\System32\drivers\hyperkbd.sys
21:49:56.0303 0x024c  hyperkbd - ok
21:49:56.0330 0x024c  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\Windows\system32\DRIVERS\HyperVideo.sys
21:49:56.0332 0x024c  HyperVideo - ok
21:49:56.0370 0x024c  [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt        C:\Windows\System32\drivers\i8042prt.sys
21:49:56.0380 0x024c  i8042prt - ok
21:49:56.0404 0x024c  [ F49D75806D962F85C44E32A1AFB9B8E0, DF033C79C478EB2EA82466F1A7CB58FE17E7C23FE0F24E7B18718750E9F98FF3 ] iaioi2c         C:\Windows\System32\drivers\iaioi2ce.sys
21:49:56.0409 0x024c  iaioi2c - ok
21:49:56.0432 0x024c  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
21:49:56.0436 0x024c  iaLPSSi_GPIO - ok
21:49:56.0465 0x024c  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\Windows\System32\drivers\iaLPSSi_I2C.sys
21:49:56.0473 0x024c  iaLPSSi_I2C - ok
21:49:56.0521 0x024c  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\Windows\system32\drivers\iaStorAV.sys
21:49:56.0549 0x024c  iaStorAV - ok
21:49:56.0571 0x024c  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
21:49:56.0586 0x024c  iaStorV - ok
21:49:56.0640 0x024c  [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS            C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
21:49:56.0655 0x024c  ICCS - ok
21:49:56.0737 0x024c  [ DAF66902F08796F9C694901660E5A64A, F4A4764DED05980426BAB54AAF040BC27A39C80315F5161E8D0B4C7F694BD8E6 ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
21:49:56.0752 0x024c  IDriverT - ok
21:49:56.0775 0x024c  IEEtwCollectorService - ok
21:49:57.0005 0x024c  [ 623DB9620F552B480690AD882AFACED1, F44039122CF6001CB40A4032D3C108D9A83F06FC700A5B47D83EF605F83C9D2F ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
21:49:57.0212 0x024c  igfx - ok
21:49:57.0251 0x024c  [ 5264EE143875DDEA0E8CF8540C2AA743, D3A9F6A8FEDC74DFC986432DF5DC1A15048D7FB165E52A38F1269563B0D01A66 ] igfxCUIService1.0.0.0 C:\Windows\system32\igfxCUIService.exe
21:49:57.0263 0x024c  igfxCUIService1.0.0.0 - ok
21:49:57.0346 0x024c  [ 5697FD05EC6915A1E7193D658D8D6E05, 0179C3AF29880AA21F609CB471034EA5FA49324ACCE12736866675C037EBEC7A ] IKEEXT          C:\Windows\System32\ikeext.dll
21:49:57.0391 0x024c  IKEEXT - ok
21:49:57.0420 0x024c  [ FC7C456AF9B9811499EDBD10616832EE, CA2D8B0E672D3AE449C2FF0B9E142D74E8C72FD877D11162A9F7CC51AF58220F ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
21:49:57.0423 0x024c  intaud_WaveExtensible - ok
21:49:57.0647 0x024c  [ AAB0607E015F07D342DD3CB04A311257, 681EE04F24D7DEC1E3C02549E7A5C70E2AA6D342ED9F3819178E03E8747F9277 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:49:57.0843 0x024c  IntcAzAudAddService - ok
21:49:57.0888 0x024c  [ 890144FA6AB42F2B54EE633BF96A019A, 8741904C66170BA11C78D31681E3759537C0BF2338538678BC64234DB8FDE93F ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
21:49:57.0911 0x024c  IntcDAud - ok
21:49:57.0997 0x024c  [ 768DD5CB66952BC4A3BD474757AEE34F, 5A1F91FC8028D84FD83591D60CB7E3B24425C3B0FFF5A9BB0F7CE2E17AAB92D4 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
21:49:58.0030 0x024c  Intel(R) Capability Licensing Service Interface - ok
21:49:58.0073 0x024c  [ 7C9ED65324CF268ACBA8024257F782D8, 1DC43DBA3612E26454D7786DEB0538B44A736B67EC99642B4CC574D8A03E0DC7 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
21:49:58.0107 0x024c  Intel(R) Capability Licensing Service TCP IP Interface - ok
21:49:58.0126 0x024c  Intel(R) TA SAM - ok
21:49:58.0196 0x024c  [ 5F158EFE9E72A5D6EDB9A59B3966A972, 8052CE286B9CC94ABBE9DC36A0D66A4DC45FE381D41C6CEBDAD8ABD78113C2EB ] Intel(R) Technology Access Legacy CS Loader C:\Program Files\Intel Corporation\Intel(R) Technology Access\LegacyCsLoaderService.exe
21:49:58.0222 0x024c  Intel(R) Technology Access Legacy CS Loader - ok
21:49:58.0306 0x024c  [ BA2EF85C5B79DE726B0C87587EEE6D90, 51A60B377E9A1F7C1EE88357CB5B63F8036D4CB977B37C4669BED88029A68721 ] Intel(R) TechnologyAccessService C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe
21:49:58.0356 0x024c  Intel(R) TechnologyAccessService - ok
21:49:58.0383 0x024c  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\Windows\system32\drivers\intelide.sys
21:49:58.0386 0x024c  intelide - ok
21:49:58.0425 0x024c  [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep        C:\Windows\system32\drivers\intelpep.sys
21:49:58.0429 0x024c  intelpep - ok
21:49:58.0457 0x024c  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\Windows\System32\drivers\intelppm.sys
21:49:58.0466 0x024c  intelppm - ok
21:49:58.0489 0x024c  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:49:58.0495 0x024c  IpFilterDriver - ok
21:49:58.0604 0x024c  [ B452623C1DE60544054E784D94A7AA47, 57AECDEE0AB2B80DFFE11E43608988D46E9169288CB56D644DDE2CAFED6AFD40 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
21:49:58.0657 0x024c  iphlpsvc - ok
21:49:58.0696 0x024c  [ C800DCD904016B2BF6AB541083770A3A, 95A8FB9AB2818A4F44AFCBF2715B0B3024DCE38E1406EA639F2A5ECA105D2290 ] IPMIDRV         C:\Windows\System32\drivers\IPMIDrv.sys
21:49:58.0700 0x024c  IPMIDRV - ok
21:49:58.0742 0x024c  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
21:49:58.0754 0x024c  IPNAT - ok
21:49:58.0780 0x024c  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\Windows\system32\drivers\irenum.sys
21:49:58.0783 0x024c  IRENUM - ok
21:49:58.0794 0x024c  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\Windows\system32\drivers\isapnp.sys
21:49:58.0798 0x024c  isapnp - ok
21:49:58.0863 0x024c  [ AD3C1F4BD9167420F04052FDA197CF29, 82B687092DFC50E8885656AF06BFB7559930750F4905BC4DBDA3A5D334A443D1 ] iScsiPrt        C:\Windows\System32\drivers\msiscsi.sys
21:49:58.0882 0x024c  iScsiPrt - ok
21:49:58.0947 0x024c  [ 622BF9C46A47CF17608C501320E8EFBD, 059F99D4306216324E100FCDAF02093B2CD662F2C6BE8565A4281E7760F8B575 ] iumsvc          C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
21:49:58.0992 0x024c  iumsvc - ok
21:49:59.0045 0x024c  [ A90C843F4FDD7A07129BA73C6BE13976, A76DEA9F09E3B2F18D3B646A0DD39E2773EC62E2F3C55421BA61C12190D78C1C ] iwdbus          C:\Windows\System32\drivers\iwdbus.sys
21:49:59.0054 0x024c  iwdbus - ok
21:49:59.0094 0x024c  [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass        C:\Windows\System32\drivers\kbdclass.sys
21:49:59.0103 0x024c  kbdclass - ok
21:49:59.0137 0x024c  [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid          C:\Windows\System32\drivers\kbdhid.sys
21:49:59.0142 0x024c  kbdhid - ok
21:49:59.0174 0x024c  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\Windows\system32\DRIVERS\kdnic.sys
21:49:59.0177 0x024c  kdnic - ok
21:49:59.0201 0x024c  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso          C:\Windows\system32\lsass.exe
21:49:59.0209 0x024c  KeyIso - ok
21:49:59.0257 0x024c  [ 304DA394D958BC3B62AF6DF514005B01, 8D17777C82F034E800181E82D30FCED800CBC46CD659AE2E0D972CA1381BD4C2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
21:49:59.0269 0x024c  KSecDD - ok
21:49:59.0353 0x024c  [ 3D4AE520CD6F6FFE549DD195C1F515BE, 2AD3E07F504CE50956C391FD4633D20B354A854C940B3563A67B79BB6E40218F ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
21:49:59.0378 0x024c  KSecPkg - ok
21:49:59.0416 0x024c  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
21:49:59.0419 0x024c  ksthunk - ok
21:49:59.0451 0x024c  [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm           C:\Windows\system32\msdtckrm.dll
21:49:59.0470 0x024c  KtmRm - ok
21:49:59.0554 0x024c  [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer    C:\Windows\system32\srvsvc.dll
21:49:59.0579 0x024c  LanmanServer - ok
21:49:59.0699 0x024c  [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:49:59.0731 0x024c  LanmanWorkstation - ok
21:49:59.0796 0x024c  [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc           C:\Windows\System32\GeofenceMonitorService.dll
21:49:59.0846 0x024c  lfsvc - ok
21:49:59.0878 0x024c  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
21:49:59.0883 0x024c  lltdio - ok
21:49:59.0936 0x024c  [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc         C:\Windows\System32\lltdsvc.dll
21:49:59.0967 0x024c  lltdsvc - ok
21:49:59.0997 0x024c  [ 4ACC60B4CBC911F3F34A1D66213BBBF5, C09A87ACAE0D41FD425BAF076FFE9B601DB89BB66199E5BD72FC59C6A8E449DB ] LMDriver        C:\Windows\System32\drivers\LMDriver.sys
21:50:00.0000 0x024c  LMDriver - ok
21:50:00.0032 0x024c  [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts         C:\Windows\System32\lmhsvc.dll
21:50:00.0039 0x024c  lmhosts - ok
21:50:00.0090 0x024c  [ 5059A4211317A8272F53B6179BB6A631, A2EB1BE89520A34597373635503A751B37B8EFD95820B4CAA1CE9A68A471AF73 ] LMSvc           C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMSvc.exe
21:50:00.0121 0x024c  LMSvc - ok
21:50:00.0146 0x024c  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
21:50:00.0152 0x024c  LSI_SAS - ok
21:50:00.0202 0x024c  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
21:50:00.0210 0x024c  LSI_SAS2 - ok
21:50:00.0238 0x024c  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\Windows\system32\drivers\lsi_sas3.sys
21:50:00.0243 0x024c  LSI_SAS3 - ok
21:50:00.0257 0x024c  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\Windows\system32\drivers\lsi_sss.sys
21:50:00.0261 0x024c  LSI_SSS - ok
21:50:00.0343 0x024c  [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM             C:\Windows\System32\lsm.dll
21:50:00.0395 0x024c  LSM - ok
21:50:00.0421 0x024c  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\Windows\system32\drivers\luafv.sys
21:50:00.0426 0x024c  luafv - ok
21:50:00.0481 0x024c  [ A0A527569856B9814E8920F52EBB67F5, 4347277C84B47E4CC048850BDEFB258CFB3B476AA99FD503FD71FBB70FFF5ACF ] LVRS64          C:\Windows\system32\DRIVERS\lvrs64.sys
21:50:00.0538 0x024c  LVRS64 - ok
21:50:00.0803 0x024c  [ 415E344294D1C0D04627B29146F68481, B4A1A05BDF07E8F226A98E51F62BE18BE2C046A084C495BD8A95CABC79FD0614 ] LVUVC64         C:\Windows\system32\DRIVERS\lvuvc64.sys
21:50:01.0038 0x024c  LVUVC64 - ok
21:50:01.0394 0x024c  [ 804E3246E3E73D4A936F2F4BCDC53A2D, BF1F9B4AC292238FA6EE541E325B220F311977F9D87D5BC7F90AD058FBF0B35A ] MBAMService     E:\Programme\Malwarebytes\Anti-Malware\mbamservice.exe
21:50:01.0514 0x024c  MBAMService - ok
21:50:01.0583 0x024c  [ BDE2FC7213C0897524C1357BAAE30239, 1E1AB68145107429217E07A662477C86406E0188BE9F01CAC416AC13054D1A5E ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
21:50:01.0626 0x024c  MBAMSwissArmy - ok
21:50:01.0732 0x024c  [ 69F56C3A8A442A891FC5A274CE3BCBB2, 429E6A5D57975219D0893E48C1C25E88919D6BC0C37B8B560B2D2863A480C696 ] McAfee SiteAdvisor Service C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
21:50:01.0754 0x024c  McAfee SiteAdvisor Service - ok
21:50:01.0880 0x024c  [ 56A485A5B702DB8AB32122A2EAD2694E, 28BF10E3CA295246B6A133B3CBA4C84C7AF3726185916CBB26645184F8C5EE25 ] McAPExe         C:\Program Files\Common Files\McAfee\VSCore_15_6\McApExe.exe
21:50:01.0921 0x024c  McAPExe - ok
21:50:01.0959 0x024c  [ 7515D791E39C9D75714FFDB954D12494, 4B2568FB4C48F8F01FA3EE59116F669FD8FAF1AF427C9262E36491970AB1126D ] McBootDelayStartSvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
21:50:01.0977 0x024c  McBootDelayStartSvc - ok
21:50:02.0204 0x024c  [ 080B4F6A1A8ADB39852C3AE8602E2D85, 22AF98641807648B6E2FF0B76AFD009FDAB6BC086C7B16790AB7726B6A4A9476 ] mccspsvc        C:\Program Files\Common Files\McAfee\CSP\2.3.290.0\\McCSPServiceHost.exe
21:50:02.0312 0x024c  mccspsvc - ok
21:50:02.0367 0x024c  [ 7515D791E39C9D75714FFDB954D12494, 4B2568FB4C48F8F01FA3EE59116F669FD8FAF1AF427C9262E36491970AB1126D ] McMPFSvc        C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
21:50:02.0387 0x024c  McMPFSvc - ok
21:50:02.0418 0x024c  [ 7515D791E39C9D75714FFDB954D12494, 4B2568FB4C48F8F01FA3EE59116F669FD8FAF1AF427C9262E36491970AB1126D ] McNaiAnn        C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
21:50:02.0437 0x024c  McNaiAnn - ok
21:50:02.0606 0x024c  [ A50E64755DFC7777BA2AFA5AE53E9F01, 6A64EBA9307F8AADF723517950D4DB5AE0FCB2714ACC861E468CDBBF24FE39E8 ] McODS           C:\Program Files\McAfee\VirusScan\mcods.exe
21:50:02.0663 0x024c  McODS - ok
21:50:02.0693 0x024c  [ 7515D791E39C9D75714FFDB954D12494, 4B2568FB4C48F8F01FA3EE59116F669FD8FAF1AF427C9262E36491970AB1126D ] mcpltsvc        C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
21:50:02.0713 0x024c  mcpltsvc - ok
21:50:02.0742 0x024c  [ 7515D791E39C9D75714FFDB954D12494, 4B2568FB4C48F8F01FA3EE59116F669FD8FAF1AF427C9262E36491970AB1126D ] McProxy         C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
21:50:02.0761 0x024c  McProxy - ok
21:50:02.0796 0x024c  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\Windows\system32\drivers\megasas.sys
21:50:02.0800 0x024c  megasas - ok
21:50:02.0847 0x024c  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\Windows\system32\drivers\megasr.sys
21:50:02.0872 0x024c  megasr - ok
21:50:02.0937 0x024c  [ 6820218B1C5EE9037955B337CBB4142B, 85B12BABFFB371C9FF6A20EE795DD33CD8DD784D3CBCF2DEC65E57A3D45EC029 ] mfeaack         C:\Windows\system32\drivers\mfeaack.sys
21:50:02.0968 0x024c  mfeaack - ok
21:50:02.0994 0x024c  [ 2B1A0FF97C0E065CB83A9A897ECE9F15, 63A2CF428A3F315F9019B7C34E45AEE259BCD468D49B313A44961529581FE40D ] mfeavfk         C:\Windows\system32\drivers\mfeavfk.sys
21:50:03.0007 0x024c  mfeavfk - ok
21:50:03.0046 0x024c  [ FE970DF83C4E999998AB440ECAD7D0E7, 7394B5837C8F14A889DE228E7833C0F08FBFF8A40DCA9EA775ADB3A3D67E0178 ] mfeelamk        C:\Windows\system32\drivers\mfeelamk.sys
21:50:03.0050 0x024c  mfeelamk - ok
21:50:03.0087 0x024c  [ 313DA2DB8E3F908980FBEBC511F30A50, FA1D3F766DED7C4765AD51B985FD1E65C03315E9ED377BF0CEF14B8D01DC7B06 ] mfefire         C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
21:50:03.0099 0x024c  mfefire - ok
21:50:03.0159 0x024c  [ 472EC3FF35A7D038155F189EC62E2F72, B97E6792FB7FFF7DF356F44955DD733009D900859247F8E4CA06844E2DB9C9CB ] mfefirek        C:\Windows\system32\drivers\mfefirek.sys
21:50:03.0191 0x024c  mfefirek - ok
21:50:03.0292 0x024c  [ F11A7C2408C4691137E33D82F61221BC, 706DC1AD05245246740CC9572700F65675276E7D550648B4DDDC6BFEFC2272CF ] mfehidk         C:\Windows\system32\drivers\mfehidk.sys
21:50:03.0336 0x024c  mfehidk - ok
21:50:03.0390 0x024c  [ A185B311B7053F8E9313C835D654862E, 79DA7726F887B82E98F6245B840144202D2B0CE811863DCDCE42F1912FBF6545 ] mfemms          C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe
21:50:03.0410 0x024c  mfemms - ok
21:50:03.0670 0x024c  [ 261B1A6F691FEBC2F34057BF72010CD9, 589A18AD1C74B1766EB08D9EA5AA46224964D54A50EA7A485660C65A8CA7AEBE ] mfencbdc        C:\Windows\system32\DRIVERS\mfencbdc.sys
21:50:03.0698 0x024c  mfencbdc - ok
21:50:03.0737 0x024c  [ 54A804B0A4E77542D2E7331F593137C3, B9C8B94D7C22B28CF8E5AADB088510D92C73154A48A51F220B4375C51DE829BE ] mfencrk         C:\Windows\system32\DRIVERS\mfencrk.sys
21:50:03.0742 0x024c  mfencrk - ok
21:50:03.0774 0x024c  [ 7C2C87D65568F9276100E99B9D225DC4, B2AEC1D5DC528E075F80B6242907C5D2E9A0C82DB59E0FE1114E31E4D90A4533 ] mfeplk          C:\Windows\system32\drivers\mfeplk.sys
21:50:03.0779 0x024c  mfeplk - ok
21:50:03.0849 0x024c  [ DA49A90A69B3284FD11B6F02D0209A99, 759380964E6450FF21FB9A2BD23BA0394B005EC332E714D40D47262FCDC6CFE9 ] mfesapsn        C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys
21:50:03.0859 0x024c  mfesapsn - ok
21:50:03.0939 0x024c  [ BF65650E76D1DB5D49D0C15B79419C34, 106339F6968A33020DA3C56F31A9750DB588518C5DBCDED20A31B300905B90AF ] mfevtp          C:\Windows\system32\mfevtps.exe
21:50:03.0987 0x024c  mfevtp - ok
21:50:04.0033 0x024c  [ 798D11CE31982A628DB55AF6A1B499FD, E6A69F45218645BF2193206FF0797E19E6BA37AC5D123762E57C8A77CE11FA6E ] mfewfpk         C:\Windows\system32\drivers\mfewfpk.sys
21:50:04.0073 0x024c  mfewfpk - ok
21:50:04.0110 0x024c  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS           C:\Windows\system32\mmcss.dll
21:50:04.0123 0x024c  MMCSS - ok
21:50:04.0150 0x024c  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\Windows\system32\drivers\modem.sys
21:50:04.0155 0x024c  Modem - ok
21:50:04.0316 0x024c  [ A33B71D493BA379312B176A27FB5B085, 81A4D286BAB7A51F56AD23610A2F3137BAAFC94FBCF5F3341DF136F0EEBA99D8 ] ModuleCoreService C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
21:50:04.0390 0x024c  ModuleCoreService - ok
21:50:04.0410 0x024c  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\Windows\System32\drivers\monitor.sys
21:50:04.0413 0x024c  monitor - ok
21:50:04.0432 0x024c  [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass        C:\Windows\System32\drivers\mouclass.sys
21:50:04.0436 0x024c  mouclass - ok
21:50:04.0455 0x024c  [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid          C:\Windows\System32\drivers\mouhid.sys
21:50:04.0458 0x024c  mouhid - ok
21:50:04.0490 0x024c  [ 24DABC0A77FAFDC0E379AB3B30F61BB6, E66624ABBF1D742879035F9161F9D3713DE7B759B3D3CF8B96C9E397A02FCF82 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
21:50:04.0495 0x024c  mountmgr - ok
21:50:04.0530 0x024c  [ 0DE2474F316C515482ABAD3B697F8714, 62862AE7432F5350068E96AD466093359C6CF444EB517AE6D09134FAF78C49F5 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:50:04.0537 0x024c  MozillaMaintenance - ok
21:50:04.0583 0x024c  [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
21:50:04.0587 0x024c  mpsdrv - ok
21:50:04.0676 0x024c  [ D1418745A5472F3930A288E05B9E2C05, 95785F0FA7EE239459C0288DB37E9E54648029FD6FE45A61E6343526D67FFA32 ] MpsSvc          C:\Windows\system32\mpssvc.dll
21:50:04.0763 0x024c  MpsSvc - ok
21:50:04.0808 0x024c  [ 3F818C1518DA702C8F10259095C9BDE0, B98C1A6F9A3C01A10503B2B2C45CC89AFF17B346B15990F4DB4820F68BDC62C8 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
21:50:04.0819 0x024c  MRxDAV - ok
21:50:04.0858 0x024c  [ C3B0566DE49265AE98405825938C20A1, F8BCA4A5AF21B841C998D4772DA9FF84E45F1356AA1285A1D48C06574A81CA4C ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
21:50:04.0872 0x024c  mrxsmb - ok
21:50:04.0960 0x024c  [ 15D7AF1A26CCEBA32DF21A8E2098F463, 84390806AD3A9651DAB803E9257EEE851B898ED2AB56D8936E8C9F6B41967243 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:50:05.0017 0x024c  mrxsmb10 - ok
21:50:05.0120 0x024c  [ 0790EEB1EC199F8BE8259E47B373ED23, F9330F43B40675CCB60804182EF04BFBA3837ED14C798788A4B27D65A646D1C7 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:50:05.0158 0x024c  mrxsmb20 - ok
21:50:05.0208 0x024c  [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge        C:\Windows\system32\DRIVERS\bridge.sys
21:50:05.0242 0x024c  MsBridge - ok
21:50:05.0302 0x024c  [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC           C:\Windows\System32\msdtc.exe
21:50:05.0345 0x024c  MSDTC - ok
21:50:05.0413 0x024c  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\Windows\system32\drivers\Msfs.sys
21:50:05.0418 0x024c  Msfs - ok
21:50:05.0447 0x024c  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\Windows\System32\drivers\msgpiowin32.sys
21:50:05.0452 0x024c  msgpiowin32 - ok
21:50:05.0470 0x024c  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
21:50:05.0473 0x024c  mshidkmdf - ok
21:50:05.0492 0x024c  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\Windows\System32\drivers\mshidumdf.sys
21:50:05.0493 0x024c  mshidumdf - ok
21:50:05.0521 0x024c  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
21:50:05.0524 0x024c  msisadrv - ok
21:50:05.0570 0x024c  [ A06142B3850B06972F1C89748FAA2C02, B1CCC5C8D100FEB384FCC85FED2A77F47DA4C9BA5F6889A130F4D73E30ACAA78 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
21:50:05.0582 0x024c  MSiSCSI - ok
21:50:05.0593 0x024c  msiserver - ok
21:50:05.0642 0x024c  [ 7515D791E39C9D75714FFDB954D12494, 4B2568FB4C48F8F01FA3EE59116F669FD8FAF1AF427C9262E36491970AB1126D ] MSK80Service    C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
21:50:05.0660 0x024c  MSK80Service - ok
21:50:05.0685 0x024c  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
21:50:05.0687 0x024c  MSKSSRV - ok
21:50:05.0727 0x024c  [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp          C:\Windows\system32\DRIVERS\mslldp.sys
21:50:05.0733 0x024c  MsLldp - ok
21:50:05.0765 0x024c  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
21:50:05.0768 0x024c  MSPCLOCK - ok
21:50:05.0794 0x024c  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
21:50:05.0796 0x024c  MSPQM - ok
21:50:05.0835 0x024c  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
21:50:05.0902 0x024c  MsRPC - ok
21:50:05.0938 0x024c  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\Windows\System32\drivers\mssmbios.sys
21:50:05.0944 0x024c  mssmbios - ok
21:50:05.0971 0x024c  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
21:50:05.0974 0x024c  MSTEE - ok
21:50:05.0998 0x024c  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\Windows\System32\drivers\MTConfig.sys
         


Alt 07.03.2017, 17:19   #6
BiAnka-LF
 
Trojan.Injector.MSIL in Quarantäne, trotzdem funktioniert Google Chrome nicht - Standard

