| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Gerätemanager leer/ Email Account sendet Spam, etc.Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
06.03.2015, 12:40
| #1 |
 |  Gerätemanager leer/ Email Account sendet Spam, etc. Hallo beisammen  ,ich habe folgende(s) Problem(e): -Gerätemanager zeigt absolut nichts -neue Hardware läßt sich nicht installieren bzw. wird nicht erkannt, ist nicht benutzbar -(z.B: Mikrofon hat Aussetzer, etwa skype so kaum nutzbar. So kam ich auf die Idee im Gerätemanager zu schauen...keine Ahnung ob das evtl. auch mit Schadsoftware zu tun haben könnte) -Email- Account sendet Spam unter meinem Namen. Sehr unangenehm und offenbar nicht abzustellen. Passiert immer wieder trotz häufiger Änderung des Passwortes. Account selbst zeigt keine Anzeichen, gehackt worden zu sein (Zugriffs- IP's okay, keine Änderungen à la alternative Absenderadressen/ Telefonnummern, im Postausgang keine Kopie der Spams. Könnte sein dass 'nur' meine Adresse als gefälschter Absender verwendet wird(?) Avast findet nichts, habe auch schonmal Malwarebytes laufen lassen, ebf. negativ. Spybot fand allerdings alles mögliche, allerdings auch Sachen wie den altbekannten incredibar, mit dem ich nun gerade keine Probleme habe- deshalb habe ich dem wenig Glauben geschenkt und also nicht bezahlt ums zu reparieren  Zum Gerätemanager: Plug & Play/ Enum okay, ich war drauf und dran Windows Repair zu versuchen, was allerdings empfiehlt, erst nach Schadsoftware zu suchen... hier bin ich nun bin letztlich nicht sicher, aber weist das nicht alles auf Beifahrer hin? Tausend Dank für eure Hilfe!  PS: bitte schonmal um Nachsicht für evtl. doofe Rückfragen... kann zwar rechnen, allerdings nicht besonders mit 0 und 1  bemühe mich aberPPS: System: Lenovo Thinkpad S430, Windows 7, service Pack 1 inst., 64bit, Intel Core i5 3210M 2,5 GHz Geändert von enries (06.03.2015 um 13:07 Uhr) |
|
06.03.2015, 13:07
| #2 |
| /// the machine /// TB-Ausbilder    | Gerätemanager leer/ Email Account sendet Spam, etc. hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
06.03.2015, 13:32
| #3 |
| | Gerätemanager leer/ Email Account sendet Spam, etc. Hallo Schrauber,
__________________vielen Dank für die schnelle Rückmeldung !Hoffe ich mach das so richtig: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-03-2015 01
Ran by helmet (administrator) on HELMETHEAD on 06-03-2015 13:15:26
Running from C:\Users\helmet\Desktop
Loaded Profiles: UpdatusUser & helmet (Available profiles: UpdatusUser & helmet & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AuthenTec, Inc) C:\Program Files\Lenovo Fingerprint Reader\TrueSuiteService.exe
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Diskeeper Corporation) C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe
(Lenovo) C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
(OLYMPUS IMAGING CORP.) C:\Program Files (x86)\Olympus\DeviceDetector\DevDtct2.exe
(Ricoh co.,Ltd.) C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe
() C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(AuthenTec Inc.) C:\Program Files\Lenovo Fingerprint Reader\TouchControl.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(AuthenTec Inc.) C:\Program Files\Lenovo Fingerprint Reader\x86\BioMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe
() C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [177936 2012-02-17] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12476520 2012-04-10] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1158248 2012-03-09] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2881336 2012-06-19] (Synaptics Incorporated)
HKLM\...\Run: [TpShocks] => C:\Windows\system32\TpShocks.exe [382528 2012-02-24] (Lenovo.)
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [290160 2012-06-01] (Lenovo Group Limited)
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133400 2012-02-29] (Intel Corporation)
HKLM-x32\...\Run: [RotateImage] => C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [55808 2008-10-30] (Ricoh co.,Ltd.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation)
HKLM-x32\...\Run: [PWMTRV] => rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [507744 2011-12-20] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [Fastboot] => C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe [1091376 2012-01-17] (Lenovo)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [Lenovo Registration] => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [4351712 2011-07-13] (Lenovo, Inc.)
HKLM-x32\...\Run: [IntelSBA] => C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe [4243168 2012-04-23] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-28] (AVAST Software)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3682643822-3095847663-2694490375-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-10-19] (Google Inc.)
HKU\S-1-5-21-3682643822-3095847663-2694490375-1001\...\Run: [] => [X]
HKU\S-1-5-21-3682643822-3095847663-2694490375-1001\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1090912 2013-04-19] (Nokia)
HKU\S-1-5-21-3682643822-3095847663-2694490375-1001\...\MountPoints2: {abb647f5-1978-11e2-a9bb-806e6f6e6963} - Q:\LenovoQDrive.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [260928 2012-02-07] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [215360 2012-02-07] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Device Detector 3.lnk
ShortcutTarget: Device Detector 3.lnk -> C:\Program Files (x86)\Olympus\DeviceDetector\DevDtct2.exe (OLYMPUS IMAGING CORP.)
Startup: C:\Users\helmet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKU\S-1-5-21-3682643822-3095847663-2694490375-1001\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-3682643822-3095847663-2694490375-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP
HKU\S-1-5-21-3682643822-3095847663-2694490375-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP
HKU\S-1-5-21-3682643822-3095847663-2694490375-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad
HKU\S-1-5-21-3682643822-3095847663-2694490375-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/welcome/thinkpad
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3682643822-3095847663-2694490375-1001 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENP_deDE533
SearchScopes: HKU\S-1-5-21-3682643822-3095847663-2694490375-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENP_deDE533
BHO: TrueSuite Browser Helper Object -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files\Lenovo Fingerprint Reader\IEBHO.DLL (AuthenTec Inc.)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO-x32: TrueSuite Browser Helper Object -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files\Lenovo Fingerprint Reader\x86\IEBHO.dll (AuthenTec Inc.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll (Symantec Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-3682643822-3095847663-2694490375-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Hosts: 74.208.10.249 gs.apple.com
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro PDF\Professional 7\npnitromozilla.dll ( )
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [pluswinks@PlusWinks] - C:\Users\helmet\AppData\Roaming\Mozilla\Extensions\pluswinks@PlusWinks
FF Extension: Smiley Bar for Facebook - C:\Users\helmet\AppData\Roaming\Mozilla\Extensions\pluswinks@PlusWinks [2013-06-02]
FF HKLM-x32\...\Firefox\Extensions: [speedanalysis02@SpeedAnalysis.com] - C:\Users\helmet\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com
FF Extension: Speed Analysis 2 - C:\Users\helmet\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com [2013-06-02]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-05-28]
FF HKLM-x32\...\Firefox\Extensions: [VIP5X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client
FF Extension: Symantec VIP Access Add-On - C:\Program Files (x86)\Symantec\VIP Access Client [2012-10-19]
FF HKU\S-1-5-21-3682643822-3095847663-2694490375-1001\...\Firefox\Extensions: [pluswinks@PlusWinks] - C:\Users\helmet\AppData\Roaming\Mozilla\Extensions\pluswinks@PlusWinks
FF HKU\S-1-5-21-3682643822-3095847663-2694490375-1001\...\Firefox\Extensions: [speedanalysis02@SpeedAnalysis.com] - C:\Users\helmet\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP
CHR StartupUrls: Default -> "hxxp://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP"
CHR Profile: C:\Users\helmet\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\helmet\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-03]
CHR Extension: (AdBlock) - C:\Users\helmet\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-03-07]
CHR Extension: (Avast Online Security) - C:\Users\helmet\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-07-25]
CHR Extension: (Google Wallet) - C:\Users\helmet\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-04]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx [2014-08-07]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-26]
CHR HKLM-x32\...\Chrome\Extension: [mocblcnaofikinigmceddfghppkkjbog] - C:\Users\helmet\AppData\Roaming\PlusWinks\PlusWinks.crx [2013-03-20]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-26] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-11-26] (Avast Software)
R2 ExpressCache; C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe [79664 2012-03-30] (Diskeeper Corporation)
R2 FastbootService; C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe [169776 2012-01-17] (Lenovo)
R2 FPLService; C:\Program Files\Lenovo Fingerprint Reader\TrueSuiteService.exe [328552 2012-06-06] (AuthenTec, Inc)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-02-29] ()
R2 Intel(R) Small Business Advantage; C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [46816 2012-04-23] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-29] (Intel Corporation)
R2 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [179568 2012-06-01] (Lenovo Group Limited)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [133992 2011-07-12] (Lenovo Group Limited)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2012-02-26] ()
R2 NitroDriverReadSpool2; C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe [216072 2012-05-23] (Nitro PDF Software)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [24120 2014-02-21] ()
R2 VIPAppService; C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe [84080 2012-04-18] (Symantec Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2669840 2012-02-26] (Intel® Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-26] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-26] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-26] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-26] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-26] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-26] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-11-26] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-26] ()
R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [23344 2012-03-30] (Diskeeper Corporation)
R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [95024 2012-03-30] (Diskeeper Corporation)
S3 Fastboot; C:\Windows\System32\DRIVERS\Fastboot.sys [70416 2012-01-17] (Windows (R) Win 7 DDK provider)
R3 RSP2STOR; C:\Windows\System32\DRIVERS\RtsP2Stor.sys [259688 2011-10-27] (Realtek Semiconductor Corp.)
R3 SmbDrvIntel; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [27448 2012-06-19] (Synaptics Incorporated)
R3 TVTI2C; C:\Windows\System32\DRIVERS\Tvti2c.sys [40248 2011-05-29] (Lenovo Information Product(ShenZhen China) Inc.)
R3 tvtvcamd; C:\Windows\System32\DRIVERS\tvtvcamd.sys [27432 2011-12-07] (ThinkVantage Communications Utility)
U4 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-11-26] (Avast Software)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-06 13:15 - 2015-03-06 13:16 - 00025528 _____ () C:\Users\helmet\Desktop\FRST.txt
2015-03-06 13:13 - 2015-03-06 13:15 - 00000000 ____D () C:\FRST
2015-03-06 13:11 - 2015-03-06 13:11 - 02092544 _____ (Farbar) C:\Users\helmet\Desktop\FRST64.exe
2015-03-06 11:35 - 2015-03-06 11:35 - 00000000 ____D () C:\Users\helmet\Downloads\tweaking.com_windows_repair_aio
2015-03-06 11:34 - 2015-03-06 11:34 - 09668500 _____ () C:\Users\helmet\Downloads\tweaking.com_windows_repair_aio.zip
2015-03-06 10:21 - 2015-03-06 10:21 - 00139673 _____ () C:\Users\helmet\Desktop\123test.wma
2015-02-27 03:01 - 2015-01-09 00:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-27 03:01 - 2015-01-09 00:43 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-02-24 21:36 - 2015-02-24 21:36 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-02-24 21:36 - 2015-02-24 21:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-02-21 22:59 - 2015-01-09 04:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-02-21 22:59 - 2015-01-09 04:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-02-21 22:59 - 2015-01-09 04:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-02-21 22:59 - 2015-01-09 03:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-02-12 21:18 - 2015-01-23 05:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-12 21:18 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-12 21:18 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-12 21:18 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-10 22:46 - 2015-01-14 06:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-10 22:46 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-10 22:46 - 2015-01-12 04:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-10 22:46 - 2015-01-12 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-10 22:46 - 2015-01-12 03:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-10 22:46 - 2015-01-12 03:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-10 22:46 - 2015-01-12 03:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-10 22:46 - 2015-01-12 03:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-10 22:46 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-10 22:46 - 2015-01-12 03:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-10 22:46 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-10 22:46 - 2015-01-12 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-10 22:46 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-10 22:46 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-10 22:46 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-10 22:46 - 2015-01-12 03:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-10 22:46 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-10 22:46 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-10 22:46 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-10 22:46 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-10 22:46 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-10 22:46 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-10 22:46 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-10 22:46 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-10 22:46 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-10 22:46 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-10 22:46 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-10 22:46 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-10 22:46 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-10 22:46 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-10 22:46 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-10 22:46 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-10 22:46 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-10 22:46 - 2015-01-10 07:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-10 22:46 - 2015-01-10 07:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-10 22:46 - 2015-01-10 07:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-10 22:46 - 2015-01-10 07:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-10 22:46 - 2015-01-10 07:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-10 22:46 - 2015-01-10 07:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-10 22:46 - 2015-01-10 07:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-10 22:46 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-10 22:46 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-02-10 22:46 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-10 22:46 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-02-10 22:46 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-02-10 22:46 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-02-10 22:46 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-02-10 22:45 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-10 22:45 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-10 22:45 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-10 22:45 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-10 22:45 - 2015-01-12 03:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-10 22:45 - 2015-01-12 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-10 22:45 - 2015-01-12 03:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-10 22:45 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-10 22:45 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-10 22:45 - 2015-01-12 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-10 22:45 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-10 22:45 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-10 22:45 - 2015-01-12 02:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-10 22:45 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-10 22:45 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-10 22:45 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-10 22:45 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-02-10 22:45 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-10 22:45 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-10 22:43 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-10 22:43 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-10 22:43 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-10 22:43 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-10 22:43 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-10 22:43 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-10 22:43 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-10 22:43 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-10 22:43 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-10 22:43 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-10 22:43 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-10 22:43 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-02-10 22:43 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-10 22:43 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-02-10 22:43 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-10 22:43 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-02-10 22:43 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-10 22:43 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-10 22:43 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-10 22:43 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-10 22:43 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-10 22:43 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-02-10 22:43 - 2014-07-07 03:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-02-10 22:43 - 2014-07-07 03:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-02-10 22:43 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-02-10 22:43 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-02-10 22:42 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-10 22:42 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-10 22:42 - 2014-10-04 03:10 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-02-10 22:42 - 2014-10-04 02:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-02-10 22:42 - 2014-10-04 02:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-02-10 22:41 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-10 22:41 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-10 22:41 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-10 22:40 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-10 22:40 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-10 22:40 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-10 22:40 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-10 22:40 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-10 22:40 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-10 22:39 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-06 13:12 - 2009-07-14 05:45 - 00031472 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-06 13:12 - 2009-07-14 05:45 - 00031472 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-06 13:08 - 2012-10-19 00:28 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-06 12:50 - 2014-11-26 00:30 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-06 12:43 - 2012-10-19 00:15 - 01280252 _____ () C:\Windows\WindowsUpdate.log
2015-03-06 11:17 - 2013-05-04 19:21 - 00000000 ____D () C:\Users\helmet\AppData\Roaming\Skype
2015-03-06 11:01 - 2012-10-19 00:17 - 00000830 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2015-03-06 09:11 - 2012-10-19 00:28 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-05 22:44 - 2013-04-26 21:19 - 00000000 ____D () C:\Users\helmet\AppData\Roaming\Nitro PDF
2015-03-05 22:42 - 2012-10-19 00:17 - 00000828 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2015-03-05 22:41 - 2014-02-28 08:01 - 00042522 _____ () C:\Windows\setupact.log
2015-03-05 22:41 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-05 02:15 - 2012-10-19 10:01 - 00699682 _____ () C:\Windows\system32\perfh007.dat
2015-03-05 02:15 - 2012-10-19 10:01 - 00149790 _____ () C:\Windows\system32\perfc007.dat
2015-03-05 02:15 - 2009-07-14 06:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-28 09:33 - 2014-03-07 12:53 - 00025764 _____ () C:\Windows\PFRO.log
2015-02-27 23:38 - 2013-12-01 18:16 - 00020565 _____ () C:\Users\helmet\Desktop\Soundmerker.odt
2015-02-27 16:00 - 2013-05-28 21:12 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-02-24 21:36 - 2013-05-04 19:21 - 00002699 _____ () C:\Users\Public\Desktop\Skype.lnk
2015-02-24 21:36 - 2013-05-04 19:21 - 00000000 ____D () C:\ProgramData\Skype
2015-02-23 22:29 - 2014-11-22 16:22 - 00000530 _____ () C:\Users\helmet\Desktop\Rechnungsnummern.txt
2015-02-23 08:14 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing
2015-02-12 21:02 - 2009-07-14 05:45 - 00295768 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-12 07:32 - 2013-07-15 02:00 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-12 07:13 - 2013-05-01 22:45 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-10 08:18 - 2014-09-11 20:34 - 00000000 ____D () C:\ProgramData\Oracle
2015-02-10 08:18 - 2014-09-11 20:33 - 00000000 ____D () C:\Program Files (x86)\Java
2015-02-10 08:17 - 2014-09-11 20:33 - 00272296 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2015-02-10 08:17 - 2014-09-11 20:33 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2015-02-10 08:17 - 2014-09-11 20:33 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2015-02-10 08:17 - 2014-09-11 20:33 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-02-10 08:17 - 2014-09-11 20:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-02-05 22:02 - 2013-06-05 19:49 - 00000000 ____D () C:\Users\helmet\AppData\Local\CrashDumps
2015-02-05 09:03 - 2012-10-19 00:28 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-05 09:03 - 2012-10-19 00:28 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
==================== Files in the root of some directories =======
2013-04-26 21:13 - 2013-05-05 09:14 - 0004944 _____ () C:\Users\helmet\AppData\Roaming\AbsoluteReminder.xml
Some content of TEMP:
====================
C:\Users\helmet\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\helmet\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\helmet\AppData\Local\Temp\SHSetup.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-02-01 14:53
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-03-2015 01
Ran by helmet at 2015-03-06 13:16:49
Running from C:\Users\helmet\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Absolute Reminder (HKLM-x32\...\{40F4FF7A-B214-4453-B973-080B09CED019}) (Version: 2.0.0.19 - Absolute Software)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 16.0.0.273 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe PDF iFilter 9 for 64-bit platforms (HKLM\...\{5EA12CF3-8162-47F6-ACAF-45AD03EFB08F}) (Version: 9.0.0 - Adobe)
Adobe Reader X (10.1.13) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)
Anzeige am Bildschirm (HKLM\...\OnScreenDisplay) (Version: 6.72.00 - )
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\avast) (Version: 10.0.2208 - AVAST Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
Create Recovery Media (HKLM-x32\...\{50DC5136-21E8-48BC-97E5-1AD055F6B0B6}) (Version: 1.20.0.00 - Lenovo Group Limited)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.7000.11 - Dolby Laboratories Inc)
Energie-Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 6.32 - )
Evernote v. 4.2.3 (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 4.2.3.15 - Evernote Corp.)
ExpressCache (HKLM\...\{2EBEFDA8-F905-4C39-AC1C-D5ABE7B3E0AE}) (Version: 1.0.86 - Diskeeper Corporation)
Fingerprint Reader (HKLM\...\{C5BB9380-D729-410A-A440-061EBCADCCB9}) (Version: 5.4.100.232 - AuthenTec, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.)
Google Drive (HKLM-x32\...\{65EACBB4-B0B8-4A5B-AE46-22DBE15C70B5}) (Version: 1.19.8406.6504 - Google, Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Integrated Camera Driver Installer Package Ver.1.2.1.16 (HKLM-x32\...\{A78800AF-1779-4AE8-8EBE-16E1BE727C71}) (Version: 1.2.1.16 - RICOH)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33057) (Version: 3.6.1.33057.10 - Intel)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.35342 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.3.1427 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2696 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{37EC048A-81A2-452A-8D1F-3BE2018E767D}) (Version: 15.1.0.0096 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{520C4DD4-2BC7-409B-BA48-E1A4F832662D}) (Version: 2.1.0.0140 - Intel Corporation)
Intel(R) Update Manager (x32 Version: 1.0.0.34813 - Intel Corporation) Hidden
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)
Intel(R) WiDi (HKLM-x32\...\{7FCB8D5D-9396-4D17-8CFA-349D6D49CD32}) (Version: 3.0.13.0 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - )
Intel® PROSet/Wireless WiFi-Software (HKLM\...\{E97F409F-9E1C-42A0-B72D-765A78DF3696}) (Version: 15.01.0000.0830 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 1.11 - )
Lenovo Patch Utility (HKLM-x32\...\{6E6E7725-C7BC-4C39-8B3F-14B67331A120}) (Version: 1.3.0.9 - Lenovo Group Limited)
Lenovo Patch Utility 64 bit (HKLM\...\{0369F866-2CE0-4EB9-B426-88FA122C6E82}) (Version: 1.3.0.9 - Lenovo Group Limited)
Lenovo Registration (HKLM-x32\...\{6707C034-ED6B-4B6A-B21F-969B3606FBDE}) (Version: 1.0.4 - Lenovo Inc.)
Lenovo SimpleTap (HKLM\...\{BF601122-9F0A-41A9-BA06-3158D9FB4B80}) (Version: 3.2.0004.00 - Lenovo Group Limited)
Lenovo Solution Center (HKLM\...\{DD00F699-6861-4DCF-A19F-8CF61E5E28ED}) (Version: 1.1.007.00 - Lenovo Group Limited)
Lenovo Solutions for Small Business (HKLM-x32\...\{6A6D86CD-B004-46b7-8951-7BB75A776F8C}) (Version: - Intel(R) Corporation)
Lenovo Solutions for Small Business Customizations (HKLM-x32\...\{5B5DEF99-85E9-423D-A1A3-B83202697B09}) (Version: 1.0.0006.00 - Lenovo Group Limited)
Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.05.0009 - Lenovo)
Lenovo User Guide (HKLM-x32\...\{13F59938-C595-479C-B479-F171AB9AF64F}) (Version: 1.0.0009.00 - Lenovo Group Limited)
Lenovo Warranty Information (HKLM-x32\...\{FD4EC278-C1B1-4496-99ED-C0BE1B0AA521}) (Version: 1.0.0005.00 - Lenovo)
Lenovo Welcome (HKLM-x32\...\{2DC26D10-CC6A-494F-BEA3-B5BC21126D5E}) (Version: 3.1.0020.00 - Lenovo Group Limited)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Message Center Plus (HKLM\...\{3849486C-FF09-4F5D-B491-3E179D58EE15}) (Version: 3.1.0004.00 - Lenovo Group Limited)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 17.0.8 - Mozilla)
Mozilla Thunderbird 17.0.8 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 17.0.8 (x86 de)) (Version: 17.0.8 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nitro Pro 7 (HKLM\...\{36710189-55DF-4D75-8B6A-523CC61B7047}) (Version: 7.4.1.4 - Nitro PDF Software)
Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.8.30.0 - Nokia)
Nokia Suite (x32 Version: 3.8.30.0 - Nokia) Hidden
NVIDIA Grafiktreiber 295.68 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 295.68 - NVIDIA Corporation)
NVIDIA Update 1.7.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.7.12 - NVIDIA Corporation)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
RapidBoot HDD Accelerator (HKLM-x32\...\Fastboot) (Version: 1.00.0802 - Lenovo)
RapidBoot Shield (HKLM\...\{5E2652DF-743F-482B-A593-C95F431A5769}) (Version: 1.23 - Lenovo)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6612 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.29005 - Realtek Semiconductor Corp.)
Skype™ 7.1 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.)
SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.61.90905 - SugarSync, Inc.)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.20935 - TeamViewer)
ThinkPad Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.65.05.20 - )
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.1.4.17 - )
ThinkVantage Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 3.0.34.0 - Lenovo)
ThinkVantage System für aktiven Festplattenschutz (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.76 - Lenovo)
VIP Access (HKLM-x32\...\{E8D46836-CD55-453C-A107-A59EC51CB8DC}) (Version: 2.0.5.13 - VeriSign)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows-Treiberpaket - Intel (iaStor) hdc (02/01/2012 11.1.0.1006) (HKLM\...\1B12F81FD20B1E96876BF8D3E9B41F2BEEB943A0) (Version: 02/01/2012 11.1.0.1006 - Intel)
Windows-Treiberpaket - Lenovo 1.65.05.20 (02/29/2012 1.65.05.20) (HKLM\...\E3535F123E7F666D573665142F90D3E5004DC326) (Version: 02/29/2012 1.65.05.20 - Lenovo)
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
Windows-Treiberpaket - OLYMPUS IMAGING CORP. (VNUSB) VNUSB (09/29/2009 2.0.0.0) (HKLM\...\75BD84FDFF77342C2A347F729669CBD84CE11B04) (Version: 09/29/2009 2.0.0.0 - OLYMPUS IMAGING CORP.)
Windows-Treiberpaket - Synaptics (SmbDrvAMDASF) System (06/21/2012 16.1.4.17) (HKLM\...\A333D414B3783936ED9A3F663498AB82EB07B7A3) (Version: 06/21/2012 16.1.4.17 - Synaptics)
Windows-Treiberpaket - Synaptics (SynTP) Mouse (06/21/2012 16.1.4.17) (HKLM\...\FE61CFFCEFBF4E2D83AE176443D33414275365FC) (Version: 06/21/2012 16.1.4.17 - Synaptics)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
18-11-2014 09:54:32 Windows Update
20-11-2014 07:34:28 Windows Update
22-11-2014 11:16:31 Windows Update
25-11-2014 15:09:11 Windows Update
26-11-2014 00:14:02 avast! antivirus system restore point
11-12-2014 10:48:47 Windows Update
12-12-2014 07:26:35 Windows Update
16-12-2014 21:58:31 Windows Update
18-12-2014 19:28:23 Windows Update
23-12-2014 08:56:10 Windows Update
27-12-2014 11:41:37 Windows Update
30-12-2014 14:12:18 Windows Update
06-01-2015 15:09:28 Windows Update
12-01-2015 01:04:45 Windows Update
19-01-2015 13:18:47 Windows Update
22-01-2015 20:06:25 Windows Update
27-01-2015 20:57:54 Windows Update
04-02-2015 00:03:25 Windows Update
10-02-2015 22:39:51 Windows Update
12-02-2015 07:09:44 Windows Update
12-02-2015 23:01:07 Windows Update
21-02-2015 22:57:53 Windows Update
23-02-2015 08:12:11 Windows Update
27-02-2015 03:00:20 Windows Update
03-03-2015 09:38:24 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2014-09-11 23:48 - 00000877 ____A C:\Windows\system32\Drivers\etc\hosts
74.208.10.249 gs.apple.com
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0155907D-33B6-473A-A2BA-6A131EBF2460} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-02-13] (Lenovo)
Task: {02CCE3C8-FE09-46BC-9DB1-2341977B49C8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {235B87AE-8B6E-4E58-AD0B-95BC03AA0947} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)
Task: {538CC21E-5A14-4FEE-ABD7-FB6E8938B96F} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PWMIDTSV.EXE [2012-05-15] (Lenovo Group Limited)
Task: {6A302C06-1E5D-420A-A21D-B3925CBB37A7} - System32\Tasks\Lenovo\Message Center Plus Launcher => C:\Program Files (x86)\Lenovo\message center plus\mcplaunch.exe [2012-05-15] (Lenovo)
Task: {71E22F5A-4CC8-49D4-B04E-55250FB676FE} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\lsc.exe [2012-05-16] ()
Task: {808ADBF5-8D60-4228-B21B-1D84C56C3B40} - System32\Tasks\Lenovo\LSC\CreateHardwareScanTask => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe [2012-05-03] (Lenovo)
Task: {860D5DD4-7675-4736-94CC-C3B329EE70B1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd)
Task: {9F5B2F62-16B6-4D0E-8B67-D5F95FEEBCC1} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {BE213CF2-012A-44BC-9FE3-111416BC9302} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)
Task: {C2413469-F991-4DE5-AAAB-3A54D757E009} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-11-26] (AVAST Software)
Task: {CFF9FBA2-604F-46F4-B3F9-0183ADB48F25} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {D69D69CE-3B8C-4F42-AE8A-EA38C33559A5} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2012-05-16] (Lenovo)
Task: {DC65E7CF-257F-4D44-81F4-8D1E3DFEAF8B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-26] (Adobe Systems Incorporated)
Task: {F6B2AFFD-9FCB-4654-B1AA-72CB783B1C40} - System32\Tasks\Lenovo\SimpleTap\Start SimpleTap for helmethead.helmet => C:\Program Files\Lenovo\SimpleTap\SimpleTap.exe [2012-05-15] (Lenovo)
Task: {FDB6B890-DCC0-4E58-95EE-E23498FC849A} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2014-02-21] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
==================== Loaded Modules (whitelisted) ==============
2012-10-19 00:17 - 2012-02-29 02:20 - 00128280 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
2012-10-19 00:25 - 2012-05-15 22:32 - 00103936 ____N () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.DLL
2012-05-23 22:14 - 2012-05-23 22:14 - 00108040 _____ () C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NPShellExtension64.dll
2012-10-19 00:15 - 2012-03-19 22:09 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-11-26 00:15 - 2014-11-26 00:15 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
2014-11-26 00:15 - 2014-11-26 00:15 - 05851328 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
2012-05-16 15:50 - 2012-05-16 15:50 - 00148320 _____ () C:\Program Files\lenovo\lenovo solution center\lsc.exe
2012-06-06 23:03 - 2012-06-06 23:03 - 01163624 _____ () C:\Program Files\Lenovo Fingerprint Reader\DataManager.dll
2012-06-06 23:04 - 2012-06-06 23:04 - 00087912 _____ () C:\Program Files\Lenovo Fingerprint Reader\ssutil.dll
2011-12-23 09:24 - 2011-12-23 09:24 - 00119808 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
2015-03-05 14:26 - 2015-03-05 14:26 - 02917376 _____ () C:\Program Files\AVAST Software\Avast\defs\15030500\algo.dll
2014-11-26 00:15 - 2014-11-26 00:15 - 04495336 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
2015-03-06 12:18 - 2015-03-06 12:18 - 02918400 _____ () C:\Program Files\AVAST Software\Avast\defs\15030600\algo.dll
2014-04-23 15:05 - 2014-04-23 15:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-04-23 15:04 - 2014-04-23 15:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-10-19 00:27 - 2012-01-17 07:29 - 00030512 ____N () C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBServiceps.dll
2012-10-19 00:26 - 2011-08-02 03:58 - 02201088 _____ () C:\Program Files\Lenovo\Communications Utility\cxcore210.dll
2012-10-19 00:26 - 2011-08-02 03:58 - 02085888 _____ () C:\Program Files\Lenovo\Communications Utility\cv210.dll
2013-04-19 00:46 - 2013-04-19 00:46 - 08507232 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtGui4.dll
2013-04-19 00:46 - 2013-04-19 00:46 - 02354016 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtCore4.dll
2013-04-19 00:46 - 2013-04-19 00:46 - 01014624 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtNetwork4.dll
2013-04-19 00:46 - 2013-04-19 00:46 - 00364384 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtXml4.dll
2013-04-19 00:46 - 2013-04-19 00:46 - 02480992 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtDeclarative4.dll
2013-04-19 00:46 - 2013-04-19 00:46 - 01346912 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtScript4.dll
2013-04-19 00:46 - 2013-04-19 00:46 - 00206176 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtSql4.dll
2013-04-19 00:46 - 2013-04-19 00:46 - 02653024 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtXmlPatterns4.dll
2013-04-19 00:45 - 2013-04-19 00:45 - 00033120 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qgif4.dll
2013-04-19 00:45 - 2013-04-19 00:45 - 00035680 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qico4.dll
2013-04-19 00:45 - 2013-04-19 00:45 - 00207200 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\imageformats\qjpeg4.dll
2013-04-19 00:46 - 2013-04-19 00:46 - 11166560 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtWebKit4.dll
2013-04-19 00:46 - 2013-04-19 00:46 - 00276832 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\phonon4.dll
2013-04-15 12:26 - 2013-04-15 12:26 - 00391600 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\ssoengine.dll
2013-04-15 12:26 - 2013-04-15 12:26 - 00059280 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\securestorage.dll
2013-04-19 00:45 - 2013-04-19 00:45 - 00438624 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\NService.dll
2013-04-19 00:46 - 2013-04-19 00:46 - 00446304 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\sqldrivers\qsqlite4.dll
2013-04-19 00:46 - 2013-04-19 00:46 - 00520544 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtMultimediaKit1.dll
2013-04-19 00:46 - 2013-04-19 00:46 - 00720736 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\QtOpenGL4.dll
2013-04-19 00:44 - 2013-04-19 00:44 - 00606560 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\CommonUpdateChecker.dll
2013-04-19 00:46 - 2013-04-19 00:46 - 00093024 _____ () C:\Program Files (x86)\Nokia\Nokia Suite\qjson.dll
2014-11-26 00:15 - 2014-11-26 00:15 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2012-08-10 15:51 - 2012-08-10 15:51 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2012-10-19 00:17 - 2012-02-21 21:09 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2012-10-19 00:37 - 2012-04-23 14:03 - 00030432 _____ () C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\ProcessPrivileges.dll
2012-10-19 00:37 - 2012-04-23 14:03 - 00215264 _____ () C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\System.ComponentModel.Composition.dll
2012-10-19 00:37 - 2012-04-23 14:03 - 00051424 _____ () C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Interop.TaskScheduler.dll
2015-02-21 23:10 - 2015-02-17 23:44 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\libglesv2.dll
2015-02-21 23:10 - 2015-02-17 23:44 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\libegl.dll
2015-02-21 23:10 - 2015-02-17 23:44 - 09171272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\pdf.dll
2011-08-15 19:12 - 2011-08-15 19:12 - 02603520 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtCore4.dll
2011-08-15 19:15 - 2011-08-15 19:15 - 00382464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtXml4.dll
2011-08-17 15:41 - 2011-08-17 15:41 - 00400384 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\sqlite3.dll
2011-08-17 15:48 - 2011-08-17 15:48 - 00322048 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\log4cplus.dll
2011-11-25 12:29 - 2011-11-25 12:29 - 00015872 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\featureController.dll
2011-08-15 19:12 - 2011-08-15 19:12 - 01006592 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtNetwork4.dll
2011-08-17 15:48 - 2011-08-17 15:48 - 00195584 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\libgsoap.dll
2011-08-15 18:23 - 2011-08-15 18:23 - 00062464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\zlib1.dll
2011-11-25 12:28 - 2011-11-25 12:28 - 00484352 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\DeviceProfile.dll
2011-11-25 12:42 - 2011-11-25 12:42 - 00499976 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\plugin\PServerPlugin.dll
2011-11-25 12:26 - 2011-11-25 12:26 - 00013824 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\eventsSender.dll
2011-07-19 15:05 - 2011-07-19 15:05 - 14978048 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtWebKit4.dll
2011-07-19 15:04 - 2011-07-19 15:04 - 00317952 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\phonon4.dll
2011-08-15 19:17 - 2011-08-15 19:17 - 09224704 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtGui4.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\helmet\Downloads\Aw_AW_KPU-Hilferuf_aus_dem_M_nchner_Westend.eml:OECustomProperty
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3682643822-3095847663-2694490375-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\helmet\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== Accounts: =============================
Administrator (S-1-5-21-3682643822-3095847663-2694490375-500 - Administrator - Disabled)
Gast (S-1-5-21-3682643822-3095847663-2694490375-501 - Limited - Enabled) => C:\Users\Gast
helmet (S-1-5-21-3682643822-3095847663-2694490375-1001 - Administrator - Enabled) => C:\Users\helmet
HomeGroupUser$ (S-1-5-21-3682643822-3095847663-2694490375-1003 - Limited - Enabled)
UpdatusUser (S-1-5-21-3682643822-3095847663-2694490375-1000 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Faulty Device Manager Devices =============
Could not list Devices. Check "winmgmt" service or repair WMI.