KDSSKiller - Teil2



Code:
ATTFilter
21:50:06.0002 0x024c  MTConfig - ok
21:50:06.0046 0x024c  [ 438EA7A2D8D4F9B8AFB64748ACA70BA8, AEEB7B657B645C4006C6D5E8D07ECE581DEE7AD22EA1A587C552574990CF091B ] Mup             C:\Windows\system32\Drivers\mup.sys
21:50:06.0056 0x024c  Mup - ok
21:50:06.0087 0x024c  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\Windows\system32\drivers\mvumis.sys
21:50:06.0094 0x024c  mvumis - ok
21:50:06.0182 0x024c  [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent        C:\Windows\system32\qagentRT.dll
21:50:06.0258 0x024c  napagent - ok
21:50:06.0332 0x024c  [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
21:50:06.0353 0x024c  NativeWifiP - ok
21:50:06.0400 0x024c  [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc          C:\Windows\System32\ncasvc.dll
21:50:06.0430 0x024c  NcaSvc - ok
21:50:06.0470 0x024c  [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService      C:\Windows\System32\ncbservice.dll
21:50:06.0482 0x024c  NcbService - ok
21:50:06.0523 0x024c  [ 0813B71EAF097208DC76CE0605B48AF0, A93A2E6A8FB77B58AC4D580E6F8BF307A25BADC9493994F9BE235EBFB0E1DB22 ] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll
21:50:06.0536 0x024c  NcdAutoSetup - ok
21:50:06.0628 0x024c  [ 97DC5967F65503213FD1F1B3E4A6F983, 3EC515856C7CE9B30032F963DC04190F66EE62402A819781DC45B7D088C84229 ] NDIS            C:\Windows\system32\drivers\ndis.sys
21:50:06.0686 0x024c  NDIS - ok
21:50:06.0738 0x024c  [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
21:50:06.0742 0x024c  NdisCap - ok
21:50:06.0798 0x024c  [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform  C:\Windows\system32\DRIVERS\NdisImPlatform.sys
21:50:06.0816 0x024c  NdisImPlatform - ok
21:50:06.0850 0x024c  [ F6CAD1FD269E8FFE4DACF0F7A653CB02, 46476469CE07348EA69202E954D969A899553A93B7B224E09882564811DD48BF ] ndisrd          C:\Windows\system32\DRIVERS\ndisrfl.sys
21:50:06.0855 0x024c  ndisrd - ok
21:50:06.0917 0x024c  [ 82821F4EEC776B4CF11695A38F3ABA46, 23184F9D31E662855DC4D23EFE7C2FE00E5487D3762B6024704A5D8C87762E1C ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
21:50:06.0925 0x024c  NdisTapi - ok
21:50:07.0012 0x024c  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
21:50:07.0025 0x024c  Ndisuio - ok
21:50:07.0059 0x024c  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\Windows\System32\drivers\NdisVirtualBus.sys
21:50:07.0064 0x024c  NdisVirtualBus - ok
21:50:07.0124 0x024c  [ C3755FCF9A0B5C6FE8ED9E873B85D3CE, 4D3DAFAFA5FB2930522D6DA536E3A731BABE0C24613C190D2330DB415D1A6515 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
21:50:07.0171 0x024c  NdisWan - ok
21:50:07.0199 0x024c  [ C3755FCF9A0B5C6FE8ED9E873B85D3CE, 4D3DAFAFA5FB2930522D6DA536E3A731BABE0C24613C190D2330DB415D1A6515 ] NdisWanLegacy   C:\Windows\system32\DRIVERS\ndiswan.sys
21:50:07.0209 0x024c  NdisWanLegacy - ok
21:50:07.0266 0x024c  [ DDD7F92A83F74D1476B71FBA9530A8DC, D3F94FC9F48854E09B0B77CE5E1C1DB948D54EAC63C5583437051BB893B5A386 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
21:50:07.0281 0x024c  NDProxy - ok
21:50:07.0337 0x024c  [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu             C:\Windows\system32\drivers\Ndu.sys
21:50:07.0347 0x024c  Ndu - ok
21:50:07.0393 0x024c  [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\System32\HPZinw12.dll
21:50:07.0403 0x024c  Net Driver HPZ12 - ok
21:50:07.0434 0x024c  [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
21:50:07.0438 0x024c  NetBIOS - ok
21:50:07.0488 0x024c  [ 9DC17B7D9D84C37C102D379FCC7D4942, D522022ED4395686837E96F57EE29F8065FB749D1195B60D2A406FB33F696C09 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
21:50:07.0504 0x024c  NetBT - ok
21:50:07.0537 0x024c  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon        C:\Windows\system32\lsass.exe
21:50:07.0544 0x024c  Netlogon - ok
21:50:07.0585 0x024c  [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman          C:\Windows\System32\netman.dll
21:50:07.0601 0x024c  Netman - ok
21:50:07.0651 0x024c  [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm        C:\Windows\System32\netprofmsvc.dll
21:50:07.0685 0x024c  netprofm - ok
21:50:07.0715 0x024c  [ 87CFE8B5238A976E222B71572EA974BF, D54E087673E4BD40E45763AB3C199804E4B25EAFBB511301A177480F299D6539 ] NetTap630       C:\Windows\system32\DRIVERS\nettap630.sys
21:50:07.0720 0x024c  NetTap630 - ok
21:50:07.0837 0x024c  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:50:07.0955 0x024c  NetTcpPortSharing - ok
21:50:08.0014 0x024c  [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc          C:\Windows\System32\drivers\netvsc63.sys
21:50:08.0019 0x024c  netvsc - ok
21:50:08.0058 0x024c  [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc          C:\Windows\System32\nlasvc.dll
21:50:08.0093 0x024c  NlaSvc - ok
21:50:08.0115 0x024c  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
21:50:08.0119 0x024c  Npfs - ok
21:50:08.0141 0x024c  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\Windows\System32\drivers\npsvctrig.sys
21:50:08.0144 0x024c  npsvctrig - ok
21:50:08.0183 0x024c  [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi             C:\Windows\system32\nsisvc.dll
21:50:08.0187 0x024c  nsi - ok
21:50:08.0217 0x024c  [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
21:50:08.0221 0x024c  nsiproxy - ok
21:50:08.0383 0x024c  [ 9980B262DBE439AE6BDC91AA985F19EE, E998E4CAE9CD103ADA9CA3C737C4DAD017D056828BFA42A41C7B4E4E108FB13C ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
21:50:08.0483 0x024c  Ntfs - ok
21:50:08.0527 0x024c  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\Windows\system32\drivers\Null.sys
21:50:08.0530 0x024c  Null - ok
21:50:08.0560 0x024c  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
21:50:08.0572 0x024c  nvraid - ok
21:50:08.0590 0x024c  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
21:50:08.0598 0x024c  nvstor - ok
21:50:08.0615 0x024c  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
21:50:08.0621 0x024c  nv_agp - ok
21:50:08.0667 0x024c  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
21:50:08.0689 0x024c  p2pimsvc - ok
21:50:08.0757 0x024c  [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc          C:\Windows\system32\p2psvc.dll
21:50:08.0789 0x024c  p2psvc - ok
21:50:08.0834 0x024c  [ 57DCE4FB0467986AE78E1C6FC5240D32, F7F3ADD1B48E4D6BB0A664A2FE556F71ED7453054B4FB667A29BE050C845045B ] Parport         C:\Windows\System32\drivers\parport.sys
21:50:08.0843 0x024c  Parport - ok
21:50:08.0884 0x024c  [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
21:50:08.0895 0x024c  partmgr - ok
21:50:08.0975 0x024c  [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc          C:\Windows\System32\pcasvc.dll
21:50:09.0014 0x024c  PcaSvc - ok
21:50:09.0091 0x024c  [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci             C:\Windows\system32\drivers\pci.sys
21:50:09.0111 0x024c  pci - ok
21:50:09.0151 0x024c  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\Windows\system32\drivers\pciide.sys
21:50:09.0157 0x024c  pciide - ok
21:50:09.0244 0x024c  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
21:50:09.0268 0x024c  pcmcia - ok
21:50:09.0298 0x024c  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\Windows\system32\drivers\pcw.sys
21:50:09.0304 0x024c  pcw - ok
21:50:09.0350 0x024c  [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc             C:\Windows\system32\drivers\pdc.sys
21:50:09.0357 0x024c  pdc - ok
21:50:09.0433 0x024c  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
21:50:09.0485 0x024c  PEAUTH - ok
21:50:09.0664 0x024c  [ 028362370BEEBADACC881E3D4956E236, D641E431F8B41218E92C0F02A3FE9897B09E116AC8222DC0E7C4994BC0CEEA2F ] PEFService      C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
21:50:09.0774 0x024c  PEFService - ok
21:50:09.0853 0x024c  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\Windows\SysWow64\perfhost.exe
21:50:09.0861 0x024c  PerfHost - ok
21:50:10.0028 0x024c  [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla             C:\Windows\system32\pla.dll
21:50:10.0106 0x024c  pla - ok
21:50:10.0153 0x024c  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
21:50:10.0165 0x024c  PlugPlay - ok
21:50:10.0203 0x024c  [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\Windows\System32\HPZipm12.dll
21:50:10.0210 0x024c  Pml Driver HPZ12 - ok
21:50:10.0249 0x024c  [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
21:50:10.0272 0x024c  PNRPAutoReg - ok
21:50:10.0332 0x024c  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
21:50:10.0381 0x024c  PNRPsvc - ok
21:50:10.0443 0x024c  [ 0FF8507A8B901B904E98EB36B9E347EE, FE4A9A6159A8490F3155D166656748722EFDEDCDC447C09155A5AD6D9F5D294D ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
21:50:10.0481 0x024c  PolicyAgent - ok
21:50:10.0509 0x024c  [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power           C:\Windows\system32\umpo.dll
21:50:10.0516 0x024c  Power - ok
21:50:10.0783 0x024c  [ F6EA63145C20A23732AD2CA1EBA65FA1, 0DD1164D37C1500258E9CCCE458778A3DA196D9A65919B2672E3C88383068F52 ] PrintNotify     C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
21:50:10.0910 0x024c  PrintNotify - ok
21:50:10.0952 0x024c  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\Windows\System32\drivers\processr.sys
21:50:10.0965 0x024c  Processor - ok
21:50:11.0004 0x024c  [ 6E409D818C6B342544EAE741B1422B85, B4ADFB7809FC42C432C984C3AC13FAFD1B7AD53BCC7FB16E86371DE4C829DD1A ] ProfSvc         C:\Windows\system32\profsvc.dll
21:50:11.0027 0x024c  ProfSvc - ok
21:50:11.0064 0x024c  [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
21:50:11.0073 0x024c  Psched - ok
21:50:11.0163 0x024c  [ 2ACAB8C99FFCB2555A5979944D26EB50, BA0543FEBFCB50A7A379D695F110DB0C6CB5AA299D3C517FE270635044F00BFA ] QASvc           C:\Program Files\Packard Bell\Packard Bell Quick Access\QASvc.exe
21:50:11.0203 0x024c  QASvc - ok
21:50:11.0285 0x024c  [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE           C:\Windows\system32\qwave.dll
21:50:11.0326 0x024c  QWAVE - ok
21:50:11.0369 0x024c  [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
21:50:11.0375 0x024c  QWAVEdrv - ok
21:50:11.0411 0x024c  [ 6A52182919E25FB56D253D389F92CE98, AE6497D5CF324CB813248ADECB0F53E5CB3D6C326774E2257319E4CE7782C591 ] RadioShim       C:\Windows\System32\drivers\RadioShim.sys
21:50:11.0414 0x024c  RadioShim - ok
21:50:11.0454 0x024c  [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
21:50:11.0456 0x024c  RasAcd - ok
21:50:11.0518 0x024c  [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto         C:\Windows\System32\rasauto.dll
21:50:11.0536 0x024c  RasAuto - ok
21:50:11.0638 0x024c  [ 15C0034561FE5B03FA376F1A6232478B, 0F9B5C2BD7D8803FF3C5ED957D3F0859F2A59B74510E4659FBF05EDCBF230208 ] RasMan          C:\Windows\System32\rasmans.dll
21:50:11.0676 0x024c  RasMan - ok
21:50:11.0709 0x024c  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
21:50:11.0714 0x024c  RasPppoe - ok
21:50:11.0764 0x024c  [ D67ED4AB59D1EF66B05AD1A81AC28B26, 72E750A9A6B484D8BEDE52FA6DABEF4D95765DE491152E1F6C856D0590B50C28 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
21:50:11.0787 0x024c  rdbss - ok
21:50:11.0800 0x024c  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\Windows\System32\drivers\rdpbus.sys
21:50:11.0803 0x024c  rdpbus - ok
21:50:11.0827 0x024c  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
21:50:11.0835 0x024c  RDPDR - ok
21:50:11.0871 0x024c  [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
21:50:11.0873 0x024c  RdpVideoMiniport - ok
21:50:11.0905 0x024c  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
21:50:11.0917 0x024c  rdyboost - ok
21:50:12.0036 0x024c  [ 2D39BCFA4DD1081B8F282B623456B858, DD8C433B66B6661F4DBD1784CBD334441B508BE84932DD443F7AD51CEA192BA9 ] ReFS            C:\Windows\system32\drivers\ReFS.sys
21:50:12.0076 0x024c  ReFS - ok
21:50:12.0130 0x024c  [ DF78648AC3C8DC9D70E6714AF785382F, 56E104939ED0AB5B26AE07BAB1BBB7D15828DBD3A2AD35361423D7ADDA4BA551 ] RemoteAccess    C:\Windows\System32\mprdim.dll
21:50:12.0144 0x024c  RemoteAccess - ok
21:50:12.0201 0x024c  [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
21:50:12.0241 0x024c  RemoteRegistry - ok
21:50:12.0336 0x024c  [ DC66AE45816614D2999DCD3834DCCC4E, 1C26225135E851DDD1307F52401DD7055B26B3F3B8FDD693B21042C2896E235A ] RFCOMM          C:\Windows\System32\drivers\rfcomm.sys
21:50:12.0361 0x024c  RFCOMM - ok
21:50:12.0477 0x024c  [ 41DDCF1ADD1FB7DE23DCF671740DDBE6, 87ECB5C883CEFF76D126A5B4D92E069C9298FA5B62CC981870F9ECCA13C074F1 ] RichVideo       C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
21:50:12.0543 0x024c  RichVideo - ok
21:50:12.0596 0x024c  [ 858DB87C457D2B44DDEF876B170AAACE, E59D06DCBD94573A89D98B58C46A3DA0AD115831D2A0FBD2F7940A6694504A28 ] RMSvc           C:\Program Files\Packard Bell\Packard Bell Quick Access\RMSvc.exe
21:50:12.0626 0x024c  RMSvc - ok
21:50:12.0663 0x024c  [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
21:50:12.0670 0x024c  RpcEptMapper - ok
21:50:12.0701 0x024c  [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator      C:\Windows\system32\locator.exe
21:50:12.0704 0x024c  RpcLocator - ok
21:50:12.0770 0x024c  [ 7830CEA509693DE0817DF2F3F2D80E89, 7B1786CD225E2D6BCFA484D0BFB81DD162D5713EAEC80C53317CC6950E3D17F3 ] RpcSs           C:\Windows\system32\rpcss.dll
21:50:12.0800 0x024c  RpcSs - ok
21:50:12.0828 0x024c  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
21:50:12.0832 0x024c  rspndr - ok
21:50:12.0881 0x024c  [ BCDE27DA663D2F1BE1EA262F2BFDA8D0, 07744F83C41503D8C948E8D8569628C7C9D283EBA3C20CB63BC81123812A0A25 ] RSUSBVSTOR      C:\Windows\System32\Drivers\RtsUVStor.sys
21:50:12.0930 0x024c  RSUSBVSTOR - ok
21:50:13.0007 0x024c  [ D5C3918E3EF787A41172B8E5348247F0, 033E5E6037CDFE65D26AD834ACD2B652EEED66BA48753F7B319C9FD41CE4F180 ] RTL8168         C:\Windows\system32\DRIVERS\Rt630x64.sys
21:50:13.0050 0x024c  RTL8168 - ok
21:50:13.0075 0x024c  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\Windows\System32\drivers\vms3cap.sys
21:50:13.0076 0x024c  s3cap - ok
21:50:13.0104 0x024c  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs           C:\Windows\system32\lsass.exe
21:50:13.0109 0x024c  SamSs - ok
21:50:13.0143 0x024c  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
21:50:13.0151 0x024c  sbp2port - ok
21:50:13.0190 0x024c  [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
21:50:13.0202 0x024c  SCardSvr - ok
21:50:13.0247 0x024c  [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum    C:\Windows\System32\ScDeviceEnum.dll
21:50:13.0260 0x024c  ScDeviceEnum - ok
21:50:13.0291 0x024c  [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
21:50:13.0296 0x024c  scfilter - ok
21:50:13.0455 0x024c  [ 3151A020E03DDE31AAC49F35C5EFB4DB, 5ABB1103009979F86C862357E28F37C2744979F2C99F7CF6ABB4EB1B8416B3F6 ] Schedule        C:\Windows\system32\schedsvc.dll
21:50:13.0511 0x024c  Schedule - ok
21:50:13.0553 0x024c  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc     C:\Windows\System32\certprop.dll
21:50:13.0558 0x024c  SCPolicySvc - ok
21:50:13.0617 0x024c  [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus           C:\Windows\System32\drivers\sdbus.sys
21:50:13.0634 0x024c  sdbus - ok
21:50:13.0671 0x024c  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\Windows\System32\drivers\sdstor.sys
21:50:13.0676 0x024c  sdstor - ok
21:50:13.0717 0x024c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
21:50:13.0723 0x024c  secdrv - ok
21:50:13.0771 0x024c  [ 6627154693B6C2B8A59727F5B38728E8, F08251EE3436400295F120D48F3763E6F11BBF4132D674AD3E8112B6B3538455 ] seclogon        C:\Windows\system32\seclogon.dll
21:50:13.0787 0x024c  seclogon - ok
21:50:13.0832 0x024c  [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS            C:\Windows\System32\sens.dll
21:50:13.0849 0x024c  SENS - ok
21:50:13.0928 0x024c  [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
21:50:13.0980 0x024c  SensrSvc - ok
21:50:14.0010 0x024c  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\Windows\system32\drivers\SerCx.sys
21:50:14.0016 0x024c  SerCx - ok
21:50:14.0039 0x024c  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\Windows\system32\drivers\SerCx2.sys
21:50:14.0049 0x024c  SerCx2 - ok
21:50:14.0088 0x024c  [ 1F0135949A6AD6025F363F80FE268251, DB2D503863143F2251E589F7B0B3E9FBF997D7333D54C55856590B5080B5513D ] Serenum         C:\Windows\System32\drivers\serenum.sys
21:50:14.0091 0x024c  Serenum - ok
21:50:14.0110 0x024c  [ 81633C87B42B63BA484A6177179AC750, A22BA40E9EC74E88D8098CBDC954E1D63B832FCB789E3C7B731DE5DA39BEE2CA ] Serial          C:\Windows\System32\drivers\serial.sys
21:50:14.0120 0x024c  Serial - ok
21:50:14.0149 0x024c  [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse        C:\Windows\System32\drivers\sermouse.sys
21:50:14.0154 0x024c  sermouse - ok
21:50:14.0212 0x024c  [ 389458EA0B5FAEBA325FAC47B9ED589E, F7F37A1F1E912069F65E4629FF733F080AE675DF6FE255AF48F5E23EB47D0622 ] SessionEnv      C:\Windows\system32\sessenv.dll
21:50:14.0246 0x024c  SessionEnv - ok
21:50:14.0276 0x024c  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\Windows\System32\drivers\sfloppy.sys
21:50:14.0280 0x024c  sfloppy - ok
21:50:14.0355 0x024c  [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess    C:\Windows\System32\ipnathlp.dll
21:50:14.0398 0x024c  SharedAccess - ok
21:50:14.0470 0x024c  [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:50:14.0516 0x024c  ShellHWDetection - ok
21:50:14.0543 0x024c  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
21:50:14.0546 0x024c  SiSRaid2 - ok
21:50:14.0565 0x024c  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
21:50:14.0570 0x024c  SiSRaid4 - ok
21:50:14.0619 0x024c  [ B72B80E6FF423C5011E745CB76DA9A08, 18A6B9D46E91AD4D463EB5CB832702392D2E162577F90C328B515FCE69FABD15 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
21:50:14.0663 0x024c  SkypeUpdate - ok
21:50:14.0721 0x024c  [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost         C:\Windows\System32\smphost.dll
21:50:14.0730 0x024c  smphost - ok
21:50:14.0793 0x024c  [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
21:50:14.0807 0x024c  SNMPTRAP - ok
21:50:14.0898 0x024c  [ 546B88E6906EE9813EFE314DC95E3488, FC172C2DCC7ACDBBC9CE07CFCBAEDFAEAD2641A037E126174525DBE8BA660CC4 ] spaceport       C:\Windows\system32\drivers\spaceport.sys
21:50:14.0922 0x024c  spaceport - ok
21:50:14.0941 0x024c  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\Windows\system32\drivers\SpbCx.sys
21:50:14.0945 0x024c  SpbCx - ok
21:50:15.0018 0x024c  [ FCB156A6745631A67DEA61827061D483, 9275ABFA1E1E595969A71C0DA228D18D1B868BF46E097E1276142BD80F8A32C9 ] Spooler         C:\Windows\System32\spoolsv.exe
21:50:15.0082 0x024c  Spooler - ok
21:50:15.0427 0x024c  [ F264662C057A54AA2DE41B3C7551712F, 2C123C6ACD967CDF1AD2855187CF3D8357B16A4FD9C2F18AE54CFA384165FA11 ] sppsvc          C:\Windows\system32\sppsvc.exe
21:50:15.0730 0x024c  sppsvc - ok
21:50:15.0817 0x024c  [ 36B082C7A764A34FB1DC72D975870B61, 572CB632D9FDC1183F7BF8BFCBC51765C647945E0C13D1C91ADE3D0E76DF83BC ] srv             C:\Windows\system32\DRIVERS\srv.sys
21:50:15.0845 0x024c  srv - ok
21:50:15.0894 0x024c  [ F5849909D4B29B4E3D4445F943E5C7E3, 3FCA1423753716FE1AFDD27EE1E13C4D779A3C976185B5C998EF1A9A39BFC186 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
21:50:15.0932 0x024c  srv2 - ok
21:50:15.0977 0x024c  [ FABC49666708EA562549E78E6FBF3191, BE1FEBFC259308B39C727915C41A67CD50720A6E2A68D148F4F2F926AED43B02 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
21:50:15.0990 0x024c  srvnet - ok
21:50:16.0036 0x024c  [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
21:50:16.0074 0x024c  SSDPSRV - ok
21:50:16.0125 0x024c  [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
21:50:16.0167 0x024c  SstpSvc - ok
21:50:16.0221 0x024c  [ D08FFE34AF5B7AC5F69EEA1E0E8C6ECE, CC43752CE5C879E24229C84443DBEE667CE629ECF992AD0D42F0F77FE04F6751 ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
21:50:16.0250 0x024c  ssudmdm - ok
21:50:16.0275 0x024c  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
21:50:16.0279 0x024c  stexstor - ok
21:50:16.0383 0x024c  [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc          C:\Windows\System32\wiaservc.dll
21:50:16.0455 0x024c  stisvc - ok
21:50:16.0481 0x024c  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\Windows\system32\drivers\storahci.sys
21:50:16.0487 0x024c  storahci - ok
21:50:16.0512 0x024c  [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
21:50:16.0516 0x024c  storflt - ok
21:50:16.0558 0x024c  [ 0EDD1F4D470C775740625B06A60C9DD5, 94964D0A793B1C984E87095249EE383A5E669D05BA6BF9F655587887E6CE3C19 ] stornvme        C:\Windows\system32\drivers\stornvme.sys
21:50:16.0563 0x024c  stornvme - ok
21:50:16.0593 0x024c  [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc         C:\Windows\system32\storsvc.dll
21:50:16.0601 0x024c  StorSvc - ok
21:50:16.0629 0x024c  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\Windows\system32\drivers\storvsc.sys
21:50:16.0634 0x024c  storvsc - ok
21:50:16.0676 0x024c  [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc           C:\Windows\system32\svsvc.dll
21:50:16.0685 0x024c  svsvc - ok
21:50:16.0744 0x024c  [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum          C:\Windows\System32\drivers\swenum.sys
21:50:16.0752 0x024c  swenum - ok
21:50:16.0868 0x024c  [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv           C:\Windows\System32\swprv.dll
21:50:16.0906 0x024c  swprv - ok
21:50:17.0000 0x024c  [ 7E85DB0463AD2403AE84AD162B162279, 996C42ECAFC6E24C623068AFAFCC0A2612526333AF9315F7536C6D40C2570632 ] SysMain         C:\Windows\system32\sysmain.dll
21:50:17.0063 0x024c  SysMain - ok
21:50:17.0104 0x024c  [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
21:50:17.0130 0x024c  SystemEventsBroker - ok
21:50:17.0171 0x024c  [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:50:17.0203 0x024c  TabletInputService - ok
21:50:17.0260 0x024c  [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv         C:\Windows\System32\tapisrv.dll
21:50:17.0328 0x024c  TapiSrv - ok
21:50:17.0525 0x024c  [ 2F10C145F517419E17203632FCDA0A13, 143F5837AE79E3EDB98F17A4661ECD5BCBFEB317077286B51E765560339B53A8 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
21:50:17.0653 0x024c  Tcpip - ok
21:50:17.0745 0x024c  [ 2F10C145F517419E17203632FCDA0A13, 143F5837AE79E3EDB98F17A4661ECD5BCBFEB317077286B51E765560339B53A8 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
21:50:17.0814 0x024c  TCPIP6 - ok
21:50:17.0850 0x024c  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
21:50:17.0855 0x024c  tcpipreg - ok
21:50:17.0903 0x024c  [ E0BD2D83875464FEEEB242CBA8B7E073, A3067165128F36035FA9F3CBA55CFED736E180C495497FA7332B3D97908C3D90 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
21:50:17.0909 0x024c  tdx - ok
21:50:17.0930 0x024c  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\Windows\System32\drivers\terminpt.sys
21:50:17.0937 0x024c  terminpt - ok
21:50:18.0038 0x024c  [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService     C:\Windows\System32\termsrv.dll
21:50:18.0104 0x024c  TermService - ok
21:50:18.0134 0x024c  [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes          C:\Windows\system32\themeservice.dll
21:50:18.0140 0x024c  Themes - ok
21:50:18.0167 0x024c  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER     C:\Windows\system32\mmcss.dll
21:50:18.0172 0x024c  THREADORDER - ok
21:50:18.0219 0x024c  [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker      C:\Windows\System32\TimeBrokerServer.dll
21:50:18.0242 0x024c  TimeBroker - ok
21:50:18.0290 0x024c  [ 80A2FC1A089A71F2DBE5D8394FFB009F, DEA30E751F6EA42E43E16869713FC7E37832B15DAFA0062B1798DFA476981385 ] TPM             C:\Windows\system32\drivers\tpm.sys
21:50:18.0302 0x024c  TPM - ok
21:50:18.0341 0x024c  [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks          C:\Windows\System32\trkwks.dll
21:50:18.0355 0x024c  TrkWks - ok
21:50:18.0406 0x024c  [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:50:18.0416 0x024c  TrustedInstaller - ok
21:50:18.0441 0x024c  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
21:50:18.0445 0x024c  TsUsbFlt - ok
21:50:18.0480 0x024c  [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD         C:\Windows\System32\drivers\TsUsbGD.sys
21:50:18.0484 0x024c  TsUsbGD - ok
21:50:18.0524 0x024c  [ E85916632CD3B9E9B546968DB950BF42, DECE3852C763CC6293C7D1B772296C43A0AE1E47BBCC4979C96B3B2AD70413F3 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
21:50:18.0534 0x024c  tunnel - ok
21:50:18.0569 0x024c  [ E624283C1A2F9BB4688A002914CC00A7, B6908C1FFDD6BCFFC5C2FC0C429FC3E237E340F891F80CFD737BE41E5EF7E328 ] TXEIx64         C:\Windows\System32\drivers\TXEIx64.sys
21:50:18.0577 0x024c  TXEIx64 - ok
21:50:18.0617 0x024c  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
21:50:18.0624 0x024c  uagp35 - ok
21:50:18.0658 0x024c  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\Windows\System32\drivers\uaspstor.sys
21:50:18.0668 0x024c  UASPStor - ok
21:50:18.0720 0x024c  [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000        C:\Windows\System32\drivers\ucx01000.sys
21:50:18.0730 0x024c  UCX01000 - ok
21:50:18.0777 0x024c  [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
21:50:18.0801 0x024c  udfs - ok
21:50:18.0823 0x024c  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\Windows\System32\drivers\UEFI.sys
21:50:18.0826 0x024c  UEFI - ok
21:50:18.0879 0x024c  [ EE33325429532937D51AC3F54DC93589, D861B541E42F41EDC69A2A3B44860E40164D797D11B4343495DE6281D33F718C ] UEIPSvc         C:\Program Files\Packard Bell\User Experience Improvement Program\Framework\UBTService.exe
21:50:18.0888 0x024c  UEIPSvc - ok
21:50:18.0932 0x024c  [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
21:50:18.0938 0x024c  UI0Detect - ok
21:50:18.0968 0x024c  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
21:50:18.0972 0x024c  uliagpkx - ok
21:50:18.0988 0x024c  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\Windows\System32\drivers\umbus.sys
21:50:18.0991 0x024c  umbus - ok
21:50:19.0014 0x024c  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\Windows\System32\drivers\umpass.sys
21:50:19.0016 0x024c  UmPass - ok
21:50:19.0066 0x024c  [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService    C:\Windows\System32\umrdp.dll
21:50:19.0088 0x024c  UmRdpService - ok
21:50:19.0138 0x024c  [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost        C:\Windows\System32\upnphost.dll
21:50:19.0162 0x024c  upnphost - ok
21:50:19.0199 0x024c  [ DF355EB0199198728027962DCFCDE5FB, 9E158BD07389B4CFF99674716647FA3AABEECBD1A98EDF20E544E099A99A8768 ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
21:50:19.0205 0x024c  usbaudio - ok
21:50:19.0233 0x024c  [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp         C:\Windows\System32\drivers\usbccgp.sys
21:50:19.0240 0x024c  usbccgp - ok
21:50:19.0273 0x024c  [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir          C:\Windows\System32\drivers\usbcir.sys
21:50:19.0278 0x024c  usbcir - ok
21:50:19.0315 0x024c  [ C996CBEF922B5653A01E3F50DDCE2F86, 231EB5A36E7EE242197E796D3B4AB12F945D2C8570587BC8D57D45530A0C59B4 ] usbehci         C:\Windows\System32\drivers\usbehci.sys
21:50:19.0320 0x024c  usbehci - ok
21:50:19.0381 0x024c  [ CD81683F4553677B9BF5163A922153EB, 6B304B0D68B9BFF0245EC755CDAAF9DF59DF3A081727E32CB66672929F0DBC50 ] usbhub          C:\Windows\System32\drivers\usbhub.sys
21:50:19.0399 0x024c  usbhub - ok
21:50:19.0478 0x024c  [ 5C90D5379B53590FBB24BBAD4FA682EE, DC036340510C1C0999AB1CB845F8E6EB8B7696BAC9BBE6E936454C0000D1E9D4 ] USBHUB3         C:\Windows\System32\drivers\UsbHub3.sys
21:50:19.0505 0x024c  USBHUB3 - ok
21:50:19.0535 0x024c  [ A0F0484C97D6441ED6A75D7426ECCC9E, FF928ADE1C5464E581BF929F7383D5762D110EA6C7E31A6F0887EA7357ADBEFE ] usbohci         C:\Windows\System32\drivers\usbohci.sys
21:50:19.0538 0x024c  usbohci - ok
21:50:19.0568 0x024c  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\Windows\System32\drivers\usbprint.sys
21:50:19.0572 0x024c  usbprint - ok
21:50:19.0614 0x024c  [ 9D168BFA334D47BE404367EB58D4E130, 23279CBE6ACBD074E7B268BA2EDA14E2255C41F8117173B2BBE653D8259ECFA2 ] USBSTOR         C:\Windows\System32\drivers\USBSTOR.SYS
21:50:19.0623 0x024c  USBSTOR - ok
21:50:19.0647 0x024c  [ FC974B03C8B87455F44F734C8F31A3C8, D69F6EE8030F7DF96FF151D9EAA6AE65417ACAC5A267C7DB96E9611D5BC42D2C ] usbuhci         C:\Windows\System32\drivers\usbuhci.sys
21:50:19.0652 0x024c  usbuhci - ok
21:50:19.0702 0x024c  [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
21:50:19.0716 0x024c  usbvideo - ok
21:50:19.0764 0x024c  [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI         C:\Windows\System32\drivers\USBXHCI.SYS
21:50:19.0779 0x024c  USBXHCI - ok
21:50:19.0801 0x024c  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc        C:\Windows\system32\lsass.exe
21:50:19.0805 0x024c  VaultSvc - ok
21:50:19.0830 0x024c  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
21:50:19.0834 0x024c  vdrvroot - ok
21:50:19.0940 0x024c  [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds             C:\Windows\System32\vds.exe
21:50:20.0015 0x024c  vds - ok
21:50:20.0045 0x024c  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\Windows\system32\drivers\VerifierExt.sys
21:50:20.0055 0x024c  VerifierExt - ok
21:50:20.0122 0x024c  [ 8ABB4BABF59F092DF0B43778D8FD1884, 94C2100CE86448543A8DD586AD4A128AB9EB37959238D70F33EF59202270AC6C ] vhdmp           C:\Windows\System32\drivers\vhdmp.sys
21:50:20.0217 0x024c  vhdmp - ok
21:50:20.0255 0x024c  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\Windows\system32\drivers\viaide.sys
21:50:20.0258 0x024c  viaide - ok
21:50:20.0294 0x024c  [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
21:50:20.0345 0x024c  vmbus - ok
21:50:20.0389 0x024c  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\Windows\System32\drivers\VMBusHID.sys
21:50:20.0394 0x024c  VMBusHID - ok
21:50:20.0478 0x024c  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\Windows\System32\ICSvc.dll
21:50:20.0516 0x024c  vmicguestinterface - ok
21:50:20.0541 0x024c  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat   C:\Windows\System32\ICSvc.dll
21:50:20.0558 0x024c  vmicheartbeat - ok
21:50:20.0582 0x024c  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
21:50:20.0599 0x024c  vmickvpexchange - ok
21:50:20.0623 0x024c  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv         C:\Windows\System32\ICSvc.dll
21:50:20.0640 0x024c  vmicrdv - ok
21:50:20.0664 0x024c  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown    C:\Windows\System32\ICSvc.dll
21:50:20.0681 0x024c  vmicshutdown - ok
21:50:20.0705 0x024c  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync    C:\Windows\System32\ICSvc.dll
21:50:20.0722 0x024c  vmictimesync - ok
21:50:20.0746 0x024c  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss         C:\Windows\System32\ICSvc.dll
21:50:20.0764 0x024c  vmicvss - ok
21:50:20.0787 0x024c  [ 436E1A724E7E683F6B612D3D58F04241, 939B5EF0090DF3759295F88402FD0EA33F499DDA9F89E5D0E90D1F9AED65D491 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
21:50:20.0791 0x024c  volmgr - ok
21:50:20.0815 0x024c  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
21:50:20.0836 0x024c  volmgrx - ok
21:50:20.0906 0x024c  [ 17F7B0F2298D97F4B6C7A69511033D3D, 5BDFC225F31553786726808FB7952940FC05CA72B3977D684056F42AFAA59565 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
21:50:20.0937 0x024c  volsnap - ok
21:50:20.0954 0x024c  [ DAC438FB5FF85A9E72806E2341D5D732, B1D1EFCA8C588A6BF53CEC941CC59702C366F15C7D5943431736EC857E57C0A2 ] vpci            C:\Windows\System32\drivers\vpci.sys
21:50:20.0958 0x024c  vpci - ok
21:50:20.0985 0x024c  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
21:50:20.0992 0x024c  vsmraid - ok
21:50:21.0114 0x024c  [ D0CBA7B3531CCF2ADB985856D5F92434, 7FCBBCAF1AA85DCE8D75FB38DC4848AE12E8DD913CEBBC37BCD3D0123F0A3CAB ] VSS             C:\Windows\system32\vssvc.exe
21:50:21.0190 0x024c  VSS - ok
21:50:21.0210 0x024c  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\Windows\system32\drivers\vstxraid.sys
21:50:21.0221 0x024c  VSTXRAID - ok
21:50:21.0261 0x024c  [ 71066FF95C487327E44C8AF1B72EBE8B, EA2729126B452CAE0C80D07501779D804B08E47F1217B61D53277B40869FEC25 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
21:50:21.0263 0x024c  vwifibus - ok
21:50:21.0306 0x024c  [ 29AB43937FFDA0B0FB56984226E698C6, 6A1A559964FE5D594E54988C46149969E6FFD5A8D5A6862E14648B608794CC29 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
21:50:21.0321 0x024c  vwififlt - ok
21:50:21.0350 0x024c  [ 8B8624A93E3F88CB923AEB05B6313227, 2856B63CD376BF2B1A9129581E7B9207588D4EAFD29A2C8D98F176FEAFDE26A9 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
21:50:21.0357 0x024c  vwifimp - ok
21:50:21.0424 0x024c  [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time         C:\Windows\system32\w32time.dll
21:50:21.0452 0x024c  W32Time - ok
21:50:21.0481 0x024c  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\Windows\System32\drivers\wacompen.sys
21:50:21.0485 0x024c  WacomPen - ok
21:50:21.0611 0x024c  [ 841345442390953CBC8801B95D3D0540, FD4F9FD2C4C60A1A580177FFF2E9035009AC6A38E78D4236B0ED4773E3B263EE ] wbengine        C:\Windows\system32\wbengine.exe
21:50:21.0683 0x024c  wbengine - ok
21:50:21.0752 0x024c  [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
21:50:21.0785 0x024c  WbioSrvc - ok
21:50:21.0852 0x024c  [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc          C:\Windows\System32\wcmsvc.dll
21:50:21.0886 0x024c  Wcmsvc - ok
21:50:21.0960 0x024c  [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
21:50:22.0009 0x024c  wcncsvc - ok
21:50:22.0052 0x024c  [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:50:22.0068 0x024c  WcsPlugInService - ok
21:50:22.0121 0x024c  [ 81285DDC994F03379DB46419300B2DCB, 98D3622E11F375718AEA1DE3B5F0104DDAB4F96B6D4C19788C14F7B338A6F235 ] WdBoot          C:\Windows\system32\drivers\WdBoot.sys
21:50:22.0132 0x024c  WdBoot - ok
21:50:22.0245 0x024c  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
21:50:22.0319 0x024c  Wdf01000 - ok
21:50:22.0345 0x024c  [ 26B8FED3F3B85F5F0C4BD03FD00B9941, 7F94FE7954498223B33C025258DB588A3AC9FF25C58EEAD204514FD20652FE40 ] WdFilter        C:\Windows\system32\drivers\WdFilter.sys
21:50:22.0355 0x024c  WdFilter - ok
21:50:22.0394 0x024c  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost  C:\Windows\system32\wdi.dll
21:50:22.0404 0x024c  WdiServiceHost - ok
21:50:22.0415 0x024c  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost   C:\Windows\system32\wdi.dll
21:50:22.0424 0x024c  WdiSystemHost - ok
21:50:22.0455 0x024c  [ CE67080F00E0AF32755096CEA6430ABA, 0E5D626F9F76C0BC63B2D246AD66D9CBF7D92F34B56398417BCFD0C331DBD282 ] WdNisDrv        C:\Windows\system32\Drivers\WdNisDrv.sys
21:50:22.0460 0x024c  WdNisDrv - ok
21:50:22.0476 0x024c  WdNisSvc - ok
21:50:22.0512 0x024c  [ A70CAF5EA36CBA5FCA24244306D4D5C6, 76C3E20B62B89D9699A1E817377FAD70B144B877BCC5C850A5B64CC68184D8DA ] WebClient       C:\Windows\System32\webclnt.dll
21:50:22.0550 0x024c  WebClient - ok
21:50:22.0614 0x024c  [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc          C:\Windows\system32\wecsvc.dll
21:50:22.0674 0x024c  Wecsvc - ok
21:50:22.0715 0x024c  [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC      C:\Windows\system32\wephostsvc.dll
21:50:22.0725 0x024c  WEPHOSTSVC - ok
21:50:22.0762 0x024c  [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
21:50:22.0773 0x024c  wercplsupport - ok
21:50:22.0809 0x024c  [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc          C:\Windows\System32\WerSvc.dll
21:50:22.0820 0x024c  WerSvc - ok
21:50:22.0850 0x024c  [ 715ABA3DD164D06457A2A3C92F6EA9D5, E6F8269D2FFC4A548B65724C0A3F53756ED15E47229861FBD40B656EE40FE166 ] WFPLWFS         C:\Windows\system32\DRIVERS\wfplwfs.sys
21:50:22.0857 0x024c  WFPLWFS - ok
21:50:22.0900 0x024c  [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc          C:\Windows\System32\wiarpc.dll
21:50:22.0914 0x024c  WiaRpc - ok
21:50:22.0955 0x024c  [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
21:50:22.0960 0x024c  WIMMount - ok
21:50:22.0971 0x024c  WinDefend - ok
21:50:23.0063 0x024c  [ 0E70990EC2E5D2331AA5E88DB0CFB826, 79DFF565C3FCBC691E8FEB669CEC00E340FD2A2AFA4488D23A7CC63A2A98A5C1 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
21:50:23.0102 0x024c  WinHttpAutoProxySvc - ok
21:50:23.0169 0x024c  [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
21:50:23.0232 0x024c  Winmgmt - ok
21:50:23.0419 0x024c  [ 427873F889F2F508BE8BE982219CE578, CA8DCFB774BF0F747295A7A0CB46A6177DE12AD6BD58266182206C41A3C9001E ] WinRM           C:\Windows\system32\WsmSvc.dll
21:50:23.0570 0x024c  WinRM - ok
21:50:23.0621 0x024c  [ 3AF1FA17F1C4ACBDB660D8F98B1A9C13, 99B0851410B462685F6705EBF832D10943FB9634030B02D15BF5D0C66F26F2C2 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
21:50:23.0626 0x024c  WinUsb - ok
21:50:23.0768 0x024c  [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc         C:\Windows\System32\wlansvc.dll
21:50:23.0839 0x024c  WlanSvc - ok
21:50:23.0935 0x024c  [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc         C:\Windows\system32\wlidsvc.dll
21:50:24.0025 0x024c  wlidsvc - ok
21:50:24.0054 0x024c  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\Windows\System32\drivers\wmiacpi.sys
21:50:24.0056 0x024c  WmiAcpi - ok
21:50:24.0112 0x024c  [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
21:50:24.0126 0x024c  wmiApSrv - ok
21:50:24.0153 0x024c  WMPNetworkSvc - ok
21:50:24.0178 0x024c  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\Windows\system32\drivers\Wof.sys
21:50:24.0186 0x024c  Wof - ok
21:50:24.0323 0x024c  [ EDFA5CEDBE174FAAA4A09A6B297AEA42, 5998FE15462E4AD9C7B1444E5E2C17BD470DA3A5D474A0A118E02E47DADC678A ] workfolderssvc  C:\Windows\system32\workfolderssvc.dll
21:50:24.0391 0x024c  workfolderssvc - ok
21:50:24.0420 0x024c  [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr         C:\Windows\system32\DRIVERS\wpcfltr.sys
21:50:24.0423 0x024c  wpcfltr - ok
21:50:24.0459 0x024c  [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
21:50:24.0466 0x024c  WPCSvc - ok
21:50:24.0505 0x024c  [ DBDCE2378F65F0A07D4644AC103037E7, 99714F0CD31297C9831BAF04768F467F6E0BF710C859CEDCA83069226BF1A68A ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
21:50:24.0517 0x024c  WPDBusEnum - ok
21:50:24.0548 0x024c  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\Windows\system32\drivers\WpdUpFltr.sys
21:50:24.0551 0x024c  WpdUpFltr - ok
21:50:24.0565 0x024c  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
21:50:24.0569 0x024c  ws2ifsl - ok
21:50:24.0594 0x024c  [ 501D5EFAB9711039479AE48401386D2B, C8C1184DE93E9D2C4E8A60E4E9980745C4E5470E5DA9B59165D18705330ADEFE ] wscsvc          C:\Windows\System32\wscsvc.dll
21:50:24.0604 0x024c  wscsvc - ok
21:50:24.0611 0x024c  WSearch - ok
21:50:24.0848 0x024c  [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService       C:\Windows\System32\WSService.dll
21:50:25.0027 0x024c  WSService - ok
21:50:25.0244 0x024c  [ F3F60C88A6BBC8D0C68FE5B1C91181AF, AF9A4D282CD4BB1127BC3F48AB89DC294408D96F7906553C636F37D1503CFA48 ] wuauserv        C:\Windows\system32\wuaueng.dll
21:50:25.0412 0x024c  wuauserv - ok
21:50:25.0457 0x024c  [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
21:50:25.0462 0x024c  WudfPf - ok
21:50:25.0499 0x024c  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd          C:\Windows\System32\drivers\WUDFRd.sys
21:50:25.0509 0x024c  WUDFRd - ok
21:50:25.0549 0x024c  [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
21:50:25.0559 0x024c  wudfsvc - ok
21:50:25.0586 0x024c  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs       C:\Windows\System32\drivers\WUDFRd.sys
21:50:25.0593 0x024c  WUDFWpdFs - ok
21:50:25.0608 0x024c  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp      C:\Windows\system32\DRIVERS\WUDFRd.sys
21:50:25.0615 0x024c  WUDFWpdMtp - ok
21:50:25.0699 0x024c  [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc         C:\Windows\System32\wwansvc.dll
21:50:25.0759 0x024c  WwanSvc - ok
21:50:25.0802 0x024c  ================ Scan global ===============================
21:50:25.0850 0x024c  [ 3500AF0BA2EF095BF313EEB75D2366C6, C755E57B02BFA82151A182DF964349859575570EA5C3FBA81F747B8D2134A4D0 ] C:\Windows\system32\basesrv.dll
21:50:25.0900 0x024c  [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\Windows\system32\winsrv.dll
21:50:25.0965 0x024c  [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\Windows\system32\sxssrv.dll
21:50:26.0020 0x024c  [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\Windows\system32\services.exe
21:50:26.0063 0x024c  [ Global ] - ok
21:50:26.0064 0x024c  ================ Scan MBR ==================================
21:50:26.0083 0x024c  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
21:50:26.0094 0x024c  \Device\Harddisk0\DR0 - ok
21:50:26.0095 0x024c  ================ Scan VBR ==================================
21:50:26.0098 0x024c  [ 0DB6C855F2008A699F70690D677CD1A0 ] \Device\Harddisk0\DR0\Partition1
21:50:26.0101 0x024c  \Device\Harddisk0\DR0\Partition1 - ok
21:50:26.0116 0x024c  [ 53DD2AAFE995F7E3A4BCE458A80A02D1 ] \Device\Harddisk0\DR0\Partition2
21:50:26.0117 0x024c  \Device\Harddisk0\DR0\Partition2 - ok
21:50:26.0130 0x024c  [ 9DF6EE3B3D77B2C80E2646ADE55EB073 ] \Device\Harddisk0\DR0\Partition3
21:50:26.0130 0x024c  \Device\Harddisk0\DR0\Partition3 - ok
21:50:26.0156 0x024c  [ 126FBAD101823976579A05DFC74FDF77 ] \Device\Harddisk0\DR0\Partition4
21:50:26.0159 0x024c  \Device\Harddisk0\DR0\Partition4 - ok
21:50:26.0177 0x024c  [ 89EB7DB2C993D1C17FB8B8427D3EA510 ] \Device\Harddisk0\DR0\Partition5
21:50:26.0180 0x024c  \Device\Harddisk0\DR0\Partition5 - ok
21:50:26.0214 0x024c  [ 6C1A715066525046F764F0878CB09349 ] \Device\Harddisk0\DR0\Partition6
21:50:26.0218 0x024c  \Device\Harddisk0\DR0\Partition6 - ok
21:50:26.0219 0x024c  ================ Scan generic autorun ======================
21:50:26.0843 0x024c  [ DA2D7BED47EF71BDFEEDDEEE76C965FD, 79DB43FB6E84AD492E45DD7F58235D65DF0750AED8E1CEF287D9D1379106A953 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
21:50:27.0394 0x024c  RTHDVCPL - ok
21:50:27.0634 0x024c  [ A6A21A7D544675E98C040DA18904CF50, AACB578C297C7AC9FEBDAB4AD20235E5CFF6E3F260E76E6AE18D43DC57D69672 ] E:\PROGRAMME\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe
21:50:27.0755 0x024c  Malwarebytes TrayApp - ok
21:50:27.0829 0x024c  [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
21:50:27.0833 0x024c  HP Software Update - ok
21:50:27.0869 0x024c  Skype - ok
21:50:27.0873 0x024c  Waiting for KSN requests completion. In queue: 170
21:50:28.0060 0x15d0  Object required for P2P: [ F264662C057A54AA2DE41B3C7551712F ] sppsvc
21:50:28.0420 0x15d0  Object send P2P result: true
21:50:28.0912 0x024c  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.207.0 ), 0x60110 ( disabled : outofdate )
21:50:28.0971 0x024c  AV detected via SS2: McAfee Anti-Virus und Anti-Spyware, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 15.3.0.0 ), 0x51000 ( enabled : updated )
21:50:28.0974 0x024c  FW detected via SS2: McAfee Firewall, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 15.3.0.0 ), 0x51010 ( enabled )
21:50:29.0107 0x024c  ============================================================
21:50:29.0107 0x024c  Scan finished
21:50:29.0107 0x024c  ============================================================
21:50:29.0153 0x0498  Detected object count: 0
21:50:29.0153 0x0498  Actual detected object count: 0
21:55:53.0003 0x1488  ============================================================
21:55:53.0003 0x1488  Scan started
21:55:53.0003 0x1488  Mode: Manual; 
21:55:53.0003 0x1488  ============================================================
21:55:53.0003 0x1488  KSN ping started
21:55:53.0095 0x1488  KSN ping finished: true
21:55:54.0073 0x1488  ================ Scan system memory ========================
21:55:54.0073 0x1488  System memory - ok
21:55:54.0077 0x1488  ================ Scan services =============================
21:55:54.0221 0x1488  0295171488827201mcinstcleanup - ok
21:55:54.0394 0x1488  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys
21:55:54.0414 0x1488  1394ohci - ok
21:55:54.0442 0x1488  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\Windows\system32\drivers\3ware.sys
21:55:54.0450 0x1488  3ware - ok
21:55:54.0516 0x1488  [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
21:55:54.0536 0x1488  ACPI - ok
21:55:54.0561 0x1488  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\Windows\system32\Drivers\acpiex.sys
21:55:54.0564 0x1488  acpiex - ok
21:55:54.0586 0x1488  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\Windows\System32\drivers\acpipagr.sys
21:55:54.0588 0x1488  acpipagr - ok
21:55:54.0597 0x1488  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\Windows\System32\drivers\acpipmi.sys
21:55:54.0599 0x1488  AcpiPmi - ok
21:55:54.0608 0x1488  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\Windows\System32\drivers\acpitime.sys
21:55:54.0611 0x1488  acpitime - ok
21:55:54.0678 0x1488  [ B932E0EE190778D840F1442DFC0F9612, 8780963F14D57279FDD585BE945ED40F24590D32676C7A9EF94002D38B8BA643 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:55:54.0693 0x1488  AdobeARMservice - ok
21:55:54.0846 0x1488  [ 89ECFB35517F62C3802B227F288B750E, 47B329FEC98DC634A9068D6B88A331B323D99E9C21D3FE330352210841E715CA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:55:54.0904 0x1488  AdobeFlashPlayerUpdateSvc - ok
21:55:55.0000 0x1488  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\Windows\system32\drivers\ADP80XX.SYS
21:55:55.0055 0x1488  ADP80XX - ok
21:55:55.0098 0x1488  [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
21:55:55.0106 0x1488  AeLookupSvc - ok
21:55:55.0179 0x1488  [ A460C3AF3755A2A79A3C8EFE72E147B5, 62CEA85DA53D86D3E7B5D79F94095C6126FFF3DEE1427BBF3DEF5EA366B4513B ] AFD             C:\Windows\system32\drivers\afd.sys
21:55:55.0206 0x1488  AFD - ok
21:55:55.0233 0x1488  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\Windows\system32\drivers\agp440.sys
21:55:55.0238 0x1488  agp440 - ok
21:55:55.0274 0x1488  [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache         C:\Windows\system32\DRIVERS\ahcache.sys
21:55:55.0279 0x1488  ahcache - ok
21:55:55.0318 0x1488  [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG             C:\Windows\System32\alg.exe
21:55:55.0325 0x1488  ALG - ok
21:55:55.0372 0x1488  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\Windows\System32\drivers\amdk8.sys
21:55:55.0382 0x1488  AmdK8 - ok
21:55:55.0410 0x1488  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\Windows\System32\drivers\amdppm.sys
21:55:55.0418 0x1488  AmdPPM - ok
21:55:55.0448 0x1488  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
21:55:55.0455 0x1488  amdsata - ok
21:55:55.0488 0x1488  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
21:55:55.0497 0x1488  amdsbs - ok
21:55:55.0520 0x1488  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
21:55:55.0522 0x1488  amdxata - ok
21:55:55.0554 0x1488  [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID           C:\Windows\system32\drivers\appid.sys
21:55:55.0558 0x1488  AppID - ok
21:55:55.0586 0x1488  [ 88358135810B9DFD830A9D3A8C3D149A, DF914DA3828EE2310895D156342E3B3DF5E8C6F6F9B851C359E82A1F48180D4B ] AppIDSvc        C:\Windows\System32\appidsvc.dll
21:55:55.0589 0x1488  AppIDSvc - ok
21:55:55.0623 0x1488  [ 734622FBA766DBD65B1803549B24A04A, 3B6872B87A60D4DA265D3B8AB0561A929CFE2C097419183E93D3843422363C89 ] Appinfo         C:\Windows\System32\appinfo.dll
21:55:55.0633 0x1488  Appinfo - ok
21:55:55.0692 0x1488  [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness    C:\Windows\system32\AppReadiness.dll
21:55:55.0723 0x1488  AppReadiness - ok
21:55:55.0832 0x1488  [ E0F846ADE7DED88981D0908DE56FF160, D8F536438091878724A5004849306ADFB96A2778A9D958ED3DCC0CD9E35160BB ] AppXSvc         C:\Windows\system32\appxdeploymentserver.dll
21:55:55.0870 0x1488  AppXSvc - ok
21:55:55.0911 0x1488  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\Windows\system32\drivers\arcsas.sys
21:55:55.0916 0x1488  arcsas - ok
21:55:55.0939 0x1488  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\Windows\system32\drivers\atapi.sys
21:55:55.0942 0x1488  atapi - ok
21:55:55.0978 0x1488  [ 8302D313DCC5536FE6BFB85165D9BB1E, CD9101D9CFE34F0D6CF5A6AD5C997CC5D32CCF5135B78604D0C3CD7252117C2D ] AthBTPort       C:\Windows\system32\DRIVERS\btath_flt.sys
21:55:55.0983 0x1488  AthBTPort - ok
21:55:56.0107 0x1488  [ 23C3686D98C650878602066093BAFDCA, 8D5B6D5ADB7A8706D84A4F16915290B50FCF76330954387D0964CD67C3BD1727 ] AtherosSvc      C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe
21:55:56.0134 0x1488  AtherosSvc - ok
21:55:56.0346 0x1488  [ 60EFDC0EE93A51C63C159C3BD06D25F3, 7108F32496E935FEB0C030A0BFCECC1A8D6BEF5BB8129E5B7D9309321E96C3EB ] athr            C:\Windows\system32\DRIVERS\athwbx.sys
21:55:56.0454 0x1488  athr - ok
21:55:56.0507 0x1488  [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
21:55:56.0519 0x1488  AudioEndpointBuilder - ok
21:55:56.0584 0x1488  [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
21:55:56.0626 0x1488  Audiosrv - ok
21:55:56.0658 0x1488  [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
21:55:56.0663 0x1488  AxInstSV - ok
21:55:56.0732 0x1488  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
21:55:56.0761 0x1488  b06bdrv - ok
21:55:56.0796 0x1488  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\Windows\System32\drivers\BasicDisplay.sys
21:55:56.0801 0x1488  BasicDisplay - ok
21:55:56.0827 0x1488  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender     C:\Windows\System32\drivers\BasicRender.sys
21:55:56.0831 0x1488  BasicRender - ok
21:55:56.0911 0x1488  [ 4BEFF67C1775D353A16A62347E727874, 62363C5E5F4BF049A3E49FADA8CB17269945056ACADB319FDC4F05B74E2553C8 ] BBSvc           C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BBSvc.exe
21:55:56.0943 0x1488  BBSvc - ok
21:55:56.0980 0x1488  [ A6DAAD3EA93DBDBD07FA821BCED133F6, 8F33D4E4B82091D09E62FD5487C88F3DF0DAC31FCBB846183CC4020533A131DE ] BBUpdate        C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.exe
21:55:57.0015 0x1488  BBUpdate - ok
21:55:57.0047 0x1488  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\Windows\System32\drivers\bcmfn2.sys
21:55:57.0050 0x1488  bcmfn2 - ok
21:55:57.0105 0x1488  [ 174394F4EF93C117BF7BE3878046A1B1, D58E868342D1DAFC4B04384A3713F729DF07F408AA6AE4762E6A4244F976526A ] BDESVC          C:\Windows\System32\bdesvc.dll
21:55:57.0150 0x1488  BDESVC - ok
21:55:57.0174 0x1488  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\Windows\system32\drivers\Beep.sys
21:55:57.0177 0x1488  Beep - ok
21:55:57.0273 0x1488  [ 5059D93764340D4EAEDF49C47133118F, 26C5779469E04BEAFD290B619CA355648F3911C66D41B22D2C3DCA909FCA0F6E ] BFE             C:\Windows\System32\bfe.dll
21:55:57.0310 0x1488  BFE - ok
21:55:57.0394 0x1488  [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS            C:\Windows\System32\qmgr.dll
21:55:57.0442 0x1488  BITS - ok
21:55:57.0490 0x1488  [ 4938A9236300A356F97E378491EE4844, 60D892960D48EEF48F8EC4DE4F174EBD0BC0E7B28B6D8723D554CD1979EB55B4 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
21:55:57.0499 0x1488  bowser - ok
21:55:57.0590 0x1488  [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
21:55:57.0649 0x1488  BrokerInfrastructure - ok
21:55:57.0709 0x1488  [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser         C:\Windows\System32\browser.dll
21:55:57.0729 0x1488  Browser - ok
21:55:57.0787 0x1488  [ 15BE0FCECAE5BC00FB3D339D3D1CF4E4, 7F77C73404044270AA0A4C9D6BD838564B5356ACA935982390A6EA11FA653AE0 ] BTATH_A2DP      C:\Windows\system32\drivers\btath_a2dp.sys
21:55:57.0843 0x1488  BTATH_A2DP - ok
21:55:57.0868 0x1488  [ 1FFA5E05F2DE32D9E65CFDA4B33D50FD, 9EC578F563A90C60F893817548195781893405AC8ED7F87C3B5F94F9842161A5 ] btath_avdt      C:\Windows\system32\drivers\btath_avdt.sys
21:55:57.0875 0x1488  btath_avdt - ok
21:55:57.0911 0x1488  [ AF7DEA6A0E93AF8517A310D189B656BE, 008FE5102EE6B73A8D9AFC2B0E563C6A3567167380FCEDC538278240D2AE1FD4 ] BTATH_BUS       C:\Windows\system32\drivers\btath_bus.sys
21:55:57.0915 0x1488  BTATH_BUS - ok
21:55:57.0939 0x1488  [ 785C38070043BEEE9E9D591DE4067244, 1C8D15B8A9E80A2799E7094C4AE111FEA9FBC6EAA4A61B13EFE59314C9794949 ] BTATH_LWFLT     C:\Windows\system32\DRIVERS\btath_lwflt.sys
21:55:57.0946 0x1488  BTATH_LWFLT - ok
21:55:57.0990 0x1488  [ 859A116D748FBA603AF94C251DC5CF97, D64061721BE01F86386C4B0168B166C6AD076630B2229036E1D368D877389D46 ] BTATH_RCP       C:\Windows\System32\drivers\btath_rcp.sys
21:55:58.0002 0x1488  BTATH_RCP - ok
21:55:58.0066 0x1488  [ 6BAA2BD613DB6440C8D2C864CA0EA5D7, 0B0C268BA443FFBB07A3ADC215669F911839A665F5DD3E4C7C21760B6365F5F2 ] BtFilter        C:\Windows\system32\DRIVERS\btfilter.sys
21:55:58.0107 0x1488  BtFilter - ok
21:55:58.0140 0x1488  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\Windows\System32\drivers\BthAvrcpTg.sys
21:55:58.0144 0x1488  BthAvrcpTg - ok
21:55:58.0184 0x1488  [ 1104A31260CCF4318C884E0AE6C513BF, A8F83B558944DEF0F84414A11DC3CB90C3A92377B46760EC0A9B8BC22FB0D5C7 ] BthEnum         C:\Windows\System32\drivers\BthEnum.sys
21:55:58.0188 0x1488  BthEnum - ok
21:55:58.0250 0x1488  [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum       C:\Windows\System32\drivers\bthhfenum.sys
21:55:58.0263 0x1488  BthHFEnum - ok
21:55:58.0289 0x1488  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\Windows\System32\drivers\BthHFHid.sys
21:55:58.0294 0x1488  bthhfhid - ok
21:55:58.0358 0x1488  [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv        C:\Windows\System32\BthHFSrv.dll
21:55:58.0387 0x1488  BthHFSrv - ok
21:55:58.0424 0x1488  [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum       C:\Windows\system32\DRIVERS\BthLEEnum.sys
21:55:58.0437 0x1488  BthLEEnum - ok
21:55:58.0454 0x1488  [ 66B791F6B11DC4303DD18A224A501542, 502AE4D6FFC6B0FCED081B0E0F61F699F96F20DFEE737B53828F5DEE3BD0FCB1 ] BTHMODEM        C:\Windows\System32\drivers\bthmodem.sys
21:55:58.0457 0x1488  BTHMODEM - ok
21:55:58.0494 0x1488  [ FEA8FC81431AD93F44D5FBFBBF096AA7, C0581DF6B2AD24836604B083F4866F93A3F4D9091D382029948A5E6221EDF788 ] BthPan          C:\Windows\System32\drivers\bthpan.sys
21:55:58.0499 0x1488  BthPan - ok
21:55:58.0578 0x1488  [ 0CC00ADC1B84C93FB46E1A0974E956E1, 64C759244651B916901F4D0C82C3D6034532A20714A72FD26FC9D050B99E230B ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
21:55:58.0612 0x1488  BTHPORT - ok
21:55:58.0648 0x1488  [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv         C:\Windows\system32\bthserv.dll
21:55:58.0654 0x1488  bthserv - ok
21:55:58.0704 0x1488  [ 08EA90955AED2D959EE67DF6EDF0E2B6, 0A70AA67E5DD24C473C66A570C0FEBA9D398A0F0AD8386FE05D01C4D16346968 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
21:55:58.0713 0x1488  BTHUSB - ok
21:55:58.0928 0x1488  [ C85FD6135D9D1C0B4391CC05759FD014, 1756AC9CB0C2FE57EF4BF9378540B9BA7AE4153EDE4BB9366A936B863A1D328D ] CCDMonitorService C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
21:55:59.0013 0x1488  CCDMonitorService - ok
21:55:59.0047 0x1488  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
21:55:59.0051 0x1488  cdfs - ok
21:55:59.0075 0x1488  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\Windows\System32\drivers\cdrom.sys
21:55:59.0085 0x1488  cdrom - ok
21:55:59.0122 0x1488  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc     C:\Windows\System32\certprop.dll
21:55:59.0128 0x1488  CertPropSvc - ok
21:55:59.0167 0x1488  [ 06FB15E8F933F22A59C79E5D87B41F64, 26FE8291AFBD0242171A17252B74800304F338A31B674190EDAA39D20DC00FF3 ] cfwids          C:\Windows\system32\drivers\cfwids.sys
21:55:59.0176 0x1488  cfwids - ok
21:55:59.0203 0x1488  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\Windows\System32\drivers\circlass.sys
21:55:59.0207 0x1488  circlass - ok
21:55:59.0293 0x1488  [ 9DA497AEAF35AA7BF7710132FC2A9906, D38DF749222BD0B6E8E6442CC79D56CF827A1430ACAB4F85F7FC469DD31A211C ] CLFS            C:\Windows\system32\drivers\CLFS.sys
21:55:59.0344 0x1488  CLFS - ok
21:55:59.0587 0x1488  [ C0252538508FE7E831B4C0D8CF7989BB, 7D53BB51E9315978FDF769784B9C526DB2740642F807FF4807E73E6DC80D6561 ] ClientAnalyticsService C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe
21:55:59.0636 0x1488  ClientAnalyticsService - ok
21:55:59.0675 0x1488  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\Windows\System32\drivers\CmBatt.sys
21:55:59.0678 0x1488  CmBatt - ok
21:55:59.0745 0x1488  [ EFC79D3224D19FD926FFEA0A24729FEF, 41B0B41F7270C82691453679E03194845B9AF08C28800BF39D3CEB7CB1530BB8 ] CNG             C:\Windows\system32\Drivers\cng.sys
21:55:59.0789 0x1488  CNG - ok
21:55:59.0827 0x1488  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\Windows\System32\drivers\CompositeBus.sys
21:55:59.0830 0x1488  CompositeBus - ok
21:55:59.0838 0x1488  COMSysApp - ok
21:55:59.0861 0x1488  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\Windows\system32\drivers\condrv.sys
21:55:59.0863 0x1488  condrv - ok
21:55:59.0968 0x1488  [ C5082FFE65B0672D06CCE39F45C3FF87, 21D38D7588A1BA628257D80EDA2103C9B7DD2DF6546420C6DD15F0E87BA773B5 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
21:56:00.0017 0x1488  cphs - ok
21:56:00.0074 0x1488  [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
21:56:00.0085 0x1488  CryptSvc - ok
21:56:00.0126 0x1488  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\Windows\system32\drivers\dam.sys
21:56:00.0134 0x1488  dam - ok
21:56:00.0261 0x1488  [ 7830CEA509693DE0817DF2F3F2D80E89, 7B1786CD225E2D6BCFA484D0BFB81DD162D5713EAEC80C53317CC6950E3D17F3 ] DcomLaunch      C:\Windows\system32\rpcss.dll
21:56:00.0291 0x1488  DcomLaunch - ok
21:56:00.0358 0x1488  [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc       C:\Windows\System32\defragsvc.dll
21:56:00.0385 0x1488  defragsvc - ok
21:56:00.0448 0x1488  [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\Windows\system32\das.dll
21:56:00.0478 0x1488  DeviceAssociationService - ok
21:56:00.0516 0x1488  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall   C:\Windows\system32\umpnpmgr.dll
21:56:00.0532 0x1488  DeviceInstall - ok
21:56:00.0586 0x1488  [ FBFF94FC1FE0699A6BC5ACE270AB9EA1, 7D67E7BE539D9D515A1A6B9282C72114310E874DD1FE51E71F002DBB0E1439FB ] Dfsc            C:\Windows\system32\Drivers\dfsc.sys
21:56:00.0596 0x1488  Dfsc - ok
21:56:00.0635 0x1488  [ 0F4A5D01156B948B54550375498B08A2, 1CAE3D744429A06E9C9EC46AC6B216AB68154EF8FACDD0721C47902B83820F56 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
21:56:00.0650 0x1488  dg_ssudbus - ok
21:56:00.0727 0x1488  [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp            C:\Windows\system32\dhcpcore.dll
21:56:00.0785 0x1488  Dhcp - ok
21:56:00.0920 0x1488  [ 0AC9F83A5508935DE89C447473085EEA, 223782B17BACEFB0A663EB13514B68B919C95EF641CDDA7AC30CB239BC4307EC ] DiagTrack       C:\Windows\system32\diagtrack.dll
21:56:01.0012 0x1488  DiagTrack - ok
21:56:01.0047 0x1488  [ 8B1E62881D5AC68E673CD94B136B34AC, A0C50F17041E43AC07B67A74F2C408820316201439F47CDEA37A4F5891CC0E6F ] disk            C:\Windows\system32\drivers\disk.sys
21:56:01.0052 0x1488  disk - ok
21:56:01.0085 0x1488  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\Windows\System32\drivers\dmvsc.sys
21:56:01.0088 0x1488  dmvsc - ok
21:56:01.0137 0x1488  [ 561CBB163EB3C8221D9B1D7D1E5CA477, 4D235E73CC127769A257B31A92180552276EC8DDD991F1106815FADEF385E72D ] Dnscache        C:\Windows\System32\dnsrslvr.dll
21:56:01.0171 0x1488  Dnscache - ok
21:56:01.0222 0x1488  [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc         C:\Windows\System32\dot3svc.dll
21:56:01.0245 0x1488  dot3svc - ok
21:56:01.0286 0x1488  [ 27069CFFF29B7F04F4B1BB10154BE52B, 6869626F9A1D3F64224883C5E661638CEE893A3E29651C7B9302A03E52180415 ] dot4            C:\Windows\system32\DRIVERS\Dot4.sys
21:56:01.0296 0x1488  dot4 - ok
21:56:01.0328 0x1488  [ 0BD906A79F9CE3013F7D9D0AC45F9F9D, 2F7D5082E7E226D5EBEA164A8ACEE0A447C96EB1829224A6EFA3E7B4EFEE1D14 ] Dot4Print       C:\Windows\System32\drivers\Dot4Prt.sys
21:56:01.0332 0x1488  Dot4Print - ok
21:56:01.0374 0x1488  [ B7D595F2F464F7B628AD53F06547792C, F5D06A91EF54FBF56305FCC882B854350B266B2A005D80CC77AEBC2929440729 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
21:56:01.0377 0x1488  dot4usb - ok
21:56:01.0423 0x1488  [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS             C:\Windows\system32\dps.dll
21:56:01.0458 0x1488  DPS - ok
21:56:01.0497 0x1488  [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
21:56:01.0500 0x1488  drmkaud - ok
21:56:01.0559 0x1488  [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc          C:\Windows\System32\DeviceSetupManager.dll
21:56:01.0592 0x1488  DsmSvc - ok
21:56:01.0724 0x1488  [ F74B839FA0F4E6060CA1DA6B8DA17941, EF493E1F55FCD6A8C32B3D5D5809B7EFCCC9829E9A347522D1E6FE080D41BF37 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
21:56:01.0788 0x1488  DXGKrnl - ok
21:56:01.0828 0x1488  [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost         C:\Windows\System32\eapsvc.dll
21:56:01.0837 0x1488  Eaphost - ok
21:56:02.0052 0x1488  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
21:56:02.0222 0x1488  ebdrv - ok
21:56:02.0261 0x1488  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS             C:\Windows\System32\lsass.exe
21:56:02.0265 0x1488  EFS - ok
21:56:02.0288 0x1488  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\Windows\system32\drivers\EhStorClass.sys
21:56:02.0292 0x1488  EhStorClass - ok
21:56:02.0315 0x1488  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\Windows\system32\drivers\EhStorTcgDrv.sys
21:56:02.0322 0x1488  EhStorTcgDrv - ok
21:56:02.0546 0x1488  [ F800FEA3F6865E506AC2B218F25F1E38, 25E8EE3D009D52EDEF9F67587EA8E9E0FFD6094F3971B9470B0A7AC018AD469D ] ePowerSvc       C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
21:56:02.0697 0x1488  ePowerSvc - ok
21:56:02.0723 0x1488  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\Windows\System32\drivers\errdev.sys
21:56:02.0724 0x1488  ErrDev - ok
21:56:02.0794 0x1488  [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem     C:\Windows\system32\es.dll
21:56:02.0819 0x1488  EventSystem - ok
21:56:02.0847 0x1488  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\Windows\system32\drivers\exfat.sys
21:56:02.0854 0x1488  exfat - ok
21:56:02.0883 0x1488  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
21:56:02.0891 0x1488  fastfat - ok
21:56:02.0956 0x1488  [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax             C:\Windows\system32\fxssvc.exe
21:56:03.0020 0x1488  Fax - ok
21:56:03.0034 0x1488  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\Windows\System32\drivers\fdc.sys
21:56:03.0037 0x1488  fdc - ok
21:56:03.0068 0x1488  [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost         C:\Windows\system32\fdPHost.dll
21:56:03.0072 0x1488  fdPHost - ok
21:56:03.0106 0x1488  [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub        C:\Windows\system32\fdrespub.dll
21:56:03.0112 0x1488  FDResPub - ok
21:56:03.0187 0x1488  [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc           C:\Windows\system32\fhsvc.dll
21:56:03.0212 0x1488  fhsvc - ok
21:56:03.0240 0x1488  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
21:56:03.0247 0x1488  FileInfo - ok
21:56:03.0280 0x1488  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
21:56:03.0283 0x1488  Filetrace - ok
21:56:03.0300 0x1488  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\Windows\System32\drivers\flpydisk.sys
21:56:03.0303 0x1488  flpydisk - ok
21:56:03.0358 0x1488  [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
21:56:03.0401 0x1488  FltMgr - ok
21:56:03.0525 0x1488  [ 1EFEF3B4EF2B241263F0F791EA128598, B6CADC254B0779E43E0D6AB6125A7E7ED8FF50C3158911681BA7B43160A08176 ] FontCache       C:\Windows\system32\FntCache.dll
21:56:03.0595 0x1488  FontCache - ok
21:56:03.0660 0x1488  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:56:03.0670 0x1488  FontCache3.0.0.0 - ok
21:56:03.0727 0x1488  [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
21:56:03.0737 0x1488  FsDepends - ok
21:56:03.0769 0x1488  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
21:56:03.0774 0x1488  Fs_Rec - ok
21:56:03.0876 0x1488  [ D4AB6EE3D715BC44C00277FD934FAACF, DE8A8B14D7BA73BA1B5A833DE193CA65EDFE512A57D84F4F2CE19D9646D97F4E ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
21:56:03.0915 0x1488  fvevol - ok
21:56:03.0945 0x1488  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\Windows\System32\drivers\fxppm.sys
21:56:03.0947 0x1488  FxPPM - ok
21:56:03.0969 0x1488  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
21:56:03.0974 0x1488  gagp30kx - ok
21:56:04.0010 0x1488  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\Windows\System32\drivers\vmgencounter.sys
21:56:04.0013 0x1488  gencounter - ok
21:56:04.0045 0x1488  [ 794F13178118C609BA4F59111EDB6758, 9B79A3E3ECA4493AE25231C7B158B41571A2960458E0F2DEBE3C8BF40F708188 ] GPIO            C:\Windows\System32\drivers\iaiogpioe.sys
21:56:04.0050 0x1488  GPIO - ok
21:56:04.0089 0x1488  [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101     C:\Windows\system32\Drivers\msgpioclx.sys
21:56:04.0103 0x1488  GPIOClx0101 - ok
21:56:04.0248 0x1488  [ 9678FD4747A4F2E2318245EE6099482E, C76AE30E8BA77DC330F9CFE5ECEA58FAE0995396742923B564A2257DE24D7B32 ] gpsvc           C:\Windows\System32\gpsvc.dll
21:56:04.0361 0x1488  gpsvc - ok
21:56:04.0467 0x1488  [ 2D8BBF6C7241AAD9EDE7708EBB7B43A4, 51AF8150C6CF738AF14F502E6BDAD1035773DD45980770E06393814B75259EF8 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:56:04.0505 0x1488  gupdate - ok
21:56:04.0563 0x1488  [ 2D8BBF6C7241AAD9EDE7708EBB7B43A4, 51AF8150C6CF738AF14F502E6BDAD1035773DD45980770E06393814B75259EF8 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:56:04.0578 0x1488  gupdatem - ok
21:56:04.0643 0x1488  [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:56:04.0675 0x1488  HdAudAddService - ok
21:56:04.0711 0x1488  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\Windows\System32\drivers\HDAudBus.sys
21:56:04.0718 0x1488  HDAudBus - ok
21:56:04.0739 0x1488  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\Windows\System32\drivers\HidBatt.sys
21:56:04.0744 0x1488  HidBatt - ok
21:56:04.0778 0x1488  [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth          C:\Windows\System32\drivers\hidbth.sys
21:56:04.0787 0x1488  HidBth - ok
21:56:04.0815 0x1488  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\Windows\System32\drivers\hidi2c.sys
21:56:04.0819 0x1488  hidi2c - ok
21:56:04.0848 0x1488  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\Windows\System32\drivers\hidir.sys
21:56:04.0851 0x1488  HidIr - ok
21:56:04.0888 0x1488  [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv         C:\Windows\system32\hidserv.dll
21:56:04.0893 0x1488  hidserv - ok
21:56:04.0931 0x1488  [ 49676FEC898AB2A11B157F848269A56E, 011E6DDEF9570212520F92FEFD205E1F8104F198B57C40D11BE857FCBCC5F68D ] HidUsb          C:\Windows\System32\drivers\hidusb.sys
21:56:04.0935 0x1488  HidUsb - ok
21:56:04.0991 0x1488  [ F60E629BADC03B5BCCF8AAE022651A64, 08D3BA75F3A43843F8F13D7EEA263E46A9452FAB3B30BFD389E4B0477675CB3B ] HipShieldK      C:\Windows\system32\drivers\HipShieldK.sys
21:56:05.0015 0x1488  HipShieldK - ok
21:56:05.0056 0x1488  [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc          C:\Windows\system32\kmsvc.dll
21:56:05.0067 0x1488  hkmsvc - ok
21:56:05.0130 0x1488  [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:56:05.0182 0x1488  HomeGroupListener - ok
21:56:05.0262 0x1488  [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:56:05.0288 0x1488  HomeGroupProvider - ok
21:56:05.0479 0x1488  [ 7515D791E39C9D75714FFDB954D12494, 4B2568FB4C48F8F01FA3EE59116F669FD8FAF1AF427C9262E36491970AB1126D ] HomeNetSvc      C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
21:56:05.0504 0x1488  HomeNetSvc - ok
21:56:05.0633 0x1488  [ 0D0213498683414DDE29B1686A4C08D5, E9B64406C04B6E55CBD17E7C47B023CEA11FEE07B791154129D6F4F29D15AB7F ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
21:56:05.0657 0x1488  hpqcxs08 - ok
21:56:05.0701 0x1488  [ EE281DD6843F3F697C1AD7933EEB1E9B, 1ECE31C2150B92DDC1DCBBCECFE3E979F2C60B3F106280E3167BEC0269BF7A41 ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
21:56:05.0709 0x1488  hpqddsvc - ok
21:56:05.0748 0x1488  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
21:56:05.0753 0x1488  HpSAMD - ok
21:56:05.0842 0x1488  [ EC80F3ECC5F8543E22BBCB037D837CA9, 23A4AE80A6C317CE77BD9D352CD9CED8649E3AD98A7C0A2044138BB20B46F398 ] HPSupportSolutionsFrameworkService C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
21:56:05.0851 0x1488  HPSupportSolutionsFrameworkService - ok
21:56:05.0953 0x1488  [ 76A6FDA32A21515B67633497D8FDB1E4, 7DCAEC3186EAFDD4A53BCD8AAE9B82CBA8871C89B929FFD3BA43E675B95B2495 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
21:56:06.0004 0x1488  HTTP - ok
21:56:06.0018 0x1488  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
21:56:06.0020 0x1488  hwpolicy - ok
21:56:06.0036 0x1488  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\Windows\System32\drivers\hyperkbd.sys
21:56:06.0038 0x1488  hyperkbd - ok
21:56:06.0065 0x1488  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\Windows\system32\DRIVERS\HyperVideo.sys
21:56:06.0067 0x1488  HyperVideo - ok
21:56:06.0106 0x1488  [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt        C:\Windows\System32\drivers\i8042prt.sys
21:56:06.0115 0x1488  i8042prt - ok
21:56:06.0139 0x1488  [ F49D75806D962F85C44E32A1AFB9B8E0, DF033C79C478EB2EA82466F1A7CB58FE17E7C23FE0F24E7B18718750E9F98FF3 ] iaioi2c         C:\Windows\System32\drivers\iaioi2ce.sys
21:56:06.0145 0x1488  iaioi2c - ok
21:56:06.0190 0x1488  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
21:56:06.0193 0x1488  iaLPSSi_GPIO - ok
21:56:06.0211 0x1488  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\Windows\System32\drivers\iaLPSSi_I2C.sys
21:56:06.0217 0x1488  iaLPSSi_I2C - ok
21:56:06.0271 0x1488  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\Windows\system32\drivers\iaStorAV.sys
21:56:06.0309 0x1488  iaStorAV - ok
21:56:06.0334 0x1488  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
21:56:06.0348 0x1488  iaStorV - ok
21:56:06.0418 0x1488  [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS            C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
21:56:06.0450 0x1488  ICCS - ok
21:56:06.0550 0x1488  [ DAF66902F08796F9C694901660E5A64A, F4A4764DED05980426BAB54AAF040BC27A39C80315F5161E8D0B4C7F694BD8E6 ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
21:56:06.0564 0x1488  IDriverT - ok
21:56:06.0590 0x1488  IEEtwCollectorService - ok
21:56:06.0784 0x1488  [ 623DB9620F552B480690AD882AFACED1, F44039122CF6001CB40A4032D3C108D9A83F06FC700A5B47D83EF605F83C9D2F ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
21:56:06.0978 0x1488  igfx - ok
21:56:07.0010 0x1488  [ 5264EE143875DDEA0E8CF8540C2AA743, D3A9F6A8FEDC74DFC986432DF5DC1A15048D7FB165E52A38F1269563B0D01A66 ] igfxCUIService1.0.0.0 C:\Windows\system32\igfxCUIService.exe
21:56:07.0022 0x1488  igfxCUIService1.0.0.0 - ok
21:56:07.0133 0x1488  [ 5697FD05EC6915A1E7193D658D8D6E05, 0179C3AF29880AA21F609CB471034EA5FA49324ACCE12736866675C037EBEC7A ] IKEEXT          C:\Windows\System32\ikeext.dll
21:56:07.0182 0x1488  IKEEXT - ok
21:56:07.0211 0x1488  [ FC7C456AF9B9811499EDBD10616832EE, CA2D8B0E672D3AE449C2FF0B9E142D74E8C72FD877D11162A9F7CC51AF58220F ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
21:56:07.0213 0x1488  intaud_WaveExtensible - ok
21:56:07.0434 0x1488  [ AAB0607E015F07D342DD3CB04A311257, 681EE04F24D7DEC1E3C02549E7A5C70E2AA6D342ED9F3819178E03E8747F9277 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:56:07.0635 0x1488  IntcAzAudAddService - ok
21:56:07.0680 0x1488  [ 890144FA6AB42F2B54EE633BF96A019A, 8741904C66170BA11C78D31681E3759537C0BF2338538678BC64234DB8FDE93F ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
21:56:07.0707 0x1488  IntcDAud - ok
21:56:07.0818 0x1488  [ 768DD5CB66952BC4A3BD474757AEE34F, 5A1F91FC8028D84FD83591D60CB7E3B24425C3B0FFF5A9BB0F7CE2E17AAB92D4 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
21:56:07.0862 0x1488  Intel(R) Capability Licensing Service Interface - ok
21:56:07.0907 0x1488  [ 7C9ED65324CF268ACBA8024257F782D8, 1DC43DBA3612E26454D7786DEB0538B44A736B67EC99642B4CC574D8A03E0DC7 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
21:56:07.0942 0x1488  Intel(R) Capability Licensing Service TCP IP Interface - ok
21:56:07.0961 0x1488  Intel(R) TA SAM - ok
21:56:08.0031 0x1488  [ 5F158EFE9E72A5D6EDB9A59B3966A972, 8052CE286B9CC94ABBE9DC36A0D66A4DC45FE381D41C6CEBDAD8ABD78113C2EB ] Intel(R) Technology Access Legacy CS Loader C:\Program Files\Intel Corporation\Intel(R) Technology Access\LegacyCsLoaderService.exe
21:56:08.0049 0x1488  Intel(R) Technology Access Legacy CS Loader - ok
21:56:08.0114 0x1488  [ BA2EF85C5B79DE726B0C87587EEE6D90, 51A60B377E9A1F7C1EE88357CB5B63F8036D4CB977B37C4669BED88029A68721 ] Intel(R) TechnologyAccessService C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe
21:56:08.0136 0x1488  Intel(R) TechnologyAccessService - ok
21:56:08.0162 0x1488  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\Windows\system32\drivers\intelide.sys
21:56:08.0164 0x1488  intelide - ok
21:56:08.0204 0x1488  [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep        C:\Windows\system32\drivers\intelpep.sys
21:56:08.0208 0x1488  intelpep - ok
21:56:08.0233 0x1488  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\Windows\System32\drivers\intelppm.sys
21:56:08.0239 0x1488  intelppm - ok
21:56:08.0268 0x1488  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:56:08.0273 0x1488  IpFilterDriver - ok
21:56:08.0373 0x1488  [ B452623C1DE60544054E784D94A7AA47, 57AECDEE0AB2B80DFFE11E43608988D46E9169288CB56D644DDE2CAFED6AFD40 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
21:56:08.0418 0x1488  iphlpsvc - ok
21:56:08.0453 0x1488  [ C800DCD904016B2BF6AB541083770A3A, 95A8FB9AB2818A4F44AFCBF2715B0B3024DCE38E1406EA639F2A5ECA105D2290 ] IPMIDRV         C:\Windows\System32\drivers\IPMIDrv.sys
21:56:08.0457 0x1488  IPMIDRV - ok
21:56:08.0508 0x1488  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
21:56:08.0538 0x1488  IPNAT - ok
21:56:08.0561 0x1488  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\Windows\system32\drivers\irenum.sys
21:56:08.0565 0x1488  IRENUM - ok
21:56:08.0581 0x1488  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\Windows\system32\drivers\isapnp.sys
21:56:08.0584 0x1488  isapnp - ok
21:56:08.0649 0x1488  [ AD3C1F4BD9167420F04052FDA197CF29, 82B687092DFC50E8885656AF06BFB7559930750F4905BC4DBDA3A5D334A443D1 ] iScsiPrt        C:\Windows\System32\drivers\msiscsi.sys
21:56:08.0671 0x1488  iScsiPrt - ok
21:56:08.0731 0x1488  [ 622BF9C46A47CF17608C501320E8EFBD, 059F99D4306216324E100FCDAF02093B2CD662F2C6BE8565A4281E7760F8B575 ] iumsvc          C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
21:56:08.0749 0x1488  iumsvc - ok
21:56:08.0789 0x1488  [ A90C843F4FDD7A07129BA73C6BE13976, A76DEA9F09E3B2F18D3B646A0DD39E2773EC62E2F3C55421BA61C12190D78C1C ] iwdbus          C:\Windows\System32\drivers\iwdbus.sys
21:56:08.0796 0x1488  iwdbus - ok
21:56:08.0826 0x1488  [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass        C:\Windows\System32\drivers\kbdclass.sys
21:56:08.0833 0x1488  kbdclass - ok
21:56:08.0860 0x1488  [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid          C:\Windows\System32\drivers\kbdhid.sys
21:56:08.0863 0x1488  kbdhid - ok
21:56:08.0898 0x1488  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\Windows\system32\DRIVERS\kdnic.sys
21:56:08.0902 0x1488  kdnic - ok
21:56:08.0928 0x1488  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso          C:\Windows\system32\lsass.exe
21:56:08.0937 0x1488  KeyIso - ok
21:56:08.0983 0x1488  [ 304DA394D958BC3B62AF6DF514005B01, 8D17777C82F034E800181E82D30FCED800CBC46CD659AE2E0D972CA1381BD4C2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
21:56:08.0995 0x1488  KSecDD - ok
21:56:09.0050 0x1488  [ 3D4AE520CD6F6FFE549DD195C1F515BE, 2AD3E07F504CE50956C391FD4633D20B354A854C940B3563A67B79BB6E40218F ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
21:56:09.0087 0x1488  KSecPkg - ok
21:56:09.0109 0x1488  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
21:56:09.0113 0x1488  ksthunk - ok
21:56:09.0164 0x1488  [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm           C:\Windows\system32\msdtckrm.dll
21:56:09.0211 0x1488  KtmRm - ok
21:56:09.0258 0x1488  [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer    C:\Windows\system32\srvsvc.dll
21:56:09.0299 0x1488  LanmanServer - ok
21:56:09.0356 0x1488  [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:56:09.0401 0x1488  LanmanWorkstation - ok
21:56:09.0462 0x1488  [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc           C:\Windows\System32\GeofenceMonitorService.dll
21:56:09.0497 0x1488  lfsvc - ok
21:56:09.0525 0x1488  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
21:56:09.0528 0x1488  lltdio - ok
21:56:09.0557 0x1488  [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc         C:\Windows\System32\lltdsvc.dll
21:56:09.0580 0x1488  lltdsvc - ok
21:56:09.0612 0x1488  [ 4ACC60B4CBC911F3F34A1D66213BBBF5, C09A87ACAE0D41FD425BAF076FFE9B601DB89BB66199E5BD72FC59C6A8E449DB ] LMDriver        C:\Windows\System32\drivers\LMDriver.sys
21:56:09.0615 0x1488  LMDriver - ok
21:56:09.0647 0x1488  [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts         C:\Windows\System32\lmhsvc.dll
21:56:09.0652 0x1488  lmhosts - ok
21:56:09.0712 0x1488  [ 5059A4211317A8272F53B6179BB6A631, A2EB1BE89520A34597373635503A751B37B8EFD95820B4CAA1CE9A68A471AF73 ] LMSvc           C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMSvc.exe
21:56:09.0752 0x1488  LMSvc - ok
21:56:09.0782 0x1488  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
21:56:09.0788 0x1488  LSI_SAS - ok
21:56:09.0824 0x1488  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
21:56:09.0830 0x1488  LSI_SAS2 - ok
21:56:09.0849 0x1488  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\Windows\system32\drivers\lsi_sas3.sys
21:56:09.0853 0x1488  LSI_SAS3 - ok
21:56:09.0871 0x1488  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\Windows\system32\drivers\lsi_sss.sys
21:56:09.0875 0x1488  LSI_SSS - ok
21:56:09.0937 0x1488  [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM             C:\Windows\System32\lsm.dll
21:56:09.0986 0x1488  LSM - ok
21:56:10.0012 0x1488  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\Windows\system32\drivers\luafv.sys
21:56:10.0017 0x1488  luafv - ok
21:56:10.0075 0x1488  [ A0A527569856B9814E8920F52EBB67F5, 4347277C84B47E4CC048850BDEFB258CFB3B476AA99FD503FD71FBB70FFF5ACF ] LVRS64          C:\Windows\system32\DRIVERS\lvrs64.sys
21:56:10.0121 0x1488  LVRS64 - ok
21:56:10.0377 0x1488  [ 415E344294D1C0D04627B29146F68481, B4A1A05BDF07E8F226A98E51F62BE18BE2C046A084C495BD8A95CABC79FD0614 ] LVUVC64         C:\Windows\system32\DRIVERS\lvuvc64.sys
21:56:10.0617 0x1488  LVUVC64 - ok
21:56:10.0977 0x1488  [ 804E3246E3E73D4A936F2F4BCDC53A2D, BF1F9B4AC292238FA6EE541E325B220F311977F9D87D5BC7F90AD058FBF0B35A ] MBAMService     E:\Programme\Malwarebytes\Anti-Malware\mbamservice.exe
         

Alt 07.03.2017, 17:20   #7
BiAnka-LF
 
Trojan.Injector.MSIL in Quarantäne, trotzdem funktioniert Google Chrome nicht - Standard