==================== Event log errors: =========================
Application errors:
==================
Error: (03/06/2015 09:49:20 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10827
Error: (03/06/2015 09:49:20 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10827
Error: (03/06/2015 09:49:20 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (03/06/2015 09:49:19 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9345
Error: (03/06/2015 09:49:19 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9345
Error: (03/06/2015 09:49:19 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (03/06/2015 09:49:18 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8222
Error: (03/06/2015 09:49:18 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8222
Error: (03/06/2015 09:49:18 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (03/06/2015 09:49:16 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6708
System errors:
=============
Error: (03/06/2015 10:15:15 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Netman erreicht.
Error: (03/06/2015 00:54:39 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ShellHWDetection erreicht.
Error: (03/05/2015 10:41:17 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Type" aufgrund folgenden Fehlers fehlgeschlagen:
%%5
Error: (03/05/2015 10:41:11 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Anzeige am Bildschirm" wurde mit folgendem Fehler beendet:
%%13
Error: (03/05/2015 10:41:02 PM) (Source: ACPI) (EventID: 13) (User: )
Description: : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen Situationen zur Folge haben, dass der Computer fehlerhaft läuft.
Error: (03/05/2015 04:09:01 PM) (Source: WMPNetworkSvc) (EventID: 14361) (User: )
Description: 1450
Error: (03/05/2015 04:09:00 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 6) (User: NT-AUTORITÄT)
Description: 0xc000014d36\SystemRoot\System32\Config\SOFTWARE
Error: (03/05/2015 04:09:00 PM) (Source: Microsoft-Windows-Kernel-General) (EventID: 6) (User: NT-AUTORITÄT)
Description: 0xc000014d30\??\C:\Users\helmet\ntuser.dat
Error: (03/05/2015 02:11:31 AM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.
Error: (03/04/2015 06:56:51 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ZeroConfigService erreicht.
Microsoft Office Sessions:
=========================
Error: (03/06/2015 09:49:20 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10827
Error: (03/06/2015 09:49:20 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10827
Error: (03/06/2015 09:49:20 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (03/06/2015 09:49:19 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9345
Error: (03/06/2015 09:49:19 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9345
Error: (03/06/2015 09:49:19 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (03/06/2015 09:49:18 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8222
Error: (03/06/2015 09:49:18 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8222
Error: (03/06/2015 09:49:18 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (03/06/2015 09:49:16 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6708
CodeIntegrity Errors:
===================================
Date: 2015-03-06 10:21:53.129
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-03-06 10:21:28.556
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-03-06 10:21:15.931
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-03-06 10:16:00.763
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-03-06 08:26:28.308
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-03-05 23:42:40.268
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-03-05 22:44:48.530
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-03-05 21:35:44.915
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-03-02 08:07:13.557
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-03-01 22:33:11.823
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\dsound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
Percentage of memory in use: 87%
Total physical RAM: 3689.9 MB
Available physical RAM: 450.05 MB
Total Pagefile: 7377.99 MB
Available Pagefile: 2946.75 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: (Windows7_OS) (Fixed) (Total:448.67 GB) (Free:255.82 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive q: (Lenovo_Recovery) (Fixed) (Total:15.62 GB) (Free:3.42 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 770FA04E)
Partition 1: (Active) - (Size=1.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=448.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15.6 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 14.9 GB) (Disk ID: 770FA045)
Partition 1: (Not Active) - (Size=8 GB) - (Type=84)
Partition 2: (Not Active) - (Size=6.9 GB) - (Type=73)
==================== End Of Log ============================
|
|
06.03.2015, 16:48
| #4 |
| /// the machine /// TB-Ausbilder | Gerätemanager leer/ Email Account sendet Spam, etc. hi, Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
06.03.2015, 18:45
| #5 |
| | Gerätemanager leer/ Email Account sendet Spam, etc. Danke erstmal... geht beim entpacken schon los "Registry value "AppInit_Dlls" has been found, which may be caused by rootkit activity"...etc. popped auf mit der Option den Eintrag zu entfernen. Ich frage erstmal, da Du nichts davon erwähnt hast. macht das entfernen Sinn oder erstmal so probieren? Update: ich lasse Mbar nun erstmal laufen ohne das zu entfernen, wenns abstürzt probiere ichs mit...Erstmal keine Antwort nötig, sorry Mbar sowie TDSSKiller haben nichts gefunden, bin leicht erstaunt Anleitungen habe ich gelesen und befolgt.Logfile bzw. Report: Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org
Database version:
main: v2015.03.06.04
rootkit: v2015.02.25.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17633
helmet :: HELMETHEAD [administrator]
06.03.2015 17:38:20
mbar-log-2015-03-06 (17-38-20).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 458727
Time elapsed: 22 minute(s), 15 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter 18:12:04.0405 0x1a1e4 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
18:12:14.0959 0x1a1e4 ============================================================
18:12:14.0959 0x1a1e4 Current date / time: 2015/03/06 18:12:14.0959
18:12:14.0959 0x1a1e4 SystemInfo:
18:12:14.0959 0x1a1e4
18:12:14.0959 0x1a1e4 OS Version: 6.1.7601 ServicePack: 1.0
18:12:14.0959 0x1a1e4 Product type: Workstation
18:12:14.0959 0x1a1e4 ComputerName: HELMETHEAD
18:12:14.0960 0x1a1e4 UserName: helmet
18:12:14.0960 0x1a1e4 Windows directory: C:\Windows
18:12:14.0960 0x1a1e4 System windows directory: C:\Windows
18:12:14.0960 0x1a1e4 Running under WOW64
18:12:14.0960 0x1a1e4 Processor architecture: Intel x64
18:12:14.0960 0x1a1e4 Number of processors: 4
18:12:14.0960 0x1a1e4 Page size: 0x1000
18:12:14.0960 0x1a1e4 Boot type: Normal boot
18:12:14.0960 0x1a1e4 ============================================================
18:12:15.0099 0x1a1e4 KLMD registered as C:\Windows\system32\drivers\94229002.sys
18:12:15.0340 0x1a1e4 System UUID: {A3BC34F7-0701-C97D-845C-9B001E438071}
18:12:16.0009 0x1a1e4 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:12:16.0010 0x1a1e4 Drive \Device\Harddisk1\DR1 - Size: 0x3BA816000 ( 14.91 Gb ), SectorSize: 0x200, Cylinders: 0x79A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:12:16.0020 0x1a1e4 ============================================================
18:12:16.0020 0x1a1e4 \Device\Harddisk0\DR0:
18:12:16.0020 0x1a1e4 MBR partitions:
18:12:16.0020 0x1a1e4 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2EE000
18:12:16.0020 0x1a1e4 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x38157000
18:12:16.0020 0x1a1e4 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x38445800, BlocksNum 0x1F40000
18:12:16.0020 0x1a1e4 \Device\Harddisk1\DR1:
18:12:16.0020 0x1a1e4 MBR partitions:
18:12:16.0021 0x1a1e4 ============================================================
18:12:16.0051 0x1a1e4 C: <-> \Device\Harddisk0\DR0\Partition2
18:12:16.0097 0x1a1e4 Q: <-> \Device\Harddisk0\DR0\Partition3
18:12:16.0098 0x1a1e4 ============================================================
18:12:16.0098 0x1a1e4 Initialize success
18:12:16.0098 0x1a1e4 ============================================================
18:14:31.0714 0x1a034 ============================================================
18:14:31.0714 0x1a034 Scan started
18:14:31.0714 0x1a034 Mode: Manual; SigCheck; TDLFS;
18:14:31.0714 0x1a034 ============================================================
18:14:31.0714 0x1a034 KSN ping started
18:14:34.0646 0x1a034 KSN ping finished: true
18:14:35.0840 0x1a034 ================ Scan system memory ========================
18:14:35.0840 0x1a034 System memory - ok
18:14:35.0841 0x1a034 ================ Scan services =============================
18:14:35.0981 0x1a034 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
18:14:36.0769 0x1a034 1394ohci - ok
18:14:36.0974 0x1a034 [ 1F305C858E7B5E537C9B783D46243A7A, 0DA7B31949C48FB42DBF61EC71ACCFD1CEB3B6135DC3FA0FEC4A9DE25A1405BA ] 5U877 C:\Windows\system32\DRIVERS\5U877.sys
18:14:37.0133 0x1a034 5U877 - ok
18:14:37.0172 0x1a034 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
18:14:37.0762 0x1a034 ACPI - ok
18:14:37.0780 0x1a034 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
18:14:38.0185 0x1a034 AcpiPmi - ok
18:14:38.0300 0x1a034 [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:14:38.0421 0x1a034 AdobeARMservice - ok
18:14:38.0726 0x1a034 [ F79623288F2A357AB20288B5DC4F452A, AA6F70A4C12E390E08074D6FD0EA0D1856D8274DA833E56A8811BF820A2D41D4 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:14:38.0888 0x1a034 AdobeFlashPlayerUpdateSvc - ok
18:14:38.0954 0x1a034 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
18:14:39.0030 0x1a034 adp94xx - ok
18:14:39.0059 0x1a034 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
18:14:39.0139 0x1a034 adpahci - ok
18:14:39.0166 0x1a034 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
18:14:39.0237 0x1a034 adpu320 - ok
18:14:39.0265 0x1a034 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:14:39.0485 0x1a034 AeLookupSvc - ok
18:14:39.0535 0x1a034 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
18:14:39.0702 0x1a034 AFD - ok
18:14:39.0750 0x1a034 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
18:14:39.0816 0x1a034 agp440 - ok
18:14:39.0848 0x1a034 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
18:14:39.0980 0x1a034 ALG - ok
18:14:40.0021 0x1a034 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
18:14:40.0085 0x1a034 aliide - ok
18:14:40.0114 0x1a034 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
18:14:40.0165 0x1a034 amdide - ok
18:14:40.0214 0x1a034 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
18:14:40.0306 0x1a034 AmdK8 - ok
18:14:40.0322 0x1a034 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
18:14:40.0441 0x1a034 AmdPPM - ok
18:14:40.0464 0x1a034 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
18:14:40.0524 0x1a034 amdsata - ok
18:14:40.0548 0x1a034 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
18:14:40.0620 0x1a034 amdsbs - ok
18:14:40.0653 0x1a034 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
18:14:40.0729 0x1a034 amdxata - ok
18:14:40.0763 0x1a034 [ 157B1C973637919DCD0D0464167C86BA, 26495E1390392694F0E33100FB26B2539015414C9F8384F73C66B370A16FD187 ] AMPPAL C:\Windows\system32\DRIVERS\AMPPAL.sys
18:14:40.0908 0x1a034 AMPPAL - ok
18:14:40.0921 0x1a034 [ 157B1C973637919DCD0D0464167C86BA, 26495E1390392694F0E33100FB26B2539015414C9F8384F73C66B370A16FD187 ] AMPPALP C:\Windows\system32\DRIVERS\amppal.sys
18:14:40.0965 0x1a034 AMPPALP - ok
18:14:41.0056 0x1a034 [ FB70F8C1283C8CC6BFAA6F9971107E68, 3EAB3703DC27EE94531DA60C2ACF73CAF33F6BA2ED5822D90BF2A97A3A98C4EA ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
18:14:41.0201 0x1a034 AMPPALR3 - ok
18:14:41.0222 0x1a034 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
18:14:41.0393 0x1a034 AppID - ok
18:14:41.0414 0x1a034 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
18:14:41.0495 0x1a034 AppIDSvc - ok
18:14:41.0509 0x1a034 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
18:14:41.0573 0x1a034 Appinfo - ok
18:14:41.0634 0x1a034 [ 6B73E94F9FE82D45781B8C8A09483082, C35EEAE7457168387A7C77A315524A3703ABDE49D9F23F59057315D9249D3473 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:14:41.0728 0x1a034 Apple Mobile Device - ok
18:14:41.0752 0x1a034 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
18:14:41.0810 0x1a034 arc - ok
18:14:41.0835 0x1a034 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
18:14:41.0910 0x1a034 arcsas - ok
18:14:42.0002 0x1a034 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:14:42.0062 0x1a034 aspnet_state - ok
18:14:42.0093 0x1a034 [ 9BE9F2B83DE80E2752B1405CC427E2EC, 6015CA66553B3B882083B33F24FB338249A110D9769831C3D3D3C681AAFA9411 ] aswHwid C:\Windows\system32\drivers\aswHwid.sys
18:14:42.0155 0x1a034 aswHwid - ok
18:14:42.0189 0x1a034 [ 2DA1C1AEDF454F8E32A863A1AEACDD8C, F02E4D197AE00B9A9507CF6007A7B7BEA54AF0F255B752FBA7174FA2596D1CA9 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
18:14:42.0263 0x1a034 aswMonFlt - ok
18:14:42.0289 0x1a034 [ 4750016EF9CC1DEC6DA3FE5AF9A7F095, C4CF46246D8A3FF9BD8D2FE899685654ADD45EB9B032F33804D0B8131882BC74 ] aswRdr C:\Windows\system32\drivers\aswRdr2.sys
18:14:42.0356 0x1a034 aswRdr - ok
18:14:42.0365 0x1a034 [ 1323269A92645705DEFA053F3596829D, 83EC58E0577A1E45D1FCBC0C0AF182099FB70B9005B9F8161166EBB4E9F58F35 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
18:14:42.0423 0x1a034 aswRvrt - ok
18:14:42.0477 0x1a034 [ E74FD717476B30E23F45354B8F3ACB30, 951D1655E1FA4CF0ACB29F2EEDDB3B42522D392F46DD826C63DCA8941E17ABA8 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
18:14:42.0590 0x1a034 aswSnx - ok
18:14:42.0623 0x1a034 [ B1881A01E301990B671694CA1623F1B6, 5299C713EA7CF96F0550943DB37E963CDA09258F65C471CCEEAB44C4736B7A08 ] aswSP C:\Windows\system32\drivers\aswSP.sys
18:14:42.0706 0x1a034 aswSP - ok
18:14:42.0736 0x1a034 [ 7509F07BA6F84C1E3B2C0D78A1F6F782, A90A36E8E23F58E430DE98B3623688DC09D34B62906EF7796DFC90F581FC385F ] aswStm C:\Windows\system32\drivers\aswStm.sys
18:14:42.0803 0x1a034 aswStm - ok
18:14:42.0827 0x1a034 [ 1A5BDDE65B648DC3AD48B6ECAA3AE9C8, 858F674C3B775F9C8C782B7AFAC0B02AE9410C9F3B7F5B3AE1C4AD3BF6448C14 ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
18:14:42.0910 0x1a034 aswVmm - ok
18:14:42.0935 0x1a034 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:14:43.0067 0x1a034 AsyncMac - ok
18:14:43.0103 0x1a034 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
18:14:43.0137 0x1a034 atapi - ok
18:14:43.0191 0x1a034 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:14:43.0323 0x1a034 AudioEndpointBuilder - ok
18:14:43.0354 0x1a034 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv C:\Windows\System32\Audiosrv.dll
18:14:43.0430 0x1a034 AudioSrv - ok
18:14:43.0491 0x1a034 [ E3F7EC811923F3F1A77B185F22638E5E, 324041256314C1471B5F123FA8DECC8F374A6B497A6419D4CAF61E68E1733265 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
18:14:43.0573 0x1a034 avast! Antivirus - ok
18:14:43.0801 0x1a034 [ 4F4EBF6163D3A02D52A66BBD145B0069, 179B2FD2671F6BB8D3F77B39001F546A0DEBE85BFF9782060AF1DC50DFA071EF ] AvastVBoxSvc C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
18:14:44.0112 0x1a034 AvastVBoxSvc - ok
18:14:44.0150 0x1a034 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
18:14:44.0259 0x1a034 AxInstSV - ok
18:14:44.0311 0x1a034 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
18:14:44.0404 0x1a034 b06bdrv - ok
18:14:44.0432 0x1a034 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
18:14:44.0499 0x1a034 b57nd60a - ok
18:14:44.0525 0x1a034 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
18:14:44.0592 0x1a034 BDESVC - ok
18:14:44.0620 0x1a034 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
18:14:44.0729 0x1a034 Beep - ok
18:14:44.0774 0x1a034 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
18:14:44.0880 0x1a034 BFE - ok
18:14:44.0985 0x1a034 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
18:14:45.0169 0x1a034 BITS - ok
18:14:45.0192 0x1a034 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
18:14:45.0265 0x1a034 blbdrive - ok
18:14:45.0351 0x1a034 [ A52EA1D8C2900055323C93DDB252A3DA, 70C30AACE3948DFD2E4C52818F93F03AF32430B43229F613FEE3C4CD4FA1EFE6 ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
18:14:45.0502 0x1a034 Bluetooth Device Monitor - ok
18:14:45.0605 0x1a034 [ 091210450CA7CED08F360D9D7FEC5D11, 52298A6FE7DCF5EA484E6A1CBE48E2B1106D006E18F2278CB38AAAB10BB905BD ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
18:14:45.0977 0x1a034 Bluetooth Media Service - ok
18:14:46.0048 0x1a034 [ 392450754E17FF778CBC5B9D20583AD1, 4E2CC0D5D41303202EE7655FB1F779C41808A714486BAFF22A321A5BAF9FD0F6 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
18:14:46.0196 0x1a034 Bluetooth OBEX Service - ok
18:14:46.0247 0x1a034 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:14:46.0386 0x1a034 Bonjour Service - ok
18:14:46.0439 0x1a034 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:14:46.0924 0x1a034 bowser - ok
18:14:46.0970 0x1a034 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
18:14:47.0225 0x1a034 BrFiltLo - ok
18:14:47.0242 0x1a034 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
18:14:47.0294 0x1a034 BrFiltUp - ok
18:14:47.0340 0x1a034 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
18:14:47.0462 0x1a034 Browser - ok
18:14:47.0506 0x1a034 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
18:14:47.0693 0x1a034 Brserid - ok
18:14:47.0707 0x1a034 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
18:14:47.0764 0x1a034 BrSerWdm - ok
18:14:47.0824 0x1a034 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
18:14:47.0891 0x1a034 BrUsbMdm - ok
18:14:47.0944 0x1a034 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
18:14:48.0043 0x1a034 BrUsbSer - ok
18:14:48.0079 0x1a034 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
18:14:48.0159 0x1a034 BthEnum - ok
18:14:48.0180 0x1a034 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
18:14:48.0245 0x1a034 BTHMODEM - ok
18:14:48.0255 0x1a034 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
18:14:48.0335 0x1a034 BthPan - ok
18:14:48.0388 0x1a034 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
18:14:48.0486 0x1a034 BTHPORT - ok
18:14:48.0520 0x1a034 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
18:14:48.0629 0x1a034 bthserv - ok
18:14:48.0657 0x1a034 [ FA2D081709A764F6BEE16B7FFE03E36C, 2BBDFBD313ABB87B76D4A30EC042B9D72ED4F62CF18B98229A6366B1A7211ECD ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
18:14:48.0697 0x1a034 BTHSSecurityMgr - ok
18:14:48.0720 0x1a034 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
18:14:48.0784 0x1a034 BTHUSB - ok
18:14:48.0805 0x1a034 [ 988CC6CC49303665D3B2435C51505C3F, 5217A7A1BAD77EBF4E5D68D191FCFD7CE4FB96ABB91638383A077BE9CE794EE3 ] btmaux C:\Windows\system32\DRIVERS\btmaux.sys
18:14:48.0870 0x1a034 btmaux - ok
18:14:48.0914 0x1a034 [ 2B4B508AFAC2A563931AF1FE875A5B16, F6A5261BD3FB8AE7BF26F32B681A15E56317EF8A9D8AB84B9B6BCA66F5484698 ] btmhsf C:\Windows\system32\DRIVERS\btmhsf.sys
18:14:49.0017 0x1a034 btmhsf - ok
18:14:49.0046 0x1a034 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:14:49.0156 0x1a034 cdfs - ok
18:14:49.0179 0x1a034 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
18:14:49.0255 0x1a034 cdrom - ok
18:14:49.0284 0x1a034 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
18:14:49.0398 0x1a034 CertPropSvc - ok
18:14:49.0429 0x1a034 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
18:14:49.0499 0x1a034 circlass - ok
18:14:49.0537 0x1a034 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
18:14:49.0616 0x1a034 CLFS - ok
18:14:49.0679 0x1a034 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:14:49.0731 0x1a034 clr_optimization_v2.0.50727_32 - ok
18:14:49.0756 0x1a034 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:14:49.0815 0x1a034 clr_optimization_v2.0.50727_64 - ok
18:14:49.0873 0x1a034 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:14:49.0950 0x1a034 clr_optimization_v4.0.30319_32 - ok
18:14:49.0976 0x1a034 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:14:50.0036 0x1a034 clr_optimization_v4.0.30319_64 - ok
18:14:50.0053 0x1a034 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
18:14:50.0113 0x1a034 CmBatt - ok
18:14:50.0140 0x1a034 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:14:50.0189 0x1a034 cmdide - ok
18:14:50.0262 0x1a034 [ E45CDE1C8340DFEDF1D6724263F39E5B, 8B8091D0A8FF08170F34DA01A4201DAE7C3D026226BC77B5C2EC67657C670168 ] CNG C:\Windows\system32\Drivers\cng.sys
18:14:50.0346 0x1a034 CNG - ok
18:14:50.0369 0x1a034 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
18:14:50.0411 0x1a034 Compbatt - ok
18:14:50.0418 0x1a034 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
18:14:50.0487 0x1a034 CompositeBus - ok
18:14:50.0492 0x1a034 COMSysApp - ok
18:14:50.0571 0x1a034 [ 34B68480325418A3974948D47633A54B, CE94C30B93B70131618BC03B240EE301F7BF2DA8DE80F2AD57003D00F5CADB0F ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
18:14:50.0646 0x1a034 cphs - ok
18:14:50.0670 0x1a034 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
18:14:50.0715 0x1a034 crcdisk - ok
18:14:50.0758 0x1a034 [ 19D511CC455C19DE1ADF60E6C39C85B6, 2A05DD5EF3D0BEC2C9F4EA186E0E2D0F7BE0BF6A473D51194B09D33773AC7FAA ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:14:50.0839 0x1a034 CryptSvc - ok
18:14:50.0885 0x1a034 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
18:14:51.0028 0x1a034 DcomLaunch - ok
18:14:51.0064 0x1a034 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
18:14:51.0175 0x1a034 defragsvc - ok
18:14:51.0202 0x1a034 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:14:51.0288 0x1a034 DfsC - ok
18:14:51.0318 0x1a034 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
18:14:51.0415 0x1a034 Dhcp - ok
18:14:51.0433 0x1a034 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
18:14:51.0535 0x1a034 discache - ok
18:14:51.0542 0x1a034 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
18:14:51.0581 0x1a034 Disk - ok
18:14:51.0604 0x1a034 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:14:51.0712 0x1a034 Dnscache - ok
18:14:51.0726 0x1a034 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
18:14:51.0848 0x1a034 dot3svc - ok
18:14:51.0912 0x1a034 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
18:14:52.0017 0x1a034 DPS - ok
18:14:52.0049 0x1a034 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:14:52.0137 0x1a034 drmkaud - ok
18:14:52.0204 0x1a034 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:14:52.0300 0x1a034 DXGKrnl - ok
18:14:52.0320 0x1a034 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
18:14:52.0417 0x1a034 EapHost - ok
18:14:52.0594 0x1a034 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
18:14:52.0847 0x1a034 ebdrv - ok
18:14:52.0885 0x1a034 [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] EFS C:\Windows\System32\lsass.exe
18:14:53.0069 0x1a034 EFS - ok
18:14:53.0268 0x1a034 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:14:53.0407 0x1a034 ehRecvr - ok
18:14:53.0427 0x1a034 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
18:14:53.0479 0x1a034 ehSched - ok
18:14:53.0535 0x1a034 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
18:14:53.0601 0x1a034 elxstor - ok
18:14:53.0618 0x1a034 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:14:53.0670 0x1a034 ErrDev - ok
18:14:53.0689 0x1a034 esgiguard - ok
18:14:53.0728 0x1a034 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
18:14:53.0835 0x1a034 EventSystem - ok
18:14:53.0898 0x1a034 [ 23D401A43DADED10A153B9F3A7E66C91, 3B6466108FFB04EC07CA07D2EAAA9F6537CBE1F2D800AAADE9C1E0C8DBADDFB5 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
18:14:54.0003 0x1a034 EvtEng - ok
18:14:54.0032 0x1a034 [ D2EAA04AF43154B62FA85B08BAD0A7CA, B18F09CAD04AD61A1B8DCD3BBC70A82FB50008C147389D3245E39856BA940A87 ] excfs C:\Windows\system32\DRIVERS\excfs.sys
18:14:54.0070 0x1a034 excfs - ok
18:14:54.0079 0x1a034 [ E6082A6C109238A725D83184724C4A36, 66F0D4798C357FFCC5A35E45BE8E5F0A97E7BCF98CFAA1BB2269F6D6B910A0A3 ] excsd C:\Windows\system32\DRIVERS\excsd.sys
18:14:54.0140 0x1a034 excsd - ok
18:14:54.0165 0x1a034 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
18:14:54.0259 0x1a034 exfat - ok
18:14:54.0309 0x1a034 [ 68030FF4B7669E15916910885E2E6160, 324EC07A0135354A5D41ED841919D61C218ECA718DE8A8357B0D2AD0B621777B ] ExpressCache C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe
18:14:54.0358 0x1a034 ExpressCache - ok
18:14:54.0407 0x1a034 [ EB3A7D5663ACAC417DF986D4AEE12170, E2E7A0DEF42E0E9D8E2A70FAEC84D4BB67D8C6F9F6B4C0DE884FA4A12C031F91 ] Fastboot C:\Windows\system32\DRIVERS\Fastboot.sys
18:14:54.0443 0x1a034 Fastboot - ok
18:14:54.0502 0x1a034 [ 63511240AF70D10343A4AE05F8E2CA12, E4A873CE9F685E42347390F7D7D50CD8D3C9A5FCFFEA26093438F679D1CE275D ] FastbootService C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe
18:14:54.0549 0x1a034 FastbootService - ok
18:14:54.0574 0x1a034 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:14:54.0708 0x1a034 fastfat - ok
18:14:54.0758 0x1a034 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
18:14:54.0864 0x1a034 Fax - ok
18:14:54.0893 0x1a034 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
18:14:54.0997 0x1a034 fdc - ok
18:14:55.0015 0x1a034 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
18:14:55.0127 0x1a034 fdPHost - ok
18:14:55.0147 0x1a034 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
18:14:55.0284 0x1a034 FDResPub - ok
18:14:55.0301 0x1a034 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:14:55.0346 0x1a034 FileInfo - ok
18:14:55.0376 0x1a034 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:14:55.0462 0x1a034 Filetrace - ok
18:14:55.0479 0x1a034 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
18:14:55.0564 0x1a034 flpydisk - ok
18:14:55.0714 0x1a034 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:14:55.0774 0x1a034 FltMgr - ok
18:14:56.0038 0x1a034 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
18:14:56.0193 0x1a034 FontCache - ok
18:14:56.0447 0x1a034 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:14:56.0707 0x1a034 FontCache3.0.0.0 - ok
18:14:56.0855 0x1a034 [ 0B034CC9D439B9AD6B05B6F975BAF489, 5D1557F8CE2CAF21FF2C24C746A9B2689F881A0E27D50E984EC2A9380080339E ] FPLService C:\Program Files\Lenovo Fingerprint Reader\TrueSuiteService.exe
18:14:56.0928 0x1a034 FPLService - ok
18:14:56.0961 0x1a034 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
18:14:57.0028 0x1a034 FsDepends - ok
18:14:57.0141 0x1a034 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:14:57.0303 0x1a034 Fs_Rec - ok
18:14:57.0640 0x1a034 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
18:14:57.0704 0x1a034 fvevol - ok
18:14:57.0777 0x1a034 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
18:14:57.0872 0x1a034 gagp30kx - ok
18:14:57.0922 0x1a034 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:14:58.0311 0x1a034 GEARAspiWDM - ok
18:14:58.0504 0x1a034 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
18:14:58.0691 0x1a034 gpsvc - ok
18:14:58.0792 0x1a034 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:14:58.0904 0x1a034 gupdate - ok
18:14:58.0918 0x1a034 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:14:58.0954 0x1a034 gupdatem - ok
18:14:59.0065 0x1a034 [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
18:14:59.0130 0x1a034 gusvc - ok
18:14:59.0198 0x1a034 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
18:14:59.0300 0x1a034 hcw85cir - ok
18:14:59.0358 0x1a034 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:14:59.0508 0x1a034 HdAudAddService - ok
18:14:59.0545 0x1a034 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
18:14:59.0659 0x1a034 HDAudBus - ok
18:14:59.0772 0x1a034 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
18:14:59.0873 0x1a034 HidBatt - ok
18:14:59.0908 0x1a034 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
18:15:00.0065 0x1a034 HidBth - ok
18:15:00.0105 0x1a034 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
18:15:00.0323 0x1a034 HidIr - ok
18:15:00.0369 0x1a034 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
18:15:00.0469 0x1a034 hidserv - ok
18:15:00.0620 0x1a034 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\drivers\hidusb.sys
18:15:00.0737 0x1a034 HidUsb - ok
18:15:00.0813 0x1a034 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:15:00.0941 0x1a034 hkmsvc - ok
18:15:01.0011 0x1a034 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:15:01.0210 0x1a034 HomeGroupListener - ok
18:15:01.0305 0x1a034 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:15:01.0399 0x1a034 HomeGroupProvider - ok
18:15:01.0484 0x1a034 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
18:15:01.0557 0x1a034 HpSAMD - ok
18:15:01.0675 0x1a034 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:15:01.0820 0x1a034 HTTP - ok
18:15:01.0925 0x1a034 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
18:15:01.0959 0x1a034 hwpolicy - ok
18:15:02.0120 0x1a034 [ 16A7CA284629A4D002F7B992C9A49EF9, FEA48B8DAAE18042C87F05D7C07251F4543D0E9F49C7B705E55477E7F75884A3 ] HyperW7Svc C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe
18:15:02.0183 0x1a034 HyperW7Svc - ok
18:15:02.0220 0x1a034 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
18:15:02.0264 0x1a034 i8042prt - ok
18:15:02.0451 0x1a034 [ D1753C06EE17E29352B065EACF3F10D0, 4DD4C991FAA3CCF99DF8DC9F8F5DEEDEECD55977F0C3AA8C404DEFD21E32A62B ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
18:15:02.0548 0x1a034 iaStor - ok
18:15:02.0677 0x1a034 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
18:15:02.0763 0x1a034 iaStorV - ok
18:15:02.0846 0x1a034 [ 72B253CDBCAA10E88AAD0BA39CC83BCD, 95FDC0E622C215D912607DDFC3D703AE0D9505960F98A418F44B7A9FA675B996 ] IBMPMDRV C:\Windows\system32\DRIVERS\ibmpmdrv.sys
18:15:02.0895 0x1a034 IBMPMDRV - ok
18:15:02.0944 0x1a034 [ 4925FFB084C9AD02E8EEF01FB18BF5AC, B08CC31F9DB444C7A3E1DE0B294A573A6F58F440D9ADF4062835320129E10FD0 ] IBMPMSVC C:\Windows\system32\ibmpmsvc.exe
18:15:03.0009 0x1a034 IBMPMSVC - ok
18:15:03.0087 0x1a034 [ 60CC7AE9AEDB4D1E7923BD053B176D97, 52783EE81DCA8267267ADD862A1BF049765BB154F904196B55C0CA26E30FD393 ] ibtfltcoex C:\Windows\system32\DRIVERS\iBtFltCoex.sys
18:15:03.0162 0x1a034 ibtfltcoex - ok
18:15:03.0434 0x1a034 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:15:03.0563 0x1a034 idsvc - ok
18:15:03.0575 0x1a034 IEEtwCollectorService - ok
18:15:04.0738 0x1a034 [ 371D7F91C0D2314EB984A4A6CBEABC92, DD4B04308596C1E6C75B8772D4421137F3A83285DBCFD4DF54166D2B0B45A317 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
18:15:05.0954 0x1a034 igfx - ok