KDSSKiller - Teil3



Code:
ATTFilter
21:56:11.0097 0x1488  MBAMService - ok
21:56:11.0156 0x1488  [ BDE2FC7213C0897524C1357BAAE30239, 1E1AB68145107429217E07A662477C86406E0188BE9F01CAC416AC13054D1A5E ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
21:56:11.0168 0x1488  MBAMSwissArmy - ok
21:56:11.0263 0x1488  [ 69F56C3A8A442A891FC5A274CE3BCBB2, 429E6A5D57975219D0893E48C1C25E88919D6BC0C37B8B560B2D2863A480C696 ] McAfee SiteAdvisor Service C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
21:56:11.0283 0x1488  McAfee SiteAdvisor Service - ok
21:56:11.0429 0x1488  [ 56A485A5B702DB8AB32122A2EAD2694E, 28BF10E3CA295246B6A133B3CBA4C84C7AF3726185916CBB26645184F8C5EE25 ] McAPExe         C:\Program Files\Common Files\McAfee\VSCore_15_6\McApExe.exe
21:56:11.0495 0x1488  McAPExe - ok
21:56:11.0553 0x1488  [ 7515D791E39C9D75714FFDB954D12494, 4B2568FB4C48F8F01FA3EE59116F669FD8FAF1AF427C9262E36491970AB1126D ] McBootDelayStartSvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
21:56:11.0572 0x1488  McBootDelayStartSvc - ok
21:56:11.0803 0x1488  [ 080B4F6A1A8ADB39852C3AE8602E2D85, 22AF98641807648B6E2FF0B76AFD009FDAB6BC086C7B16790AB7726B6A4A9476 ] mccspsvc        C:\Program Files\Common Files\McAfee\CSP\2.3.290.0\\McCSPServiceHost.exe
21:56:11.0913 0x1488  mccspsvc - ok
21:56:11.0970 0x1488  [ 7515D791E39C9D75714FFDB954D12494, 4B2568FB4C48F8F01FA3EE59116F669FD8FAF1AF427C9262E36491970AB1126D ] McMPFSvc        C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
21:56:11.0989 0x1488  McMPFSvc - ok
21:56:12.0017 0x1488  [ 7515D791E39C9D75714FFDB954D12494, 4B2568FB4C48F8F01FA3EE59116F669FD8FAF1AF427C9262E36491970AB1126D ] McNaiAnn        C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
21:56:12.0036 0x1488  McNaiAnn - ok
21:56:12.0213 0x1488  [ A50E64755DFC7777BA2AFA5AE53E9F01, 6A64EBA9307F8AADF723517950D4DB5AE0FCB2714ACC861E468CDBBF24FE39E8 ] McODS           C:\Program Files\McAfee\VirusScan\mcods.exe
21:56:12.0267 0x1488  McODS - ok
21:56:12.0297 0x1488  [ 7515D791E39C9D75714FFDB954D12494, 4B2568FB4C48F8F01FA3EE59116F669FD8FAF1AF427C9262E36491970AB1126D ] mcpltsvc        C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
21:56:12.0315 0x1488  mcpltsvc - ok
21:56:12.0344 0x1488  [ 7515D791E39C9D75714FFDB954D12494, 4B2568FB4C48F8F01FA3EE59116F669FD8FAF1AF427C9262E36491970AB1126D ] McProxy         C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
21:56:12.0363 0x1488  McProxy - ok
21:56:12.0398 0x1488  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\Windows\system32\drivers\megasas.sys
21:56:12.0402 0x1488  megasas - ok
21:56:12.0450 0x1488  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\Windows\system32\drivers\megasr.sys
21:56:12.0475 0x1488  megasr - ok
21:56:12.0546 0x1488  [ 6820218B1C5EE9037955B337CBB4142B, 85B12BABFFB371C9FF6A20EE795DD33CD8DD784D3CBCF2DEC65E57A3D45EC029 ] mfeaack         C:\Windows\system32\drivers\mfeaack.sys
21:56:12.0576 0x1488  mfeaack - ok
21:56:12.0608 0x1488  [ 2B1A0FF97C0E065CB83A9A897ECE9F15, 63A2CF428A3F315F9019B7C34E45AEE259BCD468D49B313A44961529581FE40D ] mfeavfk         C:\Windows\system32\drivers\mfeavfk.sys
21:56:12.0628 0x1488  mfeavfk - ok
21:56:12.0672 0x1488  [ FE970DF83C4E999998AB440ECAD7D0E7, 7394B5837C8F14A889DE228E7833C0F08FBFF8A40DCA9EA775ADB3A3D67E0178 ] mfeelamk        C:\Windows\system32\drivers\mfeelamk.sys
21:56:12.0678 0x1488  mfeelamk - ok
21:56:12.0716 0x1488  [ 313DA2DB8E3F908980FBEBC511F30A50, FA1D3F766DED7C4765AD51B985FD1E65C03315E9ED377BF0CEF14B8D01DC7B06 ] mfefire         C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
21:56:12.0747 0x1488  mfefire - ok
21:56:12.0814 0x1488  [ 472EC3FF35A7D038155F189EC62E2F72, B97E6792FB7FFF7DF356F44955DD733009D900859247F8E4CA06844E2DB9C9CB ] mfefirek        C:\Windows\system32\drivers\mfefirek.sys
21:56:12.0852 0x1488  mfefirek - ok
21:56:12.0949 0x1488  [ F11A7C2408C4691137E33D82F61221BC, 706DC1AD05245246740CC9572700F65675276E7D550648B4DDDC6BFEFC2272CF ] mfehidk         C:\Windows\system32\drivers\mfehidk.sys
21:56:13.0007 0x1488  mfehidk - ok
21:56:13.0079 0x1488  [ A185B311B7053F8E9313C835D654862E, 79DA7726F887B82E98F6245B840144202D2B0CE811863DCDCE42F1912FBF6545 ] mfemms          C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe
21:56:13.0132 0x1488  mfemms - ok
21:56:13.0237 0x1488  [ 261B1A6F691FEBC2F34057BF72010CD9, 589A18AD1C74B1766EB08D9EA5AA46224964D54A50EA7A485660C65A8CA7AEBE ] mfencbdc        C:\Windows\system32\DRIVERS\mfencbdc.sys
21:56:13.0277 0x1488  mfencbdc - ok
21:56:13.0317 0x1488  [ 54A804B0A4E77542D2E7331F593137C3, B9C8B94D7C22B28CF8E5AADB088510D92C73154A48A51F220B4375C51DE829BE ] mfencrk         C:\Windows\system32\DRIVERS\mfencrk.sys
21:56:13.0324 0x1488  mfencrk - ok
21:56:13.0357 0x1488  [ 7C2C87D65568F9276100E99B9D225DC4, B2AEC1D5DC528E075F80B6242907C5D2E9A0C82DB59E0FE1114E31E4D90A4533 ] mfeplk          C:\Windows\system32\drivers\mfeplk.sys
21:56:13.0365 0x1488  mfeplk - ok
21:56:13.0430 0x1488  [ DA49A90A69B3284FD11B6F02D0209A99, 759380964E6450FF21FB9A2BD23BA0394B005EC332E714D40D47262FCDC6CFE9 ] mfesapsn        C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys
21:56:13.0440 0x1488  mfesapsn - ok
21:56:13.0513 0x1488  [ BF65650E76D1DB5D49D0C15B79419C34, 106339F6968A33020DA3C56F31A9750DB588518C5DBCDED20A31B300905B90AF ] mfevtp          C:\Windows\system32\mfevtps.exe
21:56:13.0562 0x1488  mfevtp - ok
21:56:13.0638 0x1488  [ 798D11CE31982A628DB55AF6A1B499FD, E6A69F45218645BF2193206FF0797E19E6BA37AC5D123762E57C8A77CE11FA6E ] mfewfpk         C:\Windows\system32\drivers\mfewfpk.sys
21:56:13.0679 0x1488  mfewfpk - ok
21:56:13.0724 0x1488  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS           C:\Windows\system32\mmcss.dll
21:56:13.0735 0x1488  MMCSS - ok
21:56:13.0764 0x1488  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\Windows\system32\drivers\modem.sys
21:56:13.0769 0x1488  Modem - ok
21:56:13.0909 0x1488  [ A33B71D493BA379312B176A27FB5B085, 81A4D286BAB7A51F56AD23610A2F3137BAAFC94FBCF5F3341DF136F0EEBA99D8 ] ModuleCoreService C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
21:56:13.0950 0x1488  ModuleCoreService - ok
21:56:13.0969 0x1488  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\Windows\System32\drivers\monitor.sys
21:56:13.0971 0x1488  monitor - ok
21:56:13.0991 0x1488  [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass        C:\Windows\System32\drivers\mouclass.sys
21:56:13.0994 0x1488  mouclass - ok
21:56:14.0015 0x1488  [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid          C:\Windows\System32\drivers\mouhid.sys
21:56:14.0018 0x1488  mouhid - ok
21:56:14.0062 0x1488  [ 24DABC0A77FAFDC0E379AB3B30F61BB6, E66624ABBF1D742879035F9161F9D3713DE7B759B3D3CF8B96C9E397A02FCF82 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
21:56:14.0070 0x1488  mountmgr - ok
21:56:14.0115 0x1488  [ 0DE2474F316C515482ABAD3B697F8714, 62862AE7432F5350068E96AD466093359C6CF444EB517AE6D09134FAF78C49F5 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:56:14.0136 0x1488  MozillaMaintenance - ok
21:56:14.0176 0x1488  [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
21:56:14.0183 0x1488  mpsdrv - ok
21:56:14.0290 0x1488  [ D1418745A5472F3930A288E05B9E2C05, 95785F0FA7EE239459C0288DB37E9E54648029FD6FE45A61E6343526D67FFA32 ] MpsSvc          C:\Windows\system32\mpssvc.dll
21:56:14.0342 0x1488  MpsSvc - ok
21:56:14.0399 0x1488  [ 3F818C1518DA702C8F10259095C9BDE0, B98C1A6F9A3C01A10503B2B2C45CC89AFF17B346B15990F4DB4820F68BDC62C8 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
21:56:14.0411 0x1488  MRxDAV - ok
21:56:14.0455 0x1488  [ C3B0566DE49265AE98405825938C20A1, F8BCA4A5AF21B841C998D4772DA9FF84E45F1356AA1285A1D48C06574A81CA4C ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
21:56:14.0471 0x1488  mrxsmb - ok
21:56:14.0532 0x1488  [ 15D7AF1A26CCEBA32DF21A8E2098F463, 84390806AD3A9651DAB803E9257EEE851B898ED2AB56D8936E8C9F6B41967243 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:56:14.0566 0x1488  mrxsmb10 - ok
21:56:14.0656 0x1488  [ 0790EEB1EC199F8BE8259E47B373ED23, F9330F43B40675CCB60804182EF04BFBA3837ED14C798788A4B27D65A646D1C7 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:56:14.0704 0x1488  mrxsmb20 - ok
21:56:14.0755 0x1488  [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge        C:\Windows\system32\DRIVERS\bridge.sys
21:56:14.0766 0x1488  MsBridge - ok
21:56:14.0821 0x1488  [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC           C:\Windows\System32\msdtc.exe
21:56:14.0835 0x1488  MSDTC - ok
21:56:14.0871 0x1488  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\Windows\system32\drivers\Msfs.sys
21:56:14.0875 0x1488  Msfs - ok
21:56:14.0893 0x1488  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\Windows\System32\drivers\msgpiowin32.sys
21:56:14.0896 0x1488  msgpiowin32 - ok
21:56:14.0918 0x1488  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
21:56:14.0919 0x1488  mshidkmdf - ok
21:56:14.0928 0x1488  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\Windows\System32\drivers\mshidumdf.sys
21:56:14.0930 0x1488  mshidumdf - ok
21:56:14.0958 0x1488  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
21:56:14.0960 0x1488  msisadrv - ok
21:56:14.0996 0x1488  [ A06142B3850B06972F1C89748FAA2C02, B1CCC5C8D100FEB384FCC85FED2A77F47DA4C9BA5F6889A130F4D73E30ACAA78 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
21:56:15.0009 0x1488  MSiSCSI - ok
21:56:15.0027 0x1488  msiserver - ok
21:56:15.0081 0x1488  [ 7515D791E39C9D75714FFDB954D12494, 4B2568FB4C48F8F01FA3EE59116F669FD8FAF1AF427C9262E36491970AB1126D ] MSK80Service    C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
21:56:15.0103 0x1488  MSK80Service - ok
21:56:15.0122 0x1488  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
21:56:15.0124 0x1488  MSKSSRV - ok
21:56:15.0163 0x1488  [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp          C:\Windows\system32\DRIVERS\mslldp.sys
21:56:15.0168 0x1488  MsLldp - ok
21:56:15.0190 0x1488  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
21:56:15.0193 0x1488  MSPCLOCK - ok
21:56:15.0209 0x1488  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
21:56:15.0211 0x1488  MSPQM - ok
21:56:15.0248 0x1488  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
21:56:15.0279 0x1488  MsRPC - ok
21:56:15.0305 0x1488  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\Windows\System32\drivers\mssmbios.sys
21:56:15.0308 0x1488  mssmbios - ok
21:56:15.0331 0x1488  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
21:56:15.0333 0x1488  MSTEE - ok
21:56:15.0357 0x1488  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\Windows\System32\drivers\MTConfig.sys
21:56:15.0360 0x1488  MTConfig - ok
21:56:15.0406 0x1488  [ 438EA7A2D8D4F9B8AFB64748ACA70BA8, AEEB7B657B645C4006C6D5E8D07ECE581DEE7AD22EA1A587C552574990CF091B ] Mup             C:\Windows\system32\Drivers\mup.sys
21:56:15.0417 0x1488  Mup - ok
21:56:15.0445 0x1488  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\Windows\system32\drivers\mvumis.sys
21:56:15.0450 0x1488  mvumis - ok
21:56:15.0531 0x1488  [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent        C:\Windows\system32\qagentRT.dll
21:56:15.0566 0x1488  napagent - ok
21:56:15.0634 0x1488  [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
21:56:15.0664 0x1488  NativeWifiP - ok
21:56:15.0712 0x1488  [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc          C:\Windows\System32\ncasvc.dll
21:56:15.0724 0x1488  NcaSvc - ok
21:56:15.0764 0x1488  [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService      C:\Windows\System32\ncbservice.dll
21:56:15.0776 0x1488  NcbService - ok
21:56:15.0803 0x1488  [ 0813B71EAF097208DC76CE0605B48AF0, A93A2E6A8FB77B58AC4D580E6F8BF307A25BADC9493994F9BE235EBFB0E1DB22 ] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll
21:56:15.0811 0x1488  NcdAutoSetup - ok
21:56:15.0904 0x1488  [ 97DC5967F65503213FD1F1B3E4A6F983, 3EC515856C7CE9B30032F963DC04190F66EE62402A819781DC45B7D088C84229 ] NDIS            C:\Windows\system32\drivers\ndis.sys
21:56:15.0949 0x1488  NDIS - ok
21:56:15.0985 0x1488  [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
21:56:15.0987 0x1488  NdisCap - ok
21:56:16.0030 0x1488  [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform  C:\Windows\system32\DRIVERS\NdisImPlatform.sys
21:56:16.0047 0x1488  NdisImPlatform - ok
21:56:16.0087 0x1488  [ F6CAD1FD269E8FFE4DACF0F7A653CB02, 46476469CE07348EA69202E954D969A899553A93B7B224E09882564811DD48BF ] ndisrd          C:\Windows\system32\DRIVERS\ndisrfl.sys
21:56:16.0092 0x1488  ndisrd - ok
21:56:16.0129 0x1488  [ 82821F4EEC776B4CF11695A38F3ABA46, 23184F9D31E662855DC4D23EFE7C2FE00E5487D3762B6024704A5D8C87762E1C ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
21:56:16.0133 0x1488  NdisTapi - ok
21:56:16.0183 0x1488  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
21:56:16.0196 0x1488  Ndisuio - ok
21:56:16.0230 0x1488  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\Windows\System32\drivers\NdisVirtualBus.sys
21:56:16.0234 0x1488  NdisVirtualBus - ok
21:56:16.0290 0x1488  [ C3755FCF9A0B5C6FE8ED9E873B85D3CE, 4D3DAFAFA5FB2930522D6DA536E3A731BABE0C24613C190D2330DB415D1A6515 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
21:56:16.0330 0x1488  NdisWan - ok
21:56:16.0360 0x1488  [ C3755FCF9A0B5C6FE8ED9E873B85D3CE, 4D3DAFAFA5FB2930522D6DA536E3A731BABE0C24613C190D2330DB415D1A6515 ] NdisWanLegacy   C:\Windows\system32\DRIVERS\ndiswan.sys
21:56:16.0373 0x1488  NdisWanLegacy - ok
21:56:16.0413 0x1488  [ DDD7F92A83F74D1476B71FBA9530A8DC, D3F94FC9F48854E09B0B77CE5E1C1DB948D54EAC63C5583437051BB893B5A386 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
21:56:16.0422 0x1488  NDProxy - ok
21:56:16.0482 0x1488  [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu             C:\Windows\system32\drivers\Ndu.sys
21:56:16.0501 0x1488  Ndu - ok
21:56:16.0542 0x1488  [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\System32\HPZinw12.dll
21:56:16.0551 0x1488  Net Driver HPZ12 - ok
21:56:16.0582 0x1488  [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
21:56:16.0586 0x1488  NetBIOS - ok
21:56:16.0658 0x1488  [ 9DC17B7D9D84C37C102D379FCC7D4942, D522022ED4395686837E96F57EE29F8065FB749D1195B60D2A406FB33F696C09 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
21:56:16.0699 0x1488  NetBT - ok
21:56:16.0730 0x1488  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon        C:\Windows\system32\lsass.exe
21:56:16.0738 0x1488  Netlogon - ok
21:56:16.0798 0x1488  [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman          C:\Windows\System32\netman.dll
21:56:16.0842 0x1488  Netman - ok
21:56:16.0936 0x1488  [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm        C:\Windows\System32\netprofmsvc.dll
21:56:16.0975 0x1488  netprofm - ok
21:56:17.0009 0x1488  [ 87CFE8B5238A976E222B71572EA974BF, D54E087673E4BD40E45763AB3C199804E4B25EAFBB511301A177480F299D6539 ] NetTap630       C:\Windows\system32\DRIVERS\nettap630.sys
21:56:17.0014 0x1488  NetTap630 - ok
21:56:17.0117 0x1488  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:56:17.0175 0x1488  NetTcpPortSharing - ok
21:56:17.0220 0x1488  [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc          C:\Windows\System32\drivers\netvsc63.sys
21:56:17.0234 0x1488  netvsc - ok
21:56:17.0301 0x1488  [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc          C:\Windows\System32\nlasvc.dll
21:56:17.0351 0x1488  NlaSvc - ok
21:56:17.0386 0x1488  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
21:56:17.0391 0x1488  Npfs - ok
21:56:17.0423 0x1488  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\Windows\System32\drivers\npsvctrig.sys
21:56:17.0428 0x1488  npsvctrig - ok
21:56:17.0465 0x1488  [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi             C:\Windows\system32\nsisvc.dll
21:56:17.0474 0x1488  nsi - ok
21:56:17.0511 0x1488  [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
21:56:17.0515 0x1488  nsiproxy - ok
21:56:17.0666 0x1488  [ 9980B262DBE439AE6BDC91AA985F19EE, E998E4CAE9CD103ADA9CA3C737C4DAD017D056828BFA42A41C7B4E4E108FB13C ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
21:56:17.0780 0x1488  Ntfs - ok
21:56:17.0809 0x1488  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\Windows\system32\drivers\Null.sys
21:56:17.0811 0x1488  Null - ok
21:56:17.0839 0x1488  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
21:56:17.0847 0x1488  nvraid - ok
21:56:17.0865 0x1488  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
21:56:17.0873 0x1488  nvstor - ok
21:56:17.0897 0x1488  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
21:56:17.0902 0x1488  nv_agp - ok
21:56:18.0038 0x1488  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
21:56:18.0069 0x1488  p2pimsvc - ok
21:56:18.0224 0x1488  [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc          C:\Windows\system32\p2psvc.dll
21:56:18.0279 0x1488  p2psvc - ok
21:56:18.0344 0x1488  [ 57DCE4FB0467986AE78E1C6FC5240D32, F7F3ADD1B48E4D6BB0A664A2FE556F71ED7453054B4FB667A29BE050C845045B ] Parport         C:\Windows\System32\drivers\parport.sys
21:56:18.0355 0x1488  Parport - ok
21:56:18.0414 0x1488  [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
21:56:18.0426 0x1488  partmgr - ok
21:56:18.0618 0x1488  [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc          C:\Windows\System32\pcasvc.dll
21:56:18.0648 0x1488  PcaSvc - ok
21:56:18.0765 0x1488  [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci             C:\Windows\system32\drivers\pci.sys
21:56:18.0800 0x1488  pci - ok
21:56:19.0122 0x1488  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\Windows\system32\drivers\pciide.sys
21:56:19.0130 0x1488  pciide - ok
21:56:19.0185 0x1488  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
21:56:19.0200 0x1488  pcmcia - ok
21:56:19.0233 0x1488  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\Windows\system32\drivers\pcw.sys
21:56:19.0239 0x1488  pcw - ok
21:56:19.0272 0x1488  [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc             C:\Windows\system32\drivers\pdc.sys
21:56:19.0279 0x1488  pdc - ok
21:56:19.0335 0x1488  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
21:56:19.0387 0x1488  PEAUTH - ok
21:56:19.0560 0x1488  [ 028362370BEEBADACC881E3D4956E236, D641E431F8B41218E92C0F02A3FE9897B09E116AC8222DC0E7C4994BC0CEEA2F ] PEFService      C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
21:56:19.0592 0x1488  PEFService - ok
21:56:19.0666 0x1488  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\Windows\SysWow64\perfhost.exe
21:56:19.0671 0x1488  PerfHost - ok
21:56:19.0856 0x1488  [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla             C:\Windows\system32\pla.dll
21:56:19.0972 0x1488  pla - ok
21:56:20.0020 0x1488  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
21:56:20.0032 0x1488  PlugPlay - ok
21:56:20.0072 0x1488  [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\Windows\System32\HPZipm12.dll
21:56:20.0089 0x1488  Pml Driver HPZ12 - ok
21:56:20.0128 0x1488  [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
21:56:20.0136 0x1488  PNRPAutoReg - ok
21:56:20.0183 0x1488  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
21:56:20.0200 0x1488  PNRPsvc - ok
21:56:20.0253 0x1488  [ 0FF8507A8B901B904E98EB36B9E347EE, FE4A9A6159A8490F3155D166656748722EFDEDCDC447C09155A5AD6D9F5D294D ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
21:56:20.0282 0x1488  PolicyAgent - ok
21:56:20.0312 0x1488  [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power           C:\Windows\system32\umpo.dll
21:56:20.0321 0x1488  Power - ok
21:56:20.0544 0x1488  [ F6EA63145C20A23732AD2CA1EBA65FA1, 0DD1164D37C1500258E9CCCE458778A3DA196D9A65919B2672E3C88383068F52 ] PrintNotify     C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
21:56:20.0694 0x1488  PrintNotify - ok
21:56:20.0731 0x1488  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\Windows\System32\drivers\processr.sys
21:56:20.0736 0x1488  Processor - ok
21:56:20.0783 0x1488  [ 6E409D818C6B342544EAE741B1422B85, B4ADFB7809FC42C432C984C3AC13FAFD1B7AD53BCC7FB16E86371DE4C829DD1A ] ProfSvc         C:\Windows\system32\profsvc.dll
21:56:20.0795 0x1488  ProfSvc - ok
21:56:20.0832 0x1488  [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
21:56:20.0839 0x1488  Psched - ok
21:56:20.0933 0x1488  [ 2ACAB8C99FFCB2555A5979944D26EB50, BA0543FEBFCB50A7A379D695F110DB0C6CB5AA299D3C517FE270635044F00BFA ] QASvc           C:\Program Files\Packard Bell\Packard Bell Quick Access\QASvc.exe
21:56:20.0973 0x1488  QASvc - ok
21:56:21.0029 0x1488  [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE           C:\Windows\system32\qwave.dll
21:56:21.0057 0x1488  QWAVE - ok
21:56:21.0096 0x1488  [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
21:56:21.0102 0x1488  QWAVEdrv - ok
21:56:21.0125 0x1488  [ 6A52182919E25FB56D253D389F92CE98, AE6497D5CF324CB813248ADECB0F53E5CB3D6C326774E2257319E4CE7782C591 ] RadioShim       C:\Windows\System32\drivers\RadioShim.sys
21:56:21.0128 0x1488  RadioShim - ok
21:56:21.0167 0x1488  [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
21:56:21.0170 0x1488  RasAcd - ok
21:56:21.0223 0x1488  [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto         C:\Windows\System32\rasauto.dll
21:56:21.0243 0x1488  RasAuto - ok
21:56:21.0336 0x1488  [ 15C0034561FE5B03FA376F1A6232478B, 0F9B5C2BD7D8803FF3C5ED957D3F0859F2A59B74510E4659FBF05EDCBF230208 ] RasMan          C:\Windows\System32\rasmans.dll
21:56:21.0379 0x1488  RasMan - ok
21:56:21.0410 0x1488  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
21:56:21.0414 0x1488  RasPppoe - ok
21:56:21.0480 0x1488  [ D67ED4AB59D1EF66B05AD1A81AC28B26, 72E750A9A6B484D8BEDE52FA6DABEF4D95765DE491152E1F6C856D0590B50C28 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
21:56:21.0511 0x1488  rdbss - ok
21:56:21.0527 0x1488  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\Windows\System32\drivers\rdpbus.sys
21:56:21.0530 0x1488  rdpbus - ok
21:56:21.0552 0x1488  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
21:56:21.0560 0x1488  RDPDR - ok
21:56:21.0595 0x1488  [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
21:56:21.0597 0x1488  RdpVideoMiniport - ok
21:56:21.0632 0x1488  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
21:56:21.0654 0x1488  rdyboost - ok
21:56:21.0746 0x1488  [ 2D39BCFA4DD1081B8F282B623456B858, DD8C433B66B6661F4DBD1784CBD334441B508BE84932DD443F7AD51CEA192BA9 ] ReFS            C:\Windows\system32\drivers\ReFS.sys
21:56:21.0789 0x1488  ReFS - ok
21:56:21.0830 0x1488  [ DF78648AC3C8DC9D70E6714AF785382F, 56E104939ED0AB5B26AE07BAB1BBB7D15828DBD3A2AD35361423D7ADDA4BA551 ] RemoteAccess    C:\Windows\System32\mprdim.dll
21:56:21.0841 0x1488  RemoteAccess - ok
21:56:21.0896 0x1488  [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
21:56:21.0909 0x1488  RemoteRegistry - ok
21:56:21.0947 0x1488  [ DC66AE45816614D2999DCD3834DCCC4E, 1C26225135E851DDD1307F52401DD7055B26B3F3B8FDD693B21042C2896E235A ] RFCOMM          C:\Windows\System32\drivers\rfcomm.sys
21:56:21.0958 0x1488  RFCOMM - ok
21:56:22.0068 0x1488  [ 41DDCF1ADD1FB7DE23DCF671740DDBE6, 87ECB5C883CEFF76D126A5B4D92E069C9298FA5B62CC981870F9ECCA13C074F1 ] RichVideo       C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
21:56:22.0114 0x1488  RichVideo - ok
21:56:22.0172 0x1488  [ 858DB87C457D2B44DDEF876B170AAACE, E59D06DCBD94573A89D98B58C46A3DA0AD115831D2A0FBD2F7940A6694504A28 ] RMSvc           C:\Program Files\Packard Bell\Packard Bell Quick Access\RMSvc.exe
21:56:22.0201 0x1488  RMSvc - ok
21:56:22.0235 0x1488  [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
21:56:22.0246 0x1488  RpcEptMapper - ok
21:56:22.0280 0x1488  [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator      C:\Windows\system32\locator.exe
21:56:22.0284 0x1488  RpcLocator - ok
21:56:22.0357 0x1488  [ 7830CEA509693DE0817DF2F3F2D80E89, 7B1786CD225E2D6BCFA484D0BFB81DD162D5713EAEC80C53317CC6950E3D17F3 ] RpcSs           C:\Windows\system32\rpcss.dll
21:56:22.0383 0x1488  RpcSs - ok
21:56:22.0421 0x1488  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
21:56:22.0426 0x1488  rspndr - ok
21:56:22.0483 0x1488  [ BCDE27DA663D2F1BE1EA262F2BFDA8D0, 07744F83C41503D8C948E8D8569628C7C9D283EBA3C20CB63BC81123812A0A25 ] RSUSBVSTOR      C:\Windows\System32\Drivers\RtsUVStor.sys
21:56:22.0533 0x1488  RSUSBVSTOR - ok
21:56:22.0610 0x1488  [ D5C3918E3EF787A41172B8E5348247F0, 033E5E6037CDFE65D26AD834ACD2B652EEED66BA48753F7B319C9FD41CE4F180 ] RTL8168         C:\Windows\system32\DRIVERS\Rt630x64.sys
21:56:22.0646 0x1488  RTL8168 - ok
21:56:22.0666 0x1488  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\Windows\System32\drivers\vms3cap.sys
21:56:22.0668 0x1488  s3cap - ok
21:56:22.0695 0x1488  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs           C:\Windows\system32\lsass.exe
21:56:22.0699 0x1488  SamSs - ok
21:56:22.0721 0x1488  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
21:56:22.0726 0x1488  sbp2port - ok
21:56:22.0758 0x1488  [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
21:56:22.0768 0x1488  SCardSvr - ok
21:56:22.0805 0x1488  [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum    C:\Windows\System32\ScDeviceEnum.dll
21:56:22.0822 0x1488  ScDeviceEnum - ok
21:56:22.0860 0x1488  [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
21:56:22.0865 0x1488  scfilter - ok
21:56:22.0990 0x1488  [ 3151A020E03DDE31AAC49F35C5EFB4DB, 5ABB1103009979F86C862357E28F37C2744979F2C99F7CF6ABB4EB1B8416B3F6 ] Schedule        C:\Windows\system32\schedsvc.dll
21:56:23.0066 0x1488  Schedule - ok
21:56:23.0101 0x1488  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc     C:\Windows\System32\certprop.dll
21:56:23.0107 0x1488  SCPolicySvc - ok
21:56:23.0153 0x1488  [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus           C:\Windows\System32\drivers\sdbus.sys
21:56:23.0164 0x1488  sdbus - ok
21:56:23.0197 0x1488  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\Windows\System32\drivers\sdstor.sys
21:56:23.0203 0x1488  sdstor - ok
21:56:23.0240 0x1488  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
21:56:23.0243 0x1488  secdrv - ok
21:56:23.0284 0x1488  [ 6627154693B6C2B8A59727F5B38728E8, F08251EE3436400295F120D48F3763E6F11BBF4132D674AD3E8112B6B3538455 ] seclogon        C:\Windows\system32\seclogon.dll
21:56:23.0297 0x1488  seclogon - ok
21:56:23.0353 0x1488  [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS            C:\Windows\System32\sens.dll
21:56:23.0375 0x1488  SENS - ok
21:56:23.0459 0x1488  [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
21:56:23.0502 0x1488  SensrSvc - ok
21:56:23.0536 0x1488  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\Windows\system32\drivers\SerCx.sys
21:56:23.0542 0x1488  SerCx - ok
21:56:23.0575 0x1488  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\Windows\system32\drivers\SerCx2.sys
21:56:23.0584 0x1488  SerCx2 - ok
21:56:23.0624 0x1488  [ 1F0135949A6AD6025F363F80FE268251, DB2D503863143F2251E589F7B0B3E9FBF997D7333D54C55856590B5080B5513D ] Serenum         C:\Windows\System32\drivers\serenum.sys
21:56:23.0628 0x1488  Serenum - ok
21:56:23.0646 0x1488  [ 81633C87B42B63BA484A6177179AC750, A22BA40E9EC74E88D8098CBDC954E1D63B832FCB789E3C7B731DE5DA39BEE2CA ] Serial          C:\Windows\System32\drivers\serial.sys
21:56:23.0652 0x1488  Serial - ok
21:56:23.0685 0x1488  [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse        C:\Windows\System32\drivers\sermouse.sys
21:56:23.0688 0x1488  sermouse - ok
21:56:23.0750 0x1488  [ 389458EA0B5FAEBA325FAC47B9ED589E, F7F37A1F1E912069F65E4629FF733F080AE675DF6FE255AF48F5E23EB47D0622 ] SessionEnv      C:\Windows\system32\sessenv.dll
21:56:23.0798 0x1488  SessionEnv - ok
21:56:23.0834 0x1488  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\Windows\System32\drivers\sfloppy.sys
21:56:23.0837 0x1488  sfloppy - ok
21:56:23.0915 0x1488  [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess    C:\Windows\System32\ipnathlp.dll
21:56:23.0981 0x1488  SharedAccess - ok
21:56:24.0079 0x1488  [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:56:24.0112 0x1488  ShellHWDetection - ok
21:56:24.0146 0x1488  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
21:56:24.0149 0x1488  SiSRaid2 - ok
21:56:24.0166 0x1488  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
21:56:24.0170 0x1488  SiSRaid4 - ok
21:56:24.0221 0x1488  [ B72B80E6FF423C5011E745CB76DA9A08, 18A6B9D46E91AD4D463EB5CB832702392D2E162577F90C328B515FCE69FABD15 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
21:56:24.0241 0x1488  SkypeUpdate - ok
21:56:24.0267 0x1488  [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost         C:\Windows\System32\smphost.dll
21:56:24.0272 0x1488  smphost - ok
21:56:24.0317 0x1488  [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
21:56:24.0322 0x1488  SNMPTRAP - ok
21:56:24.0402 0x1488  [ 546B88E6906EE9813EFE314DC95E3488, FC172C2DCC7ACDBBC9CE07CFCBAEDFAEAD2641A037E126174525DBE8BA660CC4 ] spaceport       C:\Windows\system32\drivers\spaceport.sys
21:56:24.0426 0x1488  spaceport - ok
21:56:24.0443 0x1488  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\Windows\system32\drivers\SpbCx.sys
21:56:24.0447 0x1488  SpbCx - ok
21:56:24.0522 0x1488  [ FCB156A6745631A67DEA61827061D483, 9275ABFA1E1E595969A71C0DA228D18D1B868BF46E097E1276142BD80F8A32C9 ] Spooler         C:\Windows\System32\spoolsv.exe
21:56:24.0574 0x1488  Spooler - ok
21:56:24.0893 0x1488  [ F264662C057A54AA2DE41B3C7551712F, 2C123C6ACD967CDF1AD2855187CF3D8357B16A4FD9C2F18AE54CFA384165FA11 ] sppsvc          C:\Windows\system32\sppsvc.exe
21:56:25.0077 0x1488  sppsvc - ok
21:56:25.0088 0x1488  Object required for P2P: [ F264662C057A54AA2DE41B3C7551712F ] sppsvc
21:56:25.0314 0x1488  Object send P2P result: true
21:56:25.0384 0x1488  [ 36B082C7A764A34FB1DC72D975870B61, 572CB632D9FDC1183F7BF8BFCBC51765C647945E0C13D1C91ADE3D0E76DF83BC ] srv             C:\Windows\system32\DRIVERS\srv.sys
21:56:25.0405 0x1488  srv - ok
21:56:25.0446 0x1488  [ F5849909D4B29B4E3D4445F943E5C7E3, 3FCA1423753716FE1AFDD27EE1E13C4D779A3C976185B5C998EF1A9A39BFC186 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
21:56:25.0479 0x1488  srv2 - ok
21:56:25.0521 0x1488  [ FABC49666708EA562549E78E6FBF3191, BE1FEBFC259308B39C727915C41A67CD50720A6E2A68D148F4F2F926AED43B02 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
21:56:25.0530 0x1488  srvnet - ok
21:56:25.0579 0x1488  [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
21:56:25.0591 0x1488  SSDPSRV - ok
21:56:25.0634 0x1488  [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
21:56:25.0646 0x1488  SstpSvc - ok
21:56:25.0693 0x1488  [ D08FFE34AF5B7AC5F69EEA1E0E8C6ECE, CC43752CE5C879E24229C84443DBEE667CE629ECF992AD0D42F0F77FE04F6751 ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
21:56:25.0700 0x1488  ssudmdm - ok
21:56:25.0721 0x1488  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
21:56:25.0724 0x1488  stexstor - ok
21:56:25.0778 0x1488  [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc          C:\Windows\System32\wiaservc.dll
21:56:25.0812 0x1488  stisvc - ok
21:56:25.0829 0x1488  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\Windows\system32\drivers\storahci.sys
21:56:25.0833 0x1488  storahci - ok
21:56:25.0860 0x1488  [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
21:56:25.0863 0x1488  storflt - ok
21:56:25.0908 0x1488  [ 0EDD1F4D470C775740625B06A60C9DD5, 94964D0A793B1C984E87095249EE383A5E669D05BA6BF9F655587887E6CE3C19 ] stornvme        C:\Windows\system32\drivers\stornvme.sys
21:56:25.0913 0x1488  stornvme - ok
21:56:25.0942 0x1488  [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc         C:\Windows\system32\storsvc.dll
21:56:25.0949 0x1488  StorSvc - ok
21:56:25.0978 0x1488  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\Windows\system32\drivers\storvsc.sys
21:56:25.0983 0x1488  storvsc - ok
21:56:26.0024 0x1488  [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc           C:\Windows\system32\svsvc.dll
21:56:26.0032 0x1488  svsvc - ok
21:56:26.0067 0x1488  [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum          C:\Windows\System32\drivers\swenum.sys
21:56:26.0070 0x1488  swenum - ok
21:56:26.0192 0x1488  [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv           C:\Windows\System32\swprv.dll
21:56:26.0239 0x1488  swprv - ok
21:56:26.0364 0x1488  [ 7E85DB0463AD2403AE84AD162B162279, 996C42ECAFC6E24C623068AFAFCC0A2612526333AF9315F7536C6D40C2570632 ] SysMain         C:\Windows\system32\sysmain.dll
21:56:26.0416 0x1488  SysMain - ok
21:56:26.0464 0x1488  [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
21:56:26.0492 0x1488  SystemEventsBroker - ok
21:56:26.0529 0x1488  [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:56:26.0542 0x1488  TabletInputService - ok
21:56:26.0598 0x1488  [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv         C:\Windows\System32\tapisrv.dll
21:56:26.0672 0x1488  TapiSrv - ok
21:56:26.0851 0x1488  [ 2F10C145F517419E17203632FCDA0A13, 143F5837AE79E3EDB98F17A4661ECD5BCBFEB317077286B51E765560339B53A8 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
21:56:27.0018 0x1488  Tcpip - ok
21:56:27.0110 0x1488  [ 2F10C145F517419E17203632FCDA0A13, 143F5837AE79E3EDB98F17A4661ECD5BCBFEB317077286B51E765560339B53A8 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
21:56:27.0179 0x1488  TCPIP6 - ok
21:56:27.0221 0x1488  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
21:56:27.0224 0x1488  tcpipreg - ok
21:56:27.0276 0x1488  [ E0BD2D83875464FEEEB242CBA8B7E073, A3067165128F36035FA9F3CBA55CFED736E180C495497FA7332B3D97908C3D90 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
21:56:27.0291 0x1488  tdx - ok
21:56:27.0323 0x1488  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\Windows\System32\drivers\terminpt.sys
21:56:27.0328 0x1488  terminpt - ok
21:56:27.0459 0x1488  [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService     C:\Windows\System32\termsrv.dll
21:56:27.0516 0x1488  TermService - ok
21:56:27.0548 0x1488  [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes          C:\Windows\system32\themeservice.dll
21:56:27.0553 0x1488  Themes - ok
21:56:27.0581 0x1488  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER     C:\Windows\system32\mmcss.dll
21:56:27.0585 0x1488  THREADORDER - ok
21:56:27.0632 0x1488  [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker      C:\Windows\System32\TimeBrokerServer.dll
21:56:27.0658 0x1488  TimeBroker - ok
21:56:27.0704 0x1488  [ 80A2FC1A089A71F2DBE5D8394FFB009F, DEA30E751F6EA42E43E16869713FC7E37832B15DAFA0062B1798DFA476981385 ] TPM             C:\Windows\system32\drivers\tpm.sys
21:56:27.0717 0x1488  TPM - ok
21:56:27.0755 0x1488  [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks          C:\Windows\System32\trkwks.dll
21:56:27.0767 0x1488  TrkWks - ok
21:56:27.0822 0x1488  [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:56:27.0831 0x1488  TrustedInstaller - ok
21:56:27.0867 0x1488  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
21:56:27.0872 0x1488  TsUsbFlt - ok
21:56:27.0917 0x1488  [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD         C:\Windows\System32\drivers\TsUsbGD.sys
21:56:27.0921 0x1488  TsUsbGD - ok
21:56:27.0961 0x1488  [ E85916632CD3B9E9B546968DB950BF42, DECE3852C763CC6293C7D1B772296C43A0AE1E47BBCC4979C96B3B2AD70413F3 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
21:56:27.0971 0x1488  tunnel - ok
21:56:28.0006 0x1488  [ E624283C1A2F9BB4688A002914CC00A7, B6908C1FFDD6BCFFC5C2FC0C429FC3E237E340F891F80CFD737BE41E5EF7E328 ] TXEIx64         C:\Windows\System32\drivers\TXEIx64.sys
21:56:28.0011 0x1488  TXEIx64 - ok
21:56:28.0041 0x1488  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
21:56:28.0046 0x1488  uagp35 - ok
21:56:28.0071 0x1488  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\Windows\System32\drivers\uaspstor.sys
21:56:28.0080 0x1488  UASPStor - ok
21:56:28.0128 0x1488  [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000        C:\Windows\System32\drivers\ucx01000.sys
21:56:28.0143 0x1488  UCX01000 - ok
21:56:28.0180 0x1488  [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
21:56:28.0215 0x1488  udfs - ok
21:56:28.0237 0x1488  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\Windows\System32\drivers\UEFI.sys
21:56:28.0239 0x1488  UEFI - ok
21:56:28.0312 0x1488  [ EE33325429532937D51AC3F54DC93589, D861B541E42F41EDC69A2A3B44860E40164D797D11B4343495DE6281D33F718C ] UEIPSvc         C:\Program Files\Packard Bell\User Experience Improvement Program\Framework\UBTService.exe
21:56:28.0364 0x1488  UEIPSvc - ok
21:56:28.0436 0x1488  [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
21:56:28.0447 0x1488  UI0Detect - ok
21:56:28.0483 0x1488  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
21:56:28.0489 0x1488  uliagpkx - ok
21:56:28.0515 0x1488  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\Windows\System32\drivers\umbus.sys
21:56:28.0520 0x1488  umbus - ok
21:56:28.0539 0x1488  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\Windows\System32\drivers\umpass.sys
21:56:28.0543 0x1488  UmPass - ok
21:56:28.0598 0x1488  [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService    C:\Windows\System32\umrdp.dll
21:56:28.0649 0x1488  UmRdpService - ok
21:56:28.0716 0x1488  [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost        C:\Windows\System32\upnphost.dll
21:56:28.0745 0x1488  upnphost - ok
21:56:28.0781 0x1488  [ DF355EB0199198728027962DCFCDE5FB, 9E158BD07389B4CFF99674716647FA3AABEECBD1A98EDF20E544E099A99A8768 ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
21:56:28.0788 0x1488  usbaudio - ok
21:56:28.0813 0x1488  [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp         C:\Windows\System32\drivers\usbccgp.sys
21:56:28.0820 0x1488  usbccgp - ok
21:56:28.0853 0x1488  [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir          C:\Windows\System32\drivers\usbcir.sys
21:56:28.0858 0x1488  usbcir - ok
21:56:28.0884 0x1488  [ C996CBEF922B5653A01E3F50DDCE2F86, 231EB5A36E7EE242197E796D3B4AB12F945D2C8570587BC8D57D45530A0C59B4 ] usbehci         C:\Windows\System32\drivers\usbehci.sys
21:56:28.0889 0x1488  usbehci - ok
21:56:28.0958 0x1488  [ CD81683F4553677B9BF5163A922153EB, 6B304B0D68B9BFF0245EC755CDAAF9DF59DF3A081727E32CB66672929F0DBC50 ] usbhub          C:\Windows\System32\drivers\usbhub.sys
21:56:28.0982 0x1488  usbhub - ok
21:56:29.0046 0x1488  [ 5C90D5379B53590FBB24BBAD4FA682EE, DC036340510C1C0999AB1CB845F8E6EB8B7696BAC9BBE6E936454C0000D1E9D4 ] USBHUB3         C:\Windows\System32\drivers\UsbHub3.sys
21:56:29.0069 0x1488  USBHUB3 - ok
21:56:29.0105 0x1488  [ A0F0484C97D6441ED6A75D7426ECCC9E, FF928ADE1C5464E581BF929F7383D5762D110EA6C7E31A6F0887EA7357ADBEFE ] usbohci         C:\Windows\System32\drivers\usbohci.sys
21:56:29.0109 0x1488  usbohci - ok
21:56:29.0138 0x1488  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\Windows\System32\drivers\usbprint.sys
21:56:29.0142 0x1488  usbprint - ok
21:56:29.0184 0x1488  [ 9D168BFA334D47BE404367EB58D4E130, 23279CBE6ACBD074E7B268BA2EDA14E2255C41F8117173B2BBE653D8259ECFA2 ] USBSTOR         C:\Windows\System32\drivers\USBSTOR.SYS
21:56:29.0195 0x1488  USBSTOR - ok
21:56:29.0228 0x1488  [ FC974B03C8B87455F44F734C8F31A3C8, D69F6EE8030F7DF96FF151D9EAA6AE65417ACAC5A267C7DB96E9611D5BC42D2C ] usbuhci         C:\Windows\System32\drivers\usbuhci.sys
21:56:29.0232 0x1488  usbuhci - ok
21:56:29.0281 0x1488  [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
21:56:29.0299 0x1488  usbvideo - ok
21:56:29.0345 0x1488  [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI         C:\Windows\System32\drivers\USBXHCI.SYS
21:56:29.0355 0x1488  USBXHCI - ok
21:56:29.0371 0x1488  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc        C:\Windows\system32\lsass.exe
21:56:29.0375 0x1488  VaultSvc - ok
21:56:29.0400 0x1488  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
21:56:29.0403 0x1488  vdrvroot - ok
21:56:29.0507 0x1488  [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds             C:\Windows\System32\vds.exe
21:56:29.0601 0x1488  vds - ok
21:56:29.0626 0x1488  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\Windows\system32\drivers\VerifierExt.sys
21:56:29.0633 0x1488  VerifierExt - ok
21:56:29.0719 0x1488  [ 8ABB4BABF59F092DF0B43778D8FD1884, 94C2100CE86448543A8DD586AD4A128AB9EB37959238D70F33EF59202270AC6C ] vhdmp           C:\Windows\System32\drivers\vhdmp.sys
21:56:29.0745 0x1488  vhdmp - ok
21:56:29.0768 0x1488  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\Windows\system32\drivers\viaide.sys
21:56:29.0771 0x1488  viaide - ok
21:56:29.0796 0x1488  [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
21:56:29.0803 0x1488  vmbus - ok
21:56:29.0824 0x1488  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\Windows\System32\drivers\VMBusHID.sys
21:56:29.0827 0x1488  VMBusHID - ok
21:56:29.0911 0x1488  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\Windows\System32\ICSvc.dll
21:56:29.0951 0x1488  vmicguestinterface - ok
21:56:29.0980 0x1488  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat   C:\Windows\System32\ICSvc.dll
21:56:29.0997 0x1488  vmicheartbeat - ok
21:56:30.0021 0x1488  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
21:56:30.0038 0x1488  vmickvpexchange - ok
21:56:30.0062 0x1488  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv         C:\Windows\System32\ICSvc.dll
21:56:30.0078 0x1488  vmicrdv - ok
21:56:30.0103 0x1488  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown    C:\Windows\System32\ICSvc.dll
21:56:30.0120 0x1488  vmicshutdown - ok
21:56:30.0144 0x1488  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync    C:\Windows\System32\ICSvc.dll
21:56:30.0161 0x1488  vmictimesync - ok
21:56:30.0185 0x1488  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss         C:\Windows\System32\ICSvc.dll
21:56:30.0204 0x1488  vmicvss - ok
21:56:30.0234 0x1488  [ 436E1A724E7E683F6B612D3D58F04241, 939B5EF0090DF3759295F88402FD0EA33F499DDA9F89E5D0E90D1F9AED65D491 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
21:56:30.0238 0x1488  volmgr - ok
21:56:30.0278 0x1488  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
21:56:30.0316 0x1488  volmgrx - ok
21:56:30.0386 0x1488  [ 17F7B0F2298D97F4B6C7A69511033D3D, 5BDFC225F31553786726808FB7952940FC05CA72B3977D684056F42AFAA59565 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
21:56:30.0400 0x1488  volsnap - ok
21:56:30.0424 0x1488  [ DAC438FB5FF85A9E72806E2341D5D732, B1D1EFCA8C588A6BF53CEC941CC59702C366F15C7D5943431736EC857E57C0A2 ] vpci            C:\Windows\System32\drivers\vpci.sys
21:56:30.0428 0x1488  vpci - ok
21:56:30.0455 0x1488  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
21:56:30.0463 0x1488  vsmraid - ok
21:56:30.0585 0x1488  [ D0CBA7B3531CCF2ADB985856D5F92434, 7FCBBCAF1AA85DCE8D75FB38DC4848AE12E8DD913CEBBC37BCD3D0123F0A3CAB ] VSS             C:\Windows\system32\vssvc.exe
21:56:30.0629 0x1488  VSS - ok
21:56:30.0649 0x1488  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\Windows\system32\drivers\vstxraid.sys
21:56:30.0660 0x1488  VSTXRAID - ok
21:56:30.0698 0x1488  [ 71066FF95C487327E44C8AF1B72EBE8B, EA2729126B452CAE0C80D07501779D804B08E47F1217B61D53277B40869FEC25 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
21:56:30.0701 0x1488  vwifibus - ok
21:56:30.0739 0x1488  [ 29AB43937FFDA0B0FB56984226E698C6, 6A1A559964FE5D594E54988C46149969E6FFD5A8D5A6862E14648B608794CC29 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
21:56:30.0745 0x1488  vwififlt - ok
21:56:30.0763 0x1488  [ 8B8624A93E3F88CB923AEB05B6313227, 2856B63CD376BF2B1A9129581E7B9207588D4EAFD29A2C8D98F176FEAFDE26A9 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
21:56:30.0767 0x1488  vwifimp - ok
21:56:30.0850 0x1488  [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time         C:\Windows\system32\w32time.dll
21:56:30.0903 0x1488  W32Time - ok
21:56:30.0928 0x1488  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\Windows\System32\drivers\wacompen.sys
21:56:30.0931 0x1488  WacomPen - ok
21:56:31.0038 0x1488  [ 841345442390953CBC8801B95D3D0540, FD4F9FD2C4C60A1A580177FFF2E9035009AC6A38E78D4236B0ED4773E3B263EE ] wbengine        C:\Windows\system32\wbengine.exe
21:56:31.0122 0x1488  wbengine - ok
21:56:31.0217 0x1488  [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
21:56:31.0259 0x1488  WbioSrvc - ok
21:56:31.0323 0x1488  [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc          C:\Windows\System32\wcmsvc.dll
21:56:31.0357 0x1488  Wcmsvc - ok
21:56:31.0416 0x1488  [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
21:56:31.0452 0x1488  wcncsvc - ok
21:56:31.0498 0x1488  [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:56:31.0509 0x1488  WcsPlugInService - ok
21:56:31.0552 0x1488  [ 81285DDC994F03379DB46419300B2DCB, 98D3622E11F375718AEA1DE3B5F0104DDAB4F96B6D4C19788C14F7B338A6F235 ] WdBoot          C:\Windows\system32\drivers\WdBoot.sys
21:56:31.0555 0x1488  WdBoot - ok
21:56:31.0626 0x1488  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
21:56:31.0665 0x1488  Wdf01000 - ok
21:56:31.0694 0x1488  [ 26B8FED3F3B85F5F0C4BD03FD00B9941, 7F94FE7954498223B33C025258DB588A3AC9FF25C58EEAD204514FD20652FE40 ] WdFilter        C:\Windows\system32\drivers\WdFilter.sys
21:56:31.0704 0x1488  WdFilter - ok
21:56:31.0742 0x1488  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost  C:\Windows\system32\wdi.dll
21:56:31.0750 0x1488  WdiServiceHost - ok
21:56:31.0761 0x1488  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost   C:\Windows\system32\wdi.dll
21:56:31.0769 0x1488  WdiSystemHost - ok
21:56:31.0806 0x1488  [ CE67080F00E0AF32755096CEA6430ABA, 0E5D626F9F76C0BC63B2D246AD66D9CBF7D92F34B56398417BCFD0C331DBD282 ] WdNisDrv        C:\Windows\system32\Drivers\WdNisDrv.sys
21:56:31.0814 0x1488  WdNisDrv - ok
21:56:31.0836 0x1488  WdNisSvc - ok
21:56:31.0898 0x1488  [ A70CAF5EA36CBA5FCA24244306D4D5C6, 76C3E20B62B89D9699A1E817377FAD70B144B877BCC5C850A5B64CC68184D8DA ] WebClient       C:\Windows\System32\webclnt.dll
21:56:31.0948 0x1488  WebClient - ok
21:56:32.0006 0x1488  [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc          C:\Windows\system32\wecsvc.dll
21:56:32.0040 0x1488  Wecsvc - ok
21:56:32.0075 0x1488  [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC      C:\Windows\system32\wephostsvc.dll
21:56:32.0086 0x1488  WEPHOSTSVC - ok
21:56:32.0133 0x1488  [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
21:56:32.0149 0x1488  wercplsupport - ok
21:56:32.0190 0x1488  [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc          C:\Windows\System32\WerSvc.dll
21:56:32.0210 0x1488  WerSvc - ok
21:56:32.0259 0x1488  [ 715ABA3DD164D06457A2A3C92F6EA9D5, E6F8269D2FFC4A548B65724C0A3F53756ED15E47229861FBD40B656EE40FE166 ] WFPLWFS         C:\Windows\system32\DRIVERS\wfplwfs.sys
21:56:32.0274 0x1488  WFPLWFS - ok
21:56:32.0326 0x1488  [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc          C:\Windows\System32\wiarpc.dll
21:56:32.0340 0x1488  WiaRpc - ok
21:56:32.0380 0x1488  [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
21:56:32.0384 0x1488  WIMMount - ok
21:56:32.0393 0x1488  WinDefend - ok
21:56:32.0484 0x1488  [ 0E70990EC2E5D2331AA5E88DB0CFB826, 79DFF565C3FCBC691E8FEB669CEC00E340FD2A2AFA4488D23A7CC63A2A98A5C1 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
21:56:32.0537 0x1488  WinHttpAutoProxySvc - ok
21:56:32.0620 0x1488  [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
21:56:32.0681 0x1488  Winmgmt - ok
21:56:32.0862 0x1488  [ 427873F889F2F508BE8BE982219CE578, CA8DCFB774BF0F747295A7A0CB46A6177DE12AD6BD58266182206C41A3C9001E ] WinRM           C:\Windows\system32\WsmSvc.dll
21:56:32.0997 0x1488  WinRM - ok
21:56:33.0046 0x1488  [ 3AF1FA17F1C4ACBDB660D8F98B1A9C13, 99B0851410B462685F6705EBF832D10943FB9634030B02D15BF5D0C66F26F2C2 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
21:56:33.0050 0x1488  WinUsb - ok
21:56:33.0184 0x1488  [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc         C:\Windows\System32\wlansvc.dll
21:56:33.0269 0x1488  WlanSvc - ok
21:56:33.0359 0x1488  [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc         C:\Windows\system32\wlidsvc.dll
21:56:33.0465 0x1488  wlidsvc - ok
21:56:33.0501 0x1488  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\Windows\System32\drivers\wmiacpi.sys
21:56:33.0503 0x1488  WmiAcpi - ok
21:56:33.0546 0x1488  [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
21:56:33.0556 0x1488  wmiApSrv - ok
21:56:33.0577 0x1488  WMPNetworkSvc - ok
21:56:33.0600 0x1488  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\Windows\system32\drivers\Wof.sys
21:56:33.0608 0x1488  Wof - ok
21:56:33.0734 0x1488  [ EDFA5CEDBE174FAAA4A09A6B297AEA42, 5998FE15462E4AD9C7B1444E5E2C17BD470DA3A5D474A0A118E02E47DADC678A ] workfolderssvc  C:\Windows\system32\workfolderssvc.dll
21:56:33.0806 0x1488  workfolderssvc - ok
21:56:33.0835 0x1488  [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr         C:\Windows\system32\DRIVERS\wpcfltr.sys
21:56:33.0838 0x1488  wpcfltr - ok
21:56:33.0874 0x1488  [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
21:56:33.0885 0x1488  WPCSvc - ok
21:56:33.0930 0x1488  [ DBDCE2378F65F0A07D4644AC103037E7, 99714F0CD31297C9831BAF04768F467F6E0BF710C859CEDCA83069226BF1A68A ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
21:56:33.0942 0x1488  WPDBusEnum - ok
21:56:33.0973 0x1488  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\Windows\system32\drivers\WpdUpFltr.sys
21:56:33.0976 0x1488  WpdUpFltr - ok
21:56:33.0992 0x1488  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
21:56:33.0995 0x1488  ws2ifsl - ok
21:56:34.0032 0x1488  [ 501D5EFAB9711039479AE48401386D2B, C8C1184DE93E9D2C4E8A60E4E9980745C4E5470E5DA9B59165D18705330ADEFE ] wscsvc          C:\Windows\System32\wscsvc.dll
21:56:34.0044 0x1488  wscsvc - ok
21:56:34.0053 0x1488  WSearch - ok
21:56:34.0274 0x1488  [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService       C:\Windows\System32\WSService.dll
21:56:34.0455 0x1488  WSService - ok
21:56:34.0640 0x1488  [ F3F60C88A6BBC8D0C68FE5B1C91181AF, AF9A4D282CD4BB1127BC3F48AB89DC294408D96F7906553C636F37D1503CFA48 ] wuauserv        C:\Windows\system32\wuaueng.dll
21:56:34.0829 0x1488  wuauserv - ok
21:56:34.0882 0x1488  [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
21:56:34.0886 0x1488  WudfPf - ok
21:56:34.0932 0x1488  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd          C:\Windows\System32\drivers\WUDFRd.sys
21:56:34.0952 0x1488  WUDFRd - ok
21:56:35.0026 0x1488  [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
21:56:35.0047 0x1488  wudfsvc - ok
21:56:35.0083 0x1488  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs       C:\Windows\System32\drivers\WUDFRd.sys
21:56:35.0097 0x1488  WUDFWpdFs - ok
21:56:35.0116 0x1488  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp      C:\Windows\system32\DRIVERS\WUDFRd.sys
21:56:35.0126 0x1488  WUDFWpdMtp - ok
21:56:35.0198 0x1488  [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc         C:\Windows\System32\wwansvc.dll
21:56:35.0248 0x1488  WwanSvc - ok
21:56:35.0278 0x1488  ================ Scan global ===============================
21:56:35.0322 0x1488  [ 3500AF0BA2EF095BF313EEB75D2366C6, C755E57B02BFA82151A182DF964349859575570EA5C3FBA81F747B8D2134A4D0 ] C:\Windows\system32\basesrv.dll
21:56:35.0364 0x1488  [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\Windows\system32\winsrv.dll
21:56:35.0437 0x1488  [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\Windows\system32\sxssrv.dll
21:56:35.0503 0x1488  [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\Windows\system32\services.exe
21:56:35.0526 0x1488  [ Global ] - ok
21:56:35.0527 0x1488  ================ Scan MBR ==================================
21:56:35.0541 0x1488  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
21:56:35.0549 0x1488  \Device\Harddisk0\DR0 - ok
21:56:35.0550 0x1488  ================ Scan VBR ==================================
21:56:35.0554 0x1488  [ 0DB6C855F2008A699F70690D677CD1A0 ] \Device\Harddisk0\DR0\Partition1
21:56:35.0558 0x1488  \Device\Harddisk0\DR0\Partition1 - ok
21:56:35.0574 0x1488  [ 53DD2AAFE995F7E3A4BCE458A80A02D1 ] \Device\Harddisk0\DR0\Partition2
21:56:35.0575 0x1488  \Device\Harddisk0\DR0\Partition2 - ok
21:56:35.0588 0x1488  [ 9DF6EE3B3D77B2C80E2646ADE55EB073 ] \Device\Harddisk0\DR0\Partition3
21:56:35.0588 0x1488  \Device\Harddisk0\DR0\Partition3 - ok
21:56:35.0615 0x1488  [ 126FBAD101823976579A05DFC74FDF77 ] \Device\Harddisk0\DR0\Partition4
21:56:35.0618 0x1488  \Device\Harddisk0\DR0\Partition4 - ok
21:56:35.0636 0x1488  [ 89EB7DB2C993D1C17FB8B8427D3EA510 ] \Device\Harddisk0\DR0\Partition5
21:56:35.0639 0x1488  \Device\Harddisk0\DR0\Partition5 - ok
21:56:35.0673 0x1488  [ 6C1A715066525046F764F0878CB09349 ] \Device\Harddisk0\DR0\Partition6
21:56:35.0677 0x1488  \Device\Harddisk0\DR0\Partition6 - ok
21:56:35.0678 0x1488  ================ Scan generic autorun ======================
21:56:36.0331 0x1488  [ DA2D7BED47EF71BDFEEDDEEE76C965FD, 79DB43FB6E84AD492E45DD7F58235D65DF0750AED8E1CEF287D9D1379106A953 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
21:56:36.0695 0x1488  RTHDVCPL - ok
21:56:36.0931 0x1488  [ A6A21A7D544675E98C040DA18904CF50, AACB578C297C7AC9FEBDAB4AD20235E5CFF6E3F260E76E6AE18D43DC57D69672 ] E:\PROGRAMME\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe
21:56:37.0006 0x1488  Malwarebytes TrayApp - ok
21:56:37.0111 0x1488  [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
21:56:37.0124 0x1488  HP Software Update - ok
21:56:37.0163 0x1488  Skype - ok
21:56:37.0207 0x1488  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.207.0 ), 0x60110 ( disabled : outofdate )
21:56:37.0211 0x1488  AV detected via SS2: McAfee Anti-Virus und Anti-Spyware, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 15.3.0.0 ), 0x51000 ( enabled : updated )
21:56:37.0216 0x1488  FW detected via SS2: McAfee Firewall, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 15.3.0.0 ), 0x51010 ( enabled )
21:56:37.0304 0x1488  ============================================================
21:56:37.0305 0x1488  Scan finished
21:56:37.0305 0x1488  ============================================================
21:56:37.0336 0x0ba0  Detected object count: 0
21:56:37.0336 0x0ba0  Actual detected object count: 0
21:59:01.0739 0x1d28  ============================================================
21:59:01.0739 0x1d28  Scan started
21:59:01.0739 0x1d28  Mode: Manual; SigCheck; TDLFS; 
21:59:01.0739 0x1d28  ============================================================
21:59:01.0739 0x1d28  KSN ping started
21:59:01.0832 0x1d28  KSN ping finished: true
21:59:02.0603 0x1d28  ================ Scan system memory ========================
21:59:02.0603 0x1d28  System memory - ok
21:59:02.0606 0x1d28  ================ Scan services =============================
21:59:02.0743 0x1d28  0295171488827201mcinstcleanup - ok
21:59:02.0922 0x1d28  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys
21:59:03.0097 0x1d28  1394ohci - ok
21:59:03.0117 0x1d28  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\Windows\system32\drivers\3ware.sys
21:59:03.0145 0x1d28  3ware - ok
21:59:03.0198 0x1d28  [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
21:59:03.0266 0x1d28  ACPI - ok
21:59:03.0292 0x1d28  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\Windows\system32\Drivers\acpiex.sys
21:59:03.0319 0x1d28  acpiex - ok
21:59:03.0339 0x1d28  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\Windows\System32\drivers\acpipagr.sys
21:59:03.0367 0x1d28  acpipagr - ok
21:59:03.0375 0x1d28  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\Windows\System32\drivers\acpipmi.sys
21:59:03.0416 0x1d28  AcpiPmi - ok
21:59:03.0433 0x1d28  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\Windows\System32\drivers\acpitime.sys
21:59:03.0466 0x1d28  acpitime - ok
21:59:03.0522 0x1d28  [ B932E0EE190778D840F1442DFC0F9612, 8780963F14D57279FDD585BE945ED40F24590D32676C7A9EF94002D38B8BA643 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:59:03.0543 0x1d28  AdobeARMservice - ok
21:59:03.0681 0x1d28  [ 89ECFB35517F62C3802B227F288B750E, 47B329FEC98DC634A9068D6B88A331B323D99E9C21D3FE330352210841E715CA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:59:03.0770 0x1d28  AdobeFlashPlayerUpdateSvc - ok
21:59:03.0835 0x1d28  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\Windows\system32\drivers\ADP80XX.SYS
21:59:03.0904 0x1d28  ADP80XX - ok
21:59:03.0940 0x1d28  [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
21:59:03.0985 0x1d28  AeLookupSvc - ok
21:59:04.0043 0x1d28  [ A460C3AF3755A2A79A3C8EFE72E147B5, 62CEA85DA53D86D3E7B5D79F94095C6126FFF3DEE1427BBF3DEF5EA366B4513B ] AFD             C:\Windows\system32\drivers\afd.sys
21:59:04.0114 0x1d28  AFD - ok
21:59:04.0141 0x1d28  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\Windows\system32\drivers\agp440.sys
21:59:04.0167 0x1d28  agp440 - ok
21:59:04.0214 0x1d28  [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache         C:\Windows\system32\DRIVERS\ahcache.sys
21:59:04.0264 0x1d28  ahcache - ok
21:59:04.0302 0x1d28  [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG             C:\Windows\System32\alg.exe
21:59:04.0388 0x1d28  ALG - ok
21:59:04.0430 0x1d28  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\Windows\System32\drivers\amdk8.sys
21:59:04.0489 0x1d28  AmdK8 - ok
21:59:04.0523 0x1d28  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\Windows\System32\drivers\amdppm.sys
21:59:04.0552 0x1d28  AmdPPM - ok
21:59:04.0577 0x1d28  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
21:59:04.0609 0x1d28  amdsata - ok
21:59:04.0640 0x1d28  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
21:59:04.0675 0x1d28  amdsbs - ok
21:59:04.0694 0x1d28  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
21:59:04.0718 0x1d28  amdxata - ok
21:59:04.0750 0x1d28  [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID           C:\Windows\system32\drivers\appid.sys
21:59:04.0781 0x1d28  AppID - ok
21:59:04.0815 0x1d28  [ 88358135810B9DFD830A9D3A8C3D149A, DF914DA3828EE2310895D156342E3B3DF5E8C6F6F9B851C359E82A1F48180D4B ] AppIDSvc        C:\Windows\System32\appidsvc.dll
21:59:04.0841 0x1d28  AppIDSvc - ok
21:59:04.0883 0x1d28  [ 734622FBA766DBD65B1803549B24A04A, 3B6872B87A60D4DA265D3B8AB0561A929CFE2C097419183E93D3843422363C89 ] Appinfo         C:\Windows\System32\appinfo.dll
21:59:04.0947 0x1d28  Appinfo - ok
21:59:05.0001 0x1d28  [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness    C:\Windows\system32\AppReadiness.dll
21:59:05.0062 0x1d28  AppReadiness - ok
21:59:05.0174 0x1d28  [ E0F846ADE7DED88981D0908DE56FF160, D8F536438091878724A5004849306ADFB96A2778A9D958ED3DCC0CD9E35160BB ] AppXSvc         C:\Windows\system32\appxdeploymentserver.dll
21:59:05.0289 0x1d28  AppXSvc - ok
21:59:05.0328 0x1d28  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\Windows\system32\drivers\arcsas.sys
21:59:05.0357 0x1d28  arcsas - ok
21:59:05.0378 0x1d28  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\Windows\system32\drivers\atapi.sys
21:59:05.0403 0x1d28  atapi - ok
21:59:05.0427 0x1d28  [ 8302D313DCC5536FE6BFB85165D9BB1E, CD9101D9CFE34F0D6CF5A6AD5C997CC5D32CCF5135B78604D0C3CD7252117C2D ] AthBTPort       C:\Windows\system32\DRIVERS\btath_flt.sys
21:59:05.0460 0x1d28  AthBTPort - ok
21:59:05.0553 0x1d28  [ 23C3686D98C650878602066093BAFDCA, 8D5B6D5ADB7A8706D84A4F16915290B50FCF76330954387D0964CD67C3BD1727 ] AtherosSvc      C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe
21:59:05.0629 0x1d28  AtherosSvc - detected UnsignedFile.Multi.Generic ( 1 )
21:59:05.0629 0x1d28  Detect skipped due to KSN trusted
21:59:05.0629 0x1d28  AtherosSvc - ok
21:59:05.0795 0x1d28  [ 60EFDC0EE93A51C63C159C3BD06D25F3, 7108F32496E935FEB0C030A0BFCECC1A8D6BEF5BB8129E5B7D9309321E96C3EB ] athr            C:\Windows\system32\DRIVERS\athwbx.sys
21:59:06.0066 0x1d28  athr - ok
21:59:06.0120 0x1d28  [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
21:59:06.0170 0x1d28  AudioEndpointBuilder - ok
21:59:06.0243 0x1d28  [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
21:59:06.0313 0x1d28  Audiosrv - ok
21:59:06.0353 0x1d28  [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
21:59:06.0397 0x1d28  AxInstSV - ok
21:59:06.0452 0x1d28  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
21:59:06.0504 0x1d28  b06bdrv - ok
21:59:06.0533 0x1d28  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\Windows\System32\drivers\BasicDisplay.sys
21:59:06.0604 0x1d28  BasicDisplay - ok
21:59:06.0620 0x1d28  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender     C:\Windows\System32\drivers\BasicRender.sys
21:59:06.0688 0x1d28  BasicRender - ok
21:59:06.0738 0x1d28  [ 4BEFF67C1775D353A16A62347E727874, 62363C5E5F4BF049A3E49FADA8CB17269945056ACADB319FDC4F05B74E2553C8 ] BBSvc           C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BBSvc.exe
21:59:06.0768 0x1d28  BBSvc - ok
21:59:06.0786 0x1d28  [ A6DAAD3EA93DBDBD07FA821BCED133F6, 8F33D4E4B82091D09E62FD5487C88F3DF0DAC31FCBB846183CC4020533A131DE ] BBUpdate        C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.exe
21:59:06.0817 0x1d28  BBUpdate - ok
21:59:06.0840 0x1d28  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\Windows\System32\drivers\bcmfn2.sys
21:59:06.0857 0x1d28  bcmfn2 - ok
21:59:06.0898 0x1d28  [ 174394F4EF93C117BF7BE3878046A1B1, D58E868342D1DAFC4B04384A3713F729DF07F408AA6AE4762E6A4244F976526A ] BDESVC          C:\Windows\System32\bdesvc.dll
21:59:06.0966 0x1d28  BDESVC - ok
21:59:06.0990 0x1d28  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\Windows\system32\drivers\Beep.sys
21:59:07.0035 0x1d28  Beep - ok
21:59:07.0110 0x1d28  [ 5059D93764340D4EAEDF49C47133118F, 26C5779469E04BEAFD290B619CA355648F3911C66D41B22D2C3DCA909FCA0F6E ] BFE             C:\Windows\System32\bfe.dll
21:59:07.0232 0x1d28  BFE - ok
21:59:07.0306 0x1d28  [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS            C:\Windows\System32\qmgr.dll
21:59:07.0403 0x1d28  BITS - ok
21:59:07.0447 0x1d28  [ 4938A9236300A356F97E378491EE4844, 60D892960D48EEF48F8EC4DE4F174EBD0BC0E7B28B6D8723D554CD1979EB55B4 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
21:59:07.0489 0x1d28  bowser - ok
21:59:07.0532 0x1d28  [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
21:59:07.0599 0x1d28  BrokerInfrastructure - ok
21:59:07.0636 0x1d28  [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser         C:\Windows\System32\browser.dll
21:59:07.0679 0x1d28  Browser - ok
21:59:07.0802 0x1d28  [ 15BE0FCECAE5BC00FB3D339D3D1CF4E4, 7F77C73404044270AA0A4C9D6BD838564B5356ACA935982390A6EA11FA653AE0 ] BTATH_A2DP      C:\Windows\system32\drivers\btath_a2dp.sys
21:59:07.0854 0x1d28  BTATH_A2DP - ok
21:59:07.0881 0x1d28  [ 1FFA5E05F2DE32D9E65CFDA4B33D50FD, 9EC578F563A90C60F893817548195781893405AC8ED7F87C3B5F94F9842161A5 ] btath_avdt      C:\Windows\system32\drivers\btath_avdt.sys
21:59:07.0903 0x1d28  btath_avdt - ok
21:59:07.0925 0x1d28  [ AF7DEA6A0E93AF8517A310D189B656BE, 008FE5102EE6B73A8D9AFC2B0E563C6A3567167380FCEDC538278240D2AE1FD4 ] BTATH_BUS       C:\Windows\system32\drivers\btath_bus.sys
21:59:07.0941 0x1d28  BTATH_BUS - ok
21:59:07.0963 0x1d28  [ 785C38070043BEEE9E9D591DE4067244, 1C8D15B8A9E80A2799E7094C4AE111FEA9FBC6EAA4A61B13EFE59314C9794949 ] BTATH_LWFLT     C:\Windows\system32\DRIVERS\btath_lwflt.sys
21:59:07.0994 0x1d28  BTATH_LWFLT - ok
21:59:08.0025 0x1d28  [ 859A116D748FBA603AF94C251DC5CF97, D64061721BE01F86386C4B0168B166C6AD076630B2229036E1D368D877389D46 ] BTATH_RCP       C:\Windows\System32\drivers\btath_rcp.sys
21:59:08.0048 0x1d28  BTATH_RCP - ok
21:59:08.0091 0x1d28  [ 6BAA2BD613DB6440C8D2C864CA0EA5D7, 0B0C268BA443FFBB07A3ADC215669F911839A665F5DD3E4C7C21760B6365F5F2 ] BtFilter        C:\Windows\system32\DRIVERS\btfilter.sys
21:59:08.0143 0x1d28  BtFilter - ok
21:59:08.0178 0x1d28  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\Windows\System32\drivers\BthAvrcpTg.sys
21:59:08.0217 0x1d28  BthAvrcpTg - ok
21:59:08.0252 0x1d28  [ 1104A31260CCF4318C884E0AE6C513BF, A8F83B558944DEF0F84414A11DC3CB90C3A92377B46760EC0A9B8BC22FB0D5C7 ] BthEnum         C:\Windows\System32\drivers\BthEnum.sys
21:59:08.0305 0x1d28  BthEnum - ok
21:59:08.0344 0x1d28  [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum       C:\Windows\System32\drivers\bthhfenum.sys
21:59:08.0383 0x1d28  BthHFEnum - ok
21:59:08.0401 0x1d28  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\Windows\System32\drivers\BthHFHid.sys
21:59:08.0437 0x1d28  bthhfhid - ok
21:59:08.0484 0x1d28  [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv        C:\Windows\System32\BthHFSrv.dll
21:59:08.0530 0x1d28  BthHFSrv - ok
21:59:08.0578 0x1d28  [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum       C:\Windows\system32\DRIVERS\BthLEEnum.sys
21:59:08.0619 0x1d28  BthLEEnum - ok
21:59:08.0635 0x1d28  [ 66B791F6B11DC4303DD18A224A501542, 502AE4D6FFC6B0FCED081B0E0F61F699F96F20DFEE737B53828F5DEE3BD0FCB1 ] BTHMODEM        C:\Windows\System32\drivers\bthmodem.sys
21:59:08.0676 0x1d28  BTHMODEM - ok
21:59:08.0708 0x1d28  [ FEA8FC81431AD93F44D5FBFBBF096AA7, C0581DF6B2AD24836604B083F4866F93A3F4D9091D382029948A5E6221EDF788 ] BthPan          C:\Windows\System32\drivers\bthpan.sys
21:59:08.0751 0x1d28  BthPan - ok
21:59:08.0828 0x1d28  [ 0CC00ADC1B84C93FB46E1A0974E956E1, 64C759244651B916901F4D0C82C3D6034532A20714A72FD26FC9D050B99E230B ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
21:59:08.0911 0x1d28  BTHPORT - ok
21:59:08.0951 0x1d28  [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv         C:\Windows\system32\bthserv.dll
21:59:08.0987 0x1d28  bthserv - ok
21:59:09.0037 0x1d28  [ 08EA90955AED2D959EE67DF6EDF0E2B6, 0A70AA67E5DD24C473C66A570C0FEBA9D398A0F0AD8386FE05D01C4D16346968 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
21:59:09.0067 0x1d28  BTHUSB - ok
21:59:09.0293 0x1d28  [ C85FD6135D9D1C0B4391CC05759FD014, 1756AC9CB0C2FE57EF4BF9378540B9BA7AE4153EDE4BB9366A936B863A1D328D ] CCDMonitorService C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
21:59:09.0414 0x1d28  CCDMonitorService - ok
21:59:09.0449 0x1d28  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
21:59:09.0500 0x1d28  cdfs - ok
21:59:09.0532 0x1d28  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\Windows\System32\drivers\cdrom.sys
21:59:09.0564 0x1d28  cdrom - ok
21:59:09.0602 0x1d28  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc     C:\Windows\System32\certprop.dll
21:59:09.0662 0x1d28  CertPropSvc - ok
21:59:09.0710 0x1d28  [ 06FB15E8F933F22A59C79E5D87B41F64, 26FE8291AFBD0242171A17252B74800304F338A31B674190EDAA39D20DC00FF3 ] cfwids          C:\Windows\system32\drivers\cfwids.sys
21:59:09.0746 0x1d28  cfwids - ok
21:59:09.0771 0x1d28  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\Windows\System32\drivers\circlass.sys
21:59:09.0801 0x1d28  circlass - ok
21:59:09.0855 0x1d28  [ 9DA497AEAF35AA7BF7710132FC2A9906, D38DF749222BD0B6E8E6442CC79D56CF827A1430ACAB4F85F7FC469DD31A211C ] CLFS            C:\Windows\system32\drivers\CLFS.sys
21:59:09.0895 0x1d28  CLFS - ok
21:59:10.0141 0x1d28  [ C0252538508FE7E831B4C0D8CF7989BB, 7D53BB51E9315978FDF769784B9C526DB2740642F807FF4807E73E6DC80D6561 ] ClientAnalyticsService C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe
21:59:10.0272 0x1d28  ClientAnalyticsService - ok
21:59:10.0310 0x1d28  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\Windows\System32\drivers\CmBatt.sys
21:59:10.0363 0x1d28  CmBatt - ok
21:59:10.0425 0x1d28  [ EFC79D3224D19FD926FFEA0A24729FEF, 41B0B41F7270C82691453679E03194845B9AF08C28800BF39D3CEB7CB1530BB8 ] CNG             C:\Windows\system32\Drivers\cng.sys
21:59:10.0490 0x1d28  CNG - ok
21:59:10.0528 0x1d28  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\Windows\System32\drivers\CompositeBus.sys
21:59:10.0563 0x1d28  CompositeBus - ok
21:59:10.0570 0x1d28  COMSysApp - ok
21:59:10.0585 0x1d28  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\Windows\system32\drivers\condrv.sys
21:59:10.0628 0x1d28  condrv - ok
21:59:10.0741 0x1d28  [ C5082FFE65B0672D06CCE39F45C3FF87, 21D38D7588A1BA628257D80EDA2103C9B7DD2DF6546420C6DD15F0E87BA773B5 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
21:59:10.0808 0x1d28  cphs - ok
21:59:10.0850 0x1d28  [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
21:59:10.0887 0x1d28  CryptSvc - ok
21:59:10.0913 0x1d28  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\Windows\system32\drivers\dam.sys
21:59:10.0938 0x1d28  dam - ok
         

Alt 07.03.2017, 17:28   #8
BiAnka-LF
 
Trojan.Injector.MSIL in Quarantäne, trotzdem funktioniert Google Chrome nicht - Standard

KDSSKiller - Teil4



Code:
ATTFilter
21:59:11.0011 0x1d28  [ 7830CEA509693DE0817DF2F3F2D80E89, 7B1786CD225E2D6BCFA484D0BFB81DD162D5713EAEC80C53317CC6950E3D17F3 ] DcomLaunch      C:\Windows\system32\rpcss.dll
21:59:11.0079 0x1d28  DcomLaunch - ok
21:59:11.0140 0x1d28  [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc       C:\Windows\System32\defragsvc.dll
21:59:11.0192 0x1d28  defragsvc - ok
21:59:11.0243 0x1d28  [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\Windows\system32\das.dll
21:59:11.0297 0x1d28  DeviceAssociationService - ok
21:59:11.0337 0x1d28  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall   C:\Windows\system32\umpnpmgr.dll
21:59:11.0383 0x1d28  DeviceInstall - ok
21:59:11.0428 0x1d28  [ FBFF94FC1FE0699A6BC5ACE270AB9EA1, 7D67E7BE539D9D515A1A6B9282C72114310E874DD1FE51E71F002DBB0E1439FB ] Dfsc            C:\Windows\system32\Drivers\dfsc.sys
21:59:11.0458 0x1d28  Dfsc - ok
21:59:11.0487 0x1d28  [ 0F4A5D01156B948B54550375498B08A2, 1CAE3D744429A06E9C9EC46AC6B216AB68154EF8FACDD0721C47902B83820F56 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
21:59:11.0513 0x1d28  dg_ssudbus - ok
21:59:11.0562 0x1d28  [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp            C:\Windows\system32\dhcpcore.dll
21:59:11.0631 0x1d28  Dhcp - ok
21:59:11.0730 0x1d28  [ 0AC9F83A5508935DE89C447473085EEA, 223782B17BACEFB0A663EB13514B68B919C95EF641CDDA7AC30CB239BC4307EC ] DiagTrack       C:\Windows\system32\diagtrack.dll
21:59:11.0842 0x1d28  DiagTrack - ok
21:59:11.0881 0x1d28  [ 8B1E62881D5AC68E673CD94B136B34AC, A0C50F17041E43AC07B67A74F2C408820316201439F47CDEA37A4F5891CC0E6F ] disk            C:\Windows\system32\drivers\disk.sys
21:59:11.0910 0x1d28  disk - ok
21:59:11.0941 0x1d28  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\Windows\System32\drivers\dmvsc.sys
21:59:11.0991 0x1d28  dmvsc - ok
21:59:12.0045 0x1d28  [ 561CBB163EB3C8221D9B1D7D1E5CA477, 4D235E73CC127769A257B31A92180552276EC8DDD991F1106815FADEF385E72D ] Dnscache        C:\Windows\System32\dnsrslvr.dll
21:59:12.0115 0x1d28  Dnscache - ok
21:59:12.0160 0x1d28  [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc         C:\Windows\System32\dot3svc.dll
21:59:12.0198 0x1d28  dot3svc - ok
21:59:12.0241 0x1d28  [ 27069CFFF29B7F04F4B1BB10154BE52B, 6869626F9A1D3F64224883C5E661638CEE893A3E29651C7B9302A03E52180415 ] dot4            C:\Windows\system32\DRIVERS\Dot4.sys
21:59:12.0261 0x1d28  dot4 - ok
21:59:12.0295 0x1d28  [ 0BD906A79F9CE3013F7D9D0AC45F9F9D, 2F7D5082E7E226D5EBEA164A8ACEE0A447C96EB1829224A6EFA3E7B4EFEE1D14 ] Dot4Print       C:\Windows\System32\drivers\Dot4Prt.sys
21:59:12.0311 0x1d28  Dot4Print - ok
21:59:12.0342 0x1d28  [ B7D595F2F464F7B628AD53F06547792C, F5D06A91EF54FBF56305FCC882B854350B266B2A005D80CC77AEBC2929440729 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
21:59:12.0358 0x1d28  dot4usb - ok
21:59:12.0392 0x1d28  [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS             C:\Windows\system32\dps.dll
21:59:12.0429 0x1d28  DPS - ok
21:59:12.0464 0x1d28  [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
21:59:12.0487 0x1d28  drmkaud - ok
21:59:12.0519 0x1d28  [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc          C:\Windows\System32\DeviceSetupManager.dll
21:59:12.0555 0x1d28  DsmSvc - ok
21:59:12.0668 0x1d28  [ F74B839FA0F4E6060CA1DA6B8DA17941, EF493E1F55FCD6A8C32B3D5D5809B7EFCCC9829E9A347522D1E6FE080D41BF37 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
21:59:12.0790 0x1d28  DXGKrnl - ok
21:59:12.0828 0x1d28  [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost         C:\Windows\System32\eapsvc.dll
21:59:12.0888 0x1d28  Eaphost - ok
21:59:13.0086 0x1d28  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
21:59:13.0336 0x1d28  ebdrv - ok
21:59:13.0383 0x1d28  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS             C:\Windows\System32\lsass.exe
21:59:13.0408 0x1d28  EFS - ok
21:59:13.0431 0x1d28  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\Windows\system32\drivers\EhStorClass.sys
21:59:13.0456 0x1d28  EhStorClass - ok
21:59:13.0479 0x1d28  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\Windows\system32\drivers\EhStorTcgDrv.sys
21:59:13.0507 0x1d28  EhStorTcgDrv - ok
21:59:13.0727 0x1d28  [ F800FEA3F6865E506AC2B218F25F1E38, 25E8EE3D009D52EDEF9F67587EA8E9E0FFD6094F3971B9470B0A7AC018AD469D ] ePowerSvc       C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
21:59:13.0856 0x1d28  ePowerSvc - ok
21:59:13.0879 0x1d28  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\Windows\System32\drivers\errdev.sys
21:59:13.0906 0x1d28  ErrDev - ok
21:59:13.0965 0x1d28  [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem     C:\Windows\system32\es.dll
21:59:14.0010 0x1d28  EventSystem - ok
21:59:14.0047 0x1d28  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\Windows\system32\drivers\exfat.sys
21:59:14.0108 0x1d28  exfat - ok
21:59:14.0138 0x1d28  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
21:59:14.0171 0x1d28  fastfat - ok
21:59:14.0226 0x1d28  [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax             C:\Windows\system32\fxssvc.exe
21:59:14.0300 0x1d28  Fax - ok
21:59:14.0310 0x1d28  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\Windows\System32\drivers\fdc.sys
21:59:14.0341 0x1d28  fdc - ok
21:59:14.0377 0x1d28  [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost         C:\Windows\system32\fdPHost.dll
21:59:14.0419 0x1d28  fdPHost - ok
21:59:14.0461 0x1d28  [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub        C:\Windows\system32\fdrespub.dll
21:59:14.0496 0x1d28  FDResPub - ok
21:59:14.0542 0x1d28  [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc           C:\Windows\system32\fhsvc.dll
21:59:14.0594 0x1d28  fhsvc - ok
21:59:14.0626 0x1d28  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
21:59:14.0650 0x1d28  FileInfo - ok
21:59:14.0668 0x1d28  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
21:59:14.0725 0x1d28  Filetrace - ok
21:59:14.0744 0x1d28  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\Windows\System32\drivers\flpydisk.sys
21:59:14.0798 0x1d28  flpydisk - ok
21:59:14.0942 0x1d28  [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
21:59:15.0002 0x1d28  FltMgr - ok
21:59:15.0080 0x1d28  [ 1EFEF3B4EF2B241263F0F791EA128598, B6CADC254B0779E43E0D6AB6125A7E7ED8FF50C3158911681BA7B43160A08176 ] FontCache       C:\Windows\system32\FntCache.dll
21:59:15.0229 0x1d28  FontCache - ok
21:59:15.0306 0x1d28  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:59:15.0365 0x1d28  FontCache3.0.0.0 - ok
21:59:15.0397 0x1d28  [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
21:59:15.0421 0x1d28  FsDepends - ok
21:59:15.0432 0x1d28  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
21:59:15.0456 0x1d28  Fs_Rec - ok
21:59:15.0512 0x1d28  [ D4AB6EE3D715BC44C00277FD934FAACF, DE8A8B14D7BA73BA1B5A833DE193CA65EDFE512A57D84F4F2CE19D9646D97F4E ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
21:59:15.0614 0x1d28  fvevol - ok
21:59:15.0642 0x1d28  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\Windows\System32\drivers\fxppm.sys
21:59:15.0683 0x1d28  FxPPM - ok
21:59:15.0699 0x1d28  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
21:59:15.0725 0x1d28  gagp30kx - ok
21:59:15.0752 0x1d28  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\Windows\System32\drivers\vmgencounter.sys
21:59:15.0795 0x1d28  gencounter - ok
21:59:15.0830 0x1d28  [ 794F13178118C609BA4F59111EDB6758, 9B79A3E3ECA4493AE25231C7B158B41571A2960458E0F2DEBE3C8BF40F708188 ] GPIO            C:\Windows\System32\drivers\iaiogpioe.sys
21:59:15.0896 0x1d28  GPIO - ok
21:59:15.0936 0x1d28  [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101     C:\Windows\system32\Drivers\msgpioclx.sys
21:59:15.0964 0x1d28  GPIOClx0101 - ok
21:59:16.0038 0x1d28  [ 9678FD4747A4F2E2318245EE6099482E, C76AE30E8BA77DC330F9CFE5ECEA58FAE0995396742923B564A2257DE24D7B32 ] gpsvc           C:\Windows\System32\gpsvc.dll
21:59:16.0212 0x1d28  gpsvc - ok
21:59:16.0319 0x1d28  [ 2D8BBF6C7241AAD9EDE7708EBB7B43A4, 51AF8150C6CF738AF14F502E6BDAD1035773DD45980770E06393814B75259EF8 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:59:16.0409 0x1d28  gupdate - ok
21:59:16.0436 0x1d28  [ 2D8BBF6C7241AAD9EDE7708EBB7B43A4, 51AF8150C6CF738AF14F502E6BDAD1035773DD45980770E06393814B75259EF8 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:59:16.0458 0x1d28  gupdatem - ok
21:59:16.0499 0x1d28  [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:59:16.0562 0x1d28  HdAudAddService - ok
21:59:16.0597 0x1d28  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\Windows\System32\drivers\HDAudBus.sys
21:59:16.0728 0x1d28  HDAudBus - ok
21:59:16.0758 0x1d28  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\Windows\System32\drivers\HidBatt.sys
21:59:16.0808 0x1d28  HidBatt - ok
21:59:16.0837 0x1d28  [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth          C:\Windows\System32\drivers\hidbth.sys
21:59:16.0871 0x1d28  HidBth - ok
21:59:16.0889 0x1d28  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\Windows\System32\drivers\hidi2c.sys
21:59:16.0935 0x1d28  hidi2c - ok
21:59:16.0966 0x1d28  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\Windows\System32\drivers\hidir.sys
21:59:17.0011 0x1d28  HidIr - ok
21:59:17.0049 0x1d28  [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv         C:\Windows\system32\hidserv.dll
21:59:17.0090 0x1d28  hidserv - ok
21:59:17.0113 0x1d28  [ 49676FEC898AB2A11B157F848269A56E, 011E6DDEF9570212520F92FEFD205E1F8104F198B57C40D11BE857FCBCC5F68D ] HidUsb          C:\Windows\System32\drivers\hidusb.sys
21:59:17.0203 0x1d28  HidUsb - ok
21:59:17.0245 0x1d28  [ F60E629BADC03B5BCCF8AAE022651A64, 08D3BA75F3A43843F8F13D7EEA263E46A9452FAB3B30BFD389E4B0477675CB3B ] HipShieldK      C:\Windows\system32\drivers\HipShieldK.sys
21:59:17.0272 0x1d28  HipShieldK - ok
21:59:17.0306 0x1d28  [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc          C:\Windows\system32\kmsvc.dll
21:59:17.0372 0x1d28  hkmsvc - ok
21:59:17.0425 0x1d28  [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:59:17.0521 0x1d28  HomeGroupListener - ok
21:59:17.0571 0x1d28  [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:59:17.0622 0x1d28  HomeGroupProvider - ok
21:59:17.0821 0x1d28  [ 7515D791E39C9D75714FFDB954D12494, 4B2568FB4C48F8F01FA3EE59116F669FD8FAF1AF427C9262E36491970AB1126D ] HomeNetSvc      C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
21:59:17.0870 0x1d28  HomeNetSvc - ok
21:59:17.0995 0x1d28  [ 0D0213498683414DDE29B1686A4C08D5, E9B64406C04B6E55CBD17E7C47B023CEA11FEE07B791154129D6F4F29D15AB7F ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
21:59:18.0038 0x1d28  hpqcxs08 - ok
21:59:18.0072 0x1d28  [ EE281DD6843F3F697C1AD7933EEB1E9B, 1ECE31C2150B92DDC1DCBBCECFE3E979F2C60B3F106280E3167BEC0269BF7A41 ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
21:59:18.0091 0x1d28  hpqddsvc - ok
21:59:18.0120 0x1d28  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
21:59:18.0145 0x1d28  HpSAMD - ok
21:59:18.0226 0x1d28  [ EC80F3ECC5F8543E22BBCB037D837CA9, 23A4AE80A6C317CE77BD9D352CD9CED8649E3AD98A7C0A2044138BB20B46F398 ] HPSupportSolutionsFrameworkService C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
21:59:18.0307 0x1d28  HPSupportSolutionsFrameworkService - ok
21:59:18.0380 0x1d28  [ 76A6FDA32A21515B67633497D8FDB1E4, 7DCAEC3186EAFDD4A53BCD8AAE9B82CBA8871C89B929FFD3BA43E675B95B2495 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
21:59:18.0446 0x1d28  HTTP - ok
21:59:18.0469 0x1d28  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
21:59:18.0493 0x1d28  hwpolicy - ok
21:59:18.0510 0x1d28  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\Windows\System32\drivers\hyperkbd.sys
21:59:18.0553 0x1d28  hyperkbd - ok
21:59:18.0572 0x1d28  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\Windows\system32\DRIVERS\HyperVideo.sys
21:59:18.0616 0x1d28  HyperVideo - ok
21:59:18.0653 0x1d28  [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt        C:\Windows\System32\drivers\i8042prt.sys
21:59:18.0717 0x1d28  i8042prt - ok
21:59:18.0744 0x1d28  [ F49D75806D962F85C44E32A1AFB9B8E0, DF033C79C478EB2EA82466F1A7CB58FE17E7C23FE0F24E7B18718750E9F98FF3 ] iaioi2c         C:\Windows\System32\drivers\iaioi2ce.sys
21:59:18.0802 0x1d28  iaioi2c - ok
21:59:18.0840 0x1d28  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
21:59:18.0857 0x1d28  iaLPSSi_GPIO - ok
21:59:18.0882 0x1d28  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\Windows\System32\drivers\iaLPSSi_I2C.sys
21:59:18.0905 0x1d28  iaLPSSi_I2C - ok
21:59:18.0945 0x1d28  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\Windows\system32\drivers\iaStorAV.sys
21:59:18.0984 0x1d28  iaStorAV - ok
21:59:19.0007 0x1d28  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
21:59:19.0047 0x1d28  iaStorV - ok
21:59:19.0092 0x1d28  [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS            C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
21:59:19.0112 0x1d28  ICCS - ok
21:59:19.0201 0x1d28  [ DAF66902F08796F9C694901660E5A64A, F4A4764DED05980426BAB54AAF040BC27A39C80315F5161E8D0B4C7F694BD8E6 ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
21:59:19.0253 0x1d28  IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
21:59:19.0253 0x1d28  Detect skipped due to KSN trusted
21:59:19.0254 0x1d28  IDriverT - ok
21:59:19.0266 0x1d28  IEEtwCollectorService - ok
21:59:19.0455 0x1d28  [ 623DB9620F552B480690AD882AFACED1, F44039122CF6001CB40A4032D3C108D9A83F06FC700A5B47D83EF605F83C9D2F ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
21:59:19.0666 0x1d28  igfx - ok
21:59:19.0703 0x1d28  [ 5264EE143875DDEA0E8CF8540C2AA743, D3A9F6A8FEDC74DFC986432DF5DC1A15048D7FB165E52A38F1269563B0D01A66 ] igfxCUIService1.0.0.0 C:\Windows\system32\igfxCUIService.exe
21:59:19.0732 0x1d28  igfxCUIService1.0.0.0 - ok
21:59:19.0807 0x1d28  [ 5697FD05EC6915A1E7193D658D8D6E05, 0179C3AF29880AA21F609CB471034EA5FA49324ACCE12736866675C037EBEC7A ] IKEEXT          C:\Windows\System32\ikeext.dll
21:59:19.0884 0x1d28  IKEEXT - ok
21:59:19.0916 0x1d28  [ FC7C456AF9B9811499EDBD10616832EE, CA2D8B0E672D3AE449C2FF0B9E142D74E8C72FD877D11162A9F7CC51AF58220F ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
21:59:19.0935 0x1d28  intaud_WaveExtensible - ok
21:59:20.0136 0x1d28  [ AAB0607E015F07D342DD3CB04A311257, 681EE04F24D7DEC1E3C02549E7A5C70E2AA6D342ED9F3819178E03E8747F9277 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:59:20.0290 0x1d28  IntcAzAudAddService - ok
21:59:20.0340 0x1d28  [ 890144FA6AB42F2B54EE633BF96A019A, 8741904C66170BA11C78D31681E3759537C0BF2338538678BC64234DB8FDE93F ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
21:59:20.0372 0x1d28  IntcDAud - ok
21:59:20.0447 0x1d28  [ 768DD5CB66952BC4A3BD474757AEE34F, 5A1F91FC8028D84FD83591D60CB7E3B24425C3B0FFF5A9BB0F7CE2E17AAB92D4 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
21:59:20.0499 0x1d28  Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
21:59:20.0499 0x1d28  Detect skipped due to KSN trusted
21:59:20.0499 0x1d28  Intel(R) Capability Licensing Service Interface - ok
21:59:20.0547 0x1d28  [ 7C9ED65324CF268ACBA8024257F782D8, 1DC43DBA3612E26454D7786DEB0538B44A736B67EC99642B4CC574D8A03E0DC7 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
21:59:20.0592 0x1d28  Intel(R) Capability Licensing Service TCP IP Interface - ok
21:59:20.0611 0x1d28  Intel(R) TA SAM - ok
21:59:20.0666 0x1d28  [ 5F158EFE9E72A5D6EDB9A59B3966A972, 8052CE286B9CC94ABBE9DC36A0D66A4DC45FE381D41C6CEBDAD8ABD78113C2EB ] Intel(R) Technology Access Legacy CS Loader C:\Program Files\Intel Corporation\Intel(R) Technology Access\LegacyCsLoaderService.exe
21:59:20.0697 0x1d28  Intel(R) Technology Access Legacy CS Loader - ok
21:59:20.0745 0x1d28  [ BA2EF85C5B79DE726B0C87587EEE6D90, 51A60B377E9A1F7C1EE88357CB5B63F8036D4CB977B37C4669BED88029A68721 ] Intel(R) TechnologyAccessService C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe
21:59:20.0777 0x1d28  Intel(R) TechnologyAccessService - ok
21:59:20.0801 0x1d28  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\Windows\system32\drivers\intelide.sys
21:59:20.0824 0x1d28  intelide - ok
21:59:20.0854 0x1d28  [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep        C:\Windows\system32\drivers\intelpep.sys
21:59:20.0877 0x1d28  intelpep - ok
21:59:20.0892 0x1d28  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\Windows\System32\drivers\intelppm.sys
21:59:20.0931 0x1d28  intelppm - ok
21:59:20.0950 0x1d28  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:59:21.0024 0x1d28  IpFilterDriver - ok
21:59:21.0088 0x1d28  [ B452623C1DE60544054E784D94A7AA47, 57AECDEE0AB2B80DFFE11E43608988D46E9169288CB56D644DDE2CAFED6AFD40 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
21:59:21.0236 0x1d28  iphlpsvc - ok
21:59:21.0280 0x1d28  [ C800DCD904016B2BF6AB541083770A3A, 95A8FB9AB2818A4F44AFCBF2715B0B3024DCE38E1406EA639F2A5ECA105D2290 ] IPMIDRV         C:\Windows\System32\drivers\IPMIDrv.sys
21:59:21.0344 0x1d28  IPMIDRV - ok
21:59:21.0403 0x1d28  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
21:59:21.0464 0x1d28  IPNAT - ok
21:59:21.0486 0x1d28  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\Windows\system32\drivers\irenum.sys
21:59:21.0543 0x1d28  IRENUM - ok
21:59:21.0565 0x1d28  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\Windows\system32\drivers\isapnp.sys
21:59:21.0588 0x1d28  isapnp - ok
21:59:21.0633 0x1d28  [ AD3C1F4BD9167420F04052FDA197CF29, 82B687092DFC50E8885656AF06BFB7559930750F4905BC4DBDA3A5D334A443D1 ] iScsiPrt        C:\Windows\System32\drivers\msiscsi.sys
21:59:21.0669 0x1d28  iScsiPrt - ok
21:59:21.0734 0x1d28  [ 622BF9C46A47CF17608C501320E8EFBD, 059F99D4306216324E100FCDAF02093B2CD662F2C6BE8565A4281E7760F8B575 ] iumsvc          C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
21:59:21.0779 0x1d28  iumsvc - ok
21:59:21.0815 0x1d28  [ A90C843F4FDD7A07129BA73C6BE13976, A76DEA9F09E3B2F18D3B646A0DD39E2773EC62E2F3C55421BA61C12190D78C1C ] iwdbus          C:\Windows\System32\drivers\iwdbus.sys
21:59:21.0831 0x1d28  iwdbus - ok
21:59:21.0849 0x1d28  [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass        C:\Windows\System32\drivers\kbdclass.sys
21:59:21.0873 0x1d28  kbdclass - ok
21:59:21.0897 0x1d28  [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid          C:\Windows\System32\drivers\kbdhid.sys
21:59:21.0943 0x1d28  kbdhid - ok
21:59:21.0969 0x1d28  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\Windows\system32\DRIVERS\kdnic.sys
21:59:22.0035 0x1d28  kdnic - ok
21:59:22.0051 0x1d28  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso          C:\Windows\system32\lsass.exe
21:59:22.0077 0x1d28  KeyIso - ok
21:59:22.0114 0x1d28  [ 304DA394D958BC3B62AF6DF514005B01, 8D17777C82F034E800181E82D30FCED800CBC46CD659AE2E0D972CA1381BD4C2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
21:59:22.0140 0x1d28  KSecDD - ok
21:59:22.0199 0x1d28  [ 3D4AE520CD6F6FFE549DD195C1F515BE, 2AD3E07F504CE50956C391FD4633D20B354A854C940B3563A67B79BB6E40218F ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
21:59:22.0252 0x1d28  KSecPkg - ok
21:59:22.0266 0x1d28  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
21:59:22.0303 0x1d28  ksthunk - ok
21:59:22.0357 0x1d28  [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm           C:\Windows\system32\msdtckrm.dll
21:59:22.0413 0x1d28  KtmRm - ok
21:59:22.0483 0x1d28  [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer    C:\Windows\system32\srvsvc.dll
21:59:22.0557 0x1d28  LanmanServer - ok
21:59:22.0606 0x1d28  [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:59:22.0662 0x1d28  LanmanWorkstation - ok
21:59:22.0713 0x1d28  [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc           C:\Windows\System32\GeofenceMonitorService.dll
21:59:22.0813 0x1d28  lfsvc - ok
21:59:22.0884 0x1d28  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
21:59:22.0930 0x1d28  lltdio - ok
21:59:22.0979 0x1d28  [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc         C:\Windows\System32\lltdsvc.dll
21:59:23.0032 0x1d28  lltdsvc - ok
21:59:23.0058 0x1d28  [ 4ACC60B4CBC911F3F34A1D66213BBBF5, C09A87ACAE0D41FD425BAF076FFE9B601DB89BB66199E5BD72FC59C6A8E449DB ] LMDriver        C:\Windows\System32\drivers\LMDriver.sys
21:59:23.0076 0x1d28  LMDriver - ok
21:59:23.0104 0x1d28  [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts         C:\Windows\System32\lmhsvc.dll
21:59:23.0162 0x1d28  lmhosts - ok
21:59:23.0211 0x1d28  [ 5059A4211317A8272F53B6179BB6A631, A2EB1BE89520A34597373635503A751B37B8EFD95820B4CAA1CE9A68A471AF73 ] LMSvc           C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMSvc.exe
21:59:23.0251 0x1d28  LMSvc - ok
21:59:23.0284 0x1d28  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
21:59:23.0310 0x1d28  LSI_SAS - ok
21:59:23.0348 0x1d28  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
21:59:23.0374 0x1d28  LSI_SAS2 - ok
21:59:23.0396 0x1d28  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\Windows\system32\drivers\lsi_sas3.sys
21:59:23.0422 0x1d28  LSI_SAS3 - ok
21:59:23.0440 0x1d28  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\Windows\system32\drivers\lsi_sss.sys
21:59:23.0466 0x1d28  LSI_SSS - ok
21:59:23.0524 0x1d28  [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM             C:\Windows\System32\lsm.dll
21:59:23.0628 0x1d28  LSM - ok
21:59:23.0647 0x1d28  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\Windows\system32\drivers\luafv.sys
21:59:23.0747 0x1d28  luafv - ok
21:59:23.0801 0x1d28  [ A0A527569856B9814E8920F52EBB67F5, 4347277C84B47E4CC048850BDEFB258CFB3B476AA99FD503FD71FBB70FFF5ACF ] LVRS64          C:\Windows\system32\DRIVERS\lvrs64.sys
21:59:23.0830 0x1d28  LVRS64 - ok
21:59:24.0085 0x1d28  [ 415E344294D1C0D04627B29146F68481, B4A1A05BDF07E8F226A98E51F62BE18BE2C046A084C495BD8A95CABC79FD0614 ] LVUVC64         C:\Windows\system32\DRIVERS\lvuvc64.sys
21:59:24.0381 0x1d28  LVUVC64 - ok
21:59:24.0746 0x1d28  [ 804E3246E3E73D4A936F2F4BCDC53A2D, BF1F9B4AC292238FA6EE541E325B220F311977F9D87D5BC7F90AD058FBF0B35A ] MBAMService     E:\Programme\Malwarebytes\Anti-Malware\mbamservice.exe
21:59:24.0912 0x1d28  MBAMService - ok
21:59:24.0966 0x1d28  [ BDE2FC7213C0897524C1357BAAE30239, 1E1AB68145107429217E07A662477C86406E0188BE9F01CAC416AC13054D1A5E ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
21:59:24.0994 0x1d28  MBAMSwissArmy - ok
21:59:25.0073 0x1d28  [ 69F56C3A8A442A891FC5A274CE3BCBB2, 429E6A5D57975219D0893E48C1C25E88919D6BC0C37B8B560B2D2863A480C696 ] McAfee SiteAdvisor Service C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
21:59:25.0121 0x1d28  McAfee SiteAdvisor Service - ok
21:59:25.0213 0x1d28  [ 56A485A5B702DB8AB32122A2EAD2694E, 28BF10E3CA295246B6A133B3CBA4C84C7AF3726185916CBB26645184F8C5EE25 ] McAPExe         C:\Program Files\Common Files\McAfee\VSCore_15_6\McApExe.exe
21:59:25.0301 0x1d28  McAPExe - ok
21:59:25.0342 0x1d28  [ 7515D791E39C9D75714FFDB954D12494, 4B2568FB4C48F8F01FA3EE59116F669FD8FAF1AF427C9262E36491970AB1126D ] McBootDelayStartSvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
21:59:25.0388 0x1d28  McBootDelayStartSvc - ok
21:59:25.0585 0x1d28  [ 080B4F6A1A8ADB39852C3AE8602E2D85, 22AF98641807648B6E2FF0B76AFD009FDAB6BC086C7B16790AB7726B6A4A9476 ] mccspsvc        C:\Program Files\Common Files\McAfee\CSP\2.3.290.0\\McCSPServiceHost.exe
21:59:25.0724 0x1d28  mccspsvc - ok
21:59:25.0762 0x1d28  [ 7515D791E39C9D75714FFDB954D12494, 4B2568FB4C48F8F01FA3EE59116F669FD8FAF1AF427C9262E36491970AB1126D ] McMPFSvc        C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
21:59:25.0808 0x1d28  McMPFSvc - ok
21:59:25.0836 0x1d28  [ 7515D791E39C9D75714FFDB954D12494, 4B2568FB4C48F8F01FA3EE59116F669FD8FAF1AF427C9262E36491970AB1126D ] McNaiAnn        C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
21:59:25.0881 0x1d28  McNaiAnn - ok
21:59:26.0050 0x1d28  [ A50E64755DFC7777BA2AFA5AE53E9F01, 6A64EBA9307F8AADF723517950D4DB5AE0FCB2714ACC861E468CDBBF24FE39E8 ] McODS           C:\Program Files\McAfee\VirusScan\mcods.exe
21:59:26.0160 0x1d28  McODS - ok
21:59:26.0190 0x1d28  [ 7515D791E39C9D75714FFDB954D12494, 4B2568FB4C48F8F01FA3EE59116F669FD8FAF1AF427C9262E36491970AB1126D ] mcpltsvc        C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
21:59:26.0237 0x1d28  mcpltsvc - ok
21:59:26.0265 0x1d28  [ 7515D791E39C9D75714FFDB954D12494, 4B2568FB4C48F8F01FA3EE59116F669FD8FAF1AF427C9262E36491970AB1126D ] McProxy         C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
21:59:26.0312 0x1d28  McProxy - ok
21:59:26.0342 0x1d28  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\Windows\system32\drivers\megasas.sys
21:59:26.0367 0x1d28  megasas - ok
21:59:26.0409 0x1d28  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\Windows\system32\drivers\megasr.sys
21:59:26.0455 0x1d28  megasr - ok
21:59:26.0503 0x1d28  [ 6820218B1C5EE9037955B337CBB4142B, 85B12BABFFB371C9FF6A20EE795DD33CD8DD784D3CBCF2DEC65E57A3D45EC029 ] mfeaack         C:\Windows\system32\drivers\mfeaack.sys
21:59:26.0539 0x1d28  mfeaack - ok
21:59:26.0565 0x1d28  [ 2B1A0FF97C0E065CB83A9A897ECE9F15, 63A2CF428A3F315F9019B7C34E45AEE259BCD468D49B313A44961529581FE40D ] mfeavfk         C:\Windows\system32\drivers\mfeavfk.sys
21:59:26.0597 0x1d28  mfeavfk - ok
21:59:26.0639 0x1d28  [ FE970DF83C4E999998AB440ECAD7D0E7, 7394B5837C8F14A889DE228E7833C0F08FBFF8A40DCA9EA775ADB3A3D67E0178 ] mfeelamk        C:\Windows\system32\drivers\mfeelamk.sys
21:59:26.0665 0x1d28  mfeelamk - ok
21:59:26.0699 0x1d28  [ 313DA2DB8E3F908980FBEBC511F30A50, FA1D3F766DED7C4765AD51B985FD1E65C03315E9ED377BF0CEF14B8D01DC7B06 ] mfefire         C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
21:59:26.0722 0x1d28  mfefire - ok
21:59:26.0769 0x1d28  [ 472EC3FF35A7D038155F189EC62E2F72, B97E6792FB7FFF7DF356F44955DD733009D900859247F8E4CA06844E2DB9C9CB ] mfefirek        C:\Windows\system32\drivers\mfefirek.sys
21:59:26.0820 0x1d28  mfefirek - ok
21:59:26.0890 0x1d28  [ F11A7C2408C4691137E33D82F61221BC, 706DC1AD05245246740CC9572700F65675276E7D550648B4DDDC6BFEFC2272CF ] mfehidk         C:\Windows\system32\drivers\mfehidk.sys
21:59:26.0941 0x1d28  mfehidk - ok
21:59:26.0992 0x1d28  [ A185B311B7053F8E9313C835D654862E, 79DA7726F887B82E98F6245B840144202D2B0CE811863DCDCE42F1912FBF6545 ] mfemms          C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe
21:59:27.0022 0x1d28  mfemms - ok
21:59:27.0075 0x1d28  [ 261B1A6F691FEBC2F34057BF72010CD9, 589A18AD1C74B1766EB08D9EA5AA46224964D54A50EA7A485660C65A8CA7AEBE ] mfencbdc        C:\Windows\system32\DRIVERS\mfencbdc.sys
21:59:27.0111 0x1d28  mfencbdc - ok
21:59:27.0140 0x1d28  [ 54A804B0A4E77542D2E7331F593137C3, B9C8B94D7C22B28CF8E5AADB088510D92C73154A48A51F220B4375C51DE829BE ] mfencrk         C:\Windows\system32\DRIVERS\mfencrk.sys
21:59:27.0163 0x1d28  mfencrk - ok
21:59:27.0199 0x1d28  [ 7C2C87D65568F9276100E99B9D225DC4, B2AEC1D5DC528E075F80B6242907C5D2E9A0C82DB59E0FE1114E31E4D90A4533 ] mfeplk          C:\Windows\system32\drivers\mfeplk.sys
21:59:27.0221 0x1d28  mfeplk - ok
21:59:27.0281 0x1d28  [ DA49A90A69B3284FD11B6F02D0209A99, 759380964E6450FF21FB9A2BD23BA0394B005EC332E714D40D47262FCDC6CFE9 ] mfesapsn        C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys
21:59:27.0299 0x1d28  mfesapsn - ok
21:59:27.0333 0x1d28  [ BF65650E76D1DB5D49D0C15B79419C34, 106339F6968A33020DA3C56F31A9750DB588518C5DBCDED20A31B300905B90AF ] mfevtp          C:\Windows\system32\mfevtps.exe
21:59:27.0361 0x1d28  mfevtp - ok
21:59:27.0401 0x1d28  [ 798D11CE31982A628DB55AF6A1B499FD, E6A69F45218645BF2193206FF0797E19E6BA37AC5D123762E57C8A77CE11FA6E ] mfewfpk         C:\Windows\system32\drivers\mfewfpk.sys
21:59:27.0428 0x1d28  mfewfpk - ok
21:59:27.0456 0x1d28  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS           C:\Windows\system32\mmcss.dll
21:59:27.0572 0x1d28  MMCSS - ok
21:59:27.0598 0x1d28  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\Windows\system32\drivers\modem.sys
21:59:27.0674 0x1d28  Modem - ok
21:59:27.0797 0x1d28  [ A33B71D493BA379312B176A27FB5B085, 81A4D286BAB7A51F56AD23610A2F3137BAAFC94FBCF5F3341DF136F0EEBA99D8 ] ModuleCoreService C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
21:59:27.0880 0x1d28  ModuleCoreService - ok
21:59:27.0902 0x1d28  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\Windows\System32\drivers\monitor.sys
21:59:27.0970 0x1d28  monitor - ok
21:59:28.0003 0x1d28  [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass        C:\Windows\System32\drivers\mouclass.sys
21:59:28.0026 0x1d28  mouclass - ok
21:59:28.0037 0x1d28  [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid          C:\Windows\System32\drivers\mouhid.sys
21:59:28.0086 0x1d28  mouhid - ok
21:59:28.0115 0x1d28  [ 24DABC0A77FAFDC0E379AB3B30F61BB6, E66624ABBF1D742879035F9161F9D3713DE7B759B3D3CF8B96C9E397A02FCF82 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
21:59:28.0140 0x1d28  mountmgr - ok
21:59:28.0174 0x1d28  [ 0DE2474F316C515482ABAD3B697F8714, 62862AE7432F5350068E96AD466093359C6CF444EB517AE6D09134FAF78C49F5 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:59:28.0197 0x1d28  MozillaMaintenance - ok
21:59:28.0230 0x1d28  [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
21:59:28.0278 0x1d28  mpsdrv - ok
21:59:28.0354 0x1d28  [ D1418745A5472F3930A288E05B9E2C05, 95785F0FA7EE239459C0288DB37E9E54648029FD6FE45A61E6343526D67FFA32 ] MpsSvc          C:\Windows\system32\mpssvc.dll
21:59:28.0436 0x1d28  MpsSvc - ok
21:59:28.0473 0x1d28  [ 3F818C1518DA702C8F10259095C9BDE0, B98C1A6F9A3C01A10503B2B2C45CC89AFF17B346B15990F4DB4820F68BDC62C8 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
21:59:28.0533 0x1d28  MRxDAV - ok
21:59:28.0580 0x1d28  [ C3B0566DE49265AE98405825938C20A1, F8BCA4A5AF21B841C998D4772DA9FF84E45F1356AA1285A1D48C06574A81CA4C ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
21:59:28.0621 0x1d28  mrxsmb - ok
21:59:28.0672 0x1d28  [ 15D7AF1A26CCEBA32DF21A8E2098F463, 84390806AD3A9651DAB803E9257EEE851B898ED2AB56D8936E8C9F6B41967243 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:59:28.0815 0x1d28  mrxsmb10 - ok
21:59:28.0889 0x1d28  [ 0790EEB1EC199F8BE8259E47B373ED23, F9330F43B40675CCB60804182EF04BFBA3837ED14C798788A4B27D65A646D1C7 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:59:28.0988 0x1d28  mrxsmb20 - ok
21:59:29.0028 0x1d28  [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge        C:\Windows\system32\DRIVERS\bridge.sys
21:59:29.0067 0x1d28  MsBridge - ok
21:59:29.0115 0x1d28  [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC           C:\Windows\System32\msdtc.exe
21:59:29.0147 0x1d28  MSDTC - ok
21:59:29.0181 0x1d28  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\Windows\system32\drivers\Msfs.sys
21:59:29.0210 0x1d28  Msfs - ok
21:59:29.0226 0x1d28  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\Windows\System32\drivers\msgpiowin32.sys
21:59:29.0250 0x1d28  msgpiowin32 - ok
21:59:29.0273 0x1d28  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
21:59:29.0318 0x1d28  mshidkmdf - ok
21:59:29.0338 0x1d28  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\Windows\System32\drivers\mshidumdf.sys
21:59:29.0380 0x1d28  mshidumdf - ok
21:59:29.0412 0x1d28  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
21:59:29.0445 0x1d28  msisadrv - ok
21:59:29.0492 0x1d28  [ A06142B3850B06972F1C89748FAA2C02, B1CCC5C8D100FEB384FCC85FED2A77F47DA4C9BA5F6889A130F4D73E30ACAA78 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
21:59:29.0545 0x1d28  MSiSCSI - ok
21:59:29.0553 0x1d28  msiserver - ok
21:59:29.0699 0x1d28  [ 7515D791E39C9D75714FFDB954D12494, 4B2568FB4C48F8F01FA3EE59116F669FD8FAF1AF427C9262E36491970AB1126D ] MSK80Service    C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
21:59:29.0751 0x1d28  MSK80Service - ok
21:59:29.0775 0x1d28  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
21:59:29.0827 0x1d28  MSKSSRV - ok
21:59:29.0860 0x1d28  [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp          C:\Windows\system32\DRIVERS\mslldp.sys
21:59:29.0940 0x1d28  MsLldp - ok
21:59:29.0966 0x1d28  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
21:59:30.0009 0x1d28  MSPCLOCK - ok
21:59:30.0028 0x1d28  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
21:59:30.0068 0x1d28  MSPQM - ok
21:59:30.0147 0x1d28  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
21:59:30.0193 0x1d28  MsRPC - ok
21:59:30.0225 0x1d28  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\Windows\System32\drivers\mssmbios.sys
21:59:30.0248 0x1d28  mssmbios - ok
21:59:30.0261 0x1d28  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
21:59:30.0312 0x1d28  MSTEE - ok
21:59:30.0331 0x1d28  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\Windows\System32\drivers\MTConfig.sys
21:59:30.0375 0x1d28  MTConfig - ok
21:59:30.0409 0x1d28  [ 438EA7A2D8D4F9B8AFB64748ACA70BA8, AEEB7B657B645C4006C6D5E8D07ECE581DEE7AD22EA1A587C552574990CF091B ] Mup             C:\Windows\system32\Drivers\mup.sys
21:59:30.0436 0x1d28  Mup - ok
21:59:30.0451 0x1d28  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\Windows\system32\drivers\mvumis.sys
21:59:30.0477 0x1d28  mvumis - ok
21:59:30.0532 0x1d28  [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent        C:\Windows\system32\qagentRT.dll
21:59:30.0587 0x1d28  napagent - ok
21:59:30.0642 0x1d28  [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
21:59:30.0709 0x1d28  NativeWifiP - ok
21:59:30.0750 0x1d28  [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc          C:\Windows\System32\ncasvc.dll
21:59:30.0822 0x1d28  NcaSvc - ok
21:59:30.0858 0x1d28  [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService      C:\Windows\System32\ncbservice.dll
21:59:30.0924 0x1d28  NcbService - ok
21:59:30.0954 0x1d28  [ 0813B71EAF097208DC76CE0605B48AF0, A93A2E6A8FB77B58AC4D580E6F8BF307A25BADC9493994F9BE235EBFB0E1DB22 ] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll
21:59:31.0016 0x1d28  NcdAutoSetup - ok
21:59:31.0089 0x1d28  [ 97DC5967F65503213FD1F1B3E4A6F983, 3EC515856C7CE9B30032F963DC04190F66EE62402A819781DC45B7D088C84229 ] NDIS            C:\Windows\system32\drivers\ndis.sys
21:59:31.0156 0x1d28  NDIS - ok
21:59:31.0191 0x1d28  [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
21:59:31.0228 0x1d28  NdisCap - ok
21:59:31.0272 0x1d28  [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform  C:\Windows\system32\DRIVERS\NdisImPlatform.sys
21:59:31.0364 0x1d28  NdisImPlatform - ok
21:59:31.0395 0x1d28  [ F6CAD1FD269E8FFE4DACF0F7A653CB02, 46476469CE07348EA69202E954D969A899553A93B7B224E09882564811DD48BF ] ndisrd          C:\Windows\system32\DRIVERS\ndisrfl.sys
21:59:31.0415 0x1d28  ndisrd - ok
21:59:31.0447 0x1d28  [ 82821F4EEC776B4CF11695A38F3ABA46, 23184F9D31E662855DC4D23EFE7C2FE00E5487D3762B6024704A5D8C87762E1C ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
21:59:31.0504 0x1d28  NdisTapi - ok
21:59:31.0538 0x1d28  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
21:59:31.0593 0x1d28  Ndisuio - ok
21:59:31.0613 0x1d28  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\Windows\System32\drivers\NdisVirtualBus.sys
21:59:31.0663 0x1d28  NdisVirtualBus - ok
21:59:31.0700 0x1d28  [ C3755FCF9A0B5C6FE8ED9E873B85D3CE, 4D3DAFAFA5FB2930522D6DA536E3A731BABE0C24613C190D2330DB415D1A6515 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
21:59:31.0761 0x1d28  NdisWan - ok
21:59:31.0773 0x1d28  [ C3755FCF9A0B5C6FE8ED9E873B85D3CE, 4D3DAFAFA5FB2930522D6DA536E3A731BABE0C24613C190D2330DB415D1A6515 ] NdisWanLegacy   C:\Windows\system32\DRIVERS\ndiswan.sys
21:59:31.0842 0x1d28  NdisWanLegacy - ok
21:59:31.0872 0x1d28  [ DDD7F92A83F74D1476B71FBA9530A8DC, D3F94FC9F48854E09B0B77CE5E1C1DB948D54EAC63C5583437051BB893B5A386 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
21:59:31.0917 0x1d28  NDProxy - ok
21:59:31.0956 0x1d28  [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu             C:\Windows\system32\drivers\Ndu.sys
21:59:31.0996 0x1d28  Ndu - ok
21:59:32.0047 0x1d28  [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\System32\HPZinw12.dll
21:59:32.0096 0x1d28  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
21:59:32.0096 0x1d28  Detect skipped due to KSN trusted
21:59:32.0096 0x1d28  Net Driver HPZ12 - ok
21:59:32.0122 0x1d28  [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
21:59:32.0171 0x1d28  NetBIOS - ok
21:59:32.0211 0x1d28  [ 9DC17B7D9D84C37C102D379FCC7D4942, D522022ED4395686837E96F57EE29F8065FB749D1195B60D2A406FB33F696C09 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
21:59:32.0338 0x1d28  NetBT - ok
21:59:32.0368 0x1d28  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon        C:\Windows\system32\lsass.exe
21:59:32.0395 0x1d28  Netlogon - ok
21:59:32.0436 0x1d28  [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman          C:\Windows\System32\netman.dll
21:59:32.0473 0x1d28  Netman - ok
21:59:32.0537 0x1d28  [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm        C:\Windows\System32\netprofmsvc.dll
21:59:32.0594 0x1d28  netprofm - ok
21:59:32.0625 0x1d28  [ 87CFE8B5238A976E222B71572EA974BF, D54E087673E4BD40E45763AB3C199804E4B25EAFBB511301A177480F299D6539 ] NetTap630       C:\Windows\system32\DRIVERS\nettap630.sys
21:59:32.0645 0x1d28  NetTap630 - ok
21:59:32.0735 0x1d28  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:59:32.0844 0x1d28  NetTcpPortSharing - ok
21:59:32.0878 0x1d28  [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc          C:\Windows\System32\drivers\netvsc63.sys
21:59:32.0926 0x1d28  netvsc - ok
21:59:32.0967 0x1d28  [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc          C:\Windows\System32\nlasvc.dll
21:59:33.0046 0x1d28  NlaSvc - ok
21:59:33.0079 0x1d28  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
21:59:33.0126 0x1d28  Npfs - ok
21:59:33.0161 0x1d28  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\Windows\System32\drivers\npsvctrig.sys
21:59:33.0219 0x1d28  npsvctrig - ok
21:59:33.0257 0x1d28  [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi             C:\Windows\system32\nsisvc.dll
21:59:33.0335 0x1d28  nsi - ok
21:59:33.0371 0x1d28  [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
21:59:33.0412 0x1d28  nsiproxy - ok
21:59:33.0532 0x1d28  [ 9980B262DBE439AE6BDC91AA985F19EE, E998E4CAE9CD103ADA9CA3C737C4DAD017D056828BFA42A41C7B4E4E108FB13C ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
21:59:33.0669 0x1d28  Ntfs - ok
21:59:33.0702 0x1d28  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\Windows\system32\drivers\Null.sys
21:59:33.0745 0x1d28  Null - ok
21:59:33.0774 0x1d28  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
21:59:33.0802 0x1d28  nvraid - ok
21:59:33.0816 0x1d28  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
21:59:33.0846 0x1d28  nvstor - ok
21:59:33.0868 0x1d28  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
21:59:33.0895 0x1d28  nv_agp - ok
21:59:33.0941 0x1d28  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
21:59:34.0015 0x1d28  p2pimsvc - ok
21:59:34.0123 0x1d28  [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc          C:\Windows\system32\p2psvc.dll
21:59:34.0246 0x1d28  p2psvc - ok
21:59:34.0294 0x1d28  [ 57DCE4FB0467986AE78E1C6FC5240D32, F7F3ADD1B48E4D6BB0A664A2FE556F71ED7453054B4FB667A29BE050C845045B ] Parport         C:\Windows\System32\drivers\parport.sys
21:59:34.0343 0x1d28  Parport - ok
21:59:34.0399 0x1d28  [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
21:59:34.0425 0x1d28  partmgr - ok
21:59:34.0477 0x1d28  [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc          C:\Windows\System32\pcasvc.dll
21:59:34.0541 0x1d28  PcaSvc - ok
21:59:34.0586 0x1d28  [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci             C:\Windows\system32\drivers\pci.sys
21:59:34.0622 0x1d28  pci - ok
21:59:34.0647 0x1d28  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\Windows\system32\drivers\pciide.sys
21:59:34.0670 0x1d28  pciide - ok
21:59:34.0693 0x1d28  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
21:59:34.0721 0x1d28  pcmcia - ok
21:59:34.0738 0x1d28  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\Windows\system32\drivers\pcw.sys
21:59:34.0763 0x1d28  pcw - ok
21:59:34.0788 0x1d28  [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc             C:\Windows\system32\drivers\pdc.sys
21:59:34.0814 0x1d28  pdc - ok
21:59:34.0850 0x1d28  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
21:59:34.0959 0x1d28  PEAUTH - ok
21:59:35.0115 0x1d28  [ 028362370BEEBADACC881E3D4956E236, D641E431F8B41218E92C0F02A3FE9897B09E116AC8222DC0E7C4994BC0CEEA2F ] PEFService      C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
21:59:35.0184 0x1d28  PEFService - ok
21:59:35.0259 0x1d28  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\Windows\SysWow64\perfhost.exe
21:59:35.0307 0x1d28  PerfHost - ok
21:59:35.0449 0x1d28  [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla             C:\Windows\system32\pla.dll
21:59:35.0573 0x1d28  pla - ok
21:59:35.0613 0x1d28  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
21:59:35.0644 0x1d28  PlugPlay - ok
21:59:35.0676 0x1d28  [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\Windows\System32\HPZipm12.dll
21:59:35.0689 0x1d28  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
21:59:35.0689 0x1d28  Detect skipped due to KSN trusted
21:59:35.0689 0x1d28  Pml Driver HPZ12 - ok
21:59:35.0722 0x1d28  [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
21:59:35.0767 0x1d28  PNRPAutoReg - ok
21:59:35.0801 0x1d28  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
21:59:35.0841 0x1d28  PNRPsvc - ok
21:59:35.0902 0x1d28  [ 0FF8507A8B901B904E98EB36B9E347EE, FE4A9A6159A8490F3155D166656748722EFDEDCDC447C09155A5AD6D9F5D294D ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
21:59:35.0980 0x1d28  PolicyAgent - ok
21:59:36.0020 0x1d28  [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power           C:\Windows\system32\umpo.dll
21:59:36.0062 0x1d28  Power - ok
21:59:36.0284 0x1d28  [ F6EA63145C20A23732AD2CA1EBA65FA1, 0DD1164D37C1500258E9CCCE458778A3DA196D9A65919B2672E3C88383068F52 ] PrintNotify     C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
21:59:36.0517 0x1d28  PrintNotify - ok
21:59:36.0569 0x1d28  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\Windows\System32\drivers\processr.sys
21:59:36.0617 0x1d28  Processor - ok
21:59:36.0652 0x1d28  [ 6E409D818C6B342544EAE741B1422B85, B4ADFB7809FC42C432C984C3AC13FAFD1B7AD53BCC7FB16E86371DE4C829DD1A ] ProfSvc         C:\Windows\system32\profsvc.dll
21:59:36.0736 0x1d28  ProfSvc - ok
21:59:36.0780 0x1d28  [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
21:59:36.0822 0x1d28  Psched - ok
21:59:36.0905 0x1d28  [ 2ACAB8C99FFCB2555A5979944D26EB50, BA0543FEBFCB50A7A379D695F110DB0C6CB5AA299D3C517FE270635044F00BFA ] QASvc           C:\Program Files\Packard Bell\Packard Bell Quick Access\QASvc.exe
21:59:36.0964 0x1d28  QASvc - ok
21:59:37.0009 0x1d28  [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE           C:\Windows\system32\qwave.dll
21:59:37.0084 0x1d28  QWAVE - ok
21:59:37.0118 0x1d28  [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
21:59:37.0156 0x1d28  QWAVEdrv - ok
21:59:37.0183 0x1d28  [ 6A52182919E25FB56D253D389F92CE98, AE6497D5CF324CB813248ADECB0F53E5CB3D6C326774E2257319E4CE7782C591 ] RadioShim       C:\Windows\System32\drivers\RadioShim.sys
21:59:37.0199 0x1d28  RadioShim - ok
21:59:37.0226 0x1d28  [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
21:59:37.0262 0x1d28  RasAcd - ok
21:59:37.0307 0x1d28  [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto         C:\Windows\System32\rasauto.dll
21:59:37.0354 0x1d28  RasAuto - ok
21:59:37.0410 0x1d28  [ 15C0034561FE5B03FA376F1A6232478B, 0F9B5C2BD7D8803FF3C5ED957D3F0859F2A59B74510E4659FBF05EDCBF230208 ] RasMan          C:\Windows\System32\rasmans.dll
21:59:37.0507 0x1d28  RasMan - ok
21:59:37.0548 0x1d28  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
21:59:37.0591 0x1d28  RasPppoe - ok
21:59:37.0644 0x1d28  [ D67ED4AB59D1EF66B05AD1A81AC28B26, 72E750A9A6B484D8BEDE52FA6DABEF4D95765DE491152E1F6C856D0590B50C28 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
21:59:37.0739 0x1d28  rdbss - ok
21:59:37.0763 0x1d28  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\Windows\System32\drivers\rdpbus.sys
21:59:37.0826 0x1d28  rdpbus - ok
21:59:37.0855 0x1d28  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
21:59:37.0923 0x1d28  RDPDR - ok
21:59:37.0954 0x1d28  [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
21:59:37.0977 0x1d28  RdpVideoMiniport - ok
21:59:38.0007 0x1d28  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
21:59:38.0041 0x1d28  rdyboost - ok
21:59:38.0113 0x1d28  [ 2D39BCFA4DD1081B8F282B623456B858, DD8C433B66B6661F4DBD1784CBD334441B508BE84932DD443F7AD51CEA192BA9 ] ReFS            C:\Windows\system32\drivers\ReFS.sys
21:59:38.0199 0x1d28  ReFS - ok
21:59:38.0244 0x1d28  [ DF78648AC3C8DC9D70E6714AF785382F, 56E104939ED0AB5B26AE07BAB1BBB7D15828DBD3A2AD35361423D7ADDA4BA551 ] RemoteAccess    C:\Windows\System32\mprdim.dll
21:59:38.0281 0x1d28  RemoteAccess - ok
21:59:38.0330 0x1d28  [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
21:59:38.0397 0x1d28  RemoteRegistry - ok
21:59:38.0434 0x1d28  [ DC66AE45816614D2999DCD3834DCCC4E, 1C26225135E851DDD1307F52401DD7055B26B3F3B8FDD693B21042C2896E235A ] RFCOMM          C:\Windows\System32\drivers\rfcomm.sys
21:59:38.0474 0x1d28  RFCOMM - ok
21:59:38.0566 0x1d28  [ 41DDCF1ADD1FB7DE23DCF671740DDBE6, 87ECB5C883CEFF76D126A5B4D92E069C9298FA5B62CC981870F9ECCA13C074F1 ] RichVideo       C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
21:59:38.0659 0x1d28  RichVideo - ok
21:59:38.0698 0x1d28  [ 858DB87C457D2B44DDEF876B170AAACE, E59D06DCBD94573A89D98B58C46A3DA0AD115831D2A0FBD2F7940A6694504A28 ] RMSvc           C:\Program Files\Packard Bell\Packard Bell Quick Access\RMSvc.exe
21:59:38.0737 0x1d28  RMSvc - ok
21:59:38.0769 0x1d28  [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
21:59:38.0812 0x1d28  RpcEptMapper - ok
21:59:38.0850 0x1d28  [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator      C:\Windows\system32\locator.exe
21:59:38.0905 0x1d28  RpcLocator - ok
21:59:38.0963 0x1d28  [ 7830CEA509693DE0817DF2F3F2D80E89, 7B1786CD225E2D6BCFA484D0BFB81DD162D5713EAEC80C53317CC6950E3D17F3 ] RpcSs           C:\Windows\system32\rpcss.dll
21:59:39.0019 0x1d28  RpcSs - ok
21:59:39.0055 0x1d28  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
21:59:39.0105 0x1d28  rspndr - ok
21:59:39.0165 0x1d28  [ BCDE27DA663D2F1BE1EA262F2BFDA8D0, 07744F83C41503D8C948E8D8569628C7C9D283EBA3C20CB63BC81123812A0A25 ] RSUSBVSTOR      C:\Windows\System32\Drivers\RtsUVStor.sys
21:59:39.0192 0x1d28  RSUSBVSTOR - ok
21:59:39.0246 0x1d28  [ D5C3918E3EF787A41172B8E5348247F0, 033E5E6037CDFE65D26AD834ACD2B652EEED66BA48753F7B319C9FD41CE4F180 ] RTL8168         C:\Windows\system32\DRIVERS\Rt630x64.sys
21:59:39.0293 0x1d28  RTL8168 - ok
21:59:39.0312 0x1d28  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\Windows\System32\drivers\vms3cap.sys
21:59:39.0352 0x1d28  s3cap - ok
21:59:39.0376 0x1d28  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs           C:\Windows\system32\lsass.exe
21:59:39.0401 0x1d28  SamSs - ok
21:59:39.0423 0x1d28  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
21:59:39.0450 0x1d28  sbp2port - ok
21:59:39.0483 0x1d28  [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
21:59:39.0534 0x1d28  SCardSvr - ok
21:59:39.0571 0x1d28  [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum    C:\Windows\System32\ScDeviceEnum.dll
21:59:39.0623 0x1d28  ScDeviceEnum - ok
21:59:39.0651 0x1d28  [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
21:59:39.0688 0x1d28  scfilter - ok
21:59:39.0789 0x1d28  [ 3151A020E03DDE31AAC49F35C5EFB4DB, 5ABB1103009979F86C862357E28F37C2744979F2C99F7CF6ABB4EB1B8416B3F6 ] Schedule        C:\Windows\system32\schedsvc.dll
21:59:39.0870 0x1d28  Schedule - ok
21:59:39.0912 0x1d28  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc     C:\Windows\System32\certprop.dll
21:59:39.0943 0x1d28  SCPolicySvc - ok
21:59:39.0985 0x1d28  [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus           C:\Windows\System32\drivers\sdbus.sys
21:59:40.0018 0x1d28  sdbus - ok
21:59:40.0053 0x1d28  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\Windows\System32\drivers\sdstor.sys
21:59:40.0078 0x1d28  sdstor - ok
21:59:40.0108 0x1d28  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
21:59:40.0155 0x1d28  secdrv - ok
21:59:40.0184 0x1d28  [ 6627154693B6C2B8A59727F5B38728E8, F08251EE3436400295F120D48F3763E6F11BBF4132D674AD3E8112B6B3538455 ] seclogon        C:\Windows\system32\seclogon.dll
21:59:40.0293 0x1d28  seclogon - ok
21:59:40.0334 0x1d28  [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS            C:\Windows\System32\sens.dll
21:59:40.0377 0x1d28  SENS - ok
21:59:40.0425 0x1d28  [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
21:59:40.0500 0x1d28  SensrSvc - ok
21:59:40.0535 0x1d28  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\Windows\system32\drivers\SerCx.sys
21:59:40.0559 0x1d28  SerCx - ok
21:59:40.0583 0x1d28  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\Windows\system32\drivers\SerCx2.sys
21:59:40.0611 0x1d28  SerCx2 - ok
21:59:40.0645 0x1d28  [ 1F0135949A6AD6025F363F80FE268251, DB2D503863143F2251E589F7B0B3E9FBF997D7333D54C55856590B5080B5513D ] Serenum         C:\Windows\System32\drivers\serenum.sys
21:59:40.0705 0x1d28  Serenum - ok
21:59:40.0722 0x1d28  [ 81633C87B42B63BA484A6177179AC750, A22BA40E9EC74E88D8098CBDC954E1D63B832FCB789E3C7B731DE5DA39BEE2CA ] Serial          C:\Windows\System32\drivers\serial.sys
21:59:40.0752 0x1d28  Serial - ok
21:59:40.0774 0x1d28  [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse        C:\Windows\System32\drivers\sermouse.sys
21:59:40.0827 0x1d28  sermouse - ok
21:59:40.0878 0x1d28  [ 389458EA0B5FAEBA325FAC47B9ED589E, F7F37A1F1E912069F65E4629FF733F080AE675DF6FE255AF48F5E23EB47D0622 ] SessionEnv      C:\Windows\system32\sessenv.dll
21:59:40.0944 0x1d28  SessionEnv - ok
21:59:40.0967 0x1d28  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\Windows\System32\drivers\sfloppy.sys
21:59:41.0017 0x1d28  sfloppy - ok
21:59:41.0066 0x1d28  [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess    C:\Windows\System32\ipnathlp.dll
21:59:41.0125 0x1d28  SharedAccess - ok
21:59:41.0204 0x1d28  [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:59:41.0310 0x1d28  ShellHWDetection - ok
21:59:41.0346 0x1d28  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
21:59:41.0368 0x1d28  SiSRaid2 - ok
21:59:41.0389 0x1d28  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
21:59:41.0416 0x1d28  SiSRaid4 - ok
21:59:41.0460 0x1d28  [ B72B80E6FF423C5011E745CB76DA9A08, 18A6B9D46E91AD4D463EB5CB832702392D2E162577F90C328B515FCE69FABD15 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
21:59:41.0501 0x1d28  SkypeUpdate - ok
21:59:41.0533 0x1d28  [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost         C:\Windows\System32\smphost.dll
21:59:41.0723 0x1d28  smphost - ok
21:59:41.0771 0x1d28  [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
21:59:41.0800 0x1d28  SNMPTRAP - ok
21:59:41.0873 0x1d28  [ 546B88E6906EE9813EFE314DC95E3488, FC172C2DCC7ACDBBC9CE07CFCBAEDFAEAD2641A037E126174525DBE8BA660CC4 ] spaceport       C:\Windows\system32\drivers\spaceport.sys
21:59:41.0916 0x1d28  spaceport - ok
21:59:41.0930 0x1d28  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\Windows\system32\drivers\SpbCx.sys
21:59:41.0955 0x1d28  SpbCx - ok
21:59:42.0011 0x1d28  [ FCB156A6745631A67DEA61827061D483, 9275ABFA1E1E595969A71C0DA228D18D1B868BF46E097E1276142BD80F8A32C9 ] Spooler         C:\Windows\System32\spoolsv.exe
21:59:42.0077 0x1d28  Spooler - ok
21:59:42.0413 0x1d28  [ F264662C057A54AA2DE41B3C7551712F, 2C123C6ACD967CDF1AD2855187CF3D8357B16A4FD9C2F18AE54CFA384165FA11 ] sppsvc          C:\Windows\system32\sppsvc.exe
21:59:42.0724 0x1d28  sppsvc - ok
21:59:42.0740 0x1d28  Object required for P2P: [ F264662C057A54AA2DE41B3C7551712F ] sppsvc
21:59:43.0000 0x1d28  Object send P2P result: true
21:59:43.0081 0x1d28  [ 36B082C7A764A34FB1DC72D975870B61, 572CB632D9FDC1183F7BF8BFCBC51765C647945E0C13D1C91ADE3D0E76DF83BC ] srv             C:\Windows\system32\DRIVERS\srv.sys
21:59:43.0164 0x1d28  srv - ok
21:59:43.0210 0x1d28  [ F5849909D4B29B4E3D4445F943E5C7E3, 3FCA1423753716FE1AFDD27EE1E13C4D779A3C976185B5C998EF1A9A39BFC186 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
21:59:43.0319 0x1d28  srv2 - ok
21:59:43.0407 0x1d28  [ FABC49666708EA562549E78E6FBF3191, BE1FEBFC259308B39C727915C41A67CD50720A6E2A68D148F4F2F926AED43B02 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
21:59:43.0477 0x1d28  srvnet - ok
21:59:43.0521 0x1d28  [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
21:59:43.0575 0x1d28  SSDPSRV - ok
21:59:43.0617 0x1d28  [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
21:59:43.0670 0x1d28  SstpSvc - ok
21:59:43.0723 0x1d28  [ D08FFE34AF5B7AC5F69EEA1E0E8C6ECE, CC43752CE5C879E24229C84443DBEE667CE629ECF992AD0D42F0F77FE04F6751 ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
21:59:43.0752 0x1d28  ssudmdm - ok
21:59:43.0773 0x1d28  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
21:59:43.0798 0x1d28  stexstor - ok
21:59:43.0851 0x1d28  [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc          C:\Windows\System32\wiaservc.dll
21:59:43.0919 0x1d28  stisvc - ok
21:59:43.0947 0x1d28  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\Windows\system32\drivers\storahci.sys
21:59:43.0974 0x1d28  storahci - ok
21:59:44.0000 0x1d28  [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
21:59:44.0026 0x1d28  storflt - ok
21:59:44.0068 0x1d28  [ 0EDD1F4D470C775740625B06A60C9DD5, 94964D0A793B1C984E87095249EE383A5E669D05BA6BF9F655587887E6CE3C19 ] stornvme        C:\Windows\system32\drivers\stornvme.sys
21:59:44.0093 0x1d28  stornvme - ok
21:59:44.0115 0x1d28  [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc         C:\Windows\system32\storsvc.dll
21:59:44.0164 0x1d28  StorSvc - ok
21:59:44.0196 0x1d28  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\Windows\system32\drivers\storvsc.sys
21:59:44.0218 0x1d28  storvsc - ok
21:59:44.0265 0x1d28  [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc           C:\Windows\system32\svsvc.dll
21:59:44.0305 0x1d28  svsvc - ok
21:59:44.0351 0x1d28  [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum          C:\Windows\System32\drivers\swenum.sys
21:59:44.0373 0x1d28  swenum - ok
21:59:44.0432 0x1d28  [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv           C:\Windows\System32\swprv.dll
21:59:44.0495 0x1d28  swprv - ok
21:59:44.0587 0x1d28  [ 7E85DB0463AD2403AE84AD162B162279, 996C42ECAFC6E24C623068AFAFCC0A2612526333AF9315F7536C6D40C2570632 ] SysMain         C:\Windows\system32\sysmain.dll
21:59:44.0732 0x1d28  SysMain - ok
21:59:44.0798 0x1d28  [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
21:59:44.0868 0x1d28  SystemEventsBroker - ok
21:59:44.0911 0x1d28  [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:59:44.0979 0x1d28  TabletInputService - ok
21:59:45.0030 0x1d28  [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv         C:\Windows\System32\tapisrv.dll
21:59:45.0119 0x1d28  TapiSrv - ok
21:59:45.0312 0x1d28  [ 2F10C145F517419E17203632FCDA0A13, 143F5837AE79E3EDB98F17A4661ECD5BCBFEB317077286B51E765560339B53A8 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
21:59:45.0436 0x1d28  Tcpip - ok
21:59:45.0546 0x1d28  [ 2F10C145F517419E17203632FCDA0A13, 143F5837AE79E3EDB98F17A4661ECD5BCBFEB317077286B51E765560339B53A8 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
21:59:45.0672 0x1d28  TCPIP6 - ok
21:59:45.0705 0x1d28  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
21:59:45.0759 0x1d28  tcpipreg - ok
21:59:45.0812 0x1d28  [ E0BD2D83875464FEEEB242CBA8B7E073, A3067165128F36035FA9F3CBA55CFED736E180C495497FA7332B3D97908C3D90 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
21:59:45.0860 0x1d28  tdx - ok
21:59:45.0883 0x1d28  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\Windows\System32\drivers\terminpt.sys
21:59:45.0906 0x1d28  terminpt - ok
21:59:45.0981 0x1d28  [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService     C:\Windows\System32\termsrv.dll
21:59:46.0084 0x1d28  TermService - ok
21:59:46.0121 0x1d28  [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes          C:\Windows\system32\themeservice.dll
21:59:46.0173 0x1d28  Themes - ok
21:59:46.0209 0x1d28  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER     C:\Windows\system32\mmcss.dll
21:59:46.0252 0x1d28  THREADORDER - ok
21:59:46.0301 0x1d28  [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker      C:\Windows\System32\TimeBrokerServer.dll
21:59:46.0385 0x1d28  TimeBroker - ok
21:59:46.0426 0x1d28  [ 80A2FC1A089A71F2DBE5D8394FFB009F, DEA30E751F6EA42E43E16869713FC7E37832B15DAFA0062B1798DFA476981385 ] TPM             C:\Windows\system32\drivers\tpm.sys
21:59:46.0457 0x1d28  TPM - ok
21:59:46.0491 0x1d28  [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks          C:\Windows\System32\trkwks.dll
21:59:46.0542 0x1d28  TrkWks - ok
21:59:46.0589 0x1d28  [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:59:46.0701 0x1d28  TrustedInstaller - ok
21:59:46.0737 0x1d28  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
21:59:46.0810 0x1d28  TsUsbFlt - ok
21:59:46.0843 0x1d28  [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD         C:\Windows\System32\drivers\TsUsbGD.sys
21:59:46.0920 0x1d28  TsUsbGD - ok
21:59:46.0950 0x1d28  [ E85916632CD3B9E9B546968DB950BF42, DECE3852C763CC6293C7D1B772296C43A0AE1E47BBCC4979C96B3B2AD70413F3 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
21:59:47.0013 0x1d28  tunnel - ok
21:59:47.0043 0x1d28  [ E624283C1A2F9BB4688A002914CC00A7, B6908C1FFDD6BCFFC5C2FC0C429FC3E237E340F891F80CFD737BE41E5EF7E328 ] TXEIx64         C:\Windows\System32\drivers\TXEIx64.sys
21:59:47.0065 0x1d28  TXEIx64 - ok
21:59:47.0089 0x1d28  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
21:59:47.0115 0x1d28  uagp35 - ok
21:59:47.0140 0x1d28  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\Windows\System32\drivers\uaspstor.sys
21:59:47.0165 0x1d28  UASPStor - ok
21:59:47.0202 0x1d28  [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000        C:\Windows\System32\drivers\ucx01000.sys
21:59:47.0232 0x1d28  UCX01000 - ok
21:59:47.0270 0x1d28  [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
21:59:47.0330 0x1d28  udfs - ok
21:59:47.0352 0x1d28  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\Windows\System32\drivers\UEFI.sys
21:59:47.0375 0x1d28  UEFI - ok
21:59:47.0418 0x1d28  [ EE33325429532937D51AC3F54DC93589, D861B541E42F41EDC69A2A3B44860E40164D797D11B4343495DE6281D33F718C ] UEIPSvc         C:\Program Files\Packard Bell\User Experience Improvement Program\Framework\UBTService.exe
21:59:47.0443 0x1d28  UEIPSvc - ok
21:59:47.0484 0x1d28  [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
21:59:47.0533 0x1d28  UI0Detect - ok
21:59:47.0564 0x1d28  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
21:59:47.0589 0x1d28  uliagpkx - ok
21:59:47.0606 0x1d28  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\Windows\System32\drivers\umbus.sys
21:59:47.0654 0x1d28  umbus - ok
21:59:47.0676 0x1d28  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\Windows\System32\drivers\umpass.sys
21:59:47.0720 0x1d28  UmPass - ok
21:59:47.0762 0x1d28  [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService    C:\Windows\System32\umrdp.dll
21:59:47.0852 0x1d28  UmRdpService - ok
21:59:47.0911 0x1d28  [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost        C:\Windows\System32\upnphost.dll
21:59:47.0984 0x1d28  upnphost - ok
21:59:48.0027 0x1d28  [ DF355EB0199198728027962DCFCDE5FB, 9E158BD07389B4CFF99674716647FA3AABEECBD1A98EDF20E544E099A99A8768 ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
21:59:48.0081 0x1d28  usbaudio - ok
21:59:48.0105 0x1d28  [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp         C:\Windows\System32\drivers\usbccgp.sys
21:59:48.0136 0x1d28  usbccgp - ok
21:59:48.0168 0x1d28  [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir          C:\Windows\System32\drivers\usbcir.sys
21:59:48.0205 0x1d28  usbcir - ok
21:59:48.0232 0x1d28  [ C996CBEF922B5653A01E3F50DDCE2F86, 231EB5A36E7EE242197E796D3B4AB12F945D2C8570587BC8D57D45530A0C59B4 ] usbehci         C:\Windows\System32\drivers\usbehci.sys
21:59:48.0258 0x1d28  usbehci - ok
21:59:48.0303 0x1d28  [ CD81683F4553677B9BF5163A922153EB, 6B304B0D68B9BFF0245EC755CDAAF9DF59DF3A081727E32CB66672929F0DBC50 ] usbhub          C:\Windows\System32\drivers\usbhub.sys
21:59:48.0352 0x1d28  usbhub - ok
21:59:48.0533 0x1d28  [ 5C90D5379B53590FBB24BBAD4FA682EE, DC036340510C1C0999AB1CB845F8E6EB8B7696BAC9BBE6E936454C0000D1E9D4 ] USBHUB3         C:\Windows\System32\drivers\UsbHub3.sys
21:59:48.0588 0x1d28  USBHUB3 - ok
21:59:48.0628 0x1d28  [ A0F0484C97D6441ED6A75D7426ECCC9E, FF928ADE1C5464E581BF929F7383D5762D110EA6C7E31A6F0887EA7357ADBEFE ] usbohci         C:\Windows\System32\drivers\usbohci.sys
21:59:48.0706 0x1d28  usbohci - ok
21:59:48.0738 0x1d28  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\Windows\System32\drivers\usbprint.sys
21:59:48.0791 0x1d28  usbprint - ok
21:59:48.0825 0x1d28  [ 9D168BFA334D47BE404367EB58D4E130, 23279CBE6ACBD074E7B268BA2EDA14E2255C41F8117173B2BBE653D8259ECFA2 ] USBSTOR         C:\Windows\System32\drivers\USBSTOR.SYS
21:59:48.0853 0x1d28  USBSTOR - ok
21:59:48.0884 0x1d28  [ FC974B03C8B87455F44F734C8F31A3C8, D69F6EE8030F7DF96FF151D9EAA6AE65417ACAC5A267C7DB96E9611D5BC42D2C ] usbuhci         C:\Windows\System32\drivers\usbuhci.sys
21:59:48.0914 0x1d28  usbuhci - ok
21:59:48.0953 0x1d28  [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
21:59:49.0008 0x1d28  usbvideo - ok
21:59:49.0047 0x1d28  [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI         C:\Windows\System32\drivers\USBXHCI.SYS
21:59:49.0082 0x1d28  USBXHCI - ok
21:59:49.0106 0x1d28  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc        C:\Windows\system32\lsass.exe
21:59:49.0131 0x1d28  VaultSvc - ok
21:59:49.0157 0x1d28  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
21:59:49.0181 0x1d28  vdrvroot - ok
21:59:49.0262 0x1d28  [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds             C:\Windows\System32\vds.exe
21:59:49.0361 0x1d28  vds - ok
21:59:49.0393 0x1d28  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\Windows\system32\drivers\VerifierExt.sys
21:59:49.0422 0x1d28  VerifierExt - ok
21:59:49.0483 0x1d28  [ 8ABB4BABF59F092DF0B43778D8FD1884, 94C2100CE86448543A8DD586AD4A128AB9EB37959238D70F33EF59202270AC6C ] vhdmp           C:\Windows\System32\drivers\vhdmp.sys
21:59:49.0551 0x1d28  vhdmp - ok
21:59:49.0570 0x1d28  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\Windows\system32\drivers\viaide.sys
21:59:49.0595 0x1d28  viaide - ok
21:59:49.0618 0x1d28  [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
21:59:49.0642 0x1d28  vmbus - ok
21:59:49.0658 0x1d28  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\Windows\System32\drivers\VMBusHID.sys
21:59:49.0702 0x1d28  VMBusHID - ok
21:59:49.0754 0x1d28  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\Windows\System32\ICSvc.dll
21:59:49.0814 0x1d28  vmicguestinterface - ok
21:59:49.0841 0x1d28  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat   C:\Windows\System32\ICSvc.dll
21:59:49.0887 0x1d28  vmicheartbeat - ok
21:59:49.0916 0x1d28  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
21:59:49.0962 0x1d28  vmickvpexchange - ok
21:59:49.0991 0x1d28  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv         C:\Windows\System32\ICSvc.dll
21:59:50.0037 0x1d28  vmicrdv - ok
21:59:50.0061 0x1d28  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown    C:\Windows\System32\ICSvc.dll
21:59:50.0107 0x1d28  vmicshutdown - ok
21:59:50.0133 0x1d28  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync    C:\Windows\System32\ICSvc.dll
21:59:50.0180 0x1d28  vmictimesync - ok
21:59:50.0208 0x1d28  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss         C:\Windows\System32\ICSvc.dll
21:59:50.0252 0x1d28  vmicvss - ok
21:59:50.0279 0x1d28  [ 436E1A724E7E683F6B612D3D58F04241, 939B5EF0090DF3759295F88402FD0EA33F499DDA9F89E5D0E90D1F9AED65D491 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
21:59:50.0306 0x1d28  volmgr - ok
21:59:50.0353 0x1d28  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
21:59:50.0399 0x1d28  volmgrx - ok
21:59:50.0447 0x1d28  [ 17F7B0F2298D97F4B6C7A69511033D3D, 5BDFC225F31553786726808FB7952940FC05CA72B3977D684056F42AFAA59565 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
21:59:50.0482 0x1d28  volsnap - ok
21:59:50.0512 0x1d28  [ DAC438FB5FF85A9E72806E2341D5D732, B1D1EFCA8C588A6BF53CEC941CC59702C366F15C7D5943431736EC857E57C0A2 ] vpci            C:\Windows\System32\drivers\vpci.sys
21:59:50.0537 0x1d28  vpci - ok
21:59:50.0565 0x1d28  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
21:59:50.0596 0x1d28  vsmraid - ok
21:59:50.0681 0x1d28  [ D0CBA7B3531CCF2ADB985856D5F92434, 7FCBBCAF1AA85DCE8D75FB38DC4848AE12E8DD913CEBBC37BCD3D0123F0A3CAB ] VSS             C:\Windows\system32\vssvc.exe
21:59:50.0796 0x1d28  VSS - ok
21:59:50.0831 0x1d28  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\Windows\system32\drivers\vstxraid.sys
21:59:50.0869 0x1d28  VSTXRAID - ok
21:59:50.0908 0x1d28  [ 71066FF95C487327E44C8AF1B72EBE8B, EA2729126B452CAE0C80D07501779D804B08E47F1217B61D53277B40869FEC25 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
21:59:50.0964 0x1d28  vwifibus - ok
21:59:51.0004 0x1d28  [ 29AB43937FFDA0B0FB56984226E698C6, 6A1A559964FE5D594E54988C46149969E6FFD5A8D5A6862E14648B608794CC29 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
21:59:51.0061 0x1d28  vwififlt - ok
21:59:51.0084 0x1d28  [ 8B8624A93E3F88CB923AEB05B6313227, 2856B63CD376BF2B1A9129581E7B9207588D4EAFD29A2C8D98F176FEAFDE26A9 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
21:59:51.0125 0x1d28  vwifimp - ok
21:59:51.0181 0x1d28  [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time         C:\Windows\system32\w32time.dll
21:59:51.0257 0x1d28  W32Time - ok
21:59:51.0283 0x1d28  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\Windows\System32\drivers\wacompen.sys
21:59:51.0326 0x1d28  WacomPen - ok
21:59:51.0440 0x1d28  [ 841345442390953CBC8801B95D3D0540, FD4F9FD2C4C60A1A580177FFF2E9035009AC6A38E78D4236B0ED4773E3B263EE ] wbengine        C:\Windows\system32\wbengine.exe
21:59:51.0564 0x1d28  wbengine - ok
21:59:51.0626 0x1d28  [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
21:59:51.0701 0x1d28  WbioSrvc - ok
21:59:51.0760 0x1d28  [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc          C:\Windows\System32\wcmsvc.dll
21:59:51.0836 0x1d28  Wcmsvc - ok
21:59:51.0875 0x1d28  [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
21:59:51.0940 0x1d28  wcncsvc - ok
21:59:51.0986 0x1d28  [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:59:52.0057 0x1d28  WcsPlugInService - ok
21:59:52.0105 0x1d28  [ 81285DDC994F03379DB46419300B2DCB, 98D3622E11F375718AEA1DE3B5F0104DDAB4F96B6D4C19788C14F7B338A6F235 ] WdBoot          C:\Windows\system32\drivers\WdBoot.sys
21:59:52.0130 0x1d28  WdBoot - ok
21:59:52.0183 0x1d28  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
21:59:52.0243 0x1d28  Wdf01000 - ok
21:59:52.0270 0x1d28  [ 26B8FED3F3B85F5F0C4BD03FD00B9941, 7F94FE7954498223B33C025258DB588A3AC9FF25C58EEAD204514FD20652FE40 ] WdFilter        C:\Windows\system32\drivers\WdFilter.sys
21:59:52.0305 0x1d28  WdFilter - ok
21:59:52.0339 0x1d28  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost  C:\Windows\system32\wdi.dll
21:59:52.0386 0x1d28  WdiServiceHost - ok
21:59:52.0400 0x1d28  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost   C:\Windows\system32\wdi.dll
21:59:52.0447 0x1d28  WdiSystemHost - ok
21:59:52.0479 0x1d28  [ CE67080F00E0AF32755096CEA6430ABA, 0E5D626F9F76C0BC63B2D246AD66D9CBF7D92F34B56398417BCFD0C331DBD282 ] WdNisDrv        C:\Windows\system32\Drivers\WdNisDrv.sys
21:59:52.0512 0x1d28  WdNisDrv - ok
21:59:52.0533 0x1d28  WdNisSvc - ok
21:59:52.0566 0x1d28  [ A70CAF5EA36CBA5FCA24244306D4D5C6, 76C3E20B62B89D9699A1E817377FAD70B144B877BCC5C850A5B64CC68184D8DA ] WebClient       C:\Windows\System32\webclnt.dll
21:59:52.0637 0x1d28  WebClient - ok
21:59:52.0678 0x1d28  [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc          C:\Windows\system32\wecsvc.dll
21:59:52.0732 0x1d28  Wecsvc - ok
21:59:52.0760 0x1d28  [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC      C:\Windows\system32\wephostsvc.dll
21:59:52.0803 0x1d28  WEPHOSTSVC - ok
21:59:52.0839 0x1d28  [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
21:59:52.0883 0x1d28  wercplsupport - ok
21:59:52.0920 0x1d28  [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc          C:\Windows\System32\WerSvc.dll
21:59:52.0953 0x1d28  WerSvc - ok
21:59:52.0984 0x1d28  [ 715ABA3DD164D06457A2A3C92F6EA9D5, E6F8269D2FFC4A548B65724C0A3F53756ED15E47229861FBD40B656EE40FE166 ] WFPLWFS         C:\Windows\system32\DRIVERS\wfplwfs.sys
21:59:53.0012 0x1d28  WFPLWFS - ok
21:59:53.0053 0x1d28  [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc          C:\Windows\System32\wiarpc.dll
21:59:53.0094 0x1d28  WiaRpc - ok
21:59:53.0132 0x1d28  [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
21:59:53.0155 0x1d28  WIMMount - ok
21:59:53.0160 0x1d28  WinDefend - ok
21:59:53.0240 0x1d28  [ 0E70990EC2E5D2331AA5E88DB0CFB826, 79DFF565C3FCBC691E8FEB669CEC00E340FD2A2AFA4488D23A7CC63A2A98A5C1 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
21:59:53.0334 0x1d28  WinHttpAutoProxySvc - ok
21:59:53.0396 0x1d28  [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
21:59:53.0448 0x1d28  Winmgmt - ok
21:59:53.0570 0x1d28  [ 427873F889F2F508BE8BE982219CE578, CA8DCFB774BF0F747295A7A0CB46A6177DE12AD6BD58266182206C41A3C9001E ] WinRM           C:\Windows\system32\WsmSvc.dll
21:59:53.0761 0x1d28  WinRM - ok
21:59:53.0821 0x1d28  [ 3AF1FA17F1C4ACBDB660D8F98B1A9C13, 99B0851410B462685F6705EBF832D10943FB9634030B02D15BF5D0C66F26F2C2 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
21:59:53.0882 0x1d28  WinUsb - ok
21:59:54.0030 0x1d28  [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc         C:\Windows\System32\wlansvc.dll
21:59:54.0149 0x1d28  WlanSvc - ok
21:59:54.0231 0x1d28  [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc         C:\Windows\system32\wlidsvc.dll
21:59:54.0342 0x1d28  wlidsvc - ok
21:59:54.0377 0x1d28  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\Windows\System32\drivers\wmiacpi.sys
21:59:54.0410 0x1d28  WmiAcpi - ok
21:59:54.0463 0x1d28  [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
21:59:54.0506 0x1d28  wmiApSrv - ok
21:59:54.0530 0x1d28  WMPNetworkSvc - ok
21:59:54.0563 0x1d28  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\Windows\system32\drivers\Wof.sys
21:59:54.0591 0x1d28  Wof - ok
21:59:54.0690 0x1d28  [ EDFA5CEDBE174FAAA4A09A6B297AEA42, 5998FE15462E4AD9C7B1444E5E2C17BD470DA3A5D474A0A118E02E47DADC678A ] workfolderssvc  C:\Windows\system32\workfolderssvc.dll
21:59:54.0801 0x1d28  workfolderssvc - ok
21:59:54.0831 0x1d28  [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr         C:\Windows\system32\DRIVERS\wpcfltr.sys
21:59:54.0855 0x1d28  wpcfltr - ok
21:59:54.0892 0x1d28  [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
21:59:54.0948 0x1d28  WPCSvc - ok
21:59:54.0981 0x1d28  [ DBDCE2378F65F0A07D4644AC103037E7, 99714F0CD31297C9831BAF04768F467F6E0BF710C859CEDCA83069226BF1A68A ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
21:59:55.0049 0x1d28  WPDBusEnum - ok
21:59:55.0081 0x1d28  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\Windows\system32\drivers\WpdUpFltr.sys
21:59:55.0102 0x1d28  WpdUpFltr - ok
21:59:55.0121 0x1d28  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
21:59:55.0173 0x1d28  ws2ifsl - ok
21:59:55.0203 0x1d28  [ 501D5EFAB9711039479AE48401386D2B, C8C1184DE93E9D2C4E8A60E4E9980745C4E5470E5DA9B59165D18705330ADEFE ] wscsvc          C:\Windows\System32\wscsvc.dll
21:59:55.0248 0x1d28  wscsvc - ok
21:59:55.0266 0x1d28  WSearch - ok
21:59:55.0670 0x1d28  [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService       C:\Windows\System32\WSService.dll
21:59:55.0846 0x1d28  WSService - ok
21:59:56.0139 0x1d28  [ F3F60C88A6BBC8D0C68FE5B1C91181AF, AF9A4D282CD4BB1127BC3F48AB89DC294408D96F7906553C636F37D1503CFA48 ] wuauserv        C:\Windows\system32\wuaueng.dll
21:59:56.0316 0x1d28  wuauserv - ok
21:59:56.0366 0x1d28  [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
21:59:56.0420 0x1d28  WudfPf - ok
21:59:56.0461 0x1d28  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd          C:\Windows\System32\drivers\WUDFRd.sys
21:59:56.0504 0x1d28  WUDFRd - ok
21:59:56.0545 0x1d28  [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
21:59:56.0592 0x1d28  wudfsvc - ok
21:59:56.0616 0x1d28  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs       C:\Windows\System32\drivers\WUDFRd.sys
21:59:56.0652 0x1d28  WUDFWpdFs - ok
21:59:56.0668 0x1d28  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp      C:\Windows\system32\DRIVERS\WUDFRd.sys
21:59:56.0703 0x1d28  WUDFWpdMtp - ok
21:59:56.0764 0x1d28  [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc         C:\Windows\System32\wwansvc.dll
21:59:56.0824 0x1d28  WwanSvc - ok
21:59:56.0853 0x1d28  ================ Scan global ===============================
21:59:56.0904 0x1d28  [ 3500AF0BA2EF095BF313EEB75D2366C6, C755E57B02BFA82151A182DF964349859575570EA5C3FBA81F747B8D2134A4D0 ] C:\Windows\system32\basesrv.dll
21:59:56.0949 0x1d28  [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\Windows\system32\winsrv.dll
21:59:57.0009 0x1d28  [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\Windows\system32\sxssrv.dll
21:59:57.0063 0x1d28  [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\Windows\system32\services.exe
21:59:57.0078 0x1d28  [ Global ] - ok
21:59:57.0079 0x1d28  ================ Scan MBR ==================================
21:59:57.0092 0x1d28  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
21:59:57.0198 0x1d28  \Device\Harddisk0\DR0 - ok
21:59:57.0201 0x1d28  ================ Scan VBR ==================================
21:59:57.0217 0x1d28  [ 0DB6C855F2008A699F70690D677CD1A0 ] \Device\Harddisk0\DR0\Partition1
21:59:57.0226 0x1d28  \Device\Harddisk0\DR0\Partition1 - ok
21:59:57.0268 0x1d28  [ 53DD2AAFE995F7E3A4BCE458A80A02D1 ] \Device\Harddisk0\DR0\Partition2
21:59:57.0274 0x1d28  \Device\Harddisk0\DR0\Partition2 - ok
21:59:57.0304 0x1d28  [ 9DF6EE3B3D77B2C80E2646ADE55EB073 ] \Device\Harddisk0\DR0\Partition3
21:59:57.0305 0x1d28  \Device\Harddisk0\DR0\Partition3 - ok
21:59:57.0331 0x1d28  [ 126FBAD101823976579A05DFC74FDF77 ] \Device\Harddisk0\DR0\Partition4
21:59:57.0338 0x1d28  \Device\Harddisk0\DR0\Partition4 - ok
21:59:57.0374 0x1d28  [ 89EB7DB2C993D1C17FB8B8427D3EA510 ] \Device\Harddisk0\DR0\Partition5
21:59:57.0381 0x1d28  \Device\Harddisk0\DR0\Partition5 - ok
21:59:57.0411 0x1d28  [ 6C1A715066525046F764F0878CB09349 ] \Device\Harddisk0\DR0\Partition6
21:59:57.0418 0x1d28  \Device\Harddisk0\DR0\Partition6 - ok
21:59:57.0420 0x1d28  ================ Scan generic autorun ======================
21:59:58.0039 0x1d28  [ DA2D7BED47EF71BDFEEDDEEE76C965FD, 79DB43FB6E84AD492E45DD7F58235D65DF0750AED8E1CEF287D9D1379106A953 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
21:59:58.0506 0x1d28  RTHDVCPL - ok
21:59:58.0743 0x1d28  [ A6A21A7D544675E98C040DA18904CF50, AACB578C297C7AC9FEBDAB4AD20235E5CFF6E3F260E76E6AE18D43DC57D69672 ] E:\PROGRAMME\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe
21:59:58.0851 0x1d28  Malwarebytes TrayApp - ok
21:59:58.0926 0x1d28  [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
21:59:58.0946 0x1d28  HP Software Update - ok
21:59:58.0978 0x1d28  Skype - ok
21:59:58.0991 0x1d28  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.207.0 ), 0x60110 ( disabled : outofdate )
21:59:58.0994 0x1d28  AV detected via SS2: McAfee Anti-Virus und Anti-Spyware, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 15.3.0.0 ), 0x51000 ( enabled : updated )
21:59:58.0996 0x1d28  FW detected via SS2: McAfee Firewall, C:\Program Files\McAfee.com\Agent\mcupdate.exe ( 15.3.0.0 ), 0x51010 ( enabled )
21:59:59.0073 0x1d28  ============================================================
21:59:59.0074 0x1d28  Scan finished
21:59:59.0074 0x1d28  ============================================================
21:59:59.0112 0x1da4  Detected object count: 0
21:59:59.0113 0x1da4  Actual detected object count: 0
         