18:15:06.0072 0x1a034 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
18:15:06.0208 0x1a034 iirsp - ok
18:15:06.0676 0x1a034 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
18:15:06.0823 0x1a034 IKEEXT - ok
18:15:06.0915 0x1a034 [ CADDF0927DAC63EDAE48F5C35A61D87D, C46006461311B1563C1D149B9D60B202F30147265B9D93069B084D03A09D2BEC ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
18:15:06.0998 0x1a034 intaud_WaveExtensible - ok
18:15:07.0624 0x1a034 [ D20E649D87193BBCEE5CB0EAB75F96A4, FD73C7B14A2B6ECDD885FA19AD1C4021949D05214C95F3E4C0DC0C3567A40D52 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
18:15:07.0975 0x1a034 IntcAzAudAddService - ok
18:15:08.0144 0x1a034 [ 6C9FFFECA9FED31347D211C5D1FFBD2D, 36CF8B847FAED0D978B3169ED550CC958025902CAC1D7D304E2684B2483E72B8 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
18:15:08.0293 0x1a034 IntcDAud - ok
18:15:08.0608 0x1a034 [ 832CE330DD987227B7DEA8C03F22AEFA, 3DE64D9519D9D865D4C1AA7483D846F0154392B6685BDC451DEC7DA5EA0E2B2E ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
18:15:08.0883 0x1a034 Intel(R) Capability Licensing Service Interface - ok
18:15:09.0059 0x1a034 [ EC0BE932BECA8A61479DD572C09115ED, CE6538C905204B99B681B2A806BE6D45CCCE1012CD058CEA2E36E1E59A991F7E ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
18:15:09.0121 0x1a034 Intel(R) ME Service - ok
18:15:09.0324 0x1a034 [ 5529614F79A407FD40845A8011D86082, 7F9D24F1094845F8CA36807D82D753228CC435DD2685AEFFA965FCE7E9BADDA5 ] Intel(R) Small Business Advantage C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe
18:15:09.0471 0x1a034 Intel(R) Small Business Advantage - ok
18:15:09.0556 0x1a034 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
18:15:09.0751 0x1a034 intelide - ok
18:15:09.0906 0x1a034 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:15:10.0033 0x1a034 intelppm - ok
18:15:10.0141 0x1a034 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:15:10.0254 0x1a034 IPBusEnum - ok
18:15:10.0288 0x1a034 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:15:10.0413 0x1a034 IpFilterDriver - ok
18:15:10.0605 0x1a034 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
18:15:10.0731 0x1a034 iphlpsvc - ok
18:15:10.0791 0x1a034 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
18:15:10.0861 0x1a034 IPMIDRV - ok
18:15:10.0883 0x1a034 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
18:15:11.0006 0x1a034 IPNAT - ok
18:15:11.0068 0x1a034 [ 68A5EDD4843CF0033BAE537C9C495F69, 386C66A6562218D0F0A616D75457CDA4B82DB87DC3DA83935497819963DB6D86 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
18:15:11.0156 0x1a034 iPod Service - ok
18:15:11.0189 0x1a034 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:15:11.0256 0x1a034 IRENUM - ok
18:15:11.0316 0x1a034 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:15:11.0364 0x1a034 isapnp - ok
18:15:11.0509 0x1a034 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
18:15:11.0607 0x1a034 iScsiPrt - ok
18:15:11.0656 0x1a034 [ 846354992EBB373F452EB9182D501B08, 453459133DCA875E93CAAE9852E652F3794F8C31CE53526C47A181FDBABE6849 ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
18:15:11.0703 0x1a034 iusb3hcs - ok
18:15:11.0750 0x1a034 [ 1D88A23853387D34D52CC8F9DDBFC56C, D00083B61E93E7E1D247EAB332787912FCF7605AF7043F071238C50E4A15016B ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
18:15:11.0855 0x1a034 iusb3hub - ok
18:15:11.0916 0x1a034 [ FC5EFD7C797DF19DFB999F0605A7924E, C56CE3840F3B11D81BED38E5F59ABCA190DFB7127F06263193870312A83379AF ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
18:15:12.0024 0x1a034 iusb3xhc - ok
18:15:12.0099 0x1a034 [ 716F66336F10885D935B08174DC54242, 1992708956A2A45A8870CFCB532F3ABF24B1143B75EF32AB1F59D5D86E65F493 ] iwdbus C:\Windows\system32\DRIVERS\iwdbus.sys
18:15:12.0148 0x1a034 iwdbus - ok
18:15:12.0223 0x1a034 [ 0043D9FB61C35F90886B1E93DD556FAF, B17B993928281252A75997939F2E45E98E7FB9D22941CC76E332AFF8706EDEC9 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
18:15:12.0269 0x1a034 jhi_service - ok
18:15:12.0306 0x1a034 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
18:15:12.0365 0x1a034 kbdclass - ok
18:15:12.0395 0x1a034 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
18:15:12.0451 0x1a034 kbdhid - ok
18:15:12.0478 0x1a034 [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] KeyIso C:\Windows\system32\lsass.exe
18:15:12.0518 0x1a034 KeyIso - ok
18:15:12.0554 0x1a034 [ C60C6B9A2E50B0404F6789C62B428C03, 0DFFAACBA038FB3D994049E7BBC8E0C63CB8B4A68C4AB770AD995B66B017C25B ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:15:12.0607 0x1a034 KSecDD - ok
18:15:12.0664 0x1a034 [ 78D152A9FD5747FF6AA89C79F0346F62, 69138077E84E5324751E3C8B80D05BE58EDF03CEC84F69B734537F10F6998F3B ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
18:15:12.0727 0x1a034 KSecPkg - ok
18:15:12.0752 0x1a034 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
18:15:12.0840 0x1a034 ksthunk - ok
18:15:12.0904 0x1a034 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
18:15:13.0041 0x1a034 KtmRm - ok
18:15:13.0085 0x1a034 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
18:15:13.0229 0x1a034 LanmanServer - ok
18:15:13.0243 0x1a034 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:15:13.0366 0x1a034 LanmanWorkstation - ok
18:15:13.0434 0x1a034 [ 4A0235E9822B220339E34D8C122BB6D1, 75FE0158F4123E3252F543FED3F622547F32EE15B1ABA16C8D23405B6BAEBCE5 ] LENOVO.CAMMUTE C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
18:15:13.0516 0x1a034 LENOVO.CAMMUTE - ok
18:15:13.0571 0x1a034 [ 340288B3B2EDC8AFD5FF127DF85142A7, 595103B5CCDC83D8E4617D2C3E8ED91C88A78ACF11BC9478E9244C510DD50A80 ] LENOVO.MICMUTE C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
18:15:13.0640 0x1a034 LENOVO.MICMUTE - ok
18:15:13.0676 0x1a034 [ 93921A19D885755B9751C3744DBCB8FD, A1A59DE5819D2C4D4CEA4917DAB569925928165177F0B081D5C03BD6D7EFE3D2 ] LENOVO.TPKNRSVC C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
18:15:13.0712 0x1a034 LENOVO.TPKNRSVC - ok
18:15:13.0757 0x1a034 [ 79F99A4D59825839B7E563B4BCF52C5E, 3D7B1F292A36E8E4109557B880603B7BEB512457CC495F591DCE44EC34AA0E39 ] LENOVO.TVTVCAM C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
18:15:13.0816 0x1a034 LENOVO.TVTVCAM - ok
18:15:13.0839 0x1a034 [ F7DE50781DC4D162C1005EB30D98F931, CDD07CD2E300DCD818CF97AC05CAFD2BA5568CEA10622D69E156CFC936DD4769 ] Lenovo.VIRTSCRLSVC C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
18:15:13.0917 0x1a034 Lenovo.VIRTSCRLSVC - ok
18:15:13.0936 0x1a034 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:15:14.0045 0x1a034 lltdio - ok
18:15:14.0094 0x1a034 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:15:14.0252 0x1a034 lltdsvc - ok
18:15:14.0271 0x1a034 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
18:15:14.0380 0x1a034 lmhosts - ok
18:15:14.0439 0x1a034 [ 2FB262276D1C689C6886B1C0710342FA, 99129F79FB17B7224CF7C8324A12D464D2611BF6B4467A3697B8E3AFE8A95052 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
18:15:14.0521 0x1a034 LMS - ok
18:15:14.0567 0x1a034 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
18:15:14.0631 0x1a034 LSI_FC - ok
18:15:14.0659 0x1a034 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
18:15:14.0725 0x1a034 LSI_SAS - ok
18:15:14.0739 0x1a034 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
18:15:14.0793 0x1a034 LSI_SAS2 - ok
18:15:14.0815 0x1a034 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
18:15:14.0912 0x1a034 LSI_SCSI - ok
18:15:14.0945 0x1a034 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
18:15:15.0045 0x1a034 luafv - ok
18:15:15.0106 0x1a034 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:15:15.0190 0x1a034 Mcx2Svc - ok
18:15:15.0246 0x1a034 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
18:15:15.0344 0x1a034 megasas - ok
18:15:15.0405 0x1a034 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
18:15:15.0471 0x1a034 MegaSR - ok
18:15:15.0514 0x1a034 [ 6B01B7414A105B9E51652089A03027CF, 9B113DC22F7D0D0B376E577C6D7083F9EDC09BBFE47726393E16D4FDAAAE21FE ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
18:15:15.0557 0x1a034 MEIx64 - ok
18:15:15.0594 0x1a034 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
18:15:15.0767 0x1a034 MMCSS - ok
18:15:15.0857 0x1a034 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
18:15:16.0178 0x1a034 Modem - ok
18:15:16.0381 0x1a034 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:15:16.0730 0x1a034 monitor - ok
18:15:16.0996 0x1a034 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:15:17.0035 0x1a034 mouclass - ok
18:15:17.0093 0x1a034 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\drivers\mouhid.sys
18:15:17.0235 0x1a034 mouhid - ok
18:15:17.0269 0x1a034 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
18:15:17.0393 0x1a034 mountmgr - ok
18:15:17.0448 0x1a034 [ 6C452A07E4F72B31FB93DA153D083179, 86D5F283690ACF1F3A2A518F16921F194F1E4994090A43FA223785A122C5F948 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:15:17.0515 0x1a034 MozillaMaintenance - ok
18:15:17.0576 0x1a034 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
18:15:17.0648 0x1a034 mpio - ok
18:15:17.0696 0x1a034 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:15:17.0782 0x1a034 mpsdrv - ok
18:15:18.0005 0x1a034 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
18:15:18.0198 0x1a034 MpsSvc - ok
18:15:18.0328 0x1a034 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:15:18.0639 0x1a034 MRxDAV - ok
18:15:18.0666 0x1a034 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:15:18.0793 0x1a034 mrxsmb - ok
18:15:18.0880 0x1a034 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:15:19.0197 0x1a034 mrxsmb10 - ok
18:15:19.0213 0x1a034 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:15:19.0308 0x1a034 mrxsmb20 - ok
18:15:19.0387 0x1a034 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
18:15:19.0423 0x1a034 msahci - ok
18:15:19.0457 0x1a034 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:15:19.0577 0x1a034 msdsm - ok
18:15:19.0611 0x1a034 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
18:15:19.0757 0x1a034 MSDTC - ok
18:15:19.0793 0x1a034 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:15:19.0921 0x1a034 Msfs - ok
18:15:19.0958 0x1a034 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
18:15:20.0066 0x1a034 mshidkmdf - ok
18:15:20.0078 0x1a034 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:15:20.0193 0x1a034 msisadrv - ok
18:15:20.0309 0x1a034 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:15:20.0549 0x1a034 MSiSCSI - ok
18:15:20.0556 0x1a034 msiserver - ok
18:15:20.0625 0x1a034 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:15:20.0740 0x1a034 MSKSSRV - ok
18:15:20.0788 0x1a034 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:15:20.0964 0x1a034 MSPCLOCK - ok
18:15:20.0969 0x1a034 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:15:21.0169 0x1a034 MSPQM - ok
18:15:21.0353 0x1a034 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:15:21.0409 0x1a034 MsRPC - ok
18:15:21.0467 0x1a034 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
18:15:21.0503 0x1a034 mssmbios - ok
18:15:21.0542 0x1a034 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:15:21.0658 0x1a034 MSTEE - ok
18:15:21.0693 0x1a034 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
18:15:21.0793 0x1a034 MTConfig - ok
18:15:21.0852 0x1a034 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
18:15:21.0922 0x1a034 Mup - ok
18:15:22.0001 0x1a034 [ 48C9BA25EDA90E3DB07ADAC8CD32F5F3, 9CAFFECB0F59CC758C646F886D7A9A276A152B94EE58564BD03FBB48C4C7E396 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
18:15:22.0086 0x1a034 MyWiFiDHCPDNS - ok
18:15:22.0207 0x1a034 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
18:15:22.0521 0x1a034 napagent - ok
18:15:22.0702 0x1a034 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:15:22.0865 0x1a034 NativeWifiP - ok
18:15:23.0051 0x1a034 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
18:15:23.0236 0x1a034 NDIS - ok
18:15:23.0365 0x1a034 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
18:15:23.0518 0x1a034 NdisCap - ok
18:15:23.0603 0x1a034 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:15:23.0682 0x1a034 NdisTapi - ok
18:15:23.0745 0x1a034 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:15:23.0875 0x1a034 Ndisuio - ok
18:15:23.0952 0x1a034 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:15:24.0086 0x1a034 NdisWan - ok
18:15:24.0137 0x1a034 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:15:24.0444 0x1a034 NDProxy - ok
18:15:24.0485 0x1a034 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:15:24.0794 0x1a034 NetBIOS - ok
18:15:24.0884 0x1a034 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
18:15:25.0060 0x1a034 NetBT - ok
18:15:25.0095 0x1a034 [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] Netlogon C:\Windows\system32\lsass.exe
18:15:25.0178 0x1a034 Netlogon - ok
18:15:25.0236 0x1a034 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
18:15:25.0473 0x1a034 Netman - ok
18:15:25.0699 0x1a034 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:15:25.0973 0x1a034 NetMsmqActivator - ok
18:15:26.0072 0x1a034 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:15:26.0120 0x1a034 NetPipeActivator - ok
18:15:26.0297 0x1a034 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
18:15:26.0490 0x1a034 netprofm - ok
18:15:26.0530 0x1a034 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:15:26.0576 0x1a034 NetTcpActivator - ok
18:15:26.0632 0x1a034 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:15:26.0682 0x1a034 NetTcpPortSharing - ok
18:15:27.0927 0x1a034 [ FAD6C5610D020534401966CD72A1C306, 49D1AF9682464638BF7AC29A83E090F037543C3AA1F7E5970040633AFD5EAF29 ] NETwNs64 C:\Windows\system32\DRIVERS\Netwsw00.sys
18:15:28.0787 0x1a034 NETwNs64 - ok
18:15:28.0860 0x1a034 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
18:15:28.0916 0x1a034 nfrd960 - ok
18:15:29.0026 0x1a034 [ BC4B7FA7F7EBE5E9CC70885A2CB727D0, 0BC3EF7B5CEC9A4639607E5F901A65296F150B451714DF754847637D98CD8D98 ] NitroDriverReadSpool2 C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe
18:15:29.0146 0x1a034 NitroDriverReadSpool2 - ok
18:15:29.0214 0x1a034 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
18:15:29.0326 0x1a034 NlaSvc - ok
18:15:29.0370 0x1a034 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:15:29.0458 0x1a034 Npfs - ok
18:15:29.0480 0x1a034 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
18:15:29.0570 0x1a034 nsi - ok
18:15:29.0592 0x1a034 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:15:29.0714 0x1a034 nsiproxy - ok
18:15:29.0940 0x1a034 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:15:30.0103 0x1a034 Ntfs - ok
18:15:30.0138 0x1a034 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
18:15:30.0270 0x1a034 Null - ok
18:15:31.0610 0x1a034 [ E8A440D7DA4274707F32891426F45DD9, 8307A262165C483776FF15F03DF20EC05E37A66E72A29F6F3A6E7D63E919ADDE ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:15:32.0503 0x1a034 nvlddmkm - ok
18:15:32.0556 0x1a034 [ F4C74D07E7F188C7ECE069FF310F3193, 04AD203845E575DE9CF51580985F36326924D7D910DAE586C420E6711DF9F0CB ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
18:15:32.0604 0x1a034 nvpciflt - ok
18:15:32.0654 0x1a034 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:15:32.0709 0x1a034 nvraid - ok
18:15:32.0749 0x1a034 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:15:32.0821 0x1a034 nvstor - ok
18:15:33.0004 0x1a034 [ C1770F3E6E8B0D018A5ED044415F7B0C, C78411DD86D8861EE4A4ADB78455962C65F506B5CC39F09E8649198460964E70 ] nvsvc C:\Windows\system32\nvvsvc.exe
18:15:33.0121 0x1a034 nvsvc - ok
18:15:33.0387 0x1a034 [ 21FC78141FF8989983E9031966D957FC, 2D193EFC6133E0BE099271625D91BB1CD33F7BC736AEDFDEAA16EF6C9C51EF9B ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
18:15:33.0611 0x1a034 nvUpdatusService - ok
18:15:33.0656 0x1a034 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:15:33.0720 0x1a034 nv_agp - ok
18:15:33.0764 0x1a034 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
18:15:33.0827 0x1a034 ohci1394 - ok
18:15:33.0945 0x1a034 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
18:15:34.0065 0x1a034 p2pimsvc - ok
18:15:34.0173 0x1a034 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
18:15:34.0322 0x1a034 p2psvc - ok
18:15:34.0386 0x1a034 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
18:15:34.0466 0x1a034 Parport - ok
18:15:34.0491 0x1a034 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:15:34.0532 0x1a034 partmgr - ok
18:15:34.0588 0x1a034 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
18:15:34.0667 0x1a034 PcaSvc - ok
18:15:34.0712 0x1a034 [ 3FDE033DFB0D07F8B7D5C9A3044AA121, 2C23B4FA34BA3060884B0168A830DD395A3853855CD6DF4065FBB303DFB4A87E ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
18:15:34.0888 0x1a034 pccsmcfd - ok
18:15:34.0930 0x1a034 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
18:15:35.0081 0x1a034 pci - ok
18:15:35.0140 0x1a034 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
18:15:35.0191 0x1a034 pciide - ok
18:15:35.0253 0x1a034 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
18:15:35.0322 0x1a034 pcmcia - ok
18:15:35.0341 0x1a034 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
18:15:35.0423 0x1a034 pcw - ok
18:15:35.0576 0x1a034 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:15:35.0911 0x1a034 PEAUTH - ok
18:15:36.0749 0x1a034 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
18:15:37.0053 0x1a034 PerfHost - ok
18:15:37.0156 0x1a034 [ B4C1BF666DBD6899EC4A9A499DAA040B, D6F9E42F25DCBE19A3766165D96CC2D30E834B19B841688FD6A2E26FD9166315 ] PHCORE C:\Program Files\Lenovo\RapidBoot\PHCORE64.SYS
18:15:37.0217 0x1a034 PHCORE - ok
18:15:37.0313 0x1a034 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
18:15:37.0562 0x1a034 pla - ok
18:15:37.0689 0x1a034 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:15:37.0950 0x1a034 PlugPlay - ok
18:15:37.0993 0x1a034 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
18:15:38.0074 0x1a034 PNRPAutoReg - ok
18:15:38.0190 0x1a034 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
18:15:38.0253 0x1a034 PNRPsvc - ok
18:15:38.0324 0x1a034 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:15:38.0492 0x1a034 PolicyAgent - ok
18:15:38.0548 0x1a034 [ A2CCA4FB273E6050F17A0A416CFF2FCD, C42BA18DF0C8E3F7358669A784E51E4DC7A4112096345EA699EDC95F561E0255 ] Power C:\Windows\system32\umpo.dll
18:15:38.0679 0x1a034 Power - ok
18:15:38.0974 0x1a034 [ DEED60F99C5B8E386D507860F600D509, 1662F4F7C2CB305C6794B0FF546550393DC7C7FCC709C2D342A7092B446830AA ] Power Manager DBC Service C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
18:15:39.0140 0x1a034 Power Manager DBC Service - ok
18:15:39.0184 0x1a034 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:15:39.0287 0x1a034 PptpMiniport - ok
18:15:39.0309 0x1a034 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
18:15:39.0405 0x1a034 Processor - ok
18:15:39.0460 0x1a034 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
18:15:39.0552 0x1a034 ProfSvc - ok
18:15:39.0570 0x1a034 [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:15:39.0623 0x1a034 ProtectedStorage - ok
18:15:39.0674 0x1a034 [ 05A4779E4994B21473EDBE85AABE8030, AFD597461B036FDE42013648A4D542B02AE1D7E128BF0B193BA4B478432F0C72 ] psadd C:\Windows\system32\DRIVERS\psadd.sys
18:15:39.0708 0x1a034 psadd - ok
18:15:39.0730 0x1a034 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
18:15:39.0837 0x1a034 Psched - ok
18:15:40.0083 0x1a034 [ 68DCE950DCD2ABBB82362D383EC5836E, 5A3E0ABE32BA53A0D719757222455BE9308844C4968CA27B178C86BCF6FDC4DC ] PwmEWSvc C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE
18:15:40.0246 0x1a034 PwmEWSvc - ok
18:15:40.0403 0x1a034 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
18:15:40.0599 0x1a034 ql2300 - ok
18:15:40.0664 0x1a034 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
18:15:40.0725 0x1a034 ql40xx - ok
18:15:40.0781 0x1a034 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
18:15:40.0859 0x1a034 QWAVE - ok
18:15:40.0869 0x1a034 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:15:40.0964 0x1a034 QWAVEdrv - ok
18:15:40.0998 0x1a034 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:15:41.0188 0x1a034 RasAcd - ok
18:15:41.0256 0x1a034 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
18:15:41.0354 0x1a034 RasAgileVpn - ok
18:15:41.0419 0x1a034 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
18:15:41.0564 0x1a034 RasAuto - ok
18:15:41.0578 0x1a034 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:15:41.0726 0x1a034 Rasl2tp - ok
18:15:41.0765 0x1a034 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
18:15:41.0901 0x1a034 RasMan - ok
18:15:41.0933 0x1a034 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:15:42.0067 0x1a034 RasPppoe - ok
18:15:42.0092 0x1a034 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:15:42.0201 0x1a034 RasSstp - ok
18:15:42.0273 0x1a034 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:15:42.0412 0x1a034 rdbss - ok
18:15:42.0431 0x1a034 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
18:15:42.0501 0x1a034 rdpbus - ok
18:15:42.0531 0x1a034 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:15:42.0631 0x1a034 RDPCDD - ok
18:15:42.0648 0x1a034 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:15:42.0723 0x1a034 RDPENCDD - ok
18:15:42.0742 0x1a034 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
18:15:42.0824 0x1a034 RDPREFMP - ok
18:15:42.0886 0x1a034 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:15:42.0966 0x1a034 RDPWD - ok
18:15:43.0025 0x1a034 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
18:15:43.0118 0x1a034 rdyboost - ok
18:15:43.0196 0x1a034 [ 0C2B4C3B10D183BE116A38353E937F62, 2523E6FAB400EA1F9B4A634C1CC427D1D6FDE4B36018FF469470961EB8E432FA ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
18:15:43.0256 0x1a034 RegSrvc - ok
18:15:43.0289 0x1a034 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
18:15:43.0433 0x1a034 RemoteAccess - ok
18:15:43.0459 0x1a034 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:15:43.0609 0x1a034 RemoteRegistry - ok
18:15:43.0636 0x1a034 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
18:15:43.0736 0x1a034 RFCOMM - ok
18:15:43.0765 0x1a034 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
18:15:43.0862 0x1a034 RpcEptMapper - ok
18:15:43.0886 0x1a034 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
18:15:43.0978 0x1a034 RpcLocator - ok
18:15:44.0029 0x1a034 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
18:15:44.0186 0x1a034 RpcSs - ok
18:15:44.0240 0x1a034 [ 7F324DFFCA5318EEF040DBE351D038D8, 114234D816894C1018181173395C8D0E80982D66818A9AA38803D761FA4E8D90 ] RSP2STOR C:\Windows\system32\DRIVERS\RtsP2Stor.sys
18:15:44.0302 0x1a034 RSP2STOR - ok
18:15:44.0363 0x1a034 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:15:44.0478 0x1a034 rspndr - ok
18:15:44.0589 0x1a034 [ 7F4F11527AF5A7E4526CB6A146B3E40C, 705177014374AB2F12AF4558344C35C206C2820BD1A16770173EA10D094D182B ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
18:15:44.0736 0x1a034 RTL8167 - ok
18:15:44.0753 0x1a034 [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] SamSs C:\Windows\system32\lsass.exe
18:15:44.0796 0x1a034 SamSs - ok
18:15:44.0811 0x1a034 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:15:44.0882 0x1a034 sbp2port - ok
18:15:44.0947 0x1a034 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:15:45.0089 0x1a034 SCardSvr - ok
18:15:45.0106 0x1a034 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
18:15:45.0227 0x1a034 scfilter - ok
18:15:45.0362 0x1a034 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
18:15:45.0618 0x1a034 Schedule - ok
18:15:45.0654 0x1a034 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
18:15:45.0778 0x1a034 SCPolicySvc - ok
18:15:45.0921 0x1a034 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:15:46.0173 0x1a034 SDRSVC - ok
18:15:46.0218 0x1a034 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:15:46.0356 0x1a034 secdrv - ok
18:15:46.0458 0x1a034 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:
Geändert von enries (06.03.2015 um 19:22 Uhr) |
|
06.03.2015, 18:46
| #6 |
| | Gerätemanager leer/ Email Account sendet Spam, etc.Code:
ATTFilter \Windows\system32\seclogon.dll
18:15:46.0643 0x1a034 seclogon - ok
18:15:46.0666 0x1a034 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
18:15:46.0851 0x1a034 SENS - ok
18:15:46.0891 0x1a034 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
18:15:47.0017 0x1a034 SensrSvc - ok
18:15:47.0035 0x1a034 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys
18:15:47.0105 0x1a034 Serenum - ok
18:15:47.0158 0x1a034 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys
18:15:47.0242 0x1a034 Serial - ok
18:15:47.0318 0x1a034 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
18:15:47.0441 0x1a034 sermouse - ok
18:15:47.0521 0x1a034 [ 78F7BB9F4924BE164294C59B8C3FC096, 75051A6A8B0DBB16CD70855A408134270EEAF0C127BAAE5B592DB53BB87C085B ] ServiceLayer C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
18:15:47.0738 0x1a034 ServiceLayer - ok
18:15:47.0829 0x1a034 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
18:15:47.0958 0x1a034 SessionEnv - ok
18:15:48.0006 0x1a034 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:15:48.0081 0x1a034 sffdisk - ok
18:15:48.0100 0x1a034 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:15:48.0316 0x1a034 sffp_mmc - ok
18:15:48.0337 0x1a034 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:15:48.0422 0x1a034 sffp_sd - ok
18:15:48.0440 0x1a034 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
18:15:48.0499 0x1a034 sfloppy - ok
18:15:48.0573 0x1a034 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:15:48.0714 0x1a034 SharedAccess - ok
18:15:48.0779 0x1a034 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:15:48.0927 0x1a034 ShellHWDetection - ok
18:15:48.0992 0x1a034 [ 7AC6FBFC13ABA3F15B05986412D10E10, B93E0E18C9883BAE7238389B8E2E3D66CB925BD62B293625FF8B6C3AF4501EC8 ] Shockprf C:\Windows\system32\DRIVERS\Apsx64.sys
18:15:49.0068 0x1a034 Shockprf - ok
18:15:49.0128 0x1a034 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
18:15:49.0178 0x1a034 SiSRaid2 - ok
18:15:49.0209 0x1a034 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
18:15:49.0315 0x1a034 SiSRaid4 - ok
18:15:49.0362 0x1a034 [ A9C057A9463C25490CF99EA8DF8A4B35, 8F4D1C40D0F17EDBF84ED455B8946F782C7552383F0A07E410A9B6CFF7F51D63 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
18:15:49.0469 0x1a034 SkypeUpdate - ok
18:15:49.0487 0x1a034 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:15:49.0572 0x1a034 Smb - ok
18:15:49.0598 0x1a034 [ 1D05A2E9067CD87E2C7D566DA47B9EEF, 4722688815D3DB0F6BFB417DCA34CD386EA2F27AA1DE326595725387F68244E9 ] SmbDrvIntel C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
18:15:49.0650 0x1a034 SmbDrvIntel - ok
18:15:49.0708 0x1a034 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:15:49.0824 0x1a034 SNMPTRAP - ok
18:15:49.0844 0x1a034 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
18:15:49.0905 0x1a034 spldr - ok
18:15:49.0952 0x1a034 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
18:15:50.0081 0x1a034 Spooler - ok
18:15:50.0276 0x1a034 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
18:15:50.0590 0x1a034 sppsvc - ok
18:15:50.0614 0x1a034 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
18:15:50.0726 0x1a034 sppuinotify - ok
18:15:50.0788 0x1a034 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
18:15:50.0909 0x1a034 srv - ok
18:15:50.0933 0x1a034 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:15:51.0054 0x1a034 srv2 - ok
18:15:51.0097 0x1a034 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:15:51.0174 0x1a034 srvnet - ok
18:15:51.0250 0x1a034 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:15:51.0354 0x1a034 SSDPSRV - ok
18:15:51.0381 0x1a034 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:15:51.0497 0x1a034 SstpSvc - ok
18:15:51.0511 0x1a034 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
18:15:51.0568 0x1a034 stexstor - ok
18:15:51.0651 0x1a034 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
18:15:51.0880 0x1a034 stisvc - ok
18:15:51.0948 0x1a034 [ F07850E89839894F731E4562B64E08A5, BF11E096E1CC57B57FFB4E0528DB43F6B049A7E8A0C00C34E03A00EF2F2092B6 ] SUService C:\Program Files (x86)\Lenovo\System Update\SUService.exe
18:15:51.0998 0x1a034 SUService - ok
18:15:52.0041 0x1a034 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
18:15:52.0129 0x1a034 swenum - ok
18:15:52.0238 0x1a034 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
18:15:52.0375 0x1a034 swprv - ok
18:15:52.0450 0x1a034 [ 1C402D9404BD874406D9C53FD40D1418, 7FE359E5EAA5E08119E3FA784409318C447FDC7296F871600492642484E83621 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
18:15:52.0540 0x1a034 SynTP - ok
18:15:52.0704 0x1a034 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
18:15:52.0896 0x1a034 SysMain - ok
18:15:52.0921 0x1a034 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:15:52.0996 0x1a034 TabletInputService - ok
18:15:53.0017 0x1a034 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
18:15:53.0117 0x1a034 TapiSrv - ok
18:15:53.0141 0x1a034 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
18:15:53.0251 0x1a034 TBS - ok
18:15:53.0365 0x1a034 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:15:53.0535 0x1a034 Tcpip - ok
18:15:53.0629 0x1a034 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
18:15:53.0788 0x1a034 TCPIP6 - ok
18:15:53.0831 0x1a034 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:15:53.0895 0x1a034 tcpipreg - ok
18:15:53.0927 0x1a034 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:15:54.0006 0x1a034 TDPIPE - ok
18:15:54.0043 0x1a034 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:15:54.0095 0x1a034 TDTCP - ok
18:15:54.0136 0x1a034 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:15:54.0227 0x1a034 tdx - ok
18:15:54.0630 0x1a034 [ 576918B02840A360702051BC4269B13F, ADC9798F280FB0238C63C798912264E88E244257DF8ACF1854343D14FAC73E19 ] TeamViewer8 C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
18:15:55.0000 0x1a034 TeamViewer8 - ok
18:15:55.0035 0x1a034 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
18:15:55.0077 0x1a034 TermDD - ok
18:15:55.0139 0x1a034 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
18:15:55.0278 0x1a034 TermService - ok
18:15:55.0313 0x1a034 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
18:15:55.0400 0x1a034 Themes - ok
18:15:55.0438 0x1a034 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
18:15:55.0561 0x1a034 THREADORDER - ok
18:15:55.0578 0x1a034 [ BC148E3415BF8A9DE83364966F75044F, 0F4604753E8202A7CA0F0C2E08983911327E0E44E453CE91B9B9A80A5554EC16 ] TPDIGIMN C:\Windows\system32\DRIVERS\ApsHM64.sys
18:15:55.0620 0x1a034 TPDIGIMN - ok
18:15:55.0641 0x1a034 [ BBD91008BEC4A2BA5D383BC9A15D6F9E, 6A61E05F2189CB586440E0D5CB0126282459EAE9F29C9DD2D6E4583D230BF29E ] TPHDEXLGSVC C:\Windows\system32\TPHDEXLG64.exe
18:15:55.0693 0x1a034 TPHDEXLGSVC - ok
18:15:55.0742 0x1a034 [ 83415782D47F8064FCAFEA308ABB2246, 24D407FFF78EB48A440E4929918C92AEF6F5CF8170A14019C22D36B30BB01A23 ] TPHKLOAD C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
18:15:55.0863 0x1a034 TPHKLOAD - ok
18:15:56.0085 0x1a034 [ 046A7B412E4E6C4A7B426441E143F0F2, 8E42A888087A4DE20828652049D54955806986422C6A67C7A42499A0FB1CA1E2 ] TPHKSVC C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
18:15:56.0151 0x1a034 TPHKSVC - ok
18:15:56.0191 0x1a034 [ DBCC20C02E8A3E43B03C304A4E40A84F, BF5F3ACCB0342304A6870E94D2576644B08DBF307C853C7DBA4B82B0C7309DA4 ] TPM C:\Windows\system32\drivers\tpm.sys
18:15:56.0300 0x1a034 TPM - ok
18:15:56.0417 0x1a034 [ 1DF6E6C026AD1D428687FE3B427A87BC, DA8F17A1030A0DEC81F5356B4DC99EC1F93FAD1292779191FDD53FEE530F9520 ] TPPWRIF C:\Windows\system32\drivers\Tppwr64v.sys
18:15:56.0676 0x1a034 TPPWRIF - ok
18:15:56.0721 0x1a034 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
18:15:56.0868 0x1a034 TrkWks - ok
18:15:56.0931 0x1a034 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:15:57.0138 0x1a034 TrustedInstaller - ok
18:15:57.0203 0x1a034 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:15:57.0340 0x1a034 tssecsrv - ok
18:15:57.0403 0x1a034 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
18:15:57.0521 0x1a034 TsUsbFlt - ok
18:15:57.0567 0x1a034 [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
18:15:57.0646 0x1a034 TsUsbGD - ok
18:15:57.0872 0x1a034 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:15:57.0971 0x1a034 tunnel - ok
18:15:57.0992 0x1a034 [ D4915DB03B19F9FD50EC084CC0ED15FC, 1CA899C0D48E69825DB27A4A52D8A3FEBA00A47C2D0E2FC0F5F358D15B7F3496 ] TVTI2C C:\Windows\system32\DRIVERS\Tvti2c.sys
18:15:58.0042 0x1a034 TVTI2C - ok
18:15:58.0068 0x1a034 [ 760B34088C2AD8D634CC3784EF3A2CA2, 20D23EDBDE7EBBA495C032097E7C5B1C6F94037971D9B2D6B98ABE11E7FF3643 ] tvtvcamd C:\Windows\system32\DRIVERS\tvtvcamd.sys
18:15:58.0156 0x1a034 tvtvcamd - ok
18:15:58.0180 0x1a034 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
18:15:58.0219 0x1a034 uagp35 - ok
18:15:58.0253 0x1a034 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:15:58.0395 0x1a034 udfs - ok
18:15:58.0419 0x1a034 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:15:58.0488 0x1a034 UI0Detect - ok
18:15:58.0522 0x1a034 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:15:58.0583 0x1a034 uliagpkx - ok
18:15:58.0610 0x1a034 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
18:15:58.0671 0x1a034 umbus - ok
18:15:58.0691 0x1a034 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
18:15:58.0733 0x1a034 UmPass - ok
18:15:58.0824 0x1a034 [ CABEC311CEA77EAEA3DC04A1ADFC0459, EC857EB3E22941E8915709B2E2CFB7BB662004121EC7DBE495FC40597BF194CB ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
18:15:58.0908 0x1a034 UNS - ok
18:15:58.0949 0x1a034 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
18:15:59.0075 0x1a034 upnphost - ok
18:15:59.0115 0x1a034 [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
18:15:59.0205 0x1a034 USBAAPL64 - ok
18:15:59.0238 0x1a034 [ 91D3C92A44FC682DD791147604E79152, AA0B6799BF9C26C2C1793C91295288A4989AA43EC5E070B650DA7F0A142817CE ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:15:59.0317 0x1a034 usbccgp - ok
18:15:59.0371 0x1a034 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:15:59.0451 0x1a034 usbcir - ok
18:15:59.0483 0x1a034 [ F7FFDF2A1D19A76A87759126B244C816, C91F09D77E22D976952A46F7B93F611B719EDAF694D538242FA8FAF1BA9BB2F0 ] usbehci C:\Windows\system32\drivers\usbehci.sys
18:15:59.0582 0x1a034 usbehci - ok
18:15:59.0636 0x1a034 [ 245FE7FC634D6A993E682E0A9EBA4ABB, F7A536D215EE3A63358EC8B5946D7BB3B56357BF91347B07013E00DAC98775B6 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:15:59.0746 0x1a034 usbhub - ok
18:15:59.0774 0x1a034 [ C1A8966E0D09BFB501045105B30D86F2, 5BB95FBA441B898E258A3BFE174FC1042A04C19E25C59DE1FD90594290B11DA9 ] usbohci C:\Windows\system32\drivers\usbohci.sys
18:15:59.0846 0x1a034 usbohci - ok
18:15:59.0865 0x1a034 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
18:15:59.0934 0x1a034 usbprint - ok
18:15:59.0955 0x1a034 [ AAA2513C8AED8B54B189FD0C6B1634C0, 02FEE0B756AA559C29477A19861AC16D5A3152DC3C897C7D466423438B6A5E42 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
18:16:00.0027 0x1a034 usbscan - ok
18:16:00.0054 0x1a034 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:16:00.0138 0x1a034 USBSTOR - ok
18:16:00.0160 0x1a034 [ 2E682DCE4319A90E02A327F8A427544A, 3528C5A4669BAD53041085C3E72C64388D308E42AD9D1FAC85B6F2FFD81610FB ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
18:16:00.0221 0x1a034 usbuhci - ok
18:16:00.0272 0x1a034 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
18:16:00.0344 0x1a034 usbvideo - ok
18:16:00.0377 0x1a034 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
18:16:00.0494 0x1a034 UxSms - ok
18:16:00.0520 0x1a034 [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] VaultSvc C:\Windows\system32\lsass.exe
18:16:00.0563 0x1a034 VaultSvc - ok
18:16:00.0764 0x1a034 [ 1352B215BDC5807A5641E7C143796DD7, B54F95307253BB81E4CEE4F2033782210652364DE6A1E833B27ECE7E04A2BD51 ] VBoxAswDrv C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys
18:16:00.0907 0x1a034 VBoxAswDrv - ok
18:16:00.0969 0x1a034 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
18:16:01.0011 0x1a034 vdrvroot - ok
18:16:01.0092 0x1a034 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
18:16:01.0221 0x1a034 vds - ok
18:16:01.0250 0x1a034 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:16:01.0298 0x1a034 vga - ok
18:16:01.0323 0x1a034 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
18:16:01.0426 0x1a034 VgaSave - ok
18:16:01.0455 0x1a034 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
18:16:01.0522 0x1a034 vhdmp - ok
18:16:01.0548 0x1a034 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
18:16:01.0601 0x1a034 viaide - ok
18:16:01.0669 0x1a034 [ 49C122513203B98B0B2C10211F23450B, 98C281A5F9A68C0E9F766EE136B72605C8724BA521B6A28E9B7232FFDB1108B9 ] VIPAppService C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
18:16:01.0710 0x1a034 VIPAppService - ok
18:16:01.0746 0x1a034 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:16:01.0803 0x1a034 volmgr - ok
18:16:01.0848 0x1a034 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:16:01.0917 0x1a034 volmgrx - ok
18:16:01.0948 0x1a034 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:16:02.0058 0x1a034 volsnap - ok
18:16:02.0078 0x1a034 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
18:16:02.0144 0x1a034 vsmraid - ok
18:16:02.0363 0x1a034 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
18:16:02.0664 0x1a034 VSS - ok
18:16:02.0712 0x1a034 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
18:16:02.0771 0x1a034 vwifibus - ok
18:16:02.0793 0x1a034 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
18:16:02.0863 0x1a034 vwififlt - ok
18:16:02.0886 0x1a034 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
18:16:02.0957 0x1a034 vwifimp - ok
18:16:03.0011 0x1a034 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
18:16:03.0184 0x1a034 W32Time - ok
18:16:03.0225 0x1a034 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
18:16:03.0297 0x1a034 WacomPen - ok
18:16:03.0320 0x1a034 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
18:16:03.0434 0x1a034 WANARP - ok
18:16:03.0447 0x1a034 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:16:03.0539 0x1a034 Wanarpv6 - ok
18:16:03.0704 0x1a034 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
18:16:03.0878 0x1a034 WatAdminSvc - ok
18:16:04.0043 0x1a034 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
18:16:04.0294 0x1a034 wbengine - ok
18:16:04.0317 0x1a034 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
18:16:04.0410 0x1a034 WbioSrvc - ok
18:16:04.0476 0x1a034 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:16:04.0577 0x1a034 wcncsvc - ok
18:16:04.0588 0x1a034 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:16:04.0670 0x1a034 WcsPlugInService - ok
18:16:04.0712 0x1a034 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
18:16:04.0758 0x1a034 Wd - ok
18:16:04.0864 0x1a034 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:16:04.0958 0x1a034 Wdf01000 - ok
18:16:05.0000 0x1a034 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:16:05.0092 0x1a034 WdiServiceHost - ok
18:16:05.0107 0x1a034 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:16:05.0179 0x1a034 WdiSystemHost - ok
18:16:05.0268 0x1a034 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
18:16:05.0384 0x1a034 WebClient - ok
18:16:05.0435 0x1a034 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:16:05.0555 0x1a034 Wecsvc - ok
18:16:05.0576 0x1a034 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:16:06.0170 0x1a034 wercplsupport - ok
18:16:06.0335 0x1a034 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
18:16:06.0429 0x1a034 WerSvc - ok
18:16:06.0599 0x1a034 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
18:16:06.0677 0x1a034 WfpLwf - ok
18:16:06.0772 0x1a034 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
18:16:06.0881 0x1a034 WIMMount - ok
18:16:06.0982 0x1a034 WinDefend - ok
18:16:06.0992 0x1a034 WinHttpAutoProxySvc - ok
18:16:07.0427 0x1a034 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:16:07.0566 0x1a034 Winmgmt - ok
18:16:07.0758 0x1a034 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
18:16:08.0108 0x1a034 WinRM - ok
18:16:08.0275 0x1a034 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
18:16:08.0463 0x1a034 WinUsb - ok
18:16:08.0807 0x1a034 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
18:16:08.0973 0x1a034 Wlansvc - ok
18:16:09.0015 0x1a034 [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
18:16:09.0168 0x1a034 wlcrasvc - ok
18:16:09.0453 0x1a034 [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:16:09.0666 0x1a034 wlidsvc - ok
18:16:09.0722 0x1a034 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
18:16:09.0799 0x1a034 WmiAcpi - ok
18:16:09.0846 0x1a034 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:16:09.0904 0x1a034 wmiApSrv - ok
18:16:10.0033 0x1a034 WMPNetworkSvc - ok
18:16:10.0090 0x1a034 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:16:10.0174 0x1a034 WPCSvc - ok
18:16:10.0227 0x1a034 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:16:10.0343 0x1a034 WPDBusEnum - ok
18:16:10.0366 0x1a034 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:16:10.0455 0x1a034 ws2ifsl - ok
18:16:10.0480 0x1a034 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
18:16:10.0538 0x1a034 wscsvc - ok
18:16:10.0543 0x1a034 WSearch - ok
18:16:11.0090 0x1a034 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
18:16:11.0441 0x1a034 wuauserv - ok
18:16:11.0498 0x1a034 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:16:11.0606 0x1a034 WudfPf - ok
18:16:11.0640 0x1a034 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:16:11.0710 0x1a034 WUDFRd - ok
18:16:11.0763 0x1a034 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:16:11.0815 0x1a034 wudfsvc - ok
18:16:11.0895 0x1a034 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
18:16:12.0005 0x1a034 WwanSvc - ok
18:16:12.0244 0x1a034 [ D2FE4103450E52CB248D842501F84B90, 0775E540B5ACEE6FA90FC7BE87F45EB005F6593CDA252D64EBC509A350DDA038 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
18:16:12.0460 0x1a034 ZeroConfigService - ok
18:16:12.0482 0x1a034 ================ Scan global ===============================
18:16:12.0533 0x1a034 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
18:16:12.0589 0x1a034 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
18:16:12.0619 0x1a034 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
18:16:12.0662 0x1a034 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
18:16:12.0764 0x1a034 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
18:16:12.0784 0x1a034 [ Global ] - ok
18:16:12.0784 0x1a034 ================ Scan MBR ==================================
18:16:12.0817 0x1a034 [ BDADE448C594927E401160A1BBCFA8DB ] \Device\Harddisk0\DR0
18:16:13.0709 0x1a034 \Device\Harddisk0\DR0 - ok
18:16:13.0714 0x1a034 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
18:16:13.0771 0x1a034 \Device\Harddisk1\DR1 - ok
18:16:13.0771 0x1a034 ================ Scan VBR ==================================
18:16:13.0774 0x1a034 [ 9C730CD5A557BBE33A395192020E4E73 ] \Device\Harddisk0\DR0\Partition1
18:16:13.0776 0x1a034 \Device\Harddisk0\DR0\Partition1 - ok
18:16:13.0781 0x1a034 [ D704BFC3325C0705743A276148A518ED ] \Device\Harddisk0\DR0\Partition2
18:16:13.0783 0x1a034 \Device\Harddisk0\DR0\Partition2 - ok
18:16:13.0786 0x1a034 [ 8AB0F5EC3920C7C24DBF03DDEA6EB29F ] \Device\Harddisk0\DR0\Partition3
18:16:13.0788 0x1a034 \Device\Harddisk0\DR0\Partition3 - ok
18:16:13.0789 0x1a034 ================ Scan generic autorun ======================
18:16:13.0878 0x1a034 [ 09E49DAECE4059757EE985DFECAD24E4, E6588A454B9ABD73B2693A8B7DFE759995EEE35E2E54A73FBCF52859FB78DB6A ] C:\Windows\system32\hkcmd.exe
18:16:14.0494 0x1a034 HotKeysCmds - ok
18:16:14.0610 0x1a034 [ 3A8550BC11A49204BB2F8C70509F7CAD, E201B7E5D3405D06244FAF7EE236ED1A68A7534633B1A5C4DEC4593666EF628B ] C:\Windows\system32\igfxpers.exe
18:16:14.0673 0x1a034 Persistence - ok
18:16:14.0855 0x1a034 [ C8560742F5E4C77A91A75C14D3583604, EDFFBCF84667C47621D78C3239DCC296AC5295249CCE01850AE2578EC59FF045 ] C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
18:16:14.0926 0x1a034 BLEServicesCtrl - ok
18:16:14.0932 0x1a034 BTMTrayAgent - ok
18:16:18.0094 0x1a034 [ DC1DE44B8BAA1C165C4FB8208987EEE9, 58F4B3E82456D2078C764BB51B262A0C7180559348B6B2BD62490D718F757059 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
18:16:19.0274 0x1a034 RTHDVCPL - ok
18:16:19.0420 0x1a034 [ 813EE7316A9B44303D97DDE00626A527, 745F361D9EE969FC836D3D8B909BC9216471351AE828D2B3B6406245854FE01A ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
18:16:19.0562 0x1a034 RtHDVBg_Dolby - ok
18:16:19.0566 0x1a034 SynTPEnh - ok
18:16:19.0737 0x1a034 [ CA169D8C33B5C7D38F146146D635BB5A, 0F7C021BD92ECFF8FEE5D1D1F5920E85B53C1DE7874F21CEBCF9E9F2BD0590BF ] C:\Windows\system32\TpShocks.exe
18:16:19.0816 0x1a034 TpShocks - ok
18:16:19.0970 0x1a034 [ 98D545CE59F64C2C4D005A4A61BB0835, 22EEE378BF46A12E910429DECA5D68E38319A6BC20FEF3E2D7BC450D9141658A ] C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe
18:16:20.0063 0x1a034 LENOVO.TPKNRRES - ok
18:16:20.0124 0x1a034 [ F442241ED1840450DE1572BAAACC0EE0, 8878637DF4475BA967120470037CFDB147C46D8B4ED1661D4379D30EB3341135 ] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
18:16:20.0167 0x1a034 IMSS - ok
18:16:20.0301 0x1a034 [ 0307536FD43CC7BFB92F9DAC8DB913F1, 6C8BEDA4ADFBEF28E647B39B3EEA37A20BFE5C93C7EDA79471EFB46156197843 ] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
18:16:22.0839 0x1a034 RotateImage - detected UnsignedFile.Multi.Generic ( 1 )
18:16:25.0624 0x1a034 Detect skipped due to KSN trusted
18:16:25.0624 0x1a034 RotateImage - ok
18:16:25.0760 0x1a034 [ 4D1DA8CE5E364D22B4FF00F163194514, 165DE474309206A0F51266F19EDB4AF3D7BAD19FDA61B636AEE7A04278DBBC2C ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
18:16:27.0876 0x1a034 USB3MON - ok
18:16:27.0881 0x1a034 PWMTRV - ok
18:16:28.0078 0x1a034 [ 2BC796293D7591AFA9DF3ABFF6D51875, DE22B212E27999BBFA0997E9C70966B4F36652DACE492FBFADDB554D3B612E73 ] C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
18:16:28.0402 0x1a034 Dolby Home Theater v4 - ok
18:16:28.0549 0x1a034 [ 885A81A05F749897A455F439E302F1BD, F4CF5980A7CE5449CF5CF1586AE0FCDE0F4C640CBDD0FE5C1870412017A3CB29 ] C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe
18:16:28.0758 0x1a034 Fastboot - ok
18:16:28.0871 0x1a034 [ 43E946AAD268FEAFB1E286677E70CB5D, 7798926B3CF11D1CF7DFF9B3D67AD3DC67010A62F3132CAEA273EB299A61B176 ] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
18:16:28.0962 0x1a034 Intel AppUp(SM) center - ok
18:16:29.0849 0x1a034 [ B3E053ED10DD568A3B292241F1A74D32, 62606F78FF968D7DF3EF04CD146749B525AEC9C438E9A897DA48F05577659DB2 ] C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe
18:16:30.0401 0x1a034 Lenovo Registration - ok
18:16:30.0516 0x1a034 [ BD2373A36D35709AFFC2482FC53E6650, 6120ACEF861854CC8EE47E56EDC078B8DEB66BE836E1836F4678B669F306953D ] C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\SBALaunchDelay.exe
18:16:30.0580 0x1a034 IntelSBA - ok
18:16:31.0689 0x1a034 [ 44ADDA5FB88EE14F57A246285775AC2F, 2776225BA9F22C553453541DA0285E093B4F2019DB6FE640D033BA45045299C8 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
18:16:32.0522 0x1a034 AvastUI.exe - ok
18:16:32.0913 0x1a034 [ 3B5045DDD039FAB9782851BC486FD92B, 12C59F9E79EB37F26FE0805585EA6B0DAFB41FB8A4FAE972774BC8E3815A1673 ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
18:16:33.0021 0x1a034 iTunesHelper - ok
18:16:33.0527 0x1a034 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
18:16:34.0217 0x1a034 Sidebar - ok
18:16:34.0293 0x1a034 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
18:16:34.0394 0x1a034 mctadmin - ok
18:16:34.0877 0x1a034 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
18:16:35.0015 0x1a034 Sidebar - ok
18:16:35.0028 0x1a034 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
18:16:35.0084 0x1a034 mctadmin - ok
18:16:35.0145 0x1a034 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
18:16:35.0276 0x1a034 Sidebar - ok
18:16:35.0318 0x1a034 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
18:16:35.0374 0x1a034 mctadmin - ok
18:16:35.0535 0x1a034 [ 5D61BE7DB55B026A5D61A3EED09D0EAD, D32CC7B31A6F98C60ABC313ABC7D1143681F72DE2BB2604711A0BA20710CAAAE ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
18:16:35.0600 0x1a034 swg - ok
18:16:35.0610 0x1a034 [ 5D61BE7DB55B026A5D61A3EED09D0EAD, D32CC7B31A6F98C60ABC313ABC7D1143681F72DE2BB2604711A0BA20710CAAAE ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
18:16:35.0644 0x1a034 swg - ok
18:16:35.0646 0x1a034 Waiting for KSN requests completion. In queue: 16
18:16:36.0646 0x1a034 Waiting for KSN requests completion. In queue: 16
18:16:37.0646 0x1a034 Waiting for KSN requests completion. In queue: 16
18:16:38.0832 0x1a034 AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.0.2208.712 ), 0x41000 ( enabled : updated )
18:16:38.0897 0x1a034 Win FW state via NFP2: enabled
18:16:41.0799 0x1a034 ============================================================
18:16:41.0799 0x1a034 Scan finished
18:16:41.0799 0x1a034 ============================================================
18:16:41.0818 0x1a350 Detected object count: 0
18:16:41.0818 0x1a350 Actual detected object count: 0
18:17:38.0822 0x1a7e0 ============================================================
18:17:38.0822 0x1a7e0 Scan started
18:17:38.0822 0x1a7e0 Mode: Manual; SigCheck; TDLFS;
18:17:38.0822 0x1a7e0 ============================================================
18:17:38.0822 0x1a7e0 KSN ping started
18:17:41.0564 0x1a7e0 KSN ping finished: true
18:17:42.0125 0x1a7e0 ================ Scan system memory ========================
18:17:42.0125 0x1a7e0 System memory - ok
18:17:42.0129 0x1a7e0 ================ Scan services =============================
18:17:42.0344 0x1a7e0 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
18:17:42.0596 0x1a7e0 1394ohci - ok
18:17:42.0629 0x1a7e0 [ 1F305C858E7B5E537C9B783D46243A7A, 0DA7B31949C48FB42DBF61EC71ACCFD1CEB3B6135DC3FA0FEC4A9DE25A1405BA ] 5U877 C:\Windows\system32\DRIVERS\5U877.sys
18:17:42.0742 0x1a7e0 5U877 - ok
18:17:42.0895 0x1a7e0 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
18:17:42.0997 0x1a7e0 ACPI - ok
18:17:43.0077 0x1a7e0 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
18:17:43.0245 0x1a7e0 AcpiPmi - ok
18:17:43.0339 0x1a7e0 [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:17:43.0445 0x1a7e0 AdobeARMservice - ok
18:17:43.0633 0x1a7e0 [ F79623288F2A357AB20288B5DC4F452A, AA6F70A4C12E390E08074D6FD0EA0D1856D8274DA833E56A8811BF820A2D41D4 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:17:43.0779 0x1a7e0 AdobeFlashPlayerUpdateSvc - ok
18:17:43.0832 0x1a7e0 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
18:17:44.0017 0x1a7e0 adp94xx - ok
18:17:44.0107 0x1a7e0 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
18:17:44.0202 0x1a7e0 adpahci - ok
18:17:44.0230 0x1a7e0 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
18:17:44.0363 0x1a7e0 adpu320 - ok
18:17:44.0394 0x1a7e0 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:17:44.0533 0x1a7e0 AeLookupSvc - ok
18:17:44.0573 0x1a7e0 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
18:17:44.0691 0x1a7e0 AFD - ok
18:17:44.0772 0x1a7e0 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
18:17:44.0829 0x1a7e0 agp440 - ok
18:17:44.0862 0x1a7e0 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
18:17:44.0989 0x1a7e0 ALG - ok
18:17:45.0018 0x1a7e0 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
18:17:45.0059 0x1a7e0 aliide - ok
18:17:45.0103 0x1a7e0 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
18:17:45.0151 0x1a7e0 amdide - ok
18:17:45.0187 0x1a7e0 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
18:17:45.0279 0x1a7e0 AmdK8 - ok
18:17:45.0303 0x1a7e0 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
18:17:45.0412 0x1a7e0 AmdPPM - ok
18:17:45.0437 0x1a7e0 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
18:17:45.0512 0x1a7e0 amdsata - ok
18:17:45.0536 0x1a7e0 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
18:17:45.0601 0x1a7e0 amdsbs - ok
18:17:45.0634 0x1a7e0 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
18:17:45.0705 0x1a7e0 amdxata - ok
18:17:45.0747 0x1a7e0 [ 157B1C973637919DCD0D0464167C86BA, 26495E1390392694F0E33100FB26B2539015414C9F8384F73C66B370A16FD187 ] AMPPAL C:\Windows\system32\DRIVERS\AMPPAL.sys
18:17:45.0899 0x1a7e0 AMPPAL - ok
18:17:45.0917 0x1a7e0 [ 157B1C973637919DCD0D0464167C86BA, 26495E1390392694F0E33100FB26B2539015414C9F8384F73C66B370A16FD187 ] AMPPALP C:\Windows\system32\DRIVERS\amppal.sys
18:17:45.0977 0x1a7e0 AMPPALP - ok
18:17:46.0166 0x1a7e0 [ FB70F8C1283C8CC6BFAA6F9971107E68, 3EAB3703DC27EE94531DA60C2ACF73CAF33F6BA2ED5822D90BF2A97A3A98C4EA ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
18:17:46.0277 0x1a7e0 AMPPALR3 - ok
18:17:46.0312 0x1a7e0 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
18:17:46.0493 0x1a7e0 AppID - ok
18:17:46.0519 0x1a7e0 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
18:17:46.0671 0x1a7e0 AppIDSvc - ok
18:17:46.0697 0x1a7e0 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
18:17:46.0775 0x1a7e0 Appinfo - ok
18:17:46.0881 0x1a7e0 [ 6B73E94F9FE82D45781B8C8A09483082, C35EEAE7457168387A7C77A315524A3703ABDE49D9F23F59057315D9249D3473 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:17:47.0392 0x1a7e0 Apple Mobile Device - ok
18:17:47.0424 0x1a7e0 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
18:17:47.0486 0x1a7e0 arc - ok
18:17:47.0509 0x1a7e0 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
18:17:47.0632 0x1a7e0 arcsas - ok
18:17:47.0958 0x1a7e0 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:17:48.0189 0x1a7e0 aspnet_state - ok
18:17:48.0375 0x1a7e0 [ 9BE9F2B83DE80E2752B1405CC427E2EC, 6015CA66553B3B882083B33F24FB338249A110D9769831C3D3D3C681AAFA9411 ] aswHwid C:\Windows\system32\drivers\aswHwid.sys
18:17:48.0545 0x1a7e0 aswHwid - ok
18:17:48.0578 0x1a7e0 [ 2DA1C1AEDF454F8E32A863A1AEACDD8C, F02E4D197AE00B9A9507CF6007A7B7BEA54AF0F255B752FBA7174FA2596D1CA9 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
18:17:48.0644 0x1a7e0 aswMonFlt - ok
18:17:48.0678 0x1a7e0 [ 4750016EF9CC1DEC6DA3FE5AF9A7F095, C4CF46246D8A3FF9BD8D2FE899685654ADD45EB9B032F33804D0B8131882BC74 ] aswRdr C:\Windows\system32\drivers\aswRdr2.sys
18:17:48.0749 0x1a7e0 aswRdr - ok
18:17:48.0964 0x1a7e0 [ 1323269A92645705DEFA053F3596829D, 83EC58E0577A1E45D1FCBC0C0AF182099FB70B9005B9F8161166EBB4E9F58F35 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
18:17:49.0011 0x1a7e0 aswRvrt - ok
18:17:49.0084 0x1a7e0 [ E74FD717476B30E23F45354B8F3ACB30, 951D1655E1FA4CF0ACB29F2EEDDB3B42522D392F46DD826C63DCA8941E17ABA8 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
18:17:49.0205 0x1a7e0 aswSnx - ok
18:17:49.0263 0x1a7e0 [ B1881A01E301990B671694CA1623F1B6, 5299C713EA7CF96F0550943DB37E963CDA09258F65C471CCEEAB44C4736B7A08 ] aswSP C:\Windows\system32\drivers\aswSP.sys
18:17:49.0364 0x1a7e0 aswSP - ok
18:17:49.0418 0x1a7e0 [ 7509F07BA6F84C1E3B2C0D78A1F6F782, A90A36E8E23F58E430DE98B3623688DC09D34B62906EF7796DFC90F581FC385F ] aswStm C:\Windows\system32\drivers\aswStm.sys
18:17:49.0493 0x1a7e0 aswStm - ok
18:17:49.0508 0x1a7e0 [ 1A5BDDE65B648DC3AD48B6ECAA3AE9C8, 858F674C3B775F9C8C782B7AFAC0B02AE9410C9F3B7F5B3AE1C4AD3BF6448C14 ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
18:17:49.0583 0x1a7e0 aswVmm - ok
18:17:49.0607 0x1a7e0 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:17:49.0691 0x1a7e0 AsyncMac - ok
18:17:49.0725 0x1a7e0 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
18:17:49.0795 0x1a7e0 atapi - ok
18:17:49.0848 0x1a7e0 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:17:49.0957 0x1a7e0 AudioEndpointBuilder - ok
18:17:49.0994 0x1a7e0 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv C:\Windows\System32\Audiosrv.dll
18:17:50.0077 0x1a7e0 AudioSrv - ok
18:17:50.0206 0x1a7e0 [ E3F7EC811923F3F1A77B185F22638E5E, 324041256314C1471B5F123FA8DECC8F374A6B497A6419D4CAF61E68E1733265 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
18:17:50.0329 0x1a7e0 avast! Antivirus - ok
18:17:50.0683 0x1a7e0 [ 4F4EBF6163D3A02D52A66BBD145B0069, 179B2FD2671F6BB8D3F77B39001F546A0DEBE85BFF9782060AF1DC50DFA071EF ] AvastVBoxSvc C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
18:17:51.0094 0x1a7e0 AvastVBoxSvc - ok
18:17:51.0134 0x1a7e0 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
18:17:51.0241 0x1a7e0 AxInstSV - ok
18:17:51.0288 0x1a7e0 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
18:17:51.0369 0x1a7e0 b06bdrv - ok
18:17:51.0418 0x1a7e0 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
18:17:51.0479 0x1a7e0 b57nd60a - ok
18:17:51.0507 0x1a7e0 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
18:17:51.0573 0x1a7e0 BDESVC - ok
18:17:51.0601 0x1a7e0 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
18:17:51.0687 0x1a7e0 Beep - ok
18:17:51.0807 0x1a7e0 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
18:17:51.0920 0x1a7e0 BFE - ok
18:17:52.0209 0x1a7e0 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
18:17:52.0491 0x1a7e0 BITS - ok
18:17:52.0515 0x1a7e0 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
18:17:52.0557 0x1a7e0 blbdrive - ok
18:17:52.0790 0x1a7e0 [ A52EA1D8C2900055323C93DDB252A3DA, 70C30AACE3948DFD2E4C52818F93F03AF32430B43229F613FEE3C4CD4FA1EFE6 ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
18:17:52.0978 0x1a7e0 Bluetooth Device Monitor - ok
18:17:53.0054 0x1a7e0 [ 091210450CA7CED08F360D9D7FEC5D11, 52298A6FE7DCF5EA484E6A1CBE48E2B1106D006E18F2278CB38AAAB10BB905BD ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
18:17:53.0215 0x1a7e0 Bluetooth Media Service - ok
18:17:53.0404 0x1a7e0 [ 392450754E17FF778CBC5B9D20583AD1, 4E2CC0D5D41303202EE7655FB1F779C41808A714486BAFF22A321A5BAF9FD0F6 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
18:17:53.0638 0x1a7e0 Bluetooth OBEX Service - ok
18:17:53.0688 0x1a7e0 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:17:53.0833 0x1a7e0 Bonjour Service - ok
18:17:53.0862 0x1a7e0 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:17:53.0947 0x1a7e0 bowser - ok
18:17:53.0976 0x1a7e0 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
18:17:54.0073 0x1a7e0 BrFiltLo - ok
18:17:54.0090 0x1a7e0 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
18:17:54.0133 0x1a7e0 BrFiltUp - ok
18:17:54.0188 0x1a7e0 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
18:17:54.0268 0x1a7e0 Browser - ok
18:17:54.0308 0x1a7e0 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
18:17:54.0480 0x1a7e0 Brserid - ok
18:17:54.0504 0x1a7e0 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
18:17:54.0551 0x1a7e0 BrSerWdm - ok
18:17:54.0572 0x1a7e0 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
18:17:54.0617 0x1a7e0 BrUsbMdm - ok
18:17:54.0634 0x1a7e0 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
18:17:54.0690 0x1a7e0 BrUsbSer - ok
18:17:54.0718 0x1a7e0 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
18:17:54.0840 0x1a7e0 BthEnum - ok
18:17:54.0870 0x1a7e0 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
18:17:54.0926 0x1a7e0 BTHMODEM - ok
18:17:54.0936 0x1a7e0 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
18:17:54.0988 0x1a7e0 BthPan - ok
18:17:55.0036 0x1a7e0 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
18:17:55.0111 0x1a7e0 BTHPORT - ok
18:17:55.0159 0x1a7e0 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
18:17:55.0269 0x1a7e0 bthserv - ok
18:17:55.0305 0x1a7e0 [ FA2D081709A764F6BEE16B7FFE03E36C, 2BBDFBD313ABB87B76D4A30EC042B9D72ED4F62CF18B98229A6366B1A7211ECD ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
18:17:55.0443 0x1a7e0 BTHSSecurityMgr - ok
18:17:55.0468 0x1a7e0 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
18:17:55.0541 0x1a7e0 BTHUSB - ok
18:17:55.0562 0x1a7e0 [ 988CC6CC49303665D3B2435C51505C3F, 5217A7A1BAD77EBF4E5D68D191FCFD7CE4FB96ABB91638383A077BE9CE794EE3 ] btmaux C:\Windows\system32\DRIVERS\btmaux.sys
18:17:55.0644 0x1a7e0 btmaux - ok
18:17:55.0721 0x1a7e0 [ 2B4B508AFAC2A563931AF1FE875A5B16, F6A5261BD3FB8AE7BF26F32B681A15E56317EF8A9D8AB84B9B6BCA66F5484698 ] btmhsf C:\Windows\system32\DRIVERS\btmhsf.sys
18:17:55.0809 0x1a7e0 btmhsf - ok
18:17:55.0836 0x1a7e0 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:17:55.0919 0x1a7e0 cdfs - ok
18:17:55.0952 0x1a7e0 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
18:17:56.0019 0x1a7e0 cdrom - ok
18:17:56.0049 0x1a7e0 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
18:17:56.0128 0x1a7e0 CertPropSvc - ok
18:17:56.0152 0x1a7e0 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
18:17:56.0201 0x1a7e0 circlass - ok
18:17:56.0241 0x1a7e0 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
18:17:56.0316 0x1a7e0 CLFS - ok
18:17:56.0377 0x1a7e0 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:17:56.0466 0x1a7e0 clr_optimization_v2.0.50727_32 - ok
18:17:56.0524 0x1a7e0 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:17:56.0611 0x1a7e0 clr_optimization_v2.0.50727_64 - ok
18:17:56.0673 0x1a7e0 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:17:56.0873 0x1a7e0 clr_optimization_v4.0.30319_32 - ok
18:17:56.0983 0x1a7e0 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:17:57.0059 0x1a7e0 clr_optimization_v4.0.30319_64 - ok
18:17:57.0109 0x1a7e0 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