Code:
ATTFilter
Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 04.03.17
Scan-Zeit: 00:19
Protokolldatei: MBAM Scan1.txt
Administrator: Ja

-Softwaredaten-
Version: 3.0.6.1469
Komponentenversion: 1.0.50
Version des Aktualisierungspakets: 1.0.1064
Lizenz: Kostenlos

-Systemdaten-
Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: JENSBIANKALIEBE\Bianka

-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 377715
Abgelaufene Zeit: 12 Min., 2 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)

Modul: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 1
PUP.Optional.HomePageHelper, HKU\S-1-5-21-3939777714-882395854-1159617953-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{00B03AEA-3904-11E5-827D-206A8ADE4140}, In Quarantäne, [14882], [185504],1.0.1064

Registrierungswert: 4
PUP.Optional.HomePageHelper, HKU\S-1-5-21-3939777714-882395854-1159617953-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{00B03AEA-3904-11E5-827D-206A8ADE4140}|FAVICONURL, In Quarantäne, [14882], [185504],1.0.1064
PUP.Optional.HomePageHelper, HKU\S-1-5-21-3939777714-882395854-1159617953-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{00B03AEA-3904-11E5-827D-206A8ADE4140}|FAVICONURLFALLBACK, In Quarantäne, [14882], [185504],1.0.1064
PUP.Optional.HomePageHelper, HKU\S-1-5-21-3939777714-882395854-1159617953-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{00B03AEA-3904-11E5-827D-206A8ADE4140}|TOPRESULTURL, In Quarantäne, [14882], [185504],1.0.1064
PUP.Optional.HomePageHelper, HKU\S-1-5-21-3939777714-882395854-1159617953-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{00B03AEA-3904-11E5-827D-206A8ADE4140}|URL, In Quarantäne, [14882], [185504],1.0.1064

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 1
PUP.Optional.Booking, C:\PROGRAM FILES\Booking.COM, In Quarantäne, [504], [310593],1.0.1064

Datei: 11
PUP.Optional.StartFenster.ShrtCln, C:\USERS\BIANKA\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\STARTFENSTER.LNK, In Quarantäne, [2687], [349853],1.0.1064
PUP.Optional.StartFenster.ShrtCln, C:\USERS\BIANKA\APPDATA\ROAMING\MICROSOFT\INTERNET EXPLORER\QUICK LAUNCH\STARTFENSTER.LNK, In Quarantäne, [2687], [349850],1.0.1064
PUP.Optional.Booking, C:\Program Files\Booking.COM\Booking.com.lnk, In Quarantäne, [504], [310593],1.0.1064
PUP.Optional.Booking, C:\Program Files\Booking.COM\Booking.ico, In Quarantäne, [504], [310593],1.0.1064
PUP.Optional.Booking, C:\Program Files\Booking.COM\StartURL.exe, In Quarantäne, [504], [310593],1.0.1064
PUP.Optional.Booking, C:\Program Files\Booking.COM\Version.txt, In Quarantäne, [504], [310593],1.0.1064
Trojan.Injector.MSIL, C:\USERS\BIANKA\APPDATA\LOCAL\TEMP\DMR\DMR_72.EXE, In Quarantäne, [32], [282333],1.0.1064
PUP.Optional.StartFenster.ShrtCln, C:\USERS\BIANKA\FAVORITES\STARTFENSTER.LNK, In Quarantäne, [2687], [349859],1.0.1064
PUP.Optional.WebSearch, C:\USERS\BIANKA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\2PTRWTJ5.DEFAULT\SEARCHPLUGINS\WEB SEARCH.XML, In Quarantäne, [10854], [244856],1.0.1064
PUP.Optional.StartFenster.ShrtCln, C:\USERS\BIANKA\FAVORITES\LINKS\STARTFENSTER.LNK, In Quarantäne, [2687], [349856],1.0.1064
PUP.Optional.StartFenster, C:\USERS\BIANKA\APPDATA\ROAMING\MICROSOFT\INTERNET EXPLORER\QUICK LAUNCH\USER PINNED\TASKBAR\STARTFENSTER.LNK, In Quarantäne, [2650], [350517],1.0.1064

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)


(end)
         
Code:
ATTFilter
Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 05.03.17
Scan-Zeit: 18:58
Protokolldatei: MBAM Scan2.txt
Administrator: Ja

-Softwaredaten-
Version: 3.0.6.1469
Komponentenversion: 1.0.50
Version des Aktualisierungspakets: 1.0.1432
Lizenz: Kostenlos

-Systemdaten-
Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: JENSBIANKALIEBE\Bianka

-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 383956
Abgelaufene Zeit: 11 Min., 5 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)

Modul: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswert: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 1
Adware.ChinAd, C:\USERS\BIANKA\APPDATA\LOCAL\TEMP\DMR, In Quarantäne, [1416], [375557],1.0.1432

Datei: 1
Adware.ChinAd, C:\USERS\BIANKA\APPDATA\LOCAL\TEMP\DMR\CLFYAWKDOPHZKOIY.DAT, In Quarantäne, [1416], [375557],1.0.1432

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)


(end)
         
Code:
ATTFilter
Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 05.03.17
Scan-Zeit: 22:43
Protokolldatei: MBAM Scan3.txt
Administrator: Ja

-Softwaredaten-
Version: 3.0.6.1469
Komponentenversion: 1.0.50
Version des Aktualisierungspakets: 1.0.1434
Lizenz: Kostenlos

-Systemdaten-
Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: JENSBIANKALIEBE\Bianka

-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 383973
Abgelaufene Zeit: 9 Min., 52 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)

Modul: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswert: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Datei: 0
(keine bösartigen Elemente erkannt)

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)


(end)
         
Ich hatte nicht gesehen, das KDSSKiller zu groß war, habe es jetzt in 4 Teile aufgeteilt.

Danke, dass Du Dich darum kümmerst Matthias!

Liebe Grüße!
Bianka

Alt 07.03.2017, 20:57   #9
M-K-D-B
/// TB-Ausbilder
 
Trojan.Injector.MSIL in Quarantäne, trotzdem funktioniert Google Chrome nicht - Standard

Trojan.Injector.MSIL in Quarantäne, trotzdem funktioniert Google Chrome nicht



Servus,




Schritt 1
Downloade Dir bitte AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Werkzeuge > Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • Image File Execution Options Schlüssel
    • "Tracing" Schlüssel
    • "Prefetch" Dateien
    • Proxy
    • Winsock
    • Firewall
    • Internet Explorer Richtlinien
    • Chrome Richtlinien
    • Chrome Einstellungen
  • Bestätige die Auswahl mit Ok.
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen (auch dann wenn AdwCleaner sagt, dass nichts gefunden wurde) und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).





Schritt 2

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.







Schritt 3
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Untersuchen.
  • FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei von AdwCleaner,
  • die Logdatei von JRT,
  • die beiden neuen Logdateien von FRST.
__________________
Gruß
M-K-D-B


==========================================================
offline vom 22.12.2018 bis 01.01.2019
==========================================================

Das Trojaner-Board unterstützen

Alt 07.03.2017, 22:29   #10
BiAnka-LF
 
Trojan.Injector.MSIL in Quarantäne, trotzdem funktioniert Google Chrome nicht - Standard

AdwCleaner



Code:
ATTFilter
# AdwCleaner v6.044 - Bericht erstellt am 07/03/2017 um 21:17:12
# Aktualisiert am 28/02/2017 von Malwarebytes
# Datenbank : 2017-03-07.1 [Server]
# Betriebssystem : Windows 8.1 Connected  (X64)
# Benutzername : Bianka - JENSBIANKALIEBE
# Gestartet von : C:\Users\Bianka\Desktop\AdwCleaner_6.044.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support



***** [ Dienste ] *****



***** [ Ordner ] *****

[-] Ordner gelöscht: C:\Users\Bianka\AppData\Local\SweetLabs App Platform
[-] Ordner gelöscht: C:\ProgramData\Pokki
[#] Ordner mit Neustart gelöscht: C:\ProgramData\Application Data\Pokki
[-] Ordner gelöscht: C:\Program Files (x86)\Startfenster
[-] Ordner gelöscht: C:\Users\Default User\AppData\Local\Pokki
[#] Ordner mit Neustart gelöscht: C:\Users\Default\AppData\Local\Pokki
[-] Ordner gelöscht: C:\Users\Public\Pokki


***** [ Dateien ] *****

[-] Datei gelöscht: C:\Users\Bianka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pokki Start Menu.lnk
[-] Datei gelöscht: C:\Users\Bianka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Verknüpfungen ] *****



***** [ Aufgabenplanung ] *****

[-] Aufgabe gelöscht: SweetLabs App Platform


***** [ Registrierungsdatenbank ] *****

[-] Schlüssel gelöscht: HKU\S-1-5-21-3939777714-882395854-1159617953-1001\Software\Classes\pokki
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Classes\pokki
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\pokki
[-] Schlüssel gelöscht: HKU\S-1-5-21-3939777714-882395854-1159617953-1001\Software\SweetLabs App Platform
[-] Schlüssel gelöscht: HKU\S-1-5-21-3939777714-882395854-1159617953-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_AP
[-] Schlüssel gelöscht: HKU\S-1-5-21-3939777714-882395854-1159617953-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_Start_Menu
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\SweetLabs App Platform
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_AP
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_Start_Menu
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Startfenster
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\SweetLabs App Platform
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_AP
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_Start_Menu
[-] Schlüssel gelöscht: HKU\S-1-5-21-3939777714-882395854-1159617953-1001\Software\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}
[-] Schlüssel gelöscht: HKCU\Software\Classes\AllFileSystemObjects\shell\pokki
[-] Schlüssel gelöscht: HKCU\Software\Classes\Directory\shell\pokki
[-] Schlüssel gelöscht: HKCU\Software\Classes\Drive\shell\pokki
[-] Schlüssel gelöscht: HKCU\Software\Classes\lnkfile\shell\pokki


***** [ Browser ] *****

[-] Firefox Einstellungen bereinigt: "browser.search.selectedEngine" -  "Web Search"
[-] [C:\Users\Bianka\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Gelöscht: de.yhs4.search.yahoo.com
[-] [C:\Users\Bianka\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Gelöscht: homepage-web.com
[-] [C:\Users\Bianka\AppData\Local\Google\Chrome\User Data\Default] [homepage] Gelöscht: hxxp://homepage-web.com/?s=acer&m=home


*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: "Image File Execution Options" Schlüssel gelöscht
:: "Prefetch" Dateien gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Firewall Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
:: Chrome Einstellungen zurückgesetzt: C:\Users\Bianka\AppData\Local\Google\Chrome\User Data\Default

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [4673 Bytes] - [07/03/2017 21:17:12]
C:\AdwCleaner\AdwCleaner[S0].txt - [4312 Bytes] - [07/03/2017 21:07:28]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [4819 Bytes] ##########
         
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.1 (02.11.2017)
Operating System: Windows 8.1 Connected x64 
Ran by Bianka (Administrator) on 07.03.2017 at 21:44:04,12
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 0 




Registry: 0 





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 07.03.2017 at 21:49:46,50
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 05-03-2017
durchgeführt von Bianka (Administrator) auf JENSBIANKALIEBE (07-03-2017 21:53:08)
Gestartet von C:\Users\Bianka\Desktop
Geladene Profile: Bianka (Verfügbare Profile: Bianka)
Platform: Windows 8.1 Connected (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BBSvc.EXE
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Intel(R) Corporation) C:\Program Files\Intel Corporation\Intel(R) Technology Access\LegacyCsLoaderService.exe
(Intel(R) Corporation) C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMSvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Malwarebytes) E:\Programme\Malwarebytes\Anti-Malware\MBAMService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Quick Access\QASvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(Malwarebytes) E:\Programme\Malwarebytes\Anti-Malware\mbamtray.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\VSCore_15_6\mcapexe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\2.3.290.0\McCSPServiceHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Quick Access\RMSvc.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(acer) C:\Program Files\Packard Bell\User Experience Improvement Program\Framework\UBTService.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(McAfee, Inc.) C:\Program Files\McAfee\VirusScan\McVsShld.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.EXE

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672664 2014-06-30] (Realtek Semiconductor)
HKLM\...\Run: [Malwarebytes TrayApp] => E:\PROGRAMME\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2014-04-29] (Atheros Communications)
HKU\S-1-5-21-3939777714-882395854-1159617953-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27427808 2017-02-08] (Skype Technologies S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2016-08-26]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk [2014-11-21]
ShortcutTarget: Install LastPass FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk [2014-11-21]
ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe ()

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{C2DD1DA6-5C52-4B22-9AD4-AEFFB5517783}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{FDA7EFCC-8D4F-4528-998E-4C644058C139}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3939777714-882395854-1159617953-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
HKU\S-1-5-21-3939777714-882395854-1159617953-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=APJB
SearchScopes: HKU\S-1-5-21-3939777714-882395854-1159617953-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3939777714-882395854-1159617953-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3939777714-882395854-1159617953-1001 -> {69142CA1-E7F5-4C54-A9B4-81E7F99E8A45} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=B011DE453D20141008&p={SearchTerms}
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2014-11-21] (LastPass)
BHO: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll [2014-11-21] (LastPass)
BHO-x32: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2014-11-21] (LastPass)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll [2014-11-21] (LastPass)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2017-02-10] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2017-02-10] (McAfee, Inc.)

FireFox:
========
FF ProfilePath: C:\Users\Bianka\AppData\Roaming\Mozilla\Firefox\Profiles\2ptrwtj5.default [2017-03-05]
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\2ptrwtj5.default -> Sichere Suche
FF Homepage: Mozilla\Firefox\Profiles\2ptrwtj5.default -> hxxp://google.de/
FF Keyword.URL: Mozilla\Firefox\Profiles\2ptrwtj5.default -> hxxps://de.search.yahoo.com/search?fr=mcafee&type=C111DE453D20141008&p=
FF Extension: (LastPass) - C:\Users\Bianka\AppData\Roaming\Mozilla\Firefox\Profiles\2ptrwtj5.default\Extensions\support@lastpass.com [2015-09-24]
FF Extension: (Video DownloadHelper) - C:\Users\Bianka\AppData\Roaming\Mozilla\Firefox\Profiles\2ptrwtj5.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-09-20]
FF Extension: (McAfee WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2016-05-24]
FF SearchPlugin: C:\Users\Bianka\AppData\Roaming\Mozilla\Firefox\Profiles\2ptrwtj5.default\searchplugins\McSiteAdvisor.xml [2017-03-05]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2017-02-17] [ist nicht signiert]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2015-08-02]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-02-15] ()
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2014-11-21] (LastPass)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2017-02-10] ()
FF Plugin: @videolan.org/vlc,version=2.1.5 -> E:\Programme\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-15] ()
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2014-11-21] (LastPass)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2017-02-10] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-03-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-03-05] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3939777714-882395854-1159617953-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Bianka\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2016-08-31] (Citrix Online)
FF Plugin HKU\S-1-5-21-3939777714-882395854-1159617953-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\Bianka\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2017-02-28] (Zoom Video Communications, Inc.)

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-04-27]
CHR HKLM\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3939777714-882395854-1159617953-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-04-27]
CHR HKLM-x32\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx

Opera: 
=======
StartMenuInternet: (HKLM) OperaStable - E:\Programme\Opera\Launcher.exe

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [319104 2014-04-29] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert]
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [3053312 2014-06-26] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [2573032 2014-06-12] (Acer Incorporated)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Datei ist nicht signiert]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315376 2014-06-09] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation)
R2 Intel(R) Technology Access Legacy CS Loader; C:\Program Files\Intel Corporation\Intel(R) Technology Access\LegacyCsLoaderService.exe [144128 2015-07-31] (Intel(R) Corporation)
R2 Intel(R) TechnologyAccessService; C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe [481536 2015-07-31] (Intel(R) Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel Corporation)
R2 LMSvc; C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMSvc.exe [466664 2014-06-10] (Acer Incorporate)
R2 MBAMService; E:\Programme\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [188352 2017-02-22] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_15_6\McApExe.exe [989632 2017-01-23] (McAfee, Inc.)
R2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\2.3.290.0\\McCSPServiceHost.exe [2054080 2017-02-04] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [1342904 2017-02-01] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [241040 2016-11-14] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [383032 2016-11-14] (McAfee, Inc.)
R3 mfevtp; C:\Windows\system32\mfevtps.exe [342768 2016-11-14] (McAfee, Inc.)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1465840 2016-12-22] (McAfee, Inc.)
S3 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1104304 2016-11-15] (Intel Security, Inc.)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R3 QASvc; C:\Program Files\Packard Bell\Packard Bell Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 RMSvc; C:\Program Files\Packard Bell\Packard Bell Quick Access\RMSvc.exe [449768 2014-06-26] (Acer Incorporate)
R3 UEIPSvc; C:\Program Files\Packard Bell\User Experience Improvement Program\Framework\UBTService.exe [233216 2014-06-23] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S3 Intel(R) TA SAM; "C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3893248 2014-04-02] (Qualcomm Atheros Communications, Inc.)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-04-29] (Qualcomm Atheros)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [88456 2016-11-18] (McAfee, Inc.)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 GPIO; C:\Windows\System32\drivers\iaiogpioe.sys [31232 2014-06-09] (Intel Corporation)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [216704 2016-08-02] (McAfee, Inc.)
R3 iaioi2c; C:\Windows\System32\drivers\iaioi2ce.sys [69632 2014-06-09] (Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [251848 2017-03-07] (Malwarebytes)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [484576 2016-11-18] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [366320 2016-11-18] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [85048 2016-11-18] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [518184 2016-11-18] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [916432 2016-11-18] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [498152 2016-10-24] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [109336 2016-10-24] (McAfee, Inc.)
R3 mfeplk; C:\Windows\System32\drivers\mfeplk.sys [110248 2016-11-18] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [46240 2016-06-06] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [254800 2016-11-18] (McAfee, Inc.)
R1 ndisrd; C:\Windows\system32\DRIVERS\ndisrfl.sys [41688 2015-04-30] (Intel Corporation)
R3 NetTap630; C:\Windows\system32\DRIVERS\nettap630.sys [67800 2015-04-30] (Intel Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-07 21:49 - 2017-03-07 21:49 - 00000554 _____ C:\Users\Bianka\Desktop\JRT.txt
2017-03-07 21:44 - 2017-03-07 21:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2017-03-07 21:02 - 2017-03-07 21:17 - 00000000 ____D C:\AdwCleaner
2017-03-07 21:02 - 2017-03-07 21:00 - 01663736 _____ (Malwarebytes) C:\Users\Bianka\Desktop\JRT.exe
2017-03-07 21:02 - 2017-03-07 20:59 - 04031440 _____ C:\Users\Bianka\Desktop\AdwCleaner_6.044.exe
2017-03-07 17:03 - 2017-03-07 17:03 - 00001388 _____ C:\Users\Bianka\Desktop\MBAM Scan2.txt
2017-03-07 17:03 - 2017-03-07 17:03 - 00001247 _____ C:\Users\Bianka\Desktop\MBAM Scan3.txt
2017-03-07 16:47 - 2017-03-07 16:47 - 00003774 _____ C:\Users\Bianka\Desktop\MBAM Scan1.txt
2017-03-06 22:01 - 2017-03-06 22:02 - 00353729 _____ C:\Users\Bianka\Desktop\tdss-Killer.txt
2017-03-06 21:48 - 2017-03-06 23:06 - 00707548 _____ C:\TDSSKiller.3.1.0.12_06.03.2017_21.48.50_log.txt
2017-03-06 21:48 - 2017-03-06 21:14 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Bianka\Desktop\tdsskiller.exe
2017-03-06 21:19 - 2017-03-06 21:22 - 00042407 _____ C:\Users\Bianka\Desktop\Addition.txt
2017-03-06 21:15 - 2017-03-07 21:53 - 00021703 _____ C:\Users\Bianka\Desktop\FRST.txt
2017-03-06 21:14 - 2017-03-07 21:53 - 00000000 ____D C:\FRST
2017-03-06 21:13 - 2017-03-06 21:12 - 02423808 _____ (Farbar) C:\Users\Bianka\Desktop\FRST64.exe
2017-03-05 22:50 - 2017-03-05 23:37 - 00015645 _____ C:\Users\Bianka\Desktop\Brotrezept.odt
2017-03-05 19:30 - 2017-03-05 19:30 - 00002251 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-03-05 19:30 - 2017-03-05 19:30 - 00002239 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-03-05 19:29 - 2017-03-05 19:29 - 00003542 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-03-05 19:29 - 2017-03-05 19:29 - 00003414 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-03-04 13:52 - 2017-03-04 13:52 - 00133640 _____ (Zoom Video Communications, Inc.) C:\Users\Bianka\Downloads\Zoom_launcher (3).exe
2017-03-04 13:52 - 2017-03-04 13:52 - 00000000 ____D C:\Users\Bianka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2017-03-04 00:18 - 2017-03-07 21:41 - 00251848 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-03-04 00:17 - 2017-03-04 00:17 - 00000925 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-03-04 00:17 - 2017-03-04 00:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-03-04 00:17 - 2017-03-04 00:17 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-03-04 00:17 - 2017-01-20 07:47 - 00077416 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-03-03 19:17 - 2017-03-03 19:18 - 01129376 _____ (Google Inc.) C:\Users\Bianka\Downloads\ChromeSetup.exe
2017-03-01 21:25 - 2017-03-01 21:26 - 439608336 _____ C:\Users\Bianka\Downloads\Interview Bianca und Katharina Kongress Lebensfreude zoom_0.mp4
2017-03-01 11:56 - 2017-03-01 11:56 - 00133640 _____ (Zoom Video Communications, Inc.) C:\Users\Bianka\Downloads\Zoom_launcher (2).exe
2017-03-01 11:26 - 2017-03-01 11:26 - 00133640 _____ (Zoom Video Communications, Inc.) C:\Users\Bianka\Downloads\Zoom_launcher (1).exe
2017-03-01 10:29 - 2017-03-06 22:47 - 00000068 _____ C:\Users\Bianka\Desktop\LP.txt
2017-03-01 08:58 - 2017-03-04 14:52 - 00000000 ____D C:\Users\Bianka\Documents\Zoom
2017-03-01 08:52 - 2017-03-04 13:53 - 00001954 _____ C:\Users\Bianka\Desktop\Zoom.lnk
2017-03-01 08:51 - 2017-03-01 08:51 - 00133640 _____ (Zoom Video Communications, Inc.) C:\Users\Bianka\Downloads\Zoom_launcher.exe
2017-02-27 21:19 - 2017-02-27 21:19 - 01629144 _____ (Skype Technologies S.A.) C:\Users\Bianka\Downloads\SkypeSetup.exe
2017-02-26 20:43 - 2017-03-05 14:25 - 00033172 _____ C:\Users\Bianka\Desktop\eBookText (neu).odt
2017-02-25 21:56 - 2017-02-26 17:32 - 00000000 ____D C:\Users\Bianka\Desktop\Pure-Lebensfreude-Online-Kongress
2017-02-25 12:30 - 2017-02-26 22:35 - 00027994 _____ C:\Users\Bianka\Desktop\Whatsapp-Chat.txt
2017-02-24 19:18 - 2017-02-24 19:19 - 00000706 _____ C:\Users\Bianka\Desktop\Onlinekongresserläuterung.txt
2017-02-23 21:59 - 2017-02-23 23:23 - 00000300 _____ C:\Users\Bianka\Desktop\Impressum.txt
2017-02-17 21:51 - 2017-02-17 21:51 - 00046655 _____ C:\Users\Bianka\Downloads\PB_KAZ_KtoNr_0092294801_07-02-2017_0928.pdf
2017-02-15 16:16 - 2017-02-15 22:57 - 00000453 _____ C:\Users\Bianka\Desktop\Karima Stockmann.txt
2017-02-15 13:22 - 2017-02-15 16:16 - 00000274 _____ C:\Users\Bianka\Desktop\Franziska Luschas.txt
2017-02-15 13:10 - 2017-02-19 17:37 - 00000670 _____ C:\Users\Bianka\Desktop\Astrid Kuby.txt
2017-02-15 11:36 - 2017-02-15 13:10 - 00000183 _____ C:\Users\Bianka\Desktop\Berge.txt
2017-02-15 10:05 - 2017-02-15 11:36 - 00000288 _____ C:\Users\Bianka\Desktop\Silvia Maria Engel.txt
2017-02-06 21:51 - 2017-02-06 21:57 - 00003772 _____ C:\Users\Bianka\Desktop\Gunnar Kessler.txt

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-07 21:51 - 2014-10-08 17:47 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3939777714-882395854-1159617953-1001
2017-03-07 21:41 - 2016-01-30 14:09 - 00000000 ____D C:\Program Files (x86)\McAfee
2017-03-07 21:41 - 2014-10-08 17:45 - 00000000 ___DO C:\Users\Bianka\OneDrive
2017-03-07 21:41 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-03-07 21:39 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf
2017-03-07 21:25 - 2016-08-31 17:57 - 00000600 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3939777714-882395854-1159617953-1001.job
2017-03-07 21:25 - 2014-11-25 13:47 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-03-07 20:56 - 2014-08-10 10:06 - 00765582 _____ C:\Windows\system32\perfh007.dat
2017-03-07 20:56 - 2014-08-10 10:06 - 00159366 _____ C:\Windows\system32\perfc007.dat
2017-03-07 20:56 - 2014-03-18 10:47 - 01776918 _____ C:\Windows\system32\PerfStringBackup.INI
2017-03-07 20:54 - 2016-10-13 10:56 - 00019543 _____ C:\Users\Bianka\Desktop\Experten,Tel,EMail,Verein.ods
2017-03-07 20:54 - 2015-12-18 17:08 - 03708928 ___SH C:\Users\Bianka\Desktop\Thumbs.db
2017-03-07 20:33 - 2016-08-31 17:57 - 00000696 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-3939777714-882395854-1159617953-1001.job
2017-03-07 20:24 - 2017-01-03 00:13 - 00021942 _____ C:\Users\Bianka\Desktop\Haushaltsbuch 2017 .ods
2017-03-06 20:55 - 2016-09-14 11:24 - 00000000 ____D C:\Users\Bianka\Desktop\ExpertenBilderZ
2017-03-06 20:55 - 2016-09-14 11:21 - 00000000 ____D C:\Users\Bianka\Desktop\ExpertenBilderA
2017-03-06 20:54 - 2016-09-14 10:00 - 00000000 ____D C:\Users\Bianka\Desktop\ExpertenBilderBianka
2017-03-06 20:07 - 2016-06-18 11:56 - 00003068 _____ C:\Windows\System32\Tasks\McAfeeLogon
2017-03-06 20:07 - 2016-01-30 14:11 - 00000000 ____D C:\Windows\System32\Tasks\McAfee
2017-03-05 23:53 - 2016-03-19 21:00 - 00000000 ____D C:\Users\Bianka\Desktop\Fotos
2017-03-05 19:30 - 2014-10-08 18:31 - 00000000 ____D C:\Users\Bianka\AppData\Local\Google
2017-03-05 19:29 - 2014-10-08 18:31 - 00000000 ____D C:\Program Files (x86)\Google
2017-03-05 18:54 - 2014-10-08 17:40 - 00000000 ____D C:\Users\Bianka
2017-03-05 15:34 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\NDF
2017-03-05 15:08 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2017-03-05 14:41 - 2014-10-08 17:59 - 00000000 __SHD C:\Users\Bianka\AppData\LocalLow\EmieUserList
2017-03-05 14:41 - 2014-10-08 17:58 - 00000000 __SHD C:\Users\Bianka\AppData\LocalLow\EmieSiteList
2017-03-05 00:08 - 2014-11-05 20:14 - 00000000 ____D C:\Users\Bianka\AppData\Roaming\vlc
2017-03-04 13:52 - 2016-01-19 23:01 - 00000000 ____D C:\Users\Bianka\AppData\Roaming\Zoom
2017-03-04 10:24 - 2014-11-01 18:15 - 00000000 ____D C:\Users\Bianka\AppData\Local\CrashDumps
2017-03-03 20:16 - 2017-01-18 20:49 - 00013932 _____ C:\Users\Bianka\Desktop\RechnungenUmsatzsteuerFA 2016 (neu).ods
2017-03-01 10:17 - 2017-01-20 18:02 - 00000790 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2017-03-01 10:17 - 2014-11-25 10:54 - 00003862 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1416909253
2017-03-01 08:41 - 2016-04-10 17:57 - 00000000 ____D C:\Program Files\Common Files\logishrd
2017-02-28 22:47 - 2016-01-18 11:01 - 00000000 ____D C:\Users\Bianka\AppData\Roaming\Skype
2017-02-28 09:51 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\LiveKernelReports
2017-02-27 21:24 - 2016-01-18 10:59 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-02-27 21:24 - 2016-01-18 10:59 - 00000000 ____D C:\ProgramData\Skype
2017-02-27 20:29 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2017-02-27 20:23 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-02-25 21:54 - 2016-09-21 10:12 - 00001913 _____ C:\Users\Bianka\Desktop\Andre Loibl.txt
2017-02-23 23:30 - 2014-11-24 12:04 - 03101184 ___SH C:\Users\Bianka\Downloads\Thumbs.db
2017-02-23 22:21 - 2014-11-09 21:16 - 00000000 ____D C:\Windows\system32\MRT
2017-02-23 22:16 - 2014-11-09 21:16 - 138020592 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-02-22 23:10 - 2015-05-01 21:23 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-02-22 19:25 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
2017-02-22 19:21 - 2014-10-08 18:30 - 00000000 ____D C:\Users\Bianka\AppData\Local\Deployment
2017-02-22 18:54 - 2014-10-08 17:59 - 00000000 __SHD C:\Users\Bianka\AppData\Local\EmieUserList
2017-02-22 18:54 - 2014-10-08 17:59 - 00000000 __SHD C:\Users\Bianka\AppData\Local\EmieSiteList
2017-02-19 21:58 - 2016-10-26 11:38 - 00015533 _____ C:\Users\Bianka\Desktop\Thomas Schmelzer.txt
2017-02-19 17:55 - 2017-01-22 15:29 - 00000300 _____ C:\Users\Bianka\Desktop\Ina Rudolph.txt
2017-02-18 20:07 - 2016-08-31 17:57 - 00003712 _____ C:\Windows\System32\Tasks\G2MUploadTask-S-1-5-21-3939777714-882395854-1159617953-1001
2017-02-18 20:07 - 2016-08-31 17:57 - 00003616 _____ C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-3939777714-882395854-1159617953-1001
2017-02-17 21:41 - 2016-01-30 14:03 - 00000000 ____D C:\ProgramData\McAfee
2017-02-17 21:40 - 2016-01-30 14:03 - 00000000 ____D C:\Program Files\Common Files\McAfee
2017-02-17 21:40 - 2013-08-22 15:44 - 00377416 _____ C:\Windows\system32\FNTCACHE.DAT
2017-02-15 10:04 - 2017-01-11 13:47 - 00001529 _____ C:\Users\Bianka\Desktop\Ralf senftleben.txt
2017-02-15 08:25 - 2014-11-25 13:47 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-02-15 08:25 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-02-15 08:25 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\Macromed
2017-02-10 22:33 - 2013-08-22 16:36 - 00000000 ___HD C:\Windows\ELAMBKUP
2017-02-09 23:32 - 2016-09-21 09:11 - 00011681 _____ C:\Users\Bianka\Desktop\Recherche Experten.txt
2017-02-06 20:41 - 2016-10-12 23:26 - 00835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-02-06 20:41 - 2016-10-12 23:26 - 00177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-02-05 23:26 - 2017-01-25 00:24 - 00000000 ____D C:\Users\Bianka\Desktop\Bilder für Freebie