18:17:57.0189 0x1a7e0 CmBatt - ok
18:17:57.0222 0x1a7e0 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:17:57.0386 0x1a7e0 cmdide - ok
18:17:57.0453 0x1a7e0 [ E45CDE1C8340DFEDF1D6724263F39E5B, 8B8091D0A8FF08170F34DA01A4201DAE7C3D026226BC77B5C2EC67657C670168 ] CNG C:\Windows\system32\Drivers\cng.sys
18:17:57.0545 0x1a7e0 CNG - ok
18:17:57.0565 0x1a7e0 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
18:17:57.0600 0x1a7e0 Compbatt - ok
18:17:57.0615 0x1a7e0 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
18:17:57.0693 0x1a7e0 CompositeBus - ok
18:17:57.0699 0x1a7e0 COMSysApp - ok
18:17:57.0960 0x1a7e0 [ 34B68480325418A3974948D47633A54B, CE94C30B93B70131618BC03B240EE301F7BF2DA8DE80F2AD57003D00F5CADB0F ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
18:17:58.0199 0x1a7e0 cphs - ok
18:17:58.0393 0x1a7e0 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
18:17:58.0546 0x1a7e0 crcdisk - ok
18:17:58.0589 0x1a7e0 [ 19D511CC455C19DE1ADF60E6C39C85B6, 2A05DD5EF3D0BEC2C9F4EA186E0E2D0F7BE0BF6A473D51194B09D33773AC7FAA ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:17:58.0643 0x1a7e0 CryptSvc - ok
18:17:58.0767 0x1a7e0 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
18:17:59.0060 0x1a7e0 DcomLaunch - ok
18:17:59.0112 0x1a7e0 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
18:17:59.0222 0x1a7e0 defragsvc - ok
18:17:59.0258 0x1a7e0 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:17:59.0336 0x1a7e0 DfsC - ok
18:17:59.0368 0x1a7e0 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
18:17:59.0437 0x1a7e0 Dhcp - ok
18:17:59.0456 0x1a7e0 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
18:17:59.0583 0x1a7e0 discache - ok
18:17:59.0621 0x1a7e0 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
18:17:59.0694 0x1a7e0 Disk - ok
18:17:59.0728 0x1a7e0 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:17:59.0826 0x1a7e0 Dnscache - ok
18:17:59.0854 0x1a7e0 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
18:17:59.0953 0x1a7e0 dot3svc - ok
18:17:59.0973 0x1a7e0 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
18:18:00.0098 0x1a7e0 DPS - ok
18:18:00.0130 0x1a7e0 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:18:00.0228 0x1a7e0 drmkaud - ok
18:18:00.0293 0x1a7e0 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:18:00.0388 0x1a7e0 DXGKrnl - ok
18:18:00.0435 0x1a7e0 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
18:18:00.0530 0x1a7e0 EapHost - ok
18:18:00.0701 0x1a7e0 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
18:18:00.0974 0x1a7e0 ebdrv - ok
18:18:01.0025 0x1a7e0 [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] EFS C:\Windows\System32\lsass.exe
18:18:01.0090 0x1a7e0 EFS - ok
18:18:01.0173 0x1a7e0 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:18:01.0305 0x1a7e0 ehRecvr - ok
18:18:01.0317 0x1a7e0 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
18:18:01.0371 0x1a7e0 ehSched - ok
18:18:01.0532 0x1a7e0 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
18:18:01.0607 0x1a7e0 elxstor - ok
18:18:01.0832 0x1a7e0 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:18:01.0894 0x1a7e0 ErrDev - ok
18:18:01.0928 0x1a7e0 esgiguard - ok
18:18:02.0001 0x1a7e0 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
18:18:02.0194 0x1a7e0 EventSystem - ok
18:18:02.0269 0x1a7e0 [ 23D401A43DADED10A153B9F3A7E66C91, 3B6466108FFB04EC07CA07D2EAAA9F6537CBE1F2D800AAADE9C1E0C8DBADDFB5 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
18:18:02.0370 0x1a7e0 EvtEng - ok
18:18:02.0420 0x1a7e0 [ D2EAA04AF43154B62FA85B08BAD0A7CA, B18F09CAD04AD61A1B8DCD3BBC70A82FB50008C147389D3245E39856BA940A87 ] excfs C:\Windows\system32\DRIVERS\excfs.sys
18:18:02.0491 0x1a7e0 excfs - ok
18:18:02.0502 0x1a7e0 [ E6082A6C109238A725D83184724C4A36, 66F0D4798C357FFCC5A35E45BE8E5F0A97E7BCF98CFAA1BB2269F6D6B910A0A3 ] excsd C:\Windows\system32\DRIVERS\excsd.sys
18:18:02.0571 0x1a7e0 excsd - ok
18:18:02.0595 0x1a7e0 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
18:18:02.0701 0x1a7e0 exfat - ok
18:18:02.0748 0x1a7e0 [ 68030FF4B7669E15916910885E2E6160, 324EC07A0135354A5D41ED841919D61C218ECA718DE8A8357B0D2AD0B621777B ] ExpressCache C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe
18:18:02.0787 0x1a7e0 ExpressCache - ok
18:18:02.0862 0x1a7e0 [ EB3A7D5663ACAC417DF986D4AEE12170, E2E7A0DEF42E0E9D8E2A70FAEC84D4BB67D8C6F9F6B4C0DE884FA4A12C031F91 ] Fastboot C:\Windows\system32\DRIVERS\Fastboot.sys
18:18:02.0902 0x1a7e0 Fastboot - ok
18:18:02.0994 0x1a7e0 [ 63511240AF70D10343A4AE05F8E2CA12, E4A873CE9F685E42347390F7D7D50CD8D3C9A5FCFFEA26093438F679D1CE275D ] FastbootService C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe
18:18:03.0038 0x1a7e0 FastbootService - ok
18:18:03.0105 0x1a7e0 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:18:03.0214 0x1a7e0 fastfat - ok
18:18:03.0332 0x1a7e0 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
18:18:03.0445 0x1a7e0 Fax - ok
18:18:03.0498 0x1a7e0 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
18:18:03.0552 0x1a7e0 fdc - ok
18:18:03.0595 0x1a7e0 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
18:18:03.0677 0x1a7e0 fdPHost - ok
18:18:03.0702 0x1a7e0 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
18:18:03.0796 0x1a7e0 FDResPub - ok
18:18:03.0814 0x1a7e0 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:18:03.0851 0x1a7e0 FileInfo - ok
18:18:03.0905 0x1a7e0 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:18:03.0982 0x1a7e0 Filetrace - ok
18:18:04.0009 0x1a7e0 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
18:18:04.0073 0x1a7e0 flpydisk - ok
18:18:04.0103 0x1a7e0 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:18:04.0195 0x1a7e0 FltMgr - ok
18:18:04.0274 0x1a7e0 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
18:18:04.0412 0x1a7e0 FontCache - ok
18:18:04.0461 0x1a7e0 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:18:04.0545 0x1a7e0 FontCache3.0.0.0 - ok
18:18:04.0625 0x1a7e0 [ 0B034CC9D439B9AD6B05B6F975BAF489, 5D1557F8CE2CAF21FF2C24C746A9B2689F881A0E27D50E984EC2A9380080339E ] FPLService C:\Program Files\Lenovo Fingerprint Reader\TrueSuiteService.exe
18:18:04.0699 0x1a7e0 FPLService - ok
18:18:04.0707 0x1a7e0 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
18:18:04.0792 0x1a7e0 FsDepends - ok
18:18:04.0821 0x1a7e0 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:18:04.0855 0x1a7e0 Fs_Rec - ok
18:18:04.0954 0x1a7e0 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
18:18:05.0042 0x1a7e0 fvevol - ok
18:18:05.0107 0x1a7e0 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
18:18:05.0144 0x1a7e0 gagp30kx - ok
18:18:05.0185 0x1a7e0 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
18:18:05.0265 0x1a7e0 GEARAspiWDM - ok
18:18:05.0367 0x1a7e0 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
18:18:05.0505 0x1a7e0 gpsvc - ok
18:18:05.0564 0x1a7e0 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:18:05.0635 0x1a7e0 gupdate - ok
18:18:05.0644 0x1a7e0 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:18:05.0723 0x1a7e0 gupdatem - ok
18:18:05.0808 0x1a7e0 [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
18:18:05.0857 0x1a7e0 gusvc - ok
18:18:05.0897 0x1a7e0 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
18:18:05.0956 0x1a7e0 hcw85cir - ok
18:18:05.0991 0x1a7e0 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:18:06.0072 0x1a7e0 HdAudAddService - ok
18:18:06.0093 0x1a7e0 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
18:18:06.0165 0x1a7e0 HDAudBus - ok
18:18:06.0187 0x1a7e0 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
18:18:06.0229 0x1a7e0 HidBatt - ok
18:18:06.0274 0x1a7e0 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
18:18:06.0363 0x1a7e0 HidBth - ok
18:18:06.0386 0x1a7e0 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
18:18:06.0463 0x1a7e0 HidIr - ok
18:18:06.0492 0x1a7e0 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
18:18:06.0590 0x1a7e0 hidserv - ok
18:18:06.0644 0x1a7e0 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\drivers\hidusb.sys
18:18:06.0735 0x1a7e0 HidUsb - ok
18:18:06.0878 0x1a7e0 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:18:07.0073 0x1a7e0 hkmsvc - ok
18:18:07.0110 0x1a7e0 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:18:07.0200 0x1a7e0 HomeGroupListener - ok
18:18:07.0220 0x1a7e0 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:18:07.0330 0x1a7e0 HomeGroupProvider - ok
18:18:07.0366 0x1a7e0 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
18:18:07.0432 0x1a7e0 HpSAMD - ok
18:18:07.0487 0x1a7e0 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:18:07.0718 0x1a7e0 HTTP - ok
18:18:07.0848 0x1a7e0 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
18:18:07.0957 0x1a7e0 hwpolicy - ok
18:18:08.0240 0x1a7e0 [ 16A7CA284629A4D002F7B992C9A49EF9, FEA48B8DAAE18042C87F05D7C07251F4543D0E9F49C7B705E55477E7F75884A3 ] HyperW7Svc C:\Program Files\Lenovo\RapidBoot\HyperW7Svc64.exe
18:18:08.0365 0x1a7e0 HyperW7Svc - ok
18:18:08.0384 0x1a7e0 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
18:18:08.0629 0x1a7e0 i8042prt - ok
18:18:08.0689 0x1a7e0 [ D1753C06EE17E29352B065EACF3F10D0, 4DD4C991FAA3CCF99DF8DC9F8F5DEEDEECD55977F0C3AA8C404DEFD21E32A62B ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
18:18:08.0757 0x1a7e0 iaStor - ok
18:18:08.0879 0x1a7e0 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
18:18:08.0969 0x1a7e0 iaStorV - ok
18:18:08.0987 0x1a7e0 [ 72B253CDBCAA10E88AAD0BA39CC83BCD, 95FDC0E622C215D912607DDFC3D703AE0D9505960F98A418F44B7A9FA675B996 ] IBMPMDRV C:\Windows\system32\DRIVERS\ibmpmdrv.sys
18:18:09.0035 0x1a7e0 IBMPMDRV - ok
18:18:09.0059 0x1a7e0 [ 4925FFB084C9AD02E8EEF01FB18BF5AC, B08CC31F9DB444C7A3E1DE0B294A573A6F58F440D9ADF4062835320129E10FD0 ] IBMPMSVC C:\Windows\system32\ibmpmsvc.exe
18:18:09.0092 0x1a7e0 IBMPMSVC - ok
18:18:09.0168 0x1a7e0 [ 60CC7AE9AEDB4D1E7923BD053B176D97, 52783EE81DCA8267267ADD862A1BF049765BB154F904196B55C0CA26E30FD393 ] ibtfltcoex C:\Windows\system32\DRIVERS\iBtFltCoex.sys
18:18:09.0208 0x1a7e0 ibtfltcoex - ok
18:18:09.0271 0x1a7e0 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:18:09.0364 0x1a7e0 idsvc - ok
18:18:09.0372 0x1a7e0 IEEtwCollectorService - ok
18:18:10.0410 0x1a7e0 [ 371D7F91C0D2314EB984A4A6CBEABC92, DD4B04308596C1E6C75B8772D4421137F3A83285DBCFD4DF54166D2B0B45A317 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
18:18:11.0288 0x1a7e0 igfx - ok
18:18:11.0337 0x1a7e0 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
18:18:11.0481 0x1a7e0 iirsp - ok
18:18:11.0546 0x1a7e0 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
18:18:11.0640 0x1a7e0 IKEEXT - ok
18:18:16.0896 0x1a7e0 [ CADDF0927DAC63EDAE48F5C35A61D87D, C46006461311B1563C1D149B9D60B202F30147265B9D93069B084D03A09D2BEC ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
18:18:16.0930 0x1a7e0 intaud_WaveExtensible - ok
18:18:17.0614 0x1a7e0 [ D20E649D87193BBCEE5CB0EAB75F96A4, FD73C7B14A2B6ECDD885FA19AD1C4021949D05214C95F3E4C0DC0C3567A40D52 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
18:18:18.0187 0x1a7e0 IntcAzAudAddService - ok
18:18:18.0311 0x1a7e0 [ 6C9FFFECA9FED31347D211C5D1FFBD2D, 36CF8B847FAED0D978B3169ED550CC958025902CAC1D7D304E2684B2483E72B8 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
18:18:18.0445 0x1a7e0 IntcDAud - ok
18:18:18.0618 0x1a7e0 [ 832CE330DD987227B7DEA8C03F22AEFA, 3DE64D9519D9D865D4C1AA7483D846F0154392B6685BDC451DEC7DA5EA0E2B2E ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
18:18:18.0690 0x1a7e0 Intel(R) Capability Licensing Service Interface - ok
18:18:18.0823 0x1a7e0 [ EC0BE932BECA8A61479DD572C09115ED, CE6538C905204B99B681B2A806BE6D45CCCE1012CD058CEA2E36E1E59A991F7E ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
18:18:18.0935 0x1a7e0 Intel(R) ME Service - ok
18:18:19.0163 0x1a7e0 [ 5529614F79A407FD40845A8011D86082, 7F9D24F1094845F8CA36807D82D753228CC435DD2685AEFFA965FCE7E9BADDA5 ] Intel(R) Small Business Advantage C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe
18:18:19.0210 0x1a7e0 Intel(R) Small Business Advantage - ok
18:18:19.0238 0x1a7e0 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
18:18:19.0282 0x1a7e0 intelide - ok
18:18:19.0329 0x1a7e0 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:18:19.0426 0x1a7e0 intelppm - ok
18:18:19.0457 0x1a7e0 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:18:19.0673 0x1a7e0 IPBusEnum - ok
18:18:19.0696 0x1a7e0 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:18:19.0828 0x1a7e0 IpFilterDriver - ok
18:18:19.0945 0x1a7e0 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
18:18:20.0037 0x1a7e0 iphlpsvc - ok
18:18:20.0081 0x1a7e0 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
18:18:20.0124 0x1a7e0 IPMIDRV - ok
18:18:20.0155 0x1a7e0 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
18:18:20.0270 0x1a7e0 IPNAT - ok
18:18:20.0323 0x1a7e0 [ 68A5EDD4843CF0033BAE537C9C495F69, 386C66A6562218D0F0A616D75457CDA4B82DB87DC3DA83935497819963DB6D86 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
18:18:20.0445 0x1a7e0 iPod Service - ok
18:18:20.0461 0x1a7e0 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:18:20.0537 0x1a7e0 IRENUM - ok
18:18:20.0555 0x1a7e0 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:18:20.0602 0x1a7e0 isapnp - ok
18:18:20.0639 0x1a7e0 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
18:18:20.0693 0x1a7e0 iScsiPrt - ok
18:18:20.0761 0x1a7e0 [ 846354992EBB373F452EB9182D501B08, 453459133DCA875E93CAAE9852E652F3794F8C31CE53526C47A181FDBABE6849 ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
18:18:20.0800 0x1a7e0 iusb3hcs - ok
18:18:20.0855 0x1a7e0 [ 1D88A23853387D34D52CC8F9DDBFC56C, D00083B61E93E7E1D247EAB332787912FCF7605AF7043F071238C50E4A15016B ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
18:18:20.0927 0x1a7e0 iusb3hub - ok
18:18:20.0978 0x1a7e0 [ FC5EFD7C797DF19DFB999F0605A7924E, C56CE3840F3B11D81BED38E5F59ABCA190DFB7127F06263193870312A83379AF ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
18:18:21.0095 0x1a7e0 iusb3xhc - ok
18:18:21.0129 0x1a7e0 [ 716F66336F10885D935B08174DC54242, 1992708956A2A45A8870CFCB532F3ABF24B1143B75EF32AB1F59D5D86E65F493 ] iwdbus C:\Windows\system32\DRIVERS\iwdbus.sys
18:18:21.0161 0x1a7e0 iwdbus - ok
18:18:21.0217 0x1a7e0 [ 0043D9FB61C35F90886B1E93DD556FAF, B17B993928281252A75997939F2E45E98E7FB9D22941CC76E332AFF8706EDEC9 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
18:18:21.0273 0x1a7e0 jhi_service - ok
18:18:21.0311 0x1a7e0 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
18:18:21.0362 0x1a7e0 kbdclass - ok
18:18:21.0391 0x1a7e0 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
18:18:21.0433 0x1a7e0 kbdhid - ok
18:18:21.0458 0x1a7e0 [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] KeyIso C:\Windows\system32\lsass.exe
18:18:21.0496 0x1a7e0 KeyIso - ok
18:18:21.0543 0x1a7e0 [ C60C6B9A2E50B0404F6789C62B428C03, 0DFFAACBA038FB3D994049E7BBC8E0C63CB8B4A68C4AB770AD995B66B017C25B ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:18:21.0888 0x1a7e0 KSecDD - ok
18:18:21.0976 0x1a7e0 [ 78D152A9FD5747FF6AA89C79F0346F62, 69138077E84E5324751E3C8B80D05BE58EDF03CEC84F69B734537F10F6998F3B ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
18:18:22.0020 0x1a7e0 KSecPkg - ok
18:18:22.0066 0x1a7e0 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
18:18:22.0170 0x1a7e0 ksthunk - ok
18:18:22.0239 0x1a7e0 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
18:18:22.0354 0x1a7e0 KtmRm - ok
18:18:22.0399 0x1a7e0 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
18:18:22.0550 0x1a7e0 LanmanServer - ok
18:18:22.0574 0x1a7e0 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:18:22.0661 0x1a7e0 LanmanWorkstation - ok
18:18:22.0703 0x1a7e0 [ 4A0235E9822B220339E34D8C122BB6D1, 75FE0158F4123E3252F543FED3F622547F32EE15B1ABA16C8D23405B6BAEBCE5 ] LENOVO.CAMMUTE C:\Program Files\Lenovo\Communications Utility\CAMMUTE.exe
18:18:22.0771 0x1a7e0 LENOVO.CAMMUTE - ok
18:18:22.0818 0x1a7e0 [ 340288B3B2EDC8AFD5FF127DF85142A7, 595103B5CCDC83D8E4617D2C3E8ED91C88A78ACF11BC9478E9244C510DD50A80 ] LENOVO.MICMUTE C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
18:18:22.0888 0x1a7e0 LENOVO.MICMUTE - ok
18:18:22.0906 0x1a7e0 [ 93921A19D885755B9751C3744DBCB8FD, A1A59DE5819D2C4D4CEA4917DAB569925928165177F0B081D5C03BD6D7EFE3D2 ] LENOVO.TPKNRSVC C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
18:18:22.0941 0x1a7e0 LENOVO.TPKNRSVC - ok
18:18:22.0954 0x1a7e0 [ 79F99A4D59825839B7E563B4BCF52C5E, 3D7B1F292A36E8E4109557B880603B7BEB512457CC495F591DCE44EC34AA0E39 ] LENOVO.TVTVCAM C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
18:18:23.0000 0x1a7e0 LENOVO.TVTVCAM - ok
18:18:23.0017 0x1a7e0 [ F7DE50781DC4D162C1005EB30D98F931, CDD07CD2E300DCD818CF97AC05CAFD2BA5568CEA10622D69E156CFC936DD4769 ] Lenovo.VIRTSCRLSVC C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe
18:18:23.0064 0x1a7e0 Lenovo.VIRTSCRLSVC - ok
18:18:23.0083 0x1a7e0 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:18:23.0192 0x1a7e0 lltdio - ok
18:18:23.0242 0x1a7e0 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:18:23.0341 0x1a7e0 lltdsvc - ok
18:18:23.0378 0x1a7e0 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
18:18:23.0471 0x1a7e0 lmhosts - ok
18:18:23.0527 0x1a7e0 [ 2FB262276D1C689C6886B1C0710342FA, 99129F79FB17B7224CF7C8324A12D464D2611BF6B4467A3697B8E3AFE8A95052 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
18:18:23.0585 0x1a7e0 LMS - ok
18:18:23.0632 0x1a7e0 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
18:18:23.0679 0x1a7e0 LSI_FC - ok
18:18:23.0703 0x1a7e0 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
18:18:23.0756 0x1a7e0 LSI_SAS - ok
18:18:23.0779 0x1a7e0 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
18:18:23.0815 0x1a7e0 LSI_SAS2 - ok
18:18:23.0838 0x1a7e0 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
18:18:23.0877 0x1a7e0 LSI_SCSI - ok
18:18:23.0909 0x1a7e0 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
18:18:24.0033 0x1a7e0 luafv - ok
18:18:24.0078 0x1a7e0 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:18:24.0147 0x1a7e0 Mcx2Svc - ok
18:18:24.0219 0x1a7e0 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
18:18:24.0300 0x1a7e0 megasas - ok
18:18:24.0361 0x1a7e0 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
18:18:24.0413 0x1a7e0 MegaSR - ok
18:18:24.0454 0x1a7e0 [ 6B01B7414A105B9E51652089A03027CF, 9B113DC22F7D0D0B376E577C6D7083F9EDC09BBFE47726393E16D4FDAAAE21FE ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
18:18:24.0486 0x1a7e0 MEIx64 - ok
18:18:24.0526 0x1a7e0 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
18:18:24.0622 0x1a7e0 MMCSS - ok
18:18:24.0646 0x1a7e0 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
18:18:24.0759 0x1a7e0 Modem - ok
18:18:24.0787 0x1a7e0 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:18:24.0837 0x1a7e0 monitor - ok
18:18:24.0862 0x1a7e0 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:18:24.0905 0x1a7e0 mouclass - ok
18:18:24.0949 0x1a7e0 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\drivers\mouhid.sys
18:18:25.0001 0x1a7e0 mouhid - ok
18:18:25.0026 0x1a7e0 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
18:18:25.0067 0x1a7e0 mountmgr - ok
18:18:25.0114 0x1a7e0 [ 6C452A07E4F72B31FB93DA153D083179, 86D5F283690ACF1F3A2A518F16921F194F1E4994090A43FA223785A122C5F948 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:18:25.0153 0x1a7e0 MozillaMaintenance - ok
18:18:25.0184 0x1a7e0 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
18:18:25.0227 0x1a7e0 mpio - ok
18:18:25.0262 0x1a7e0 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:18:25.0348 0x1a7e0 mpsdrv - ok
18:18:25.0434 0x1a7e0 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
18:18:25.0581 0x1a7e0 MpsSvc - ok
18:18:25.0759 0x1a7e0 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:18:25.0895 0x1a7e0 MRxDAV - ok
18:18:25.0938 0x1a7e0 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:18:26.0001 0x1a7e0 mrxsmb - ok
18:18:26.0064 0x1a7e0 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:18:26.0124 0x1a7e0 mrxsmb10 - ok
18:18:26.0134 0x1a7e0 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:18:26.0208 0x1a7e0 mrxsmb20 - ok
18:18:26.0226 0x1a7e0 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
18:18:26.0259 0x1a7e0 msahci - ok
18:18:26.0318 0x1a7e0 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:18:26.0360 0x1a7e0 msdsm - ok
18:18:26.0394 0x1a7e0 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
18:18:26.0447 0x1a7e0 MSDTC - ok
18:18:26.0499 0x1a7e0 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:18:26.0581 0x1a7e0 Msfs - ok
18:18:26.0615 0x1a7e0 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
18:18:26.0692 0x1a7e0 mshidkmdf - ok
18:18:26.0712 0x1a7e0 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:18:26.0752 0x1a7e0 msisadrv - ok
18:18:26.0806 0x1a7e0 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:18:27.0072 0x1a7e0 MSiSCSI - ok
18:18:27.0079 0x1a7e0 msiserver - ok
18:18:27.0115 0x1a7e0 [ 49CCF2C4FEA34FFAD8B1B59D49439366,
|
|
06.03.2015, 18:49
| #7 |
| | Gerätemanager leer/ Email Account sendet Spam, etc.Code:
ATTFilter E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:18:27.0223 0x1a7e0 MSKSSRV - ok
18:18:27.0319 0x1a7e0 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:18:27.0527 0x1a7e0 MSPCLOCK - ok
18:18:27.0544 0x1a7e0 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:18:27.0689 0x1a7e0 MSPQM - ok
18:18:27.0998 0x1a7e0 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:18:28.0118 0x1a7e0 MsRPC - ok
18:18:28.0148 0x1a7e0 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
18:18:28.0197 0x1a7e0 mssmbios - ok
18:18:28.0240 0x1a7e0 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:18:28.0345 0x1a7e0 MSTEE - ok
18:18:28.0366 0x1a7e0 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
18:18:28.0420 0x1a7e0 MTConfig - ok
18:18:28.0717 0x1a7e0 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
18:18:28.0828 0x1a7e0 Mup - ok
18:18:29.0216 0x1a7e0 [ 48C9BA25EDA90E3DB07ADAC8CD32F5F3, 9CAFFECB0F59CC758C646F886D7A9A276A152B94EE58564BD03FBB48C4C7E396 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
18:18:29.0269 0x1a7e0 MyWiFiDHCPDNS - ok
18:18:29.0303 0x1a7e0 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
18:18:29.0427 0x1a7e0 napagent - ok
18:18:29.0492 0x1a7e0 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:18:29.0567 0x1a7e0 NativeWifiP - ok
18:18:29.0719 0x1a7e0 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
18:18:29.0847 0x1a7e0 NDIS - ok
18:18:29.0896 0x1a7e0 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
18:18:29.0992 0x1a7e0 NdisCap - ok
18:18:30.0018 0x1a7e0 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:18:30.0118 0x1a7e0 NdisTapi - ok
18:18:30.0143 0x1a7e0 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:18:30.0234 0x1a7e0 Ndisuio - ok
18:18:30.0251 0x1a7e0 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:18:30.0396 0x1a7e0 NdisWan - ok
18:18:30.0407 0x1a7e0 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:18:30.0552 0x1a7e0 NDProxy - ok
18:18:30.0601 0x1a7e0 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:18:30.0694 0x1a7e0 NetBIOS - ok
18:18:30.0730 0x1a7e0 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
18:18:30.0836 0x1a7e0 NetBT - ok
18:18:30.0893 0x1a7e0 [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] Netlogon C:\Windows\system32\lsass.exe
18:18:30.0950 0x1a7e0 Netlogon - ok
18:18:31.0041 0x1a7e0 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
18:18:31.0183 0x1a7e0 Netman - ok
18:18:31.0280 0x1a7e0 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:18:31.0344 0x1a7e0 NetMsmqActivator - ok
18:18:31.0376 0x1a7e0 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:18:31.0427 0x1a7e0 NetPipeActivator - ok
18:18:31.0483 0x1a7e0 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
18:18:31.0667 0x1a7e0 netprofm - ok
18:18:31.0704 0x1a7e0 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:18:31.0793 0x1a7e0 NetTcpActivator - ok
18:18:31.0806 0x1a7e0 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:18:31.0862 0x1a7e0 NetTcpPortSharing - ok
18:18:32.0707 0x1a7e0 [ FAD6C5610D020534401966CD72A1C306, 49D1AF9682464638BF7AC29A83E090F037543C3AA1F7E5970040633AFD5EAF29 ] NETwNs64 C:\Windows\system32\DRIVERS\Netwsw00.sys
18:18:33.0460 0x1a7e0 NETwNs64 - ok
18:18:33.0547 0x1a7e0 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
18:18:33.0604 0x1a7e0 nfrd960 - ok
18:18:33.0656 0x1a7e0 [ BC4B7FA7F7EBE5E9CC70885A2CB727D0, 0BC3EF7B5CEC9A4639607E5F901A65296F150B451714DF754847637D98CD8D98 ] NitroDriverReadSpool2 C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe
18:18:33.0703 0x1a7e0 NitroDriverReadSpool2 - ok
18:18:33.0740 0x1a7e0 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
18:18:33.0954 0x1a7e0 NlaSvc - ok
18:18:33.0975 0x1a7e0 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:18:34.0097 0x1a7e0 Npfs - ok
18:18:34.0119 0x1a7e0 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
18:18:34.0292 0x1a7e0 nsi - ok
18:18:34.0331 0x1a7e0 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:18:34.0436 0x1a7e0 nsiproxy - ok
18:18:34.0578 0x1a7e0 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:18:34.0782 0x1a7e0 Ntfs - ok
18:18:34.0835 0x1a7e0 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
18:18:34.0984 0x1a7e0 Null - ok
18:18:35.0923 0x1a7e0 [ E8A440D7DA4274707F32891426F45DD9, 8307A262165C483776FF15F03DF20EC05E37A66E72A29F6F3A6E7D63E919ADDE ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:18:37.0015 0x1a7e0 nvlddmkm - ok
18:18:37.0087 0x1a7e0 [ F4C74D07E7F188C7ECE069FF310F3193, 04AD203845E575DE9CF51580985F36326924D7D910DAE586C420E6711DF9F0CB ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
18:18:37.0235 0x1a7e0 nvpciflt - ok
18:18:37.0278 0x1a7e0 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:18:37.0576 0x1a7e0 nvraid - ok
18:18:37.0603 0x1a7e0 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:18:37.0791 0x1a7e0 nvstor - ok
18:18:37.0946 0x1a7e0 [ C1770F3E6E8B0D018A5ED044415F7B0C, C78411DD86D8861EE4A4ADB78455962C65F506B5CC39F09E8649198460964E70 ] nvsvc C:\Windows\system32\nvvsvc.exe
18:18:38.0126 0x1a7e0 nvsvc - ok
18:18:38.0849 0x1a7e0 [ 21FC78141FF8989983E9031966D957FC, 2D193EFC6133E0BE099271625D91BB1CD33F7BC736AEDFDEAA16EF6C9C51EF9B ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
18:18:39.0144 0x1a7e0 nvUpdatusService - ok
18:18:39.0187 0x1a7e0 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:18:39.0436 0x1a7e0 nv_agp - ok
18:18:39.0503 0x1a7e0 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
18:18:39.0582 0x1a7e0 ohci1394 - ok
18:18:39.0619 0x1a7e0 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
18:18:39.0736 0x1a7e0 p2pimsvc - ok
18:18:40.0059 0x1a7e0 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
18:18:40.0160 0x1a7e0 p2psvc - ok
18:18:40.0208 0x1a7e0 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
18:18:40.0311 0x1a7e0 Parport - ok
18:18:40.0332 0x1a7e0 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:18:40.0383 0x1a7e0 partmgr - ok
18:18:40.0454 0x1a7e0 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
18:18:40.0558 0x1a7e0 PcaSvc - ok
18:18:40.0625 0x1a7e0 [ 3FDE033DFB0D07F8B7D5C9A3044AA121, 2C23B4FA34BA3060884B0168A830DD395A3853855CD6DF4065FBB303DFB4A87E ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
18:18:40.0720 0x1a7e0 pccsmcfd - ok
18:18:40.0750 0x1a7e0 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
18:18:40.0839 0x1a7e0 pci - ok
18:18:40.0888 0x1a7e0 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
18:18:40.0921 0x1a7e0 pciide - ok
18:18:40.0952 0x1a7e0 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
18:18:41.0002 0x1a7e0 pcmcia - ok
18:18:41.0024 0x1a7e0 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
18:18:41.0079 0x1a7e0 pcw - ok
18:18:41.0120 0x1a7e0 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:18:41.0271 0x1a7e0 PEAUTH - ok
18:18:41.0464 0x1a7e0 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
18:18:41.0567 0x1a7e0 PerfHost - ok
18:18:41.0688 0x1a7e0 [ B4C1BF666DBD6899EC4A9A499DAA040B, D6F9E42F25DCBE19A3766165D96CC2D30E834B19B841688FD6A2E26FD9166315 ] PHCORE C:\Program Files\Lenovo\RapidBoot\PHCORE64.SYS
18:18:41.0748 0x1a7e0 PHCORE - ok
18:18:41.0836 0x1a7e0 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
18:18:42.0005 0x1a7e0 pla - ok
18:18:42.0062 0x1a7e0 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:18:42.0151 0x1a7e0 PlugPlay - ok
18:18:42.0191 0x1a7e0 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
18:18:42.0261 0x1a7e0 PNRPAutoReg - ok
18:18:42.0296 0x1a7e0 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
18:18:42.0355 0x1a7e0 PNRPsvc - ok
18:18:42.0480 0x1a7e0 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:18:42.0608 0x1a7e0 PolicyAgent - ok
18:18:42.0765 0x1a7e0 [ A2CCA4FB273E6050F17A0A416CFF2FCD, C42BA18DF0C8E3F7358669A784E51E4DC7A4112096345EA699EDC95F561E0255 ] Power C:\Windows\system32\umpo.dll
18:18:42.0860 0x1a7e0 Power - ok
18:18:43.0001 0x1a7e0 [ DEED60F99C5B8E386D507860F600D509, 1662F4F7C2CB305C6794B0FF546550393DC7C7FCC709C2D342A7092B446830AA ] Power Manager DBC Service C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE
18:18:43.0168 0x1a7e0 Power Manager DBC Service - ok
18:18:43.0207 0x1a7e0 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:18:43.0321 0x1a7e0 PptpMiniport - ok
18:18:43.0339 0x1a7e0 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
18:18:43.0423 0x1a7e0 Processor - ok
18:18:43.0457 0x1a7e0 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
18:18:43.0520 0x1a7e0 ProfSvc - ok
18:18:43.0534 0x1a7e0 [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:18:43.0571 0x1a7e0 ProtectedStorage - ok
18:18:43.0589 0x1a7e0 [ 05A4779E4994B21473EDBE85AABE8030, AFD597461B036FDE42013648A4D542B02AE1D7E128BF0B193BA4B478432F0C72 ] psadd C:\Windows\system32\DRIVERS\psadd.sys
18:18:43.0643 0x1a7e0 psadd - ok
18:18:43.0667 0x1a7e0 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
18:18:43.0750 0x1a7e0 Psched - ok
18:18:43.0912 0x1a7e0 [ 68DCE950DCD2ABBB82362D383EC5836E, 5A3E0ABE32BA53A0D719757222455BE9308844C4968CA27B178C86BCF6FDC4DC ] PwmEWSvc C:\Program Files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE
18:18:44.0069 0x1a7e0 PwmEWSvc - ok
18:18:44.0182 0x1a7e0 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
18:18:44.0324 0x1a7e0 ql2300 - ok
18:18:44.0387 0x1a7e0 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
18:18:44.0439 0x1a7e0 ql40xx - ok
18:18:44.0469 0x1a7e0 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
18:18:44.0535 0x1a7e0 QWAVE - ok
18:18:44.0559 0x1a7e0 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:18:44.0637 0x1a7e0 QWAVEdrv - ok
18:18:44.0654 0x1a7e0 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:18:44.0805 0x1a7e0 RasAcd - ok
18:18:44.0870 0x1a7e0 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
18:18:45.0014 0x1a7e0 RasAgileVpn - ok
18:18:45.0068 0x1a7e0 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
18:18:45.0212 0x1a7e0 RasAuto - ok
18:18:45.0230 0x1a7e0 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:18:45.0349 0x1a7e0 Rasl2tp - ok
18:18:45.0369 0x1a7e0 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
18:18:45.0506 0x1a7e0 RasMan - ok
18:18:45.0531 0x1a7e0 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:18:45.0667 0x1a7e0 RasPppoe - ok
18:18:45.0677 0x1a7e0 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:18:45.0763 0x1a7e0 RasSstp - ok
18:18:45.0828 0x1a7e0 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:18:46.0057 0x1a7e0 rdbss - ok
18:18:46.0079 0x1a7e0 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
18:18:46.0119 0x1a7e0 rdpbus - ok
18:18:46.0146 0x1a7e0 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:18:46.0276 0x1a7e0 RDPCDD - ok
18:18:46.0288 0x1a7e0 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:18:46.0365 0x1a7e0 RDPENCDD - ok
18:18:46.0383 0x1a7e0 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
18:18:46.0485 0x1a7e0 RDPREFMP - ok
18:18:46.0531 0x1a7e0 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:18:46.0783 0x1a7e0 RDPWD - ok
18:18:46.0871 0x1a7e0 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
18:18:46.0961 0x1a7e0 rdyboost - ok
18:18:47.0044 0x1a7e0 [ 0C2B4C3B10D183BE116A38353E937F62, 2523E6FAB400EA1F9B4A634C1CC427D1D6FDE4B36018FF469470961EB8E432FA ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
18:18:47.0209 0x1a7e0 RegSrvc - ok
18:18:47.0278 0x1a7e0 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
18:18:47.0574 0x1a7e0 RemoteAccess - ok
18:18:47.0608 0x1a7e0 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:18:47.0763 0x1a7e0 RemoteRegistry - ok
18:18:48.0013 0x1a7e0 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
18:18:48.0317 0x1a7e0 RFCOMM - ok
18:18:48.0355 0x1a7e0 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
18:18:48.0464 0x1a7e0 RpcEptMapper - ok
18:18:48.0493 0x1a7e0 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
18:18:48.0591 0x1a7e0 RpcLocator - ok
18:18:48.0763 0x1a7e0 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
18:18:48.0882 0x1a7e0 RpcSs - ok
18:18:49.0203 0x1a7e0 [ 7F324DFFCA5318EEF040DBE351D038D8, 114234D816894C1018181173395C8D0E80982D66818A9AA38803D761FA4E8D90 ] RSP2STOR C:\Windows\system32\DRIVERS\RtsP2Stor.sys
18:18:49.0263 0x1a7e0 RSP2STOR - ok
18:18:49.0311 0x1a7e0 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:18:49.0445 0x1a7e0 rspndr - ok
18:18:49.0695 0x1a7e0 [ 7F4F11527AF5A7E4526CB6A146B3E40C, 705177014374AB2F12AF4558344C35C206C2820BD1A16770173EA10D094D182B ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
18:18:49.0797 0x1a7e0 RTL8167 - ok
18:18:49.0843 0x1a7e0 [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] SamSs C:\Windows\system32\lsass.exe
18:18:49.0882 0x1a7e0 SamSs - ok
18:18:49.0924 0x1a7e0 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:18:49.0988 0x1a7e0 sbp2port - ok
18:18:50.0025 0x1a7e0 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:18:50.0184 0x1a7e0 SCardSvr - ok
18:18:50.0204 0x1a7e0 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
18:18:50.0294 0x1a7e0 scfilter - ok
18:18:50.0470 0x1a7e0 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
18:18:50.0623 0x1a7e0 Schedule - ok
18:18:50.0659 0x1a7e0 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
18:18:50.0733 0x1a7e0 SCPolicySvc - ok
18:18:50.0768 0x1a7e0 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:18:50.0841 0x1a7e0 SDRSVC - ok
18:18:50.0873 0x1a7e0 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:18:50.0955 0x1a7e0 secdrv - ok
18:18:51.0029 0x1a7e0 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
18:18:51.0109 0x1a7e0 seclogon - ok
18:18:51.0312 0x1a7e0 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
18:18:51.0394 0x1a7e0 SENS - ok
18:18:51.0455 0x1a7e0 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
18:18:51.0515 0x1a7e0 SensrSvc - ok
18:18:51.0557 0x1a7e0 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys
18:18:51.0597 0x1a7e0 Serenum - ok
18:18:51.0629 0x1a7e0 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys
18:18:51.0679 0x1a7e0 Serial - ok
18:18:51.0732 0x1a7e0 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
18:18:51.0795 0x1a7e0 sermouse - ok
18:18:51.0869 0x1a7e0 [ 78F7BB9F4924BE164294C59B8C3FC096, 75051A6A8B0DBB16CD70855A408134270EEAF0C127BAAE5B592DB53BB87C085B ] ServiceLayer C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
18:18:52.0020 0x1a7e0 ServiceLayer - ok
18:18:52.0110 0x1a7e0 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
18:18:52.0200 0x1a7e0 SessionEnv - ok
18:18:52.0249 0x1a7e0 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:18:52.0298 0x1a7e0 sffdisk - ok
18:18:52.0313 0x1a7e0 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:18:52.0364 0x1a7e0 sffp_mmc - ok
18:18:52.0417 0x1a7e0 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:18:52.0458 0x1a7e0 sffp_sd - ok
18:18:52.0487 0x1a7e0 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
18:18:52.0531 0x1a7e0 sfloppy - ok
18:18:52.0599 0x1a7e0 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:18:52.0698 0x1a7e0 SharedAccess - ok
18:18:52.0778 0x1a7e0 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:18:52.0887 0x1a7e0 ShellHWDetection - ok
18:18:52.0945 0x1a7e0 [ 7AC6FBFC13ABA3F15B05986412D10E10, B93E0E18C9883BAE7238389B8E2E3D66CB925BD62B293625FF8B6C3AF4501EC8 ] Shockprf C:\Windows\system32\DRIVERS\Apsx64.sys
18:18:52.0998 0x1a7e0 Shockprf - ok
18:18:53.0059 0x1a7e0 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
18:18:53.0092 0x1a7e0 SiSRaid2 - ok
18:18:53.0122 0x1a7e0 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
18:18:53.0168 0x1a7e0 SiSRaid4 - ok
18:18:53.0268 0x1a7e0 [ A9C057A9463C25490CF99EA8DF8A4B35, 8F4D1C40D0F17EDBF84ED455B8946F782C7552383F0A07E410A9B6CFF7F51D63 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
18:18:53.0341 0x1a7e0 SkypeUpdate - ok
18:18:53.0376 0x1a7e0 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:18:53.0455 0x1a7e0 Smb - ok
18:18:53.0529 0x1a7e0 [ 1D05A2E9067CD87E2C7D566DA47B9EEF, 4722688815D3DB0F6BFB417DCA34CD386EA2F27AA1DE326595725387F68244E9 ] SmbDrvIntel C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
18:18:53.0562 0x1a7e0 SmbDrvIntel - ok
18:18:53.0605 0x1a7e0 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:18:53.0665 0x1a7e0 SNMPTRAP - ok
18:18:53.0683 0x1a7e0 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
18:18:53.0716 0x1a7e0 spldr - ok
18:18:53.0807 0x1a7e0 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
18:18:53.0953 0x1a7e0 Spooler - ok
18:18:54.0199 0x1a7e0 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
18:18:54.0506 0x1a7e0 sppsvc - ok
18:18:54.0524 0x1a7e0 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
18:18:54.0747 0x1a7e0 sppuinotify - ok
18:18:54.0805 0x1a7e0 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
18:18:54.0956 0x1a7e0 srv - ok
18:18:54.0987 0x1a7e0 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:18:55.0148 0x1a7e0 srv2 - ok
18:18:55.0202 0x1a7e0 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:18:55.0254 0x1a7e0 srvnet - ok
18:18:55.0313 0x1a7e0 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:18:55.0442 0x1a7e0 SSDPSRV - ok
18:18:55.0469 0x1a7e0 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:18:55.0602 0x1a7e0 SstpSvc - ok
18:18:55.0633 0x1a7e0 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
18:18:55.0706 0x1a7e0 stexstor - ok
18:18:55.0791 0x1a7e0 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
18:18:56.0044 0x1a7e0 stisvc - ok
18:18:56.0195 0x1a7e0 [ F07850E89839894F731E4562B64E08A5, BF11E096E1CC57B57FFB4E0528DB43F6B049A7E8A0C00C34E03A00EF2F2092B6 ] SUService C:\Program Files (x86)\Lenovo\System Update\SUService.exe
18:18:56.0227 0x1a7e0 SUService - ok
18:18:56.0313 0x1a7e0 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
18:18:56.0368 0x1a7e0 swenum - ok
18:18:56.0414 0x1a7e0 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
18:18:56.0530 0x1a7e0 swprv - ok
18:18:56.0582 0x1a7e0 [ 1C402D9404BD874406D9C53FD40D1418, 7FE359E5EAA5E08119E3FA784409318C447FDC7296F871600492642484E83621 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
18:18:56.0649 0x1a7e0 SynTP - ok
18:18:56.0759 0x1a7e0 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
18:18:57.0004 0x1a7e0 SysMain - ok
18:18:57.0077 0x1a7e0 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:18:57.0151 0x1a7e0 TabletInputService - ok
18:18:57.0174 0x1a7e0 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
18:18:57.0340 0x1a7e0 TapiSrv - ok
18:18:57.0404 0x1a7e0 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
18:18:57.0589 0x1a7e0 TBS - ok
18:18:57.0715 0x1a7e0 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:18:58.0049 0x1a7e0 Tcpip - ok
18:18:58.0133 0x1a7e0 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
18:18:58.0301 0x1a7e0 TCPIP6 - ok
18:18:58.0429 0x1a7e0 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:18:58.0608 0x1a7e0 tcpipreg - ok
18:18:58.0641 0x1a7e0 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:18:58.0682 0x1a7e0 TDPIPE - ok
18:18:58.0724 0x1a7e0 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:18:58.0883 0x1a7e0 TDTCP - ok
18:18:58.0968 0x1a7e0 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:18:59.0074 0x1a7e0 tdx - ok
18:18:59.0344 0x1a7e0 [ 576918B02840A360702051BC4269B13F, ADC9798F280FB0238C63C798912264E88E244257DF8ACF1854343D14FAC73E19 ] TeamViewer8 C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
18:18:59.0725 0x1a7e0 TeamViewer8 - ok
18:18:59.0767 0x1a7e0 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
18:18:59.0803 0x1a7e0 TermDD - ok
18:18:59.0881 0x1a7e0 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
18:19:00.0102 0x1a7e0 TermService - ok
18:19:00.0143 0x1a7e0 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
18:19:00.0236 0x1a7e0 Themes - ok
18:19:00.0277 0x1a7e0 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
18:19:00.0474 0x1a7e0 THREADORDER - ok
18:19:00.0509 0x1a7e0 [ BC148E3415BF8A9DE83364966F75044F, 0F4604753E8202A7CA0F0C2E08983911327E0E44E453CE91B9B9A80A5554EC16 ] TPDIGIMN C:\Windows\system32\DRIVERS\ApsHM64.sys
18:19:00.0542 0x1a7e0 TPDIGIMN - ok
18:19:00.0572 0x1a7e0 [ BBD91008BEC4A2BA5D383BC9A15D6F9E, 6A61E05F2189CB586440E0D5CB0126282459EAE9F29C9DD2D6E4583D230BF29E ] TPHDEXLGSVC C:\Windows\system32\TPHDEXLG64.exe
18:19:00.0618 0x1a7e0 TPHDEXLGSVC - ok
18:19:00.0699 0x1a7e0 [ 83415782D47F8064FCAFEA308ABB2246, 24D407FFF78EB48A440E4929918C92AEF6F5CF8170A14019C22D36B30BB01A23 ] TPHKLOAD C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
18:19:00.0740 0x1a7e0 TPHKLOAD - ok
18:19:00.0774 0x1a7e0 [ 046A7B412E4E6C4A7B426441E143F0F2, 8E42A888087A4DE20828652049D54955806986422C6A67C7A42499A0FB1CA1E2 ] TPHKSVC C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
18:19:00.0836 0x1a7e0 TPHKSVC - ok
18:19:00.0863 0x1a7e0 [ DBCC20C02E8A3E43B03C304A4E40A84F, BF5F3ACCB0342304A6870E94D2576644B08DBF307C853C7DBA4B82B0C7309DA4 ] TPM C:\Windows\system32\drivers\tpm.sys
18:19:00.0919 0x1a7e0 TPM - ok
18:19:00.0950 0x1a7e0 [ 1DF6E6C026AD1D428687FE3B427A87BC, DA8F17A1030A0DEC81F5356B4DC99EC1F93FAD1292779191FDD53FEE530F9520 ] TPPWRIF C:\Windows\system32\drivers\Tppwr64v.sys
18:19:00.0998 0x1a7e0 TPPWRIF - ok
18:19:01.0024 0x1a7e0 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
18:19:01.0133 0x1a7e0 TrkWks - ok
18:19:01.0252 0x1a7e0 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:19:01.0366 0x1a7e0 TrustedInstaller - ok
18:19:01.0409 0x1a7e0 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:19:01.0456 0x1a7e0 tssecsrv - ok
18:19:01.0483 0x1a7e0 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
18:19:01.0541 0x1a7e0 TsUsbFlt - ok
18:19:01.0582 0x1a7e0 [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
18:19:01.0650 0x1a7e0 TsUsbGD - ok
18:19:01.0670 0x1a7e0 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:19:01.0753 0x1a7e0 tunnel - ok
18:19:01.0790 0x1a7e0 [ D4915DB03B19F9FD50EC084CC0ED15FC, 1CA899C0D48E69825DB27A4A52D8A3FEBA00A47C2D0E2FC0F5F358D15B7F3496 ] TVTI2C C:\Windows\system32\DRIVERS\Tvti2c.sys
18:19:01.0831 0x1a7e0 TVTI2C - ok
18:19:01.0858 0x1a7e0 [ 760B34088C2AD8D634CC3784EF3A2CA2, 20D23EDBDE7EBBA495C032097E7C5B1C6F94037971D9B2D6B98ABE11E7FF3643 ] tvtvcamd C:\Windows\system32\DRIVERS\tvtvcamd.sys
18:19:01.0890 0x1a7e0 tvtvcamd - ok
18:19:01.0938 0x1a7e0 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
18:19:01.0974 0x1a7e0 uagp35 - ok
18:19:02.0019 0x1a7e0 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:19:02.0184 0x1a7e0 udfs - ok
18:19:02.0242 0x1a7e0 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:19:02.0309 0x1a7e0 UI0Detect - ok
18:19:02.0328 0x1a7e0 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:19:02.0364 0x1a7e0 uliagpkx - ok
18:19:02.0386 0x1a7e0 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
18:19:02.0471 0x1a7e0 umbus - ok
18:19:02.0497 0x1a7e0 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
18:19:02.0546 0x1a7e0 UmPass - ok
18:19:02.0645 0x1a7e0 [ CABEC311CEA77EAEA3DC04A1ADFC0459, EC857EB3E22941E8915709B2E2CFB7BB662004121EC7DBE495FC40597BF194CB ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
18:19:02.0722 0x1a7e0 UNS - ok
18:19:02.0788 0x1a7e0 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
18:19:02.0914 0x1a7e0 upnphost - ok
18:19:02.0971 0x1a7e0 [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
18:19:03.0071 0x1a7e0 USBAAPL64 - ok
18:19:03.0137 0x1a7e0 [ 91D3C92A44FC682DD791147604E79152, AA0B6799BF9C26C2C1793C91295288A4989AA43EC5E070B650DA7F0A142817CE ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:19:03.0188 0x1a7e0 usbccgp - ok
18:19:03.0226 0x1a7e0 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:19:03.0283 0x1a7e0 usbcir - ok
18:19:03.0322 0x1a7e0 [ F7FFDF2A1D19A76A87759126B244C816, C91F09D77E22D976952A46F7B93F611B719EDAF694D538242FA8FAF1BA9BB2F0 ] usbehci C:\Windows\system32\drivers\usbehci.sys
18:19:03.0429 0x1a7e0 usbehci - ok
18:19:03.0462 0x1a7e0 [ 245FE7FC634D6A993E682E0A9EBA4ABB, F7A536D215EE3A63358EC8B5946D7BB3B56357BF91347B07013E00DAC98775B6 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:19:03.0556 0x1a7e0 usbhub - ok
18:19:03.0580 0x1a7e0 [ C1A8966E0D09BFB501045105B30D86F2, 5BB95FBA441B898E258A3BFE174FC1042A04C19E25C59DE1FD90594290B11DA9 ] usbohci C:\Windows\system32\drivers\usbohci.sys
18:19:03.0630 0x1a7e0 usbohci - ok
18:19:03.0688 0x1a7e0 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
18:19:03.0782 0x1a7e0 usbprint - ok
18:19:03.0820 0x1a7e0 [ AAA2513C8AED8B54B189FD0C6B1634C0, 02FEE0B756AA559C29477A19861AC16D5A3152DC3C897C7D466423438B6A5E42 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
18:19:03.0908 0x1a7e0 usbscan - ok
18:19:03.0927 0x1a7e0 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:19:03.0979 0x1a7e0 USBSTOR - ok
18:19:03.0991 0x1a7e0 [ 2E682DCE4319A90E02A327F8A427544A, 3528C5A4669BAD53041085C3E72C64388D308E42AD9D1FAC85B6F2FFD81610FB ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
18:19:04.0040 0x1a7e0 usbuhci - ok
18:19:04.0088 0x1a7e0 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
18:19:04.0197 0x1a7e0 usbvideo - ok
18:19:04.0225 0x1a7e0 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
18:19:04.0349 0x1a7e0 UxSms - ok
18:19:04.0368 0x1a7e0 [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] VaultSvc C:\Windows\system32\lsass.exe
18:19:04.0406 0x1a7e0 VaultSvc - ok
18:19:04.0577 0x1a7e0 [ 1352B215BDC5807A5641E7C143796DD7, B54F95307253BB81E4CEE4F2033782210652364DE6A1E833B27ECE7E04A2BD51 ] VBoxAswDrv C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys
18:19:04.0679 0x1a7e0 VBoxAswDrv - ok
18:19:04.0734 0x1a7e0 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
18:19:04.0770 0x1a7e0 vdrvroot - ok
18:19:04.0814 0x1a7e0 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
18:19:04.0928 0x1a7e0 vds - ok
18:19:04.0948 0x1a7e0 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:19:04.0993 0x1a7e0 vga - ok
18:19:05.0021 0x1a7e0 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
18:19:05.0102 0x1a7e0 VgaSave - ok
18:19:05.0138 0x1a7e0 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
18:19:05.0227 0x1a7e0 vhdmp - ok
18:19:05.0255 0x1a7e0 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
18:19:05.0340 0x1a7e0 viaide - ok
18:19:05.0400 0x1a7e0 [ 49C122513203B98B0B2C10211F23450B, 98C281A5F9A68C0E9F766EE136B72605C8724BA521B6A28E9B7232FFDB1108B9 ] VIPAppService C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
18:19:05.0438 0x1a7e0 VIPAppService - ok
18:19:05.0486 0x1a7e0 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:19:05.0527 0x1a7e0 volmgr - ok
18:19:05.0573 0x1a7e0 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:19:05.0628 0x1a7e0 volmgrx - ok
18:19:05.0664 0x1a7e0 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:19:05.0716 0x1a7e0 volsnap - ok
18:19:05.0747 0x1a7e0 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
18:19:05.0789 0x1a7e0 vsmraid - ok
18:19:05.0913 0x1a7e0 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
18:19:06.0166 0x1a7e0 VSS - ok
18:19:06.0209 0x1a7e0 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
18:19:06.0281 0x1a7e0 vwifibus - ok
18:19:06.0299 0x1a7e0 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
18:19:06.0347 0x1a7e0 vwififlt - ok
18:19:06.0368 0x1a7e0 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
18:19:06.0440 0x1a7e0 vwifimp - ok
18:19:06.0475 0x1a7e0 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
18:19:06.0645 0x1a7e0 W32Time - ok
18:19:06.0673 0x1a7e0 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
18:19:06.0720 0x1a7e0 WacomPen - ok
18:19:06.0759 0x1a7e0 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
18:19:06.0875 0x1a7e0 WANARP - ok
18:19:06.0884 0x1a7e0 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:19:06.0964 0x1a7e0 Wanarpv6 - ok
18:19:07.0049 0x1a7e0 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
18:19:07.0200 0x1a7e0 WatAdminSvc - ok
18:19:07.0731 0x1a7e0 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
18:19:07.0972 0x1a7e0 wbengine - ok
18:19:08.0025 0x1a7e0 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
18:19:08.0257 0x1a7e0 WbioSrvc - ok
18:19:08.0314 0x1a7e0 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:19:08.0415 0x1a7e0 wcncsvc - ok
18:19:08.0460 0x1a7e0 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:19:08.0534 0x1a7e0 WcsPlugInService - ok
18:19:08.0568 0x1a7e0 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
18:19:08.0610 0x1a7e0 Wd - ok
18:19:08.0706 0x1a7e0 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:19:08.0820 0x1a7e0 Wdf01000 - ok
18:19:09.0097 0x1a7e0 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:19:09.0260 0x1a7e0 WdiServiceHost - ok
18:19:09.0308 0x1a7e0 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:19:09.0367 0x1a7e0 WdiSystemHost - ok
18:19:09.0432 0x1a7e0 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
18:19:09.0539 0x1a7e0 WebClient - ok
18:19:09.0597 0x1a7e0 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:19:09.0784 0x1a7e0 Wecsvc - ok
18:19:09.0796 0x1a7e0 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:19:09.0939 0x1a7e0 wercplsupport - ok
18:19:09.0950 0x1a7e0 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
18:19:10.0053 0x1a7e0 WerSvc - ok
18:19:10.0104 0x1a7e0 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
18:19:10.0189 0x1a7e0 WfpLwf - ok
18:19:10.0236 0x1a7e0 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
18:19:10.0344 0x1a7e0 WIMMount - ok
18:19:10.0371 0x1a7e0 WinDefend - ok
18:19:10.0385 0x1a7e0 WinHttpAutoProxySvc - ok
18:19:10.0474 0x1a7e0 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:19:10.0596 0x1a7e0 Winmgmt - ok
18:19:10.0723 0x1a7e0 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
18:19:10.0930 0x1a7e0 WinRM - ok
18:19:10.0972 0x1a7e0 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
18:19:11.0045 0x1a7e0 WinUsb - ok
18:19:11.0128 0x1a7e0 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
18:19:11.0256 0x1a7e0 Wlansvc - ok
18:19:11.0305 0x1a7e0 [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
18:19:11.0376 0x1a7e0 wlcrasvc - ok
18:19:11.0510 0x1a7e0 [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:19:11.0713 0x1a7e0 wlidsvc - ok
18:19:11.0753 0x1a7e0 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
18:19:11.0828 0x1a7e0 WmiAcpi - ok
18:19:11.0857 0x1a7e0 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:19:11.0911 0x1a7e0 wmiApSrv - ok
18:19:11.0963 0x1a7e0 WMPNetworkSvc - ok
18:19:12.0003 0x1a7e0 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:19:12.0098 0x1a7e0 WPCSvc - ok
18:19:12.0117 0x1a7e0 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:19:12.0207 0x1a7e0 WPDBusEnum - ok
18:19:12.0213 0x1a7e0 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:19:12.0292 0x1a7e0 ws2ifsl - ok
18:19:12.0324 0x1a7e0 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
18:19:12.0378 0x1a7e0 wscsvc - ok
18:19:12.0384 0x1a7e0 WSearch - ok
18:19:12.0523 0x1a7e0 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
18:19:12.0769 0x1a7e0 wuauserv - ok
18:19:12.0820 0x1a7e0 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:19:12.0969 0x1a7e0 WudfPf - ok
18:19:12.0995 0x1a7e0 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:19:13.0080 0x1a7e0 WUDFRd - ok
18:19:13.0160 0x1a7e0 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:19:13.0240 0x1a7e0 wudfsvc - ok
18:19:13.0292 0x1a7e0 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
18:19:13.0402 0x1a7e0 WwanSvc - ok
18:19:13.0641 0x1a7e0 [ D2FE4103450E52CB248D842501F84B90, 0775E540B5ACEE6FA90FC7BE87F45EB005F6593CDA252D64EBC509A350DDA038 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
18:19:13.0837 0x1a7e0 ZeroConfigService - ok
18:19:13.0856 0x1a7e0 ================ Scan global ===============================
18:19:13.0889 0x1a7e0 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
18:19:13.0940 0x1a7e0 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
18:19:13.0973 0x1a7e0 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
18:19:14.0016 0x1a7e0 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
18:19:14.0099 0x1a7e0 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
18:19:14.0126 0x1a7e0 [ Global ] - ok
18:19:14.0127 0x1a7e0 ================ Scan MBR ==================================
18:19:14.0139 0x1a7e0 [ BDADE448C594927E401160A1BBCFA8DB ] \Device\Harddisk0\DR0
18:19:14.0623 0x1a7e0 \Device\Harddisk0\DR0 - ok
18:19:14.0628 0x1a7e0 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
18:19:14.0681 0x1a7e0 \Device\Harddisk1\DR1 - ok
18:19:14.0682 0x1a7e0 ================ Scan VBR ==================================
18:19:14.0704 0x1a7e0 [ 9C730CD5A557BBE33A395192020E4E73 ] \Device\Harddisk0\DR0\Partition1
18:19:14.0705 0x1a7e0 \Device\Harddisk0\DR0\Partition1 - ok
18:19:14.0719 0x1a7e0 [ D704BFC3325C0705743A276148A518ED ] \Device\Harddisk0\DR0\Partition2
18:19:14.0722 0x1a7e0 \Device\Harddisk0\DR0\Partition2 - ok
18:19:14.0758 0x1a7e0 [ 8AB0F5EC3920C7C24DBF03DDEA6EB29F ] \Device\Harddisk0\DR0\Partition3
18:19:14.0761 0x1a7e0 \Device\Harddisk0\DR0\Partition3 - ok
18:19:14.0761 0x1a7e0 ================ Scan generic autorun ======================
18:19:14.0844 0x1a7e0 [ 09E49DAECE4059757EE985DFECAD24E4, E6588A454B9ABD73B2693A8B7DFE759995EEE35E2E54A73FBCF52859FB78DB6A ] C:\Windows\system32\hkcmd.exe
18:19:14.0916 0x1a7e0 HotKeysCmds - ok
18:19:14.0954 0x1a7e0 [ 3A8550BC11A49204BB2F8C70509F7CAD, E201B7E5D3405D06244FAF7EE236ED1A68A7534633B1A5C4DEC4593666EF628B ] C:\Windows\system32\igfxpers.exe
18:19:15.0017 0x1a7e0 Persistence - ok
18:19:15.0072 0x1a7e0 [ C8560742F5E4C77A91A75C14D3583604, EDFFBCF84667C47621D78C3239DCC296AC5295249CCE01850AE2578EC59FF045 ] C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
18:19:15.0146 0x1a7e0 BLEServicesCtrl - ok
18:19:15.0150 0x1a7e0 BTMTrayAgent - ok
18:19:15.0770 0x1a7e0 [ DC1DE44B8BAA1C165C4FB8208987EEE9, 58F4B3E82456D2078C764BB51B262A0C7180559348B6B2BD62490D718F757059 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
18:19:16.0672 0x1a7e0 RTHDVCPL - ok
18:19:16.0792 0x1a7e0 [ 813EE7316A9B44303D97DDE00626A527, 745F361D9EE969FC836D3D8B909BC9216471351AE828D2B3B6406245854FE01A ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
18:19:16.0939 0x1a7e0 RtHDVBg_Dolby - ok
18:19:16.0942 0x1a7e0 SynTPEnh - ok
18:19:16.0992 0x1a7e0 [ CA169D8C33B5C7D38F146146D635BB5A, 0F7C021BD92ECFF8FEE5D1D1F5920E85B53C1DE7874F21CEBCF9E9F2BD0590BF ] C:\Windows\system32\TpShocks.exe
18:19:17.0055 0x1a7e0 TpShocks - ok
18:19:17.0172 0x1a7e0 [ 98D545CE59F64C2C4D005A4A61BB0835, 22EEE378BF46A12E910429DECA5D68E38319A6BC20FEF3E2D7BC450D9141658A ] C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe
18:19:17.0268 0x1a7e0 LENOVO.TPKNRRES - ok
18:19:17.0315 0x1a7e0 [ F442241ED1840450DE1572BAAACC0EE0, 8878637DF4475BA967120470037CFDB147C46D8B4ED1661D4379D30EB3341135 ] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
18:19:17.0476 0x1a7e0 IMSS - ok
18:19:17.0526 0x1a7e0 [ 0307536FD43CC7BFB92F9DAC8DB913F1, 6C8BEDA4ADFBEF28E647B39B3EEA37A20BFE5C93C7EDA79471EFB46156197843 ] C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
18:19:17.0604 0x1a7e0 RotateImage - detected UnsignedFile.Multi.Generic ( 1 )
18:19:17.0605 0x1a7e0 Detect skipped due to KSN trusted
18:19:17.0605 0x1a7e0 RotateImage - ok
18:19:17.0973 0x1a7e0 [ 4D1DA8CE5E364D22B4FF00F163194514, 165DE474309206A0F51266F19EDB4AF3D7BAD19FDA61B636AEE7A04278DBBC2C ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
18:19:18.0054 0x1a7e0 USB3MON - ok
18:19:18.0060 0x1a7e0 PWMTRV - ok
18:19:18.0187 0x1a7e0 [ 2BC796293D7591AFA9DF3ABFF6D51875, DE22B212E27999BBFA0997E9C70966B4F36652DACE492FBFADDB554D3B612E73 ] C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
18:19:18.0313 0x1a7e0 Dolby Home Theater v4 - ok
18:19:18.0460 0x1a7e0 [ 885A81A05F749897A455F439E302F1BD, F4CF5980A7CE5449CF5CF1586AE0FCDE0F4C640CBDD0FE5C1870412017A3CB29 ] C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe
18:19:18.0808 0x1a7e0 Fastboot - ok
18:19:18.0866 0x1a7e0 [ 43E946AAD268FEAFB1E286677E70CB5D, 7798926B3CF11D1CF7DFF9B3D67AD3DC67010A62F3132CAEA273EB299A61B176 ] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
18:19:18.0940 0x1a7e0 Intel AppUp(SM) center - ok
18:19:19.0218 0x1a7e0 [ B3E053ED10DD568A3B292241F1A74D32, 62606F78FF968D7DF3EF04CD146749B525AEC9C438E9A897DA48F05577659DB2 ] C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe
18:19:19.0775 0x1a7e0 Lenovo Registration - ok
18:19:19.0830 0x1a7e0 [ BD2373A36D35709AFFC2482FC53E6650, 6120ACEF861854CC8EE47E56EDC078B8DEB66BE836E1836F4678B669F306953D ] C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\SBALaunchDelay.exe
18:19:19.0872 0x1a7e0 IntelSBA - ok
18:19:20.0176 0x1a7e0 [ 44ADDA5FB88EE14F57A246285775AC2F, 2776225BA9F22C553453541DA0285E093B4F2019DB6FE640D033BA45045299C8 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
18:19:20.0635 0x1a7e0 AvastUI.exe - ok
18:19:20.0737 0x1a7e0 [ 3B5045DDD039FAB9782851BC486FD92B, 12C59F9E79EB37F26FE0805585EA6B0DAFB41FB8A4FAE972774BC8E3815A1673 ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
18:19:20.0776 0x1a7e0 iTunesHelper - ok
18:19:20.0883 0x1a7e0 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
18:19:21.0061 0x1a7e0 Sidebar - ok
18:19:21.0098 0x1a7e0 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
18:19:21.0171 0x1a7e0 mctadmin - ok
18:19:21.0247 0x1a7e0 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
18:19:21.0375 0x1a7e0 Sidebar - ok
18:19:21.0386 0x1a7e0 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
18:19:21.0491 0x1a7e0 mctadmin - ok
18:19:21.0557 0x1a7e0 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
18:19:21.0679 0x1a7e0 Sidebar - ok
18:19:21.0740 0x1a7e0 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
18:19:21.0793 0x1a7e0 mctadmin - ok
18:19:21.0840 0x1a7e0 [ 5D61BE7DB55B026A5D61A3EED09D0EAD, D32CC7B31A6F98C60ABC313ABC7D1143681F72DE2BB2604711A0BA20710CAAAE ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
18:19:21.0889 0x1a7e0 swg - ok
18:19:21.0898 0x1a7e0 [ 5D61BE7DB55B026A5D61A3EED09D0EAD, D32CC7B31A6F98C60ABC313ABC7D1143681F72DE2BB2604711A0BA20710CAAAE ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
18:19:21.0949 0x1a7e0 swg - ok
18:19:22.0019 0x1a7e0 AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.0.2208.712 ), 0x41000 ( enabled : updated )
18:19:22.0025 0x1a7e0 Win FW state via NFP2: enabled
18:19:24.0777 0x1a7e0 ============================================================
18:19:24.0777 0x1a7e0 Scan finished
18:19:24.0777 0x1a7e0 ============================================================
18:19:24.0790 0x19ca8 Detected object count: 0
18:19:24.0790 0x19ca8 Actual detected object count: 0
|
|
07.03.2015, 13:03
| #8 |
| /// the machine /// TB-Ausbilder | Gerätemanager leer/ Email Account sendet Spam, etc. Is normal Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
07.03.2015, 15:57
| #9 |
| | Gerätemanager leer/ Email Account sendet Spam, etc. EDIT: vermute dass mir Windows defender reingegrätscht ist, von dem wusste ich gar nix  werde den jetzt mal deaktivierenDanke! Combofix macht mir leider Probleme: -beim 1. Versuch steckte es nach ca 25 minuten bei Stufe 49, nach 1 Stunde habe ich es beendet  -2. Versuch hing schon bei Stufe 5 -3. Versuch nach Neustart innerhalb von 8 minuten bei ca. Stufe 50 , Absturz mit bluescreen  Infos dazu hier: Code:
ATTFilter Problemsignatur:
Problemereignisname: BlueScreen
Betriebsystemversion: 6.1.7601.2.1.0.768.3
Gebietsschema-ID: 1031
Zusatzinformationen zum Problem:
BCCode: 1000007e
BCP1: FFFFFFFFC0000005
BCP2: FFFFF80003767479
BCP3: FFFFF88003747818
BCP4: FFFFF88003747070
OS Version: 6_1_7601
Service Pack: 1_0
Product: 768_1
Dateien, die bei der Beschreibung des Problems hilfreich sind:
C:\Windows\Minidump\030715-26223-01.dmp
C:\Users\helmet\AppData\Local\Temp\WER-77064-0.sysdata.xml
Lesen Sie unsere Datenschutzbestimmungen online:
hxxp://go.microsoft.com/fwlink/?linkid=104288&clcid=0x0407
Wenn die Onlinedatenschutzbestimmungen nicht verfügbar sind, lesen Sie unsere Datenschutzbestimmungen offline:
C:\Windows\system32\de-DE\erofflps.txt
Wat nun? Herrgottsack, kost das Zeit und Nerven wenn man keinen Plan hat  Aber ich lern ja draus...hoffe ich hab nix kaputtgemacht Hier das Logfile: Code:
ATTFilter ComboFix 15-03-01.01 - helmet 07.03.2015 15:41:56.4.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.3690.894 [GMT 1:00]
ausgeführt von:: c:\users\helmet\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\programdata\Roaming
Q:\AUTORUN.INF
.
.
((((((((((((((((((((((( Dateien erstellt von 2015-02-07 bis 2015-03-07 ))))))))))))))))))))))))))))))
.
.