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-11-21 23:42 - 2014-11-21 23:42 - 14147584 _____ () C:\Program Files (x86)\Common Files\lpuninstall.exe
2014-08-10 01:06 - 2014-08-10 01:06 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-08-26 15:56 - 2016-08-26 16:06 - 0000369 _____ () C:\ProgramData\hpzinstall.log

Einige Dateien in TEMP:
====================
2014-11-25 13:50 - 2013-12-25 12:34 - 3832576 _____ (Acer Incorporated) C:\Users\Bianka\AppData\Local\Temp\AcerDocsSetup.exe
2015-02-15 04:36 - 2015-02-15 04:36 - 40696528 _____ (Intel Corporation) C:\Users\Bianka\AppData\Local\Temp\Intel_Technology_Access_Software.exe
2015-12-02 16:05 - 2015-12-02 16:05 - 0120336 _____ (McAfee, Inc.) C:\Users\Bianka\AppData\Local\Temp\McCSPInstall.dll
2015-12-28 12:03 - 2015-09-01 12:11 - 0162120 _____ (McAfee Inc.) C:\Users\Bianka\AppData\Local\Temp\mccspuninstall.exe
2015-02-25 21:34 - 2015-02-25 21:35 - 135518328 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct12DD.tmp.exe
2016-04-14 18:42 - 2016-04-14 18:42 - 63707840 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct1418.tmp.exe
2015-12-11 18:27 - 2015-12-11 18:28 - 62903592 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct15D4.tmp.exe
2015-07-19 20:04 - 2015-07-19 20:05 - 67099128 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct162A.tmp.exe
2015-12-13 20:55 - 2015-12-13 20:56 - 63066872 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct175F.tmp.exe
2015-06-01 21:18 - 2015-06-01 21:18 - 67289280 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct1ACA.tmp.exe
2016-07-29 10:58 - 2016-07-29 11:07 - 63953128 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct2AC4.tmp.exe
2015-06-01 21:12 - 2015-06-01 21:13 - 67289280 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct2CA5.tmp.exe
2015-03-15 20:41 - 2015-03-15 20:42 - 139274496 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct41EA.tmp.exe
2015-01-03 14:40 - 2015-01-03 14:41 - 87183720 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct56AC.tmp.exe
2014-12-21 17:32 - 2014-12-21 17:33 - 95168336 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct5732.tmp.exe
2015-10-10 11:31 - 2015-10-10 11:31 - 67197784 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct5807.tmp.exe
2015-01-31 18:54 - 2015-01-31 18:55 - 61865696 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct61D7.tmp.exe
2015-03-22 21:00 - 2015-03-22 21:01 - 109032712 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct6283.tmp.exe
2015-02-02 14:08 - 2015-02-02 14:08 - 61862488 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct7427.tmp.exe
2015-03-12 20:52 - 2015-03-12 20:53 - 139275384 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct8E2F.tmp.exe
2016-02-17 20:14 - 2016-02-17 20:15 - 63078856 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct95E1.tmp.exe
2015-05-30 20:40 - 2015-05-30 20:40 - 67289280 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct9687.tmp.exe
2014-11-21 22:11 - 2014-11-21 22:30 - 84041160 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct9889.tmp.exe
2015-05-09 12:23 - 2015-05-09 12:24 - 107701776 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct9CB4.tmp.exe
2015-07-25 17:53 - 2015-07-25 17:53 - 67096576 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct9CF6.tmp.exe
2015-06-01 21:09 - 2015-06-01 21:10 - 67289280 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octA56E.tmp.exe
2015-05-24 14:29 - 2015-05-24 14:29 - 66882760 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octA6A4.tmp.exe
2015-06-01 21:15 - 2015-06-01 21:15 - 67289280 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octAF39.tmp.exe
2016-07-25 14:27 - 2016-07-25 14:28 - 63953600 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octB45A.tmp.exe
2015-10-30 18:30 - 2015-10-30 18:31 - 64809432 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octB7E9.tmp.exe
2015-12-07 23:04 - 2015-12-07 23:05 - 62760704 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octBF1D.tmp.exe
2015-02-11 19:02 - 2015-02-11 19:02 - 61869384 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octC2C8.tmp.exe
2015-08-28 08:59 - 2015-08-28 09:00 - 67202952 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octC8F0.tmp.exe
2015-04-17 17:17 - 2015-04-17 17:18 - 107667040 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octCC20.tmp.exe
2016-09-20 20:37 - 2016-09-20 20:37 - 64108904 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octCD56.tmp.exe
2015-02-22 16:13 - 2015-02-22 16:14 - 135702664 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octD17A.tmp.exe
2014-12-19 19:14 - 2014-12-19 19:14 - 84724888 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octD1F5.tmp.exe
2015-02-23 22:55 - 2015-02-23 22:55 - 135702568 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octD819.tmp.exe
2015-03-16 22:58 - 2015-03-16 22:58 - 94958272 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octD8AF.tmp.exe
2016-03-15 22:21 - 2016-03-15 22:22 - 63142648 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octD992.tmp.exe
2016-03-10 23:11 - 2016-03-10 23:12 - 63143840 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octDB79.tmp.exe
2016-11-17 23:37 - 2016-11-17 23:37 - 64111920 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octDB9.tmp.exe
2014-10-08 18:23 - 2014-10-08 18:24 - 50678288 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octF10C.tmp.exe
2016-08-15 20:55 - 2016-08-15 20:55 - 7046480 _____ () C:\Users\Bianka\AppData\Local\Temp\paint.net.4.0.10.install.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-03-01 10:37

==================== Ende von FRST.txt ============================
         
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 05-03-2017
durchgeführt von Bianka (Administrator) auf JENSBIANKALIEBE (07-03-2017 21:53:08)
Gestartet von C:\Users\Bianka\Desktop
Geladene Profile: Bianka (Verfügbare Profile: Bianka)
Platform: Windows 8.1 Connected (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BBSvc.EXE
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Intel(R) Corporation) C:\Program Files\Intel Corporation\Intel(R) Technology Access\LegacyCsLoaderService.exe
(Intel(R) Corporation) C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMSvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Malwarebytes) E:\Programme\Malwarebytes\Anti-Malware\MBAMService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Quick Access\QASvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(Malwarebytes) E:\Programme\Malwarebytes\Anti-Malware\mbamtray.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\VSCore_15_6\mcapexe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\2.3.290.0\McCSPServiceHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Quick Access\RMSvc.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(acer) C:\Program Files\Packard Bell\User Experience Improvement Program\Framework\UBTService.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(McAfee, Inc.) C:\Program Files\McAfee\VirusScan\McVsShld.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.EXE

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672664 2014-06-30] (Realtek Semiconductor)
HKLM\...\Run: [Malwarebytes TrayApp] => E:\PROGRAMME\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2014-04-29] (Atheros Communications)
HKU\S-1-5-21-3939777714-882395854-1159617953-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27427808 2017-02-08] (Skype Technologies S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2016-08-26]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk [2014-11-21]
ShortcutTarget: Install LastPass FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk [2014-11-21]
ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe ()

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{C2DD1DA6-5C52-4B22-9AD4-AEFFB5517783}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{FDA7EFCC-8D4F-4528-998E-4C644058C139}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3939777714-882395854-1159617953-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
HKU\S-1-5-21-3939777714-882395854-1159617953-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=APJB
SearchScopes: HKU\S-1-5-21-3939777714-882395854-1159617953-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3939777714-882395854-1159617953-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3939777714-882395854-1159617953-1001 -> {69142CA1-E7F5-4C54-A9B4-81E7F99E8A45} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=B011DE453D20141008&p={SearchTerms}
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2014-11-21] (LastPass)
BHO: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll [2014-11-21] (LastPass)
BHO-x32: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2014-11-21] (LastPass)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll [2014-11-21] (LastPass)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2017-02-10] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2017-02-10] (McAfee, Inc.)

FireFox:
========
FF ProfilePath: C:\Users\Bianka\AppData\Roaming\Mozilla\Firefox\Profiles\2ptrwtj5.default [2017-03-05]
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\2ptrwtj5.default -> Sichere Suche
FF Homepage: Mozilla\Firefox\Profiles\2ptrwtj5.default -> hxxp://google.de/
FF Keyword.URL: Mozilla\Firefox\Profiles\2ptrwtj5.default -> hxxps://de.search.yahoo.com/search?fr=mcafee&type=C111DE453D20141008&p=
FF Extension: (LastPass) - C:\Users\Bianka\AppData\Roaming\Mozilla\Firefox\Profiles\2ptrwtj5.default\Extensions\support@lastpass.com [2015-09-24]
FF Extension: (Video DownloadHelper) - C:\Users\Bianka\AppData\Roaming\Mozilla\Firefox\Profiles\2ptrwtj5.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-09-20]
FF Extension: (McAfee WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2016-05-24]
FF SearchPlugin: C:\Users\Bianka\AppData\Roaming\Mozilla\Firefox\Profiles\2ptrwtj5.default\searchplugins\McSiteAdvisor.xml [2017-03-05]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2017-02-17] [ist nicht signiert]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2015-08-02]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-02-15] ()
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2014-11-21] (LastPass)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2017-02-10] ()
FF Plugin: @videolan.org/vlc,version=2.1.5 -> E:\Programme\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-15] ()
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2014-11-21] (LastPass)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2017-02-10] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-03-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-03-05] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3939777714-882395854-1159617953-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Bianka\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2016-08-31] (Citrix Online)
FF Plugin HKU\S-1-5-21-3939777714-882395854-1159617953-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\Bianka\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2017-02-28] (Zoom Video Communications, Inc.)

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-04-27]
CHR HKLM\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3939777714-882395854-1159617953-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-04-27]
CHR HKLM-x32\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx

Opera: 
=======
StartMenuInternet: (HKLM) OperaStable - E:\Programme\Opera\Launcher.exe

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [319104 2014-04-29] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert]
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [3053312 2014-06-26] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [2573032 2014-06-12] (Acer Incorporated)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Datei ist nicht signiert]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315376 2014-06-09] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation)
R2 Intel(R) Technology Access Legacy CS Loader; C:\Program Files\Intel Corporation\Intel(R) Technology Access\LegacyCsLoaderService.exe [144128 2015-07-31] (Intel(R) Corporation)
R2 Intel(R) TechnologyAccessService; C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe [481536 2015-07-31] (Intel(R) Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel Corporation)
R2 LMSvc; C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMSvc.exe [466664 2014-06-10] (Acer Incorporate)
R2 MBAMService; E:\Programme\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [188352 2017-02-22] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_15_6\McApExe.exe [989632 2017-01-23] (McAfee, Inc.)
R2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\2.3.290.0\\McCSPServiceHost.exe [2054080 2017-02-04] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [1342904 2017-02-01] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [241040 2016-11-14] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [383032 2016-11-14] (McAfee, Inc.)
R3 mfevtp; C:\Windows\system32\mfevtps.exe [342768 2016-11-14] (McAfee, Inc.)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1465840 2016-12-22] (McAfee, Inc.)
S3 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1104304 2016-11-15] (Intel Security, Inc.)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R3 QASvc; C:\Program Files\Packard Bell\Packard Bell Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 RMSvc; C:\Program Files\Packard Bell\Packard Bell Quick Access\RMSvc.exe [449768 2014-06-26] (Acer Incorporate)
R3 UEIPSvc; C:\Program Files\Packard Bell\User Experience Improvement Program\Framework\UBTService.exe [233216 2014-06-23] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S3 Intel(R) TA SAM; "C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3893248 2014-04-02] (Qualcomm Atheros Communications, Inc.)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-04-29] (Qualcomm Atheros)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [88456 2016-11-18] (McAfee, Inc.)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 GPIO; C:\Windows\System32\drivers\iaiogpioe.sys [31232 2014-06-09] (Intel Corporation)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [216704 2016-08-02] (McAfee, Inc.)
R3 iaioi2c; C:\Windows\System32\drivers\iaioi2ce.sys [69632 2014-06-09] (Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [251848 2017-03-07] (Malwarebytes)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [484576 2016-11-18] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [366320 2016-11-18] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [85048 2016-11-18] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [518184 2016-11-18] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [916432 2016-11-18] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [498152 2016-10-24] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [109336 2016-10-24] (McAfee, Inc.)
R3 mfeplk; C:\Windows\System32\drivers\mfeplk.sys [110248 2016-11-18] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [46240 2016-06-06] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [254800 2016-11-18] (McAfee, Inc.)
R1 ndisrd; C:\Windows\system32\DRIVERS\ndisrfl.sys [41688 2015-04-30] (Intel Corporation)
R3 NetTap630; C:\Windows\system32\DRIVERS\nettap630.sys [67800 2015-04-30] (Intel Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-07 21:49 - 2017-03-07 21:49 - 00000554 _____ C:\Users\Bianka\Desktop\JRT.txt
2017-03-07 21:44 - 2017-03-07 21:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2017-03-07 21:02 - 2017-03-07 21:17 - 00000000 ____D C:\AdwCleaner
2017-03-07 21:02 - 2017-03-07 21:00 - 01663736 _____ (Malwarebytes) C:\Users\Bianka\Desktop\JRT.exe
2017-03-07 21:02 - 2017-03-07 20:59 - 04031440 _____ C:\Users\Bianka\Desktop\AdwCleaner_6.044.exe
2017-03-07 17:03 - 2017-03-07 17:03 - 00001388 _____ C:\Users\Bianka\Desktop\MBAM Scan2.txt
2017-03-07 17:03 - 2017-03-07 17:03 - 00001247 _____ C:\Users\Bianka\Desktop\MBAM Scan3.txt
2017-03-07 16:47 - 2017-03-07 16:47 - 00003774 _____ C:\Users\Bianka\Desktop\MBAM Scan1.txt
2017-03-06 22:01 - 2017-03-06 22:02 - 00353729 _____ C:\Users\Bianka\Desktop\tdss-Killer.txt
2017-03-06 21:48 - 2017-03-06 23:06 - 00707548 _____ C:\TDSSKiller.3.1.0.12_06.03.2017_21.48.50_log.txt
2017-03-06 21:48 - 2017-03-06 21:14 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Bianka\Desktop\tdsskiller.exe
2017-03-06 21:19 - 2017-03-06 21:22 - 00042407 _____ C:\Users\Bianka\Desktop\Addition.txt
2017-03-06 21:15 - 2017-03-07 21:53 - 00021703 _____ C:\Users\Bianka\Desktop\FRST.txt
2017-03-06 21:14 - 2017-03-07 21:53 - 00000000 ____D C:\FRST
2017-03-06 21:13 - 2017-03-06 21:12 - 02423808 _____ (Farbar) C:\Users\Bianka\Desktop\FRST64.exe
2017-03-05 22:50 - 2017-03-05 23:37 - 00015645 _____ C:\Users\Bianka\Desktop\Brotrezept.odt
2017-03-05 19:30 - 2017-03-05 19:30 - 00002251 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-03-05 19:30 - 2017-03-05 19:30 - 00002239 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-03-05 19:29 - 2017-03-05 19:29 - 00003542 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-03-05 19:29 - 2017-03-05 19:29 - 00003414 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-03-04 13:52 - 2017-03-04 13:52 - 00133640 _____ (Zoom Video Communications, Inc.) C:\Users\Bianka\Downloads\Zoom_launcher (3).exe
2017-03-04 13:52 - 2017-03-04 13:52 - 00000000 ____D C:\Users\Bianka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2017-03-04 00:18 - 2017-03-07 21:41 - 00251848 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-03-04 00:17 - 2017-03-04 00:17 - 00000925 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-03-04 00:17 - 2017-03-04 00:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-03-04 00:17 - 2017-03-04 00:17 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-03-04 00:17 - 2017-01-20 07:47 - 00077416 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-03-03 19:17 - 2017-03-03 19:18 - 01129376 _____ (Google Inc.) C:\Users\Bianka\Downloads\ChromeSetup.exe
2017-03-01 21:25 - 2017-03-01 21:26 - 439608336 _____ C:\Users\Bianka\Downloads\Interview Bianca und Katharina Kongress Lebensfreude zoom_0.mp4
2017-03-01 11:56 - 2017-03-01 11:56 - 00133640 _____ (Zoom Video Communications, Inc.) C:\Users\Bianka\Downloads\Zoom_launcher (2).exe
2017-03-01 11:26 - 2017-03-01 11:26 - 00133640 _____ (Zoom Video Communications, Inc.) C:\Users\Bianka\Downloads\Zoom_launcher (1).exe
2017-03-01 10:29 - 2017-03-06 22:47 - 00000068 _____ C:\Users\Bianka\Desktop\LP.txt
2017-03-01 08:58 - 2017-03-04 14:52 - 00000000 ____D C:\Users\Bianka\Documents\Zoom
2017-03-01 08:52 - 2017-03-04 13:53 - 00001954 _____ C:\Users\Bianka\Desktop\Zoom.lnk
2017-03-01 08:51 - 2017-03-01 08:51 - 00133640 _____ (Zoom Video Communications, Inc.) C:\Users\Bianka\Downloads\Zoom_launcher.exe
2017-02-27 21:19 - 2017-02-27 21:19 - 01629144 _____ (Skype Technologies S.A.) C:\Users\Bianka\Downloads\SkypeSetup.exe
2017-02-26 20:43 - 2017-03-05 14:25 - 00033172 _____ C:\Users\Bianka\Desktop\eBookText (neu).odt
2017-02-25 21:56 - 2017-02-26 17:32 - 00000000 ____D C:\Users\Bianka\Desktop\Pure-Lebensfreude-Online-Kongress
2017-02-25 12:30 - 2017-02-26 22:35 - 00027994 _____ C:\Users\Bianka\Desktop\Whatsapp-Chat.txt
2017-02-24 19:18 - 2017-02-24 19:19 - 00000706 _____ C:\Users\Bianka\Desktop\Onlinekongresserläuterung.txt
2017-02-23 21:59 - 2017-02-23 23:23 - 00000300 _____ C:\Users\Bianka\Desktop\Impressum.txt
2017-02-17 21:51 - 2017-02-17 21:51 - 00046655 _____ C:\Users\Bianka\Downloads\PB_KAZ_KtoNr_0092294801_07-02-2017_0928.pdf
2017-02-15 16:16 - 2017-02-15 22:57 - 00000453 _____ C:\Users\Bianka\Desktop\Karima Stockmann.txt
2017-02-15 13:22 - 2017-02-15 16:16 - 00000274 _____ C:\Users\Bianka\Desktop\Franziska Luschas.txt
2017-02-15 13:10 - 2017-02-19 17:37 - 00000670 _____ C:\Users\Bianka\Desktop\Astrid Kuby.txt
2017-02-15 11:36 - 2017-02-15 13:10 - 00000183 _____ C:\Users\Bianka\Desktop\Berge.txt
2017-02-15 10:05 - 2017-02-15 11:36 - 00000288 _____ C:\Users\Bianka\Desktop\Silvia Maria Engel.txt
2017-02-06 21:51 - 2017-02-06 21:57 - 00003772 _____ C:\Users\Bianka\Desktop\Gunnar Kessler.txt

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-07 21:51 - 2014-10-08 17:47 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3939777714-882395854-1159617953-1001
2017-03-07 21:41 - 2016-01-30 14:09 - 00000000 ____D C:\Program Files (x86)\McAfee
2017-03-07 21:41 - 2014-10-08 17:45 - 00000000 ___DO C:\Users\Bianka\OneDrive
2017-03-07 21:41 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-03-07 21:39 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf
2017-03-07 21:25 - 2016-08-31 17:57 - 00000600 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3939777714-882395854-1159617953-1001.job
2017-03-07 21:25 - 2014-11-25 13:47 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-03-07 20:56 - 2014-08-10 10:06 - 00765582 _____ C:\Windows\system32\perfh007.dat
2017-03-07 20:56 - 2014-08-10 10:06 - 00159366 _____ C:\Windows\system32\perfc007.dat
2017-03-07 20:56 - 2014-03-18 10:47 - 01776918 _____ C:\Windows\system32\PerfStringBackup.INI
2017-03-07 20:54 - 2016-10-13 10:56 - 00019543 _____ C:\Users\Bianka\Desktop\Experten,Tel,EMail,Verein.ods
2017-03-07 20:54 - 2015-12-18 17:08 - 03708928 ___SH C:\Users\Bianka\Desktop\Thumbs.db
2017-03-07 20:33 - 2016-08-31 17:57 - 00000696 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-3939777714-882395854-1159617953-1001.job
2017-03-07 20:24 - 2017-01-03 00:13 - 00021942 _____ C:\Users\Bianka\Desktop\Haushaltsbuch 2017 .ods
2017-03-06 20:55 - 2016-09-14 11:24 - 00000000 ____D C:\Users\Bianka\Desktop\ExpertenBilderZ
2017-03-06 20:55 - 2016-09-14 11:21 - 00000000 ____D C:\Users\Bianka\Desktop\ExpertenBilderA
2017-03-06 20:54 - 2016-09-14 10:00 - 00000000 ____D C:\Users\Bianka\Desktop\ExpertenBilderBianka
2017-03-06 20:07 - 2016-06-18 11:56 - 00003068 _____ C:\Windows\System32\Tasks\McAfeeLogon
2017-03-06 20:07 - 2016-01-30 14:11 - 00000000 ____D C:\Windows\System32\Tasks\McAfee
2017-03-05 23:53 - 2016-03-19 21:00 - 00000000 ____D C:\Users\Bianka\Desktop\Fotos
2017-03-05 19:30 - 2014-10-08 18:31 - 00000000 ____D C:\Users\Bianka\AppData\Local\Google
2017-03-05 19:29 - 2014-10-08 18:31 - 00000000 ____D C:\Program Files (x86)\Google
2017-03-05 18:54 - 2014-10-08 17:40 - 00000000 ____D C:\Users\Bianka
2017-03-05 15:34 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\NDF
2017-03-05 15:08 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2017-03-05 14:41 - 2014-10-08 17:59 - 00000000 __SHD C:\Users\Bianka\AppData\LocalLow\EmieUserList
2017-03-05 14:41 - 2014-10-08 17:58 - 00000000 __SHD C:\Users\Bianka\AppData\LocalLow\EmieSiteList
2017-03-05 00:08 - 2014-11-05 20:14 - 00000000 ____D C:\Users\Bianka\AppData\Roaming\vlc
2017-03-04 13:52 - 2016-01-19 23:01 - 00000000 ____D C:\Users\Bianka\AppData\Roaming\Zoom
2017-03-04 10:24 - 2014-11-01 18:15 - 00000000 ____D C:\Users\Bianka\AppData\Local\CrashDumps
2017-03-03 20:16 - 2017-01-18 20:49 - 00013932 _____ C:\Users\Bianka\Desktop\RechnungenUmsatzsteuerFA 2016 (neu).ods
2017-03-01 10:17 - 2017-01-20 18:02 - 00000790 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2017-03-01 10:17 - 2014-11-25 10:54 - 00003862 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1416909253
2017-03-01 08:41 - 2016-04-10 17:57 - 00000000 ____D C:\Program Files\Common Files\logishrd
2017-02-28 22:47 - 2016-01-18 11:01 - 00000000 ____D C:\Users\Bianka\AppData\Roaming\Skype
2017-02-28 09:51 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\LiveKernelReports
2017-02-27 21:24 - 2016-01-18 10:59 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-02-27 21:24 - 2016-01-18 10:59 - 00000000 ____D C:\ProgramData\Skype
2017-02-27 20:29 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2017-02-27 20:23 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-02-25 21:54 - 2016-09-21 10:12 - 00001913 _____ C:\Users\Bianka\Desktop\Andre Loibl.txt
2017-02-23 23:30 - 2014-11-24 12:04 - 03101184 ___SH C:\Users\Bianka\Downloads\Thumbs.db
2017-02-23 22:21 - 2014-11-09 21:16 - 00000000 ____D C:\Windows\system32\MRT
2017-02-23 22:16 - 2014-11-09 21:16 - 138020592 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-02-22 23:10 - 2015-05-01 21:23 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-02-22 19:25 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
2017-02-22 19:21 - 2014-10-08 18:30 - 00000000 ____D C:\Users\Bianka\AppData\Local\Deployment
2017-02-22 18:54 - 2014-10-08 17:59 - 00000000 __SHD C:\Users\Bianka\AppData\Local\EmieUserList
2017-02-22 18:54 - 2014-10-08 17:59 - 00000000 __SHD C:\Users\Bianka\AppData\Local\EmieSiteList
2017-02-19 21:58 - 2016-10-26 11:38 - 00015533 _____ C:\Users\Bianka\Desktop\Thomas Schmelzer.txt
2017-02-19 17:55 - 2017-01-22 15:29 - 00000300 _____ C:\Users\Bianka\Desktop\Ina Rudolph.txt
2017-02-18 20:07 - 2016-08-31 17:57 - 00003712 _____ C:\Windows\System32\Tasks\G2MUploadTask-S-1-5-21-3939777714-882395854-1159617953-1001
2017-02-18 20:07 - 2016-08-31 17:57 - 00003616 _____ C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-3939777714-882395854-1159617953-1001
2017-02-17 21:41 - 2016-01-30 14:03 - 00000000 ____D C:\ProgramData\McAfee
2017-02-17 21:40 - 2016-01-30 14:03 - 00000000 ____D C:\Program Files\Common Files\McAfee
2017-02-17 21:40 - 2013-08-22 15:44 - 00377416 _____ C:\Windows\system32\FNTCACHE.DAT
2017-02-15 10:04 - 2017-01-11 13:47 - 00001529 _____ C:\Users\Bianka\Desktop\Ralf senftleben.txt
2017-02-15 08:25 - 2014-11-25 13:47 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-02-15 08:25 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-02-15 08:25 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\Macromed
2017-02-10 22:33 - 2013-08-22 16:36 - 00000000 ___HD C:\Windows\ELAMBKUP
2017-02-09 23:32 - 2016-09-21 09:11 - 00011681 _____ C:\Users\Bianka\Desktop\Recherche Experten.txt
2017-02-06 20:41 - 2016-10-12 23:26 - 00835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-02-06 20:41 - 2016-10-12 23:26 - 00177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-02-05 23:26 - 2017-01-25 00:24 - 00000000 ____D C:\Users\Bianka\Desktop\Bilder für Freebie

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-11-21 23:42 - 2014-11-21 23:42 - 14147584 _____ () C:\Program Files (x86)\Common Files\lpuninstall.exe
2014-08-10 01:06 - 2014-08-10 01:06 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-08-26 15:56 - 2016-08-26 16:06 - 0000369 _____ () C:\ProgramData\hpzinstall.log

Einige Dateien in TEMP:
====================
2014-11-25 13:50 - 2013-12-25 12:34 - 3832576 _____ (Acer Incorporated) C:\Users\Bianka\AppData\Local\Temp\AcerDocsSetup.exe
2015-02-15 04:36 - 2015-02-15 04:36 - 40696528 _____ (Intel Corporation) C:\Users\Bianka\AppData\Local\Temp\Intel_Technology_Access_Software.exe
2015-12-02 16:05 - 2015-12-02 16:05 - 0120336 _____ (McAfee, Inc.) C:\Users\Bianka\AppData\Local\Temp\McCSPInstall.dll
2015-12-28 12:03 - 2015-09-01 12:11 - 0162120 _____ (McAfee Inc.) C:\Users\Bianka\AppData\Local\Temp\mccspuninstall.exe
2015-02-25 21:34 - 2015-02-25 21:35 - 135518328 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct12DD.tmp.exe
2016-04-14 18:42 - 2016-04-14 18:42 - 63707840 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct1418.tmp.exe
2015-12-11 18:27 - 2015-12-11 18:28 - 62903592 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct15D4.tmp.exe
2015-07-19 20:04 - 2015-07-19 20:05 - 67099128 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct162A.tmp.exe
2015-12-13 20:55 - 2015-12-13 20:56 - 63066872 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct175F.tmp.exe
2015-06-01 21:18 - 2015-06-01 21:18 - 67289280 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct1ACA.tmp.exe
2016-07-29 10:58 - 2016-07-29 11:07 - 63953128 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct2AC4.tmp.exe
2015-06-01 21:12 - 2015-06-01 21:13 - 67289280 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct2CA5.tmp.exe
2015-03-15 20:41 - 2015-03-15 20:42 - 139274496 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct41EA.tmp.exe
2015-01-03 14:40 - 2015-01-03 14:41 - 87183720 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct56AC.tmp.exe
2014-12-21 17:32 - 2014-12-21 17:33 - 95168336 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct5732.tmp.exe
2015-10-10 11:31 - 2015-10-10 11:31 - 67197784 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct5807.tmp.exe
2015-01-31 18:54 - 2015-01-31 18:55 - 61865696 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct61D7.tmp.exe
2015-03-22 21:00 - 2015-03-22 21:01 - 109032712 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct6283.tmp.exe
2015-02-02 14:08 - 2015-02-02 14:08 - 61862488 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct7427.tmp.exe
2015-03-12 20:52 - 2015-03-12 20:53 - 139275384 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct8E2F.tmp.exe
2016-02-17 20:14 - 2016-02-17 20:15 - 63078856 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct95E1.tmp.exe
2015-05-30 20:40 - 2015-05-30 20:40 - 67289280 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct9687.tmp.exe
2014-11-21 22:11 - 2014-11-21 22:30 - 84041160 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct9889.tmp.exe
2015-05-09 12:23 - 2015-05-09 12:24 - 107701776 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct9CB4.tmp.exe
2015-07-25 17:53 - 2015-07-25 17:53 - 67096576 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct9CF6.tmp.exe
2015-06-01 21:09 - 2015-06-01 21:10 - 67289280 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octA56E.tmp.exe
2015-05-24 14:29 - 2015-05-24 14:29 - 66882760 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octA6A4.tmp.exe
2015-06-01 21:15 - 2015-06-01 21:15 - 67289280 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octAF39.tmp.exe
2016-07-25 14:27 - 2016-07-25 14:28 - 63953600 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octB45A.tmp.exe
2015-10-30 18:30 - 2015-10-30 18:31 - 64809432 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octB7E9.tmp.exe
2015-12-07 23:04 - 2015-12-07 23:05 - 62760704 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octBF1D.tmp.exe
2015-02-11 19:02 - 2015-02-11 19:02 - 61869384 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octC2C8.tmp.exe
2015-08-28 08:59 - 2015-08-28 09:00 - 67202952 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octC8F0.tmp.exe
2015-04-17 17:17 - 2015-04-17 17:18 - 107667040 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octCC20.tmp.exe
2016-09-20 20:37 - 2016-09-20 20:37 - 64108904 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octCD56.tmp.exe
2015-02-22 16:13 - 2015-02-22 16:14 - 135702664 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octD17A.tmp.exe
2014-12-19 19:14 - 2014-12-19 19:14 - 84724888 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octD1F5.tmp.exe
2015-02-23 22:55 - 2015-02-23 22:55 - 135702568 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octD819.tmp.exe
2015-03-16 22:58 - 2015-03-16 22:58 - 94958272 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octD8AF.tmp.exe
2016-03-15 22:21 - 2016-03-15 22:22 - 63142648 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octD992.tmp.exe
2016-03-10 23:11 - 2016-03-10 23:12 - 63143840 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octDB79.tmp.exe
2016-11-17 23:37 - 2016-11-17 23:37 - 64111920 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octDB9.tmp.exe
2014-10-08 18:23 - 2014-10-08 18:24 - 50678288 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octF10C.tmp.exe
2016-08-15 20:55 - 2016-08-15 20:55 - 7046480 _____ () C:\Users\Bianka\AppData\Local\Temp\paint.net.4.0.10.install.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-03-01 10:37

==================== Ende von FRST.txt ============================
         
Hallo Matthias, ich Schritt 2 und 3 noch einmal ohne Virenscanner vollzogen.

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.1 (02.11.2017)
Operating System: Windows 8.1 Connected x64 
Ran by Bianka (Administrator) on 07.03.2017 at 22:10:00,66
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 0 




Registry: 0 





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 07.03.2017 at 22:13:41,46
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

Alt 07.03.2017, 22:30   #11
BiAnka-LF
 
Trojan.Injector.MSIL in Quarantäne, trotzdem funktioniert Google Chrome nicht - Standard

FRST.txt



Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 05-03-2017
durchgeführt von Bianka (Administrator) auf JENSBIANKALIEBE (07-03-2017 22:14:40)
Gestartet von C:\Users\Bianka\Desktop
Geladene Profile: Bianka (Verfügbare Profile: Bianka)
Platform: Windows 8.1 Connected (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Intel(R) Corporation) C:\Program Files\Intel Corporation\Intel(R) Technology Access\LegacyCsLoaderService.exe
(Intel(R) Corporation) C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMSvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Malwarebytes) E:\Programme\Malwarebytes\Anti-Malware\MBAMService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Quick Access\QASvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(Malwarebytes) E:\Programme\Malwarebytes\Anti-Malware\mbamtray.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\VSCore_15_6\mcapexe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\2.3.290.0\McCSPServiceHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Quick Access\RMSvc.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(acer) C:\Program Files\Packard Bell\User Experience Improvement Program\Framework\UBTService.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.EXE
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672664 2014-06-30] (Realtek Semiconductor)
HKLM\...\Run: [Malwarebytes TrayApp] => E:\PROGRAMME\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2014-04-29] (Atheros Communications)
HKU\S-1-5-21-3939777714-882395854-1159617953-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27427808 2017-02-08] (Skype Technologies S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2016-08-26]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk [2014-11-21]
ShortcutTarget: Install LastPass FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk [2014-11-21]
ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe ()

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{C2DD1DA6-5C52-4B22-9AD4-AEFFB5517783}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{FDA7EFCC-8D4F-4528-998E-4C644058C139}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3939777714-882395854-1159617953-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
HKU\S-1-5-21-3939777714-882395854-1159617953-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=APJB
SearchScopes: HKU\S-1-5-21-3939777714-882395854-1159617953-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3939777714-882395854-1159617953-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3939777714-882395854-1159617953-1001 -> {69142CA1-E7F5-4C54-A9B4-81E7F99E8A45} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=B011DE453D20141008&p={SearchTerms}
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2014-11-21] (LastPass)
BHO: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll [2014-11-21] (LastPass)
BHO-x32: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2014-11-21] (LastPass)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll [2014-11-21] (LastPass)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2017-02-10] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2017-02-10] (McAfee, Inc.)

FireFox:
========
FF ProfilePath: C:\Users\Bianka\AppData\Roaming\Mozilla\Firefox\Profiles\2ptrwtj5.default [2017-03-05]
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\2ptrwtj5.default -> Sichere Suche
FF Homepage: Mozilla\Firefox\Profiles\2ptrwtj5.default -> hxxp://google.de/
FF Keyword.URL: Mozilla\Firefox\Profiles\2ptrwtj5.default -> hxxps://de.search.yahoo.com/search?fr=mcafee&type=C111DE453D20141008&p=
FF Extension: (LastPass) - C:\Users\Bianka\AppData\Roaming\Mozilla\Firefox\Profiles\2ptrwtj5.default\Extensions\support@lastpass.com [2015-09-24]
FF Extension: (Video DownloadHelper) - C:\Users\Bianka\AppData\Roaming\Mozilla\Firefox\Profiles\2ptrwtj5.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-09-20]
FF Extension: (McAfee WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2016-05-24]
FF SearchPlugin: C:\Users\Bianka\AppData\Roaming\Mozilla\Firefox\Profiles\2ptrwtj5.default\searchplugins\McSiteAdvisor.xml [2017-03-05]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2017-02-17] [ist nicht signiert]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2015-08-02]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-02-15] ()
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2014-11-21] (LastPass)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2017-02-10] ()
FF Plugin: @videolan.org/vlc,version=2.1.5 -> E:\Programme\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-15] ()
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2014-11-21] (LastPass)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2017-02-10] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-03-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-03-05] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3939777714-882395854-1159617953-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Bianka\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2016-08-31] (Citrix Online)
FF Plugin HKU\S-1-5-21-3939777714-882395854-1159617953-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\Bianka\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2017-02-28] (Zoom Video Communications, Inc.)

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-04-27]
CHR HKLM\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3939777714-882395854-1159617953-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-04-27]
CHR HKLM-x32\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx

Opera: 
=======
StartMenuInternet: (HKLM) OperaStable - E:\Programme\Opera\Launcher.exe

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [319104 2014-04-29] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert]
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [3053312 2014-06-26] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [2573032 2014-06-12] (Acer Incorporated)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Datei ist nicht signiert]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315376 2014-06-09] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation)
R2 Intel(R) Technology Access Legacy CS Loader; C:\Program Files\Intel Corporation\Intel(R) Technology Access\LegacyCsLoaderService.exe [144128 2015-07-31] (Intel(R) Corporation)
R2 Intel(R) TechnologyAccessService; C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe [481536 2015-07-31] (Intel(R) Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel Corporation)
R2 LMSvc; C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMSvc.exe [466664 2014-06-10] (Acer Incorporate)
R2 MBAMService; E:\Programme\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [188352 2017-02-22] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_15_6\McApExe.exe [989632 2017-01-23] (McAfee, Inc.)
R2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\2.3.290.0\\McCSPServiceHost.exe [2054080 2017-02-04] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [1342904 2017-02-01] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [241040 2016-11-14] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [383032 2016-11-14] (McAfee, Inc.)
R3 mfevtp; C:\Windows\system32\mfevtps.exe [342768 2016-11-14] (McAfee, Inc.)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1465840 2016-12-22] (McAfee, Inc.)
S3 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1104304 2016-11-15] (Intel Security, Inc.)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R3 QASvc; C:\Program Files\Packard Bell\Packard Bell Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 RMSvc; C:\Program Files\Packard Bell\Packard Bell Quick Access\RMSvc.exe [449768 2014-06-26] (Acer Incorporate)
R3 UEIPSvc; C:\Program Files\Packard Bell\User Experience Improvement Program\Framework\UBTService.exe [233216 2014-06-23] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S3 Intel(R) TA SAM; "C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3893248 2014-04-02] (Qualcomm Atheros Communications, Inc.)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-04-29] (Qualcomm Atheros)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [88456 2016-11-18] (McAfee, Inc.)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 GPIO; C:\Windows\System32\drivers\iaiogpioe.sys [31232 2014-06-09] (Intel Corporation)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [216704 2016-08-02] (McAfee, Inc.)
R3 iaioi2c; C:\Windows\System32\drivers\iaioi2ce.sys [69632 2014-06-09] (Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [251848 2017-03-07] (Malwarebytes)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [484576 2016-11-18] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [366320 2016-11-18] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [85048 2016-11-18] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [518184 2016-11-18] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [916432 2016-11-18] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [498152 2016-10-24] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [109336 2016-10-24] (McAfee, Inc.)
R3 mfeplk; C:\Windows\System32\drivers\mfeplk.sys [110248 2016-11-18] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [46240 2016-06-06] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [254800 2016-11-18] (McAfee, Inc.)
R1 ndisrd; C:\Windows\system32\DRIVERS\ndisrfl.sys [41688 2015-04-30] (Intel Corporation)
R3 NetTap630; C:\Windows\system32\DRIVERS\nettap630.sys [67800 2015-04-30] (Intel Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-07 21:49 - 2017-03-07 22:13 - 00000554 _____ C:\Users\Bianka\Desktop\JRT.txt
2017-03-07 21:44 - 2017-03-07 21:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2017-03-07 21:02 - 2017-03-07 21:17 - 00000000 ____D C:\AdwCleaner
2017-03-07 21:02 - 2017-03-07 21:00 - 01663736 _____ (Malwarebytes) C:\Users\Bianka\Desktop\JRT.exe
2017-03-07 21:02 - 2017-03-07 20:59 - 04031440 _____ C:\Users\Bianka\Desktop\AdwCleaner_6.044.exe
2017-03-07 17:03 - 2017-03-07 17:03 - 00001388 _____ C:\Users\Bianka\Desktop\MBAM Scan2.txt
2017-03-07 17:03 - 2017-03-07 17:03 - 00001247 _____ C:\Users\Bianka\Desktop\MBAM Scan3.txt
2017-03-07 16:47 - 2017-03-07 16:47 - 00003774 _____ C:\Users\Bianka\Desktop\MBAM Scan1.txt
2017-03-06 22:01 - 2017-03-06 22:02 - 00353729 _____ C:\Users\Bianka\Desktop\tdss-Killer.txt
2017-03-06 21:48 - 2017-03-06 23:06 - 00707548 _____ C:\TDSSKiller.3.1.0.12_06.03.2017_21.48.50_log.txt
2017-03-06 21:48 - 2017-03-06 21:14 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Bianka\Desktop\tdsskiller.exe
2017-03-06 21:19 - 2017-03-07 21:56 - 00033939 _____ C:\Users\Bianka\Desktop\Addition.txt
2017-03-06 21:15 - 2017-03-07 22:14 - 00021553 _____ C:\Users\Bianka\Desktop\FRST.txt
2017-03-06 21:14 - 2017-03-07 22:14 - 00000000 ____D C:\FRST
2017-03-06 21:13 - 2017-03-06 21:12 - 02423808 _____ (Farbar) C:\Users\Bianka\Desktop\FRST64.exe
2017-03-05 22:50 - 2017-03-05 23:37 - 00015645 _____ C:\Users\Bianka\Desktop\Brotrezept.odt
2017-03-05 19:30 - 2017-03-05 19:30 - 00002251 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-03-05 19:30 - 2017-03-05 19:30 - 00002239 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-03-05 19:29 - 2017-03-05 19:29 - 00003542 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-03-05 19:29 - 2017-03-05 19:29 - 00003414 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-03-04 13:52 - 2017-03-04 13:52 - 00133640 _____ (Zoom Video Communications, Inc.) C:\Users\Bianka\Downloads\Zoom_launcher (3).exe
2017-03-04 13:52 - 2017-03-04 13:52 - 00000000 ____D C:\Users\Bianka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2017-03-04 00:18 - 2017-03-07 21:41 - 00251848 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-03-04 00:17 - 2017-03-04 00:17 - 00000925 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-03-04 00:17 - 2017-03-04 00:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-03-04 00:17 - 2017-03-04 00:17 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-03-04 00:17 - 2017-01-20 07:47 - 00077416 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-03-03 19:17 - 2017-03-03 19:18 - 01129376 _____ (Google Inc.) C:\Users\Bianka\Downloads\ChromeSetup.exe
2017-03-01 21:25 - 2017-03-01 21:26 - 439608336 _____ C:\Users\Bianka\Downloads\Interview Bianca und Katharina Kongress Lebensfreude zoom_0.mp4
2017-03-01 11:56 - 2017-03-01 11:56 - 00133640 _____ (Zoom Video Communications, Inc.) C:\Users\Bianka\Downloads\Zoom_launcher (2).exe
2017-03-01 11:26 - 2017-03-01 11:26 - 00133640 _____ (Zoom Video Communications, Inc.) C:\Users\Bianka\Downloads\Zoom_launcher (1).exe
2017-03-01 10:29 - 2017-03-06 22:47 - 00000068 _____ C:\Users\Bianka\Desktop\LP.txt
2017-03-01 08:58 - 2017-03-04 14:52 - 00000000 ____D C:\Users\Bianka\Documents\Zoom
2017-03-01 08:52 - 2017-03-04 13:53 - 00001954 _____ C:\Users\Bianka\Desktop\Zoom.lnk
2017-03-01 08:51 - 2017-03-01 08:51 - 00133640 _____ (Zoom Video Communications, Inc.) C:\Users\Bianka\Downloads\Zoom_launcher.exe
2017-02-27 21:19 - 2017-02-27 21:19 - 01629144 _____ (Skype Technologies S.A.) C:\Users\Bianka\Downloads\SkypeSetup.exe
2017-02-26 20:43 - 2017-03-05 14:25 - 00033172 _____ C:\Users\Bianka\Desktop\eBookText (neu).odt
2017-02-25 21:56 - 2017-02-26 17:32 - 00000000 ____D C:\Users\Bianka\Desktop\Pure-Lebensfreude-Online-Kongress
2017-02-25 12:30 - 2017-02-26 22:35 - 00027994 _____ C:\Users\Bianka\Desktop\Whatsapp-Chat.txt
2017-02-24 19:18 - 2017-02-24 19:19 - 00000706 _____ C:\Users\Bianka\Desktop\Onlinekongresserläuterung.txt
2017-02-23 21:59 - 2017-02-23 23:23 - 00000300 _____ C:\Users\Bianka\Desktop\Impressum.txt
2017-02-17 21:51 - 2017-02-17 21:51 - 00046655 _____ C:\Users\Bianka\Downloads\PB_KAZ_KtoNr_0092294801_07-02-2017_0928.pdf
2017-02-15 16:16 - 2017-02-15 22:57 - 00000453 _____ C:\Users\Bianka\Desktop\Karima Stockmann.txt
2017-02-15 13:22 - 2017-02-15 16:16 - 00000274 _____ C:\Users\Bianka\Desktop\Franziska Luschas.txt
2017-02-15 13:10 - 2017-02-19 17:37 - 00000670 _____ C:\Users\Bianka\Desktop\Astrid Kuby.txt
2017-02-15 11:36 - 2017-02-15 13:10 - 00000183 _____ C:\Users\Bianka\Desktop\Berge.txt
2017-02-15 10:05 - 2017-02-15 11:36 - 00000288 _____ C:\Users\Bianka\Desktop\Silvia Maria Engel.txt
2017-02-06 21:51 - 2017-02-06 21:57 - 00003772 _____ C:\Users\Bianka\Desktop\Gunnar Kessler.txt

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-07 21:57 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf
2017-03-07 21:51 - 2014-10-08 17:47 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3939777714-882395854-1159617953-1001
2017-03-07 21:41 - 2016-01-30 14:09 - 00000000 ____D C:\Program Files (x86)\McAfee
2017-03-07 21:41 - 2014-10-08 17:45 - 00000000 ___DO C:\Users\Bianka\OneDrive
2017-03-07 21:41 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-03-07 21:25 - 2016-08-31 17:57 - 00000600 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3939777714-882395854-1159617953-1001.job
2017-03-07 21:25 - 2014-11-25 13:47 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-03-07 20:56 - 2014-08-10 10:06 - 00765582 _____ C:\Windows\system32\perfh007.dat
2017-03-07 20:56 - 2014-08-10 10:06 - 00159366 _____ C:\Windows\system32\perfc007.dat
2017-03-07 20:56 - 2014-03-18 10:47 - 01776918 _____ C:\Windows\system32\PerfStringBackup.INI
2017-03-07 20:54 - 2016-10-13 10:56 - 00019543 _____ C:\Users\Bianka\Desktop\Experten,Tel,EMail,Verein.ods
2017-03-07 20:54 - 2015-12-18 17:08 - 03708928 ___SH C:\Users\Bianka\Desktop\Thumbs.db
2017-03-07 20:33 - 2016-08-31 17:57 - 00000696 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-3939777714-882395854-1159617953-1001.job
2017-03-07 20:24 - 2017-01-03 00:13 - 00021942 _____ C:\Users\Bianka\Desktop\Haushaltsbuch 2017 .ods
2017-03-06 20:55 - 2016-09-14 11:24 - 00000000 ____D C:\Users\Bianka\Desktop\ExpertenBilderZ
2017-03-06 20:55 - 2016-09-14 11:21 - 00000000 ____D C:\Users\Bianka\Desktop\ExpertenBilderA
2017-03-06 20:54 - 2016-09-14 10:00 - 00000000 ____D C:\Users\Bianka\Desktop\ExpertenBilderBianka
2017-03-06 20:07 - 2016-06-18 11:56 - 00003068 _____ C:\Windows\System32\Tasks\McAfeeLogon
2017-03-06 20:07 - 2016-01-30 14:11 - 00000000 ____D C:\Windows\System32\Tasks\McAfee
2017-03-05 23:53 - 2016-03-19 21:00 - 00000000 ____D C:\Users\Bianka\Desktop\Fotos
2017-03-05 19:30 - 2014-10-08 18:31 - 00000000 ____D C:\Users\Bianka\AppData\Local\Google
2017-03-05 19:29 - 2014-10-08 18:31 - 00000000 ____D C:\Program Files (x86)\Google
2017-03-05 18:54 - 2014-10-08 17:40 - 00000000 ____D C:\Users\Bianka
2017-03-05 15:34 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\NDF
2017-03-05 15:08 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2017-03-05 14:41 - 2014-10-08 17:59 - 00000000 __SHD C:\Users\Bianka\AppData\LocalLow\EmieUserList
2017-03-05 14:41 - 2014-10-08 17:58 - 00000000 __SHD C:\Users\Bianka\AppData\LocalLow\EmieSiteList
2017-03-05 00:08 - 2014-11-05 20:14 - 00000000 ____D C:\Users\Bianka\AppData\Roaming\vlc
2017-03-04 13:52 - 2016-01-19 23:01 - 00000000 ____D C:\Users\Bianka\AppData\Roaming\Zoom
2017-03-04 10:24 - 2014-11-01 18:15 - 00000000 ____D C:\Users\Bianka\AppData\Local\CrashDumps
2017-03-03 20:16 - 2017-01-18 20:49 - 00013932 _____ C:\Users\Bianka\Desktop\RechnungenUmsatzsteuerFA 2016 (neu).ods
2017-03-01 10:17 - 2017-01-20 18:02 - 00000790 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2017-03-01 10:17 - 2014-11-25 10:54 - 00003862 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1416909253
2017-03-01 08:41 - 2016-04-10 17:57 - 00000000 ____D C:\Program Files\Common Files\logishrd
2017-02-28 22:47 - 2016-01-18 11:01 - 00000000 ____D C:\Users\Bianka\AppData\Roaming\Skype
2017-02-28 09:51 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\LiveKernelReports
2017-02-27 21:24 - 2016-01-18 10:59 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-02-27 21:24 - 2016-01-18 10:59 - 00000000 ____D C:\ProgramData\Skype
2017-02-27 20:29 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2017-02-27 20:23 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-02-25 21:54 - 2016-09-21 10:12 - 00001913 _____ C:\Users\Bianka\Desktop\Andre Loibl.txt
2017-02-23 23:30 - 2014-11-24 12:04 - 03101184 ___SH C:\Users\Bianka\Downloads\Thumbs.db
2017-02-23 22:21 - 2014-11-09 21:16 - 00000000 ____D C:\Windows\system32\MRT
2017-02-23 22:16 - 2014-11-09 21:16 - 138020592 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-02-22 23:10 - 2015-05-01 21:23 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-02-22 19:25 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
2017-02-22 19:21 - 2014-10-08 18:30 - 00000000 ____D C:\Users\Bianka\AppData\Local\Deployment
2017-02-22 18:54 - 2014-10-08 17:59 - 00000000 __SHD C:\Users\Bianka\AppData\Local\EmieUserList
2017-02-22 18:54 - 2014-10-08 17:59 - 00000000 __SHD C:\Users\Bianka\AppData\Local\EmieSiteList
2017-02-19 21:58 - 2016-10-26 11:38 - 00015533 _____ C:\Users\Bianka\Desktop\Thomas Schmelzer.txt
2017-02-19 17:55 - 2017-01-22 15:29 - 00000300 _____ C:\Users\Bianka\Desktop\Ina Rudolph.txt
2017-02-18 20:07 - 2016-08-31 17:57 - 00003712 _____ C:\Windows\System32\Tasks\G2MUploadTask-S-1-5-21-3939777714-882395854-1159617953-1001
2017-02-18 20:07 - 2016-08-31 17:57 - 00003616 _____ C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-3939777714-882395854-1159617953-1001
2017-02-17 21:41 - 2016-01-30 14:03 - 00000000 ____D C:\ProgramData\McAfee
2017-02-17 21:40 - 2016-01-30 14:03 - 00000000 ____D C:\Program Files\Common Files\McAfee
2017-02-17 21:40 - 2013-08-22 15:44 - 00377416 _____ C:\Windows\system32\FNTCACHE.DAT
2017-02-15 10:04 - 2017-01-11 13:47 - 00001529 _____ C:\Users\Bianka\Desktop\Ralf senftleben.txt
2017-02-15 08:25 - 2014-11-25 13:47 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-02-15 08:25 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-02-15 08:25 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\Macromed
2017-02-10 22:33 - 2013-08-22 16:36 - 00000000 ___HD C:\Windows\ELAMBKUP
2017-02-09 23:32 - 2016-09-21 09:11 - 00011681 _____ C:\Users\Bianka\Desktop\Recherche Experten.txt
2017-02-06 20:41 - 2016-10-12 23:26 - 00835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-02-06 20:41 - 2016-10-12 23:26 - 00177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-02-05 23:26 - 2017-01-25 00:24 - 00000000 ____D C:\Users\Bianka\Desktop\Bilder für Freebie

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-11-21 23:42 - 2014-11-21 23:42 - 14147584 _____ () C:\Program Files (x86)\Common Files\lpuninstall.exe
2014-08-10 01:06 - 2014-08-10 01:06 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-08-26 15:56 - 2016-08-26 16:06 - 0000369 _____ () C:\ProgramData\hpzinstall.log

Einige Dateien in TEMP:
====================
2014-11-25 13:50 - 2013-12-25 12:34 - 3832576 _____ (Acer Incorporated) C:\Users\Bianka\AppData\Local\Temp\AcerDocsSetup.exe
2015-02-15 04:36 - 2015-02-15 04:36 - 40696528 _____ (Intel Corporation) C:\Users\Bianka\AppData\Local\Temp\Intel_Technology_Access_Software.exe
2015-12-02 16:05 - 2015-12-02 16:05 - 0120336 _____ (McAfee, Inc.) C:\Users\Bianka\AppData\Local\Temp\McCSPInstall.dll
2015-12-28 12:03 - 2015-09-01 12:11 - 0162120 _____ (McAfee Inc.) C:\Users\Bianka\AppData\Local\Temp\mccspuninstall.exe
2015-02-25 21:34 - 2015-02-25 21:35 - 135518328 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct12DD.tmp.exe
2016-04-14 18:42 - 2016-04-14 18:42 - 63707840 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct1418.tmp.exe
2015-12-11 18:27 - 2015-12-11 18:28 - 62903592 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct15D4.tmp.exe
2015-07-19 20:04 - 2015-07-19 20:05 - 67099128 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct162A.tmp.exe
2015-12-13 20:55 - 2015-12-13 20:56 - 63066872 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct175F.tmp.exe
2015-06-01 21:18 - 2015-06-01 21:18 - 67289280 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct1ACA.tmp.exe
2016-07-29 10:58 - 2016-07-29 11:07 - 63953128 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct2AC4.tmp.exe
2015-06-01 21:12 - 2015-06-01 21:13 - 67289280 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct2CA5.tmp.exe
2015-03-15 20:41 - 2015-03-15 20:42 - 139274496 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct41EA.tmp.exe
2015-01-03 14:40 - 2015-01-03 14:41 - 87183720 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct56AC.tmp.exe
2014-12-21 17:32 - 2014-12-21 17:33 - 95168336 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct5732.tmp.exe
2015-10-10 11:31 - 2015-10-10 11:31 - 67197784 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct5807.tmp.exe
2015-01-31 18:54 - 2015-01-31 18:55 - 61865696 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct61D7.tmp.exe
2015-03-22 21:00 - 2015-03-22 21:01 - 109032712 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct6283.tmp.exe
2015-02-02 14:08 - 2015-02-02 14:08 - 61862488 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct7427.tmp.exe
2015-03-12 20:52 - 2015-03-12 20:53 - 139275384 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct8E2F.tmp.exe
2016-02-17 20:14 - 2016-02-17 20:15 - 63078856 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct95E1.tmp.exe
2015-05-30 20:40 - 2015-05-30 20:40 - 67289280 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct9687.tmp.exe
2014-11-21 22:11 - 2014-11-21 22:30 - 84041160 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct9889.tmp.exe
2015-05-09 12:23 - 2015-05-09 12:24 - 107701776 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct9CB4.tmp.exe
2015-07-25 17:53 - 2015-07-25 17:53 - 67096576 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\oct9CF6.tmp.exe
2015-06-01 21:09 - 2015-06-01 21:10 - 67289280 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octA56E.tmp.exe
2015-05-24 14:29 - 2015-05-24 14:29 - 66882760 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octA6A4.tmp.exe
2015-06-01 21:15 - 2015-06-01 21:15 - 67289280 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octAF39.tmp.exe
2016-07-25 14:27 - 2016-07-25 14:28 - 63953600 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octB45A.tmp.exe
2015-10-30 18:30 - 2015-10-30 18:31 - 64809432 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octB7E9.tmp.exe
2015-12-07 23:04 - 2015-12-07 23:05 - 62760704 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octBF1D.tmp.exe
2015-02-11 19:02 - 2015-02-11 19:02 - 61869384 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octC2C8.tmp.exe
2015-08-28 08:59 - 2015-08-28 09:00 - 67202952 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octC8F0.tmp.exe
2015-04-17 17:17 - 2015-04-17 17:18 - 107667040 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octCC20.tmp.exe
2016-09-20 20:37 - 2016-09-20 20:37 - 64108904 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octCD56.tmp.exe
2015-02-22 16:13 - 2015-02-22 16:14 - 135702664 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octD17A.tmp.exe
2014-12-19 19:14 - 2014-12-19 19:14 - 84724888 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octD1F5.tmp.exe
2015-02-23 22:55 - 2015-02-23 22:55 - 135702568 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octD819.tmp.exe
2015-03-16 22:58 - 2015-03-16 22:58 - 94958272 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octD8AF.tmp.exe
2016-03-15 22:21 - 2016-03-15 22:22 - 63142648 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octD992.tmp.exe
2016-03-10 23:11 - 2016-03-10 23:12 - 63143840 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octDB79.tmp.exe
2016-11-17 23:37 - 2016-11-17 23:37 - 64111920 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octDB9.tmp.exe
2014-10-08 18:23 - 2014-10-08 18:24 - 50678288 _____ (SweetLabs,Inc.) C:\Users\Bianka\AppData\Local\Temp\octF10C.tmp.exe
2016-08-15 20:55 - 2016-08-15 20:55 - 7046480 _____ () C:\Users\Bianka\AppData\Local\Temp\paint.net.4.0.10.install.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-03-01 10:37

==================== Ende von FRST.txt ============================
         
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 05-03-2017
durchgeführt von Bianka (07-03-2017 22:15:36)
Gestartet von C:\Users\Bianka\Desktop
Windows 8.1 Connected (Update) (X64) (2014-10-08 16:40:44)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3939777714-882395854-1159617953-500 - Administrator - Disabled)
Bianka (S-1-5-21-3939777714-882395854-1159617953-1001 - Administrator - Enabled) => C:\Users\Bianka
Gast (S-1-5-21-3939777714-882395854-1159617953-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3939777714-882395854-1159617953-1003 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee Anti-Virus und Anti-Spyware (Disabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus und Anti-Spyware (Disabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}
FW: McAfee Firewall (Disabled) {B3F62DDF-980B-3470-75A7-407A2E6F58C7}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

4500_G510af_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
4500G510af (x32 Version: 140.0.001.000 - Hewlett-Packard) Hidden
4500G510af_Software_Min (x32 Version: 140.0.001.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 20.0.0.260 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.01.2008.3 - Acer Incorporated)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bing Bar (HKLM-x32\...\{3611CA6C-5FCA-4900-A329-6A118123CCFC}) (Version: 7.1.355.0 - Microsoft Corporation)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Citrix Online Launcher (HKLM-x32\...\{09DA5EE2-7E46-4DC4-96F9-BFEE50D40659}) (Version: 1.0.408 - Citrix)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4917 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.4220 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3914.57 - CyberLink Corp.)
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden
eBay Worldwide (HKLM-x32\...\{91589413-6675-4C27-8AFC-EFB9103B90A5}) (Version: 2.4.0105 - OEM)
Fax (x32 Version: 140.0.307.000 - Hewlett-Packard) Hidden
FileZilla Client 3.23.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.23.0.2 - Tim Kosse)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
GoToMeeting 8.0.0.6441 (HKU\S-1-5-21-3939777714-882395854-1159617953-1001\...\GoToMeeting) (Version: 8.0.0.6441 - CitrixOnline)
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Officejet 4500 G510a-f 14.0 Rel. 6 (HKLM\...\{A49C5804-8F24-433C-99B2-9F9F541090C7}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Support Assistant (HKLM-x32\...\{4780AF24-213D-4187-86F2-0014A6D6077B}) (Version: 8.3.50.9 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{AAE126B3-95C5-49E1-A590-7B5F6EDC7D60}) (Version: 12.5.32.203 - HP Inc.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8101 - Packard Bell)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3574 - Intel Corporation)
Intel(R) Technology Access (HKLM-x32\...\{fb74531f-28c3-4dca-9849-e6b8faa85afe}) (Version: 1.5.0.1021 - Intel Corporation)
Intel(R) Technology Access Software Asset Manager (x32 Version: 1.0.1562 - Intel Corporation) Hidden
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation)
LastPass (Nur deinstallieren) (HKLM-x32\...\LastPass) (Version:  - LastPass)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8100 - Packard Bell)
Malwarebytes Version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
McAfee Internet Security Suite (HKLM-x32\...\MSC) (Version: 14.0.12000 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.235 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0 - Mozilla)
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Opera Stable 43.0.2442.1144 (HKLM-x32\...\Opera 43.0.2442.1144) (Version: 43.0.2442.1144 - Opera Software)
Packard Bell Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Packard Bell)
Packard Bell Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8107 - Packard Bell)
Packard Bell Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8105 - Packard Bell)
Packard Bell Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3016.0 - Packard Bell)
Packard Bell Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8108 - Packard Bell)
Packard Bell User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.02.3004 - Packard Bell)
Packard Bell User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.02.3004 - Packard Bell)
paint.net (HKLM\...\{6AC1101E-7561-43C9-BEEA-4AB1D220D8FF}) (Version: 4.0.13 - dotPDN LLC)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.322 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.33 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.39059 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.33.529.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7288 - Realtek Semiconductor Corp.)
Saal Design Software (HKLM-x32\...\SaalDesignSoftware) (Version: 4.0 - Saal Digital Fotoservice GmbH)
Saal Design Software (x32 Version: 4.0 - Saal Digital Fotoservice GmbH) Hidden
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype™ 7.32 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.104 - Skype Technologies S.A.)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.6.81.gd359a796 - Spotify AB)
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
WinRAR 5.40 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-3939777714-882395854-1159617953-1001\...\ZoomUMX) (Version: 4.0 - Zoom Video Communications, Inc.)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3939777714-882395854-1159617953-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3939777714-882395854-1159617953-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Bianka\AppData\Local\Citrix\GoToMeeting\5808\G2MOutlookAddin64.dll => Keine Datei