2015-03-07 08:00 . 2015-03-07 08:00 -------- d-----w- c:\users\helmet\AppData\Local\Mozilla
2015-03-06 20:55 . 2015-03-06 20:55 -------- d-----w- c:\program files (x86)\Common Files\Java
2015-03-06 20:07 . 2015-03-06 20:07 -------- d-----w- c:\program files (x86)\iTunes
2015-03-06 20:07 . 2015-03-06 20:07 -------- d-----w- c:\program files\iPod
2015-03-06 20:07 . 2015-03-06 20:09 -------- d-----w- c:\programdata\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-03-06 20:07 . 2015-03-06 20:09 -------- d-----w- c:\program files\iTunes
2015-03-06 20:06 . 2015-03-06 20:06 -------- d-----w- c:\users\helmet\AppData\Roaming\Oracle
2015-03-06 17:16 . 2015-01-29 09:07 11910896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6A13307E-CB4B-40F5-A01D-F182204E7E81}\mpengine.dll
2015-03-06 16:37 . 2015-03-06 17:01 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-03-06 16:37 . 2015-03-06 16:37 136408 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-03-06 16:35 . 2015-03-06 16:35 107736 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-03-06 16:29 . 2015-03-06 16:31 -------- d-----w- c:\users\helmet\DesktopZeug
2015-03-06 12:13 . 2015-03-06 12:18 -------- d-----w- C:\FRST
2015-02-24 20:36 . 2015-02-24 20:36 -------- d-----w- c:\program files (x86)\Common Files\Skype
2015-02-24 20:36 . 2015-02-24 20:36 -------- d-----r- c:\program files (x86)\Skype
2015-02-21 21:59 . 2015-01-09 03:14 29696 ----a-w- c:\windows\system32\powertracker.dll
2015-02-21 21:59 . 2015-01-09 03:14 950272 ----a-w- c:\windows\system32\perftrack.dll
2015-02-21 21:59 . 2015-01-09 03:14 91136 ----a-w- c:\windows\system32\wdi.dll
2015-02-21 21:59 . 2015-01-09 02:48 76800 ----a-w- c:\windows\SysWow64\wdi.dll
2015-02-12 20:18 . 2015-01-23 03:43 620032 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2015-02-12 20:18 . 2015-01-23 04:41 6041600 ----a-w- c:\windows\system32\jscript9.dll
2015-02-12 20:18 . 2015-01-23 03:17 4300800 ----a-w- c:\windows\SysWow64\jscript9.dll
2015-02-12 20:18 . 2015-01-23 04:42 814080 ----a-w- c:\windows\system32\jscript9diag.dll
2015-02-10 21:45 . 2015-01-12 01:02 800768 ----a-w- c:\windows\system32\ieapfltr.dll
2015-02-10 21:43 . 2015-01-13 03:10 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2015-02-10 21:42 . 2014-11-26 03:53 861696 ----a-w- c:\windows\system32\oleaut32.dll
2015-02-10 21:42 . 2014-11-26 03:32 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2015-02-10 21:42 . 2014-10-04 02:10 3722752 ----a-w- c:\windows\system32\mstscax.dll
2015-02-10 21:42 . 2014-10-04 01:42 3221504 ----a-w- c:\windows\SysWow64\mstscax.dll
2015-02-10 21:42 . 2014-10-04 01:42 131584 ----a-w- c:\windows\SysWow64\aaclient.dll
2015-02-10 21:41 . 2014-12-08 03:09 406528 ----a-w- c:\windows\system32\scesrv.dll
2015-02-10 21:41 . 2014-12-08 02:46 308224 ----a-w- c:\windows\SysWow64\scesrv.dll
2015-02-10 21:41 . 2015-01-14 06:09 5554112 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-02-10 21:40 . 2015-01-14 05:44 3972544 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2015-02-10 21:40 . 2015-01-14 05:44 3917760 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2015-02-10 21:40 . 2015-01-14 06:05 503808 ----a-w- c:\windows\system32\srcore.dll
2015-02-10 21:40 . 2015-01-14 06:04 296960 ----a-w- c:\windows\system32\rstrui.exe
2015-02-10 21:40 . 2015-01-14 06:05 50176 ----a-w- c:\windows\system32\srclient.dll
2015-02-10 21:40 . 2015-01-14 05:41 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2015-02-10 21:39 . 2015-01-09 02:03 3201536 ----a-w- c:\windows\system32\win32k.sys
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-03-06 20:54 . 2014-09-11 19:33 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2015-03-06 19:52 . 2013-04-26 20:32 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-03-06 19:52 . 2013-04-26 20:32 701616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-02-24 02:17 . 2010-11-21 03:27 295552 ------w- c:\windows\system32\MpSigStub.exe
2015-02-12 06:13 . 2013-05-01 21:45 116773704 ----a-w- c:\windows\system32\MRT.exe
2014-12-19 03:06 . 2015-01-19 12:20 210432 ----a-w- c:\windows\system32\profsvc.dll
2014-12-19 01:46 . 2015-01-19 12:20 141312 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2014-12-11 17:47 . 2015-01-19 12:20 52736 ----a-w- c:\windows\system32\TSWbPrxy.exe
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2012-10-18 39408]
"NokiaSuite.exe"="c:\program files (x86)\Nokia\Nokia Suite\NokiaSuite.exe" [2013-04-18 1090912]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IMSS"="c:\program files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [2012-02-29 133400]
"RotateImage"="c:\program files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe" [2008-10-30 55808]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-02-27 291608]
"PWMTRV"="c:\progra~2\ThinkPad\UTILIT~1\PWMTR64V.DLL" [2012-05-15 5941344]
"Dolby Home Theater v4"="c:\program files (x86)\Dolby Home Theater v4\pcee4.exe" [2011-12-20 507744]
"Fastboot"="c:\program files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe" [2012-01-17 1091376]
"Intel AppUp(SM) center"="c:\program files (x86)\Intel\IntelAppStore\bin\ismagent.exe" [2012-07-12 155488]
"Lenovo Registration"="c:\program files (x86)\Lenovo Registration\LenovoReg.exe" [2011-07-13 4351712]
"IntelSBA"="c:\program files (x86)\Intel\Intel(R) Small Business Advantage\Service\SBALaunchDelay.exe" [2012-04-23 55520]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-01-28 5227112]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2015-02-10 335232]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-12-03 1021128]
.
c:\users\helmet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.4.1.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2012-8-13 1199104]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Device Detector 3.lnk - c:\program files (x86)\Olympus\DeviceDetector\DevDtct2.exe [2014-3-7 118784]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0sdnclean64.exe
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HyperW7Svc;HyperW7 Service;c:\program files\Lenovo\RapidBoot\HyperW7Svc64.exe;c:\program files\Lenovo\RapidBoot\HyperW7Svc64.exe [x]
R2 LENOVO.MICMUTE;Lenovo Microphone Mute;c:\program files\LENOVO\HOTKEY\MICMUTE.exe;c:\program files\LENOVO\HOTKEY\MICMUTE.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 TPHKLOAD;Lenovo Hotkey Client Loader;c:\program files\LENOVO\HOTKEY\TPHKLOAD.exe;c:\program files\LENOVO\HOTKEY\TPHKLOAD.exe [x]
R2 TPHKSVC;Anzeige am Bildschirm;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe;c:\program files\LENOVO\HOTKEY\TPHKSVC.exe [x]
R2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protokoll;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 Fastboot;Fastboot;c:\windows\system32\DRIVERS\Fastboot.sys;c:\windows\SYSNATIVE\DRIVERS\Fastboot.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys;c:\windows\SYSNATIVE\drivers\intelaud.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 PwmEWSvc;Cisco EnergyWise Enabler;c:\program files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE;c:\program files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 excsd;ExpressCache Storage Filter Driver;c:\windows\system32\DRIVERS\excsd.sys;c:\windows\SYSNATIVE\DRIVERS\excsd.sys [x]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S0 TPDIGIMN;TPDIGIMN;c:\windows\System32\DRIVERS\ApsHM64.sys;c:\windows\SYSNATIVE\DRIVERS\ApsHM64.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 excfs;ExpressCache File System Filter Driver;c:\windows\system32\DRIVERS\excfs.sys;c:\windows\SYSNATIVE\DRIVERS\excfs.sys [x]
S1 PHCORE;PHCORE;c:\program files\Lenovo\RapidBoot\PHCORE64.SYS;c:\program files\Lenovo\RapidBoot\PHCORE64.SYS [x]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]
S2 Apple Mobile Device Service;Apple Mobile Device Service;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]
S2 ExpressCache;ExpressCache;c:\program files\Diskeeper Corporation\ExpressCache\ExpressCache.exe;c:\program files\Diskeeper Corporation\ExpressCache\ExpressCache.exe [x]
S2 FastbootService;FastbootService;c:\program files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe;c:\program files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe [x]
S2 FPLService;TrueSuiteService;c:\program files\Lenovo Fingerprint Reader\TrueSuiteService.exe;c:\program files\Lenovo Fingerprint Reader\TrueSuiteService.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 Intel(R) Small Business Advantage;Intel(R) Small Business Advantage;c:\program files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe;c:\program files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 LENOVO.CAMMUTE;Lenovo Camera Mute;c:\program files\Lenovo\Communications Utility\CAMMUTE.exe;c:\program files\Lenovo\Communications Utility\CAMMUTE.exe [x]
S2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction;c:\program files\Lenovo\Communications Utility\TPKNRSVC.exe;c:\program files\Lenovo\Communications Utility\TPKNRSVC.exe [x]
S2 LENOVO.TVTVCAM;ThinkVantage Virtual Camera Controller;c:\program files\Lenovo\Communications Utility\vcamsvc.exe;c:\program files\Lenovo\Communications Utility\vcamsvc.exe [x]
S2 Lenovo.VIRTSCRLSVC;Lenovo Auto Scroll;c:\program files\LENOVO\VIRTSCRL\lvvsst.exe;c:\program files\LENOVO\VIRTSCRL\lvvsst.exe [x]
S2 NitroDriverReadSpool2;NitroPDFDriverCreatorReadSpool2;c:\program files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe;c:\program files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe [x]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 VIPAppService;VIPAppService;c:\program files (x86)\Symantec\VIP Access Client\VIPAppService.exe;c:\program files (x86)\Symantec\VIP Access Client\VIPAppService.exe [x]
S3 5U877;5U877;c:\windows\system32\DRIVERS\5U877.sys;c:\windows\SYSNATIVE\DRIVERS\5U877.sys [x]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed - Virtueller Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys;c:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x]
S3 AvastVBoxSvc;AvastVBox COM Service;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [x]
S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
S3 ibtfltcoex;ibtfltcoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys;c:\windows\SYSNATIVE\DRIVERS\iBtFltCoex.sys [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys;c:\windows\SYSNATIVE\DRIVERS\iwdbus.sys [x]
S3 Power Manager DBC Service;Power Manager DBC Service;c:\program files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE;c:\program files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE [x]
S3 RSP2STOR;Realtek PCIE CardReader Driver - P2;c:\windows\system32\DRIVERS\RtsP2Stor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsP2Stor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 SmbDrvIntel;SmbDrvIntel;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
S3 TVTI2C;Lenovo SM bus driver;c:\windows\system32\DRIVERS\Tvti2c.sys;c:\windows\SYSNATIVE\DRIVERS\Tvti2c.sys [x]
S3 tvtvcamd;ThinkVantage Virtual Camera;c:\windows\system32\DRIVERS\tvtvcamd.sys;c:\windows\SYSNATIVE\DRIVERS\tvtvcamd.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-03-06 20:19 1059656 ----a-w- c:\program files (x86)\Google\Chrome\Application\41.0.2272.76\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2015-03-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-04-26 19:52]
.
2015-03-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-18 03:51]
.
2015-03-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-18 03:51]
.
2015-03-07 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
- c:\program files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 11:41]
.
2015-03-07 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
- c:\program files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 11:41]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-11-25 23:16 860984 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2015-01-15 15:59 776520 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2015-01-15 15:59 776520 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2015-01-15 15:59 776520 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2015-01-15 15:59 776520 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2015-01-15 15:59 776520 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2015-01-15 15:59 776520 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncBackedUp]
@="{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}"
[HKEY_CLASSES_ROOT\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncPending]
@="{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}"
[HKEY_CLASSES_ROOT\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncRoot]
@="{A759AFF6-5851-457D-A540-F4ECED148351}"
[HKEY_CLASSES_ROOT\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncShared]
@="{1574C9EF-7D58-488F-B358-8B78C1538F51}"
[HKEY_CLASSES_ROOT\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}]
2012-05-14 17:39 463952 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-03-27 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-03-27 439064]
"BLEServicesCtrl"="c:\program files (x86)\Intel\Bluetooth\BleServicesCtrl.exe" [2012-02-17 177936]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2012-02-21 11406608]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-04-10 12476520]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2012-03-09 1158248]
"TpShocks"="TpShocks.exe" [2012-02-24 382528]
"LENOVO.TPKNRRES"="c:\program files\Lenovo\Communications Utility\TPKNRRES.exe" [2012-06-01 290160]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2015-02-13 169768]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Add to Evernote 4.0 - c:\program files (x86)\Evernote\Evernote\EvernoteIE.dll/204
TCP: DhcpNameServer = 192.168.2.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-PlusWinks - c:\program files (x86)\Smiley Bar for Facebook\uninst.exe
AddRemove-SpeedAnalysis2 - c:\program files (x86)\Speed Analysis 2\uninst.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Fastboot]
"ImagePath"=multi:"System32\DRIVERS\Fastboot.sys\00"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\Fastboot]
"ImagePath"=multi:"System32\DRIVERS\Fastboot.sys\00"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_305_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_305_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_305_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_305_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.16"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2015-03-07 15:50:59
ComboFix-quarantined-files.txt 2015-03-07 14:50
.
Vor Suchlauf: 11 Verzeichnis(se), 256.857.141.248 Bytes frei
Nach Suchlauf: 14 Verzeichnis(se), 257.172.336.640 Bytes frei
.
- - End Of File - - BFFB7D423B8394695E73C4C3CE9E45A8
Geändert von enries (07.03.2015 um 15:36 Uhr) |
|
08.03.2015, 08:29
| #10 |
| /// the machine /// TB-Ausbilder | Gerätemanager leer/ Email Account sendet Spam, etc. Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
08.03.2015, 10:21
| #11 |
| | Gerätemanager leer/ Email Account sendet Spam, etc. Danke! wie gewünscht: mbam Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 08.03.2015 Suchlauf-Zeit: 08:55:56 Logdatei: mbam.txt Administrator: Ja Version: 2.00.4.1028 Malware Datenbank: v2015.03.08.02 Rootkit Datenbank: v2015.02.25.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: helmet Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 481179 Verstrichene Zeit: 17 Min, 45 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (Keine schädliche Elemente erkannt) Module: 0 (Keine schädliche Elemente erkannt) Registrierungsschlüssel: 2 PUP.Optional.PlusWinks.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\mocblcnaofikinigmceddfghppkkjbog, In Quarantäne, [18fac57ed2b8fd392ddc26b7768d52ae], PUP.Optional.VideoPerformer.A, HKU\S-1-5-21-3682643822-3095847663-2694490375-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\PERFORMERSOFT LLC\Video Performer, In Quarantäne, [5eb498ab0981e551d913537a847f7b85], Registrierungswerte: 4 PUP.Optional.PlusWinks.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|pluswinks@PlusWinks, C:\Users\helmet\AppData\Roaming\Mozilla\Extensions\pluswinks@PlusWinks, In Quarantäne, [dd356ed50882181e21e522bba65d06fa] PUP.Optional.SpeedTestAnalysis.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|speedanalysis02@SpeedAnalysis.com, C:\Users\helmet\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com, In Quarantäne, [38dab39094f6d1658f4f7f2dbc479070] PUP.Optional.PlusWinks.A, HKU\S-1-5-21-3682643822-3095847663-2694490375-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|pluswinks@PlusWinks, C:\Users\helmet\AppData\Roaming\Mozilla\Extensions\pluswinks@PlusWinks, In Quarantäne, [050d8bb8d7b3bd792dda5a83e02330d0] PUP.Optional.SpeedTestAnalysis.A, HKU\S-1-5-21-3682643822-3095847663-2694490375-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|speedanalysis02@SpeedAnalysis.com, C:\Users\helmet\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com, In Quarantäne, [090962e16525b6801fc0307c35ce6a96] Registrierungsdaten: 0 (Keine schädliche Elemente erkannt) Ordner: 6 PUP.Optional.PlusWinks.A, C:\Users\helmet\AppData\Roaming\PlusWinks, In Quarantäne, [6fa35de6602a93a398708c5132d1867a], PUP.Optional.SpeedAnalysis.A, C:\Users\helmet\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com, In Quarantäne, [3ed4073ccfbb3bfb005e09951ae97c84], PUP.Optional.SpeedAnalysis.A, C:\Users\helmet\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome, In Quarantäne, [3ed4073ccfbb3bfb005e09951ae97c84], PUP.Optional.SpeedAnalysis.A, C:\Users\helmet\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content, In Quarantäne, [3ed4073ccfbb3bfb005e09951ae97c84], PUP.Optional.SpeedAnalysis.A, C:\Users\helmet\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\mz, In Quarantäne, [3ed4073ccfbb3bfb005e09951ae97c84], PUP.Optional.SpeedAnalysis.A, C:\Users\helmet\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\skin, In Quarantäne, [3ed4073ccfbb3bfb005e09951ae97c84], Dateien: 26 PUP.Optional.PCPerformer.A, C:\Windows\System32\roboot64.exe, In Quarantäne, [e62c48fb04869c9ae57642df5ca4bf41], PUP.Optional.PlusWinks.A, C:\Users\helmet\AppData\Roaming\PlusWinks\pluswinks.crx, In Quarantäne, [6fa35de6602a93a398708c5132d1867a], PUP.Optional.SpeedAnalysis.A, C:\Users\helmet\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome.manifest, In Quarantäne, [3ed4073ccfbb3bfb005e09951ae97c84], PUP.Optional.SpeedAnalysis.A, C:\Users\helmet\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\install.rdf, In Quarantäne, [3ed4073ccfbb3bfb005e09951ae97c84], PUP.Optional.SpeedAnalysis.A, C:\Users\helmet\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\background.html, In Quarantäne, [3ed4073ccfbb3bfb005e09951ae97c84], PUP.Optional.SpeedAnalysis.A, C:\Users\helmet\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\bg.js, In Quarantäne, [3ed4073ccfbb3bfb005e09951ae97c84], PUP.Optional.SpeedAnalysis.A, C:\Users\helmet\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\button.xml, In Quarantäne, [3ed4073ccfbb3bfb005e09951ae97c84], PUP.Optional.SpeedAnalysis.A, C:\Users\helmet\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\config.js, In Quarantäne, [3ed4073ccfbb3bfb005e09951ae97c84], PUP.Optional.SpeedAnalysis.A, C:\Users\helmet\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\content.js, In Quarantäne, [3ed4073ccfbb3bfb005e09951ae97c84], PUP.Optional.SpeedAnalysis.A, C:\Users\helmet\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\framework.js, In Quarantäne, [3ed4073ccfbb3bfb005e09951ae97c84], PUP.Optional.SpeedAnalysis.A, C:\Users\helmet\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\framework.xul, In Quarantäne, [3ed4073ccfbb3bfb005e09951ae97c84], PUP.Optional.SpeedAnalysis.A, C:\Users\helmet\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\icon128.png, In Quarantäne, [3ed4073ccfbb3bfb005e09951ae97c84], PUP.Optional.SpeedAnalysis.A, C:\Users\helmet\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\icon16.png, In Quarantäne, [3ed4073ccfbb3bfb005e09951ae97c84], PUP.Optional.SpeedAnalysis.A, C:\Users\helmet\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\icon18.ico, In Quarantäne, [3ed4073ccfbb3bfb005e09951ae97c84], PUP.Optional.SpeedAnalysis.A, C:\Users\helmet\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\icon18.png, In Quarantäne, [3ed4073ccfbb3bfb005e09951ae97c84], PUP.Optional.SpeedAnalysis.A, C:\Users\helmet\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\icon24.ico, In Quarantäne, [3ed4073ccfbb3bfb005e09951ae97c84], PUP.Optional.SpeedAnalysis.A, C:\Users\helmet\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\icon24.png, In Quarantäne, [3ed4073ccfbb3bfb005e09951ae97c84], PUP.Optional.SpeedAnalysis.A, C:\Users\helmet\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\icon32.ico, In Quarantäne, [3ed4073ccfbb3bfb005e09951ae97c84], PUP.Optional.SpeedAnalysis.A, C:\Users\helmet\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\icon32.png, In Quarantäne, [3ed4073ccfbb3bfb005e09951ae97c84], PUP.Optional.SpeedAnalysis.A, C:\Users\helmet\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\icon48.png, In Quarantäne, [3ed4073ccfbb3bfb005e09951ae97c84], PUP.Optional.SpeedAnalysis.A, C:\Users\helmet\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\jquery-1.6.2.min.js, In Quarantäne, [3ed4073ccfbb3bfb005e09951ae97c84], PUP.Optional.SpeedAnalysis.A, C:\Users\helmet\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\options.xul, In Quarantäne, [3ed4073ccfbb3bfb005e09951ae97c84], PUP.Optional.SpeedAnalysis.A, C:\Users\helmet\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\settings.json, In Quarantäne, [3ed4073ccfbb3bfb005e09951ae97c84], PUP.Optional.SpeedAnalysis.A, C:\Users\helmet\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\mz\background.js, In Quarantäne, [3ed4073ccfbb3bfb005e09951ae97c84], PUP.Optional.SpeedAnalysis.A, C:\Users\helmet\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\content\mz\content.js, In Quarantäne, [3ed4073ccfbb3bfb005e09951ae97c84], PUP.Optional.SpeedAnalysis.A, C:\Users\helmet\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com\chrome\skin\framework.css, In Quarantäne, [3ed4073ccfbb3bfb005e09951ae97c84], Physische Sektoren: 0 (Keine schädliche Elemente erkannt) (end) Code:
ATTFilter # AdwCleaner v4.111 - Bericht erstellt 08/03/2015 um 09:52:47
# Aktualisiert 18/02/2015 von Xplode
# Datenbank : 2015-03-05.1 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : helmet - HELMETHEAD
# Gestarted von : C:\Users\helmet\Desktop\AdwCleaner_4.111.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\Partner
Ordner Gelöscht : C:\Program Files (x86)\VideoPerformer
Ordner Gelöscht : C:\Windows\Util
Ordner Gelöscht : C:\Users\helmet\AppData\Roaming\PerformerSoft
Datei Gelöscht : C:\Users\helmet\Desktop\SpeedAnalysis.lnk
***** [ Geplante Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\*\shell\filescout
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Schlüssel Gelöscht : HKCU\Software\filescout
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\performersoft llc
Schlüssel Gelöscht : HKCU\Software\DriverTuner_Init
Schlüssel Gelöscht : HKCU\Software\DriverTuner
Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local
***** [ Internetbrowser ] *****
-\\ Internet Explorer v11.0.9600.17631
-\\ Mozilla Firefox v
-\\ Google Chrome v41.0.2272.76
[C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://de.ask.com/web?q={searchTerms}
*************************
AdwCleaner[R0].txt - [2612 Bytes] - [08/03/2015 09:43:28]
AdwCleaner[S0].txt - [2255 Bytes] - [08/03/2015 09:52:47]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2314 Bytes] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.3 (03.01.2015:1)
OS: Windows 7 Home Premium x64
Ran by helmet on 08.03.2015 at 10:00:47,15
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
Successfully deleted: [File] "C:\Windows\wininit.ini"
~~~ Folders
Successfully deleted: [Empty Folder] C:\Users\helmet\appdata\local\{B9DD288D-B2D5-405D-9CB2-649C63D7B1C6}
Successfully deleted: [Empty Folder] C:\Users\helmet\appdata\local\{D781C451-B441-4861-A88B-1B76C23F1B53}
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 08.03.2015 at 10:13:27,70
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-03-2015 01 Ran by helmet (administrator) on HELMETHEAD on 08-03-2015 10:16:30 Running from C:\Users\helmet\Desktop Loaded Profiles: UpdatusUser & helmet (Available profiles: UpdatusUser & helmet & Gast) Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 (Default browser: IE) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AuthenTec, Inc) C:\Program Files\Lenovo Fingerprint Reader\TrueSuiteService.exe (Lenovo.) C:\Windows\System32\ibmpmsvc.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Diskeeper Corporation) C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe (Lenovo) C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe (Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe (Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe (Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Nitro PDF Software) C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Lenovo.) C:\Windows\System32\TpShocks.exe (Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe (OLYMPUS IMAGING CORP.) C:\Program Files (x86)\Olympus\DeviceDetector\DevDtct2.exe (Ricoh co.,Ltd.) C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (AuthenTec Inc.) C:\Program Files\Lenovo Fingerprint Reader\TouchControl.exe (AuthenTec Inc.) C:\Program Files\Lenovo Fingerprint Reader\x86\BioMonitor.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe (Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE (Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe (Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (Symantec Corporation) C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe (Lenovo) C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe () C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe (Intel Corporation) C:\Windows\System32\igfxext.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [177936 2012-02-17] (Intel Corporation) HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12476520 2012-04-10] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1158248 2012-03-09] (Realtek Semiconductor) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2881336 2012-06-19] (Synaptics Incorporated) HKLM\...\Run: [TpShocks] => C:\Windows\system32\TpShocks.exe [382528 2012-02-24] (Lenovo.) HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [290160 2012-06-01] (Lenovo Group Limited) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-02-13] (Apple Inc.) HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133400 2012-02-29] (Intel Corporation) HKLM-x32\...\Run: [RotateImage] => C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [55808 2008-10-30] (Ricoh co.,Ltd.) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation) HKLM-x32\...\Run: [PWMTRV] => rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [507744 2011-12-20] (Dolby Laboratories Inc.) HKLM-x32\...\Run: [Fastboot] => C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe [1091376 2012-01-17] (Lenovo) HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation) HKLM-x32\...\Run: [Lenovo Registration] => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [4351712 2011-07-13] (Lenovo, Inc.) HKLM-x32\...\Run: [IntelSBA] => C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe [4243168 2012-04-23] (Intel Corporation) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-28] (AVAST Software) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-02-10] (Oracle Corporation) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-12-03] (Adobe Systems Incorporated) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-3682643822-3095847663-2694490375-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-10-19] (Google Inc.) HKU\S-1-5-21-3682643822-3095847663-2694490375-1001\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1090912 2013-04-19] (Nokia) AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [260928 2012-02-07] (NVIDIA Corporation) AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [215360 2012-02-07] (NVIDIA Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Device Detector 3.lnk ShortcutTarget: Device Detector 3.lnk -> C:\Program Files (x86)\Olympus\DeviceDetector\DevDtct2.exe (OLYMPUS IMAGING CORP.) Startup: C:\Users\helmet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software) ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.) ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.) ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.) ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.) BootExecute: autocheck autochk * sdnclean64.exe CHR HKU\S-1-5-21-3682643822-3095847663-2694490375-1001\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-3682643822-3095847663-2694490375-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-3682643822-3095847663-2694490375-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP HKU\S-1-5-21-3682643822-3095847663-2694490375-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-3682643822-3095847663-2694490375-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3682643822-3095847663-2694490375-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3682643822-3095847663-2694490375-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENP_deDE533 BHO: TrueSuite Browser Helper Object -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files\Lenovo Fingerprint Reader\IEBHO.DLL [2012-06-06] (AuthenTec Inc.) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-11-26] (AVAST Software) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-02-28] (Google Inc.) BHO: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll [2012-04-18] (Symantec Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-06] (Oracle Corporation) BHO-x32: TrueSuite Browser Helper Object -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files\Lenovo Fingerprint Reader\x86\IEBHO.dll [2012-06-06] (AuthenTec Inc.) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-11-26] (AVAST Software) BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.) BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-02-28] (Google Inc.) BHO-x32: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll [2012-04-18] (Symantec Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-06] (Oracle Corporation) Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-02-28] (Google Inc.) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-02-28] (Google Inc.) Toolbar: HKU\S-1-5-21-3682643822-3095847663-2694490375-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-02-28] (Google Inc.) DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 FireFox: ======== FF ProfilePath: C:\Users\helmet\AppData\Roaming\Mozilla\Firefox\Profiles\cr2nvlaz.default FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll [2013-09-13] ( Microsoft Corporation) FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-06] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-06] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll [2013-09-13] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro PDF\Professional 7\npnitromozilla.dll [2012-05-23] ( ) FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2013-04-19] ( ) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.) FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-05-28] FF HKLM-x32\...\Firefox\Extensions: [VIP5X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client FF Extension: Symantec VIP Access Add-On - C:\Program Files (x86)\Symantec\VIP Access Client [2012-10-19] Chrome: ======= CHR HomePage: Default -> hxxp://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP CHR StartupUrls: Default -> "hxxp://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP" CHR Profile: C:\Users\helmet\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (AdBlock) - C:\Users\helmet\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-03-07] CHR Extension: (Avast Online Security) - C:\Users\helmet\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-07-25] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\helmet\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-06] CHR Extension: (Google Wallet) - C:\Users\helmet\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-04] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-26] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-26] (AVAST Software) R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-11-26] (Avast Software) R2 ExpressCache; C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe [79664 2012-03-30] (Diskeeper Corporation) R2 FastbootService; C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe [169776 2012-01-17] (Lenovo) R2 FPLService; C:\Program Files\Lenovo Fingerprint Reader\TrueSuiteService.exe [328552 2012-06-06] (AuthenTec, Inc) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-02-29] () R2 Intel(R) Small Business Advantage; C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [46816 2012-04-23] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-29] (Intel Corporation) R2 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [179568 2012-06-01] (Lenovo Group Limited) R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [133992 2011-07-12] (Lenovo Group Limited) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2012-02-26] () R2 NitroDriverReadSpool2; C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe [216072 2012-05-23] (Nitro PDF Software) S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [24120 2014-02-21] () R2 VIPAppService; C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe [84080 2012-04-18] (Symantec Corporation) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2669840 2012-02-26] (Intel® Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-26] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-26] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-26] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-26] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-26] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-26] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-11-26] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-26] () R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [23344 2012-03-30] (Diskeeper Corporation) R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [95024 2012-03-30] (Diskeeper Corporation) S3 Fastboot; C:\Windows\System32\DRIVERS\Fastboot.sys [70416 2012-01-17] (Windows (R) Win 7 DDK provider) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-03-08] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation) R3 RSP2STOR; C:\Windows\System32\DRIVERS\RtsP2Stor.sys [259688 2011-10-27] (Realtek Semiconductor Corp.) R3 SmbDrvIntel; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [27448 2012-06-19] (Synaptics Incorporated) R3 TVTI2C; C:\Windows\System32\DRIVERS\Tvti2c.sys [40248 2011-05-29] (Lenovo Information Product(ShenZhen China) Inc.) R3 tvtvcamd; C:\Windows\System32\DRIVERS\tvtvcamd.sys [27432 2011-12-07] (ThinkVantage Communications Utility) S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2013-03-18] (Apple, Inc.) [File not signed] U4 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-11-26] (Avast Software) S3 catchme; \??\C:\ComboFix\catchme.sys [X] S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-08 10:16 - 2015-03-08 10:16 - 00000000 ____D () C:\Users\helmet\Desktop\FRST-OlderVersion 2015-03-08 10:13 - 2015-03-08 10:13 - 00000899 _____ () C:\Users\helmet\Desktop\JRT.txt 2015-03-08 10:00 - 2015-03-08 10:00 - 01388333 _____ (Thisisu) C:\Users\helmet\Desktop\JRT.exe 2015-03-08 09:57 - 2015-03-08 09:57 - 00002402 _____ () C:\Users\helmet\Desktop\AdwCleaner[S0].txt 2015-03-08 09:43 - 2015-03-08 09:52 - 00000000 ____D () C:\AdwCleaner 2015-03-08 09:31 - 2015-03-08 09:31 - 02126848 _____ () C:\Users\helmet\Desktop\AdwCleaner_4.111.exe 2015-03-08 09:29 - 2015-03-08 09:29 - 00008508 _____ () C:\Users\helmet\Desktop\mbam.txt 2015-03-08 09:25 - 2015-03-08 09:25 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\helmet\Downloads\mbam-setup-2.0.4.1028 (1).exe 2015-03-08 08:54 - 2015-03-08 09:26 - 00001117 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-03-08 08:54 - 2015-03-08 09:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-03-08 08:54 - 2015-03-08 09:26 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-03-08 08:54 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-03-08 08:54 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2015-03-08 08:49 - 2015-03-08 08:50 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\helmet\Downloads\mbam-setup-2.0.4.1028.exe 2015-03-07 15:51 - 2015-03-07 15:51 - 00030328 _____ () C:\ComboFix.txt 2015-03-07 15:12 - 2015-03-07 15:13 - 00287408 _____ () C:\Windows\Minidump\030715-26223-01.dmp 2015-03-07 13:23 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe 2015-03-07 13:23 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe 2015-03-07 13:23 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2015-03-07 13:23 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2015-03-07 13:23 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2015-03-07 13:23 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe 2015-03-07 13:23 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe 2015-03-07 13:23 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe 2015-03-07 13:22 - 2015-03-07 15:51 - 00000000 ____D () C:\Qoobox 2015-03-07 13:22 - 2015-03-07 15:49 - 00000000 ____D () C:\Windows\erdnt 2015-03-07 13:16 - 2015-03-07 13:16 - 05612482 ____R (Swearware) C:\Users\helmet\Desktop\ComboFix.exe 2015-03-07 09:57 - 2015-03-07 09:57 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2015-03-07 09:57 - 2015-03-07 09:57 - 00002030 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk 2015-03-07 09:00 - 2015-03-07 09:00 - 00000000 ____D () C:\Users\helmet\AppData\Local\Mozilla 2015-03-06 21:53 - 2015-03-06 21:53 - 00003154 _____ () C:\Windows\System32\Tasks\{FF1D000C-DD67-4B87-8A47-9B97A254E14F} 2015-03-06 21:12 - 2015-03-06 21:12 - 00561576 _____ (Oracle Corporation) C:\Users\helmet\Downloads\chromeinstall-8u40.exe 2015-03-06 21:09 - 2015-03-06 21:09 - 00001724 _____ () C:\Users\Public\Desktop\iTunes.lnk 2015-03-06 21:09 - 2015-03-06 21:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2015-03-06 21:07 - 2015-03-06 21:09 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7 2015-03-06 21:07 - 2015-03-06 21:09 - 00000000 ____D () C:\Program Files\iTunes 2015-03-06 21:07 - 2015-03-06 21:07 - 00000000 ____D () C:\Program Files\iPod 2015-03-06 21:07 - 2015-03-06 21:07 - 00000000 ____D () C:\Program Files (x86)\iTunes 2015-03-06 21:06 - 2015-03-06 21:06 - 00000000 ____D () C:\Users\helmet\AppData\Roaming\Oracle 2015-03-06 20:51 - 2015-03-07 00:13 - 00000000 ____D () C:\Users\helmet\Desktop\MikroTest 2015-03-06 20:30 - 2015-03-06 20:30 - 00112733 _____ () C:\Users\helmet\Documents\789.wma 2015-03-06 17:37 - 2015-03-08 09:55 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-03-06 17:37 - 2015-03-06 18:01 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2015-03-06 17:35 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-03-06 17:29 - 2015-03-06 17:31 - 00000000 ____D () C:\Users\helmet\DesktopZeug 2015-03-06 17:23 - 2015-03-06 17:23 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\helmet\Desktop\tdsskiller.exe 2015-03-06 17:03 - 2015-03-06 18:01 - 00000000 ____D () C:\Users\helmet\Desktop\mbar 2015-03-06 16:58 - 2015-03-06 16:58 - 16502728 _____ (Malwarebytes Corp.) C:\Users\helmet\Desktop\mbar-1.09.1.1004.exe 2015-03-06 13:16 - 2015-03-06 13:18 - 00037421 _____ () C:\Users\helmet\Desktop\Addition.txt 2015-03-06 13:15 - 2015-03-08 10:16 - 00025848 _____ () C:\Users\helmet\Desktop\FRST.txt 2015-03-06 13:13 - 2015-03-08 10:16 - 00000000 ____D () C:\FRST 2015-03-06 13:11 - 2015-03-08 10:16 - 02094592 _____ (Farbar) C:\Users\helmet\Desktop\FRST64.exe 2015-03-06 11:35 - 2015-03-06 11:35 - 00000000 ____D () C:\Users\helmet\Downloads\tweaking.com_windows_repair_aio 2015-03-06 11:34 - 2015-03-06 11:34 - 09668500 _____ () C:\Users\helmet\Downloads\tweaking.com_windows_repair_aio.zip 2015-02-27 03:01 - 2015-01-09 00:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls 2015-02-27 03:01 - 2015-01-09 00:43 - 00419936 _____ () C:\Windows\system32\locale.nls 2015-02-24 21:36 - 2015-02-24 21:36 - 00000000 ___RD () C:\Program Files (x86)\Skype 2015-02-24 21:36 - 2015-02-24 21:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2015-02-21 22:59 - 2015-01-09 04:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll 2015-02-21 22:59 - 2015-01-09 04:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll 2015-02-21 22:59 - 2015-01-09 04:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll 2015-02-21 22:59 - 2015-01-09 03:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll 2015-02-12 21:18 - 2015-01-23 05:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-02-12 21:18 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-02-12 21:18 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2015-02-12 21:18 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-02-10 22:46 - 2015-01-14 06:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-02-10 22:46 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-02-10 22:46 - 2015-01-12 04:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-02-10 22:46 - 2015-01-12 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-02-10 22:46 - 2015-01-12 03:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-02-10 22:46 - 2015-01-12 03:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-02-10 22:46 - 2015-01-12 03:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-02-10 22:46 - 2015-01-12 03:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-02-10 22:46 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-02-10 22:46 - 2015-01-12 03:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-02-10 22:46 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2015-02-10 22:46 - 2015-01-12 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-02-10 22:46 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2015-02-10 22:46 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2015-02-10 22:46 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-02-10 22:46 - 2015-01-12 03:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-02-10 22:46 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-02-10 22:46 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2015-02-10 22:46 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2015-02-10 22:46 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-02-10 22:46 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2015-02-10 22:46 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-02-10 22:46 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-02-10 22:46 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-02-10 22:46 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-02-10 22:46 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-02-10 22:46 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-02-10 22:46 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-02-10 22:46 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-02-10 22:46 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-02-10 22:46 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-02-10 22:46 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-02-10 22:46 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-02-10 22:46 - 2015-01-10 07:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-02-10 22:46 - 2015-01-10 07:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-02-10 22:46 - 2015-01-10 07:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-02-10 22:46 - 2015-01-10 07:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-02-10 22:46 - 2015-01-10 07:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-02-10 22:46 - 2015-01-10 07:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-02-10 22:46 - 2015-01-10 07:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-02-10 22:46 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2015-02-10 22:46 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2015-02-10 22:46 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2015-02-10 22:46 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2015-02-10 22:46 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2015-02-10 22:46 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2015-02-10 22:46 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2015-02-10 22:45 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-02-10 22:45 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-02-10 22:45 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-02-10 22:45 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-02-10 22:45 - 2015-01-12 03:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-02-10 22:45 - 2015-01-12 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-02-10 22:45 - 2015-01-12 03:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-02-10 22:45 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-02-10 22:45 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-02-10 22:45 - 2015-01-12 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-02-10 22:45 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-02-10 22:45 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-02-10 22:45 - 2015-01-12 02:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-02-10 22:45 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-02-10 22:45 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2015-02-10 22:45 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-02-10 22:45 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2015-02-10 22:45 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-02-10 22:45 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-02-10 22:43 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-02-10 22:43 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-02-10 22:43 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-02-10 22:43 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-02-10 22:43 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-02-10 22:43 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-02-10 22:43 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-02-10 22:43 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2015-02-10 22:43 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-02-10 22:43 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2015-02-10 22:43 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-02-10 22:43 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2015-02-10 22:43 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2015-02-10 22:43 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2015-02-10 22:43 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2015-02-10 22:43 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2015-02-10 22:43 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2015-02-10 22:43 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2015-02-10 22:43 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2015-02-10 22:43 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2015-02-10 22:43 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2015-02-10 22:43 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2015-02-10 22:43 - 2014-07-07 03:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2015-02-10 22:43 - 2014-07-07 03:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2015-02-10 22:43 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2015-02-10 22:43 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll 2015-02-10 22:42 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2015-02-10 22:42 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll 2015-02-10 22:42 - 2014-10-04 03:10 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2015-02-10 22:42 - 2014-10-04 02:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2015-02-10 22:42 - 2014-10-04 02:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll 2015-02-10 22:41 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-02-10 22:41 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll 2015-02-10 22:41 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll 2015-02-10 22:40 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2015-02-10 22:40 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2015-02-10 22:40 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2015-02-10 22:40 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2015-02-10 22:40 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2015-02-10 22:40 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2015-02-10 22:39 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-08 10:08 - 2012-10-19 00:28 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-03-08 10:01 - 2009-07-14 05:45 - 00031472 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-03-08 10:01 - 2009-07-14 05:45 - 00031472 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-03-08 09:57 - 2013-04-26 21:19 - 00000000 ____D () C:\Users\helmet\AppData\Roaming\Nitro PDF 2015-03-08 09:54 - 2014-03-07 12:53 - 00040324 _____ () C:\Windows\PFRO.log 2015-03-08 09:54 - 2014-02-28 08:01 - 00043026 _____ () C:\Windows\setupact.log 2015-03-08 09:54 - 2012-10-19 00:28 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-03-08 09:54 - 2012-10-19 00:17 - 00000828 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job 2015-03-08 09:54 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-03-08 09:53 - 2012-10-19 00:15 - 01493534 _____ () C:\Windows\WindowsUpdate.log 2015-03-08 09:50 - 2014-11-26 00:30 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-03-08 08:54 - 2014-03-07 12:16 - 00000000 ____D () C:\ProgramData\Malwarebytes 2015-03-07 23:11 - 2013-05-04 19:21 - 00000000 ____D () C:\Users\helmet\AppData\Roaming\Skype 2015-03-07 15:51 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default 2015-03-07 15:48 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini 2015-03-07 15:19 - 2012-10-19 10:01 - 00699682 _____ () C:\Windows\system32\perfh007.dat 2015-03-07 15:19 - 2012-10-19 10:01 - 00149790 _____ () C:\Windows\system32\perfc007.dat 2015-03-07 15:19 - 2009-07-14 06:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-03-07 15:12 - 2014-04-17 13:24 - 1642641068 _____ () C:\Windows\MEMORY.DMP 2015-03-07 15:12 - 2013-05-17 00:44 - 00000000 ____D () C:\Windows\Minidump 2015-03-07 11:01 - 2012-10-19 00:17 - 00000830 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job 2015-03-07 09:58 - 2013-04-26 22:03 - 00000000 ____D () C:\Users\helmet\AppData\Local\Adobe 2015-03-07 09:56 - 2012-10-19 00:26 - 00000000 ____D () C:\ProgramData\Adobe 2015-03-07 09:56 - 2012-10-19 00:26 - 00000000 ____D () C:\Program Files (x86)\Adobe 2015-03-07 09:00 - 2013-06-02 23:30 - 00000000 ____D () C:\Users\helmet\AppData\Roaming\Mozilla 2015-03-06 22:00 - 2013-07-05 22:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2015-03-06 21:54 - 2014-09-11 20:33 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2015-03-06 21:54 - 2014-09-11 20:33 - 00000000 ____D () C:\Program Files (x86)\Java 2015-03-06 21:13 - 2014-09-11 20:34 - 00000000 ____D () C:\ProgramData\Oracle 2015-03-06 21:07 - 2014-09-08 20:32 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2015-03-06 21:07 - 2014-06-19 23:12 - 00000000 ____D () C:\Program Files\Common Files\Apple 2015-03-06 20:54 - 2013-10-21 16:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird 2015-03-06 20:54 - 2013-07-05 22:33 - 00002113 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk 2015-03-06 20:54 - 2013-07-05 22:33 - 00002101 _____ () C:\Users\Public\Desktop\Mozilla Thunderbird.lnk 2015-03-06 20:54 - 2013-07-05 22:33 - 00000000 ____D () C:\Users\helmet\AppData\Local\Thunderbird 2015-03-06 20:52 - 2014-11-26 00:30 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-03-06 20:52 - 2013-04-26 21:32 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-03-06 20:52 - 2013-04-26 21:32 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-03-06 17:31 - 2013-04-26 21:12 - 00000000 ____D () C:\Users\helmet 2015-02-27 23:38 - 2013-12-01 18:16 - 00020565 _____ () C:\Users\helmet\Desktop\Soundmerker.odt 2015-02-27 16:00 - 2013-05-28 21:12 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2015-02-24 21:36 - 2013-05-04 19:21 - 00002699 _____ () C:\Users\Public\Desktop\Skype.lnk 2015-02-24 21:36 - 2013-05-04 19:21 - 00000000 ____D () C:\ProgramData\Skype 2015-02-24 03:17 - 2010-11-21 04:27 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2015-02-23 22:29 - 2014-11-22 16:22 - 00000530 _____ () C:\Users\helmet\Desktop\Rechnungsnummern.txt 2015-02-23 08:14 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing 2015-02-12 21:02 - 2009-07-14 05:45 - 00295768 _____ () C:\Windows\system32\FNTCACHE.DAT 2015-02-12 07:32 - 2013-07-15 02:00 - 00000000 ____D () C:\Windows\system32\MRT 2015-02-12 07:13 - 2013-05-01 22:45 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-02-10 08:17 - 2014-09-11 20:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java ==================== Files in the root of some directories ======= 2013-04-26 21:13 - 2013-05-05 09:14 - 0004944 _____ () C:\Users\helmet\AppData\Roaming\AbsoluteReminder.xml Some content of TEMP: ==================== C:\Users\helmet\AppData\Local\Temp\NOSEventMessages.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-03-07 17:11 ==================== End Of Log ============================ Gruß Enrie |
|
08.03.2015, 15:58
| #12 |
| /// the machine /// TB-Ausbilder | Gerätemanager leer/ Email Account sendet Spam, etc.ESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
08.03.2015, 18:57
| #13 |
| | Gerätemanager leer/ Email Account sendet Spam, etc. Hallo Schrauber, hier die Infos: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=1c32710197ebd14ba4423fc383ef6188
# engine=22809
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-03-08 04:55:17
# local_time=2015-03-08 05:55:17 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Internet Security'
# compatibility_mode=779 16777213 85 72 3300909 190254207 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 171538 177463567 0 0
# scanned=166696
# found=3
# cleaned=0
# scan_time=5714
sh=B817134A32F3639DD9CA6C01639835520E324824 ft=1 fh=bb1f3b8f0eeb296e vn="Variante von Win32/InstallCore.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\helmet\*****\Arbeit\Daten Laptop\Daten D\Downloads\cnet2_SetupShredderClassic3_exe.exe"
sh=8B489BD85799B967B6252143738D27513CD52CD5 ft=1 fh=ec008db7b1d61dca vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\helmet\Downloads\Malwarebytes Anti Malware - CHIP-Downloader.exe"
sh=1322000AE05DA097658CC5BE55590648A8FCCB0E ft=1 fh=bd3982eeb4cbfd52 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\helmet\Downloads\SpyBot Search Destroy - CHIP-Downloader.exe"
Code:
ATTFilter Results of screen317's Security Check version 0.99.97
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
avast! Antivirus
Antivirus up to date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Java 8 Update 31
Java 8 Update 40
Java version 32-bit out of Date!
Java 64-bit 8 Update 31
Adobe Reader XI
Mozilla Thunderbird (31.5.0)
Google Chrome (40.0.2214.115)
Google Chrome (41.0.2272.76)
````````Process Check: objlist.exe by Laurent````````
Intel Intel(R) Small Business Advantage Service Intel.SmallBusinessAdvantage.WindowsService.exe
AVAST Software Avast AvastSvc.exe
AVAST Software Avast ng vbox\AvastVBoxSVC.exe
AVAST Software Avast ng ngservice.exe
AVAST Software Avast avastui.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-03-2015 03
Ran by helmet (administrator) on HELMETHEAD on 08-03-2015 18:54:59
Running from C:\Users\helmet\Desktop
Loaded Profiles: UpdatusUser & helmet (Available profiles: UpdatusUser & helmet & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AuthenTec, Inc) C:\Program Files\Lenovo Fingerprint Reader\TrueSuiteService.exe
(Lenovo.) C:\Windows\System32\ibmpmsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Diskeeper Corporation) C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe
(Lenovo) C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\CamMute.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TPKNRSVC.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\lvvsst.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\VIRTSCRL\virtscrl.exe
(AuthenTec Inc.) C:\Program Files\Lenovo Fingerprint Reader\TouchControl.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo.) C:\Windows\System32\TpShocks.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\Communications Utility\TpKnrres.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Nokia) C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe
(OLYMPUS IMAGING CORP.) C:\Program Files (x86)\Olympus\DeviceDetector\DevDtct2.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Ricoh co.,Ltd.) C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(AuthenTec Inc.) C:\Program Files\Lenovo Fingerprint Reader\x86\BioMonitor.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclUSBSrv64.exe
(Nokia) C:\Program Files (x86)\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Lenovo Group Limited) C:\Program Files (x86)\ThinkPad\Utilities\SCHTASK.EXE
(Lenovo) C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Message Center Plus\MCPLaunch.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe
() C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [177936 2012-02-17] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12476520 2012-04-10] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1158248 2012-03-09] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2881336 2012-06-19] (Synaptics Incorporated)
HKLM\...\Run: [TpShocks] => C:\Windows\system32\TpShocks.exe [382528 2012-02-24] (Lenovo.)
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [290160 2012-06-01] (Lenovo Group Limited)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-02-13] (Apple Inc.)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133400 2012-02-29] (Intel Corporation)
HKLM-x32\...\Run: [RotateImage] => C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe [55808 2008-10-30] (Ricoh co.,Ltd.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation)
HKLM-x32\...\Run: [PWMTRV] => rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [507744 2011-12-20] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [Fastboot] => C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBConsole.exe [1091376 2012-01-17] (Lenovo)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [Lenovo Registration] => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [4351712 2011-07-13] (Lenovo, Inc.)
HKLM-x32\...\Run: [IntelSBA] => C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe [4243168 2012-04-23] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-28] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-02-10] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-12-03] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3682643822-3095847663-2694490375-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-10-19] (Google Inc.)
HKU\S-1-5-21-3682643822-3095847663-2694490375-1001\...\Run: [NokiaSuite.exe] => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe [1090912 2013-04-19] (Nokia)
HKU\S-1-5-21-3682643822-3095847663-2694490375-1001\...\RunOnce: [Adobe Speed Launcher] => 1425807012
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [260928 2012-02-07] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [215360 2012-02-07] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Device Detector 3.lnk
ShortcutTarget: Device Detector 3.lnk -> C:\Program Files (x86)\Olympus\DeviceDetector\DevDtct2.exe (OLYMPUS IMAGING CORP.)
Startup: C:\Users\helmet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKU\S-1-5-21-3682643822-3095847663-2694490375-1001\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-3682643822-3095847663-2694490375-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3682643822-3095847663-2694490375-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP
HKU\S-1-5-21-3682643822-3095847663-2694490375-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3682643822-3095847663-2694490375-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com/welcome/thinkpad
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3682643822-3095847663-2694490375-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3682643822-3095847663-2694490375-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENP_deDE533
BHO: TrueSuite Browser Helper Object -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files\Lenovo Fingerprint Reader\IEBHO.DLL [2012-06-06] (AuthenTec Inc.)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-11-26] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-02-28] (Google Inc.)
BHO: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll [2012-04-18] (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-06] (Oracle Corporation)
BHO-x32: TrueSuite Browser Helper Object -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files\Lenovo Fingerprint Reader\x86\IEBHO.dll [2012-06-06] (AuthenTec Inc.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-11-26] (AVAST Software)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-02-28] (Google Inc.)
BHO-x32: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll [2012-04-18] (Symantec Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-06] (Oracle Corporation)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-02-28] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-02-28] (Google Inc.)
Toolbar: HKU\S-1-5-21-3682643822-3095847663-2694490375-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-02-28] (Google Inc.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\helmet\AppData\Roaming\Mozilla\Firefox\Profiles\cr2nvlaz.default
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll [2013-09-13] ( Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-06] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-06] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll [2013-09-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro PDF\Professional 7\npnitromozilla.dll [2012-05-23] ( )
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2013-04-19] ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-05-28]
FF HKLM-x32\...\Firefox\Extensions: [VIP5X@verisign.com] - C:\Program Files (x86)\Symantec\VIP Access Client
FF Extension: Symantec VIP Access Add-On - C:\Program Files (x86)\Symantec\VIP Access Client [2012-10-19]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP
CHR StartupUrls: Default -> "hxxp://www.google.com/ig/redirectdomain?brand=LENP&bmod=LENP"
CHR Profile: C:\Users\helmet\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (AdBlock) - C:\Users\helmet\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-03-07]
CHR Extension: (Avast Online Security) - C:\Users\helmet\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-07-25]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\helmet\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-06]
CHR Extension: (Google Wallet) - C:\Users\helmet\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-04]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-26]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-26] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-11-26] (Avast Software)
R2 ExpressCache; C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe [79664 2012-03-30] (Diskeeper Corporation)
R2 FastbootService; C:\Program Files (x86)\Lenovo\RapidBoot HDD Accelerator\FBService.exe [169776 2012-01-17] (Lenovo)
R2 FPLService; C:\Program Files\Lenovo Fingerprint Reader\TrueSuiteService.exe [328552 2012-06-06] (AuthenTec, Inc)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-02-29] ()
R2 Intel(R) Small Business Advantage; C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [46816 2012-04-23] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-29] (Intel Corporation)
R2 LENOVO.TVTVCAM; C:\Program Files\Lenovo\Communications Utility\vcamsvc.exe [179568 2012-06-01] (Lenovo Group Limited)
R2 Lenovo.VIRTSCRLSVC; C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe [133992 2011-07-12] (Lenovo Group Limited)
S4 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2012-02-26] ()
R2 NitroDriverReadSpool2; C:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe [216072 2012-05-23] (Nitro PDF Software)
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [24120 2014-02-21] ()
R2 VIPAppService; C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe [84080 2012-04-18] (Symantec Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2669840 2012-02-26] (Intel® Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-26] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-26] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-26] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-26] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-26] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-26] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-11-26] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-26] ()
R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [23344 2012-03-30] (Diskeeper Corporation)
R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [95024 2012-03-30] (Diskeeper Corporation)
S3 Fastboot; C:\Windows\System32\DRIVERS\Fastboot.sys [70416 2012-01-17] (Windows (R) Win 7 DDK provider)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R3 RSP2STOR; C:\Windows\System32\DRIVERS\RtsP2Stor.sys [259688 2011-10-27] (Realtek Semiconductor Corp.)
R3 SmbDrvIntel; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [27448 2012-06-19] (Synaptics Incorporated)
R3 TVTI2C; C:\Windows\System32\DRIVERS\Tvti2c.sys [40248 2011-05-29] (Lenovo Information Product(ShenZhen China) Inc.)
R3 tvtvcamd; C:\Windows\System32\DRIVERS\tvtvcamd.sys [27432 2011-12-07] (ThinkVantage Communications Utility)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2013-03-18] (Apple, Inc.) [File not signed]
U4 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-11-26] (Avast Software)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-08 18:47 - 2015-03-08 18:47 - 00852604 _____ () C:\Users\helmet\Desktop\SecurityCheck.exe
2015-03-08 16:11 - 2015-03-08 16:11 - 02347384 _____ (ESET) C:\Users\helmet\Desktop\esetsmartinstaller_deu.exe
2015-03-08 10:16 - 2015-03-08 18:54 - 00000000 ____D () C:\Users\helmet\Desktop\FRST-OlderVersion
2015-03-08 10:13 - 2015-03-08 10:13 - 00000899 _____ () C:\Users\helmet\Desktop\JRT.txt
2015-03-08 10:00 - 2015-03-08 10:00 - 01388333 _____ (Thisisu) C:\Users\helmet\Desktop\JRT.exe
2015-03-08 09:57 - 2015-03-08 09:57 - 00002402 _____ () C:\Users\helmet\Desktop\AdwCleaner[S0].txt
2015-03-08 09:43 - 2015-03-08 09:52 - 00000000 ____D () C:\AdwCleaner
2015-03-08 09:31 - 2015-03-08 09:31 - 02126848 _____ () C:\Users\helmet\Desktop\AdwCleaner_4.111.exe
2015-03-08 09:29 - 2015-03-08 09:29 - 00008508 _____ () C:\Users\helmet\Desktop\mbam.txt
2015-03-08 09:25 - 2015-03-08 09:25 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\helmet\Downloads\mbam-setup-2.0.4.1028 (1).exe
2015-03-08 08:54 - 2015-03-08 09:26 - 00001117 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-03-08 08:54 - 2015-03-08 09:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-03-08 08:54 - 2015-03-08 09:26 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-03-08 08:54 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-03-08 08:54 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-03-08 08:49 - 2015-03-08 08:50 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\helmet\Downloads\mbam-setup-2.0.4.1028.exe
2015-03-07 15:51 - 2015-03-07 15:51 - 00030328 _____ () C:\ComboFix.txt
2015-03-07 15:12 - 2015-03-07 15:13 - 00287408 _____ () C:\Windows\Minidump\030715-26223-01.dmp
2015-03-07 13:23 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-03-07 13:23 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-03-07 13:23 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-03-07 13:23 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-03-07 13:23 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-03-07 13:23 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2015-03-07 13:23 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2015-03-07 13:23 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2015-03-07 13:22 - 2015-03-07 15:51 - 00000000 ____D () C:\Qoobox
2015-03-07 13:22 - 2015-03-07 15:49 - 00000000 ____D () C:\Windows\erdnt
2015-03-07 13:16 - 2015-03-07 13:16 - 05612482 ____R (Swearware) C:\Users\helmet\Desktop\ComboFix.exe
2015-03-07 09:57 - 2015-03-07 09:57 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-03-07 09:57 - 2015-03-07 09:57 - 00002030 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2015-03-07 09:00 - 2015-03-07 09:00 - 00000000 ____D () C:\Users\helmet\AppData\Local\Mozilla
2015-03-06 21:53 - 2015-03-06 21:53 - 00003154 _____ () C:\Windows\System32\Tasks\{FF1D000C-DD67-4B87-8A47-9B97A254E14F}
2015-03-06 21:12 - 2015-03-06 21:12 - 00561576 _____ (Oracle Corporation) C:\Users\helmet\Downloads\chromeinstall-8u40.exe
2015-03-06 21:09 - 2015-03-06 21:09 - 00001724 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-03-06 21:09 - 2015-03-06 21:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-03-06 21:07 - 2015-03-06 21:09 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-03-06 21:07 - 2015-03-06 21:09 - 00000000 ____D () C:\Program Files\iTunes
2015-03-06 21:07 - 2015-03-06 21:07 - 00000000 ____D () C:\Program Files\iPod
2015-03-06 21:07 - 2015-03-06 21:07 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-03-06 21:06 - 2015-03-06 21:06 - 00000000 ____D () C:\Users\helmet\AppData\Roaming\Oracle
2015-03-06 20:51 - 2015-03-07 00:13 - 00000000 ____D () C:\Users\helmet\Desktop\MikroTest
2015-03-06 20:30 - 2015-03-06 20:30 - 00112733 _____ () C:\Users\helmet\Documents\789.wma
2015-03-06 17:37 - 2015-03-08 09:55 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-06 17:37 - 2015-03-06 18:01 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-03-06 17:35 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-03-06 17:29 - 2015-03-06 17:31 - 00000000 ____D () C:\Users\helmet\DesktopZeug
2015-03-06 17:23 - 2015-03-06 17:23 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\helmet\Desktop\tdsskiller.exe
2015-03-06 17:03 - 2015-03-06 18:01 - 00000000 ____D () C:\Users\helmet\Desktop\mbar
2015-03-06 16:58 - 2015-03-06 16:58 - 16502728 _____ (Malwarebytes Corp.) C:\Users\helmet\Desktop\mbar-1.09.1.1004.exe
2015-03-06 13:16 - 2015-03-06 13:18 - 00037421 _____ () C:\Users\helmet\Desktop\Addition.txt
2015-03-06 13:15 - 2015-03-08 18:54 - 00026156 _____ () C:\Users\helmet\Desktop\FRST.txt
2015-03-06 13:13 - 2015-03-08 18:55 - 00000000 ____D () C:\FRST
2015-03-06 13:11 - 2015-03-08 18:54 - 02095104 _____ (Farbar) C:\Users\helmet\Desktop\FRST64.exe
2015-03-06 11:35 - 2015-03-06 11:35 - 00000000 ____D () C:\Users\helmet\Downloads\tweaking.com_windows_repair_aio
2015-03-06 11:34 - 2015-03-06 11:34 - 09668500 _____ () C:\Users\helmet\Downloads\tweaking.com_windows_repair_aio.zip
2015-02-27 03:01 - 2015-01-09 00:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-27 03:01 - 2015-01-09 00:43 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-02-24 21:36 - 2015-02-24 21:36 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-02-24 21:36 - 2015-02-24 21:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-02-21 22:59 - 2015-01-09 04:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-02-21 22:59 - 2015-01-09 04:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-02-21 22:59 - 2015-01-09 04:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-02-21 22:59 - 2015-01-09 03:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-02-12 21:18 - 2015-01-23 05:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-12 21:18 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-12 21:18 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-12 21:18 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-10 22:46 - 2015-01-14 06:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-10 22:46 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-10 22:46 - 2015-01-12 04:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-10 22:46 - 2015-01-12 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-10 22:46 - 2015-01-12 03:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-10 22:46 - 2015-01-12 03:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-10 22:46 - 2015-01-12 03:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-10 22:46 - 2015-01-12 03:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-10 22:46 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-10 22:46 - 2015-01-12 03:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-10 22:46 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-10 22:46 - 2015-01-12 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-10 22:46 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-10 22:46 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-10 22:46 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-10 22:46 - 2015-01-12 03:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-10 22:46 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-10 22:46 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-10 22:46 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-10 22:46 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-10 22:46 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-10 22:46 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-10 22:46 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-10 22:46 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-10 22:46 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-10 22:46 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-10 22:46 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-10 22:46 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-10 22:46 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-10 22:46 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-10 22:46 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-10 22:46 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-10 22:46 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-10 22:46 - 2015-01-10 07:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-10 22:46 - 2015-01-10 07:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-10 22:46 - 2015-01-10 07:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-10 22:46 - 2015-01-10 07:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-10 22:46 - 2015-01-10 07:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-10 22:46 - 2015-01-10 07:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-10 22:46 - 2015-01-10 07:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-10 22:46 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-10 22:46 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-02-10 22:46 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-10 22:46 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-02-10 22:46 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-02-10 22:46 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-02-10 22:46 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-02-10 22:45 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-10 22:45 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-10 22:45 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-10 22:45 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-10 22:45 - 2015-01-12 03:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-10 22:45 - 2015-01-12 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-10 22:45 - 2015-01-12 03:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-10 22:45 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-10 22:45 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-10 22:45 - 2015-01-12 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-10 22:45 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-10 22:45 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-10 22:45 - 2015-01-12 02:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-10 22:45 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-10 22:45 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-10 22:45 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-10 22:45 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-02-10 22:45 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-10 22:45 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-10 22:43 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-10 22:43 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-10 22:43 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-10 22:43 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-10 22:43 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-10 22:43 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-10 22:43 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-10 22:43 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-10 22:43 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-10 22:43 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-10 22:43 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-10 22:43 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-02-10 22:43 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-10 22:43 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-02-10 22:43 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-10 22:43 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-02-10 22:43 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-10 22:43 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-10 22:43 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-10 22:43 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-10 22:43 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-10 22:43 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-02-10 22:43 - 2014-07-07 03:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-02-10 22:43 - 2014-07-07 03:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-02-10 22:43 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-02-10 22:43 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-02-10 22:42 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-10 22:42 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-10 22:42 - 2014-10-04 03:10 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-02-10 22:42 - 2014-10-04 02:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-02-10 22:42 - 2014-10-04 02:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-02-10 22:41 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-10 22:41 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-10 22:41 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-10 22:40 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-10 22:40 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-10 22:40 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-10 22:40 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-10 22:40 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-10 22:40 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-10 22:39 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-08 18:50 - 2014-11-26 00:30 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-08 18:50 - 2012-10-19 10:01 - 00699682 _____ () C:\Windows\system32\perfh007.dat
2015-03-08 18:50 - 2012-10-19 10:01 - 00149790 _____ () C:\Windows\system32\perfc007.dat
2015-03-08 18:50 - 2009-07-14 06:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-08 18:39 - 2013-04-26 21:16 - 00000000 ____D () C:\Users\helmet\AppData\Local\VirtualStore
2015-03-08 18:24 - 2012-10-19 00:15 - 01531370 _____ () C:\Windows\WindowsUpdate.log
2015-03-08 18:08 - 2012-10-19 00:28 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-03-08 11:01 - 2012-10-19 00:17 - 00000830 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2015-03-08 10:36 - 2009-07-14 05:45 - 00031472 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-08 10:36 - 2009-07-14 05:45 - 00031472 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-08 10:32 - 2013-04-26 21:19 - 00000000 ____D () C:\Users\helmet\AppData\Roaming\Nitro PDF
2015-03-08 10:30 - 2012-10-19 00:28 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-03-08 10:30 - 2012-10-19 00:17 - 00000828 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2015-03-08 10:29 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-08 10:28 - 2014-02-28 08:01 - 00043082 _____ () C:\Windows\setupact.log
2015-03-08 09:54 - 2014-03-07 12:53 - 00040324 _____ () C:\Windows\PFRO.log
2015-03-08 08:54 - 2014-03-07 12:16 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-07 23:11 - 2013-05-04 19:21 - 00000000 ____D () C:\Users\helmet\AppData\Roaming\Skype
2015-03-07 15:51 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2015-03-07 15:48 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2015-03-07 15:12 - 2014-04-17 13:24 - 1642641068 _____ () C:\Windows\MEMORY.DMP
2015-03-07 15:12 - 2013-05-17 00:44 - 00000000 ____D () C:\Windows\Minidump
2015-03-07 09:58 - 2013-04-26 22:03 - 00000000 ____D () C:\Users\helmet\AppData\Local\Adobe
2015-03-07 09:56 - 2012-10-19 00:26 - 00000000 ____D () C:\ProgramData\Adobe
2015-03-07 09:56 - 2012-10-19 00:26 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-03-07 09:00 - 2013-06-02 23:30 - 00000000 ____D () C:\Users\helmet\AppData\Roaming\Mozilla
2015-03-06 22:00 - 2013-07-05 22:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-06 21:54 - 2014-09-11 20:33 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-03-06 21:54 - 2014-09-11 20:33 - 00000000 ____D () C:\Program Files (x86)\Java
2015-03-06 21:13 - 2014-09-11 20:34 - 00000000 ____D () C:\ProgramData\Oracle
2015-03-06 21:07 - 2014-09-08 20:32 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2015-03-06 21:07 - 2014-06-19 23:12 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-03-06 20:54 - 2013-10-21 16:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2015-03-06 20:54 - 2013-07-05 22:33 - 00002113 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2015-03-06 20:54 - 2013-07-05 22:33 - 00002101 _____ () C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2015-03-06 20:54 - 2013-07-05 22:33 - 00000000 ____D () C:\Users\helmet\AppData\Local\Thunderbird
2015-03-06 20:52 - 2014-11-26 00:30 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-03-06 20:52 - 2013-04-26 21:32 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-03-06 20:52 - 2013-04-26 21:32 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-03-06 17:31 - 2013-04-26 21:12 - 00000000 ____D () C:\Users\helmet
2015-02-27 23:38 - 2013-12-01 18:16 - 00020565 _____ () C:\Users\helmet\Desktop\Soundmerker.odt
2015-02-27 16:00 - 2013-05-28 21:12 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-02-24 21:36 - 2013-05-04 19:21 - 00002699 _____ () C:\Users\Public\Desktop\Skype.lnk
2015-02-24 21:36 - 2013-05-04 19:21 - 00000000 ____D () C:\ProgramData\Skype
2015-02-24 03:17 - 2010-11-21 04:27 - 00295552 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-02-23 22:29 - 2014-11-22 16:22 - 00000530 _____ () C:\Users\helmet\Desktop\Rechnungsnummern.txt
2015-02-23 08:14 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing
2015-02-12 21:02 - 2009-07-14 05:45 - 00295768 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-12 07:32 - 2013-07-15 02:00 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-12 07:13 - 2013-05-01 22:45 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-10 08:17 - 2014-09-11 20:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
==================== Files in the root of some directories =======
2013-04-26 21:13 - 2013-05-05 09:14 - 0004944 _____ () C:\Users\helmet\AppData\Roaming\AbsoluteReminder.xml
Some content of TEMP:
====================
C:\Users\helmet\AppData\Local\Temp\NOSEventMessages.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-03-07 17:11
==================== End Of Log ============================
--- --- --- Geändert von enries (08.03.2015 um 19:08 Uhr) |
|
08.03.2015, 19:45
| #14 |
| /// the machine /// TB-Ausbilder | Gerätemanager leer/ Email Account sendet Spam, etc. Alte Java Versionen deinstallieren. Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter C:\Users\helmet\*****\Arbeit\Daten Laptop\Daten D\Downloads\cnet2_SetupShredderClassic3_exe.exe
C:\Users\helmet\Downloads\Malwarebytes Anti Malware - CHIP-Downloader.exe
C:\Users\helmet\Downloads\SpyBot Search Destroy - CHIP-Downloader.exe
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
Emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Noch Probleme mit dem Rechner????
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
08.03.2015, 20:39
| #15 |
| | Gerätemanager leer/ Email Account sendet Spam, etc. Hi Schrauber, danke für die Sonntagsarbeit und die schnelle Rückmeldung! 1. Mit Java ists komisch: Java deinstallationstool sagt Glückwunsch, ich habe die empfohlene Version, keine alten gefunden. Ich war übrigens der Überzeugung, die 32bit version zu haben, kürzlich update... welches tool hat da jetzt unrecht?  Edit: was ich vergaß zu erwähnen Java schien sich ne ganze weile nicht updaten zu lassen; --> "Änderungen zulassen", Fenster verschwindet, reminder in der Taskleiste sagt "neue Java-Version verfügbar", nächster reboot dasselbe. Hab das dann irgendwie händisch installiert, kann mich nicht ganz erinnern. Beim Rechner meiner Freundin dasselbe Phänomen.2. Gerätemanager nach wie vor leer 3. Mailaccount weiß ich noch nicht, Problem scheint ja evtl. beim provider zu liegen...Yahoo! (???) habe ich denn in dem Fall irgendeine Chance als meinen Kontakten zu sagen sie sollen alles von der Adresse ignorieren? 4. was entfernte Bugs betrifft könntest Du mich vielleicht aufklären mit dem Pro-Blick über die Logs war was gefährliches darunter?4.a könnte es in diesem Fall sein, dass ich mit Wechseldatenträgern andere Rechner infiziert habe? 4.b einer meiner USB Sticks scheint hin zu sein, bzw. Rechner verlangt Formatierung. Wenn ich versuche den wiederherzustellen, reicht es danach, ESET drüberlaufen zu lassen, um sich nicht wieder was einzufangen?  hier das Fixlog: Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 08-03-2015 03
Ran by helmet at 2015-03-08 20:12:38 Run:1
Running from C:\Users\helmet\Desktop
Loaded Profiles: UpdatusUser & helmet (Available profiles: UpdatusUser & helmet & Gast)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
C:\Users\helmet\*****\Arbeit\Daten Laptop\Daten D\Downloads\cnet2_SetupShredderClassic3_exe.exe
C:\Users\helmet\Downloads\Malwarebytes Anti Malware - CHIP-Downloader.exe
C:\Users\helmet\Downloads\SpyBot Search Destroy - CHIP-Downloader.exe
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
Emptytemp:
*****************
C:\Users\helmet\*****\Arbeit\Daten Laptop\Daten D\Downloads\cnet2_SetupShredderClassic3_exe.exe => Moved successfully.
C:\Users\helmet\Downloads\Malwarebytes Anti Malware - CHIP-Downloader.exe => Moved successfully.
C:\Users\helmet\Downloads\SpyBot Search Destroy - CHIP-Downloader.exe => Moved successfully.
esgiguard => Service deleted successfully.
EmptyTemp: => Removed 639.6 MB temporary data.
The system needed a reboot.
==== End of Fixlog 20:12:45 ====
Geändert von enries (08.03.2015 um 21:16 Uhr) |
|
| Themen zu Gerätemanager leer/ Email Account sendet Spam, etc. |
| account, ahnung, alter, alternative, email, erkannt, folge, folgende, gehackt, hardware, hilfe!, malwarebytes, neue, nicht erkannt, nichts, nummern, problem, probleme, reparieren, sachen, spam, spybot, trotz, windows, wird nicht erkannt, zeichen |
WARNUNG an die MITLESER: 
Linear-Darstellung