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {05690C2D-2462-4329-A6BA-2BE6B7928391} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Packard Bell\Packard Bell Recovery Management\Notification\Notification.exe [2014-06-17] (Acer Incorporated)
Task: {085E5887-7694-4C67-B066-07CA7CF7D58F} - System32\Tasks\G2MUpdateTask-S-1-5-21-3939777714-882395854-1159617953-1001 => C:\Users\Bianka\AppData\Local\Citrix\GoToMeeting\6441\g2mupdate.exe [2017-02-18] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {106706D0-E476-400D-B4AD-2DC7B9C94E25} - System32\Tasks\UbtFrameworkService => C:\Program Files\Packard Bell\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-12] (TODO: <Company name>)
Task: {1A46170F-14F7-41FE-8E2B-E06FC3306809} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-12-07] (HP Inc.)
Task: {312CDB5A-4AC9-43C4-B4AC-C1ED6DDB1547} - System32\Tasks\IntelTA-Upgrade-56460984-97c2-4bc7-a632-d776cf817f5d => C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe 
Task: {312E43F1-DFFC-4E8B-80E0-1B5A9E39B030} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [2016-12-09] (McAfee, Inc.)
Task: {46C1FA8A-EAC0-4ECB-B5D6-3E90F05B0D75} - System32\Tasks\IntelTA-Upgrade-56460984-97c2-4bc7-a632-d776cf817f5d-Logon => C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe 
Task: {47FC67FC-9211-4ADE-9B00-4B50628B3137} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {6D5036F1-FF73-47A9-88E3-C0C28EB11624} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2016-12-06] (HP Inc.)
Task: {6E83697B-11FB-4B17-8751-0E153CCBE470} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)
Task: {86377B76-DC30-4084-97F1-4460C9CF88AA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {90AA8809-AAB5-4716-B4FE-8FB10A69AF5C} - System32\Tasks\Launch Manager => C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMLauncher.exe [2014-06-10] (Acer Incorporate)
Task: {9724304D-AEFF-4334-866A-49DD98ECC1FA} - System32\Tasks\Quick Access => C:\Program Files\Packard Bell\Packard Bell Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {AD342E15-C9E1-4F7F-B358-57EF5D892E15} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {B4BCE3D4-CB4C-4036-AD11-1EE7A571446D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-05] (Google Inc.)
Task: {B6CF8580-93B8-4991-A681-07047CD3D3D0} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {B924DBF1-6776-4110-AE67-4F92EA42C3C8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2017-02-23] (Microsoft Corporation)
Task: {B9635281-C472-4AE6-94D6-81F6E3902874} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Packard Bell\Packard Bell Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {D18E474C-2E57-48E5-AC50-9933F3194224} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-05] (Google Inc.)
Task: {D3C088AF-18A5-416B-B125-25A93C6FE4F3} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {D8F6BBFF-8454-4137-9B0C-E4E62002B90A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {E00F7476-48BF-48F8-A325-B88AD2C2BBFA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)
Task: {E5123DAA-931C-44A6-B9AE-C3351D3D8FF3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-15] (Adobe Systems Incorporated)
Task: {E79B1364-B9CB-42DA-886A-D57ECC9BA405} - System32\Tasks\G2MUploadTask-S-1-5-21-3939777714-882395854-1159617953-1001 => C:\Users\Bianka\AppData\Local\Citrix\GoToMeeting\6441\g2mupload.exe [2017-02-18] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {EB873949-AEBC-4FE8-8C95-39E517C105FE} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Packard Bell\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {EBDA2E4D-7745-4035-86B1-6AD1ED378541} - System32\Tasks\ALU => C:\Program Files (x86)\Packard Bell\Live Updater\updater.exe [2013-07-08] ()
Task: {EC753DFA-E68E-4D00-B974-D5C75CCCE682} - System32\Tasks\Power Management => C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTrayLauncher.exe [2014-06-12] (Acer Incorporated)
Task: {F2091015-81A7-496C-937F-94BD68A461E3} - System32\Tasks\Opera scheduled Autoupdate 1416909253 => E:\Programme\Opera\launcher.exe [2017-02-27] (Opera Software)
Task: {F33E1F55-808A-4E9E-9A4E-A30E6B322DB8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-06] (HP Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3939777714-882395854-1159617953-1001.job => C:\Users\Bianka\AppData\Local\Citrix\GoToMeeting\6441\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-3939777714-882395854-1159617953-1001.job => C:\Users\Bianka\AppData\Local\Citrix\GoToMeeting\6441\g2mupload.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-07-07 10:44 - 2015-07-07 10:44 - 00088064 _____ () C:\Program Files\Intel Corporation\Intel(R) Technology Access\libglog.dll
2015-07-07 12:41 - 2015-07-07 12:41 - 01793280 _____ () C:\Program Files\Intel Corporation\Intel(R) Technology Access\cpprest120_1_4.dll
2015-07-07 12:41 - 2015-07-07 12:41 - 00354560 _____ () C:\Program Files\Intel Corporation\Intel(R) Technology Access\JsonCpp.dll
2014-08-10 01:34 - 2012-04-24 11:43 - 00254512 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2017-03-04 00:17 - 2017-01-20 07:47 - 02264352 _____ () E:\PROGRAMME\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3939777714-882395854-1159617953-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Bianka\Pictures\09_15_P5090046.JPG
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKU\S-1-5-21-3939777714-882395854-1159617953-1001\...\StartupApproved\Run: => "Skype"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Wiederherstellungspunkte =========================

18-02-2017 11:29:32 Intel(R) Technology Access
22-02-2017 19:23:43 Windows Update
05-03-2017 18:00:06 Geplanter Prüfpunkt
07-03-2017 21:44:10 JRT Pre-Junkware Removal
07-03-2017 22:10:00 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (03/05/2017 10:33:19 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm chrome.exe, Version 56.0.2924.87 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 798

Startzeit: 01d295f7d10b632c

Endzeit: 60000

Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Berichts-ID: 2bcfd2a7-01eb-11e7-82ad-206a8ade4140

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (03/05/2017 10:27:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm chrome.exe, Version 56.0.2924.87 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 944

Startzeit: 01d295edc61a864a

Endzeit: 4294967295

Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Berichts-ID: d6027a12-01e1-11e7-82ad-206a8ade4140

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (03/05/2017 09:05:05 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm chrome.exe, Version 56.0.2924.87 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1f80

Startzeit: 01d295e8dc786c13

Endzeit: 31

Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Berichts-ID: 9bf5cb8f-01dd-11e7-82ad-206a8ade4140

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (03/05/2017 08:39:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm chrome.exe, Version 56.0.2924.87 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 914

Startzeit: 01d295e7e4fd2b35

Endzeit: 60000

Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Berichts-ID: 39f5cc66-01db-11e7-82ad-206a8ade4140

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (03/05/2017 08:32:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm chrome.exe, Version 56.0.2924.87 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1190

Startzeit: 01d295e4085babc6

Endzeit: 18

Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Berichts-ID: c0bab5a6-01d8-11e7-82ad-206a8ade4140

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (03/05/2017 07:43:48 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm chrome.exe, Version 56.0.2924.87 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1114

Startzeit: 01d295de94b8bb6c

Endzeit: 4294967295

Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Berichts-ID: 4200e56c-01d2-11e7-82ac-206a8ade4140

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (03/05/2017 06:45:01 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm chrome.exe, Version 56.0.2924.87 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: ee0

Startzeit: 01d295d39358a55e

Endzeit: 60000

Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Berichts-ID: 46769ae2-01cb-11e7-82ab-206a8ade4140

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (03/05/2017 02:38:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Notification.exe, Version: 6.0.3012.0, Zeitstempel: 0x53281d82
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.18340, Zeitstempel: 0x57366075
Ausnahmecode: 0xe0434352
Fehleroffset: 0x0000000000008a5c
ID des fehlerhaften Prozesses: 0x2044
Startzeit der fehlerhaften Anwendung: 0x01d295b5cb3ec928
Pfad der fehlerhaften Anwendung: C:\Program Files\Packard Bell\Packard Bell Recovery Management\Notification\Notification.exe
Pfad des fehlerhaften Moduls: C:\Windows\system32\KERNELBASE.dll
Berichtskennung: 0a84fac5-01a9-11e7-82aa-206a8ade4140
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (03/05/2017 02:38:40 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Notification.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.InvalidOperationException
   bei System.Diagnostics.Process.GetProcessHandle(Int32, Boolean)
   bei System.Diagnostics.Process.OpenProcessHandle(Int32)
   bei System.Diagnostics.Process.get_Handle()
   bei Notification.Form1.CheckAppContainer(System.Diagnostics.Process)
   bei Notification.Form1.CheckResolution()
   bei Notification.Form1..ctor()
   bei Notification.Program.Main()

Error: (03/05/2017 02:33:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm chrome.exe, Version 56.0.2924.87 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 2180

Startzeit: 01d295a96502212f

Endzeit: 4294967295

Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Berichts-ID: e45e5607-01a6-11e7-82aa-206a8ade4140

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:


Systemfehler:
=============
Error: (03/07/2017 09:11:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 3000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (03/07/2017 09:11:55 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "BBUpdate" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (03/07/2017 09:11:55 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "User Experience Improvement Program" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (03/07/2017 09:11:55 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (03/07/2017 09:11:55 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "HP Support Solutions Framework Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (03/07/2017 09:11:54 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Quick Access RadioMgr Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (03/07/2017 09:11:54 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "ePower Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (03/07/2017 09:11:54 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (03/07/2017 09:11:54 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Quick Access Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (03/07/2017 09:11:54 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Celeron(R) CPU N2840 @ 2.16GHz
Prozentuale Nutzung des RAM: 34%
Installierter physikalischer RAM: 3977.98 MB
Verfügbarer physikalischer RAM: 2623.86 MB
Summe virtueller Speicher: 5321.98 MB
Verfügbarer virtueller Speicher: 3802.51 MB

==================== Laufwerke ================================

Drive c: (Packard Bell) (Fixed) (Total:205.07 GB) (Free:146.48 GB) NTFS
Drive e: (Volume) (Fixed) (Total:244.14 GB) (Free:66.41 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: B4119404)

Partition: GPT.

==================== Ende von Addition.txt ============================
         

Alt 08.03.2017, 15:04   #12
M-K-D-B
/// TB-Ausbilder
 
Trojan.Injector.MSIL in Quarantäne, trotzdem funktioniert Google Chrome nicht - Standard

Trojan.Injector.MSIL in Quarantäne, trotzdem funktioniert Google Chrome nicht



Servus,







Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument


Code:
ATTFilter
start
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
CMD: dir "%ProgramFiles%"
CMD: dir "%ProgramFiles(x86)%"
CMD: dir "%ProgramData%"
CMD: dir "%Appdata%"
CMD: dir "%LocalAppdata%"
CMD: dir "%CommonProgramFiles(x86)%"
CMD: dir "%CommonProgramW6432%"
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.







Schritt 2
Lade dir die passende Version von SystemLook vom folgenden Spiegel herunter und speichere das Tool auf dem Desktop:
SystemLook (32 bit) | SystemLook (64 bit)
  • Doppelklicke auf die SystemLook.exe, um das Tool zu starten.
  • Kopiere den Inhalt der folgenden Codebox in das Textfeld des Tools:

    Code:
    ATTFilter
    :filefind
    *pokki*
    *SweetLabs*
    *Startfenster*
    *homepage-web*
    
    :folderfind
    *pokki*
    *SweetLabs*
    *Startfenster*
    *homepage-web*
    
    :regfind
    pokki
    SweetLabs
    Startfenster
    homepage-web
             
  • Klicke nun auf den Button Look, um den Scan zu starten.
  • Der Suchlauf kann einige Zeit dauern.
  • Wenn der Suchlauf beendet ist, wird sich dein Editor mit den Ergebnissen öffnen, poste diese in deinen Thread.
  • Die Ergebnisse werden auch auf dem Desktop als SystemLook.txt gespeichert.







Schritt 3
  • Starte die FRST.exe erneut. Vergewissere dich, dass vor Addition.txt ein Haken gesetzt ist und drücke auf Untersuchen.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei des FRST-Fix,
  • die Logdatei von SystemLook,
  • die beiden neuen Logdateien von FRST (FRST.txt und Addition.txt).
__________________
Gruß
M-K-D-B


==========================================================
offline vom 22.12.2018 bis 01.01.2019
==========================================================

Das Trojaner-Board unterstützen

Alt 08.03.2017, 23:24   #13
BiAnka-LF
 
Trojan.Injector.MSIL in Quarantäne, trotzdem funktioniert Google Chrome nicht - Standard

Fixlog.txt



Code:
ATTFilter
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 08-03-2017
durchgeführt von Bianka (08-03-2017 22:37:45) Run:1
Gestartet von C:\Users\Bianka\Desktop
Geladene Profile: Bianka (Verfügbare Profile: Bianka)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
start
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
CMD: dir "%ProgramFiles%"
CMD: dir "%ProgramFiles(x86)%"
CMD: dir "%ProgramData%"
CMD: dir "%Appdata%"
CMD: dir "%LocalAppdata%"
CMD: dir "%CommonProgramFiles(x86)%"
CMD: dir "%CommonProgramW6432%"
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
*****************

Prozesse erfolgreich geschlossen.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Wert erfolgreich entfernt

========= dir "%ProgramFiles%" =========

 Datentr„ger in Laufwerk C: ist Packard Bell
 Volumeseriennummer: 009B-8E63

 Verzeichnis von C:\Program Files

04.03.2017  00:32    <DIR>          .
04.03.2017  00:32    <DIR>          ..
10.04.2016  17:57    <DIR>          Common Files
30.01.2016  14:01    <DIR>          Emsisoft Anti-Malware
10.08.2014  01:09    <DIR>          Intel
25.02.2015  21:33    <DIR>          Intel Corporation
09.11.2016  01:07    <DIR>          Internet Explorer
17.01.2017  22:51    <DIR>          McAfee
30.01.2016  14:09    <DIR>          McAfee.com
18.07.2014  04:13    <DIR>          MSBuild
10.08.2014  01:42    <DIR>          Packard Bell
14.12.2016  12:10    <DIR>          paint.net
10.08.2014  01:06    <DIR>          Realtek
18.07.2014  04:13    <DIR>          Reference Assemblies
17.08.2015  22:21    <DIR>          Windows Defender
15.03.2015  21:10    <DIR>          Windows Mail
15.03.2015  21:10    <DIR>          Windows Media Player
15.03.2015  21:10    <DIR>          Windows Multimedia Platform
22.08.2013  16:36    <DIR>          Windows NT
15.03.2015  21:10    <DIR>          Windows Photo Viewer
15.03.2015  21:10    <DIR>          Windows Portable Devices
15.03.2015  21:08    <DIR>          WindowsPowerShell
               0 Datei(en),              0 Bytes
              22 Verzeichnis(se), 157.253.734.400 Bytes frei

========= Ende von CMD: =========


========= dir "%ProgramFiles(x86)%" =========

 Datentr„ger in Laufwerk C: ist Packard Bell
 Volumeseriennummer: 009B-8E63

 Verzeichnis von C:\Program Files (x86)

07.03.2017  21:15    <DIR>          .
07.03.2017  21:15    <DIR>          ..
25.11.2014  14:15    <DIR>          Acer
12.02.2016  22:33    <DIR>          Adobe
25.11.2014  10:50    <DIR>          Apple Software Update
27.02.2017  21:24    <DIR>          Common Files
10.08.2014  01:40    <DIR>          CyberLink
05.03.2017  19:29    <DIR>          Google
17.01.2017  22:48    <DIR>          Hewlett-Packard
26.08.2016  16:02    <DIR>          HP
25.02.2015  21:34    <DIR>          Intel
28.12.2015  12:10    <DIR>          Intel Corporation
09.11.2016  01:07    <DIR>          Internet Explorer
21.11.2014  23:42    <DIR>          LastPass
07.03.2017  21:41    <DIR>          McAfee
30.01.2016  14:11    <DIR>          McAfee.com
26.08.2016  16:03    <DIR>          Microsoft
10.08.2014  01:38    <DIR>          Microsoft Office
22.08.2013  16:36    <DIR>          Microsoft.NET
17.11.2015  18:35    <DIR>          Mozilla Firefox
18.11.2015  20:09    <DIR>          Mozilla Maintenance Service
18.07.2014  04:13    <DIR>          MSBuild
08.10.2014  17:42    <DIR>          OEM
25.11.2014  11:40    <DIR>          OpenOffice 4
18.07.2014  05:03    <DIR>          Packard Bell
10.08.2014  01:15    <DIR>          Qualcomm Atheros
10.08.2014  01:10    <DIR>          Realtek
18.07.2014  04:13    <DIR>          Reference Assemblies
27.02.2017  21:24    <DIR>          Skype
10.08.2014  01:34    <DIR>          Spotify
18.07.2014  05:05    <DIR>          SymSilent
01.05.2015  21:26    <DIR>          VideoLAN
25.11.2014  14:22    <DIR>          WildTangent Games
17.08.2015  22:21    <DIR>          Windows Defender
15.03.2015  21:08    <DIR>          Windows Mail
15.03.2015  21:08    <DIR>          Windows Media Player
15.03.2015  21:08    <DIR>          Windows Multimedia Platform
22.08.2013  16:36    <DIR>          Windows NT
15.03.2015  21:08    <DIR>          Windows Photo Viewer
15.03.2015  21:08    <DIR>          Windows Portable Devices
22.08.2013  16:36    <DIR>          WindowsPowerShell
               0 Datei(en),              0 Bytes
              41 Verzeichnis(se), 157.253.734.400 Bytes frei

========= Ende von CMD: =========


========= dir "%ProgramData%" =========

 Datentr„ger in Laufwerk C: ist Packard Bell
 Volumeseriennummer: 009B-8E63

 Verzeichnis von C:\ProgramData

10.08.2014  01:43    <DIR>          acer
12.02.2016  22:33    <DIR>          Adobe
25.11.2014  10:50    <DIR>          Apple
25.11.2014  10:51    <DIR>          Apple Computer
10.08.2014  01:20    <DIR>          Atheros
10.08.2014  01:41    <DIR>          CLSK
29.04.2016  20:47    <DIR>          CyberLink
28.12.2015  12:28    <DIR>          Emsisoft
17.01.2017  22:48    <DIR>          Hewlett-Packard
26.08.2016  16:02    <DIR>          HP
26.08.2016  16:02    <DIR>          HP Product Assistant
26.08.2016  16:06               369 hpzinstall.log
10.08.2014  01:41    <DIR>          install_clap
19.08.2015  10:24    <DIR>          Intel
28.02.2016  13:31    <DIR>          Intel Security
07.10.2016  16:18    <DIR>          Intel(R) Update Manager
04.03.2017  00:17    <DIR>          Malwarebytes
17.02.2017  21:41    <DIR>          McAfee
08.10.2014  18:41    <DIR>          Mozilla
08.10.2014  18:19    <DIR>          Norton
18.07.2014  05:03    <DIR>          NortonInstaller
08.10.2014  17:53    <DIR>          oem
08.10.2014  17:41    <DIR>          OEM_YAHOO
01.09.2015  22:21    <DIR>          Package Cache
18.07.2014  04:54    <DIR>          Packard Bell
10.08.2014  01:12    <DIR>          Qualcomm Atheros
10.08.2014  01:38    <DIR>          regid.1991-06.com.microsoft
27.02.2017  21:24    <DIR>          Skype
10.08.2014  01:40    <DIR>          Temp
25.11.2014  14:22    <DIR>          WildTangent
10.08.2014  01:12    <DIR>          {69533018-33A8-4C46-869A-11AA2CDF4EDC}
               1 Datei(en),            369 Bytes
              30 Verzeichnis(se), 157.253.730.304 Bytes frei

========= Ende von CMD: =========


========= dir "%Appdata%" =========

 Datentr„ger in Laufwerk C: ist Packard Bell
 Volumeseriennummer: 009B-8E63

 Verzeichnis von C:\Users\Bianka\AppData\Roaming

08.03.2017  22:29    <DIR>          .
08.03.2017  22:29    <DIR>          ..
12.02.2016  22:31    <DIR>          Adobe
25.11.2014  11:55    <DIR>          Apple Computer
08.10.2014  17:43    <DIR>          Atheros
29.04.2016  20:46    <DIR>          CyberLink
28.03.2015  00:26    <DIR>          dvdcss
17.12.2016  11:48    <DIR>          FileZilla
17.01.2017  22:55    <DIR>          Hewlett-Packard
03.12.2016  00:04    <DIR>          HP
17.01.2017  22:46    <DIR>          hpqLog
02.09.2016  20:22    <DIR>          HpUpdate
16.03.2015  12:33    <DIR>          Identities
21.11.2014  23:41    <DIR>          Local
08.10.2014  17:59    <DIR>          Macromedia
08.10.2014  18:42    <DIR>          Mozilla
26.11.2014  07:48    <DIR>          OpenOffice
25.11.2014  10:54    <DIR>          Opera Software
12.02.2016  22:33    <DIR>          SaalDesignSoftware
28.02.2017  22:47    <DIR>          Skype
05.03.2017  00:08    <DIR>          vlc
25.11.2014  14:22    <DIR>          WildTangent
16.12.2016  22:56    <DIR>          WinRAR
04.03.2017  13:52    <DIR>          Zoom
               0 Datei(en),              0 Bytes
              24 Verzeichnis(se), 157.253.734.400 Bytes frei

========= Ende von CMD: =========


========= dir "%LocalAppdata%" =========

 Datentr„ger in Laufwerk C: ist Packard Bell
 Volumeseriennummer: 009B-8E63

 Verzeichnis von C:\Users\Bianka\AppData\Local

08.03.2017  22:29    <DIR>          .
08.03.2017  22:29    <DIR>          ..
25.11.2014  14:13    <DIR>          Acer
08.10.2014  18:30    <DIR>          Acer Aspire R7 Tutorial
12.02.2016  22:31    <DIR>          Adobe
08.10.2014  17:43    <DIR>          AOP SDK
25.11.2014  10:50    <DIR>          Apple
25.11.2014  12:00    <DIR>          Apple Computer
08.10.2014  18:30    <DIR>          Apps
25.07.2015  17:51    <DIR>          CEF
31.08.2016  17:57    <DIR>          Citrix
25.11.2014  14:13    <DIR>          clear.fi
04.03.2017  10:24    <DIR>          CrashDumps
29.04.2016  20:46    <DIR>          CyberLink
22.02.2017  19:21    <DIR>          Deployment
05.03.2017  15:25    <DIR>          Diagnostics
08.12.2016  09:58    <DIR>          FileZilla
05.03.2017  19:30    <DIR>          Google
02.07.2015  22:12    <DIR>          GWX
17.01.2017  23:45    <DIR>          Hewlett-Packard
08.10.2014  17:42    <DIR>          iGware
25.11.2014  14:06    <DIR>          Macromedia
29.04.2016  20:47    <DIR>          MediaShow
16.03.2015  12:33    <DIR>          Microsoft
08.10.2014  18:42    <DIR>          Mozilla
08.10.2014  17:40    <DIR>          OEM
25.11.2014  10:54    <DIR>          Opera Software
26.08.2016  15:59    <DIR>          Packages
24.11.2014  12:05    <DIR>          paint.net
28.12.2015  12:15    <DIR>          Programs
08.03.2017  22:29    <DIR>          Temp
25.11.2014  12:01    <DIR>          VirtualStore
               0 Datei(en),              0 Bytes
              32 Verzeichnis(se), 157.253.734.400 Bytes frei

========= Ende von CMD: =========


========= dir "%CommonProgramFiles(x86)%" =========

 Datentr„ger in Laufwerk C: ist Packard Bell
 Volumeseriennummer: 009B-8E63

 Verzeichnis von C:\Program Files (x86)\Common Files

27.02.2017  21:24    <DIR>          .
27.02.2017  21:24    <DIR>          ..
01.05.2015  21:23    <DIR>          Adobe
12.02.2016  22:33    <DIR>          Adobe AIR
10.08.2014  01:12    <DIR>          Atheros
26.08.2016  16:00    <DIR>          Hewlett-Packard
26.08.2016  16:00    <DIR>          HP
01.11.2015  17:56    <DIR>          InstallShield
10.08.2014  00:31    <DIR>          Intel
01.03.2017  08:41    <DIR>          logishrd
21.11.2014  23:42        14.147.584 lpuninstall.exe
17.01.2017  22:34    <DIR>          McAfee
09.11.2014  21:43    <DIR>          Microsoft Shared
10.08.2014  01:30    <DIR>          Nikon
22.08.2013  16:36    <DIR>          Services
27.02.2017  21:24    <DIR>          Skype
08.10.2014  18:15    <DIR>          Symantec Shared
15.03.2015  21:08    <DIR>          System
               1 Datei(en),     14.147.584 Bytes
              17 Verzeichnis(se), 157.253.726.208 Bytes frei

========= Ende von CMD: =========


========= dir "%CommonProgramW6432%" =========

 Datentr„ger in Laufwerk C: ist Packard Bell
 Volumeseriennummer: 009B-8E63

 Verzeichnis von C:\Program Files\Common Files

10.04.2016  17:57    <DIR>          .
10.04.2016  17:57    <DIR>          ..
30.01.2016  14:09    <DIR>          AV
28.02.2016  13:30    <DIR>          Intel Security
01.03.2017  08:41    <DIR>          logishrd
17.02.2017  21:40    <DIR>          McAfee
27.02.2017  20:23    <DIR>          microsoft shared
10.08.2014  01:13    <DIR>          QCA_Bluetooth
22.08.2013  16:36    <DIR>          Services
15.03.2015  21:10    <DIR>          System
               0 Datei(en),              0 Bytes
              10 Verzeichnis(se), 157.253.730.304 Bytes frei

========= Ende von CMD: =========


========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-3939777714-882395854-1159617953-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-3939777714-882395854-1159617953-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt


========= Ende von RemoveProxy: =========


========= ipconfig /flushdns =========


Windows-IP-Konfiguration

Der DNS-Aufl”sungscache wurde geleert.

========= Ende von CMD: =========


========= netsh winsock reset =========


Der Winsock-Katalog wurde zurckgesetzt.
Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen.


========= Ende von CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 130884659 B
Java, Flash, Steam htmlcache => 3955 B
Windows/system/drivers => 308818970 B
Edge => 0 B
Chrome => 26779062 B
Firefox => 366118731 B
Opera => 106777135 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 400962 B
systemprofile32 => 560 B
LocalService => 642580 B
NetworkService => 17062 B
Bianka => 5495542169 B

RecycleBin => 162151351 B
EmptyTemp: => 6.2 GB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 22:41:16 ====
         
SystemLook 30.07.11 by jpshortstuff
Log created at 22:55 on 08/03/2017 by Bianka
Administrator - Elevation successful

========== filefind ==========

Searching for "*pokki*"
C:\AdwCleaner\quarantine\files\bsuocncdibbcwrbqgsgyxdyetnictxdk\Engine\libPokki.dll --a---- 49324544 bytes [20:15 07/03/2017] [19:10 29/04/2014] 99EBD057BADEAF5F4A2A3573B7190DEA
C:\AdwCleaner\quarantine\files\bsuocncdibbcwrbqgsgyxdyetnictxdk\Engine\sysapps\notifications\assets\scripts\platform\templates\pokkiApp.handlebars --a---- 511 bytes [20:16 07/03/2017] [16:06 17/01/2014] 9FBCA64AA76DF50BE494A33C3EBC8E18
C:\AdwCleaner\quarantine\files\bsuocncdibbcwrbqgsgyxdyetnictxdk\Engine\sysapps\notifications\assets\scripts\platform\views\pokkiApp.js --a---- 4908 bytes [20:16 07/03/2017] [18:21 24/02/2014] D382AE873AB82AE575910EF79F8EF018
C:\AdwCleaner\quarantine\files\bsuocncdibbcwrbqgsgyxdyetnictxdk\Pokkies\f22abfeae27a67446927d078890381efc546d3e1\js\pokkistore.js --a---- 594 bytes [20:16 07/03/2017] [16:07 17/01/2014] 16FCB9D66D5E7D25F0A59D7AF809A306
C:\AdwCleaner\quarantine\files\bsuocncdibbcwrbqgsgyxdyetnictxdk\Pokkies\f22abfeae27a67446927d078890381efc546d3e1\js\lib\pokkiHelper.js --a---- 6470 bytes [20:16 07/03/2017] [16:07 17/01/2014] 82C56D3875D29FAF35867873F0761526
C:\AdwCleaner\quarantine\files\bsuocncdibbcwrbqgsgyxdyetnictxdk\Pokkies\f22abfeae27a67446927d078890381efc546d3e1\js\lib\pokkiHostedFramework-2.1.1.js --a---- 19835 bytes [20:16 07/03/2017] [16:07 17/01/2014] 7D60EFD1316202268585B90D28845883
C:\AdwCleaner\quarantine\files\bsuocncdibbcwrbqgsgyxdyetnictxdk\Pokkies\f22abfeae27a67446927d078890381efc546d3e1\js\lib\pokkiHostedFramework-2.1.1.min.js --a---- 9448 bytes [20:16 07/03/2017] [16:06 17/01/2014] 80A4C29A34DA7768DDFC978E0777E53C
C:\AdwCleaner\quarantine\files\kswxmgooksanuayiceknhaqxunrveaeg\Engine\libPokki.dll --a---- 49324032 bytes [20:13 07/03/2017] [23:36 15/11/2016] BA3DF129CC4E78FB1EC89C5AFD204213
C:\AdwCleaner\quarantine\files\kswxmgooksanuayiceknhaqxunrveaeg\Engine\sysapps\notifications\assets\scripts\platform\templates\pokkiApp.handlebars --a---- 521 bytes [20:13 07/03/2017] [23:03 15/11/2016] 0D4B0E9649D137842B8DCAAF6195DC94
C:\AdwCleaner\quarantine\files\kswxmgooksanuayiceknhaqxunrveaeg\Engine\sysapps\notifications\assets\scripts\platform\views\pokkiApp.js --a---- 5048 bytes [20:13 07/03/2017] [23:03 15/11/2016] A94B2C45F902A8AAEED9771475E6BA48
C:\AdwCleaner\quarantine\files\kswxmgooksanuayiceknhaqxunrveaeg\Pokkies\installed_pokkies.db --a---- 7168 bytes [20:14 07/03/2017] [17:48 02/03/2017] BBB701E5FA919B96E9428D9A6014D60D
C:\AdwCleaner\quarantine\files\kswxmgooksanuayiceknhaqxunrveaeg\Pokkies\f22abfeae27a67446927d078890381efc546d3e1\4d484f720bb6153028337ec6ae059939f411a 383\js\pokkistore.js --a---- 594 bytes [20:14 07/03/2017] [17:48 02/03/2017] 16FCB9D66D5E7D25F0A59D7AF809A306
C:\AdwCleaner\quarantine\files\kswxmgooksanuayiceknhaqxunrveaeg\Pokkies\f22abfeae27a67446927d078890381efc546d3e1\4d484f720bb6153028337ec6ae059939f411a 383\js\lib\pokkiHelper.js --a---- 6470 bytes [20:14 07/03/2017] [17:48 02/03/2017] 82C56D3875D29FAF35867873F0761526
C:\AdwCleaner\quarantine\files\kswxmgooksanuayiceknhaqxunrveaeg\Pokkies\f22abfeae27a67446927d078890381efc546d3e1\4d484f720bb6153028337ec6ae059939f411a 383\js\lib\pokkiHostedFramework-2.1.1.js --a---- 19835 bytes [20:14 07/03/2017] [17:48 02/03/2017] 7D60EFD1316202268585B90D28845883
C:\AdwCleaner\quarantine\files\kswxmgooksanuayiceknhaqxunrveaeg\Pokkies\f22abfeae27a67446927d078890381efc546d3e1\4d484f720bb6153028337ec6ae059939f411a 383\js\lib\pokkiHostedFramework-2.1.1.min.js --a---- 9448 bytes [20:14 07/03/2017] [17:48 02/03/2017] 80A4C29A34DA7768DDFC978E0777E53C
C:\AdwCleaner\quarantine\files\vcklydlpyfvpzjfbefcqtczrekwtmpps\Pokki Start Menu.lnk --a---- 2166 bytes [20:14 07/03/2017] [16:06 17/01/2014] 429B98F9B8CD93423C2C639E3BF12560

Searching for "*SweetLabs*"
No files found.

Searching for "*Startfenster*"
C:\AdwCleaner\quarantine\files\yxfaubykkixjhmiyxwiplmkodfbwpggw\startfenster.ico --a---- 99678 bytes [20:15 07/03/2017] [15:46 06/12/2010] BDCF63C89B22A44CDF5B1BE184714A26

Searching for "*homepage-web*"
No files found.

========== folderfind ==========

Searching for "*pokki*"
C:\AdwCleaner\quarantine\files\bsuocncdibbcwrbqgsgyxdyetnictxdk\Pokkies d------ [20:16 07/03/2017]
C:\AdwCleaner\quarantine\files\kswxmgooksanuayiceknhaqxunrveaeg\Pokkies d------ [20:14 07/03/2017]

Searching for "*SweetLabs*"
No folders found.

Searching for "*Startfenster*"
No folders found.

Searching for "*homepage-web*"
No folders found.

========== regfind ==========

Searching for "pokki"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\TBDEn]
"SBOEM2"="%ALLUSERSPROFILE%\Pokki\Pokki Start Menu.lnk"

Searching for "SweetLabs"
No data found.

Searching for "Startfenster"
No data found.

Searching for "homepage-web"
No data found.

-= EOF =-

sorry

Code:
ATTFilter
SystemLook 30.07.11 by jpshortstuff
Log created at 22:55 on 08/03/2017 by Bianka
Administrator - Elevation successful

========== filefind ==========

Searching for "*pokki*"
C:\AdwCleaner\quarantine\files\bsuocncdibbcwrbqgsgyxdyetnictxdk\Engine\libPokki.dll	--a---- 49324544 bytes	[20:15 07/03/2017]	[19:10 29/04/2014] 99EBD057BADEAF5F4A2A3573B7190DEA
C:\AdwCleaner\quarantine\files\bsuocncdibbcwrbqgsgyxdyetnictxdk\Engine\sysapps\notifications\assets\scripts\platform\templates\pokkiApp.handlebars	--a---- 511 bytes	[20:16 07/03/2017]	[16:06 17/01/2014] 9FBCA64AA76DF50BE494A33C3EBC8E18
C:\AdwCleaner\quarantine\files\bsuocncdibbcwrbqgsgyxdyetnictxdk\Engine\sysapps\notifications\assets\scripts\platform\views\pokkiApp.js	--a---- 4908 bytes	[20:16 07/03/2017]	[18:21 24/02/2014] D382AE873AB82AE575910EF79F8EF018
C:\AdwCleaner\quarantine\files\bsuocncdibbcwrbqgsgyxdyetnictxdk\Pokkies\f22abfeae27a67446927d078890381efc546d3e1\js\pokkistore.js	--a---- 594 bytes	[20:16 07/03/2017]	[16:07 17/01/2014] 16FCB9D66D5E7D25F0A59D7AF809A306
C:\AdwCleaner\quarantine\files\bsuocncdibbcwrbqgsgyxdyetnictxdk\Pokkies\f22abfeae27a67446927d078890381efc546d3e1\js\lib\pokkiHelper.js	--a---- 6470 bytes	[20:16 07/03/2017]	[16:07 17/01/2014] 82C56D3875D29FAF35867873F0761526
C:\AdwCleaner\quarantine\files\bsuocncdibbcwrbqgsgyxdyetnictxdk\Pokkies\f22abfeae27a67446927d078890381efc546d3e1\js\lib\pokkiHostedFramework-2.1.1.js	--a---- 19835 bytes	[20:16 07/03/2017]	[16:07 17/01/2014] 7D60EFD1316202268585B90D28845883
C:\AdwCleaner\quarantine\files\bsuocncdibbcwrbqgsgyxdyetnictxdk\Pokkies\f22abfeae27a67446927d078890381efc546d3e1\js\lib\pokkiHostedFramework-2.1.1.min.js	--a---- 9448 bytes	[20:16 07/03/2017]	[16:06 17/01/2014] 80A4C29A34DA7768DDFC978E0777E53C
C:\AdwCleaner\quarantine\files\kswxmgooksanuayiceknhaqxunrveaeg\Engine\libPokki.dll	--a---- 49324032 bytes	[20:13 07/03/2017]	[23:36 15/11/2016] BA3DF129CC4E78FB1EC89C5AFD204213
C:\AdwCleaner\quarantine\files\kswxmgooksanuayiceknhaqxunrveaeg\Engine\sysapps\notifications\assets\scripts\platform\templates\pokkiApp.handlebars	--a---- 521 bytes	[20:13 07/03/2017]	[23:03 15/11/2016] 0D4B0E9649D137842B8DCAAF6195DC94
C:\AdwCleaner\quarantine\files\kswxmgooksanuayiceknhaqxunrveaeg\Engine\sysapps\notifications\assets\scripts\platform\views\pokkiApp.js	--a---- 5048 bytes	[20:13 07/03/2017]	[23:03 15/11/2016] A94B2C45F902A8AAEED9771475E6BA48
C:\AdwCleaner\quarantine\files\kswxmgooksanuayiceknhaqxunrveaeg\Pokkies\installed_pokkies.db	--a---- 7168 bytes	[20:14 07/03/2017]	[17:48 02/03/2017] BBB701E5FA919B96E9428D9A6014D60D
C:\AdwCleaner\quarantine\files\kswxmgooksanuayiceknhaqxunrveaeg\Pokkies\f22abfeae27a67446927d078890381efc546d3e1\4d484f720bb6153028337ec6ae059939f411a383\js\pokkistore.js	--a---- 594 bytes	[20:14 07/03/2017]	[17:48 02/03/2017] 16FCB9D66D5E7D25F0A59D7AF809A306
C:\AdwCleaner\quarantine\files\kswxmgooksanuayiceknhaqxunrveaeg\Pokkies\f22abfeae27a67446927d078890381efc546d3e1\4d484f720bb6153028337ec6ae059939f411a383\js\lib\pokkiHelper.js	--a---- 6470 bytes	[20:14 07/03/2017]	[17:48 02/03/2017] 82C56D3875D29FAF35867873F0761526
C:\AdwCleaner\quarantine\files\kswxmgooksanuayiceknhaqxunrveaeg\Pokkies\f22abfeae27a67446927d078890381efc546d3e1\4d484f720bb6153028337ec6ae059939f411a383\js\lib\pokkiHostedFramework-2.1.1.js	--a---- 19835 bytes	[20:14 07/03/2017]	[17:48 02/03/2017] 7D60EFD1316202268585B90D28845883
C:\AdwCleaner\quarantine\files\kswxmgooksanuayiceknhaqxunrveaeg\Pokkies\f22abfeae27a67446927d078890381efc546d3e1\4d484f720bb6153028337ec6ae059939f411a383\js\lib\pokkiHostedFramework-2.1.1.min.js	--a---- 9448 bytes	[20:14 07/03/2017]	[17:48 02/03/2017] 80A4C29A34DA7768DDFC978E0777E53C
C:\AdwCleaner\quarantine\files\vcklydlpyfvpzjfbefcqtczrekwtmpps\Pokki Start Menu.lnk	--a---- 2166 bytes	[20:14 07/03/2017]	[16:06 17/01/2014] 429B98F9B8CD93423C2C639E3BF12560

Searching for "*SweetLabs*"
No files found.

Searching for "*Startfenster*"
C:\AdwCleaner\quarantine\files\yxfaubykkixjhmiyxwiplmkodfbwpggw\startfenster.ico	--a---- 99678 bytes	[20:15 07/03/2017]	[15:46 06/12/2010] BDCF63C89B22A44CDF5B1BE184714A26

Searching for "*homepage-web*"
No files found.

========== folderfind ==========

Searching for "*pokki*"
C:\AdwCleaner\quarantine\files\bsuocncdibbcwrbqgsgyxdyetnictxdk\Pokkies	d------	[20:16 07/03/2017]
C:\AdwCleaner\quarantine\files\kswxmgooksanuayiceknhaqxunrveaeg\Pokkies	d------	[20:14 07/03/2017]

Searching for "*SweetLabs*"
No folders found.

Searching for "*Startfenster*"
No folders found.

Searching for "*homepage-web*"
No folders found.

========== regfind ==========

Searching for "pokki"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\TBDEn]
"SBOEM2"="%ALLUSERSPROFILE%\Pokki\Pokki Start Menu.lnk"

Searching for "SweetLabs"
No data found.

Searching for "Startfenster"
No data found.

Searching for "homepage-web"
No data found.

-= EOF =-
         
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 08-03-2017
durchgeführt von Bianka (Administrator) auf JENSBIANKALIEBE (08-03-2017 23:13:51)
Gestartet von C:\Users\Bianka\Desktop
Geladene Profile: Bianka (Verfügbare Profile: Bianka)
Platform: Windows 8.1 Connected (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Intel(R) Corporation) C:\Program Files\Intel Corporation\Intel(R) Technology Access\LegacyCsLoaderService.exe
(Intel(R) Corporation) C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMSvc.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Malwarebytes) E:\Programme\Malwarebytes\Anti-Malware\MBAMService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\VSCore_15_6\mcapexe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\2.3.290.0\McCSPServiceHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMLockHandler.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Quick Access\QASvc.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Quick Access\QAEvent.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMTray.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Quick Access\QAMsg.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Malwarebytes) E:\Programme\Malwarebytes\Anti-Malware\mbamtray.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerWinMonitor.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Quick Access\RMSvc.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(acer) C:\Program Files\Packard Bell\User Experience Improvement Program\Framework\UBTService.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.EXE

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672664 2014-06-30] (Realtek Semiconductor)
HKLM\...\Run: [Malwarebytes TrayApp] => E:\PROGRAMME\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2014-04-29] (Atheros Communications)
HKU\S-1-5-21-3939777714-882395854-1159617953-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27427808 2017-02-08] (Skype Technologies S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2016-08-26]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk [2014-11-21]
ShortcutTarget: Install LastPass FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk [2014-11-21]
ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe ()

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{C2DD1DA6-5C52-4B22-9AD4-AEFFB5517783}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{FDA7EFCC-8D4F-4528-998E-4C644058C139}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3939777714-882395854-1159617953-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
HKU\S-1-5-21-3939777714-882395854-1159617953-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=APJB
SearchScopes: HKU\S-1-5-21-3939777714-882395854-1159617953-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3939777714-882395854-1159617953-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3939777714-882395854-1159617953-1001 -> {69142CA1-E7F5-4C54-A9B4-81E7F99E8A45} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=B011DE453D20141008&p={SearchTerms}
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2014-11-21] (LastPass)
BHO: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll [2014-11-21] (LastPass)
BHO-x32: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2014-11-21] (LastPass)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll [2014-11-21] (LastPass)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2017-02-10] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2017-02-10] (McAfee, Inc.)

FireFox:
========
FF ProfilePath: C:\Users\Bianka\AppData\Roaming\Mozilla\Firefox\Profiles\2ptrwtj5.default [2017-03-08]
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\2ptrwtj5.default -> Sichere Suche
FF Homepage: Mozilla\Firefox\Profiles\2ptrwtj5.default -> hxxp://google.de/
FF Keyword.URL: Mozilla\Firefox\Profiles\2ptrwtj5.default -> hxxps://de.search.yahoo.com/search?fr=mcafee&type=C111DE453D20141008&p=
FF Extension: (LastPass) - C:\Users\Bianka\AppData\Roaming\Mozilla\Firefox\Profiles\2ptrwtj5.default\Extensions\support@lastpass.com [2015-09-24]
FF Extension: (Video DownloadHelper) - C:\Users\Bianka\AppData\Roaming\Mozilla\Firefox\Profiles\2ptrwtj5.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-09-20]
FF Extension: (McAfee WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2016-05-24]
FF SearchPlugin: C:\Users\Bianka\AppData\Roaming\Mozilla\Firefox\Profiles\2ptrwtj5.default\searchplugins\McSiteAdvisor.xml [2017-03-05]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2017-02-17] [ist nicht signiert]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2015-08-02]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-02-15] ()
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2014-11-21] (LastPass)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2017-02-10] ()
FF Plugin: @videolan.org/vlc,version=2.1.5 -> E:\Programme\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-15] ()
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2014-11-21] (LastPass)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2017-02-10] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-03-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-03-05] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3939777714-882395854-1159617953-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Bianka\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2016-08-31] (Citrix Online)
FF Plugin HKU\S-1-5-21-3939777714-882395854-1159617953-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\Bianka\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2017-02-28] (Zoom Video Communications, Inc.)

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-04-27]
CHR HKLM\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3939777714-882395854-1159617953-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-04-27]
CHR HKLM-x32\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx

Opera: 
=======
StartMenuInternet: (HKLM) OperaStable - E:\Programme\Opera\Launcher.exe

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [319104 2014-04-29] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert]
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [3053312 2014-06-26] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [2573032 2014-06-12] (Acer Incorporated)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Datei ist nicht signiert]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315376 2014-06-09] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation)
R2 Intel(R) Technology Access Legacy CS Loader; C:\Program Files\Intel Corporation\Intel(R) Technology Access\LegacyCsLoaderService.exe [144128 2015-07-31] (Intel(R) Corporation)
R2 Intel(R) TechnologyAccessService; C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe [481536 2015-07-31] (Intel(R) Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel Corporation)
R2 LMSvc; C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMSvc.exe [466664 2014-06-10] (Acer Incorporate)
R2 MBAMService; E:\Programme\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [188352 2017-02-22] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_15_6\McApExe.exe [989632 2017-01-23] (McAfee, Inc.)
R2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\2.3.290.0\\McCSPServiceHost.exe [2054080 2017-02-04] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [1342904 2017-02-01] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [241040 2016-11-14] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [383032 2016-11-14] (McAfee, Inc.)
R3 mfevtp; C:\Windows\system32\mfevtps.exe [342768 2016-11-14] (McAfee, Inc.)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1465840 2016-12-22] (McAfee, Inc.)
S3 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1104304 2016-11-15] (Intel Security, Inc.)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R3 QASvc; C:\Program Files\Packard Bell\Packard Bell Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 RMSvc; C:\Program Files\Packard Bell\Packard Bell Quick Access\RMSvc.exe [449768 2014-06-26] (Acer Incorporate)
R3 UEIPSvc; C:\Program Files\Packard Bell\User Experience Improvement Program\Framework\UBTService.exe [233216 2014-06-23] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S3 Intel(R) TA SAM; "C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3893248 2014-04-02] (Qualcomm Atheros Communications, Inc.)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-04-29] (Qualcomm Atheros)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [88456 2016-11-18] (McAfee, Inc.)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 GPIO; C:\Windows\System32\drivers\iaiogpioe.sys [31232 2014-06-09] (Intel Corporation)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [216704 2016-08-02] (McAfee, Inc.)
R3 iaioi2c; C:\Windows\System32\drivers\iaioi2ce.sys [69632 2014-06-09] (Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [251840 2017-03-08] (Malwarebytes)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [484576 2016-11-18] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [366320 2016-11-18] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [85048 2016-11-18] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [518184 2016-11-18] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [916432 2016-11-18] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [498152 2016-10-24] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [109336 2016-10-24] (McAfee, Inc.)
R3 mfeplk; C:\Windows\System32\drivers\mfeplk.sys [110248 2016-11-18] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [46240 2016-06-06] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [254800 2016-11-18] (McAfee, Inc.)
R1 ndisrd; C:\Windows\system32\DRIVERS\ndisrfl.sys [41688 2015-04-30] (Intel Corporation)
R3 NetTap630; C:\Windows\system32\DRIVERS\nettap630.sys [67800 2015-04-30] (Intel Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-08 22:55 - 2017-03-08 23:12 - 00009856 _____ C:\Users\Bianka\Desktop\SystemLook.txt
2017-03-08 22:54 - 2017-03-08 22:38 - 00165376 _____ C:\Users\Bianka\Desktop\SystemLook_x64.exe
2017-03-08 22:53 - 2017-03-08 22:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2017-03-08 22:37 - 2017-03-08 22:41 - 00013492 _____ C:\Users\Bianka\Desktop\Fixlog.txt
2017-03-08 22:37 - 2017-03-08 22:37 - 00000000 ____D C:\Users\Bianka\Desktop\FRST-OlderVersion
2017-03-07 21:49 - 2017-03-07 22:13 - 00000554 _____ C:\Users\Bianka\Desktop\JRT.txt
2017-03-07 21:02 - 2017-03-07 21:17 - 00000000 ____D C:\AdwCleaner
2017-03-07 21:02 - 2017-03-07 21:00 - 01663736 _____ (Malwarebytes) C:\Users\Bianka\Desktop\JRT.exe
2017-03-07 21:02 - 2017-03-07 20:59 - 04031440 _____ C:\Users\Bianka\Desktop\AdwCleaner_6.044.exe
2017-03-07 17:03 - 2017-03-07 17:03 - 00001388 _____ C:\Users\Bianka\Desktop\MBAM Scan2.txt
2017-03-07 17:03 - 2017-03-07 17:03 - 00001247 _____ C:\Users\Bianka\Desktop\MBAM Scan3.txt
2017-03-07 16:47 - 2017-03-07 16:47 - 00003774 _____ C:\Users\Bianka\Desktop\MBAM Scan1.txt
2017-03-06 22:01 - 2017-03-06 22:02 - 00353729 _____ C:\Users\Bianka\Desktop\tdss-Killer.txt
2017-03-06 21:48 - 2017-03-06 23:06 - 00707548 _____ C:\TDSSKiller.3.1.0.12_06.03.2017_21.48.50_log.txt
2017-03-06 21:48 - 2017-03-06 21:14 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Bianka\Desktop\tdsskiller.exe
2017-03-06 21:19 - 2017-03-07 22:16 - 00033988 _____ C:\Users\Bianka\Desktop\Addition.txt
2017-03-06 21:15 - 2017-03-08 23:13 - 00022810 _____ C:\Users\Bianka\Desktop\FRST.txt
2017-03-06 21:14 - 2017-03-08 23:13 - 00000000 ____D C:\FRST
2017-03-06 21:13 - 2017-03-08 22:37 - 02423808 _____ (Farbar) C:\Users\Bianka\Desktop\FRST64.exe
2017-03-05 22:50 - 2017-03-05 23:37 - 00015645 _____ C:\Users\Bianka\Desktop\Brotrezept.odt
2017-03-05 19:30 - 2017-03-05 19:30 - 00002251 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-03-05 19:30 - 2017-03-05 19:30 - 00002239 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-03-05 19:29 - 2017-03-05 19:29 - 00003542 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-03-05 19:29 - 2017-03-05 19:29 - 00003414 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-03-04 13:52 - 2017-03-04 13:52 - 00133640 _____ (Zoom Video Communications, Inc.) C:\Users\Bianka\Downloads\Zoom_launcher (3).exe
2017-03-04 13:52 - 2017-03-04 13:52 - 00000000 ____D C:\Users\Bianka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2017-03-04 00:18 - 2017-03-08 22:44 - 00251840 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-03-04 00:17 - 2017-03-08 09:27 - 00077408 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-03-04 00:17 - 2017-03-04 00:17 - 00000925 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-03-04 00:17 - 2017-03-04 00:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-03-04 00:17 - 2017-03-04 00:17 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-03-03 19:17 - 2017-03-03 19:18 - 01129376 _____ (Google Inc.) C:\Users\Bianka\Downloads\ChromeSetup.exe
2017-03-01 21:25 - 2017-03-01 21:26 - 439608336 _____ C:\Users\Bianka\Downloads\Interview Bianca und Katharina Kongress Lebensfreude zoom_0.mp4
2017-03-01 11:56 - 2017-03-01 11:56 - 00133640 _____ (Zoom Video Communications, Inc.) C:\Users\Bianka\Downloads\Zoom_launcher (2).exe
2017-03-01 11:26 - 2017-03-01 11:26 - 00133640 _____ (Zoom Video Communications, Inc.) C:\Users\Bianka\Downloads\Zoom_launcher (1).exe
2017-03-01 10:29 - 2017-03-06 22:47 - 00000068 _____ C:\Users\Bianka\Desktop\LP.txt
2017-03-01 08:58 - 2017-03-04 14:52 - 00000000 ____D C:\Users\Bianka\Documents\Zoom
2017-03-01 08:52 - 2017-03-04 13:53 - 00001954 _____ C:\Users\Bianka\Desktop\Zoom.lnk
2017-03-01 08:51 - 2017-03-01 08:51 - 00133640 _____ (Zoom Video Communications, Inc.) C:\Users\Bianka\Downloads\Zoom_launcher.exe
2017-02-27 21:19 - 2017-02-27 21:19 - 01629144 _____ (Skype Technologies S.A.) C:\Users\Bianka\Downloads\SkypeSetup.exe
2017-02-26 20:43 - 2017-03-08 11:45 - 00033145 _____ C:\Users\Bianka\Desktop\eBookText (neu).odt
2017-02-25 21:56 - 2017-02-26 17:32 - 00000000 ____D C:\Users\Bianka\Desktop\Pure-Lebensfreude-Online-Kongress
2017-02-25 12:30 - 2017-02-26 22:35 - 00027994 _____ C:\Users\Bianka\Desktop\Whatsapp-Chat.txt
2017-02-24 19:18 - 2017-02-24 19:19 - 00000706 _____ C:\Users\Bianka\Desktop\Onlinekongresserläuterung.txt
2017-02-23 21:59 - 2017-02-23 23:23 - 00000300 _____ C:\Users\Bianka\Desktop\Impressum.txt
2017-02-17 21:51 - 2017-02-17 21:51 - 00046655 _____ C:\Users\Bianka\Downloads\PB_KAZ_KtoNr_0092294801_07-02-2017_0928.pdf
2017-02-15 16:16 - 2017-02-15 22:57 - 00000453 _____ C:\Users\Bianka\Desktop\Karima Stockmann.txt
2017-02-15 13:22 - 2017-02-15 16:16 - 00000274 _____ C:\Users\Bianka\Desktop\Franziska Luschas.txt
2017-02-15 13:10 - 2017-02-19 17:37 - 00000670 _____ C:\Users\Bianka\Desktop\Astrid Kuby.txt
2017-02-15 11:36 - 2017-02-15 13:10 - 00000183 _____ C:\Users\Bianka\Desktop\Berge.txt
2017-02-15 10:05 - 2017-02-15 11:36 - 00000288 _____ C:\Users\Bianka\Desktop\Silvia Maria Engel.txt
2017-02-06 21:51 - 2017-02-06 21:57 - 00003772 _____ C:\Users\Bianka\Desktop\Gunnar Kessler.txt

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-08 23:05 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf
2017-03-08 22:55 - 2014-10-08 17:47 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3939777714-882395854-1159617953-1001
2017-03-08 22:50 - 2015-12-18 17:08 - 03722240 ___SH C:\Users\Bianka\Desktop\Thumbs.db
2017-03-08 22:50 - 2014-10-08 17:45 - 00000000 ___DO C:\Users\Bianka\OneDrive
2017-03-08 22:44 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-03-08 22:34 - 2014-08-10 10:06 - 00765582 _____ C:\Windows\system32\perfh007.dat
2017-03-08 22:34 - 2014-08-10 10:06 - 00159366 _____ C:\Windows\system32\perfc007.dat
2017-03-08 22:34 - 2014-03-18 10:47 - 01776918 _____ C:\Windows\system32\PerfStringBackup.INI
2017-03-08 22:32 - 2016-08-31 17:57 - 00000696 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-3939777714-882395854-1159617953-1001.job
2017-03-08 21:25 - 2014-11-25 13:47 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-03-08 21:17 - 2016-08-31 17:57 - 00000600 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3939777714-882395854-1159617953-1001.job
2017-03-08 14:25 - 2016-08-31 17:57 - 00003712 _____ C:\Windows\System32\Tasks\G2MUploadTask-S-1-5-21-3939777714-882395854-1159617953-1001
2017-03-08 14:25 - 2016-08-31 17:57 - 00003616 _____ C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-3939777714-882395854-1159617953-1001
2017-03-08 09:26 - 2017-01-03 00:13 - 00022598 _____ C:\Users\Bianka\Desktop\Haushaltsbuch 2017 .ods
2017-03-07 22:32 - 2016-09-14 11:24 - 00000000 ____D C:\Users\Bianka\Desktop\ExpertenBilderZ
2017-03-07 21:41 - 2016-01-30 14:09 - 00000000 ____D C:\Program Files (x86)\McAfee
2017-03-07 20:54 - 2016-10-13 10:56 - 00019543 _____ C:\Users\Bianka\Desktop\Experten,Tel,EMail,Verein.ods
2017-03-06 20:55 - 2016-09-14 11:21 - 00000000 ____D C:\Users\Bianka\Desktop\ExpertenBilderA
2017-03-06 20:54 - 2016-09-14 10:00 - 00000000 ____D C:\Users\Bianka\Desktop\ExpertenBilderBianka
2017-03-06 20:07 - 2016-06-18 11:56 - 00003068 _____ C:\Windows\System32\Tasks\McAfeeLogon
2017-03-06 20:07 - 2016-01-30 14:11 - 00000000 ____D C:\Windows\System32\Tasks\McAfee
2017-03-05 23:53 - 2016-03-19 21:00 - 00000000 ____D C:\Users\Bianka\Desktop\Fotos
2017-03-05 19:30 - 2014-10-08 18:31 - 00000000 ____D C:\Users\Bianka\AppData\Local\Google
2017-03-05 19:29 - 2014-10-08 18:31 - 00000000 ____D C:\Program Files (x86)\Google
2017-03-05 18:54 - 2014-10-08 17:40 - 00000000 ____D C:\Users\Bianka
2017-03-05 15:34 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\NDF
2017-03-05 15:08 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2017-03-05 14:41 - 2014-10-08 17:59 - 00000000 __SHD C:\Users\Bianka\AppData\LocalLow\EmieUserList
2017-03-05 14:41 - 2014-10-08 17:58 - 00000000 __SHD C:\Users\Bianka\AppData\LocalLow\EmieSiteList
2017-03-05 00:08 - 2014-11-05 20:14 - 00000000 ____D C:\Users\Bianka\AppData\Roaming\vlc
2017-03-04 13:52 - 2016-01-19 23:01 - 00000000 ____D C:\Users\Bianka\AppData\Roaming\Zoom
2017-03-04 10:24 - 2014-11-01 18:15 - 00000000 ____D C:\Users\Bianka\AppData\Local\CrashDumps
2017-03-03 20:16 - 2017-01-18 20:49 - 00013932 _____ C:\Users\Bianka\Desktop\RechnungenUmsatzsteuerFA 2016 (neu).ods
2017-03-01 10:17 - 2017-01-20 18:02 - 00000790 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2017-03-01 10:17 - 2014-11-25 10:54 - 00003862 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1416909253
2017-03-01 08:41 - 2016-04-10 17:57 - 00000000 ____D C:\Program Files\Common Files\logishrd
2017-02-28 22:47 - 2016-01-18 11:01 - 00000000 ____D C:\Users\Bianka\AppData\Roaming\Skype
2017-02-28 09:51 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\LiveKernelReports
2017-02-27 21:24 - 2016-01-18 10:59 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-02-27 21:24 - 2016-01-18 10:59 - 00000000 ____D C:\ProgramData\Skype
2017-02-27 20:29 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2017-02-27 20:23 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-02-25 21:54 - 2016-09-21 10:12 - 00001913 _____ C:\Users\Bianka\Desktop\Andre Loibl.txt
2017-02-23 23:30 - 2014-11-24 12:04 - 03101184 ___SH C:\Users\Bianka\Downloads\Thumbs.db
2017-02-23 22:21 - 2014-11-09 21:16 - 00000000 ____D C:\Windows\system32\MRT
2017-02-23 22:16 - 2014-11-09 21:16 - 138020592 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-02-22 23:10 - 2015-05-01 21:23 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-02-22 19:25 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
2017-02-22 19:21 - 2014-10-08 18:30 - 00000000 ____D C:\Users\Bianka\AppData\Local\Deployment
2017-02-22 18:54 - 2014-10-08 17:59 - 00000000 __SHD C:\Users\Bianka\AppData\Local\EmieUserList
2017-02-22 18:54 - 2014-10-08 17:59 - 00000000 __SHD C:\Users\Bianka\AppData\Local\EmieSiteList
2017-02-19 21:58 - 2016-10-26 11:38 - 00015533 _____ C:\Users\Bianka\Desktop\Thomas Schmelzer.txt
2017-02-19 17:55 - 2017-01-22 15:29 - 00000300 _____ C:\Users\Bianka\Desktop\Ina Rudolph.txt
2017-02-17 21:41 - 2016-01-30 14:03 - 00000000 ____D C:\ProgramData\McAfee
2017-02-17 21:40 - 2016-01-30 14:03 - 00000000 ____D C:\Program Files\Common Files\McAfee
2017-02-17 21:40 - 2013-08-22 15:44 - 00377416 _____ C:\Windows\system32\FNTCACHE.DAT
2017-02-15 10:04 - 2017-01-11 13:47 - 00001529 _____ C:\Users\Bianka\Desktop\Ralf senftleben.txt
2017-02-15 08:25 - 2014-11-25 13:47 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-02-15 08:25 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-02-15 08:25 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\Macromed
2017-02-10 22:33 - 2013-08-22 16:36 - 00000000 ___HD C:\Windows\ELAMBKUP
2017-02-09 23:32 - 2016-09-21 09:11 - 00011681 _____ C:\Users\Bianka\Desktop\Recherche Experten.txt
2017-02-06 20:41 - 2016-10-12 23:26 - 00835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-02-06 20:41 - 2016-10-12 23:26 - 00177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-11-21 23:42 - 2014-11-21 23:42 - 14147584 _____ () C:\Program Files (x86)\Common Files\lpuninstall.exe
2014-08-10 01:06 - 2014-08-10 01:06 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-08-26 15:56 - 2016-08-26 16:06 - 0000369 _____ () C:\ProgramData\hpzinstall.log

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-03-01 10:37

==================== Ende von FRST.txt ============================
         
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 08-03-2017
durchgeführt von Bianka (08-03-2017 23:15:30)
Gestartet von C:\Users\Bianka\Desktop
Windows 8.1 Connected (Update) (X64) (2014-10-08 16:40:44)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3939777714-882395854-1159617953-500 - Administrator - Disabled)
Bianka (S-1-5-21-3939777714-882395854-1159617953-1001 - Administrator - Enabled) => C:\Users\Bianka
Gast (S-1-5-21-3939777714-882395854-1159617953-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3939777714-882395854-1159617953-1003 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}
FW: McAfee Firewall (Enabled) {B3F62DDF-980B-3470-75A7-407A2E6F58C7}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

4500_G510af_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
4500G510af (x32 Version: 140.0.001.000 - Hewlett-Packard) Hidden
4500G510af_Software_Min (x32 Version: 140.0.001.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 20.0.0.260 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.01.2008.3 - Acer Incorporated)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bing Bar (HKLM-x32\...\{3611CA6C-5FCA-4900-A329-6A118123CCFC}) (Version: 7.1.355.0 - Microsoft Corporation)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Citrix Online Launcher (HKLM-x32\...\{09DA5EE2-7E46-4DC4-96F9-BFEE50D40659}) (Version: 1.0.408 - Citrix)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4917 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.4220 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3914.57 - CyberLink Corp.)
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden
eBay Worldwide (HKLM-x32\...\{91589413-6675-4C27-8AFC-EFB9103B90A5}) (Version: 2.4.0105 - OEM)
Fax (x32 Version: 140.0.307.000 - Hewlett-Packard) Hidden
FileZilla Client 3.23.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.23.0.2 - Tim Kosse)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
GoToMeeting 8.1.0.6519 (HKU\S-1-5-21-3939777714-882395854-1159617953-1001\...\GoToMeeting) (Version: 8.1.0.6519 - CitrixOnline)
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Officejet 4500 G510a-f 14.0 Rel. 6 (HKLM\...\{A49C5804-8F24-433C-99B2-9F9F541090C7}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Support Assistant (HKLM-x32\...\{4780AF24-213D-4187-86F2-0014A6D6077B}) (Version: 8.3.50.9 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{AAE126B3-95C5-49E1-A590-7B5F6EDC7D60}) (Version: 12.5.32.203 - HP Inc.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8101 - Packard Bell)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3574 - Intel Corporation)
Intel(R) Technology Access (HKLM-x32\...\{fb74531f-28c3-4dca-9849-e6b8faa85afe}) (Version: 1.5.0.1021 - Intel Corporation)
Intel(R) Technology Access Software Asset Manager (x32 Version: 1.0.1562 - Intel Corporation) Hidden
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation)
LastPass (Nur deinstallieren) (HKLM-x32\...\LastPass) (Version:  - LastPass)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8100 - Packard Bell)
Malwarebytes Version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
McAfee Internet Security Suite (HKLM-x32\...\MSC) (Version: 14.0.12000 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.235 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0 - Mozilla)
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Opera Stable 43.0.2442.1144 (HKLM-x32\...\Opera 43.0.2442.1144) (Version: 43.0.2442.1144 - Opera Software)
Packard Bell Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Packard Bell)
Packard Bell Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8107 - Packard Bell)
Packard Bell Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8105 - Packard Bell)
Packard Bell Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3016.0 - Packard Bell)
Packard Bell Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8108 - Packard Bell)
Packard Bell User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.02.3004 - Packard Bell)
Packard Bell User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.02.3004 - Packard Bell)
paint.net (HKLM\...\{6AC1101E-7561-43C9-BEEA-4AB1D220D8FF}) (Version: 4.0.13 - dotPDN LLC)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.322 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.33 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.39059 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.33.529.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7288 - Realtek Semiconductor Corp.)
Saal Design Software (HKLM-x32\...\SaalDesignSoftware) (Version: 4.0 - Saal Digital Fotoservice GmbH)
Saal Design Software (x32 Version: 4.0 - Saal Digital Fotoservice GmbH) Hidden
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype™ 7.32 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.104 - Skype Technologies S.A.)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.6.81.gd359a796 - Spotify AB)
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
WinRAR 5.40 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-3939777714-882395854-1159617953-1001\...\ZoomUMX) (Version: 4.0 - Zoom Video Communications, Inc.)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3939777714-882395854-1159617953-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3939777714-882395854-1159617953-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Bianka\AppData\Local\Citrix\GoToMeeting\5808\G2MOutlookAddin64.dll => Keine Datei

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {05690C2D-2462-4329-A6BA-2BE6B7928391} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Packard Bell\Packard Bell Recovery Management\Notification\Notification.exe [2014-06-17] (Acer Incorporated)
Task: {085E5887-7694-4C67-B066-07CA7CF7D58F} - System32\Tasks\G2MUpdateTask-S-1-5-21-3939777714-882395854-1159617953-1001 => C:\Users\Bianka\AppData\Local\Citrix\GoToMeeting\6519\g2mupdate.exe [2017-03-08] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {106706D0-E476-400D-B4AD-2DC7B9C94E25} - System32\Tasks\UbtFrameworkService => C:\Program Files\Packard Bell\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-12] (TODO: <Company name>)
Task: {1A46170F-14F7-41FE-8E2B-E06FC3306809} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-12-07] (HP Inc.)
Task: {312CDB5A-4AC9-43C4-B4AC-C1ED6DDB1547} - System32\Tasks\IntelTA-Upgrade-56460984-97c2-4bc7-a632-d776cf817f5d => C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe 
Task: {312E43F1-DFFC-4E8B-80E0-1B5A9E39B030} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [2016-12-09] (McAfee, Inc.)
Task: {46C1FA8A-EAC0-4ECB-B5D6-3E90F05B0D75} - System32\Tasks\IntelTA-Upgrade-56460984-97c2-4bc7-a632-d776cf817f5d-Logon => C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe 
Task: {47FC67FC-9211-4ADE-9B00-4B50628B3137} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {6D5036F1-FF73-47A9-88E3-C0C28EB11624} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2016-12-06] (HP Inc.)
Task: {6E83697B-11FB-4B17-8751-0E153CCBE470} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)
Task: {86377B76-DC30-4084-97F1-4460C9CF88AA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {90AA8809-AAB5-4716-B4FE-8FB10A69AF5C} - System32\Tasks\Launch Manager => C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMLauncher.exe [2014-06-10] (Acer Incorporate)
Task: {9724304D-AEFF-4334-866A-49DD98ECC1FA} - System32\Tasks\Quick Access => C:\Program Files\Packard Bell\Packard Bell Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {AD342E15-C9E1-4F7F-B358-57EF5D892E15} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {B4BCE3D4-CB4C-4036-AD11-1EE7A571446D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-05] (Google Inc.)
Task: {B6CF8580-93B8-4991-A681-07047CD3D3D0} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {B924DBF1-6776-4110-AE67-4F92EA42C3C8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2017-02-23] (Microsoft Corporation)
Task: {B9635281-C472-4AE6-94D6-81F6E3902874} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Packard Bell\Packard Bell Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {D18E474C-2E57-48E5-AC50-9933F3194224} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-05] (Google Inc.)
Task: {D3C088AF-18A5-416B-B125-25A93C6FE4F3} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {D8F6BBFF-8454-4137-9B0C-E4E62002B90A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {E00F7476-48BF-48F8-A325-B88AD2C2BBFA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)
Task: {E5123DAA-931C-44A6-B9AE-C3351D3D8FF3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-15] (Adobe Systems Incorporated)
Task: {E79B1364-B9CB-42DA-886A-D57ECC9BA405} - System32\Tasks\G2MUploadTask-S-1-5-21-3939777714-882395854-1159617953-1001 => C:\Users\Bianka\AppData\Local\Citrix\GoToMeeting\6519\g2mupload.exe [2017-03-08] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {EB873949-AEBC-4FE8-8C95-39E517C105FE} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Packard Bell\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {EBDA2E4D-7745-4035-86B1-6AD1ED378541} - System32\Tasks\ALU => C:\Program Files (x86)\Packard Bell\Live Updater\updater.exe [2013-07-08] ()
Task: {EC753DFA-E68E-4D00-B974-D5C75CCCE682} - System32\Tasks\Power Management => C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTrayLauncher.exe [2014-06-12] (Acer Incorporated)
Task: {F2091015-81A7-496C-937F-94BD68A461E3} - System32\Tasks\Opera scheduled Autoupdate 1416909253 => E:\Programme\Opera\launcher.exe [2017-02-27] (Opera Software)
Task: {F33E1F55-808A-4E9E-9A4E-A30E6B322DB8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-06] (HP Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3939777714-882395854-1159617953-1001.job => C:\Users\Bianka\AppData\Local\Citrix\GoToMeeting\6519\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-3939777714-882395854-1159617953-1001.job => C:\Users\Bianka\AppData\Local\Citrix\GoToMeeting\6519\g2mupload.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-07-07 10:44 - 2015-07-07 10:44 - 00088064 _____ () C:\Program Files\Intel Corporation\Intel(R) Technology Access\libglog.dll
2015-07-07 12:41 - 2015-07-07 12:41 - 01793280 _____ () C:\Program Files\Intel Corporation\Intel(R) Technology Access\cpprest120_1_4.dll
2015-07-07 12:41 - 2015-07-07 12:41 - 00354560 _____ () C:\Program Files\Intel Corporation\Intel(R) Technology Access\JsonCpp.dll
2014-08-10 01:34 - 2012-04-24 11:43 - 00254512 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2017-03-04 00:17 - 2017-03-08 09:27 - 02264352 _____ () E:\PROGRAMME\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2014-04-29 01:38 - 2014-04-29 01:38 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2014-04-29 01:35 - 2014-04-29 01:35 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2014-04-29 01:42 - 2014-04-29 01:42 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2014-08-10 01:43 - 2014-01-03 13:13 - 00111872 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2016-12-06 17:17 - 2016-12-06 17:17 - 00052400 _____ () E:\Programme\FileZilla\fzshellext_64.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3939777714-882395854-1159617953-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Bianka\Pictures\09_15_P5090046.JPG
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKU\S-1-5-21-3939777714-882395854-1159617953-1001\...\StartupApproved\Run: => "Skype"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Wiederherstellungspunkte =========================

18-02-2017 11:29:32 Intel(R) Technology Access
22-02-2017 19:23:43 Windows Update
05-03-2017 18:00:06 Geplanter Prüfpunkt
07-03-2017 21:44:10 JRT Pre-Junkware Removal
07-03-2017 22:10:00 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (03/05/2017 10:33:19 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm chrome.exe, Version 56.0.2924.87 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 798

Startzeit: 01d295f7d10b632c

Endzeit: 60000

Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Berichts-ID: 2bcfd2a7-01eb-11e7-82ad-206a8ade4140

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (03/05/2017 10:27:22 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm chrome.exe, Version 56.0.2924.87 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 944

Startzeit: 01d295edc61a864a

Endzeit: 4294967295

Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Berichts-ID: d6027a12-01e1-11e7-82ad-206a8ade4140

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (03/05/2017 09:05:05 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm chrome.exe, Version 56.0.2924.87 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1f80

Startzeit: 01d295e8dc786c13

Endzeit: 31

Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Berichts-ID: 9bf5cb8f-01dd-11e7-82ad-206a8ade4140

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (03/05/2017 08:39:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm chrome.exe, Version 56.0.2924.87 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 914

Startzeit: 01d295e7e4fd2b35

Endzeit: 60000

Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Berichts-ID: 39f5cc66-01db-11e7-82ad-206a8ade4140

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (03/05/2017 08:32:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm chrome.exe, Version 56.0.2924.87 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1190

Startzeit: 01d295e4085babc6

Endzeit: 18

Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Berichts-ID: c0bab5a6-01d8-11e7-82ad-206a8ade4140

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (03/05/2017 07:43:48 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm chrome.exe, Version 56.0.2924.87 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1114

Startzeit: 01d295de94b8bb6c

Endzeit: 4294967295

Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Berichts-ID: 4200e56c-01d2-11e7-82ac-206a8ade4140

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (03/05/2017 06:45:01 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm chrome.exe, Version 56.0.2924.87 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: ee0

Startzeit: 01d295d39358a55e

Endzeit: 60000

Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Berichts-ID: 46769ae2-01cb-11e7-82ab-206a8ade4140

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (03/05/2017 02:38:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Notification.exe, Version: 6.0.3012.0, Zeitstempel: 0x53281d82
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.18340, Zeitstempel: 0x57366075
Ausnahmecode: 0xe0434352
Fehleroffset: 0x0000000000008a5c
ID des fehlerhaften Prozesses: 0x2044
Startzeit der fehlerhaften Anwendung: 0x01d295b5cb3ec928
Pfad der fehlerhaften Anwendung: C:\Program Files\Packard Bell\Packard Bell Recovery Management\Notification\Notification.exe
Pfad des fehlerhaften Moduls: C:\Windows\system32\KERNELBASE.dll
Berichtskennung: 0a84fac5-01a9-11e7-82aa-206a8ade4140
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (03/05/2017 02:38:40 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Notification.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.InvalidOperationException
   bei System.Diagnostics.Process.GetProcessHandle(Int32, Boolean)
   bei System.Diagnostics.Process.OpenProcessHandle(Int32)
   bei System.Diagnostics.Process.get_Handle()
   bei Notification.Form1.CheckAppContainer(System.Diagnostics.Process)
   bei Notification.Form1.CheckResolution()
   bei Notification.Form1..ctor()
   bei Notification.Program.Main()

Error: (03/05/2017 02:33:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm chrome.exe, Version 56.0.2924.87 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 2180

Startzeit: 01d295a96502212f

Endzeit: 4294967295

Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Berichts-ID: e45e5607-01a6-11e7-82aa-206a8ade4140

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:


Systemfehler:
=============
Error: (03/08/2017 10:38:17 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
Es wird bereits eine Instanz des Dienstes ausgeführt.

Error: (03/08/2017 10:37:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "ePower Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (03/08/2017 10:37:47 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (03/08/2017 10:37:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "HP Support Solutions Framework Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (03/08/2017 10:37:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Quick Access RadioMgr Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (03/08/2017 10:37:47 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 3000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (03/08/2017 10:37:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "User Experience Improvement Program" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (03/08/2017 10:37:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Malwarebytes Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (03/08/2017 10:37:47 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.

Error: (03/08/2017 10:37:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "BBUpdate" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Celeron(R) CPU N2840 @ 2.16GHz
Prozentuale Nutzung des RAM: 42%
Installierter physikalischer RAM: 3977.98 MB
Verfügbarer physikalischer RAM: 2282.96 MB
Summe virtueller Speicher: 5321.98 MB
Verfügbarer virtueller Speicher: 3781.81 MB

==================== Laufwerke ================================

Drive c: (Packard Bell) (Fixed) (Total:205.07 GB) (Free:152.26 GB) NTFS
Drive e: (Volume) (Fixed) (Total:244.14 GB) (Free:66.35 GB) NTFS
Drive f: (VON-JENS) (Removable) (Total:1.87 GB) (Free:1.58 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: B4119404)

Partition: GPT.

========================================================
Disk: 1 (Size: 1.9 GB) (Disk ID: 0042FF8C)
Partition 1: (Active) - (Size=1.9 GB) - (Type=0B)

==================== Ende von Addition.txt ============================
         

Alt 09.03.2017, 15:56   #14
M-K-D-B
/// TB-Ausbilder
 
Trojan.Injector.MSIL in Quarantäne, trotzdem funktioniert Google Chrome nicht - Standard

Trojan.Injector.MSIL in Quarantäne, trotzdem funktioniert Google Chrome nicht



Servus,


wir entfernen die letzten Reste und kontrollieren nochmal alles.



Hinweis: Der Suchlauf mit ESET kann länger dauern.



Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument


Code:
ATTFilter
start
CloseProcesses:
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\TBDEn|SBOEM2
EmptyTemp:
end
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.







Schritt 2

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset







Schritt 3
Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.
  • Starte die HitmanPro.exe
  • Klicke auf
  • Entferne den Haken bei
  • Klicke auf
    und
  • Akzeptiere die Lizenzbedingungen und klicke auf
  • Klicke auf

    und auf
  • Wenn der Scan beendet wurde, nichts löschen lassen etc. sondern wähle unten links auf der Button-Leiste
    und speichere die Logdatei auf Deinem Desktop.
  • Schließe HitmanPro und poste mir das Log.

 







Schritt 4
  • Starte die FRST.exe erneut. Vergewissere dich, dass vor Addition.txt ein Haken gesetzt ist und drücke auf Untersuchen.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.





Gibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?







Bitte poste mit deiner nächsten Antwort
  • die Logdatei des FRST-Fix,
  • die Logdatei von ESET,
  • die Logdatei von HitmanPro,
  • die beiden neuen Logdateien von FRST,
  • die Beantwortung der gestellten Fragen.
__________________
Gruß
M-K-D-B


==========================================================
offline vom 22.12.2018 bis 01.01.2019
==========================================================

Das Trojaner-Board unterstützen

Alt 09.03.2017, 22:44   #15
BiAnka-LF
 
Trojan.Injector.MSIL in Quarantäne, trotzdem funktioniert Google Chrome nicht - Standard

Trojan.Injector.MSIL in Quarantäne, trotzdem funktioniert Google Chrome nicht



Code:
ATTFilter
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 08-03-2017
durchgeführt von Bianka (09-03-2017 17:19:48) Run:2
Gestartet von C:\Users\Bianka\Desktop
Geladene Profile: Bianka (Verfügbare Profile: Bianka)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
start
CloseProcesses:
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\TBDEn|SBOEM2
EmptyTemp:
end
*****************

Prozesse erfolgreich geschlossen.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\TBDEn\\SBOEM2 => Wert erfolgreich entfernt

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 14700032 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 81227 B
Edge => 0 B
Chrome => 0 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 128 B
LocalService => 2456 B
NetworkService => 0 B
Bianka => 1761705 B

RecycleBin => 0 B
EmptyTemp: => 23.8 MB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 17:19:54 ====
         
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=cc635e9b9fb0fd48aff18cb9f5e26a8b
# end=init
# utc_time=2017-03-09 04:24:36
# local_time=2017-03-09 05:24:36 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT 
Update Init
Update Download
Update Finalize
Updated modules version: 32661
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=cc635e9b9fb0fd48aff18cb9f5e26a8b
# end=updated
# utc_time=2017-03-09 04:27:50
# local_time=2017-03-09 05:27:50 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT 
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=cc635e9b9fb0fd48aff18cb9f5e26a8b
# engine=32661
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2017-03-09 07:40:22
# local_time=2017-03-09 08:40:22 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1='*McAfee*'
# compatibility_mode=5135 16777214 85 100 169172 74048208 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 66 85 49241954 52877992 0 0
# scanned=285341
# found=0
# cleaned=0
# scan_time=11552
         
Code:
ATTFilter
Code:
ATTFilter
HitmanPro 3.7.15.281
www.hitmanpro.com

   Computer name . . . . : JENSBIANKALIEBE
   Windows . . . . . . . : 6.3.0.9600.X64/2
   User name . . . . . . : JENSBIANKALIEBE\Bianka
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free

   Scan date . . . . . . : 2017-03-09 22:25:22
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 5m 53s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 0
   Traces  . . . . . . . : 2

   Objects scanned . . . : 1.662.856
   Files scanned . . . . : 28.399
   Remnants scanned  . . : 409.147 files / 1.225.310 keys

Suspicious files ____________________________________________________________

   C:\Users\Bianka\Desktop\FRST-OlderVersion\FRST64.exe
      Size . . . . . . . : 2.423.808 bytes
      Age  . . . . . . . : 3.0 days (2017-03-06 21:13:56)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : D3F6B73F9517C1058A870B3411AF3A7DDA50A94B76ED0A29D0EF7E55601BCA04
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.

   C:\Users\Bianka\Desktop\FRST64.exe
      Size . . . . . . . : 2.423.808 bytes
      Age  . . . . . . . : 1.0 days (2017-03-08 22:37:33)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 0C11A0E7E1D7950EAAB54F640609BD62DC8E7F6CCBDD4520ACD6E0A67C252262
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
      Forensic Cluster
         -2.1s C:\Users\Bianka\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\5080DC7A65DB6A5960ECD874088F3328_6CBA2C06D5985DD95AE59AF8FC7C6220
         -2.1s C:\Users\Bianka\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\5080DC7A65DB6A5960ECD874088F3328_6CBA2C06D5985DD95AE59AF8FC7C6220
         -0.9s C:\Users\Bianka\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\9EC3B71635F8BA3FC68DE181A104A0EF_F6C39EF89D8A3A72327D8412589658B2
         -0.9s C:\Users\Bianka\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\9EC3B71635F8BA3FC68DE181A104A0EF_F6C39EF89D8A3A72327D8412589658B2
         -0.6s C:\Users\Bianka\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\64DCC9872C5635B1B7891B30665E0558_5552C20A2631357820903FD38A8C0F9F
         -0.6s C:\Users\Bianka\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\64DCC9872C5635B1B7891B30665E0558_5552C20A2631357820903FD38A8C0F9F
         -0.3s C:\Users\Bianka\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6AF4EE75E3A4ABA658C0087EB9A0BB5B_556BB0FF4D382D90E7703209690E089E
         -0.3s C:\Users\Bianka\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6AF4EE75E3A4ABA658C0087EB9A0BB5B_556BB0FF4D382D90E7703209690E089E
          0.0s C:\Users\Bianka\Desktop\FRST64.exe
          0.9s C:\Users\Bianka\Desktop\FRST-OlderVersion\
         12.2s C:\FRST\Logs\ct
         12.3s C:\Users\Bianka\Desktop\Fixlog.txt
         15.2s C:\Windows\Prefetch\IPCONFIG.EXE-EEA91845.pf
         15.3s C:\Windows\Prefetch\BITSADMIN.EXE-51D741B1.pf
         22.7s C:\Windows\Prefetch\DASHOST.EXE-38AAABF0.pf
         22.7s C:\Windows\Prefetch\HECISERVER.EXE-8F035191.pf
         24.6s C:\Windows\Prefetch\PRESENTATIONFONTCACHE.EXE-E2702CF2.pf
         29.2s C:\Windows\Prefetch\MCSACORE.EXE-10A68216.pf
         29.6s C:\Windows\Prefetch\SPOOLSV.EXE-AC422BB0.pf
         31.2s C:\Windows\Prefetch\SEARCHINDEXER.EXE-EF8503D3.pf
         
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 08-03-2017
durchgeführt von Bianka (Administrator) auf JENSBIANKALIEBE (09-03-2017 22:35:03)
Gestartet von C:\Users\Bianka\Desktop
Geladene Profile: Bianka (Verfügbare Profile: Bianka)
Platform: Windows 8.1 Connected (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Intel(R) Corporation) C:\Program Files\Intel Corporation\Intel(R) Technology Access\LegacyCsLoaderService.exe
(Intel(R) Corporation) C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMSvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Malwarebytes) E:\Programme\Malwarebytes\Anti-Malware\MBAMService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMEvent.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMLockHandler.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Quick Access\QASvc.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Quick Access\QAEvent.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMTray.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Quick Access\QAMsg.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\VSCore_15_6\mcapexe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(Malwarebytes) E:\Programme\Malwarebytes\Anti-Malware\mbamtray.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerWinMonitor.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\2.3.290.0\McCSPServiceHost.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Quick Access\RMSvc.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(acer) C:\Program Files\Packard Bell\User Experience Improvement Program\Framework\UBTService.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.EXE
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
(McAfee, Inc.) C:\Program Files\McAfee\VUL\McVulCtr.exe
(McAfee, Inc.) C:\Program Files\McAfee\VUL\McVulAlert.exe
(McAfee, Inc.) C:\Program Files\McAfee\VirusScan\McVsShld.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\Core\mchost.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672664 2014-06-30] (Realtek Semiconductor)
HKLM\...\Run: [Malwarebytes TrayApp] => E:\PROGRAMME\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2014-04-29] (Atheros Communications)
HKU\S-1-5-21-3939777714-882395854-1159617953-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27427808 2017-02-08] (Skype Technologies S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2016-08-26]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk [2014-11-21]
ShortcutTarget: Install LastPass FF RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk [2014-11-21]
ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe ()

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{C2DD1DA6-5C52-4B22-9AD4-AEFFB5517783}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{FDA7EFCC-8D4F-4528-998E-4C644058C139}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3939777714-882395854-1159617953-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
HKU\S-1-5-21-3939777714-882395854-1159617953-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=APJB
SearchScopes: HKU\S-1-5-21-3939777714-882395854-1159617953-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3939777714-882395854-1159617953-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3939777714-882395854-1159617953-1001 -> {69142CA1-E7F5-4C54-A9B4-81E7F99E8A45} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=B011DE453D20141008&p={SearchTerms}
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2014-11-21] (LastPass)
BHO: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll [2014-11-21] (LastPass)
BHO-x32: McAfee WebAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll [2014-11-21] (LastPass)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll [2014-11-21] (LastPass)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2017-02-22] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll [2017-02-10] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2017-02-10] (McAfee, Inc.)

FireFox:
========
FF ProfilePath: C:\Users\Bianka\AppData\Roaming\Mozilla\Firefox\Profiles\2ptrwtj5.default [2017-03-08]
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\2ptrwtj5.default -> Sichere Suche
FF Homepage: Mozilla\Firefox\Profiles\2ptrwtj5.default -> hxxp://google.de/
FF Keyword.URL: Mozilla\Firefox\Profiles\2ptrwtj5.default -> hxxps://de.search.yahoo.com/search?fr=mcafee&type=C111DE453D20141008&p=
FF Extension: (LastPass) - C:\Users\Bianka\AppData\Roaming\Mozilla\Firefox\Profiles\2ptrwtj5.default\Extensions\support@lastpass.com [2015-09-24]
FF Extension: (Video DownloadHelper) - C:\Users\Bianka\AppData\Roaming\Mozilla\Firefox\Profiles\2ptrwtj5.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-09-20]
FF Extension: (McAfee WebAdvisor) - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2016-05-24]
FF SearchPlugin: C:\Users\Bianka\AppData\Roaming\Mozilla\Firefox\Profiles\2ptrwtj5.default\searchplugins\McSiteAdvisor.xml [2017-03-05]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2017-02-17] [ist nicht signiert]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2015-08-02]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-02-15] ()
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2014-11-21] (LastPass)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2017-02-10] ()
FF Plugin: @videolan.org/vlc,version=2.1.5 -> E:\Programme\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-15] ()
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll [2014-11-21] (LastPass)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2017-02-10] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-03-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-03-05] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3939777714-882395854-1159617953-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Bianka\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2016-08-31] (Citrix Online)
FF Plugin HKU\S-1-5-21-3939777714-882395854-1159617953-1001: @zoom.us/ZoomVideoPlugin -> C:\Users\Bianka\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2017-02-28] (Zoom Video Communications, Inc.)

Chrome: 
=======
CHR Profile: C:\Users\Bianka\AppData\Local\Google\Chrome\User Data\Default [2017-03-09]
CHR Extension: (Kein Name) - C:\Users\Bianka\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-03-05]
CHR Extension: (Kein Name) - C:\Users\Bianka\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-05]
CHR Extension: (ColorZilla) - C:\Users\Bianka\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhlhnicpbhignbdhedgjhgdocnmhomnp [2017-03-05]
CHR Extension: (Kein Name) - C:\Users\Bianka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-05]
CHR Extension: (Kein Name) - C:\Users\Bianka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-03-05]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\Bianka\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2017-03-05]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Bianka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-05]
CHR Extension: (Kein Name) - C:\Users\Bianka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-05]
CHR Extension: (Chrome Media Router) - C:\Users\Bianka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-03-05]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-04-27]
CHR HKLM\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3939777714-882395854-1159617953-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-04-27]
CHR HKLM-x32\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx

Opera: 
=======
StartMenuInternet: (HKLM) OperaStable - E:\Programme\Opera\Launcher.exe

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [319104 2014-04-29] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert]
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [3053312 2014-06-26] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [2573032 2014-06-12] (Acer Incorporated)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Datei ist nicht signiert]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315376 2014-06-09] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-01] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-01] (Intel(R) Corporation)
R2 Intel(R) Technology Access Legacy CS Loader; C:\Program Files\Intel Corporation\Intel(R) Technology Access\LegacyCsLoaderService.exe [144128 2015-07-31] (Intel(R) Corporation)
R2 Intel(R) TechnologyAccessService; C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe [481536 2015-07-31] (Intel(R) Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel Corporation)
R2 LMSvc; C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMSvc.exe [466664 2014-06-10] (Acer Incorporate)
R2 MBAMService; E:\Programme\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [188352 2017-02-22] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_15_6\McApExe.exe [989632 2017-01-23] (McAfee, Inc.)
R2 McBootDelayStartSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\2.3.290.0\\McCSPServiceHost.exe [2054080 2017-02-04] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [1342904 2017-02-01] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [241040 2016-11-14] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [383032 2016-11-14] (McAfee, Inc.)
R3 mfevtp; C:\Windows\system32\mfevtps.exe [342768 2016-11-14] (McAfee, Inc.)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1465840 2016-12-22] (McAfee, Inc.)
S3 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [641520 2016-12-09] (McAfee, Inc.)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1104304 2016-11-15] (Intel Security, Inc.)
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R3 QASvc; C:\Program Files\Packard Bell\Packard Bell Quick Access\QASvc.exe [458984 2014-06-26] (Acer Incorporate)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 RMSvc; C:\Program Files\Packard Bell\Packard Bell Quick Access\RMSvc.exe [449768 2014-06-26] (Acer Incorporate)
R3 UEIPSvc; C:\Program Files\Packard Bell\User Experience Improvement Program\Framework\UBTService.exe [233216 2014-06-23] (acer)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S3 Intel(R) TA SAM; "C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3893248 2014-04-02] (Qualcomm Atheros Communications, Inc.)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-04-29] (Qualcomm Atheros)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [88456 2016-11-18] (McAfee, Inc.)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 GPIO; C:\Windows\System32\drivers\iaiogpioe.sys [31232 2014-06-09] (Intel Corporation)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [216704 2016-08-02] (McAfee, Inc.)
R3 iaioi2c; C:\Windows\System32\drivers\iaioi2ce.sys [69632 2014-06-09] (Intel Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [251840 2017-03-09] (Malwarebytes)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [484576 2016-11-18] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [366320 2016-11-18] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [85048 2016-11-18] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [518184 2016-11-18] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [916432 2016-11-18] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [498152 2016-10-24] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [109336 2016-10-24] (McAfee, Inc.)
R3 mfeplk; C:\Windows\System32\drivers\mfeplk.sys [110248 2016-11-18] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [46240 2016-06-06] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [254800 2016-11-18] (McAfee, Inc.)
R1 ndisrd; C:\Windows\system32\DRIVERS\ndisrfl.sys [41688 2015-04-30] (Intel Corporation)
R3 NetTap630; C:\Windows\system32\DRIVERS\nettap630.sys [67800 2015-04-30] (Intel Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [88592 2014-01-15] (Intel Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-09 22:24 - 2017-03-09 22:33 - 00000000 ____D C:\ProgramData\HitmanPro
2017-03-09 20:02 - 2017-03-09 20:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2017-03-09 19:33 - 2017-03-09 21:14 - 00003860 _____ C:\Windows\System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse
2017-03-09 19:33 - 2017-03-09 19:33 - 00004034 _____ C:\Windows\System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse
2017-03-09 17:16 - 2017-03-09 17:15 - 11581544 _____ (SurfRight B.V.) C:\Users\Bianka\Desktop\HitmanPro_x64.exe
2017-03-09 17:16 - 2017-03-09 17:10 - 00000136 _____ C:\Users\Bianka\Desktop\Schritt1_neu.txt
2017-03-08 22:55 - 2017-03-08 23:12 - 00009856 _____ C:\Users\Bianka\Desktop\SystemLook.txt
2017-03-08 22:54 - 2017-03-08 22:38 - 00165376 _____ C:\Users\Bianka\Desktop\SystemLook_x64.exe
2017-03-08 22:37 - 2017-03-09 17:19 - 00001342 _____ C:\Users\Bianka\Desktop\Fixlog.txt
2017-03-08 22:37 - 2017-03-08 22:37 - 00000000 ____D C:\Users\Bianka\Desktop\FRST-OlderVersion
2017-03-07 21:49 - 2017-03-07 22:13 - 00000554 _____ C:\Users\Bianka\Desktop\JRT.txt
2017-03-07 21:02 - 2017-03-07 21:17 - 00000000 ____D C:\AdwCleaner
2017-03-07 21:02 - 2017-03-07 21:00 - 01663736 _____ (Malwarebytes) C:\Users\Bianka\Desktop\JRT.exe
2017-03-07 21:02 - 2017-03-07 20:59 - 04031440 _____ C:\Users\Bianka\Desktop\AdwCleaner_6.044.exe
2017-03-07 17:03 - 2017-03-07 17:03 - 00001388 _____ C:\Users\Bianka\Desktop\MBAM Scan2.txt
2017-03-07 17:03 - 2017-03-07 17:03 - 00001247 _____ C:\Users\Bianka\Desktop\MBAM Scan3.txt
2017-03-07 16:47 - 2017-03-07 16:47 - 00003774 _____ C:\Users\Bianka\Desktop\MBAM Scan1.txt
2017-03-06 22:01 - 2017-03-06 22:02 - 00353729 _____ C:\Users\Bianka\Desktop\tdss-Killer.txt
2017-03-06 21:48 - 2017-03-06 23:06 - 00707548 _____ C:\TDSSKiller.3.1.0.12_06.03.2017_21.48.50_log.txt
2017-03-06 21:48 - 2017-03-06 21:14 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Bianka\Desktop\tdsskiller.exe
2017-03-06 21:19 - 2017-03-08 23:16 - 00034934 _____ C:\Users\Bianka\Desktop\Addition.txt
2017-03-06 21:15 - 2017-03-09 22:35 - 00024546 _____ C:\Users\Bianka\Desktop\FRST.txt
2017-03-06 21:14 - 2017-03-09 22:35 - 00000000 ____D C:\FRST
2017-03-06 21:13 - 2017-03-08 22:37 - 02423808 _____ (Farbar) C:\Users\Bianka\Desktop\FRST64.exe
2017-03-05 22:50 - 2017-03-05 23:37 - 00015645 _____ C:\Users\Bianka\Desktop\Brotrezept.odt
2017-03-05 19:30 - 2017-03-05 19:30 - 00002251 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-03-05 19:30 - 2017-03-05 19:30 - 00002239 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-03-05 19:29 - 2017-03-05 19:29 - 00003542 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-03-05 19:29 - 2017-03-05 19:29 - 00003414 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-03-04 13:52 - 2017-03-04 13:52 - 00133640 _____ (Zoom Video Communications, Inc.) C:\Users\Bianka\Downloads\Zoom_launcher (3).exe
2017-03-04 13:52 - 2017-03-04 13:52 - 00000000 ____D C:\Users\Bianka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoom
2017-03-04 00:18 - 2017-03-09 17:21 - 00251840 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-03-04 00:17 - 2017-03-08 09:27 - 00077408 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-03-04 00:17 - 2017-03-04 00:17 - 00000925 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-03-04 00:17 - 2017-03-04 00:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-03-04 00:17 - 2017-03-04 00:17 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-03-03 19:17 - 2017-03-03 19:18 - 01129376 _____ (Google Inc.) C:\Users\Bianka\Downloads\ChromeSetup.exe
2017-03-01 21:25 - 2017-03-01 21:26 - 439608336 _____ C:\Users\Bianka\Downloads\Interview Bianca und Katharina Kongress Lebensfreude zoom_0.mp4
2017-03-01 11:56 - 2017-03-01 11:56 - 00133640 _____ (Zoom Video Communications, Inc.) C:\Users\Bianka\Downloads\Zoom_launcher (2).exe
2017-03-01 11:26 - 2017-03-01 11:26 - 00133640 _____ (Zoom Video Communications, Inc.) C:\Users\Bianka\Downloads\Zoom_launcher (1).exe
2017-03-01 10:29 - 2017-03-06 22:47 - 00000068 _____ C:\Users\Bianka\Desktop\LP.txt
2017-03-01 08:58 - 2017-03-04 14:52 - 00000000 ____D C:\Users\Bianka\Documents\Zoom
2017-03-01 08:52 - 2017-03-04 13:53 - 00001954 _____ C:\Users\Bianka\Desktop\Zoom.lnk
2017-03-01 08:51 - 2017-03-01 08:51 - 00133640 _____ (Zoom Video Communications, Inc.) C:\Users\Bianka\Downloads\Zoom_launcher.exe
2017-02-27 21:19 - 2017-02-27 21:19 - 01629144 _____ (Skype Technologies S.A.) C:\Users\Bianka\Downloads\SkypeSetup.exe
2017-02-26 20:43 - 2017-03-08 11:45 - 00033145 _____ C:\Users\Bianka\Desktop\eBookText (neu).odt
2017-02-25 21:56 - 2017-02-26 17:32 - 00000000 ____D C:\Users\Bianka\Desktop\Pure-Lebensfreude-Online-Kongress
2017-02-25 12:30 - 2017-02-26 22:35 - 00027994 _____ C:\Users\Bianka\Desktop\Whatsapp-Chat.txt
2017-02-24 19:18 - 2017-02-24 19:19 - 00000706 _____ C:\Users\Bianka\Desktop\Onlinekongresserläuterung.txt
2017-02-23 21:59 - 2017-02-23 23:23 - 00000300 _____ C:\Users\Bianka\Desktop\Impressum.txt
2017-02-17 21:51 - 2017-02-17 21:51 - 00046655 _____ C:\Users\Bianka\Downloads\PB_KAZ_KtoNr_0092294801_07-02-2017_0928.pdf
2017-02-15 16:16 - 2017-02-15 22:57 - 00000453 _____ C:\Users\Bianka\Desktop\Karima Stockmann.txt
2017-02-15 13:22 - 2017-02-15 16:16 - 00000274 _____ C:\Users\Bianka\Desktop\Franziska Luschas.txt
2017-02-15 13:10 - 2017-02-19 17:37 - 00000670 _____ C:\Users\Bianka\Desktop\Astrid Kuby.txt
2017-02-15 11:36 - 2017-02-15 13:10 - 00000183 _____ C:\Users\Bianka\Desktop\Berge.txt
2017-02-15 10:05 - 2017-02-15 11:36 - 00000288 _____ C:\Users\Bianka\Desktop\Silvia Maria Engel.txt

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-09 22:34 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf
2017-03-09 22:32 - 2016-08-31 17:57 - 00000696 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-3939777714-882395854-1159617953-1001.job
2017-03-09 22:25 - 2014-11-25 13:47 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-03-09 22:17 - 2016-08-31 17:57 - 00000600 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3939777714-882395854-1159617953-1001.job
2017-03-09 20:41 - 2014-10-08 17:47 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3939777714-882395854-1159617953-1001
2017-03-09 20:30 - 2014-08-10 10:06 - 00765582 _____ C:\Windows\system32\perfh007.dat
2017-03-09 20:30 - 2014-08-10 10:06 - 00159366 _____ C:\Windows\system32\perfc007.dat
2017-03-09 20:30 - 2014-03-18 10:47 - 01776918 _____ C:\Windows\system32\PerfStringBackup.INI
2017-03-09 17:21 - 2015-12-18 17:08 - 03722240 ___SH C:\Users\Bianka\Desktop\Thumbs.db
2017-03-09 17:21 - 2014-10-08 17:45 - 00000000 ___DO C:\Users\Bianka\OneDrive
2017-03-09 17:20 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-03-08 14:25 - 2016-08-31 17:57 - 00003712 _____ C:\Windows\System32\Tasks\G2MUploadTask-S-1-5-21-3939777714-882395854-1159617953-1001
2017-03-08 14:25 - 2016-08-31 17:57 - 00003616 _____ C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-3939777714-882395854-1159617953-1001
2017-03-08 09:26 - 2017-01-03 00:13 - 00022598 _____ C:\Users\Bianka\Desktop\Haushaltsbuch 2017 .ods
2017-03-07 22:32 - 2016-09-14 11:24 - 00000000 ____D C:\Users\Bianka\Desktop\ExpertenBilderZ
2017-03-07 21:41 - 2016-01-30 14:09 - 00000000 ____D C:\Program Files (x86)\McAfee
2017-03-07 20:54 - 2016-10-13 10:56 - 00019543 _____ C:\Users\Bianka\Desktop\Experten,Tel,EMail,Verein.ods
2017-03-06 20:55 - 2016-09-14 11:21 - 00000000 ____D C:\Users\Bianka\Desktop\ExpertenBilderA
2017-03-06 20:54 - 2016-09-14 10:00 - 00000000 ____D C:\Users\Bianka\Desktop\ExpertenBilderBianka
2017-03-06 20:07 - 2016-06-18 11:56 - 00003068 _____ C:\Windows\System32\Tasks\McAfeeLogon
2017-03-06 20:07 - 2016-01-30 14:11 - 00000000 ____D C:\Windows\System32\Tasks\McAfee
2017-03-05 23:53 - 2016-03-19 21:00 - 00000000 ____D C:\Users\Bianka\Desktop\Fotos
2017-03-05 19:30 - 2014-10-08 18:31 - 00000000 ____D C:\Users\Bianka\AppData\Local\Google
2017-03-05 19:29 - 2014-10-08 18:31 - 00000000 ____D C:\Program Files (x86)\Google
2017-03-05 18:54 - 2014-10-08 17:40 - 00000000 ____D C:\Users\Bianka
2017-03-05 15:34 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\NDF
2017-03-05 15:08 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2017-03-05 14:41 - 2014-10-08 17:59 - 00000000 __SHD C:\Users\Bianka\AppData\LocalLow\EmieUserList
2017-03-05 14:41 - 2014-10-08 17:58 - 00000000 __SHD C:\Users\Bianka\AppData\LocalLow\EmieSiteList
2017-03-05 00:08 - 2014-11-05 20:14 - 00000000 ____D C:\Users\Bianka\AppData\Roaming\vlc
2017-03-04 13:52 - 2016-01-19 23:01 - 00000000 ____D C:\Users\Bianka\AppData\Roaming\Zoom
2017-03-04 10:24 - 2014-11-01 18:15 - 00000000 ____D C:\Users\Bianka\AppData\Local\CrashDumps
2017-03-03 20:16 - 2017-01-18 20:49 - 00013932 _____ C:\Users\Bianka\Desktop\RechnungenUmsatzsteuerFA 2016 (neu).ods
2017-03-01 10:17 - 2017-01-20 18:02 - 00000790 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2017-03-01 10:17 - 2014-11-25 10:54 - 00003862 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1416909253
2017-03-01 08:41 - 2016-04-10 17:57 - 00000000 ____D C:\Program Files\Common Files\logishrd
2017-02-28 22:47 - 2016-01-18 11:01 - 00000000 ____D C:\Users\Bianka\AppData\Roaming\Skype
2017-02-28 09:51 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\LiveKernelReports
2017-02-27 21:24 - 2016-01-18 10:59 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-02-27 21:24 - 2016-01-18 10:59 - 00000000 ____D C:\ProgramData\Skype
2017-02-27 20:29 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2017-02-27 20:23 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-02-25 21:54 - 2016-09-21 10:12 - 00001913 _____ C:\Users\Bianka\Desktop\Andre Loibl.txt
2017-02-23 23:30 - 2014-11-24 12:04 - 03101184 ___SH C:\Users\Bianka\Downloads\Thumbs.db
2017-02-23 22:21 - 2014-11-09 21:16 - 00000000 ____D C:\Windows\system32\MRT
2017-02-23 22:16 - 2014-11-09 21:16 - 138020592 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-02-22 23:10 - 2015-05-01 21:23 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-02-22 19:25 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
2017-02-22 19:21 - 2014-10-08 18:30 - 00000000 ____D C:\Users\Bianka\AppData\Local\Deployment
2017-02-22 18:54 - 2014-10-08 17:59 - 00000000 __SHD C:\Users\Bianka\AppData\Local\EmieUserList
2017-02-22 18:54 - 2014-10-08 17:59 - 00000000 __SHD C:\Users\Bianka\AppData\Local\EmieSiteList
2017-02-19 21:58 - 2016-10-26 11:38 - 00015533 _____ C:\Users\Bianka\Desktop\Thomas Schmelzer.txt
2017-02-19 17:55 - 2017-01-22 15:29 - 00000300 _____ C:\Users\Bianka\Desktop\Ina Rudolph.txt
2017-02-17 21:41 - 2016-01-30 14:03 - 00000000 ____D C:\ProgramData\McAfee
2017-02-17 21:40 - 2016-01-30 14:03 - 00000000 ____D C:\Program Files\Common Files\McAfee
2017-02-17 21:40 - 2013-08-22 15:44 - 00377416 _____ C:\Windows\system32\FNTCACHE.DAT
2017-02-15 10:04 - 2017-01-11 13:47 - 00001529 _____ C:\Users\Bianka\Desktop\Ralf senftleben.txt
2017-02-15 08:25 - 2014-11-25 13:47 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-02-15 08:25 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-02-15 08:25 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\Macromed
2017-02-10 22:33 - 2013-08-22 16:36 - 00000000 ___HD C:\Windows\ELAMBKUP
2017-02-09 23:32 - 2016-09-21 09:11 - 00011681 _____ C:\Users\Bianka\Desktop\Recherche Experten.txt

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-11-21 23:42 - 2014-11-21 23:42 - 14147584 _____ () C:\Program Files (x86)\Common Files\lpuninstall.exe
2014-08-10 01:06 - 2014-08-10 01:06 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-08-26 15:56 - 2016-08-26 16:06 - 0000369 _____ () C:\ProgramData\hpzinstall.log

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-03-09 20:41

==================== Ende von FRST.txt ============================
         
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 08-03-2017
durchgeführt von Bianka (09-03-2017 22:36:38)
Gestartet von C:\Users\Bianka\Desktop
Windows 8.1 Connected (Update) (X64) (2014-10-08 16:40:44)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3939777714-882395854-1159617953-500 - Administrator - Disabled)
Bianka (S-1-5-21-3939777714-882395854-1159617953-1001 - Administrator - Enabled) => C:\Users\Bianka
Gast (S-1-5-21-3939777714-882395854-1159617953-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3939777714-882395854-1159617953-1003 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}
FW: McAfee Firewall (Enabled) {B3F62DDF-980B-3470-75A7-407A2E6F58C7}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

4500_G510af_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
4500G510af (x32 Version: 140.0.001.000 - Hewlett-Packard) Hidden
4500G510af_Software_Min (x32 Version: 140.0.001.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 20.0.0.260 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.01.2008.3 - Acer Incorporated)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bing Bar (HKLM-x32\...\{3611CA6C-5FCA-4900-A329-6A118123CCFC}) (Version: 7.1.355.0 - Microsoft Corporation)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Citrix Online Launcher (HKLM-x32\...\{09DA5EE2-7E46-4DC4-96F9-BFEE50D40659}) (Version: 1.0.408 - Citrix)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4917 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.4220 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3914.57 - CyberLink Corp.)
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden
eBay Worldwide (HKLM-x32\...\{91589413-6675-4C27-8AFC-EFB9103B90A5}) (Version: 2.4.0105 - OEM)
Fax (x32 Version: 140.0.307.000 - Hewlett-Packard) Hidden
FileZilla Client 3.23.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.23.0.2 - Tim Kosse)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
GoToMeeting 8.1.0.6519 (HKU\S-1-5-21-3939777714-882395854-1159617953-1001\...\GoToMeeting) (Version: 8.1.0.6519 - CitrixOnline)
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Officejet 4500 G510a-f 14.0 Rel. 6 (HKLM\...\{A49C5804-8F24-433C-99B2-9F9F541090C7}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Support Assistant (HKLM-x32\...\{4780AF24-213D-4187-86F2-0014A6D6077B}) (Version: 8.3.50.9 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{AAE126B3-95C5-49E1-A590-7B5F6EDC7D60}) (Version: 12.5.32.203 - HP Inc.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8101 - Packard Bell)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3574 - Intel Corporation)
Intel(R) Technology Access (HKLM-x32\...\{fb74531f-28c3-4dca-9849-e6b8faa85afe}) (Version: 1.5.0.1021 - Intel Corporation)
Intel(R) Technology Access Software Asset Manager (x32 Version: 1.0.1562 - Intel Corporation) Hidden
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation)
LastPass (Nur deinstallieren) (HKLM-x32\...\LastPass) (Version:  - LastPass)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8100 - Packard Bell)
Malwarebytes Version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
McAfee Internet Security Suite (HKLM-x32\...\MSC) (Version: 14.0.12000 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.235 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0 - Mozilla)
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Opera Stable 43.0.2442.1144 (HKLM-x32\...\Opera 43.0.2442.1144) (Version: 43.0.2442.1144 - Opera Software)
Packard Bell Explorer Agent (HKLM\...\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}) (Version: 2.00.3000 - Packard Bell)
Packard Bell Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8107 - Packard Bell)
Packard Bell Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8105 - Packard Bell)
Packard Bell Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3016.0 - Packard Bell)
Packard Bell Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8108 - Packard Bell)
Packard Bell User Experience Improvement Program App Monitor Plugin (HKLM\...\{978724F6-1863-4DD5-9E66-FB77F5AB5613}) (Version: 1.02.3004 - Packard Bell)
Packard Bell User Experience Improvement Program Framework (HKLM\...\{12A718F2-2357-4D41-9E1F-18583A4745F7}) (Version: 1.02.3004 - Packard Bell)
paint.net (HKLM\...\{6AC1101E-7561-43C9-BEEA-4AB1D220D8FF}) (Version: 4.0.13 - dotPDN LLC)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.322 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.33 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.39059 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.33.529.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7288 - Realtek Semiconductor Corp.)
Saal Design Software (HKLM-x32\...\SaalDesignSoftware) (Version: 4.0 - Saal Digital Fotoservice GmbH)
Saal Design Software (x32 Version: 4.0 - Saal Digital Fotoservice GmbH) Hidden
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype™ 7.32 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.104 - Skype Technologies S.A.)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Spotify (HKLM-x32\...\Spotify) (Version: 0.9.6.81.gd359a796 - Spotify AB)
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
WinRAR 5.40 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Zoom (HKU\S-1-5-21-3939777714-882395854-1159617953-1001\...\ZoomUMX) (Version: 4.0 - Zoom Video Communications, Inc.)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3939777714-882395854-1159617953-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3939777714-882395854-1159617953-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Bianka\AppData\Local\Citrix\GoToMeeting\5808\G2MOutlookAddin64.dll => Keine Datei

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {05690C2D-2462-4329-A6BA-2BE6B7928391} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Packard Bell\Packard Bell Recovery Management\Notification\Notification.exe [2014-06-17] (Acer Incorporated)
Task: {085E5887-7694-4C67-B066-07CA7CF7D58F} - System32\Tasks\G2MUpdateTask-S-1-5-21-3939777714-882395854-1159617953-1001 => C:\Users\Bianka\AppData\Local\Citrix\GoToMeeting\6519\g2mupdate.exe [2017-03-08] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {106706D0-E476-400D-B4AD-2DC7B9C94E25} - System32\Tasks\UbtFrameworkService => C:\Program Files\Packard Bell\User Experience Improvement Program\Framework\TriggerFramework.exe [2014-03-12] (TODO: <Company name>)
Task: {1A46170F-14F7-41FE-8E2B-E06FC3306809} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-12-07] (HP Inc.)
Task: {312CDB5A-4AC9-43C4-B4AC-C1ED6DDB1547} - System32\Tasks\IntelTA-Upgrade-56460984-97c2-4bc7-a632-d776cf817f5d => C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe 
Task: {312E43F1-DFFC-4E8B-80E0-1B5A9E39B030} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [2016-12-09] (McAfee, Inc.)
Task: {46C1FA8A-EAC0-4ECB-B5D6-3E90F05B0D75} - System32\Tasks\IntelTA-Upgrade-56460984-97c2-4bc7-a632-d776cf817f5d-Logon => C:\Program Files (x86)\Intel Corporation\Intel(R) Technology Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe 
Task: {47FC67FC-9211-4ADE-9B00-4B50628B3137} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {48CA9C9E-B3DB-4B8B-9370-BD1AE7BE8A6B} - System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.50.1291.1\mcdatrep.exe [2017-02-10] (McAfee, Inc.)
Task: {6D5036F1-FF73-47A9-88E3-C0C28EB11624} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2016-12-06] (HP Inc.)
Task: {6E83697B-11FB-4B17-8751-0E153CCBE470} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)
Task: {86377B76-DC30-4084-97F1-4460C9CF88AA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {90AA8809-AAB5-4716-B4FE-8FB10A69AF5C} - System32\Tasks\Launch Manager => C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMLauncher.exe [2014-06-10] (Acer Incorporate)
Task: {95B08CAA-FBA7-4CB9-B5B4-6BE5D88E732A} - System32\Tasks\Intel Security DAT Reputation (AMCore) periodic endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.50.1291.1\mcdatrep.exe [2017-02-10] (McAfee, Inc.)
Task: {9724304D-AEFF-4334-866A-49DD98ECC1FA} - System32\Tasks\Quick Access => C:\Program Files\Packard Bell\Packard Bell Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {AD342E15-C9E1-4F7F-B358-57EF5D892E15} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {B4BCE3D4-CB4C-4036-AD11-1EE7A571446D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-05] (Google Inc.)
Task: {B6CF8580-93B8-4991-A681-07047CD3D3D0} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {B924DBF1-6776-4110-AE67-4F92EA42C3C8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2017-02-23] (Microsoft Corporation)
Task: {B9635281-C472-4AE6-94D6-81F6E3902874} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Packard Bell\Packard Bell Quick Access\QALauncher.exe [2014-06-26] (Acer Incorporate)
Task: {D18E474C-2E57-48E5-AC50-9933F3194224} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-05] (Google Inc.)
Task: {D3C088AF-18A5-416B-B125-25A93C6FE4F3} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {D8F6BBFF-8454-4137-9B0C-E4E62002B90A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {E00F7476-48BF-48F8-A325-B88AD2C2BBFA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)
Task: {E5123DAA-931C-44A6-B9AE-C3351D3D8FF3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-15] (Adobe Systems Incorporated)
Task: {E79B1364-B9CB-42DA-886A-D57ECC9BA405} - System32\Tasks\G2MUploadTask-S-1-5-21-3939777714-882395854-1159617953-1001 => C:\Users\Bianka\AppData\Local\Citrix\GoToMeeting\6519\g2mupload.exe [2017-03-08] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {EB873949-AEBC-4FE8-8C95-39E517C105FE} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Packard Bell\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {EBDA2E4D-7745-4035-86B1-6AD1ED378541} - System32\Tasks\ALU => C:\Program Files (x86)\Packard Bell\Live Updater\updater.exe [2013-07-08] ()
Task: {EC753DFA-E68E-4D00-B974-D5C75CCCE682} - System32\Tasks\Power Management => C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTrayLauncher.exe [2014-06-12] (Acer Incorporated)
Task: {F2091015-81A7-496C-937F-94BD68A461E3} - System32\Tasks\Opera scheduled Autoupdate 1416909253 => E:\Programme\Opera\launcher.exe [2017-02-27] (Opera Software)
Task: {F33E1F55-808A-4E9E-9A4E-A30E6B322DB8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-06] (HP Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3939777714-882395854-1159617953-1001.job => C:\Users\Bianka\AppData\Local\Citrix\GoToMeeting\6519\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-3939777714-882395854-1159617953-1001.job => C:\Users\Bianka\AppData\Local\Citrix\GoToMeeting\6519\g2mupload.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-07-07 10:44 - 2015-07-07 10:44 - 00088064 _____ () C:\Program Files\Intel Corporation\Intel(R) Technology Access\libglog.dll
2015-07-07 12:41 - 2015-07-07 12:41 - 01793280 _____ () C:\Program Files\Intel Corporation\Intel(R) Technology Access\cpprest120_1_4.dll
2015-07-07 12:41 - 2015-07-07 12:41 - 00354560 _____ () C:\Program Files\Intel Corporation\Intel(R) Technology Access\JsonCpp.dll
2014-08-10 01:34 - 2012-04-24 11:43 - 00254512 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2017-03-04 00:17 - 2017-03-08 09:27 - 02264352 _____ () E:\PROGRAMME\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2014-08-10 01:43 - 2014-01-03 13:13 - 00111872 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
2016-12-06 17:17 - 2016-12-06 17:17 - 00052400 _____ () E:\Programme\FileZilla\fzshellext_64.dll
2014-04-29 01:38 - 2014-04-29 01:38 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2014-04-29 01:35 - 2014-04-29 01:35 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2014-04-29 01:42 - 2014-04-29 01:42 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3939777714-882395854-1159617953-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Bianka\Pictures\09_15_P5090046.JPG
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKU\S-1-5-21-3939777714-882395854-1159617953-1001\...\StartupApproved\Run: => "Skype"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Wiederherstellungspunkte =========================

22-02-2017 19:23:43 Windows Update
05-03-2017 18:00:06 Geplanter Prüfpunkt
07-03-2017 21:44:10 JRT Pre-Junkware Removal
07-03-2017 22:10:00 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (03/09/2017 10:19:23 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (03/09/2017 10:18:07 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (03/09/2017 10:17:18 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\eset\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (03/09/2017 05:26:17 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (03/09/2017 05:25:15 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (03/09/2017 05:24:32 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Bianka\Desktop\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (03/09/2017 05:24:29 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Bianka\Desktop\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (03/09/2017 05:24:08 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Bianka\Desktop\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (03/09/2017 05:24:08 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Bianka\Desktop\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (03/09/2017 05:16:36 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Bianka\Desktop\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.


Systemfehler:
=============
Error: (03/09/2017 07:55:33 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Erkennung interaktiver Dienste" wurde mit folgendem Fehler beendet: 
Unzulässige Funktion.

Error: (03/09/2017 05:25:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (03/09/2017 05:25:51 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Bianka\AppData\Local\Temp\ehdrv.sys

Error: (03/09/2017 05:25:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (03/09/2017 05:25:50 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Bianka\AppData\Local\Temp\ehdrv.sys

Error: (03/09/2017 05:25:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Treiber konnte nicht geladen werden.

Error: (03/09/2017 05:25:50 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Bianka\AppData\Local\Temp\ehdrv.sys

Error: (03/09/2017 05:23:14 PM) (Source: DCOM) (EventID: 10010) (User: JENSBIANKALIEBE)
Description: Der Server "{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (03/09/2017 05:19:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (03/09/2017 05:19:50 PM) (Source: DCOM) (EventID: 10010) (User: JENSBIANKALIEBE)
Description: Der Server "{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Celeron(R) CPU N2840 @ 2.16GHz
Prozentuale Nutzung des RAM: 37%
Installierter physikalischer RAM: 3977.98 MB
Verfügbarer physikalischer RAM: 2494.69 MB
Summe virtueller Speicher: 5321.98 MB
Verfügbarer virtueller Speicher: 3585.75 MB

==================== Laufwerke ================================

Drive c: (Packard Bell) (Fixed) (Total:205.07 GB) (Free:148.74 GB) NTFS
Drive e: (Volume) (Fixed) (Total:244.14 GB) (Free:66.35 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: B4119404)

Partition: GPT.

==================== Ende von Addition.txt ============================
         

Antwort

Themen zu Trojan.Injector.MSIL in Quarantäne, trotzdem funktioniert Google Chrome nicht
bedrohungen, chrome, chrome startet nicht, frage, funktionier, funktioniert, gefunde, google, google chrome, googlen, immer wieder, kostenlose, laptop, mailware, mcafee, neuinstallation, nichts, quarantäne, rechner, scan, sichere, start, troja, trojan.injector.msil, trojanerboard, version, virenscan



Ähnliche Themen: Trojan.Injector.MSIL in Quarantäne, trotzdem funktioniert Google Chrome nicht


  1. free Avira meldet TR/Dropper.Gen8 und TR/MSIL.Androm.lasfo auf altem Vista Laptop - reicht verschieben in Quarantäne?
    Plagegeister aller Art und deren Bekämpfung - 26.04.2016 (15)
  2. Win 7 - MSIL/Injector.YT in AutoKMS.exe
    Log-Analyse und Auswertung - 05.02.2016 (15)
  3. Windows 7, Trojan.Injector.MSIL in C:\Users\ev\AppData\Local\Temp\DMR\dmr_72.exe durch Malwarebytes erkannt
    Log-Analyse und Auswertung - 11.01.2016 (13)
  4. W7: MBAM meldet Trojan.Injector.MSIL / nach Löschen der Datei keine Funde mehr
    Plagegeister aller Art und deren Bekämpfung - 01.01.2016 (6)
  5. Avira findet seit Tagen db29.exe, In Quarantäne verschieben funktioniert nicht, Programm lässt sich nicht löschen
    Log-Analyse und Auswertung - 20.02.2015 (12)
  6. Windows 7: Avira hat TR/Dropper.MSIL.Gen beim installieren eines Programmes entdeckt, wurde in Quarantäne verschoben
    Log-Analyse und Auswertung - 19.02.2015 (19)
  7. Google Chrome funktioniert nicht mehr (nach "Positive finds"-Malwarebekämpfung)
    Plagegeister aller Art und deren Bekämpfung - 01.02.2015 (11)
  8. Mozilla Google chrome funktioniert nicht, viele Fenster ploppen auf, mein Antivir ist ziemlich beschäftigt
    Plagegeister aller Art und deren Bekämpfung - 18.09.2014 (33)
  9. Quarantäne Funde: 42x APPL/Linkury.Gen2, 1x TR/Dropper,MSIL.Gen
    Plagegeister aller Art und deren Bekämpfung - 25.08.2014 (17)
  10. kurz nach google chrome start funktioniert Internetverbindung teilweise nicht mehr
    Plagegeister aller Art und deren Bekämpfung - 18.02.2014 (6)
  11. Trojanische Pferd TR/Injector.OH von Avira gefunden und in Quarantäne verschoben
    Plagegeister aller Art und deren Bekämpfung - 30.06.2013 (2)
  12. TR/Dropper.MSIL.Gen mit Antivir in Quarantäne.Prolem gelöst?
    Plagegeister aller Art und deren Bekämpfung - 18.07.2012 (9)
  13. win32 injector. >scan über boot cd von kaspersky und jetzt: Quarantäne oder Löschen?
    Plagegeister aller Art und deren Bekämpfung - 16.07.2012 (1)
  14. VirTool: MSIL/Injector.gen!W
    Log-Analyse und Auswertung - 11.10.2011 (3)
  15. Combofix ausgeführt, weil mein Google Chrome nicht mehr funktioniert hat
    Log-Analyse und Auswertung - 26.09.2010 (1)
  16. TR/Click.Yabector.B.48 auf meinem PC aufgetaucht!in quarantäne verschoben,pc spinnt trotzdem.icq fun
    Plagegeister aller Art und deren Bekämpfung - 11.08.2010 (3)
  17. Trojan Horse? Sicherheitscenterdeaktiviert, google funktioniert nicht mehr!
    Log-Analyse und Auswertung - 20.01.2010 (29)

Zum Thema Trojan.Injector.MSIL in Quarantäne, trotzdem funktioniert Google Chrome nicht - Hallo Trojanerboard, ich sichere meinen Laptop ständig mit dem McAfee Virenscanner. Er findet keine Bedrohung. Am 02.03. ging Google Chrome nicht mehr. Es hat sich nach dem Start immer wieder - Trojan.Injector.MSIL in Quarantäne, trotzdem funktioniert Google Chrome nicht...
Archiv
Du betrachtest: Trojan.Injector.MSIL in Quarantäne, trotzdem funktioniert Google Chrome nicht auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.